Handbook of Information and Communication Security (eBook)

Part A Fundamentals and Cryptography 17
1 A Framework for System Security 18
1.1 Introduction 18
1.2 Applications 28
1.3 Dynamic, Collaborative, and Future Secure Systems 33
References 34
The Author 35
2 Public-Key Cryptography 36
2.1 Overview 36
2.2 Public-Key Encryption: Definitions 38
2.3 Hybrid Encryption 41
2.4 Examples of Public-Key Encryption Schemes 42
2.5 Digital Signature Schemes: Definitions 45
2.6 The Hash-and-Sign Paradigm 46
2.7 RSA-Based Signature Schemes 47
2.8 References and Further Reading 48
References 48
The Author 49
3 Elliptic Curve Cryptography 50
3.1 Motivation 50
3.2 Definitions 51
3.3 Implementation Issues 54
3.4 ECC Protocols 56
3.5 Pairing-Based Cryptography 59
3.6 Properties of Pairings 61
3.7 Implementations of Pairings 63
3.8 Pairing-Friendly Curves 69
3.9 Further Reading 70
References 70
The Author 72
4 Cryptographic Hash Functions 73
4.1 Notation and Definitions 74
4.2 Iterated Hash Functions 75
4.3 Compression Functions of Hash Functions 76
4.4 Attacks on Hash Functions 78
4.5 Other Hash Function Modes 80
4.6 Indifferentiability Analysis of Hash Functions 82
4.7 Applications 83
4.8 Message Authentication Codes 84
4.9 SHA-3 Hash Function Competition 87
References 87
The Authors 93
5 Block Cipher Cryptanalysis 94
5.1 Breaking Ciphers 94
5.2 Differential Cryptanalysis 98
5.3 Conclusions and Further Reading 101
References 102
The Author 102
6 Chaos-Based Information Security 103
6.1 Chaos Versus Cryptography 104
6.2 Paradigms to Design Chaos-Based Cryptosystems 105
6.3 Analog Chaos-Based Cryptosystems 106
6.4 Digital Chaos-Based Cryptosystems 109
6.5 Introduction to Chaos Theory 112
6.6 Chaos-Based Stream Ciphers 115
6.7 Chaos-Based Block Ciphers 125
6.8 Conclusions and Further Reading 135
References 136
The Authors 140
7 Bio-Cryptography 141
7.1 Cryptography 141
7.2 Overview of Biometrics 150
7.3 Bio-Cryptography 157
7.4 Conclusions 166
References 167
The Authors 169
8 Quantum Cryptography 170
8.1 Introduction 170
8.2 Development of QKD 171
8.3 Limitations for QKD 175
8.4 QKD-Network Concepts 176
8.5 Application of QKD 179
8.6 Towards `Quantum-Standards' 181
8.7 Aspects for Commercial Application 182
8.8 Next Steps for Practical Application 184
References 185
The Author 185
Part B Intrusion Detection and Access Control 186
9 Intrusion Detection and Prevention Systems 187
9.1 Fundamental Concepts 187
9.2 Types of IDPS Technologies 192
9.3 Using and Integrating Multiple IDPS Technologies 200
References 201
The Authors 202
10 Intrusion Detection Systems 203
10.1 Intrusion Detection Implementation Approaches 203
10.2 Intrusion Detection System Testing 206
10.3 Intrusion Detection System Evaluation 211
10.4 Summary 213
References 214
The Authors 215
11 Intranet Security via Firewalls 216
11.1 Policy Conflicts 216
11.2 Challenges of Firewall Provisioning 218
11.3 Background: Policy Conflict Detection 219
11.4 Firewall Levels 222
11.5 Firewall Dependence 222
11.6 A New Architecture for Conflict-Free Provisioning 222
11.7 Message Flow of the System 225
11.8 Conclusion 226
References 227
The Authors 227
12 Distributed Port Scan Detection 229
12.1 Overview 229
12.2 Background 230
12.3 Motivation 231
12.4 Approach 233
12.5 Results 238
12.6 Conclusion 239
References 241
The Authors 242
13 Host-Based Anomaly Intrusion Detection 243
13.1 Background Material 244
13.2 Intrusion Detection System 247
13.3 Related Work on HMM-Based Anomaly Intrusion Detection 253
13.4 Emerging HIDS Architectures 258
13.5 Conclusions 262
References 262
The Author 263
14 Security in Relational Databases 264
14.1 Relational Database Basics 265
14.2 Classical Database Security 267
14.3 Modern Database Security 270
14.4 Database Auditing Practices 276
14.5 Future Directions in Database Security 277
14.6 Conclusion 277
References 278
The Author 279
15 Anti-bot Strategies Based on Human Interactive Proofs 280
15.1 Automated Tools 280
15.2 Human Interactive Proof 282
15.3 Text-Based HIPs 283
15.4 Audio-Based HIPs 285
15.5 Image-Based HIPs 286
15.6 Usability and Accessibility 295
15.7 Conclusion 296
References 296
The Authors 298
16 Access and Usage Control in Grid Systems 299
