Handbook of Computer Networks and Cyber Security

The concept of mobile cloud computing (MCC) combines mobile computing with cloud resources, and therefore, has opened up new directions in the field of mobile computing. Cloud resources can help in overcoming the memory, energy, and other computing resource limitations of mobile devices. Thus, the mobile cloud computing applications can address some of the resource constraint issues by offloading tasks to cloud servers. Despite these advantages, mobile cloud computing is still not widely adopted due to various challenges associated with security in mobile cloud computing framework including issues of privacy, access control, service level agreements, interoperability, charging model, etc. In this chapter, we focus on the challenges associated with security in mobile cloud computing, and key features required in a security framework for MCC. Initially, we describe key architectures pertaining to various applications of mobile cloud computing, and later, we discuss few security frameworks proposed for MCC in terms of handling privacy, security, and attacks.

Cloud computing allows users with limited resources to farm out their data to the cloud for computation, bandwidth, storage, and services on a pay-per-use basis. Consequently, researchers worldwide are trying to address issues related to the user’s data privacy through proposing various methods such as outsourcing data in an encrypted form. However, encrypting data will conceal the relationships between data. Moreover, due to the voluminous data at the data centers, designing an efficient and reliable online-encrypted text-based searching scheme is challenging. Therefore, this paper surveys the state of the art on the data privacy preserving over the cloud through analyzing and discussing the various privacy-preserving methods that were proposed to sustain the privacy of the user’s data. The pros and cons of the surveyed approaches are drawn in comparison with each other. Finally, the results are consolidated and the issues to be addressed in the future are concluded for the advancements in cloud data privacy preserving.

The objective of this chapter is to propose new quantitative models to assess security threats of information systems. We adopt methods for assessing the failure cost due to security breakdowns. In fact, the importance of quantifying security risk continues to grow as individuals, enterprises, and governments become increasingly reliant on information systems. Moreover, nowadays security of these deployed systems has suffered because they lack significant security measures and accurate information security risk assessment which is considered as an ongoing process of discovering, correcting, and preventing security problems by providing appropriate levels of security for information systems. In this context, we define economic security risk models to help managers to assess accurately the security threats: the internal mean failure cost and the external mean failure cost, respectively, MFCint and MFCext, which studied the threat space and identified the source of threats space risk by estimating their costs. Moreover, we define the mean failure cost extension (MFCE) model which is based on our hybrid threat classification model.

A smart grid of cloud includes various operations and other measures like smart meters, smart appliances, and renewable energy efficiency resources. The primary issues of this grid are how to manage various kinds of front-end devices such as smart meters and power assets efficiently and also, to efficiently process an enormous amount of data of participating devices. Since the cloud environment possesses various properties like scalability, cost saving, energy saving, and flexibility, it can serve as an efficient entrant to face these issues and challenges. This chapter introduces a more secure smart cloud computing framework-based AckIBE for data management, which we term as “Smart-Model.” The aim is to construct a hierarchical structure of homogeneous and heterogeneous cloud centers that delivers various types of computing services to support big data analysis and information management. Furthermore, we introduce a security-related solution based on acknowledgment identity-based encryption (AckIBE), signature and proxy re-encryption to face critical security issues of the proposed framework. Additionally, we introduce acknowledgments sent by the end-user to the provider to ensure that the data have been received by the end-user and not lost in the environment of cloud communication.

While designing data placement strategies for cloud storage platforms, data security and data retrieval time are two equally important parameters that determine the quality of data placement. As these two parameters are generally mutually conflicting, it is imperative that we need to strike a balance between data security and retrieval time to assure the quality-of-service promised by the network/cloud service provider. To guarantee the data integrity of data stored on the network storage nodes in case of any threats or cyberattacks, the placement strategy should be adaptable to incorporate the threat characteristics. This is achieved by integrating machine intelligence to the network prone to attacks to identify the most vulnerable threat type for each node. This objective forms an imperative addendum to the attack resilient and retrieval time trade-off strategy (ARRT) strategy proposed in the literature to deploy as a practicable solution for a service provider. A set of Pareto-optimal solutions which strikes a balance between retrieval time and security based on inherent network properties by ARRT will be our initial condition for our machine learning model in this work. We take a radically different approach in which we attempt to identify the most vulnerable threat type for each node in the recommended Pareto-optimal solutions to minimize data loss through appropriate refinement of the existing data placement. This is achieved by supplementing the evolutionary algorithm with a machine learning model and we refer to this integrated and complete approach as security-cognizant data placement (SDP) strategy. In this study, based on the relevant performance metric that includes data integrity which is a measure of robustness, we evaluate and quantify our performance through rigorous discrete event simulations on arbitrary cloud topologies and demonstrate the impact of a neural network in delivering a superior performance.

Network devices not only allow users to build powerful local networks but also to protect them, their data, and their communications from unwanted intruders. However, it is important to give special attention to security within local networks, since internal attacks could be catastrophic for users. Internal security can be overlooked once the belief that all efforts and resources should be focused on protecting users from external intruders has been established. That belief is dangerous since it can foster the misconfiguration of internal network devices, providing a network infrastructure based on weak settings. This chapter should serve as a summary of a series of local network attacks as well as their countermeasures through the right configuration of the network devices. The attacks will be presented through a set of practical scenarios emulated on GNS3 to clarify their impact and consequences. Also, countermeasures will be discussed to illustrate their impact on networks and the advantages and disadvantages of their application.

Advancements in wireless communication and availability of miniaturized, battery powered micro electronics devices have revolutionized the trend of computation and communication activities to the generation of smart computing where spatially distributed autonomous devices with sensors forming wireless sensor network (WSN) are utilized to measure physical or environmental conditions. WSNs have emerged as one of the most interesting areas of research due to its diverse application areas such as healthcare, utilities, remote monitoring, smart cities, and smart home which not only perform effective monitoring but also improve quality of living. Even the sensor nodes can be strategically placed in, on, or around human body to measure vital physiological parameters as well. Such sensor network which is formed over human body is termed as wireless body area network (WBAN) which could be beneficial for numerous applications such as eldercare, detection of chronic diseases, sports, and military. Hence, both network applications deal with sensitive data which requires utmost security and privacy. Thus, the security and privacy issues and challenges related to WSN and WBAN along with the defense measures in place should be studied in detail which not only is beneficial for effective application but also will motivate the researcher to find their own path for exercising better protection/defense. Accordingly, in this chapter a brief overview of both networks is presented along with their inherent characteristics, and the need for security and privacy in either networks is illustrated as well. Besides, study has been made regarding potential threats to security and privacy in both networks and existing measures to handle these issues. Finally the open research challenges are identified to draw the attention of the researcher to investigate further in this field.

Sensors and radio channels have made remote health monitoring easier with the use of wireless body area networks (WBANs). WBANs use bio-sensors, implanted on/inside the human body, to collect real-time health readings. These sensors collect data wirelessly and then send it to medical server via wireless communication channels. Human health readings are of great importance and wireless channels are not always secure. This makes security and privacy disquiet in WBANs. Sensor nodes are the most common target of an intruder in WBANs. Intruder can also attack the communication channels and medical server of WBANs. Therefore, WBAN needs prevention while sending sensed information to the health care monitoring system. We also need to maintain confidentiality while transmitting the data to the server. In this chapter, we discuss various types of possible attacks in WBANs and summarized different lightweighted security methods proposed for resource constraint WBANs. We thoroughly explained how channel characteristics and human body features could be exploited to identify intruder in WBANs without using complex encryption. Additionally, the chapter briefly review methods for generating symmetric keys and exchanging messages over insecure channels in cloud assisted WBANs.

In this chapter, we will provide the brief introduction of wireless sensor networks (WSNs) and the detailed introduction of underwater wireless sensor networks (UWSNs). We define the basic issues and different applications related to UWSNs. This chapter provides the description about the difference between the terrestrial WSNs and UWSNs. Later, we discuss the different task of the sensor nodes and deployment architecture of the UWSNs. We elaborate the factors that affect UWSNs design as well as communication architecture of the UWSNs. Here, we explain security issues and provide the detailed description of TCP/IP protocol stack. Later, we define all the protocols for secure communication in UWSNs. One important aspect of this chapter is the study of different simulation tools. We pull together all of the content on simulation of the UWSNs. Finally, we conclude the chapter.

The cognitive radio network (CRN) is an interesting variant of opportunistic networks. It is gaining steep popularity due to its peculiar capability in mitigating spectrum scarcity problem. Due to the same reason it has different security challenges than other wireless and opportunistic networks, in particular. The chapter accounts security-related research issues, domains of study, security implications and various approaches proposed in the literature to handle them. In the interest of space, the illustration provides crisp summary of the topic instead of exhaustive presentation.

Social networking has become an inevitable catchline among teenagers as well as today’s older generation. In recent years, there has been observed remarkable growth in social networking sites, especially in terms of adaptability as well as popularity both in the media and academia. The information present on social networking sites is used in social, geographic and economic analysis, thereby giving meaningful insights. Although publishing of such analysis may create serious security threats, users sharing personal information on these social platforms may face privacy breach. Various third-party applications are making use of network data for advertisement, academic research and application development which can also raise security and privacy concerns. This chapter has a binary focus towards studying and analysing security and privacy threats prevailing and providing a detailed description regarding solutions that will aid towards sustaining user’s privacy and security. Currently, there exist multiple privacy techniques that propose solutions for maintaining user anonymity on online social networks. The chapter also highlights all the available techniques as well as the issue and challenges surrounding their real-world implementation. The goal of such mechanisms is to push deterged data on social platforms, thereby strengthening user privacy despite of the sensitive information shared on online social networks (OSN). While such mechanisms have gathered researcher’s attention for their simplicity, their ability to preserve the user’s privacy still struggles with regard to preserving useful knowledge contained in it. Thus, anonymization of OSN might lead to certain information loss. This chapter explores multiple data and structural anonymity techniques for modelling, evaluating and managing user’s privacy risks cum concerns with respect to online social networks (OSNs).

