دسترسی نامحدود
برای کاربرانی که ثبت نام کرده اند
برای ارتباط با ما می توانید از طریق شماره موبایل زیر از طریق تماس و پیامک با ما در ارتباط باشید
در صورت عدم پاسخ گویی از طریق پیامک با پشتیبان در ارتباط باشید
برای کاربرانی که ثبت نام کرده اند
درصورت عدم همخوانی توضیحات با کتاب
از ساعت 7 صبح تا 10 شب
ویرایش: [1.0 ed.] نویسندگان: Awais Rashid, Howard Chivers, George Danezis, Emil Lupu, Andrew Martin سری: ناشر: National Cyber Security Centre سال نشر: 2019 تعداد صفحات: 854 زبان: English فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود) حجم فایل: 19 Mb
در صورت تبدیل فایل کتاب CyBok: The Cyber Security Body of Knowledge به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.
توجه داشته باشید کتاب CyBok: مجموعه دانش امنیت سایبری نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.
این مجموعه جامعی از دانش برای اطلاع رسانی و پشتیبانی از آموزش و آموزش حرفه ای برای بخش امنیت سایبری است که اوج تلاش های بین المللی امنیت سایبری در 3 سال گذشته است. تحت حمایت مالی NCSP، تیمی از دانشگاههای بریتانیا - به رهبری پروفسور آویس رشید از دانشگاه بریستول - با جامعه امنیت سایبری بینالمللی برای ایجاد راهنمای بدنه دانش امنیت سایبری (CyBOK) کار کردهاند. CyBOK یک منبع برجسته و منحصر به فرد است که برای اولین بار توصیف و توصیف وسعت و عمق امنیت سایبری را ارائه می دهد که از عوامل انسانی گرفته تا امنیت سخت افزاری را شامل می شود. NCSC اکنون از CyBOK به عنوان مبنایی برای توصیف محتوای دوره برنامه مدرک گواهی شده امنیت سایبری در مقطع کارشناسی و کارشناسی ارشد و همچنین برای آموزش گواهی شده استفاده خواهد کرد. ما همچنین دیگران را تشویق میکنیم که از CyBOK برای کمک به طراحی مطالب دوره امنیت سایبری در آموزش، آموزش و حرفهایسازی استفاده کنند.
This is a comprehensive Body of Knowledge to inform and underpin education and professional training for the cyber security sector, a culmination of international cyber security effort over the last 3 years. Under NCSP funding, a team from UK academia – led by Professor Awais Rashid of Bristol University – has been working with the international cyber security community to develop a guide to the cyber security body of knowledge (CyBOK). CyBOK is a major landmark and unique resource, providing for the first time a description and characterisation of the breadth and depth of cyber security which ranges from human factors through to hardware security. The NCSC will now be using CyBOK as the basis for describing the course content of the certified undergraduate and postgraduate cyber security degrees programme as well as that for certified training. We will also be encouraging others to use CyBOK to help in the design of cyber security course materials in education, training and professionalisation.
