Cyber security and digital forensics / edited by Mangesh M. Ghonge [and more]

Contributor(s): Ghonge, Mangesh, 1984- [editor.]
Language: English Series: Advances in cyber security: Publisher: Hoboken, NJ : Beverly, MA : Wiley ; Scrivener Publishing, 2022Description: 1 online resourceContent type: text Media type: computer Carrier type: online resourceISBN: 9781119795636 ; 9781119795667Subject(s): Computer security | Digital forensic scienceGenre/Form: Electronic books.DDC classification: 005.8 LOC classification: QA76.9.A25Online resources: Full text is available at Wiley Online Library Click here to view
Contents:
Table of Contents Preface xvii Acknowledgment xxvii 1 A Comprehensive Study of Security Issues and Research Challenges in Different Layers of Service-Oriented IoT Architecture 1 Ankur O. Bang, Udai Pratap Rao and Amit A. Bhusari 1.1 Introduction and Related Work 2 1.2 IoT: Evolution, Applications and Security Requirements 4 1.2.1 IoT and Its Evolution 5 1.2.2 Different Applications of IoT 5 1.2.3 Different Things in IoT 7 1.2.4 Security Requirements in IoT 8 1.3 Service-Oriented IoT Architecture and IoT Protocol Stack 10 1.3.1 Service-Oriented IoT Architecture 10 1.3.2 IoT Protocol Stack 11 1.3.2.1 Application Layer Protocols 12 1.3.2.2 Transport Layer Protocols 13 1.3.2.3 Network Layer Protocols 15 1.3.2.4 Link Layer and Physical Layer Protocols 16 1.4 Anatomy of Attacks on Service-Oriented IoT Architecture 24 1.4.1 Attacks on Software Service 24 1.4.1.1 Operating System–Level Attacks 24 1.4.1.2 Application-Level Attacks 25 1.4.1.3 Firmware-Level Attacks 25 1.4.2 Attacks on Devices 26 1.4.3 Attacks on Communication Protocols 26 1.4.3.1 Attacks on Application Layer Protocols 26 1.4.3.2 Attacks on Transport Layer Protocols 28 1.4.3.3 Attacks on Network Layer Protocols 28 1.4.3.4 Attacks on Link and Physical Layer Protocols 30 1.5 Major Security Issues in Service-Oriented IoT Architecture 31 1.5.1 Application – Interface Layer 32 1.5.2 Service Layer 33 1.5.3 Network Layer 33 1.5.4 Sensing Layer 34 1.6 Conclusion 35 References 36 2 Quantum and Post-Quantum Cryptography 45 Om Pal, Manoj Jain, B.K. Murthy and Vinay Thakur 2.1 Introduction 46 2.2 Security of Modern Cryptographic Systems 46 2.2.1 Classical and Quantum Factoring of A Large Number 47 2.2.2 Classical and Quantum Search of An Item 49 2.3 Quantum Key Distribution 49 2.3.1 BB84 Protocol 50 2.3.1.1 Proposed Key Verification Phase for BB84 51 2.3.2 E91 Protocol 51 2.3.3 Practical Challenges of Quantum Key Distribution 52 2.3.4 Multi-Party Quantum Key Agreement Protocol 53 2.4 Post-Quantum Digital Signature 53 2.4.1 Signatures Based on Lattice Techniques 54 2.4.2 Signatures Based on Multivariate Quadratic Techniques 55 2.4.3 Hash-Based Signature Techniques 55 2.5 Conclusion and Future Directions 55 References 56 3 Artificial Neural Network Applications in Analysis of Forensic Science 59 K.R. Padma and K.R. Don 3.1 Introduction 60 3.2 Digital Forensic Analysis Knowledge 61 3.3 Answer Set Programming in Digital Investigations 61 3.4 Data Science Processing with Artificial Intelligence Models 63 3.5 Pattern Recognition Techniques 63 3.6 ANN Applications 65 3.7 Knowledge on Stages of Digital Forensic Analysis 65 3.8 Deep Learning and Modelling 67 3.9 Conclusion 68 References 69 4 A Comprehensive Survey of Fully Homomorphic Encryption from Its Theory to Applications 73 Rashmi Salavi, Dr. M. M. Math and Dr. U. P. Kulkarni 4.1 Introduction 73 4.2 Homomorphic Encryption Techniques 76 4.2.1 Partial Homomorphic Encryption Schemes 77 4.2.2 Fully Homomorphic Encryption Schemes 78 4.3 Homomorphic Encryption Libraries 79 4.4 Computations on Encrypted Data 83 4.5 Applications of Homomorphic Encryption 85 4.6 Conclusion 86 References 87 5 Understanding Robotics through Synthetic Psychology 91 Garima Saini and Dr. Shabnam 5.1 Introduction 91 5.2 Physical Capabilities of Robots 92 5.2.1 Artificial Intelligence and Neuro Linguistic Programming (NLP) 93 5.2.2 Social Skill Development and Activity Engagement 93 5.2.3 Autism Spectrum Disorders 93 5.2.4 Age-Related Cognitive Decline and Dementia 94 5.2.5 Improving Psychosocial Outcomes through Robotics 94 5.2.6 Clients with Disabilities and Robotics 94 5.2.7 Ethical Concerns and Robotics 95 5.3 Traditional Psychology, Neuroscience and Future Robotics 95 5.4 Synthetic Psychology and Robotics: A Vision of the Future 97 5.5 Synthetic Psychology: The Foresight 98 5.6 Synthetic Psychology and Mathematical Optimization 99 5.7 Synthetic Psychology and Medical Diagnosis 99 5.7.1 Virtual Assistance and Robotics 100 5.7.2 Drug Discovery and Robotics 100 5.8 Conclusion 101 References 101 6 An Insight into Digital Forensics: History, Frameworks, Types and Tools 105 G Maria Jones and S Godfrey Winster 6.1 Overview 105 6.2 Digital Forensics 107 6.2.1 Why Do We Need Forensics Process? 