Cyber Security in India (eBook)
X, 108 Seiten
Springer Singapore (Verlag)
978-981-15-1675-7 (ISBN)
Sandeep Kumar Shukla is currently the Poonam and Prabhu Goel Chair Professor and Head of the Computer Science and Engineering Department, Indian Institute of Technology, Kanpur, India. He is the Editor-in-Chief of ACM Transactions on Embedded Systems and an Associate Editor of ACM Transactions on Cyber-Physical Systems. He is an IEEE fellow, an ACM Distinguished Scientist, and served as an IEEE Computer Society Distinguished Visitor from 2008 to 2012, and as an ACM Distinguished Speaker from 2007 to 2014. He was previously an Associate Editor of IEEE Transactions on Computers, IEEE Transactions on Industrial Informatics, IEEE Design & Test, IEEE Embedded Systems Letters, and various other journals. He was a member of the faculty at the Virginia Polytechnic Institute, Arlington, Virginia, between 2002 and 2015, and has also been a visiting scholar at INRIA, France, and the University of Kaiserslautern, Germany. In 2014, he was named a fellow of the Institute of Electrical and Electronics Engineers (IEEE) for his contributions to applied probabilistic model checking for system design. He has authored several books on systems and has edited and co-authored numerous books with Springer.
Prof. Manindra Agrawal received his B.Tech. and Ph.D. in Computer Science and Engineering from the Indian Institute of Technology, Kanpur in 1986 and 1991, respectively. He was a fellow of the School of Mathematics, SPIC Science Foundation, Chennai, from 1993 to 1995, and a Humboldt fellow at the University of Ulm, Germany, from 1995 to 1996. He joined the faculty at IIT Kanpur as an Assistant Professor at the Department of Computer Science and Engineering in 1996. And was appointed as the N. Rama Rao Chair Professor in 2003. He is the recipient of several international awards, including the Fulkerson Prize 2006 and the Gödel Prize 2006, and has published and presented papers in respected journals. He was the Head of the Computer Science and Engineering Department, and Dean of Faculty affairs at IIT Kanpur. Currently, he is the Deputy Director and Officiating Director of IIT Kanpur. Prof. Agrawal has made significant contributions to the theory of efficient reactions between computational problems, which are part of the program studying the well-known P vs NP question in mathematics/computer science. His joint paper with two of his former students resolves the centuries-old problem of a fast test of primality. In the language of complexity theory, they have proved that recognizing primes is in the 'class P' and this constitutes one of the most striking problems now known in this class.
This book of 'directions' focuses on cyber security research, education and training in India, and work in this domain within the Indian Institute of Technology Kanpur. IIT Kanpur's Computer Science and Engineering Department established an 'Interdisciplinary Center for Cyber Security and Cyber Defense of Critical Infrastructures (C3I Center)' in 2016 with funding from the Science and Engineering Research Board (SERB), and other funding agencies. The work at the center focuses on smart grid security, manufacturing and other industrial control system security; network, web and data security; cryptography, and penetration techniques. The founders are involved with various Indian government agencies including the Reserve Bank of India, National Critical Information Infrastructure Protection Center, UIDAI, CCTNS under home ministry, Ministry of IT and Electronics, and Department of Science & Technology. The center also testifies to the parliamentary standing committee on cyber security, and has been working with the National Cyber Security Coordinator's office in India. Providing glimpses of the work done at IIT Kanpur, and including perspectives from other Indian institutes where work on cyber security is starting to take shape, the book is a valuable resource for researchers and professionals, as well as educationists and policymakers.