Today, computer-based systems have become common in everyday life and these systems are used to store leverage information and people are more willing to communicate this sensitive information with the real world. So, computer networks have become the emerging domain for connecting physical devices like home appliances, vehicles, and other embedded electronics, software, actuators, and sensor-based systems, and security of these systems from cyberattacks is essential for secure communication. This results in the easy and safe communication between different entities. So, modern advanced computer systems with efficient integrated transistor technology provide the security and privacy to the computer-based real world. This chapter explores the advanced Silicon-on Insulator Fin Field EffectTransistor (SOI FinFET) technology which is the basic unit of integrated circuit used in every electronic gadget and computer hardware. In this chapter, performance analysis of device-D1 (high-k SOI FinFET structure) is done to implement the efficient computer hardware over a wide temperature range (200–450 K). The attempt is done to find out the ZTC (zero temperature coefficient) biased point of SOI FinFET device to have stable, reliable, and secure systems. The proposed device analysis will provide the hardware design flexibility in the electronic circuits, microprocessors, computer hardware, and thermally stable interfacing components for security applications of information technology.The potential parameters of device-D1 like AV (intrinsic gain), gm (transconductance), VEA (early voltage), gd (output conductance), Ioff (off current), Ion (on current), Ion/Ioff ratio, Cgs (gate-source capacitance), Cgd (gate-drain capacitance), fT (cutoff frequency), and SS (subthreshold slope) are subjected to analysis to evaluate the performance over wide temperature environment. The validation of temperature-based performance of device-D1 gives an opportunity to design numerous analog/RF and digital components in Internet cyber security infrastructure environments.

With the rapid change in the network traffic flow, traditional networks need to be innovated. There have been a lot of innovation in devices, application, storage, and computing, but the network remained unrevised. Software-defined networking (SDN) is a new way for the management and operation of networks. With the help of its basic principle of separating the control plane and data plane, it has opened up many ways for revolution in network. A centralized controller in the SDN acts as the vital element. All the information to the data paths or data elements such as network switches/routers is given through southbound application programming interface, and information to the applications such as firewall, load balancer, and business logic is achieved through the northbound application programming interface. The SDN controller is situated in the middle of the architecture in between the network elements and the SDN applications and ultimately makes the flexibility to make many new applications. There are multiple applications which are playing a vital role in networks, but due to the aforementioned challenges in traditional networking, these applications are becoming vendor specific and expensive too. To overcome the situation these applications can be innovated again by using SDN. Although there are many available SDN based applications but in this chapter we are limited to firewall and load balancer. Chapter we will discuss two specific applications as a case of study, which are firewall and load balancer, compare traditional applications and SDN-based applications, and survey and compare related literature.

Software-defined network (SDN) radically changes the network architecture by decoupling the network logic from the underlying forwarding devices. This architectural change rejuvenates the network-layer granting centralized management and reprogrammability of the networks. From a security perspective, SDN separates security concerns into control and data plane, and this architectural recomposition brings up exciting opportunities and challenges. The overall perception is that SDN capabilities will ultimately result in improved security. However, in its raw form, SDN could potentially make networks more vulnerable to attacks and harder to protect. In this paper, we provide a comprehensive review of SDN security domain while focusing on its data plane, which is one of the least explored but most critical aspects in securing this technology. We review the most recent enhancements in SDNs, identify the main vulnerabilities of SDNs, and provide a novel attack taxonomy for SDNs. Thereafter, we provide a comprehensive analysis of challenges involved in protecting SDN data plane and control plane and provide an in-depth look into available solutions with respect to the identified threats and identify their limitations. To highlight the importance of securing the SDN platform, we also review the numerous security services built on top of this technology. We conclude the paper by offering future research directions.

Software-defined networking (SDN) introduces an innovative idea of “programmable network”, which in turn provides flexibility and simplicity and speeds up the implementation. The core idea behind the SDN architecture is the separation of the control plane from the data plane. The data plane devices, such as switches, become simple packet forwarding devices, and the entire logic for handling the network traffic is moved into the controller which sits in the control plane. SDN adds flexibility, speeds the implementation, and simplifies management. However, this functionality of SDN also makes it as a target of one of the most popular type of attack known as distributed denial of service (DDoS) attack.This chapter presents a concise survey of DDoS attacking techniques and solutions in SDN environment. Firstly, we present an overview of SDN and its advantages over traditional networks. Further, different vulnerabilities in SDN are being discussed along with DDoS attack. Then we present some characteristics that SDN poses to defeat this massive DDoS attack. Several taxonomies of DDoS attacks which affect the SDN environment are also discussed. Finally, we present future research directions that will be a crucial idea to defend such attacks in the near future.The motivation behind this survey was to identify and examine various security drawbacks in the SDN architecture. We primarily focused on DDoS attack based on the recent statistics and increase of occurrence of DDoS attacks. Presenting the research challenges of this work gives us the direction to overcome the weakness that still needs to be addressed for the advancement of SDN.