107 6.2.2 Forensics Process Principles 108 6.3 Digital Forensics History 108 6.3.1 1985 to 1995 108 6.3.2 1995 to 2005 109 6.3.3 2005 to 2015 110 6.4 Evolutionary Cycle of Digital Forensics 111 6.4.1 Ad Hoc 111 6.4.2 Structured Phase 111 6.4.3 Enterprise Phase 112 6.5 Stages of Digital Forensics Process 112 6.5.1 Stage 1 - 1995 to 2003 112 6.5.2 Stage II - 2004 to 2007 113 6.5.3 Stage III - 2007 to 2014 114 6.6 Types of Digital Forensics 115 6.6.1 Cloud Forensics 116 6.6.2 Mobile Forensics 116 6.6.3 IoT Forensics 116 6.6.4 Computer Forensics 117 6.6.5 Network Forensics 117 6.6.6 Database Forensics 118 6.7 Evidence Collection and Analysis 118 6.8 Digital Forensics Tools 119 6.8.1 X-Ways Forensics 119 6.8.2 SANS Investigative Forensics Toolkit – SIFT 119 6.8.3 EnCase 119 6.8.4 The Sleuth Kit/Autopsy 122 6.8.5 Oxygen Forensic Suite 122 6.8.6 Xplico 122 6.8.7 Computer Online Forensic Evidence Extractor (COFEE) 122 6.8.8 Cellebrite UFED 122 6.8.9 OSForeniscs 123 6.8.10 Computer-Aided Investigative Environment (CAINE) 123 6.9 Summary 123 References 123 7 Digital Forensics as a Service: Analysis for Forensic Knowledge 127 Soumi Banerjee, Anita Patil, Dipti Jadhav and Gautam Borkar 7.1 Introduction 127 7.2 Objective 128 7.3 Types of Digital Forensics 129 7.3.1 Network Forensics 129 7.3.2 Computer Forensics 142 7.3.3 Data Forensics 147 7.3.4 Mobile Forensics 149 7.3.5 Big Data Forensics 154 7.3.6 IoT Forensics 155 7.3.7 Cloud Forensics 157 7.4 Conclusion 161 References 161 8 4S Framework: A Practical CPS Design Security Assessment & Benchmarking Framework 163 Neel A. Patel, Dhairya A. Parekh, Yash A. Shah and Ramchandra Mangrulkar 8.1 Introduction 164 8.2 Literature Review 166 8.3 Medical Cyber Physical System (MCPS) 170 8.3.1 Difference between CPS and MCPS 171 8.3.2 MCPS Concerns, Potential Threats, Security 171 8.4 CPSSEC vs. Cyber Security 172 8.5 Proposed Framework 173 8.5.1 4S Definitions 174 8.5.2 4S Framework-Based CPSSEC Assessment Process 175 8.5.3 4S Framework-Based CPSSEC Assessment Score Breakdown & Formula 181 8.6 Assessment of Hypothetical MCPS Using 4S Framework 187 8.6.1 System Description 187 8.6.2 Use Case Diagram for the Above CPS 188 8.6.3 Iteration 1 of 4S Assessment 189 8.6.4 Iteration 2 of 4S Assessment 195 8.7 Conclusion 200 8.8 Future Scope 201 References 201 9 Ensuring Secure Data Sharing in IoT Domains Using Blockchain 205 Tawseef Ahmed Teli, Rameez Yousuf and Dawood Ashraf Khan 9.1 IoT and Blockchain 205 9.1.1 Public 208 9.1.1.1 Proof of Work (PoW) 209 9.1.1.2 Proof of Stake (PoS) 209 9.1.1.3 Delegated Proof of Stake (DPoS) 210 9.1.2 Private 210 9.1.3 Consortium or Federated 210 9.2 IoT Application Domains and Challenges in Data Sharing 211 9.3 Why Blockchain? 214 9.4 IoT Data Sharing Security Mechanism On Blockchain 216 9.4.1 Double-Chain Mode Based On Blockchain Technology 216 9.4.2 Blockchain Structure Based On Time Stamp 217 9.5 Conclusion 219 References 219 10 A Review of Face Analysis Techniques for Conventional and Forensic Applications 223 Chethana H.T. and Trisiladevi C. Nagavi 10.1 Introduction 224 10.2 Face Recognition 225 10.2.1 Literature Review on Face Recognition 226 10.2.2 Challenges in Face Recognition 228 10.2.3 Applications of Face Recognition 229 10.3 Forensic Face Recognition 229 10.3.1 Literature Review on Face Recognition for Forensics 231 10.3.2 Challenges of Face Recognition in Forensics 233 10.3.3 Possible Datasets Used for Forensic Face Recognition 235 10.3.4 Fundamental Factors for Improving Forensics Science 235 10.3.5 Future Perspectives 237 10.4 Conclusion 238 References 238 11 Roadmap of Digital Forensics Investigation Process with Discovery of Tools 241 Anita Patil, Soumi Banerjee, Dipti Jadhav and Gautam Borkar 11.1 Introduction 242 11.2 Phases of Digital Forensics Process 244 11.2.1 Phase I - Identification 244 11.2.2 Phase II - Acquisition and Collection 245 11.2.3 Phase III - Analysis and Examination 245 11.2.4 Phase IV - Reporting 245 11.3 Analysis of Challenges and Need of Digital Forensics 246 11.3.1 Digital Forensics Process has following Challenges 246 11.3.2 Needs of Digital Forensics Investigation 247 11.3.3 Other Common Attacks Used to Commit the Crime 248 11.4 Appropriateness of Forensics Tool 248 11.4.1 Level of Skill 248 11.4.2 Outputs 252 11.4.3 Region of Emphasis 252 11.4.4 Support for Additional Hardware 252 11.5 Phase-Wise Digital Forensics Techniques 253 11.5.1 Identification 253 11.5.2 Acquisition 254 11.5.3 Analysis 256 11.5.3.1 Data Carving 257 11.5.3.2 Different Curving Techniques 259 11.5.3.3 Volatile Data Forensic Toolkit Used to Collect and Analyze the Data from Device 260 11.5.4 Report Writing 265 11.6 Pros and Cons of Digital Forensics Investigation Process 266 11.6.1 Advantages of Digital Forensics 266 11.6.2 Disadvantages of Digital Forensics 266 11.7 Conclusion 267 References 267 12 Utilizing Machine Learning and Deep Learning in Cybesecurity: An Innovative Approach 271 Dushyant Kaushik, Muskan Garg, Annu, Ankur Gupta and Sabyasachi Pramanik 12.1 Introduction 271 12.1.1 Protections of Cybersecurity 272 12.1.2 Machine Learning 274 12.1.3 Deep Learning 276 12.1.4 Machine Learning and Deep Learning: Similarities and Differences 278 12.2 Proposed Method 281 12.2.1 The Dataset Overview 282 12.2.2 Data Analysis and Model for Classification 283 12.3 Experimental Studies and Outcomes Analysis 283 12.3.1 Metrics on Performance Assessment 284 12.3.2 Result and Outcomes 285 12.3.2.1 Issue 1: Classify the Various Categories of Feedback Related to the Malevolent Code Provided 285 12.3.2.2 Issue 2: Recognition of the Various Categories of Feedback Related to the Malware Presented 286 12.3.2.3 Issue 3: According to the Malicious Code, Distinguishing Various Forms of Malware 287 12.3.2.4 Issue 4: Detection of Various Malware Styles Based on Different Responses 287 12.3.3 Discussion 288 12.4 Conclusions and Future Scope 289 References 292 13 Applications of Machine Learning Techniques in the Realm of Cybersecurity 295 Koushal Kumar and Bhagwati Prasad Pande 13.1 Introduction 296 13.2 A Brief Literature Review 298 13.3 Machine Learning and Cybersecurity: Various Issues 300 13.3.1 Effectiveness of ML Technology in Cybersecurity Systems 300 13.3.2 Machine Learning Problems and Challenges in Cybersecurity 302 13.3.2.1 Lack of Appropriate Datasets 302 13.3.2.2 Reduction in False Positives and False Negatives 302 13.3.2.3 Adversarial Machine Learning 302 13.3.2.4 Lack of Feature Engineering Techniques 303 13.3.2.5 Context-Awareness in Cybersecurity 303 13.3.3 Is Machine Learning Enough to Stop Cybercrime? 304 13.4 ML Datasets and Algorithms Used in Cybersecurity 304 13.4.1 Study of Available ML-Driven Datasets Available for Cybersecurity 304 13.4.1.1 KDD Cup 1999 Dataset (DARPA1998) 305 13.4.1.2 NSL-KDD Dataset 305 13.4.1.3 ECML-PKDD 2007 Discovery Challenge Dataset 305 13.4.1.4 Malicious URL’s Detection Dataset 306 13.4.1.5 ISOT (Information Security and Object Technology) Botnet Dataset 306 13.4.1.6 CTU-13 Dataset 306 13.4.1.7 MAWILab Anomaly Detection Dataset 307 13.4.1.8 ADFA-LD and ADFA-WD Datasets 307 13.4.2 Applications ML Algorithms in Cybersecurity Affairs 307 13.4.2.1 Clustering 309 13.4.2.2 Support Vector Machine (SVM) 309 13.4.2.3 Nearest Neighbor (NN) 309 13.4.2.4 Decision Tree 309 13.4.2.5 Dimensionality Reduction 310 13.5 Applications of Machine Learning in the Realm of Cybersecurity 310 13.5.1 Facebook Monitors and Identifies Cybersecurity Threats with ML 310 13.5.2 Microsoft Employs ML for Security 311 13.5.3 Applications of ML by Google 312 13.6 Conclusions 313 References 313 14 Security Improvement Technique for Distributed Control System (DCS) and Supervisory Control-Data Acquisition (SCADA) Using Blockchain at Dark Web Platform 317 Anand Singh Rajawat, Romil Rawat and Kanishk Barhanpurkar 14.1 Introduction 318 14.2 Significance of Security Improvement in DCS and SCADA 322 14.3 Related Work 323 14.4 Proposed Methodology 324 14.4.1 Algorithms Used for Implementation 327 14.4.2 Components of a Blockchain 327 14.4.3 MERKLE Tree 328 14.4.4 The Technique of Stack and Work Proof 328 14.4.5 Smart Contracts 329 14.5 Result Analysis 329 14.6 Conclusion 330 References 331 15 Recent Techniques for Exploitation and Protection of Common Malicious Inputs to Online Applications 335 Dr. Tun Myat Aung and Ni Ni Hla 15.1 Introduction 335 15.2 SQL Injection 336 15.2.1 Introduction 336 15.2.2 Exploitation Techniques 337 15.2.2.1 In-Band SQL Injection 337 15.2.2.2 Inferential SQL Injection 338 15.2.2.3 Out-of-Band SQL Injection 340 15.2.3 Causes of Vulnerability 340 15.2.4 Protection Techniques 341 15.2.4.1 Input Validation 341 15.2.4.2 Data Sanitization 341 15.2.4.3 Use of Prepared Statements 342 15.2.4.4 Limitation of Database Permission 343 15.2.4.5 Using Encryption 343 15.3 Cross Site Scripting 344 15.3.1 Introduction 344 15.3.2 Exploitation Techniques 344 15.3.2.1 Reflected Cross Site Scripting 345 15.3.2.2 Stored Cross Site Scripting 345 15.3.2.3 DOM-Based Cross Site Scripting 346 15.3.3 Causes of Vulnerability 346 15.3.4 Protection Techniques 347 15.3.4.1 Data Validation 347 15.3.4.2 Data Sanitization 347 15.3.4.3 Escaping on Output 347 15.3.4.4 Use of Content Security Policy 348 15.4 Cross Site Request Forgery 349 15.4.1 Introduction 349 15.4.2 Exploitation Techniques 349 15.4.2.1 HTTP Request with GET Method 349 15.4.2.2 HTTP Request with POST Method 350 15.4.3 Causes of Vulnerability 350 15.4.3.1 Session Cookie Handling Mechanism 350 15.4.3.2 HTML Tag 351 15.4.3.3 Browser’s View Source Option 351 15.4.3.4 GET and POST Method 351 15.4.4 Protection Techniques 351 15.4.4.1 Checking HTTP Referer 351 15.4.4.2 Using Custom Header 352 15.4.4.3 Using Anti-CSRF Tokens 352 15.4.4.4 Using a Random Value for each Form Field 352 15.4.4.5 Limiting the Lifetime of Authentication Cookies 353 15.5 Command Injection 353 15.5.1 Introduction 353 15.5.2 Exploitation Techniques 354 15.5.3 Causes of Vulnerability 354 15.5.4 Protection Techniques 355 15.6 File Inclusion 355 15.6.1 Introduction 355 15.6.2 Exploitation Techniques 355 15.6.2.1 Remote File Inclusion 355 15.6.2.2 Local File Inclusion 356 15.6.3 Causes of Vulnerability 357 15.6.4 Protection Techniques 357 15.7 Conclusion 358 References 358 16 Ransomware: Threats, Identification and Prevention 361 Sweta Thakur, Sangita Chaudhari and Bharti Joshi 16.1 Introduction 361 16.2 Types of Ransomwares 364 16.2.1 Locker Ransomware 364 16.2.1.1 Reveton Ransomware 365 16.2.1.2 Locky Ransomware 366 16.2.1.3 CTB Locker Ransomware 366 16.2.1.4 TorrentLocker Ransomware 366 16.2.2 Crypto Ransomware 367 16.2.2.1 PC Cyborg Ransomware 367 16.2.2.2 OneHalf Ransomware 367 16.2.2.3 GPCode Ransomware 367 16.2.2.4 CryptoLocker Ransomware 368 16.2.2.5 CryptoDefense Ransomware 368 16.2.2.6 CryptoWall Ransomware 368 16.2.2.7 TeslaCrypt Ransomware 368 16.2.2.8 Cerber Ransomware 368 16.2.2.9 Jigsaw Ransomware 369 16.2.2.10 Bad Rabbit Ransomware 369 16.2.2.11 WannaCry Ransomware 369 16.2.2.12 Petya Ransomware 369 16.2.2.13 Gandcrab Ransomware 369 16.2.2.14 Rapid Ransomware 370 16.2.2.15 Ryuk Ransomware 370 16.2.2.16 Lockergoga Ransomware 370 16.2.2.17 PewCrypt Ransomware 370 16.2.2.18 Dhrama/Crysis Ransomware 370 16.2.2.19 Phobos Ransomware 371 16.2.2.20 Malito Ransomware 371 16.2.2.21 LockBit Ransomware 371 16.2.2.22 GoldenEye Ransomware 371 16.2.2.23 REvil or Sodinokibi Ransomware 371 16.2.2.24 Nemty Ransomware 371 16.2.2.25 Nephilim Ransomware 372 16.2.2.26 Maze Ransomware 372 16.2.2.27 Sekhmet Ransomware 372 16.2.3 MAC Ransomware 372 16.2.3.1 KeRanger Ransomware 373 16.2.3.2 Go Pher Ransomware 373 16.2.3.3 FBI Ransom Ransomware 373 16.2.3.4 File Coder 373 16.2.3.5 Patcher 373 16.2.3.6 ThiefQuest Ransomware 374 16.2.3.7 Keydnap Ransomware 374 16.2.3.8 Bird Miner Ransomware 374 16.3 Ransomware Life Cycle 374 16.4 Detection Strategies 376 16.4.1 Unevil 376 16.4.2 Detecting File Lockers 376 16.4.3 Detecting Screen Lockers 377 16.4.4 Connection-Monitor and Connection-Breaker Approach 377 16.4.5 Ransomware Detection by Mining API Call Usage 377 16.4.6 A New Static-Based Framework for Ransomware Detection 377 16.4.7 White List-Based Ransomware Real-Time Detection Prevention (WRDP) 378 16.5 Analysis of Ransomware 378 16.5.1 Static Analysis 379 16.5.2 Dynamic Analysis 379 16.6 Prevention Strategies 380 16.6.1 Access Control 380 16.6.2 Recovery After Infection 380 16.6.3 Trapping Attacker 380 16.7 Ransomware Traits Analysis 380 16.8 Research Directions 384 16.9 Conclusion 384 References 384 Index 389
Summary: Current cyber threats are getting more complicated and advanced with the rapid evolution of adversarial techniques. Networked computing and portable electronic devices have broadened the role of digital forensics beyond traditional investigations into computer crime. The overall increase in the use of computers as a way of storing and retrieving high-security information requires appropriate security measures to protect the entire computing and communication scenario worldwide. Further, with the introduction of the internet and its underlying technology, facets of information security are becoming a primary concern to protect networks and cyber infrastructures from various threats. This groundbreaking new volume, written and edited by a wide range of professionals in this area, covers broad technical and socio-economic perspectives for the utilization of information and communication technologies and the development of practical solutions in cyber security and digital forensics.
Tags from this library: No tags from this library for this title. Log in to add tags.
    Average rating: 0.0 (0 votes)
Item type Current location Home library Call number Copy number Status Date due Barcode Item holds
EBOOK EBOOK COLLEGE LIBRARY
COLLEGE LIBRARY
005.8 C9921 2022 (Browse shelf) CL-52989 Available
Total holds: 0

Includes bibliographical references and index.

Table of Contents
Preface xvii

Acknowledgment xxvii

1 A Comprehensive Study of Security Issues and Research Challenges in Different Layers of Service-Oriented IoT Architecture 1
Ankur O. Bang, Udai Pratap Rao and Amit A. Bhusari

1.1 Introduction and Related Work 2

1.2 IoT: Evolution, Applications and Security Requirements 4

1.2.1 IoT and Its Evolution 5

1.2.2 Different Applications of IoT 5

1.2.3 Different Things in IoT 7

1.2.4 Security Requirements in IoT 8

1.3 Service-Oriented IoT Architecture and IoT Protocol Stack 10

1.3.1 Service-Oriented IoT Architecture 10

1.3.2 IoT Protocol Stack 11

1.3.2.1 Application Layer Protocols 12

1.3.2.2 Transport Layer Protocols 13

1.3.2.3 Network Layer Protocols 15

1.3.2.4 Link Layer and Physical Layer Protocols 16

1.4 Anatomy of Attacks on Service-Oriented IoT Architecture 24

1.4.1 Attacks on Software Service 24

1.4.1.1 Operating System–Level Attacks 24

1.4.1.2 Application-Level Attacks 25

1.4.1.3 Firmware-Level Attacks 25

1.4.2 Attacks on Devices 26

1.4.3 Attacks on Communication Protocols 26

1.4.3.1 Attacks on Application Layer Protocols 26

1.4.3.2 Attacks on Transport Layer Protocols 28

1.4.3.3 Attacks on Network Layer Protocols 28

1.4.3.4 Attacks on Link and Physical Layer Protocols 30

1.5 Major Security Issues in Service-Oriented IoT Architecture 31

1.5.1 Application – Interface Layer 32

1.5.2 Service Layer 33

1.5.3 Network Layer 33

1.5.4 Sensing Layer 34

1.6 Conclusion 35

References 36

2 Quantum and Post-Quantum Cryptography 45
Om Pal, Manoj Jain, B.K. Murthy and Vinay Thakur

2.1 Introduction 46

2.2 Security of Modern Cryptographic Systems 46

2.2.1 Classical and Quantum Factoring of A Large Number 47

2.2.2 Classical and Quantum Search of An Item 49

2.3 Quantum Key Distribution 49

2.3.1 BB84 Protocol 50

2.3.1.1 Proposed Key Verification Phase for BB84 51

2.3.2 E91 Protocol 51

2.3.3 Practical Challenges of Quantum Key Distribution 52

2.3.4 Multi-Party Quantum Key Agreement Protocol 53

2.4 Post-Quantum Digital Signature 53

2.4.1 Signatures Based on Lattice Techniques 54

2.4.2 Signatures Based on Multivariate Quadratic Techniques 55

2.4.3 Hash-Based Signature Techniques 55

2.5 Conclusion and Future Directions 55

References 56

3 Artificial Neural Network Applications in Analysis of Forensic Science 59
K.R. Padma and K.R. Don

3.1 Introduction 60

3.2 Digital Forensic Analysis Knowledge 61

3.3 Answer Set Programming in Digital Investigations 61

3.4 Data Science Processing with Artificial Intelligence Models 63

3.5 Pattern Recognition Techniques 63

3.6 ANN Applications 65

3.7 Knowledge on Stages of Digital Forensic Analysis 65

3.8 Deep Learning and Modelling 67

3.9 Conclusion 68

References 69

4 A Comprehensive Survey of Fully Homomorphic Encryption from Its Theory to Applications 73
Rashmi Salavi, Dr. M. M. Math and Dr. U. P. Kulkarni

4.1 Introduction 73

4.2 Homomorphic Encryption Techniques 76

4.2.1 Partial Homomorphic Encryption Schemes 77

4.2.2 Fully Homomorphic Encryption Schemes 78

4.3 Homomorphic Encryption Libraries 79

4.4 Computations on Encrypted Data 83

4.5 Applications of Homomorphic Encryption 85

4.6 Conclusion 86

References 87

5 Understanding Robotics through Synthetic Psychology 91
Garima Saini and Dr. Shabnam

5.1 Introduction 91

5.2 Physical Capabilities of Robots 92

5.2.1 Artificial Intelligence and Neuro Linguistic Programming (NLP) 93

5.2.2 Social Skill Development and Activity Engagement 93

5.2.3 Autism Spectrum Disorders 93

5.2.4 Age-Related Cognitive Decline and Dementia 94

5.2.5 Improving Psychosocial Outcomes through Robotics 94

5.2.6 Clients with Disabilities and Robotics 94

5.2.7 Ethical Concerns and Robotics 95

5.3 Traditional Psychology, Neuroscience and Future Robotics 95

5.4 Synthetic Psychology and Robotics: A Vision of the Future 97

5.5 Synthetic Psychology: The Foresight 98

5.6 Synthetic Psychology and Mathematical Optimization 99

5.7 Synthetic Psychology and Medical Diagnosis 99

5.7.1 Virtual Assistance and Robotics 100

5.7.2 Drug Discovery and Robotics 100

5.8 Conclusion 101

References 101

6 An Insight into Digital Forensics: History, Frameworks, Types and Tools 105
G Maria Jones and S Godfrey Winster

6.1 Overview 105

6.2 Digital Forensics 107

6.2.1 Why Do We Need Forensics Process? 107

6.2.2 Forensics Process Principles 108

6.3 Digital Forensics History 108

6.3.1 1985 to 1995 108

6.3.2 1995 to 2005 109

6.3.3 2005 to 2015 110

6.4 Evolutionary Cycle of Digital Forensics 111

6.4.1 Ad Hoc 111

6.4.2 Structured Phase 111

6.4.3 Enterprise Phase 112

6.5 Stages of Digital Forensics Process 112

6.5.1 Stage 1 - 1995 to 2003 112

6.5.2 Stage II - 2004 to 2007 113

6.5.3 Stage III - 2007 to 2014 114

6.6 Types of Digital Forensics 115

6.6.1 Cloud Forensics 116

6.6.2 Mobile Forensics 116

6.6.3 IoT Forensics 116

6.6.4 Computer Forensics 117

6.6.5 Network Forensics 117

6.6.6 Database Forensics 118

6.7 Evidence Collection and Analysis 118

6.8 Digital Forensics Tools 119

6.8.1 X-Ways Forensics 119

6.8.2 SANS Investigative Forensics Toolkit – SIFT 119

6.8.3 EnCase 119

6.8.4 The Sleuth Kit/Autopsy 122

6.8.5 Oxygen Forensic Suite 122

6.8.6 Xplico 122

6.8.7 Computer Online Forensic Evidence Extractor (COFEE) 122

6.8.8 Cellebrite UFED 122

6.8.9 OSForeniscs 123

6.8.10 Computer-Aided Investigative Environment (CAINE) 123

6.9 Summary 123

References 123

7 Digital Forensics as a Service: Analysis for Forensic Knowledge 127
Soumi Banerjee, Anita Patil, Dipti Jadhav and Gautam Borkar

