Dynamically Enabled Cyber Defense
- Length: 388 pages
- Edition: 1
- Language: English
- Publisher: World Scientific Publishing Company
- Publication Date: 2021-06-16
- ISBN-10: 9811234337
- ISBN-13: 9789811234330
- Sales Rank: #10205834 (See Top 100 Books)
The book puts forward dynamically enabled cyber defense technology as a solution to the system homogenization problem. Based on the hierarchy of the protected information system entity, the book elaborates on current mainstream dynamic defense technologies from four aspects: the internal hardware platform, software service, information data and external network communication. It also ascertains their possible evolution routes, clarifies their relationship with existing security products, and makes macro analyses and discussions on security gain and overall system efficiency of these technologies.
This book can be used as both a textbook for graduate courses related to electronic information as well as a reference for scientific researchers engaged in relevant research. It helps graduate students majoring in electronics and information sciences to gain an understanding in dynamically-enabled cyber defense. Scientists and engineers specialising in network security research should also find this book to be a useful guide on recent developments in network security.
Contents Preface About the Authors Chapter 1. Introduction 1.1 Development and Crisis of Information Age 1.1.1 Rapid Development of Informatization 1.1.2 Fantastic Experience of Informatization 1.1.3 Crisis Caused by Informatization 1.2 Omnipotent Cyber Attacks 1.2.1 Cyber Crime 1.2.2 APT 1.3 Unavoidable Security Vulnerabilities 1.3.1 Endless 0-day Vulnerabilities 1.3.2 Insecurity of Top Manufacturers’ Products 1.3.3 SDL Cannot Eradicate Vulnerabilities 1.3.4 Passivity of Existing Defense Solutions 1.4 Dynamically Enabled of Pre-Enemy Changes 1.4.1 “Changing with Enemy Situations” in the Art of War 1.4.2 Principle of Unpredictability 1.4.3 Dynamically Enabled Cyber Defense Idea References Chapter 2. Overview of Dynamically Enabled Defense 2.1 Overview of Dynamically Enabled Cyber Defense 2.1.1 Basic Status of Cyber Defense 2.1.2 Research Status of Dynamic Cyber Defense Technology 2.1.3 Definition of Dynamically Enabled Cyber Defense 2.2 Dynamically Enabled Defense Technology 2.2.1 Dynamic Software Defense Technology 2.2.2 Dynamic Network Defense Technology 2.2.3 Dynamic Platform Defense Technology 2.2.4 Dynamic Data Defense Technology 2.2.5 Essence of Dynamically Enabled Defense Technology — Temporal and Spatial Dynamization 2.3 Dynamic Enablement and Cyber Kill Chain 2.3.1 Dynamic Software Defense and Kill Chain 2.3.2 Dynamic Network Defense and Kill Chain 2.3.3 Dynamic Platform Defense and Kill Chain 2.3.4 Dynamic Data Defense and Kill Chain 2.4 Dynamic Enablement and Dynamic Attack Surfaces 2.4.1 Attack Surfaces 2.4.2 Attack Surface Measurement 2.4.3 Dynamic Attack Surface 2.5 Summary References Chapter 3. Dynamic Software Defense 3.1 Introduction 3.2 Address Space Layout Randomization 3.2.1 Overview 3.2.2 Buffer Overflow Attack 3.2.3 Stack Space Layout Randomization 3.2.4 Heap Space Layout Randomization 3.2.5 Dynamic Link Library Address Space Randomization 3.2.6 PEB/TEB Address Space Randomization 3.2.7 Basic Effectiveness and Existing Deficiencies 3.3 Instruction Set Randomization 3.3.1 Overview 3.3.2 Compiled Language ISR 3.3.3 Interpreted Language ISR 3.3.4 Basic Effectiveness and Existing Deficiencies 3.4 In-Place Code Randomization 3.4.1 Overview 3.4.2 How ROP Works 3.4.3 Atomic Instruction Substitution 3.4.4 Internal Base Block Reordering 3.4.5 Basic Effectiveness and Existing Deficiencies 3.5 Software Polymorphism 3.5.1 Overview 3.5.2 Extensible Compiler for Multi-Phase Instrumentation 3.5.3 Program Segmentation and Function Reordering 3.5.4 Instruction Filling Randomization 3.5.5 Register Randomization 3.5.6 Inverse Stack 3.5.7 Basic Effectiveness and Existing Deficiencies 3.6 Multi-Variant Execution 3.6.1 Overview 3.6.2 Technology Principle 3.6.3 Basic Effectiveness and Existing Deficiencies 3.7 Summary References