Cybersecurity Fundamentals: Understand the Role of Cybersecurity, Its Importance and Modern Techniques Used by Cybersecurity Professionals
Cybersecurity for Beginners
- In-depth coverage of cybersecurity concepts, vulnerabilities and detection mechanism.
- Cutting-edge coverage on frameworks, Intrusion detection methodologies and how to design cybersecurity infrastructure.
- Access to new tools, methodologies, frameworks and countermeasures developed for cybersecurity.
Cybersecurity Fundamentals starts from the basics of data and information, includes detailed concepts of Information Security and Network Security, and shows the development of ‘Cybersecurity’ as an international problem. This book talks about how people started to explore the capabilities of Internet technologies to conduct crimes globally. It covers the framework for analyzing cyber costs that enables us to have an idea about the financial damages. It also covers various forms of cybercrime which people face in their day-to-day lives and feel cheated either financially or blackmailed emotionally.
The book also demonstrates Intrusion Detection Systems and its various types and characteristics for the quick detection of intrusions in our digital infrastructure. This book elaborates on various traceback schemes and their classification as per the utility. Criminals use stepping stones to mislead tracebacking and to evade their detection. This book covers stepping-stones detection algorithms with active and passive monitoring. It also covers various shortfalls in the Internet structure and the possible DDoS flooding attacks that take place nowadays.
What you will learn
- Get to know Cybersecurity in Depth along with Information Security and Network Security.
- Build Intrusion Detection Systems from scratch for your enterprise protection.
- Explore Stepping Stone Detection Algorithms and put into real implementation.
- Learn to identify and monitor Flooding-based DDoS Attacks.
Who this book is for
This book is useful for students pursuing B.Tech.(CS)/M.Tech.(CS),B.Tech.(IT)/M.Tech.(IT), B.Sc (CS)/M.Sc (CS), B.Sc (IT)/M.Sc (IT), and B.C.A/M.C.A. The content of this book is important for novices who are interested to pursue their careers in cybersecurity. Anyone who is curious about Internet security and cybercrime can read this book too to enhance their knowledge.
About the Authors
Dr. Rajesh Kumar Goutam is working as an Assistant professor in the Department of Computer Science, University of Lucknow. He has over 10 years of experience in teaching and research in the field of Computer Science. He did his MCA from Uttar Pradesh Technical University, Lucknow and earned his Ph.D. in Computer Science from Babasaheb Bhimrao Ambedkar University, Lucknow.
His interest lies in developing the framework to detect the true source of cybercrimes and to track the criminals across digital infrastructures. He has contributed to the cybersecurity field through his several publications in various journals of repute. He is an active member of various professional bodies too.
Cover Page Title Page Copyright Page Dedication Page About the Author About the Reviewer Acknowledgement Preface Errata Table of Contents 1. Introduction to Cybersecurity Structure Objective 1.1 Data and information 1.1.1 Data versus information 1.1.2 Characteristics of information 1.2 Data communication 1.2.1 Data communication model 1.2.2 Data communication system 1.3 Computer network 1.3.1 Local Area Network (LAN) 1.3.2 Metropolitan Area Network (MAN) 1.3.3 Wide Area Network (WAN) 1.3.4 Personal Area Network (PAN) 1.3.5 Storage Area Network (SAN) 1.3.6 Enterprise Private Network (EPN) 1.3.7 Virtual Private Network (VPN) 1.4 World Wide Web 1.4.1 Characteristics of World Wide Web 1.5 Internet 1.6 W3 Consortium (W3C) 1.6.1 Functions of W3C 1.7 Networking, W3 and internet relationship 1.8 Information security 1.9 World Wide Web Security 1.10 Network Security 1.11 Cybersecurity 1.11.1 Importance of Cybersecurity 1.11.2 Cybersecurity – An international problem 1.11.3 Common and shared responsibility 1.11.4 Cyberspace 1.11.5 Cybercrime 1.11.6 Vicious architecture of cybercrime 1.11.7 Taxonomies of cybercrime 1.11.8 Motivations behind cybercrimes 1.11.9 Cyberattack, Threat, Vulnerability and Malware 1.11.10 Cyberterrorism 1.12 Information security to cybersecurity 1.13 Role of risk analysis in cybersecurity Conclusion Points to remember MCQ Answer Questions References 2. Cybersecurity Landscape and Its Challenges Structure Objective 2.1 History of computers and cybercrime 2.2 Cybercrime – As a profession 2.3 Cost of cybercrime 2.4 Framework for analysing the cybercosts 2.5 Various forms of cybercrimes 2.5.1 Cyber stalking 2.5.2 Intellectual property theft 2.5.3 Salami attack 2.5.4 e-Mailbombing 2.5.5 Phishing 2.5.6 Identity theft 2.5.7 Spoofing 2.5.8 Worms, Trojan Horses, Virus 2.5.9 DoS and DDoS 2.5.10 Pornography 2.5.11 Defacement attacks 2.5.12 Ransomware 2.6 Challenges in cybersecurity 2.6.1 Cybersecurity is borderless 2.6.2 Anonymity of actors 2.6.3 Fuzziness of terminology 2.6.4 Large and amorphous 2.6.5 Speed of technology development 2.6.6 Tracking the origin of crime 2.6.7 Shortage of cyber expertise 2.6.8 Lack of international cooperation 2.6.9 Lack of international legislation 2.7 Cybercrime – As a Service 2.8 Cybercrime underground black market 2.8.1 Characteristics of black market 184.108.40.206 Structure of black market 220.127.116.11 Participants of black market Spammers Web developers Cashiers Financers Conclusion Points to remember MCQ Answer Questions References 3. Information Security and Intrusion Detection System Structure Objective 3.1 Critical National Infrastructure 3.2 Confidentiality-Integrity-Availability Triad 3.3 Defensive Lifecycle 3.4 Intrusion and its types 3.5 Intrusion Detection system 3.5.1 Functions of Intrusion Detection System 3.6 Characteristics of IDS 3.6.1 How IDS is important in business organization 3.6.2 Components of IDS 3.6.3 Architecture of IDS 3.7 Major types of Intrusion Detection System 3.7.1 Host-Based intrusion detection system 18.104.22.168 Advantages of a host-based system 3.7.2 Network-based intrusion detection system 22.214.171.124 Advantages of network-based system 3.8 Host-based IDS versus Network-Based IDS 3.9 Intrusion detection and prevention principles 3.9.1 Functions of IDPS 126.96.36.199 Maintaining system log 188.8.131.52 Maintaining audit trail 184.108.40.206 Recording malicious attempts information 220.127.116.11 Notifying administrators about observed key event 18.104.22.168 Producing reports 22.214.171.124 Intrusions prevention 3.9.2 Common detection methodologies 126.96.36.199 Signature-based detection 188.8.131.52 Anomaly-based detection 184.108.40.206 Stateful protocol analysis 3.9.3 Evaluation of methodologies 3.9.4 IDPS technologies 220.127.116.11 Network-based IDPS 18.104.22.168 Wireless-based IDPS 22.214.171.124 Network behavior analysis (NBA) 126.96.36.199 Host-Based IDPS Conclusion Points to remember MCQ Answer Questions References 4. Cybercrime Source Identification Techniques Structure Objective 4.1 Cyber forensic 4.2 Intrusion activities 4.3 Attribution and traceback 4.4 Why attribution is difficult? 