7.1 Introduction 127

7.2 Objective 128

7.3 Types of Digital Forensics 129

7.3.1 Network Forensics 129

7.3.2 Computer Forensics 142

7.3.3 Data Forensics 147

7.3.4 Mobile Forensics 149

7.3.5 Big Data Forensics 154

7.3.6 IoT Forensics 155

7.3.7 Cloud Forensics 157

7.4 Conclusion 161

References 161

8 4S Framework: A Practical CPS Design Security Assessment & Benchmarking Framework 163
Neel A. Patel, Dhairya A. Parekh, Yash A. Shah and Ramchandra Mangrulkar

8.1 Introduction 164

8.2 Literature Review 166

8.3 Medical Cyber Physical System (MCPS) 170

8.3.1 Difference between CPS and MCPS 171

8.3.2 MCPS Concerns, Potential Threats, Security 171

8.4 CPSSEC vs. Cyber Security 172

8.5 Proposed Framework 173

8.5.1 4S Definitions 174

8.5.2 4S Framework-Based CPSSEC Assessment Process 175

8.5.3 4S Framework-Based CPSSEC Assessment Score Breakdown & Formula 181

8.6 Assessment of Hypothetical MCPS Using 4S Framework 187

8.6.1 System Description 187

8.6.2 Use Case Diagram for the Above CPS 188

8.6.3 Iteration 1 of 4S Assessment 189

8.6.4 Iteration 2 of 4S Assessment 195

8.7 Conclusion 200

8.8 Future Scope 201

References 201

9 Ensuring Secure Data Sharing in IoT Domains Using Blockchain 205
Tawseef Ahmed Teli, Rameez Yousuf and Dawood Ashraf Khan

9.1 IoT and Blockchain 205

9.1.1 Public 208

9.1.1.1 Proof of Work (PoW) 209

9.1.1.2 Proof of Stake (PoS) 209

9.1.1.3 Delegated Proof of Stake (DPoS) 210

9.1.2 Private 210

9.1.3 Consortium or Federated 210

9.2 IoT Application Domains and Challenges in Data Sharing 211

9.3 Why Blockchain? 214

9.4 IoT Data Sharing Security Mechanism On Blockchain 216

9.4.1 Double-Chain Mode Based On Blockchain Technology 216

9.4.2 Blockchain Structure Based On Time Stamp 217

9.5 Conclusion 219

References 219

10 A Review of Face Analysis Techniques for Conventional and Forensic Applications 223
Chethana H.T. and Trisiladevi C. Nagavi

10.1 Introduction 224

10.2 Face Recognition 225

10.2.1 Literature Review on Face Recognition 226

10.2.2 Challenges in Face Recognition 228

10.2.3 Applications of Face Recognition 229

10.3 Forensic Face Recognition 229

10.3.1 Literature Review on Face Recognition for Forensics 231

10.3.2 Challenges of Face Recognition in Forensics 233

10.3.3 Possible Datasets Used for Forensic Face Recognition 235

10.3.4 Fundamental Factors for Improving Forensics Science 235

10.3.5 Future Perspectives 237

10.4 Conclusion 238

References 238

11 Roadmap of Digital Forensics Investigation Process with Discovery of Tools 241
Anita Patil, Soumi Banerjee, Dipti Jadhav and Gautam Borkar

11.1 Introduction 242

11.2 Phases of Digital Forensics Process 244

11.2.1 Phase I - Identification 244

11.2.2 Phase II - Acquisition and Collection 245

11.2.3 Phase III - Analysis and Examination 245

11.2.4 Phase IV - Reporting 245

11.3 Analysis of Challenges and Need of Digital Forensics 246

11.3.1 Digital Forensics Process has following Challenges 246

11.3.2 Needs of Digital Forensics Investigation 247

11.3.3 Other Common Attacks Used to Commit the Crime 248

11.4 Appropriateness of Forensics Tool 248

11.4.1 Level of Skill 248

11.4.2 Outputs 252

11.4.3 Region of Emphasis 252

11.4.4 Support for Additional Hardware 252

11.5 Phase-Wise Digital Forensics Techniques 253

11.5.1 Identification 253

11.5.2 Acquisition 254

11.5.3 Analysis 256

11.5.3.1 Data Carving 257

11.5.3.2 Different Curving Techniques 259

11.5.3.3 Volatile Data Forensic Toolkit Used to Collect and Analyze the Data from Device 260

11.5.4 Report Writing 265

11.6 Pros and Cons of Digital Forensics Investigation Process 266

11.6.1 Advantages of Digital Forensics 266

11.6.2 Disadvantages of Digital Forensics 266

11.7 Conclusion 267

References 267

12 Utilizing Machine Learning and Deep Learning in Cybesecurity: An Innovative Approach 271
Dushyant Kaushik, Muskan Garg, Annu, Ankur Gupta and Sabyasachi Pramanik