Chapter 4. Dynamic Network Defense 4.1 Introduction 4.2 Dynamic Network Address Translation Technology 4.2.1 Overview 4.2.2 Technical Principle of DyNAT 4.2.3 Working Example of DyNAT 4.2.4 IPv6 Address Translation Technology 4.2.5 Basic Effectiveness and Existing Deficiencies 4.3 Randomized Allocation of Network Address Space Technology Based on DHCP 4.3.1 Overview 4.3.2 Principle of Network Worm Propagation 4.3.3 Abstract Model of Network Address Space Randomization 4.3.4 System Principle and Deployment Implementation 4.3.5 Basic Effectiveness and Existing Deficiencies 4.4 Synchronization-Based End Information Hopping Protection Technology 4.4.1 Overview 4.4.2 Principle of DoS Attacks 4.4.3 Technical Principle of End Information Hopping 4.4.4 Core Technology of End Information Hopping 4.4.5 Basic Effectiveness and Existing Deficiencies 4.5 Overlay Network Protection Technology Against DDoS Attacks 4.5.1 Overview 4.5.2 Overlay Network Architecture 4.5.3 Principle of DDoS Attacks 4.5.4 Technical Principle of DynaBone 4.5.5 Security Policy of DynaBone 4.5.6 Basic Effectiveness and Existing Deficiencies 4.6 Summary References Chapter 5. Dynamic Platform Defense 5.1 Introduction 5.2 Platform Dynamization Based on Reconfigurable Computing 5.2.1 Overview 5.2.2 Technical Principles 5.2.3 Basic Effectiveness and Existing Deficiencies 5.3 Application Live Migration Based on Heterogeneous Platforms 5.3.1 Overview 5.3.2 Technical Principles 5.3.3 Basic Effectiveness and Existing Deficiencies 5.4 Dynamic Diversification of Web Services 5.4.1 Overview 5.4.2 Technical Principles 5.4.3 Basic Effectiveness and Existing Deficiencies 5.5 Platform Dynamization Based on Intrusion Tolerance 5.5.1 Overview 5.5.2 Technical Principles 5.5.3 Basic Effectiveness and Existing Deficiencies 5.6 Summary References Chapter 6. Dynamic Data Defense 6.1 Essence of Dynamic Data Defense 6.2 Data Randomization 6.2.1 Overview 6.2.2 Technical Principles 6.2.3 Basic Effectiveness and Existing Deficiencies 6.3 Data Diversification of N-Variant 6.3.1 Overview 6.3.2 Technical Principles 6.3.3 Basic Effectiveness and Existing Deficiencies 6.4 N-Copy Data Diversification for Fault Tolerance 6.4.1 Overview 6.4.2 Technical Principles 6.4.3 Basic Effectiveness and Existing Deficiencies 6.5 Data Diversification for Web Application Security 6.5.1 Overview 6.5.2 Technical Principles 6.5.3 Basic Effectiveness and Existing Deficiencies 6.6 Summary References Chapter 7. Dynamic Defense Effectiveness Evaluation Technology 7.1 Introduction 7.2 Overall Evaluation of Defense Effectiveness of Dynamic Enablement Technology 7.2.1 Analytical Hierarchy Process 7.2.2 Fuzzy Comprehensive Evaluation 7.2.3 Markov Chain Evaluation 7.2.4 Comprehensive Evaluation Example 7.3 Defense Effectiveness Evaluation of Dynamic Enablement Technology Based on Vulnerability Analysis 7.3.1 Vulnerability Evaluation Idea 7.3.2 Vulnerability Analysis Methods 7.3.3 Vulnerability Classification Methods 7.3.4 Vulnerability Scoring Methods 7.3.4.1 CVSS method 7.3.4.2 Improved CVSS method 7.3.4.3 Vulnerability evaluation example 7.4 Effectiveness Evaluation of Moving Target Defense Based on Attack Surface Measurement 7.4.1 Effectiveness Evaluation of Moving Target Defense Against Network Attack–Defense Game 7.4.2 Attack Surface Measurement Methods Based on Stochastic Petri Network 7.4.2.1 Attack behavior description model 7.4.2.2 Description of attacker capability 7.4.2.3 Stochastic Petri network model of system dynamic change 7.4.3 Attack Surface Measurement Method Based on Markov Chain 7.4.3.1 Model description 7.4.3.2 Measurement method of changing attack surface 7.4.3.3 Attack detection probability measurement method 7.4.3.4 Example analysis 7.5 Moving Target Defense and System Availability Evaluation 7.5.1 Game Theory Method 7.5.1.1 Game model 7.5.1.2 State, action, and transition 7.5.1.3 Reward function 7.5.1.4 Optimal defense policy 7.5.2 Impact on System Development, Deployment, Operation, and Maintenance 7.6 Summary References Index
Donate to keep this site alive
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.