Emerging Trends in ICT Security
Emerging Trends in
ICT Security This page intentionally left blank
Contents
Acknowledgments ............................................................................................................................. xvii About the Editors................................................................................................................................ xix List of Contributors ............................................................................................................................ xxi Preface .............................................................................................................................................. xxix
PART 1 INFORMATION AND SYSTEMS SECURITY SECTION 1 Theory/Reviews of the field
CHAPTER 1 System Security Engineering for Information Systems....................
5 Introduction................................................................................................................5 System security engineering history .........................................................................6 Established system security engineering methods, processes, and tools .................8 Modern and emerging system security engineering methods, processes, and tools...............................................................................................................13 Conclusion ...............................................................................................................20 Recommendations....................................................................................................20 Disclaimer ................................................................................................................20 Acknowledgments ...................................................................................................21 References................................................................................................................21 Further reading ........................................................................................................23
CHAPTER 2 Metrics and Indicators as Key Organizational Assets for ICT Security Assessment.......................................................
25 Introduction..............................................................................................................25 GOCAME strategy overview ..................................................................................26 Security evaluation for a web system: A proof of concept....................................34 Related work............................................................................................................42 Conclusion and future work ....................................................................................43 References................................................................................................................43
vi Contents
CHAPTER 3 A Fresh Look at Semantic Natural Language Information Assurance and Security: NL IAS from Watermarking and Downgrading to Discovering Unintended Inferences and
45 Situational Conceptual Defaults ................................................. Introduction..............................................................................................................45 Early breakthrough in NL IAS................................................................................46 A sketch of ontological semantic technology.........................................................51 Mature semantic NL IAS ........................................................................................54 Summary ..................................................................................................................60 Acknowledgments ...................................................................................................60 References................................................................................................................60
SECTION 2 Methods
CHAPTER 4 An Approach to Facilitate Security Assurance for Information Sharing and Exchange in Big-Data Applications ..........................
65 Introduction..............................................................................................................65 UML extensions for XML security.........................................................................68 Extensions for policy modeling and integration .....................................................70 Integrating local security policies into a global security policy ............................74 Related work............................................................................................................81 Conclusion ...............................................................................................................82 References................................................................................................................83
85 CHAPTER 5 Gamification of Information Security Awareness Training............. Introduction..............................................................................................................85 Literature review......................................................................................................86 Gamification system ................................................................................................89 Conclusion and future plans....................................................................................95 Acknowledgments ...................................................................................................96 References................................................................................................................96
CHAPTER 6 A Conceptual Framework for Information Security Awareness, Assessment, and Training ..........................................................
99 Introduction..............................................................................................................99 Background and literature .....................................................................................100 Human factors and information security...............................................................102 Information security learning continuum..............................................................102 Dimensions of information security awareness ....................................................104
Contents vii
A field study ..........................................................................................................105 Concluding remarks...............................................................................................108 References..............................................................................................................109 Further Reading .....................................................................................................110
CHAPTER 7 Security Projects for Systems and Networking Professionals ..... 111
Introduction............................................................................................................111 Background ............................................................................................................112 Cryptography .........................................................................................................112 Wireless network security .....................................................................................117 Conclusion .............................................................................................................120 References..............................................................................................................120 Further Reading .....................................................................................................122 SECTION 3 Case study CHAPTER 8 Assessing the Role of Governments in Securing E-Business: The Case of Jordan................................................ 125 Introduction............................................................................................................125 Literature review....................................................................................................126 Security in Jordan’s E-business initiatives: An analysis ......................................129 Conclusion and recommendations.........................................................................134 References..............................................................................................................134 PART 2 NETWORK AND INFRASTRUCTURE SECURITY SECTION 4 Theory Reviews of the fieldCHAPTER 9 A Survey of Quantum Key Distribution (QKD) Technologies ......... 141
Cryptography .........................................................................................................141 Quantum key distribution ......................................................................................142 Quantum key distribution systems ........................................................................143 The future of QKD ................................................................................................146 A military QKD usage scenario ............................................................................149 Conclusion .............................................................................................................150 Disclaimer ..............................................................................................................150 Acknowledgments .................................................................................................150 References..............................................................................................................150viii Contents CHAPTER 10 Advances in Self-Security of Agent-Based Intrusion