1 Introduction......Page 27
1.1 Cyber Security Definition......Page 28
1.2 CyBOK Knowledge Areas......Page 29
1.3.2 Failures and Incidents......Page 32
1.3.3 Risk......Page 33
1.4.1 Saltzer and Schroeder Principles......Page 35
1.4.2 NIST Principles......Page 37
1.5 Crosscutting Themes......Page 38
1.5.2 Verification and Formal Methods......Page 39
1.5.3 Security Architecture and Lifecycle......Page 41
I Human, Organisational & Regulatory Aspects......Page 42
2 Risk Management and Governance......Page 45
2.2 What is risk?......Page 46
2.3 Why is risk assessment and management important?......Page 47
2.4 What is cyber risk assessment and management?......Page 50
2.5.1 What is risk governance and why is it essential?......Page 51
2.5.2 The human factor and risk communication......Page 52
2.5.3 Security culture and awareness......Page 53
2.5.4 Enacting Security Policy......Page 54
2.6.1 Component vs. Systems Perspectives......Page 56
2.6.2 Elements of Risk......Page 57
2.6.3 Risk assessment and management methods......Page 58
2.6.4 Risk assessment and management in cyber-physical systems and operational technology......Page 66
2.6.5 Security Metrics......Page 67
2.7 Business continuity: incident response and recovery planning......Page 69
2.8 Conclusion......Page 71
Introduction......Page 75
3.1.1 The nature of law and legal analysis......Page 78
3.1.3 Distinguishing criminal and civil law......Page 80
3.1.3.2 Civil (non-criminal) law......Page 81
3.1.5 A more holistic approach to legal risk analysis......Page 82
3.2.1 Territorial jurisdiction......Page 85
3.2.2.1 Prescriptive jurisdiction over online content......Page 86
3.2.2.3 Prescriptive jurisdiction and data protection (GDPR)......Page 87
3.2.3.2 Seizure and forfeiture of servers, domain names, and registries......Page 88
3.2.3.4 Foreign recognition and enforcement of civil judgments......Page 89
3.2.3.7 Technological content filtering......Page 90
3.2.3.8 Orders to in-state persons directing production of data under their control whether held on domestic or foreign IT systems......Page 91
3.2.3.9 International legal assistance......Page 92
3.2.4 The problem of data sovereignty......Page 93
3.3.1 International norms: foundations from international human rights law......Page 94
3.3.2 Interception by a state......Page 95
3.3.3 Interception by persons other than states......Page 97
3.4 Data protection......Page 98
3.4.1.1 Data subject, personal data (and PII)......Page 99
3.4.1.3 Controller and processor......Page 100
3.4.2 Core regulatory principles......Page 101
3.4.5 Assessment and design of processing systems......Page 102
3.4.6.2 Transfers subject to safeguards......Page 103
3.4.7 Personal data breach notification......Page 104
3.4.8 Enforcement and penalties......Page 105
3.5.1 Crimes against information systems......Page 107
3.5.1.4 Improper interception of communication......Page 108
3.5.3 The enforcement of and penalties for crimes against information systems......Page 109
3.5.5 Research and development activities conducted by non-state persons......Page 110
3.5.6.1 Undisclosed software locks......Page 111
3.6 Contract......Page 112
3.6.1 Online contracts: time of contract and receipt of contractual communication......Page 113
3.6.2.2 Closed trading and payment systems......Page 114
3.6.3 Warranties and their exclusion......Page 115
3.6.4 Limitations of liability and exclusions of liability......Page 116
3.6.6 Effect of contract on non-contracting parties......Page 117
3.6.7 Conflict of law – contracts......Page 118
3.7.1 Negligence......Page 119
3.7.1.2 Breach of duty: measuring reasonableness......Page 120
3.7.2 Strict liability for defective products......Page 123
3.7.3 Limiting the scope of liability: legal causation......Page 124
3.7.4 Quantum of liability......Page 125
3.7.5 Attributing, apportioning and reducing tort liability......Page 126
3.7.5.3 Affirmative defences......Page 127
3.7.6 Conflict of law – torts......Page 128
3.8.2 Catalogue of intellectual property rights......Page 129
3.8.2.2 Patents......Page 130
3.8.2.4 Trade secrets......Page 132
3.8.3.2 Civil liability......Page 133
3.8.4 Reverse engineering......Page 134
3.8.5 International treatment and conflict of law......Page 135
3.9 Internet intermediaries - shields from liability and take-down procedures......Page 136
3.10.2 Requirements of form and the threat of unenforceability......Page 137
3.10.3 Electronic signatures and identity trust services......Page 139
3.11 Other regulatory matters......Page 141
3.11.2 Encouraging increased cyber security for products and services......Page 142
3.11.4 Matters classified as secret by a state......Page 143
3.12.1 Attributing action to a state under international law......Page 144
3.12.2 State cyber operations in general......Page 145
3.12.4 Cross-border criminal investigation......Page 146
3.12.5 The law of armed conflict......Page 147
3.13.1 Obligations owed to a client......Page 148
3.13.2 Codes of conduct......Page 149
3.13.3.1 Testing for vulnerabilities......Page 150
3.13.3.2 Disclosure of vulnerabilities......Page 151
Cross-Reference of Topics VS Reference Material......Page 152
4 Human Factors......Page 171
4.1 Introduction: Understanding human behaviour in security......Page 172
4.2 Usable security – the basics......Page 174
4.2.1.1 General human capabilities and limitations......Page 175
4.2.1.2 Goals and tasks......Page 178
4.2.1.3 Interaction Context......Page 181
4.3 Human Error......Page 183
4.4 Cyber security awareness and education......Page 187
4.4.1 New approaches to support security awareness and behaviour change......Page 188
4.4.2 Mental models of cyber risks and defences......Page 190
4.6 Stakeholder Engagement......Page 191
4.6.1 Employees......Page 192
4.6.2 Software developers and usable security......Page 193
4.7 Conclusion......Page 194
5 Privacy & Online Rights......Page 197
5.1.1.1 Cryptography-based access control......Page 200
5.1.1.2 Obfuscation-based inference control......Page 204
5.1.2 Metadata Confidentiality......Page 209
5.2.1 Support for privacy settings configuration......Page 213
5.2.2 Support for privacy policy negotiation......Page 214
5.3.1 Feedback-based transparency......Page 215
5.4 Privacy Technologies and Democratic Values......Page 216
5.4.1 Privacy technologies as support for democratic political systems......Page 217
5.4.2 Censorship resistance and freedom of speech......Page 219
5.5 Privacy Engineering......Page 221
5.6 Conclusions......Page 223
II Attacks & Defences......Page 224
6 Malware & Attack Technologies......Page 227
6.1 A taxonomy of Malware......Page 228
6.2 Malicious Activities by Malware......Page 231
6.2.1 The Underground Eco-System......Page 232
6.3 Malware Analysis......Page 233
6.3.1.2 Dynamic analysis......Page 234
6.3.1.5 Concolic Execution......Page 235
6.3.2 Analysis Environments......Page 236
6.3.3 Anti-Analysis and Evasion Techniques......Page 237
6.3.3.1 Evading the Analysis Methods......Page 238
6.4 Malware Detection......Page 239
6.4.1.1 Finding Malware in a Haystack......Page 240
6.4.2.1 Host-based and Network-Based Monitoring......Page 241
6.4.2.2 Machine Learning-Based Security Analytics......Page 242
6.4.2.3 Evasion, Countermeasures, and Limitations......Page 243
6.5.1.1 Evasion and Countermeasures......Page 245
6.5.2 Attribution......Page 246
6.5.2.1 Evasion and Countermeasures......Page 247
7 Adversarial Behaviour......Page 249
7.1 A Characterisation of Adversaries......Page 250
7.2 The Elements of a Malicious Operation......Page 261
7.3 Models to Understand Malicious Operations......Page 268
8 Security Operations & Incident Management......Page 277
8.1.1 Workflows and vocabulary......Page 279
8.1.2 Architectural principles......Page 280
8.2 Monitor: data sources......Page 282
8.2.1 Network traffic......Page 283
8.2.2 Network aggregates: Netflow......Page 284
8.2.3.1 Naming......Page 285
8.2.4.1 Web server logs......Page 286
8.2.5 System and kernel logs......Page 287
8.2.6 Syslog......Page 288
8.3.1 Misuse detection......Page 289
8.3.2.1 Models......Page 291
8.3.2.2 Specification versus learning......Page 292
8.3.4 Machine learning......Page 293
8.3.5 Testing and validating Intrusion Detection Systems......Page 294
8.4 Plan: Security Information and Event Management......Page 296
8.4.1 Data collection......Page 297
8.4.2 Alert correlation......Page 299
8.4.3 Security operations and benchmarking......Page 300
8.5.1 Intrusion Prevention Systems......Page 301
8.5.2 Denial-of-service......Page 302
8.5.4 SOAR: Impact and risk assessment......Page 303
8.5.5 Site reliability engineering......Page 304
8.6.1 Cybersecurity knowledge managment......Page 305
8.6.2 Honeypots and honeynets......Page 306
8.6.3 Cyber-threat intelligence......Page 307
8.7 Human factors: Incident management......Page 308
8.7.1 Prepare: Incident management planning......Page 309
8.7.3 Follow-up: post-incident activities......Page 311
8.8 Conclusion......Page 312
9 Forensics......Page 315
9.1 Definitions and Conceptual Models......Page 316
9.1.1 Legal Concerns and the Daubert Standard......Page 317
9.1.2 Definitions......Page 318
9.1.3.1 Cognitive Task Model......Page 320
9.1.3.2 Bottom-Up Processes......Page 322
9.1.3.4 The Foraging Loop......Page 323
9.1.3.6 Data Extraction vs. Analysis vs. Legal Interpretation......Page 324
9.1.3.7 Forensic Process......Page 325
9.2 Operating System Analysis......Page 326
9.2.1.1 Data Abstraction Layers......Page 327
9.2.2 Data Acquisition......Page 328
9.2.3 Filesystem Analysis......Page 330
9.2.5 Data Recovery & File Content Carving......Page 331
9.3 Main Memory Forensics......Page 334
9.4.1 Case Study: the Web Browser......Page 335
9.5.1 Cloud Basics......Page 336
9.5.2 Forensic Challenges......Page 337
9.5.3 SaaS Forensics......Page 338
9.6.1 Finding a Known Data Object: Cryptographic Hashing......Page 340
9.6.3 Approximate Matching......Page 341
9.7 Conclusion......Page 343
III Systems Security......Page 344
10 Cryptography......Page 347
10.2 Cryptographic Security Models......Page 349
10.2.1 Syntax of Basic Schemes......Page 350
10.2.2 Basic Security Definitions......Page 351
10.2.3 Hard Problems......Page 353
10.2.5 Simulation and UC Security......Page 354
10.3.2 Secret Sharing......Page 355
10.4.1 Block Ciphers......Page 356
10.4.2 Stream Ciphers......Page 357
10.4.3.2 Sponge Constructions......Page 358
10.5 Symmetric Encryption and Authentication......Page 359
10.5.1 Modes of Operation......Page 360
10.5.3 Key Derivation and Extendable Output Functions......Page 362
10.6.1 KEM-DEM Philosophy......Page 363
10.6.2 Constructions based on RSA......Page 364
10.6.4 Lattice-based Constructions......Page 365
10.7 Public Key Signatures......Page 366
10.7.2 DSA, EC-DSA and Schnorr Signatures......Page 367
10.8 Standard Protocols......Page 368
10.8.1.3 Zero-Knowledge-Based......Page 369
10.8.2 Key Agreement Protocols......Page 370
10.8.2.2 Diffie–Hellman Key Agreement......Page 371
10.9.1 Oblivious Transfer......Page 372
10.9.2 Private Information Retrieval and ORAM......Page 373
10.9.3 Zero-Knowledge......Page 374
10.9.4 Secure Multi-Party Computation......Page 375
10.10 Public Key Encryption/Signatures With Special Properties......Page 376
10.10.3 Blind Signatures......Page 377
10.10.6 Fully Homomorphic Encryption......Page 378
10.11 Implementation Aspects......Page 379
11 Operating Systems and Virtualisation......Page 383
11.1 Attacker model......Page 385
11.2 The role of operating systems and their design in security......Page 389
11.3.1 Security principles in operating systems......Page 392
11.3.2 Security models in operating systems......Page 394
11.4 Primitives for Isolation and Mediation......Page 395
11.4.2 Access control lists......Page 396
11.4.3 Capabilities......Page 398
11.4.5 Memory protection and address spaces......Page 400
11.4.6 Modern hardware extensions for memory protection......Page 403
11.4.7 Protection rings......Page 405
11.4.9 Low-end devices and the IoT......Page 407
11.5.1 Information hiding......Page 408
11.5.2 Control-flow restrictions......Page 409
11.5.3 Partitioning.......Page 410
11.5.4 Code and data integrity checks......Page 412
11.6 Operating Systems, Hypervisors—what about related areas?......Page 414
11.7 Embracing Security......Page 415
12 Distributed Systems Security......Page 419
12.1.1 Classes of Distributed Systems......Page 421
12.1.2.1 Access/Admission Control & ID Management......Page 422
12.1.2.3 Resource Management and Coordination Services......Page 423
12.2 Distributed Systems: Decentralised P2P Models......Page 424
12.2.1 Unstructured P2P Protocols......Page 425
12.2.2 Structured P2P Protocols......Page 426
12.3 Distributed Systems: Attacking P2P Systems......Page 427
12.3.1 Attack Types......Page 428
12.3.1.1 Summary......Page 430
12.3.2 Attacks and their Mitigation......Page 431
12.4 Distributed Systems: Coordinated Resource Clustering......Page 432
12.4.3 Coordination Properties......Page 434
12.4.4 Replication Management and Coordination Schema: The Basis Behind Attack Mitigation......Page 436
12.5 Distributed Systems: Coordination Classes and Attackability......Page 439
12.5.1 The Resource Coordination Class – Infrastructure View......Page 441
12.5.2 The Services Coordination Class – Applications View......Page 444
13 Authentication, Authorisation & Accountability (AAA)......Page 451
13.2 Content......Page 452
13.3.1.1 Core Concepts......Page 453
13.3.1.2 Security Policies......Page 454
13.3.1.3 Role-based Access Control......Page 455
13.3.1.6 Mobile Security......Page 456
13.3.1.8 Usage Control......Page 457
13.3.2.2 Reference Monitor......Page 458
13.3.3 Theory......Page 459
13.3.3.3 Access Control Logics......Page 460
13.4.2 Origin-based Policies......Page 461
13.4.2.2 Cross-origin Resource Sharing......Page 462
13.4.4.1 Attribute-Based Encryption......Page 463
13.5 Authentication......Page 464
13.5.2 User Authentication......Page 465
13.5.2.2 Biometrics for Authentication......Page 466
13.5.2.3 Authentication Tokens......Page 467
13.5.2.4 Behavioural Authentication......Page 468
13.5.3 Authentication in Distributed Systems......Page 469
13.5.3.3 SAML......Page 470
13.5.3.4 OAuth 2 – OpenID Connect......Page 472
13.5.4.1 Patterns for Entity Authentication......Page 473
13.5.4.3 Authentication as Verified Association......Page 474
13.6.1 Technical Aspects......Page 475
13.6.1.4 Assessing the Evidence......Page 476
13.6.3 Distributed Logs......Page 477
13.6.4 Related Concepts......Page 478