16.1 Background to the Grid 299
16.2 Standard Globus Security Support 300
16.3 Access Control for the Grid 301
16.4 Usage Control Model 306
16.5 Sandhu's Approach for Collaborative Computing Systems 308
16.6 GridTrust Approach for Computational Services 309
16.7 Conclusion 311
References 312
The Authors 313
17 ECG-Based Authentication 315
17.1 Background of ECG 316
17.2 What Can ECG Based Biometrics Be Used for? 319
17.3 Classification of ECG Based Biometric Techniques 319
17.4 Comparison of Existing ECG Based Biometric Systems 322
17.5 Implementation of an ECG Biometric 324
17.6 Open Issues of ECG Based Biometrics Applications 329
17.7 Security Issues for ECG Based Biometric 333
17.8 Conclusions 334
References 335
The Authors 336
Part C Networking 338
18 Peer-to-Peer Botnets 339
18.1 Introduction 339
18.2 Background on P2P Networks 340
18.3 P2P Botnet Construction 342
18.4 P2P Botnet C& C Mechanisms
18.5 Measuring P2P Botnets 346
18.6 Countermeasures 348
18.7 Related Work 351
18.8 Conclusion 352
References 352
The Authors 354
19 Security of Service Networks 355
19.1 An Infrastructure for the Service Oriented Enterprise 356
19.2 Secure Messaging and Application Gateways 358
19.3 Federated Identity Management Capability 362
19.4 Service-level Access Management Capability 365
19.5 Governance Framework 368
19.6 Bringing It All Together 371
19.7 Securing Business Operations in an SOA: Collaborative Engineering Example 376
19.8 Conclusion 382
References 384
The Authors 385
20 Network Traffic Analysis and SCADA Security 387
20.1 Fundamentals of Network Traffic Monitoring and Analysis 388
20.2 Methods for Collecting Traffic Measurements 390
20.3 Analyzing Traffic Mixtures 394
20.4 Case Study: AutoFocus 399
20.5 How Can We Apply Network Traffic Monitoring Techniques for SCADA System Security? 403
20.6 Conclusion 405
References 406
The Authors 408
21 Mobile Ad Hoc Network Routing 410
21.1 Chapter Overview 410
21.2 One-Layer Reputation Systems for MANET Routing 411
21.3 Two-Layer Reputation Systems (with Trust) 415
21.4 Limitations of Reputation Systems in MANETs 420
21.5 Conclusion and Future Directions 422
References 422
The Authors 423
22 Security for Ad Hoc Networks 424
22.1 Security Issues in Ad Hoc Networks 424
22.2 Security Challenges in the Operational Layers of Ad Hoc Networks 427
22.3 Description of the Advanced Security Approach 428
22.4 Authentication: How to in an Advanced Security Approach 430
22.5 Experimental Results 431
22.6 Concluding Remarks 433
References 434
The Authors 435
23 Phishing Attacks and Countermeasures 436
23.1 Phishing Attacks: A Looming Problem 436
23.2 The Phishing Ecosystem 438
23.3 Phishing Techniques 442
23.4 Countermeasures 445
23.5 Summary and Conclusions 450
References 450
The Author 451
Part D Optical Networking 452
24 Chaos-Based Secure Optical Communications Using Semiconductor Lasers 453
24.1 Basic Concepts in Chaos-Based Secure Communications 454
24.2 Chaotic Laser Systems 456
24.3 Optical Secure Communications Using Chaotic Lasers Diodes 462
24.4 Advantages and Disadvantages of the Different Laser-Diode-Based Cryptosystems 468
24.5 Perspectives in Optical Chaotic Communications 476
References 477
The Author 480
25 Chaos Applications in Optical Communications 481
25.1 Securing Communications by Cryptography 482
25.2 Security in Optical Communications 483
25.3 Optical Chaos Generation 487
25.4 Synchronization of Optical Chaos Generators 493
25.5 Communication Systems Using Optical Chaos Generators 499
25.6 Transmission Systems Using Chaos Generators 501
25.7 Conclusions 509
References 509
The Authors 512
Part E Wireless Networking 513
26 Security in Wireless Sensor Networks 514
26.1 Wireless Sensor Networks 515
26.2 Security in WSNs 516
26.3 Applications of WSNs 516
26.4 Communication Architecture of WSNs 519
26.5 Protocol Stack 520
26.6 Challenges in WSNs 521
26.7 Security Challenges in WSNs 523
26.8 Attacks on WSNs 528
26.9 Security in Mobile Sensor Networks 534
26.10 Key Management in WSNs 534
26.11 Key Management for Mobile Sensor Networks 545
26.12 Conclusion 546
References 546
The Authors 552
27 Secure Routing in Wireless Sensor Networks 554
27.1 WSN Model 555
27.2 Advantages of WSNs 555
27.3 WSN Constraints 556
27.4 Adversarial Model 556
27.5 Security Goals in WSNs 557
27.6 Routing Security Challenges in WSNs 560
27.7 Nonsecure Routing Protocols 560
27.8 Secure Routing Protocols in WSNs 564
27.9 Conclusion 574
References 574
The Authors 578
28 Security via Surveillance and Monitoring 580
28.1 Motivation 580
28.2 Duty-Cycling that Maintains Monitoring Coverage 582
28.3 Task-Specific Design: Network Self-Monitoring 587
28.4 Conclusion 601
References 601
The Author 603
29 Security and Quality of Service in Wireless Networks 604
29.1 Security in Wireless Networks 605
29.2 Security over Wireless Communications and the Wireless Channel 610
29.3 Interoperability Scenarios 617
29.4 Conclusions 628
References 628
The Authors 630
Part F Software 632
30 Low-Level Software Security by Example 633
30.1 Background 633
30.2 A Selection of Low-Level Attacks on C Software 635
30.3 Defenses that Preserve High-Level Language Properties 645
30.4 Summary and Discussion 655
References 656
The Authors 658
31 Software Reverse Engineering 659
31.1 Why Learn About Software Reverse Engineering? 660
31.2 Reverse Engineering in Software Development 660
31.3 Reverse Engineering in Software Security 662
31.4 Reversing and Patching Wintel Machine Code 663
31.5 Reversing and Patching Java Bytecode 668
31.6 Basic Antireversing Techniques 673
31.7 Applying Antireversing Techniques to Wintel Machine Code 674
31.8 Applying Antireversing Techniques to Java Bytecode 686
31.9 Conclusion 694
References 694
The Authors 696
32 Trusted Computing 697
32.1 Trust and Trusted Computer Systems 697
32.2 The TCG Trusted Platform Architecture 700
32.3 The Trusted Platform Module 703
32.4 Overview of the TCG Trusted Infrastructure Architecture 714
32.5 Conclusions 715
References 715
The Authors 717
33 Security via Trusted Communications 718
33.1 Definitions and Literature Background 719
33.2 Autonomic Trust Management Based on Trusted Computing Platform 726
33.3 Autonomic Trust Management Based on an Adaptive Trust Control Model 732
33.4 A Comprehensive Solution for Autonomic Trust Management 737
33.5 Further Discussion 742
33.6 Conclusions 742
References 743
The Author 745
34 Viruses and Malware 746
34.1 Computer Infections or Malware 747
34.2 Antiviral Defense: Fighting Against Viruses 759
34.3 Conclusion 767
References 767
The Author 768
35 Designing a Secure Programming Language 769
35.1 Code Injection 769
35.2 Buffer Overflow Attacks 773
35.3 Client-Side Programming: Playing in the Sandbox 775
35.4 Metaobject Protocols and Aspect-Oriented Programming 778
35.5 Conclusion 781
References 781
The Author 783
Part G Forensics and Legal Issues 784
36 Fundamentals of Digital Forensic Evidence 785
36.1 Introduction and Overview 786
36.2 Identification 787
36.3 Collection 788
36.4 Transportation 788
36.5 Storage 789
36.6 Analysis, Interpretation, and Attribution 789
36.7 Reconstruction 790
36.8 Presentation 791
36.9 Destruction 791
36.10 Make or Miss Faults 795
36.11 Accidental or Intentional Faults 795
36.12 False Positives and Negatives 796
36.13 Pre-Legal Records Retention and Disposition 796
36.14 First Filing 798
36.15 Notice 798
36.16 Preservation Orders 798
36.17 Disclosures and Productions 798
36.18 Depositions 799
36.19 Motions, Sanctions, and Admissibility 800
36.20 Pre-Trial 800
36.21 Testimony 801
36.22 Case Closed 801
36.23 Duties 802
36.24 Honesty, Integrity, and Due Care 802
36.25 Competence 802
36.26 Retention and Disposition 803
36.27 Other Resources 803
References 803
The Author 804
37 Multimedia Forensics for Detecting Forgeries 805
37.1 Some Examples of Multimedia Forgeries 806
37.2 Functionalities of Multimedia Forensics 808
37.3 General Schemes for Forgery Detection 810
37.4 Forensic Methods for Forgery Detection 811
37.5 Unresolved Issues 821
37.6 Conclusions 822
References 822
The Authors 824
38 Technological and Legal Aspects of CIS 825
38.1 Technological Aspects 826
38.2 Secure Wireless Systems 832
38.3 Legal Aspects of Secure Information Networks 834
38.4 An Emergency Telemedicine System/Olympic Games Application/CBRN Threats 840
38.5 Technology Convergence and Contribution 844
References 844
The Author 846
Index 847