Bücher der Reihe Advances in Information Security

This book addresses automated software fingerprinting in binary code, especially for cybersecurity applications.

This book explores new and novel applications of machine learning, deep learning, and artificial intelligence that are related to major challenges in the field of cybersecurity. The provided research goes beyond simply applying AI techniques to datasets and instead delves into deeper issues that arise at the interface between deep learning and cybersecurity.This book also provides insight into the difficult "e;how"e; and "e;why"e; questions that arise in AI within the security domain. For example, this book includes chapters covering "e;explainable AI"e;, "e;adversarial learning"e;, "e;resilient AI"e;, and a wide variety of related topics. It's not limited to any specific cybersecurity subtopics and the chapters touch upon a wide range of cybersecurity domains, ranging from malware to biometrics and more.Researchers and advanced level students working and studying in the fields of cybersecurity (equivalently, information security) or artificial intelligence (including deep learning, machine learning, big data, and related fields) will want to purchase this book as a reference. Practitioners working within these fields will also be interested in purchasing this book.

This contributed volume tells the story of the establishment of a cybersecurity awareness framework for organizations, and how it was piloted in two public sector municipal contexts. It presents a clear picture of cybersecurity issues in municipalities and proposes a socio-technical solution for creating cybersecurity awareness, how to build the solution and what the impact is on the municipal contexts. The 9 chapters for this book also provide information regarding the design, the deployment and the evaluation of the technology.This book builds on the success of the European Horizon 2020 research and innovation project CS-AWARE. The research proposes the first cybersecurity situational awareness solution for local public administrations  based on an analysis of the context, provides automatic incident detection and visualization, and enables information exchange with relevant national and EU level authorities involved in legislation and network security.Cybersecurity is one of the most challenging security problems for commercial companies, NGOs, governmental institutions as well as individuals. Reaching beyond the technology focused boundaries of classical information technology (IT) security, cybersecurity includes organizational and behavioral aspects of IT systems and that needs to comply to legal and regulatory framework for cybersecurity. While large corporations might have the resources to follow those developments and bring their IT infrastructure and services in line with the requirements, the burden for smaller organizations like local public administrations will be substantial and the required resources might not be available. New and innovative solutions that would help local public administration to ease the burden of being in line with cybersecurity requirements are needed.This book targets researchers working in cybersecurity, computer scientists, social scientists and advanced level students studying computer science and other related disciplines. Cybersecurity professionals as well as professionals working in local government contexts, including policy makers, communication experts and system administrators will also benefit from this book. 

This book introduces recent research results for cyber deception, a promising field for proactive cyber defense. The beauty and challenge of cyber deception is that it is an interdisciplinary research field requiring study from techniques and strategies to human aspects. This book covers a wide variety of cyber deception research, including game theory, artificial intelligence, cognitive science, and deception-related technology. Specifically, this book addresses three core elements regarding cyber deception: Understanding human¿s cognitive behaviors in decoyed network scenarios Developing effective deceptive strategies based on human¿s behaviorsDesigning deceptive techniques that supports the enforcement of deceptive strategiesThe research introduced in this book identifies the scientific challenges, highlights the complexity and inspires the future research of cyber deception.Researchers working in cybersecurity and advanced-level computer science students focused on cybersecurity will find this book useful as a reference. This book also targets professionals working in cybersecurity.Chapter 'Using Amnesia to Detect Credential Database Breaches' and Chapter 'Deceiving ML-Based Friend-or-Foe Identification for Executables' are available open access under a Creative Commons Attribution 4.0 International License via link.springer.com.

In today¿s digital transformation environments, a rigorous cybersecurity approach to effective risk management ¿ including contingency planning, outlining immediate actions, preparing post-breach responses ¿ is central to defending organizations¿ interconnected computer systems, networks, and infrastructure resources from malicious cyber-attacks.Specifically, cybersecurity technologies, processes, and practices need to be generalized and applied to intrusion detection and prevention measures. This entails analyzing profiles of cyber-attackers and building cyber-attack models for behavior simulation that can effectively counter such attacks. This comprehensive volume aims to cover all essential aspects of cybersecurity in digital transformation and to provide a framework for considering the many objectives and requirements involved. In addition to introducing theoretical foundations, the work also offers practical techniques for defending against malicious cybercriminals.Topics and features:Explores cybersecurity¿s impact on the dynamics of interconnected, complex cyber- and physical systems, infrastructure resources, and networksProvides numerous examples of applications and best practicesConsiders methods that organizations can use to assess their cybersecurity awareness and/or strategyDescribes anomaly intrusion detection, a key tool in thwarting both malware and theft (whether by insiders or external parties) of corporate dataAddresses cyber-attacker profiles, cyber-attack models and simulation, cybersecurity ontology, access-control mechanisms, and policies for handling ransomware attacksDiscusses the NIST Cybersecurity Framework, MITRE Adversarial Tactics, Techniques and Common Knowledge, CIS Critical Security Controls, and the ISA/IEC 62442 Cybersecurity StandardGathering all the relevant information, this practical guide is eminently suitable as a self-study resource for engineers, scientists, computer scientists, and chief information officers. Further, with its many examples of best practices, it can serve as an excellent text for graduate-level courses and research into cybersecurity.Dietmar P. F. Möller, a retired full professor, is affiliated with the Institute for Mathematics at Clausthal University of Technology, Germany. He was an author of several other Springer titles, including Guide to Automotive Connectivity and Cybersecurity.

This book offers the latest research results on blockchain technology and its application for cybersecurity in cyber-physical systems (CPS). It presents crucial issues in this field and provides a sample of recent advances and insights into the research progress. Practical use of blockchain technology is addressed as well as cybersecurity and cyber threat challenges and issues. This book also offers readers an excellent foundation on the fundamental concepts and principles of blockchain based cybersecurity for cyber-physical systems. It guides the reader through the core ideas with expert ease.Blockchain technology has infiltrated all areas of our lives, from manufacturing to healthcare and beyond. Cybersecurity is an industry that has been significantly affected by this technology, and maybe more so in the future. This book covers various case studies and applications of blockchain in various cyber-physical fields, such as smart cities, IoT, healthcare, manufacturing, onlinefraud, etc.This book is one of the first reference books covering the application of blockchain technology for cybersecurity in cyber-physical systems (CPS). Researchers working in the cybersecurity field and advanced-level students studying this field will find this book useful as a reference. Decision-makers, managers and professionals also working in this field will want to purchase this book.

This book offers a structured overview and a comprehensive guide to the emerging field of Autonomous Intelligent Cyber Defense Agents (AICA). The book discusses the current technical issues in autonomous cyber defense and offers information on practical design approaches. The material is presented in a way that is accessible to non-specialists, with tutorial information provided in the initial chapters and as needed throughout the book. The reader is provided with clear and comprehensive background and reference material for each aspect of AICA.Today¿s cyber defense tools are mostly watchers. They are not active doers. They do little to plan and execute responses to attacks, and they don¿t plan and execute recovery activities. Response and recovery ¿ core elements of cyber resilience ¿ are left to human cyber analysts, incident responders and system administrators. This is about to change. The authors advocate this vision, provide detailed guide to how such a visioncan be realized in practice, and its current state of the art.This book also covers key topics relevant to the field, including functional requirements and alternative architectures of AICA, how it perceives and understands threats and the overall situation, how it plans and executes response and recovery, how it survives threats, and how human operators deploy and control AICA. Additionally, this book covers issues of testing, risk, and policy pertinent to AICA, and provides a roadmap towards future R&D in this field.This book targets researchers and advanced students in the field of cyber defense and resilience. Professionals working in this field as well as developers of practical products for cyber autonomy will also want to purchase this book.

This book offers the latest research results in security and privacy for Intelligent Edge Computing Systems. It presents state-of-the art content and provides an in-depth overview of the basic background in this related field. Practical areas in both security and risk analysis are addressed as well as connections directly linked to Edge Computing paradigms. This book also offers an excellent foundation on the fundamental concepts and principles of security, privacy and risk analysis in Edge Computation infrastructures. It guides the reader through the core ideas with relevant ease.Edge Computing has burst onto the computational scene offering key technologies for allowing more flexibility at the edge of networks. As Edge Computing has evolved as well as the need for more in-depth solutions in security, privacy and risk analysis at the edge. This book includes various case studies and applications on Edge Computing. It includes the Internet of Things related areas, such as smart cities, blockchain, mobile networks, federated learning, cryptography and cybersecurity.This book is one of the first reference books covering security and risk analysis in Edge Computing Systems. Researchers and advanced-level students studying or working in Edge Computing and related security fields will find this book useful as a reference. Decision makers, managers and professionals working within these fields will want to purchase this book as well.