153 Detection Systems................................................................... Introduction............................................................................................................153 Overview................................................................................................................154 Framework for self-security, self-reliability and self-integrity of agent-based IDSs ...............................................................................................156 Prototyping and extending IDS-NIDIA ................................................................165 Tests .......................................................................................................................165 Related works ........................................................................................................166 Conclusion .............................................................................................................168 Acknowledgments .................................................................................................169 References..............................................................................................................169 Further reading ......................................................................................................171
CHAPTER 11 Secure Communication in Fiber-Optic Networks ........................ 173
Introduction............................................................................................................173 Confidentiality .......................................................................................................174 Privacy and optical steganography........................................................................177 Availability ............................................................................................................179 Summary ................................................................................................................180 References..............................................................................................................181 SECTION 5 Methods187 CHAPTER 12 Advanced Security Network Metrics ......................................... Introduction............................................................................................................187 Related work..........................................................................................................188 Method description ................................................................................................189 Metrics definition ..................................................................................................193 Description of experiments ...................................................................................195 Results of experiments ..........................................................................................199 Conclusion .............................................................................................................201 References..............................................................................................................201
CHAPTER 13 Designing Trustworthy Software Systems Using the NFR Approach ................................................................... 203
Introduction............................................................................................................203 The NFR approach ................................................................................................205
Contents ix
The Phoenix system and trustworthiness deficit ..................................................208 Application of the NFR approach for designing a trustworthy
Phoenix system ..................................................................................................209 Validation and lessons learned..............................................................................219 Summary ................................................................................................................223 Acknowledgments .................................................................................................223 References..............................................................................................................223
CHAPTER 14 Analyzing the Ergodic Secrecy Rates of Cooperative Amplify-and-Forward Relay Networks over
227 Generalized Fading Channels ................................................... Introduction............................................................................................................227 Secure cooperative wireless communications.......................................................229 Computational results ............................................................................................231 Conclusion .............................................................................................................240 Appendix................................................................................................................241 References..............................................................................................................242
CHAPTER 15 Algebraic Approaches to a Network-Type Private Information Retrieval............................................................... 245 Introduction............................................................................................................245 The data processing scheme and statement of the problem .................................246 Algorithmic description of the solution ................................................................247 Algebraic description of the solution ....................................................................249 Conclusion .............................................................................................................251 Summary ................................................................................................................251 References..............................................................................................................251 CHAPTER 16 Using Event Reasoning for Trajectory
253 Tracking................................................................................. Introduction............................................................................................................253 Example .................................................................................................................254 Event model ...........................................................................................................255 Scenario adapts ......................................................................................................257 Event functions and inference rules ......................................................................259 Experiments ...........................................................................................................262 Summary ................................................................................................................264 Acknowledgments .................................................................................................265 References..............................................................................................................265
x Contents CHAPTER 17 Resource-Efficient Multi-Source Authentication
267 Utilizing Split-Join One-Way Key Chain..................................... Introduction............................................................................................................267 Related works ........................................................................................................268 Methodology ..........................................................................................................270 Conclusion .............................................................................................................278 Acknowledgments .................................................................................................278 References..............................................................................................................278
CHAPTER 18 Real-time Network Intrusion Detection Using Hadoop-Based Bayesian Classifier ................................................................. 281 Introduction............................................................................................................281 Overview on Hadoop based technologies.............................................................282 Survey of Intrusion Detection Systems.................................................................285 Hadoop-based real-time Intrusion Detection: System architecture ......................289 Practical application scenario and system evaluation...........................................290 Summary ................................................................................................................298 References..............................................................................................................298 CHAPTER 19 Optimum Countermeasure Portfolio