IV Software Platform Security......Page 480
14 Software Security......Page 483
14.1 Categories of Vulnerabilities......Page 485
14.1.1 Memory Management Vulnerabilities......Page 486
14.1.2 Structured Output Generation Vulnerabilities......Page 487
14.1.3 Race Condition Vulnerabilities......Page 488
14.1.4 API Vulnerabilities......Page 489
14.1.5 Side-channel Vulnerabilities......Page 490
14.1.6.1 Better connection with overall security objectives needs more complex specifications......Page 491
14.2 Prevention of Vulnerabilities......Page 492
14.2.1.1 Memory management vulnerabilities......Page 493
14.2.1.2 Structured output generation vulnerabilities......Page 494
14.2.2 API Design......Page 495
14.2.3 Coding Practices......Page 497
14.3 Detection of Vulnerabilities......Page 498
14.3.1.2 Sound static verification......Page 499
14.3.2 Dynamic Detection......Page 500
14.3.2.2 Generating relevant executions......Page 501
14.4.1 Runtime Detection of Attacks......Page 502
14.4.3 Limiting Privileges......Page 503
14.4.4 Software Integrity Checking......Page 504
15 Web & Mobile Security......Page 509
15.1 Introduction......Page 510
15.2.1 Appification......Page 512
15.2.2.1 Uniform Resource Locators......Page 513
15.2.2.2 Hypertext Transfer Protocol......Page 514
15.2.2.4 Cascading Style Sheets......Page 515
15.2.2.7 WebViews......Page 516
15.2.3 Application Stores......Page 517
15.2.4.2 Content Isolation......Page 518
15.2.5.1 The Security Principals......Page 519
15.2.5.4 Different Permission Approaches......Page 520
15.2.6 Web PKI and HTTPS......Page 521
15.2.7 Authentication......Page 523
15.2.7.1 HTTP Authentication......Page 524
15.2.8 Cookies......Page 525
15.2.9.1 Password Policies......Page 526
15.2.9.5 WebAuthn......Page 527
15.2.10 Frequent Software Updates......Page 528
15.3.1.1 Phishing......Page 529
15.3.1.2 Clickjacking......Page 530
15.3.2.1 Client Side Storage in the Browser......Page 531
15.3.3 Physical Attacks......Page 532
15.4.1 Injection Vulnerabilities......Page 533
15.4.1.1 SQL-Injection......Page 534
15.4.1.3 User Uploaded Files......Page 535
15.4.1.5 Cross-Site Scripting (XSS)......Page 536
15.4.2 Server Side Misconfigurations & Vulnerable Components......Page 537
15.4.2.2 Load Balancers......Page 538
15.5 Conclusion......Page 539
16 Secure Software Lifecycle......Page 543
16.1 Motivation......Page 544
16.2.1.1 Microsoft Security Development Lifecycle (SDL)......Page 546
16.2.1.2 Touchpoints......Page 551
16.2.1.3 SAFECode......Page 554
16.2.2 Comparing the Secure Software Lifecycle Models......Page 557
16.3 Adaptations of the Secure Software Lifecycle......Page 558
16.3.1 Agile Software Development and DevOps......Page 559
16.3.2 Mobile......Page 560
16.3.3 Cloud Computing......Page 562
16.3.4 Internet of Things (IoT)......Page 564
16.3.5 Road Vehicles......Page 565
16.4 Assessing the Secure Software Lifecycle......Page 567
16.4.1 SAMM......Page 568
16.4.2 BSIMM......Page 569
16.4.3 The Common Criteria......Page 570
16.5 Adopting a Secure Software Lifecycle......Page 571
V Infrastructure Security......Page 576
17 Network Security......Page 579
17.2 Network Protocols and Vulnerability......Page 580
17.3.1 Public Key Infrastructure......Page 582
17.3.2 DNS Security Extensions......Page 583
17.4 Transport-Layer Security......Page 584
17.4.1 Handshake......Page 585
17.4.3 Data-Transfer......Page 586
17.5 Network Layer Security......Page 588
17.5.3 Routing Protocol Security......Page 591
17.5.3.1 Border Gateway Protocol (BGP) Security......Page 592
17.6.1.1 Extensible Authentication Protocol (EAP)......Page 593
17.6.2 Attack On Ethernet Switch......Page 595
17.7 Wireless LAN Security......Page 596
17.8 Network Defence Tools......Page 598
17.8.2 Application Gateway (AG)......Page 599
17.8.3 Circuit-level Gateway (CG)......Page 600
17.8.4 Intrusion Detection Systems (IDS)......Page 601
17.8.5 An Intrusion Prevention System (IPS)......Page 602
17.9.1 Software Defined Network, Virtualisation......Page 603
17.9.2 Internet of Things (IoT) Security......Page 604
18 Hardware Security......Page 607
18.1.1 Short background on the hardware design process......Page 608
18.1.2 Root of trust......Page 609
18.1.3 Threat model......Page 610
18.1.4 Root of trust, threat model and hardware design abstraction layers......Page 611
18.2 Measuring hardware security......Page 612
18.2.2 Common criteria and EMVCo......Page 613
18.3 Secure Platforms......Page 614
18.3.2 Secure Element and Smartcard......Page 615
18.4 Hardware support for software security at architecture level......Page 616
18.4.1 Trusted Execution Environment (TEE)......Page 618
18.4.4 Protected Module Architectures and HWSW co-design solutions......Page 619
18.4.5 Light-weight and individual solutions......Page 620
18.5.1 Design process from RTL to ASIC or FPGA......Page 621
18.5.2 Cryptographic algorithms at RTL level......Page 622
18.6.1 Attacks......Page 623
18.6.2 Countermeasures......Page 625
18.7.1 Random number generation......Page 627
18.7.2 Physically Unclonable Functions......Page 628
18.8.3 Circuit level techniques......Page 630
18.9 Conclusion......Page 631
19 Cyber-Physical Systems Security......Page 633
19.1 Cyber-Physical Systems and their Security Risks......Page 634
19.1.1 Characteristics of CPS......Page 636
19.1.2 Protections Against Natural Events and Accidents......Page 637
19.1.3.1 Attacks Against CPSs......Page 640
19.1.3.2 High-Profile, Real-World Attacks Against CPSs......Page 642
19.2.1 Preventing Attacks......Page 644
19.2.2 Detecting Attacks......Page 646
19.2.3 Mitigating Attacks......Page 648
19.3 CPS Domains......Page 650
19.3.1 Industrial Control Systems......Page 651
19.3.2 Electric Power Grids......Page 653
19.3.2.1 Smart Grids......Page 654
19.3.3.1 Ground, Air, and Sea Vehicles......Page 656
19.3.4 Robotics and Advanced Manufacturing......Page 657
19.3.5 Medical Devices......Page 658
19.3.6 The Internet of Things......Page 659
19.4.1 Incentives and Regulation......Page 660
19.4.2 Cyber-Conflict......Page 661
19.4.3 Industry Practices and Standards......Page 663
20 Physical Layer Security and Telecommunications......Page 667
20.1.1 Key Establishment based on Channel Reciprocity......Page 669
20.1.3 Secrecy Capacity......Page 670
20.1.4 Friendly Jamming......Page 671
20.1.6 Low Probability of Intercept and Covert Communication......Page 672
20.2.1 Coordinated Spread Spectrum Techniques......Page 673
20.2.2 Uncoordinated Spread Spectrum Techniques......Page 674
20.3 Physical-Layer Identification......Page 675
20.3.2 Identification Signals......Page 676
20.3.3 Device Fingerprints......Page 677
20.4 Distance Bounding and Secure Positioning......Page 678
20.4.2 Distance Measurement Techniques......Page 679
20.4.3 Physical Layer Attacks on Secure Distance Measurement......Page 680
20.4.4 Secure Positioning......Page 682
20.5.1 Compromising Emanations......Page 684
20.5.2 Sensor Compromise......Page 685
20.6.1 Near-field communication (NFC)......Page 686
20.6.2 Air Traffic Communication Networks......Page 687
20.6.3 Cellular Networks......Page 688
20.6.4 GNSS Security and Spoofing Attacks......Page 690
VI Appendix......Page 697
Bibliography......Page 699
Acronyms......Page 823
Glossary......Page 843