Distributed denial of service (DDoS) attack is one of the biggest challenges faced by the Internet community today. DDoS attack attempts to disrupt the availability of resources to the legitimate users by overwhelming the network and server resources. In this chapter, we discuss the importance of cooperative mechanisms over the centralised ones and various existing cooperative techniques to defend against DDoS attack. We also discuss their major drawbacks. The major disadvantage of centralised defence mechanism is single point of failure when the central kingpin node itself comes under attack. What we realise is that although these techniques have been developed, they are rarely deployed in the real world because the researchers have long ignored the economic incentive part in the working of cooperative DDoS mechanisms. Due to lack of incremental payment structures, the cooperation between the nodes fails. Sometimes the payment structures are non-existent, and in some cases, the payment structure is in place, but the incentives are not lucrative enough for the nodes to share their resources. The DDoS attack scenario can be divided into attack phase, detection phase and response phase. When the attacker machines perform in cooperation, then for the defence mechanism to be strong, it should also be in cooperation. This work gives an overview of the existing cooperative defence mechanisms at different layers of the Open Systems Interconnection (OSI) model and an overview of mechanism using third party for any of these three phases.

Cyber security is the protection of information systems from major criminal activities such as cyber warfare, cyber terrorism, and cyber espionage provided for the well-being of user’s privacy. It is also known as IT security or computer security. The “information warfare” can hit and completely break down critical IT infrastructure of an organization or a country. Cybercrime has many types, but, in this chapter, we have focused on DDoS attack into an E-Commerce network to spread bots throughout the network. DDoS attack can be used to sabotage a service or as a cover for bot delivery. In this chapter, a dynamic SIS–SEIRS model is proposed to represent the propagation of bots in E-Commerce network through DDoS attack. A mathematical model is also formulated to represent the dynamism of the members of different compartments of the model. Numerical methods are employed to solve and simulate the system of equations developed. Results of numerical simulations are obtained using MATLAB.

Security protocols play a pivotal role in transmitting the sensitive application data through packet switched and circuit switched data communication. State-of-the-art research comes up with the constrained IoT design to provide the connectivity in between things without any human intervention. Hence, IoT becomes a promising solution to provide the end-to-end connectivity through constrained network resources. Physical Unclonable Function (PUF) is a digital logic design that is incorporated in Integrated Circuit (IC). It is lightweight, unclonable, and simple to implement. Security mechanisms based on PUF can be an efficient way to provide security for resource-constrained IoT networks. This chapter describes different security aspects/scenarios of IoT that can use PUF-based mechanisms.

With the rapid increase in the number of internet of things (IoT) devices, a huge amount of data is generated which needs proper storage and analytical applications. However, the smart devices do not have adequate resources due to which the applications are mostly supported by cloud servers for providing on-demand and scalable storage as well as computation power using pay-as-you-go model. Despite the broad utilization of cloud computing, few applications such as health monitoring, real-time gaming and emergency response are latency sensitive to be deployed on cloud directly. Therefore, fog computing has emerged as a promising extension to cloud computing paradigm to provide better response time. In fog computing architecture, applications perform pre-processing near to the end user. The combination of fog and cloud can handle big data collection, secure aggregation, and pre-processing, thus reducing the cost of data transportation and storage. For example, in environmental monitoring systems, local data gathered can be aggregated and mined at fog nodes to provide timely feedback especially for emergency cases. The chapter presents the concepts of fog computing along with its characteristics. Furthermore, the chapter elaborates the applications of fog computing in various domains followed by discussion on secure data aggregation methods.

Cloud computing performs several functionalities, and one of the most important functionalities is the storage and processing of data or information. With day-by-day enhancement of technology, cloud has been overburdened, and to address this issue, the concept of fog computing has been introduced. Fog computing is an extension of the properties of cloud computing to the network’s edge and additionally overcomes its limitations. Despite the growing fame of fog services, assuring the security and privacy of data is still a big challenge. Distributed denial of service (DDoS) attack is a well-known threat among the security concerns and an important research challenge when talking particularly about security of data in fog computing environment. Therefore, this chapter presents a survey which encompasses the various concepts of fog computing, DDoS attacks and some DDoS mitigation techniques, thus providing a comprehensive review. In addition, it beholds the future work in this domain. This chapter will attract new researchers and also strengthen the concept of fog computing.