Series Editor’s Preface 6
Contents 7
Editors and Contributors 8
1 Building India's First Cyber-Security Test-Bed for CI 10
1.1 Introduction 10
1.1.1 Contribution of This Article 11
1.2 C3i Center, IIT Kanpur 11
1.2.1 Objective 13
1.3 Existing Setup: Experimental Setup 14
1.3.1 Level-0: Field Devices 14
1.3.2 Level-1: Protection and Control System 14
1.3.3 Level-1.5: Industrial Communication 15
1.3.4 Level-2: Visualization and Control 15
1.3.5 Level-3: Management 18
1.4 Future Planning of Smart Infrastructure 19
1.4.1 Smart Power Grid 19
References 24
2 The State of Android Security 25
2.1 Introduction 25
2.2 The Security Architecture of Android 26
2.2.1 Application Sandbox 26
2.2.2 Permissions 26
2.3 Android Vulnerability and Advanced Threats 26
2.3.1 Architectural Vulnerability 26
2.3.2 Software Vulnerability 27
2.3.3 Hardware Vulnerability 27
2.3.4 Advanced Threats 27
2.4 Malware Analysis: Techniques and Its Limitation 27
2.4.1 Static Analysis 28
2.4.2 Dynamic Analysis 28
2.4.3 Hybrid Analysis 29
2.5 Conclusion 29
References 29
3 Blockchain and Its Application in Cybersecurity 31
3.1 Introduction 31
3.2 Evolution of Blockchain 32
3.2.1 Blockchain 1.0 32
3.2.2 Blockchain 2.0 33
3.2.3 Blockchain 3.0 33
3.3 Security of Blockchains 33
3.3.1 Confidentiality: Who Can See the Data 33
3.3.2 Integrity: The Accuracy and Consistency of Data over Its Entire Life Cycle 33
3.3.3 Availability: Liveness Guarantee 34
3.4 Applications 34
3.4.1 Secure Decentralized Currency 34
3.4.2 Smart Contracts 34
3.4.3 Document Verification in KSI 34
3.4.4 Insider Threats 35
3.4.5 Supply Chain Management 36
3.4.6 Patch Management, Backing Up, and Restoration: Enforcing Policy 36
3.4.7 Blockchain-Based Authentication 37
3.5 Blockchain in IoT 37
3.5.1 Use of Blockchain in the IoT Space 37
3.5.2 The Important Aspects of Blockchain-Based IoT Applications 37
3.6 Attacks on Blockchain-Based Systems 38
3.6.1 51% Attack 38
3.6.2 Mining Pool Attack 38
3.6.3 Eclipse Attack 39
3.6.4 Practical Attacks ch355 39
3.7 Conclusion 39
References 39
4 Malware Analysis Using Image Classification Techniques 41
4.1 Windows Malware Classification Using Image Representation 41
4.1.1 Data Collection and Labeling 42
4.1.2 Data Generation 42
4.1.3 Classification 42
4.1.4 Packed and Unknown Malware Classification 43
4.1.5 Results 43
4.2 Linux Malware Classification Using Image Representation 43
4.2.1 Data Collection and Labeling 43
4.2.2 Data Generation 44
4.2.3 Classification 44
4.2.4 Packed Malware Classification 44
4.2.5 Results 44
4.3 Conclusion and Future Work 45
References 46
5 A Review: Malware Analysis Work at IIT Kanpur 47
5.1 PeerClear: Peer-to-Peer BotNet Detection 47
5.1.1 P2P Host Detection 48
5.1.2 P2P BotNet Detection 49
5.1.3 Experimental Results 49
5.2 Malware Classification Using Early-Stage Behavioral Analysis 49
5.2.1 Dataset 49
5.2.2 Feature Extraction, Features Selection, and Classification 49
5.2.3 Experimental Results 50
5.3 Automated Malware Detection Using Memory Forensics 53
5.3.1 Memory Dump Generation and Selection 53
5.3.2 Feature Extraction, Selection, and Classification 53
5.3.3 Experimental Results 53
5.4 Conclusion 55
References 55
6 Honeypot Deployment Experience at IIT Kanpur 57
6.1 Introduction 57
6.2 Classification of Honeypots 58
6.2.1 Low/High-Interaction Honeypot 58
6.2.2 Server/Client Honeypot 59
6.2.3 Production/Research Honeypot 59
6.3 Deployed Honeypots 59
6.3.1 OpenCanary 59
6.3.2 Cowrie 60
6.3.3 Clientpot 61
6.3.4 HoneyFARM 64
6.3.5 HoneyWEB 66
6.3.6 HoneyFTP 66
6.3.7 Cloud-Based IoT Honeypot 67
6.4 Analysis of Attacks on Our Honeypots 68
6.4.1 Analysis of HoneySSH 68
6.4.2 Analysis of HoneySMB 69