4.5 Assumptions in traceback 4.6 IP address and traceback mechanism 4.7 Classification of traceback schemes 4.7.1 Probabilistic Packet marking (PPM) 4.7.2 Deterministic Packet Marking (DPM) 4.7.3 Algebraic-based traceback Approach (ATA) 4.7.4 ICMP traceback or iTrace method 4.7.5 Source Path Isolation Engine (SPIE) 188.8.131.52 The SPIE architecture 4.8 Evaluation of IP Traceback Schemes 4.8.1 Deployability 4.8.2 Scalability 4.8.3 Memory requirement 4.8.4 Router processing overhead 4.8.5 Reliability 4.8.6 Singlepacket traceback 4.8.7 Applicability on different attacks 4.8.8 Prior knowledge of network topology 4.8.9 Accuracy 4.8.10 Post attack analysis 4.8.11 Attacker’s challenge to the scheme 4.8.12 Involvement of routers in traceback 4.8.13 Number of bits overridden in IP header 4.8.14 Number of packets required to traceback 4.9 Active response characteristics 4.10 Sleepy Watermark Tracing (SWT) 4.10.1 SWT concepts 4.10.2 Basic SWT assumptions 4.10.3 The SWT architecture 4.10.4 Sleepy Intrusion Response 4.10.5 Watermark –Enabled application 4.10.6 Watermark correlation Conclusion Points to remember MCQ Answer Questions References 5. Stepping Stone Detection and Tracing System Structure Objective 5.1 The problem of accountability 5.1.1 Network identifier 5.1.2 Temporal thumbprint 5.2 Stepping stones 5.2.1 Direct and indirect stepping stones 5.2.2 Stepping stone detection algorithm consideration 5.2.3 Active and passive monitoring 5.2.4 Single and multiple measurement points 5.2.5 Filtering 5.2.6 Minimizing state for connection pairs 5.2.7 Traffic patterns 184.108.40.206 Path, traffic and demand matrices 220.127.116.11 Responsiveness 18.104.22.168 Evasive attackers 22.214.171.124 IDS signature and base-lining 126.96.36.199 Obfuscation 5.3 Timing-based stepping stone detection approach 5.3.1 Timing correlation when OFF periods end 188.8.131.52 Evasion Using Jitter 184.108.40.206 Evasion using chaff 5.4 Brute Force Content-based Algorithm 5.5 Simple content-based algorithm 5.6 Anomaly detection techniques 5.6.1 Response-time based algorithm 5.6.2 Edit-distance based algorithm 5.6.3 Causality-based algorithm Conclusion Points to remember MCQ Answer Questions References 6. Infrastructural Vulnerabilities and DDoS Flooding Attacks Structure Objective 6.1 COTS software and internet security 6.2 Vulnerability Life Cycle 6.3 Shortfalls in internet structure 6.3.1 The internet structure does not facilitate tracking and tracing user behavior 6.3.2 Internet infrastructure does not resist highly untrustworthy users 6.3.3 Malicious packet source address remains vague that severely hinders tracking and tracing 6.3.4 Better coordination and collaboration between the criminals and cyber-skilled professionals 6.3.5 Lack of central security mechanism 6.3.6 Cybersecurity suffers with cross-multiple administrative, jurisdictional and national boundaries 6.3.7 High-speed network traffic prevents tracking 6.3.8 Tunnels present barriers in tracking and tracing 6.3.9 Annihilation of logs and audit data 6.4 Cooperative intrusion traceback and Response Architecture (CITRA) 6.4.1 CITRA correlation tools 6.5 DDoS flooding attacks 6.5.1 Network/Transport-level DDoS flooding attack 220.127.116.11 Flooding attack 18.104.22.168 Protocol exploitation flooding attack 22.214.171.124 Reflection-based flooding attack 126.96.36.199 Amplification-based flooding attack 6.5.2 Application-level DDoS flooding attacks 188.8.131.52 Reflection/Amplification based flooding attack 184.108.40.206 HTTP flooding attack 6.6 DDoS attacks on OSI layers 6.7 Cyberwar 6.7.1 Why cyberwar is attractive? 6.7.2 Key terminologies Conclusion Points to remember MCQ Answer Questions References Index
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.