The Cloud Computing (CC) technology refers to an infrastructure in which both data storage and data processing take place outside the mobile device. Furthermore, another new and fast growing technology called Internet of things (IoT) rises in the sector of networks and telecommunications with specific concern in the “modern” area of wireless telecommunication systems. Regarding our recent research, the main goal of the interaction and cooperation between things and objects sent through the wireless networks is to fulfill the objective set to them as a combined entity, with the aim to achieve a better environment for the use of Big Data (BD). In addition, counting on the technology of wireless networks, both CC and IoT could be developed rapidly and together. In this paper, we survey IoT and Cloud Computing technologies with focus on security problems that both technologies faced. Particularly, these two aforementioned technologies (i.e., Cloud Computing and IoT) have been compared, with the aim to examine the familiar characteristics and examine and discover the benefits of their integration to secure the use and transmission of Big Data. In conclusion, contributions of CC and IoT technologies and how the CC technology improves the operation of IoT as a base technology for Big Data systems have been presented.

Internet of vehicles (IoV) is considered one of the biggest innovations in the transportation world. IoV technology alludes to the advancement and deployment of an effective platform that takes into account the growth, expansion, integration of new technologies, and complex human interactions. The versatile mobile cellular systems are equipped for giving incredible coverage to vehicular clients, yet the prerequisite of stringent real-time security services cannot continuously be ensured in mobile systems. Consequently, the heterogeneous vehicular system (Het-VANET), which incorporates cellular systems with DSRC, develops as a promising answer to meet the correspondences necessities of the intelligent transportation system (ITS). In heterogeneous-IoV (HET-IoV), connectivity and near-field communications create enormous new interactive features which are presuming as to provide promising proposal to transform the operation and role for industrial systems such as transportation systems and manufacturing systems. The main motivation behind HET-IoV concept is to give advance connectivity, the pervasive presence of things and make efficient use of radio resources for these networks. Subsequently, the quick evolution of computing and communications technologies gives rise to vehicles with powerful computing abilities that are not limited to service recipients but also advocated service providers. This results with the idea of vehicular cloud computing (VCC) that collectively uses computational, communicative, and storage resources inside vehicle equipment, for example, on-board units, communications devices, or mobile user equipment arrived by passengers. Vehicular cloud computing (VCC) provides a new management mechanism for big data that enables the processing of data and the mining of valuable knowledge from it. Regardless, to the best of our knowledge, these works don’t have a point by point examination of the new VCC perspective, which incorporates absolutely new applications, difficulties, and research issues. To associate this gap, this chapter gives an audit on the compromise of Cloud and IoV. Starting by portraying fundamentals of IoV, heterogeneous vehicular access technologies and VCC analyze their characteristics, coordination, and challenges. In addition, it also provides a state-of-art picture of the heterogeneous vehicular communication model. Because of the reception of vehicular cloud, they both perform a powerful innovation by managing storage, on-demand retrieving of data, data dissemination in sparse environments, and security, with an attention on recent research challenges.

The number of mobile devices that are getting connected to the Internet is on the rise and interconnectivity has brought together billions of devices in the cyber-sphere. The chapter focuses on security and privacy of mobile devices and systems for identifying security and privacy issues as well as the current measures of detecting and preventing such issues. The systematic review methodology will rely on the PRISMA checklist and flowchart to include and exclude papers in the review process. However, given the nature and debates around privacy and security in mobile systems, the search will be conducted in several databases which Digital library IEEE Xplore, Digital Library ACM, and the DBLP Computer Science Bibliography besides ProQuest Central and EBSCO. Given the number of databases that will be used to search for the articles, PICO will be used to prepare search strings and queries implemented in the databases. The results of the search will include descriptive statistics including distribution of articles per journal and year of publication as well as qualitative analysis of thematic areas emerging from the search string results. Finally, the findings and discussions will illuminate the problems identified, measures, and development in the provision of security and privacy in mobile systems. Probable research gaps and considerations for future studies will also be included in the conclusion section.

The distributed systems have a noteworthy role in today’s information technology whether it is governmental or nongovernmental organization. Adaptive distributed systems (ADS) are distributed systems that can evolve their behaviors based on changes in their environments (Schlichting and Hiltunen, Designing and implementing adaptive distributed systems, 1998, http://www.cs.arizona.edu/adaptiveds/overview.html ). For example, a constant monitoring is required in distributed system to dynamically balance the load using centralized approach (Sarma and Dasgupta, Int J Adv Res Ideas Innov Technol 2:5–10, 2014). A monitoring system or tool is used to identify the changes in the distributed systems and all the activities of the entire network systems. The monitoring of network may help to improve the efficiency of the overall network. However, the monitoring system may be compromised by the intruder by gathering the information from the distributed systems. The various secure and insecure monitoring mechanisms have been adopted by adaptive distributed systems. Most of the distributed systems nowadays use monitoring tools to monitor the various parameters of the networking system. The monitoring tool has been implemented to assess the performance overhead during monitoring. The Wireshark monitoring tool and JMonitor tool (Penteado and Trevelin, JMonitor: a monitoring tool for distributed systems. In Proceedings of international conference on systems, man, and cybernetics, COEX, Seoul, Korea, pp 1767–1772, 2012) have been used to monitor the communication between the various users and also to monitor the computational resources used in networked computers. The main concern of this chapter is to investigate the existing monitoring tools for finding the impacts of monitoring activities in the distributed network. The investigations result that, when the monitoring tool collects security-critical information, there is a high risk of information disclosure to unauthorized users. The second concern is that a secure communication channel can be implemented by using the Rivest, Shamir, and Adelman (RSA) algorithm to monitor the confidential information. This chapter illustrates the implementation and experimental results related to authors’ research work and formulation of framework for security mechanisms in the context of adaptive distributed systems (Kotari et al., IOSR J Comput Eng 18:25–36, 2016).Security issues for existing monitoring tool are investigated in detail here. In this connection, the chapter deals with the several security-related network scenarios experienced during monitoring with the help of Wireshark monitoring tool. The proper use of Wireshark monitoring tool helps to identify the possible security threats such as emerging threats of hackers, corporate data theft, and identifying threats due to viruses. The implementation of secure communication channel is discussed, which minimizes the above set of threats.

Radio frequency identification (RFID) has become one of the most eminent commercial technologies in the last few years. The RFID tags are embedded or latched with any item for their unique identification. These tags can carry small amounts of data and have capability to perform simple computations. However, because of their simple architecture, the data these tags carry are not secure. This paper discusses some of the state-of-the-art authentication schemes that can secure RFID tags along with some security models that are used to verify whether an authentication scheme is secure against any potential security risks or not. This paper analyzes some authentication schemes and security models along with their strengths and weaknesses.

With e-commerce becoming mainstream and a manifold increase in online transactions, security risks associated with these have become crucial concerns. In this chapter, we focus on the security issues arising out of online credit card usage. Literature in the last two and half decades has been reviewed to analyze the changing attack vectors and solution approaches to this problem. Most common attributes and open datasets of credit card transactions have been compiled to provide a starting point for new researchers. Existing fraud detection methods have been scrutinized for efficacy in addressing key challenges of fraud detection like real-time detection, concept drift, imbalanced datasets, and classifier adaptability. New directions in credit card fraud detection research have also been proposed.

Wireless sensor networks (WSNs) have several application areas that also include the industrial automation systems where they are used for monitoring and controlling the industrial equipment. However, requirements in industrial wireless systems are different from general WSN requirements. Industries are benefitted a big deal by integration of sensors in industrial machinery, plants, shop floors, structures, and other critical places. This application of WSNs in industrial domain lowers the failure rates and improves the productivity as well as efficiency of the factory operations. Adequate security needs to be provided along with ensured reliability for integrating the wireless technology with the industrial domain. Industrial wireless sensor networks (IWSNs) are vulnerable to huge range of attacks owing to its hostile deployment location, open architecture, and insecure routing protocols. As sensors are resource constrained in terms of limited processing capabilities, constrained energy, short communication range, and storage capacity, WSNs become easy target for the adversary ensuring adequate security in the crucial services provided by WSNs reinforce its acceptability as a dependable and viable technology in the industrial and factory domain. In this chapter, the characteristic features of WSNs in factory automation are outlined along with the industrial application of WSNs. This chapter addresses several standards defined by various industrial alliances in the past few years. Then several reliability issues in industrial WSNs are explored along with various types of security attacks possible in IWSNs. It explores several security paradigms applicable for industrial wireless sensor networks. This chapter then presents a broader view toward WSN solutions and discusses important functions like medium access control (MAC). Some important design considerations for designing MAC protocols are also presented in this chapter. Finally, the chapter concludes with several open research topics and unsolved challenges that were encountered during the protocol design for further investigation.

Recent developments in health sector have made it possible to collect, store, manage, and share medical data in large scale. Managing and sharing of health record is primarily requirement in electronic health record software, however, reusability of electronic health records in distributive environment or access by third party must maintain principle of database system and implement the guidelines of international privacy policy standards and regulations. Privacy preservation is the major concern while dealing with real-time datasets in health sector. Privacy preservation algorithms have to ensure protection of sensitive information related to patients’ diagnoses and diseases. Privacy preserving data mining (PPDM) deals with data perturbation, anonymities, and modification as per the requirement of the system. Data perturbation is one of best PPDM techniques that basically deals with numeric values and focuses on privacy implementation. In this chapter, we will select and review different articles that are related to electronic health records (EHRs), their privacy standards, challenges, and regulations currently adopted in different countries. This chapter mainly reviews the current status of privacy preservation polices used in EHR, privacy techniques and analysis, and future scope of privacy in global scenario.

Quantum cryptography is proposed as a big revolution in IT security, even some theoretical studies considered that the exploitation of quantum physics features can enable us to get unconditional security. With the passage of time, appeared the quantum cryptanalysis which includes in the beginning a collection of theoretical quantum hacking strategies. However, the implementation of quantum key distribution protocols (QKD) showed several vulnerabilities in quantum cryptography scheme, which exploited to spy on the quantum communication. Therefore, the engineering implementation of QKD protocols showed a significant difference between the theoretical promises and experiment results. In order to make QKD protocols more applicable in real security solutions, we analyze in this contribution the variation of the security level of QKD protocols between the quantum theory and the implementation phase. In the same context, we focus on the quantum attacks via exploiting the vulnerabilities of classical devises using in the implementation phase and these impact on the security level of QKD.