301 Selection: A Knapsack Approach ............................................. Introduction............................................................................................................301 The Knapsack problem and a dynamic programming solution............................303 Problem description ...............................................................................................304 The proposed binary knapsack-based approach and its dynamic programming algorithm .....................................................................................306 Computational example and comparison ..............................................................309 Conclusion .............................................................................................................312 References..............................................................................................................313
CHAPTER 20 CSRF and Big Data: Rethinking Cross-Site Request Forgery in Light of Big Data ................................................................. 315
Introduction............................................................................................................315 SOP and CSRF ......................................................................................................316 Motivation and related work .................................................................................319 Defenses against CSRF: Server and browser Sides..............................................322 Experiment results: CSRF in social media and networking sites ........................324 Analysis of test framework with popular Web/URL scanning tools ...................330
Contents xi
Conclusions and future work.................................................................................332 References..............................................................................................................333
CHAPTER 21 Security through Emulation-Based Processor Diversification ........................................................................ 335 Introduction............................................................................................................335 Background and challenges...................................................................................337 Proposed security approach...................................................................................340 A case study: Web server......................................................................................344 Experimentation and results ..................................................................................349 Discussion ..............................................................................................................353 Conclusions and future work.................................................................................354 Acknowledgments .................................................................................................355 References..............................................................................................................355 CHAPTER 22 On the Use of Unsupervised Techniques for Fraud Detection in VoIP Networks .................................................................... 359
Introduction............................................................................................................359 Background ............................................................................................................360 Signature-based fraud detection ............................................................................364 Experiments ...........................................................................................................367 Conclusion .............................................................................................................372 References..............................................................................................................372
PART 3 MOBILE AND CLOUD COMPUTING SECTION 6 Reviews of the field CHAPTER 23 Emerging Security Challenges in Cloud Computing, from Infrastructure-Based Security to Proposed Provisioned
379 Cloud Infrastructure ................................................................ Introduction............................................................................................................379 Background ............................................................................................................381 Infrastructure security............................................................................................381 Cloud service models ............................................................................................384 Provisioned access control infrastructure (DACI) ................................................392 Conclusion .............................................................................................................392 References..............................................................................................................393
xii Contents SECTION 7 Methods
CHAPTER 24 Detection of Intent-Based Vulnerabilities in Android Applications ........................................................... 397
Introduction............................................................................................................397 Comparison to related work ..................................................................................398 Model definition and notations .............................................................................399 Vulnerability modeling..........................................................................................402 Security testing methodology................................................................................404 Implementation and experimentation....................................................................411 Conclusion .............................................................................................................416 Acknowledgments .................................................................................................416 References..............................................................................................................416
PART 4 CYBER CRIME AND CYBER TERRORISM SECTION 8 Theory CHAPTER 25 A Quick Perspective on the Current State
423 in Cybersecurity...................................................................... Introduction............................................................................................................423 The scope of cybersecurity....................................................................................423 Contributions .........................................................................................................424 Understanding the scope of cybersecurity ............................................................424 Malware, the infectious disease, and phishing, the fraud.....................................426 Vulnerabilities: The long exploitable holes ..........................................................430 Data breach: A faulty containment .......................................................................432 Cyber-war, the latest war front .............................................................................433 Lessons learned......................................................................................................436 References..............................................................................................................437
443 CHAPTER 26 A Paradigm Shift in Cyberspace Security .................................. Introduction............................................................................................................443 Cyber-terrorism......................................................................................................443 A security paradigm shift in cyberspace...............................................................445 Intelligent agents in security auditing ...................................................................446 Summary ................................................................................................................450 References..............................................................................................................450
Contents xiii SECTION 9 Methods
CHAPTER 27 Counter Cyber Attacks By Semantic Networks ........................... 455
Introduction............................................................................................................455 Related work..........................................................................................................456 Methodology ..........................................................................................................457 Experiments ...........................................................................................................461 Conclusion and future work ..................................................................................465 Acknowledgments .................................................................................................466 References..............................................................................................................466469 CHAPTER 28 Man-in-the-Browser Attacks in Modern Web Browsers .............. Introduction............................................................................................................469 Chapter overview...................................................................................................470 Related work..........................................................................................................471 Browser architecture..............................................................................................471 Man-in-the-browser attacks on different layers ....................................................472 Countermeasures....................................................................................................477 Conclusion .............................................................................................................479 References..............................................................................................................480
CHAPTER 29 Improving Security in Web Sessions: Special Management of Cookies .............................................................................. 481
Introduction............................................................................................................481 Related work..........................................................................................................482 Proposed mechanism for web session management .............................................484 Implementation and experiments ..........................................................................486 Conclusion and further work.................................................................................489 References..............................................................................................................490
493 CHAPTER 30 Leveraging Semantic Web Technologies for Access Control ...... Introduction............................................................................................................493 Implementing RBAC with ontologies...................................................................494 Semantically extending the XACML attribute model ..........................................495 Ontology-based context awareness .......................................................................496 Ontological specification of user preferences.......................................................497 Semantic access control in online social networks...............................................498 DEMONS ontological access control model ........................................................499 Discussion ..............................................................................................................502
xiv Contents
Acknowledgments .................................................................................................503 References..............................................................................................................504
CHAPTER 31 Cyber Security Education: The Merits of Firewall Exercises ....... 507
Introduction............................................................................................................507 Criteria for firewall education...............................................................................508 Evaluation of firewall exercises ............................................................................509 Satisfying the criteria.............................................................................................511 Emerging trends in firewall education..................................................................514 Conclusion .............................................................................................................514 Acknowledgments .................................................................................................515 References..............................................................................................................515 SECTION 10 Case study CHAPTER 32 Surveillance without Borders: The Case of Karen Refugees in Sheffield............................................................................. 519Introduction............................................................................................................519 Background ............................................................................................................520 Methodological issues ...........................................................................................523 Analyzing discourse ..............................................................................................524 The hacking incident .............................................................................................524 “We are Watching You”: Analysis of discourse messages posted ......................527 Conclusion .............................................................................................................530 Appendix................................................................................................................531 References..............................................................................................................532 Further Reading .....................................................................................................533
PART 5 FOCUS TOPICS: FROM ONLINE RADICALISATION TO ONLINE FINANCIAL CRIME SECTION 11 Theory CHAPTER 33 A Framework for the Investigation and Modeling of Online
539 Radicalization and the Identification of Radicalized Individuals..... Introduction............................................................................................................539 Systematic consideration of influencing factors: The radicalization-factor model................................................................................541
Contents xv
Identification of radicalized individuals: Behavioral indicators............................................................................................................543 Application of the framework ...............................................................................545 References..............................................................................................................546
CHAPTER 34 Preventing Terrorism Together: A Framework to Provide Social Media Anti-Radicalization Training
549 for Credible Community Voices ................................................ Introduction............................................................................................................549 Online radicalization .............................................................................................551 Collaboration in counter-terrorism........................................................................553 Credible voices ......................................................................................................554 Conclusion .............................................................................................................555 References..............................................................................................................555
SECTION 12 Methods
CHAPTER 35 Investigating Radicalized Individual Profiles through Fuzzy Cognitive Maps.............................................................. 559 Introduction............................................................................................................559 The radicalization process: How can it happen? ..................................................560 Investigating radical online profiles: A short overview
of existing methods ...........................................................................................564 Fuzzy cognitive mapping of factors for self-radicalization as an alternative approach .................................................................................567 Conclusion .............................................................................................................571 References..............................................................................................................572
CHAPTER 36 Financial Security against Money Laundering:
577 A Survey................................................................................. Money laundering..................................................................................................577 Anti-money laundering efforts ..............................................................................579 Estimating the extent of ML .................................................................................581 Data mining techniques for ML detection ............................................................585 Conclusion .............................................................................................................587 References..............................................................................................................588
xvi Contents
591
CHAPTER 37 Intelligent Banking XML Encryption Using Effective Fuzzy Logic Introduction............................................................................................................591 Literature review....................................................................................................592 System model and design......................................................................................594 Experiments and results.........................................................................................601 Summary ................................................................................................................612 References..............................................................................................................615 Further Reading .....................................................................................................617 Index .................................................................................................................................................. 619
Acknowledgments
We wish to thank everyone who has contributed to this book. In particular, we would like to acknowledge the contribution of CENTRIC (Centre of excellence in terrorism, resilience, intelli- gence & organised crime research, at Sheffield Hallam University, UK). We would also like to take this opportunity to express our gratitude to the following as members of the book review board for their contributions to the final publication.
Review Board
Babak Akhgar Hamid R. Arabnia Ben Brewster Richard Hill Hamid Jahankhani Kayleigh Johnson Eleanor Lockley Reza Nasserzadeh Simon Polovina Jawed Siddiqi Andrew Staniforth This page intentionally left blank
About the Editors
Babak Akhgar Babak Akhgar is Professor of Informatics and Director of the Centre of excellence in terrorism, resilience, intelligence & organised crime research (CENTRIC) at Sheffield Hallam University, and a Fellow of the British Computer Society. Professor Akhgar graduated from Sheffield Hallam University in Software Engineering. After gaining considerable commercial experience as a Strategy Analyst and Methodology Director for several companies, he consolidated this experience by obtaining a masters degree (with distinction) in Information Systems in Management and a PhD in Information Systems. He has more than 100 referred publications in international journals and conference proceedings. He is on the editorial boards of three international journals, and is chair and programme committee member of several international conferences. He has extensive hands-on experience in development, management, and execution of large international KM and security initiatives (e.g., combating terrorism and organized crime, cybersecurity, public order, and cross- cultural ideology polarization). He also has an established network of collaborators in various academic and law enforcement agencies locally, nationally, and internationally. The impact of his research on e-security, manifested in a multi-lingual portal for business crime reduction, and his research on combating organized crime and terrorism led to an international research project with partners such as Europol and a number of LEAs (with a project value of 3.2 M Euro). He has recently written and edited a number of books on intelligence management and national security.
Hamid R. Arabnia Hamid R. Arabnia received his Ph.D. degree in Computer Science from the University of Kent (Canterbury, England) in 1987 and since October of that year has been a Full Professor of Computer Science at the University of Georgia (Georgia, USA). Professor Arabnia’s research interests include parallel and distributed processing techniques and algorithms, supercomputing, inter- connection networks, and applications. He is is Editor-in-Chief of the Journal of Supercomputing (one of the oldest journals in computer science), published by Springer, and has been Associate Editor of IEEE Transactions on Information Technology in Biomedicine (2008 2011). He is also on the editorial and advisory boards of over 35 other journals. Professor Arabnia is the founding chair of the annual World Congress in Computer Science, Computer Engineering, and Applied Computing (WORLDCOMP), and editor of Transactions on Computational Science and Computational
Intelligence (Springer), and Transactions on Computer Science and Applied Computing (Elsevier).
Prof. Arabnia has edited/co-edited over 100 books; his most recent co-edited book (Software Tools
and Algorithms for Biological Systems ) is among the top 25 percent most downloaded Springer
e-books. Prof. Arabnia has published extensively in journals and refereed conference proceedings.He has over 350 publications (journals, proceedings, editorships) in his area of research. He has been a PI/Co-PI on approximately $7.5 M worth of externally funded projects/initiatives. During his tenure as Graduate Coordinator/Director of Computer Science (2002 2009), Dr. Arabnia secured the largest level of funding in the history of the department for supporting graduate students (PhD, MS). This page intentionally left blank
List of Contributors
Zair Abdelouahab Federal University of Maranha˜o, Sa˜o Luı´s, MA, Brazil Maher Aburrous Al Hoson University, Abu Dhabi, UAE Eyidayo Adebola Prairie View A&M University, Prairie View, TX, USA Babak Akhgar Sheffield Hallam University, Sheffield, UK Sayed Alireza Hashemi Golpayegani Amirkabir University of Technology (Tehran Polytechnic), Tehran, Iran Ja’far Alqatawna The University of Jordan, Amman, Jordan Omar Al-Kadi The University of Jordan, Amman, Jordan Rizik Al-Sayyed The University of Jordan, Amman, Jordan Faisal T. Ammari University of Huddersfield, Huddersfield, UK Annamalai Annamalai Prairie View A&M University, Prairie View, TX, USA Manoj Apte Tata Consultancy Services Limited, Pune, MH, India Hamid R. Arabnia University of Georgia, Athens, GA, USA
Vladimir B. Balakirsky State University of Aerospace Instrumentation, St-Petersburg, Russia Maros Barabas Brno University of Technology, Brno, Czech Republic Gerald Baumgartner † Laboratory for Telecommunications Science, College Park, MD, USA xxii List of Contributors
Petra Saskia Bayerl Erasmus University, Rotterdam, The Netherlands Timothy Bowden Jacksonville State University, Jacksonville, AL, USA Ben Brewster Sheffield Hallam University, Sheffield, UK Roman Busse Fraunhofer Institute for Open Communication Systems (FOKUS), Berlin, Germany Petr Chmelar Brno University of Technology, Brno, Czech Republic Seonho Choi Bowie State University, Bowie, MD, USA John M. Colombi United States Air Force Institute of Technology, Wright-Patterson AFB, OH, USA Guillermo Covella National University of La Pampa Engineering School, Santa Rosa, LP, Argentina Miles Crabill Lewis & Clark College, Portland, OR, USA Evan Damon Lewis & Clark College, Portland, OR, USA David de Andre´s Universitat Polite`cnica de Vale`ncia, Valencia, Spain Alberto De la Rosa Algarı´n University of Connecticut, Storrs, CT, USA Leonidas Deligiannidis Wentworth Institute of Technology, Boston, MA, USA Nikolaos L. Dellas SingularLogic Software and Integrated IT Solutions, Nea Ionia, Greece Steven A. Demurjian University of Connecticut, Storrs, CT, USA Alexander Dieser National University of La Pampa Engineering School, Santa Rosa, LP, Argentina Steven Drager
List of Contributors xxiii
Michal Drozd Brno University of Technology, Brno, Czech Republic Hyeonsang Eom Seoul National University, Seoul, Korea Diogo A.B. Fernandes University of Beira Interior, Covilha˜, Portugal Guillermo Francia, III Jacksonville State University, Jacksonville, AL, USA Ma´rio M. Freire University of Beira Interior, Covilha˜, Portugal Kaleb Ganz Lewis & Clark College, Portland, OR, USA Qigang Gao Dalhousie University, Halifax, NS, Canada Anahit R. Ghazaryan State University of Aerospace Instrumentation, St-Petersburg, Russia Joa˜o V. Gomes University of Beira Interior, Covilha˜, Portugal Geff Green Sheffield Hallam University, Sheffield, UK Michael R. Grimaila United States Air Force Institute of Technology, Wright-Patterson AFB, OH, USA Petr Hanacek Brno University of Technology, Brno, Czech Republic Mohammad Hassanzadeh Tarbiat Modares University, Tehran, Iran Peng He University of Maryland, Baltimore, MD, USA Douglas D. Hodson United States Air Force Institute of Technology, Wright-Patterson AFB, OH, USA Ivan Homoliak Brno University of Technology, Brno, Czech Republic xxiv List of Contributors
Mihai Horia Zaharia “Gheorghe Asachi” Technical University, Ia ¸si, Romaˆnia Claire Humbeutel Lewis & Clark College, Portland, OR, USA Pedro R.M. Ina´cio University of Beira Interior, Covilha˜, Portugal David Jacques United States Air Force Institute of Technology, Wright-Patterson AFB, OH, USA Narges Jahangiri Ministry of Education, Tehran, Iran Kayleigh Johnson Sheffield Hallam University, Sheffield, UK Dimitra I. Kaklamani National Technical University of Athens, Athens, Greece Maria N. Koukovini National Technical University of Athens, Athens, Greece Sofiane Labidi Federal University of Maranha˜o, Sa˜o Luı´s, MA, Brazil Ville Leppa¨nen University of Turku, Turku, Finland Georgios V. Lioudakis National Technical University of Athens, Athens, Greece Eleanor Lockley Sheffield Hallam University, Sheffield, UK Denivaldo Lopes Federal University of Maranha˜o, Sa˜o Luı´s, MA, Brazil Pascal Lorenz University of Haute Alsace, Colmar, France J. Lu University of Huddersfield, Huddersfield, UK Jianbing Ma Bournemouth University, Bournemouth, UK
List of Contributors xxv