12.1 Introduction 271

12.1.1 Protections of Cybersecurity 272

12.1.2 Machine Learning 274

12.1.3 Deep Learning 276

12.1.4 Machine Learning and Deep Learning: Similarities and Differences 278

12.2 Proposed Method 281

12.2.1 The Dataset Overview 282

12.2.2 Data Analysis and Model for Classification 283

12.3 Experimental Studies and Outcomes Analysis 283

12.3.1 Metrics on Performance Assessment 284

12.3.2 Result and Outcomes 285

12.3.2.1 Issue 1: Classify the Various Categories of Feedback Related to the Malevolent Code Provided 285

12.3.2.2 Issue 2: Recognition of the Various Categories of Feedback Related to the Malware Presented 286

12.3.2.3 Issue 3: According to the Malicious Code, Distinguishing Various Forms of Malware 287

12.3.2.4 Issue 4: Detection of Various Malware Styles Based on Different Responses 287

12.3.3 Discussion 288

12.4 Conclusions and Future Scope 289

References 292

13 Applications of Machine Learning Techniques in the Realm of Cybersecurity 295
Koushal Kumar and Bhagwati Prasad Pande

13.1 Introduction 296

13.2 A Brief Literature Review 298

13.3 Machine Learning and Cybersecurity: Various Issues 300

13.3.1 Effectiveness of ML Technology in Cybersecurity Systems 300

13.3.2 Machine Learning Problems and Challenges in Cybersecurity 302

13.3.2.1 Lack of Appropriate Datasets 302

13.3.2.2 Reduction in False Positives and False Negatives 302

13.3.2.3 Adversarial Machine Learning 302

13.3.2.4 Lack of Feature Engineering Techniques 303

13.3.2.5 Context-Awareness in Cybersecurity 303

13.3.3 Is Machine Learning Enough to Stop Cybercrime? 304

13.4 ML Datasets and Algorithms Used in Cybersecurity 304

13.4.1 Study of Available ML-Driven Datasets Available for Cybersecurity 304

13.4.1.1 KDD Cup 1999 Dataset (DARPA1998) 305

13.4.1.2 NSL-KDD Dataset 305

13.4.1.3 ECML-PKDD 2007 Discovery Challenge Dataset 305

13.4.1.4 Malicious URL’s Detection Dataset 306

13.4.1.5 ISOT (Information Security and Object Technology) Botnet Dataset 306

13.4.1.6 CTU-13 Dataset 306

13.4.1.7 MAWILab Anomaly Detection Dataset 307

13.4.1.8 ADFA-LD and ADFA-WD Datasets 307

13.4.2 Applications ML Algorithms in Cybersecurity Affairs 307

13.4.2.1 Clustering 309

13.4.2.2 Support Vector Machine (SVM) 309

13.4.2.3 Nearest Neighbor (NN) 309

13.4.2.4 Decision Tree 309

13.4.2.5 Dimensionality Reduction 310

13.5 Applications of Machine Learning in the Realm of Cybersecurity 310

13.5.1 Facebook Monitors and Identifies Cybersecurity Threats with ML 310

13.5.2 Microsoft Employs ML for Security 311

13.5.3 Applications of ML by Google 312

13.6 Conclusions 313

References 313

14 Security Improvement Technique for Distributed Control System (DCS) and Supervisory Control-Data Acquisition (SCADA) Using Blockchain at Dark Web Platform 317
Anand Singh Rajawat, Romil Rawat and Kanishk Barhanpurkar

14.1 Introduction 318

14.2 Significance of Security Improvement in DCS and SCADA 322

14.3 Related Work 323

14.4 Proposed Methodology 324

14.4.1 Algorithms Used for Implementation 327

14.4.2 Components of a Blockchain 327

14.4.3 MERKLE Tree 328

14.4.4 The Technique of Stack and Work Proof 328

14.4.5 Smart Contracts 329

14.5 Result Analysis 329

14.6 Conclusion 330

References 331

15 Recent Techniques for Exploitation and Protection of Common Malicious Inputs to Online Applications 335
Dr. Tun Myat Aung and Ni Ni Hla

15.1 Introduction 335

15.2 SQL Injection 336

15.2.1 Introduction 336

15.2.2 Exploitation Techniques 337

15.2.2.1 In-Band SQL Injection 337

15.2.2.2 Inferential SQL Injection 338

15.2.2.3 Out-of-Band SQL Injection 340

15.2.3 Causes of Vulnerability 340

15.2.4 Protection Techniques 341

15.2.4.1 Input Validation 341

15.2.4.2 Data Sanitization 341

15.2.4.3 Use of Prepared Statements 342

15.2.4.4 Limitation of Database Permission 343

15.2.4.5 Using Encryption 343

15.3 Cross Site Scripting 344

15.3.1 Introduction 344

15.3.2 Exploitation Techniques 344

15.3.2.1 Reflected Cross Site Scripting 345

15.3.2.2 Stored Cross Site Scripting 345

15.3.2.3 DOM-Based Cross Site Scripting 346

15.3.3 Causes of Vulnerability 346

15.3.4 Protection Techniques 347

15.3.4.1 Data Validation 347

15.3.4.2 Data Sanitization 347

15.3.4.3 Escaping on Output 347

15.3.4.4 Use of Content Security Policy 348

15.4 Cross Site Request Forgery 349

15.4.1 Introduction 349

15.4.2 Exploitation Techniques 349

15.4.2.1 HTTP Request with GET Method 349

15.4.2.2 HTTP Request with POST Method 350

15.4.3 Causes of Vulnerability 350

15.4.3.1 Session Cookie Handling Mechanism 350

15.4.3.2 HTML Tag 351

15.4.3.3 Browser’s View Source Option 351

15.4.3.4 GET and POST Method 351

15.4.4 Protection Techniques 351

15.4.4.1 Checking HTTP Referer 351

15.4.4.2 Using Custom Header 352

15.4.4.3 Using Anti-CSRF Tokens 352

15.4.4.4 Using a Random Value for each Form Field 352

15.4.4.5 Limiting the Lifetime of Authentication Cookies 353

15.5 Command Injection 353

15.5.1 Introduction 353

15.5.2 Exploitation Techniques 354

15.5.3 Causes of Vulnerability 354

15.5.4 Protection Techniques 355

15.6 File Inclusion 355

15.6.1 Introduction 355

15.6.2 Exploitation Techniques 355

15.6.2.1 Remote File Inclusion 355

15.6.2.2 Local File Inclusion 356

15.6.3 Causes of Vulnerability 357

15.6.4 Protection Techniques 357

15.7 Conclusion 358

References 358

16 Ransomware: Threats, Identification and Prevention 361
Sweta Thakur, Sangita Chaudhari and Bharti Joshi

16.1 Introduction 361

16.2 Types of Ransomwares 364

16.2.1 Locker Ransomware 364

16.2.1.1 Reveton Ransomware 365

16.2.1.2 Locky Ransomware 366

16.2.1.3 CTB Locker Ransomware 366

16.2.1.4 TorrentLocker Ransomware 366

16.2.2 Crypto Ransomware 367

16.2.2.1 PC Cyborg Ransomware 367

16.2.2.2 OneHalf Ransomware 367

16.2.2.3 GPCode Ransomware 367

16.2.2.4 CryptoLocker Ransomware 368

16.2.2.5 CryptoDefense Ransomware 368

16.2.2.6 CryptoWall Ransomware 368

16.2.2.7 TeslaCrypt Ransomware 368

16.2.2.8 Cerber Ransomware 368

16.2.2.9 Jigsaw Ransomware 369

16.2.2.10 Bad Rabbit Ransomware 369

16.2.2.11 WannaCry Ransomware 369

16.2.2.12 Petya Ransomware 369

16.2.2.13 Gandcrab Ransomware 369

16.2.2.14 Rapid Ransomware 370

16.2.2.15 Ryuk Ransomware 370

16.2.2.16 Lockergoga Ransomware 370

16.2.2.17 PewCrypt Ransomware 370

16.2.2.18 Dhrama/Crysis Ransomware 370

16.2.2.19 Phobos Ransomware 371

16.2.2.20 Malito Ransomware 371

16.2.2.21 LockBit Ransomware 371

16.2.2.22 GoldenEye Ransomware 371

16.2.2.23 REvil or Sodinokibi Ransomware 371

16.2.2.24 Nemty Ransomware 371

16.2.2.25 Nephilim Ransomware 372

16.2.2.26 Maze Ransomware 372

16.2.2.27 Sekhmet Ransomware 372

16.2.3 MAC Ransomware 372

16.2.3.1 KeRanger Ransomware 373

16.2.3.2 Go Pher Ransomware 373

16.2.3.3 FBI Ransom Ransomware 373

16.2.3.4 File Coder 373

16.2.3.5 Patcher 373

16.2.3.6 ThiefQuest Ransomware 374

16.2.3.7 Keydnap Ransomware 374

16.2.3.8 Bird Miner Ransomware 374

16.3 Ransomware Life Cycle 374

16.4 Detection Strategies 376

16.4.1 Unevil 376

16.4.2 Detecting File Lockers 376

16.4.3 Detecting Screen Lockers 377

16.4.4 Connection-Monitor and Connection-Breaker Approach 377

16.4.5 Ransomware Detection by Mining API Call Usage 377

16.4.6 A New Static-Based Framework for Ransomware Detection 377

16.4.7 White List-Based Ransomware Real-Time Detection Prevention (WRDP) 378

16.5 Analysis of Ransomware 378

16.5.1 Static Analysis 379

16.5.2 Dynamic Analysis 379

16.6 Prevention Strategies 380

16.6.1 Access Control 380

16.6.2 Recovery After Infection 380

16.6.3 Trapping Attacker 380

16.7 Ransomware Traits Analysis 380

16.8 Research Directions 384

16.9 Conclusion 384

References 384

Index 389

Current cyber threats are getting more complicated and advanced with the rapid evolution of adversarial techniques. Networked computing and portable electronic devices have broadened the role of digital forensics beyond traditional investigations into computer crime. The overall increase in the use of computers as a way of storing and retrieving high-security information requires appropriate security measures to protect the entire computing and communication scenario worldwide. Further, with the introduction of the internet and its underlying technology, facets of information security are becoming a primary concern to protect networks and cyber infrastructures from various threats. This groundbreaking new volume, written and edited by a wide range of professionals in this area, covers broad technical and socio-economic perspectives for the utilization of information and communication technologies and the development of practical solutions in cyber security and digital forensics.

About the Author
Mangesh M. Ghonge, PhD, is currently working at Sandip Institute of Technology and Research Center, Nashik, Maharashtra, India. He authored or co-authored more than 60 published articles in prestigious journals, book chapters, and conference papers. He is also the author or editor of ten books and has organized and chaired many national and international conferences.

Sabyasachi Pramanik, PhD, is an assistant professor in the Department of Computer Science and Engineering, Haldia Institute of Technology, India. He earned his doctorate in computer science and engineering from the Sri Satya Sai University of Technology and Medical Sciences, Bhopal, India. He has many publications in various reputed international conferences, journals, and online book chapter contributions and is also serving as the editorial board member of many international journals. He is a reviewer of journal articles in numerous technical journals and has been a keynote speaker, session chair and technical program committee member in many international conferences. He has authored a book on wireless sensor networks and is currently editing six books for multiple publishers, including Scrivener Publishing.

Ramchandra Mangrulkar, PhD, is an associate professor in the Department of Computer Engineering at SVKM’s Dwarkadas J. Sanghvi College of Engineering, Mumbai, Maharashtra, India. He has published 48 papers and 12 book chapters and presented significant papers at technical conferences. He has also chaired many conferences as a session chair and conducted various workshops and is also a ICSI-CNSS Certified Network Security Specialist. He is an active member on boards of studies in various universities and institutes in India.

Dac-Nhuong Le, PhD, is an associate professor and associate dean at Haiphong University, Vietnam. He earned his MSc and PhD in computer science from Vietnam National University, and he has over 20 years of teaching experience. He has over 50 publications in reputed international conferences, journals and online book chapter contributions and has chaired numerous international conferences. He has served on numerous editorial boards for scientific and technical journals and has authored or edited over 15 books by various publishers, including Scrivener Publishing.

There are no comments for this item.

to post a comment.