A biometric system is a high-tech system that uses the data about the individual, already stored in the database to identify the individual. Biometric system is gaining popularity since it provides security and privacy to the data so that no one can misuse the data of the individual. But still, the system is not fully secure because the pattern can be recognized by the third party with the help of the remote application like antireply attacks or liveliness detection over the Internet to access the biometric data. This paper presents a survey of security and privacy issues on the biometric system and discusses the various case studies such as E-passport and Aadhaar identification, followed by the threats and issues. So, in this paper it is concluded that there must be some techniques or protocols that are based on the signal processing and the cryptography mechanism that would protect the biometric data from the intruders.

Security of information is provided by various cryptographic techniques. Symmetric key cryptography is one of such methods which require a shared secret key between two parties to communicate. Distribution of such secret key is the main challenge in symmetric key cryptography. Efficient and reliable techniques are needed to distribute the shared secret key between communicating parties. To defeat the problem of key management and key distribution this chapter proposes a cancelable fingerprint biometric based session key generation and secure communication establishment protocol. In this proposed technique two users generate a 128 bit session symmetric key in their end, with the help of their combined cancelable fingerprint templates and a random shuffle key provided to them by a trusted authentication server. Authentication server is located in between the communicating parties. Cancelable templates of both users are securely transmitted to each other using public key cryptography. There is no need to share the secret key through the insecure channel as the communicating parties generate the same session key in their end. This session key is valid for only one communication session. In this approach session key is generated from fingerprint and privacy of the fingerprint is protected by the cancelable transformation of fingerprint template of both communicating parties. An overview of the proposed protocol in cloud environment is also discussed in this chapter.

A basis for agent computing with intelligent languages and crypto-signatures trees is presented with applications to WWW interfaces. We present intelligent syntax and put forth intelligent tree computing. Multiagent signatures are defined and applied to define the basis for tree information-theoretic computing and agent cyberspace applications. The project is applicable to design multiagent protocol and has been applied to put forth cryptosignatures. The project has further led to foundations to computing with intelligent trees. Intelligent game trees are defined with chess playing examples and applications to cyberspace computing. Techniques for generating intelligent models are developed with soundness and completeness theorems abbreviated here with basis in our papers. The models can be applied as a basis to authentication on cyberspace computing. The WWW applications are summed by an authentication proposition. Agent computing has been applied in our papers and colleagues elsewhere to business and cyberspace commerce.

This chapter introduces the concept of Random Number Generators, and how they can be used to effectively, quickly, and securely encrypt data in the form of an image. The structure of an image is also explored as a preliminary, and different tests that are exclusive to image encryption were analyzed for two different works of image encryption research.

There have been pressing needs for securing a document and its content, either in electronic form or printed form. This is because counterfeiting and forgeries are extremely widespread all over the world, causing tremendous damage to individuals, industries, societies, and even national security. This is the main reason why people think about to protect their work and prevent such illicit activities. Because of these various methods like cryptography, steganography, and coding have been used. Steganography is the best-suited technique that allows user to hide a message in another message (cover media). Most of steganography research uses cover media as pictures, video clips, and sounds. However, text steganography is not normally preferred due to the difficulty in finding redundant bits in text document. To embed information inside a document, its characteristics have to be altered. These characteristics can be either insertion of spaces or non-displayed characters, deliberate misspellings distributed throughout the text, resizing of fonts, and so on. But due to slight change in the document it will be visible to the third party or attacker. To overcome this problem there is a need to alter the document in such a way that it will not visible to the human eyes yet it is possible to decode it with computer. The present chapter highlights the technique for reconstruction of the printed document using text-based steganography. This technique may be used if the original document (e.g., bank checks, legal documents, and certificates) is torn out and the important information is lost. Extracting the information from the torn part of the document and recreating the document will help in regaining the lost information. This method will first extract the text information present in the document and encode it into symbols. Then embed these symbols into the document multiple numbers of times without affecting the integrity of the document. For recreating the document, the hard copy of the document can be processed in order to retrieve the embedded information. Thus, the information is regained from the original printed text document. This method will help in reconstruction of printed document from its part or whole.

Nowadays the usage of Internet has being increased exponentially due to the reason of keeping most sensitive data in on-line. It leads vulnerabilities on the data that is available in on-line like intruders can raise any kind of attacks. Therefore, intrusion detection helps a computing environment or computer system to deal with such kind of attacks. Intrusion detection is also an important supplement as well as component in the traditional computer security mechanism. It can be considered as a typical classification problem. Therefore to develop an effective intrusion detection method, the machine learning methods can be used. This chapter briefs the current state of the art in the intrusion detection domain using the supervised learning approaches of machine learning.

Generally, malware has come to be known as one of the biggest threats, so malware is a program which operates malicious actions and steals information, to specifically identify it as software which is designed specifically to through breaking the system of a computer without consent from the owner. This chapter aimed to study feature selection and malware classification using machine learning. The identification of such features was done through the intuition that various parts of the PE files’ features can correlate with one another less than with the class files, being clean or dirty. Such features are implemented as algorithms in machine learning to help classify the malware, resulting in such classification to be properly implemented in antivirus programs to help enhance the rate of detection.

Contemporary malware families typically use domain generation algorithms (DGAs) to circumvent DNS blacklists, sinkholing, or any types of security system. It means that compromised system generates a large number of pseudo-random domain names by using DGAs based on a seed and uses the subset of domain names to contact the command and control server (C2C). To block the communication point, the security organizations reverse engineer the malware samples based on a seed to identify the corresponding DGA algorithm. Primarily, the lists of reverse engineered domain names are sink-holed and preregistered in a DNS blacklist. This type of task is tedious and moreover DNS blacklist able to detect the already existing DGA based domain name. Additionally, this type of system can be easily circumvented by DGA malware authors. A variant to detect DGA domain name is to intercept DNS packets and identify the nature of domain name based on statistical features. This type of system uses contextual data such as passive DNS and NXDomain. Developing system to detect DGA based on contextual data is difficult due to aggregation of all data and it causes more cost in real-time environment and moreover obtaining the contextual information in end point system is often difficult due to the real-world constraints. Recently, the method which detects the DGA domain name on per domain basis is followed. This method doesn’t rely on any external information and uses only full domain name. There are many works for detecting DGA on per domain names based on both manual feature engineering with classical machine learning (CML) algorithms and automatic feature engineering with deep learning architectures. The performance of methods based on deep learning architectures is higher when compared to the CML algorithms. Additionally, the deep learning based DGA detection methods can stay safe in an adversarial environment when compared to CML classifiers. However, the deep learning architectures are vulnerable to multiclass imbalance problem. Additionally, the multiclass imbalance problem is becoming much more important in DGA domain detection. This is mainly due to the fact that many DGA families have very less number of samples in the training data set. In this work, we propose DeepDGA-MINet which collects the DNS information inside an Ethernet LAN and uses Cost-Sensitive deep learning architectures to handle multiclass imbalance problem. This is done by initiating cost items into backpropogation methodology to identify the importance among each DGA families. The performances of the Cost-Sensitive deep learning architecture are evaluated on AmritaDGA benchmark data set. The Cost-Sensitive deep learning architectures performed well when compared to the original deep learning architectures.

Researchers and analysts are rapidly going through with large even terabyte- and petabyte-sized data sets when carrying digital investigation, which is becoming one of the major challenges in digital forensics. With invariably rising network bandwidth, it can be highly difficult to operate and store network traffic. To have a control over this, new algorithmic approach and computational methods are needed; even though Big Data is a challenge for forensic researchers, it effectively helps them in investigating patterns to prevent or detect and resolve crime. This chapter brings up care toward challenges in forensic investigation related to Big Data and possible ways to help a forensic investigator figure out large data sets in order to carry out forensic analysis and investigation. World is intent across big social events which even raises a concern toward criminal activities involved there in and there by bounding across Big Data. There are many practical applications where one can process large amount of data, and this data comes moreover in unstructured form. Right from various events that are considered about big communities, there are various real-life postulates where large quantity of data is produced and processed which is required to be mined (Hambrick et al., J Anxiety Disord 18:825–839, 2004). Big Data analytics has provided a striking growth that has shown up as a result of the accessibility of large sum of data that is fitting across a varied range of application domains all so in the region of science, business, and government. This chapter has also paid attention toward different aspects of commerce with analytics mentioning Big Data in social events.

Computer-based simulation tools have an important role to play in helping us understand the behavior of people performing as attackers (people who launch cyberattacks) and defenders (people who protects computer networks against cyberattacks) in complex cyber situations. In this paper, we introduce a simulation tool called HackIt that could be used to build dynamic cyberattack scenarios. We used the HackIt tool to investigate the influence of timing of deception strategies involving honeypots (computers that pretend to be real, but those that are actually fake) on the decisions of participants performing as attackers. In a lab-based experiment, participants performing as attackers were randomly assigned to two between-subjects conditions, each involving six repeated games: early (N = 20) and late (N = 20). In early condition, deception was present via honeypots on the second and third games, whereas in late condition, deception was present via honeypots on the fourth and fifth games. Presence of deception meant that the honeypots were easy to exploit in deception rounds. In both conditions, the goal of attacker was to steal credit-card information for computers on the network. Results revealed that the proportion of honeypot attacks were higher in late condition compared to early condition. Similarly, we found that the proportion of regular attacks were lower in late condition compared to early condition. We highlight the potential of using the HackIt tool for creating realistic cyberscenarios and evaluating the effectiveness of different deception strategies in reducing cyberattacks.