6.4.3 Analysis of HoneyWEB 69
6.4.4 Analysis of HoneyFTP 69
6.4.5 IoT Honeypot Analysis 69
6.5 Conclusion 70
References 71
7 Cache Based Side-Channel Attacks 72
7.1 Introduction to Memory Systems and Side-Channel Attacks 72
7.2 Side-Channel Attacks and Information Leakage 73
7.2.1 Attacks of Interest 73
7.2.2 Side-Channel Attacks on Real-World Applications 73
7.2.3 What Is Needed for a Successful Attack? 74
7.2.4 A Case of Spectre and Meltdown Attacks 75
7.3 Countermeasures 75
7.4 Conclusion 75
References 76
8 Hardware Security in India: The Journey so Far 77
8.1 Introduction 77
8.2 Fault Analysis of Cryptosystems 79
8.2.1 Attacks and Countermeasures 79
8.2.2 Automated Detection of Fault Attacks 80
8.3 Hardware Design of Public-Key Cryptosystems 82
8.3.1 Fast and Efficient Implementation of GF(2n) ECC Scalar Multiplication on FPGA 83
8.3.2 Efficient Resource Utilization for ECC Scalar Multiplication in GF(p) 84
8.3.3 Lightweight Architecture for ECC Scalar Multiplication in GF(p) 85
8.4 PUFs: Design and Usage in IoT Security 85
8.4.1 Design of PUF-Based Protocols 88
8.5 Micro-architectural Attacks and Countermeasures 89
8.5.1 Cache Timing Attack on Clefia 89
8.5.2 Branch Misprediction Attack 92
8.5.3 Software-Driven Fault Attack Using Row-Hammer 93
8.5.4 Detection of These Attacks 94
8.6 Hardware Security to Accelerate Cloud Cryptosystems 95
8.7 Conclusions 101
References 101
9 The World of Bug Bounties—the Indian Scenario 103
9.1 Introduction 103
9.2 What Is a Bug Bounty Program? 103
9.2.1 Foreign Companies and Bug Bounties 104
9.2.2 Indian Private Sector and Bug Bounties 105
9.3 Foreign Government 105
9.4 Indian Government 106
9.4.1 Case Study 1 106
9.4.2 Case Study 2 107
9.5 Conclusion 107
References 108
10 Post-quantum Cryptography: An Introduction 109
10.1 Introduction 109
10.2 Directions for Post-quantum Cryptography 110
10.3 Lattice-Based Cryptography 111
10.3.1 Classic Computational Lattice Problems 111
10.3.2 Modern Computational Lattice Problems 111
10.4 Cryptographic Constructions 113
10.4.1 Public-Key Encryption 113
10.5 Conclusions 113
References 114
| Erscheint lt. Verlag | 17.3.2020 |
|---|---|
| Reihe/Serie | IITK Directions | IITK Directions |
| Zusatzinfo | X, 108 p. 81 illus., 54 illus. in color. |
| Sprache | englisch |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| Informatik ► Theorie / Studium ► Algorithmen | |
| Sozialwissenschaften ► Pädagogik ► Berufspädagogik | |
| Sozialwissenschaften ► Pädagogik ► Erwachsenenbildung | |
| Sozialwissenschaften ► Soziologie ► Spezielle Soziologien | |
| Technik ► Nachrichtentechnik | |
| Schlagworte | application security • critical infrastructures • Cryptography and Crypto Engineering • cyber security • hardware security • Network Security • SCADA systems • Security of Mobile Systems • Side Channel Attacks and Mitigation • web security |
| ISBN-10 | 981-15-1675-8 / 9811516758 |
| ISBN-13 | 978-981-15-1675-7 / 9789811516757 |
| Haben Sie eine Frage zum Produkt? |
PDF (Wasserzeichen)Größe: 8,5 MB
DRM: Digitales Wasserzeichen
Dieses eBook enthält ein digitales Wasserzeichen und ist damit für Sie personalisiert. Bei einer missbräuchlichen Weitergabe des eBooks an Dritte ist eine Rückverfolgung an die Quelle möglich.
Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür einen PDF-Viewer - z.B. den Adobe Reader oder Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür einen PDF-Viewer - z.B. die kostenlose Adobe Digital Editions-App.
Zusätzliches Feature: Online Lesen
Dieses eBook können Sie zusätzlich zum Download auch online im Webbrowser lesen.
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich
