Information Security Handbook (Internet of Everything (IoE))

Cover
Half Title
Series Page
Title Page
Copyright Page
Contents
Preface
Editor Biographies
Contributors
1. SC-MCHMP: Score-Based Cluster Level Hybrid Multi-Channel MAC Protocol for Wireless Sensor Network
	1.1 Introduction
	1.2 Literature Survey
	1.3 Proposed Work
		1.3.1 Procedure of Routing Mechanism
			1.3.1.1 1-Hop Discovery
			1.3.1.2 Metric Calculation
			1.3.1.3 Link Score Calculation
			1.3.1.4 Source Selection
		1.3.2 CSMA/CA
		1.3.3 TDMA
		1.3.4 FDMA
	1.4 Results and Discussion
	1.5 Conclusion
	References
2. Software-Defined Networking (SDN) Security Concerns
	2.1 Introduction
	2.2 Potential Anomalies in SDN
		2.2.1 Unauthorized Access
		2.2.2 Malicious Application
		2.2.3 Network Manipulation
		2.2.4 Traffic Diversion
		2.2.5 Denial of Service (DoS)
		2.2.6 Configuration Issues
		2.2.7 Data Leakage
	2.3 Security Analyses and Research Challenges
		2.3.1 SDN Security Analyses
		2.3.2 Scenarios
			2.3.2.1 Scenario 1
			2.3.2.2 Scenario 2
			2.3.2.3 Scenario 3
		2.3.3 Research Challenges
	2.4 Conclusion
	References
3. Clustering in Wireless Sensor Networks Using Adaptive Neuro-Fuzzy Inference Logic
	3.1 Introduction
	3.2 Related Work
	3.3 Proposed Work
	3.4 Simulation Results
	3.5 Conclusion and Future Scope
	References
4. Security in Big Data
	4.1 Big Data
		4.1.1 Volume - The Size of Data
		4.1.2 Variety - Different Forms of Data
		4.1.3 Velocity - Speed of Data Generation
		4.1.4 Value - Data\'s Worth
		4.1.5 Veracity - Data Uncertainty
		4.1.6 Variability - Data Inconsistency
		4.1.7 Visualization - Data Representation
		4.1.8 Volatility - How Long to Store Data
		4.1.9 Validity - Data Use
	4.2 Data Sources of Big Data
	4.3 Architecture
		4.3.1 Data Source
		4.3.2 Ingestion
		4.3.3 Storage Layer
		4.3.4 Staging
		4.3.5 Data Pipeline
		4.3.6 Data and Workflow Management
		4.3.7 Data Access
	4.4 Big Data Challenges
	4.5 Big Data Analytics Challenges in Big Data
	4.6 Technical Challenges in Big Data
	4.7 Characteristics-Oriented Challenges of Big Data
		4.7.1 Data Volume
		4.7.2 Data Velocity
		4.7.3 Data Variety
		4.7.4 Data Value
	4.8 Privacy Challenges
	4.9 Security Challenges
	4.10 Current Security Challenges in Big Data
		4.10.1 Big Data Security - A Definition
		4.10.2 Case Studies of Security Breaches Depicting Their Impact on Organizations
	4.11 Major Security Issues of Big Data
		4.11.1 Distributed Frameworks Security
		4.11.2 Nonrelational Data Stores Protection
		4.11.3 Storage Security
		4.11.4 Monitoring Real-Time Security
		4.11.5 Privacy-Preserving Data Analytics and Mining
		4.11.6 Granular Audit
		4.11.7 End-Point Security
		4.11.8 Data-Centric Security Based on Cryptography
	4.12 Solutions to Security Challenges
		4.12.1 Complete Data Supervision of Social Networks
		4.12.2 Improvement in Legal Mechanism
		4.12.3 Improvement to People Awareness of Data Quality
		4.12.4 Put Security First
	4.13 Conclusion
	References
5. Prevention of DOS/DDOS Attacks Through Expert Honey Mesh Security Infrastructure
	5.1 Introduction
		5.1.1 Types of DDOS Attacks
			5.1.1.1 Direct Flooding Attacks
			5.1.1.2 Remote-Controlled Network Attacks
			5.1.1.3 Reflective Flooding Attacks
			5.1.1.4 Protocol Violation Attacks
			5.1.1.5 Fragmentation Attacks
			5.1.1.6 Network Infrastructure Attacks
	5.2 Working of DDOS Attacks
		5.2.1 Using a Botnet \"Botnet\" to Launch a DDOS Attack
		5.2.2 Prevention Measures of DDOS Attacks
		5.2.3 Never Overestimate the Defenses of the Network
		5.2.4 Create a Reference Model to Better Identify Active Attacks
		5.2.5 Apply the Latest Patches of Suppliers
		5.2.6 Secure the IoT Devices
		5.2.7 Deploy a Solution for the Mitigation of DDOS Attacks Dedicated
		5.2.8 Reduce the Attack Surface
		5.2.9 Plan the Scaling
		5.2.10 Implement Firewalls for Sophisticated Application Attacks
	5.3 Methodology
		5.3.1 Introduction to Expert Honey Mesh System
		5.3.2 Creation of Honey Pots
		5.3.3 Implementation of Honey Pot
	5.4 Proposed System
		5.4.1 Working of Proposed System
			5.4.1.1 Detection and Prevention of DDOS Attack Via Our Proposed System
	5.5 Experimental Result
		5.5.1 Simulation
		5.5.2 DDOS Attack Launched on Website
		5.5.3 Increase in the Volume of Attacks and Distribution Over Time
		5.5.4 Prevention of DDOS Attack Via Fuzzy Logic Mechanism
			5.5.4.1 Fuzzy-Logic Rules
		5.5.5 Implementation of Fuzzy-Logic Rules for Prevention of DDOS Attacks
		5.5.6 Advantages and Future Enhancements
	5.6 Conclusion
	References
6. Efficient Feature Grouping for IDS Using Clustering Algorithms in Detecting Known/Unknown Attacks
	6.1 Introduction
	6.2 Related Work
	6.3 Design Methodology
	6.4 Applications and Future Work
	6.5 Conclusion
	References
7. PDF Malware Classifiers - A Survey, Future Directions and Recommended Methodology
	7.1 Introduction
	7.2 X-Ray of PDF File
	7.3 Reading of PDF Files
	7.4 Steps Involved in Classifying PDF Files
		7.4.1 Prior Procedure Before the Actual Parsing
		7.4.2 Feature Extraction
		7.4.3 Classifier
	7.5 Modes of Classification
	7.6 Static Classification of PDF Files
	7.7 Static Classification Systems
		7.7.1 PJScan
		7.7.2 N-Gram
		7.7.3 Slayer
		7.7.4 N-Gram II
		7.7.5 PDFrate v1
		7.7.6 Hidost
		7.7.7 Slayer NEO
		7.7.8 PDFrate v2
	7.8 Comparison Between the Different Static Classifiers
	7.9 Dynamic Classification of PDF Files
	7.10 Dynamic Classification Systems
		7.10.1 PlatPal
		7.10.2 MDScan
		7.10.3 WepaWet
		7.10.4 PDF Scrutinizer
		7.10.5 Lux0R
	7.11 Comparison Between Different Dynamic Classifiers
	7.12 Novel Methodologies
	7.13 Conclusions and Future Directions
	References
8. Key Authentication Schemes for Medical Cyber Physical System
	8.1 Introduction
	8.2 Security Objectives for Medical CPS
		8.2.1 Mutual Authentication
		8.2.2 Data Freshness
		8.2.3 Forward Security
		8.2.4 Data Authenticity
		8.2.5 Data Integrity
		8.2.6 Data Confidentiality
		8.2.7 Unforgeability
		8.2.8 Scalability
	8.3 Security Challenges for Medical CPS
		8.3.1 Resource Constraint (Gupta et al., 2019)
		8.3.2 Denial of Service Attack (Alguliyev et al., 2018)
		8.3.3 Impersonation Attack (Xu et al., 2019a,b)
		8.3.4 Replay Attack (Kompara et al., 2019)
		8.3.5 Eavesdropping Attack (Shen et al., 2018)
		8.3.6 Compromised Nodes and Clone Attack (Xu et al., 2019a,b)
		8.3.7 Anonymous and Unlinkable Sessions (Kompara et al., 2019)
		8.3.8 Desynchronization/Jamming Attack (Liu & Chung, 2017)
	8.4 Types of Key Authentication Schemes for Medical CPS
		8.4.1 Physiological-Based Key Authentication Schemes
		8.4.2 Cryptographic-Based Authentication Schemes
			8.4.2.1 Pre-deployed Authentication Schemes
			8.4.2.2 Asymmetric Authentication Schemes
		8.4.3 Hybrid Authentication Schemes
		8.4.4 Channel-Based Authentication Schemes
	8.5 Conclusion and Future Research Direction
	References
9. Ransomware Attack: Threats & Different Detection Technique
	9.1 Introduction
	9.2 Related Study
	9.3 Materials & Methods
		9.3.1 Algorithms Used for Ransomware/Malware Detection
	9.4 Analysis
	9.5 Practical Implication
	9.6 Conclusion
	References
10. Security Management System (SMS)
	10.1 Introduction
	10.2 Application of Information Security in Corporations
		10.2.1 Information Security Components: Confidentiality, Integrity, Availability (CIA)
			10.2.1.1 Confidentiality
			10.2.1.2 Integrity
			10.2.1.3 Availability
	10.3 Information Security Incidents [11]
	10.4 Common Attacks on CIA Triad [12]
	10.5 Information Security Management
	10.6 Security Management System
	10.7 Basis of Security Management System
		10.7.1 Risk Management
		10.7.2 Risk Assessment
		10.7.3 Challenges for Risk Assessment
	10.8 Some Other Essentials for SMS
	10.9 Steps Involved in the Infrastructures of the SMS
	10.10 System Development and Maintenance
	10.11 Business Continuity Management
	10.12 Security Management System Components
	10.13 Security Management System Domains
		10.13.1 ISO/IEC 27001
			10.13.1.1 History of ISO/IEC 27001
			10.13.1.2 PDCA Model
			10.13.1.3 Changes in ISO/IEC 27001 in 2013 Version
	10.14 Security Controls [35]
	10.15 Certification
	10.16 SMS (ISO/IEC 27001) Audits [23]
		10.16.1 Benefits of ISO/IEC 27001
	10.17 Security Management System Challenges
	10.18 Conclusion
	References
11. Automatic Street Light Control Based on Pedestrian and Automobile Detection
	11.1 Introduction
	11.2 Background of the Invention
	11.3 Literature Review
	11.4 Circuit Diagram
		11.4.1 Major Components Used
	11.5 Architecture Diagram
	11.6 Proposed Work
		11.6.1 Instructions
	11.7 Results and Discussion
		11.7.1 Usage of Automatic Street Lights
		11.7.2 Feasibility and Cost Effectiveness
		11.7.3 Used in Versatile Areas
		11.7.4 Large-Scale Manufacturing
		11.7.5 Merging with AI and IoT
		11.7.6 Stability and Emergency
		11.7.7 Security Protocols
	11.8 Conclusion & Future Works
	References
12. Cost-Oriented Electronic Voting System Using Hashing Function with Digital Persona
	12.1 Introduction
	12.2 Literature Review
	12.3 Proposed Method
		12.3.1 System Requirements
		12.3.2 System Architecture
		12.3.3 System Modules
		12.3.4 System Modeling
	12.4 Working Procedure
		12.4.1 Election Participants
		12.4.2 Election Process
		12.4.3 Generate Results
	12.5 Discussion and Findings
		12.5.1 Outcome of Proposed Voting System
		12.5.2 Existing Voting System of Pakistan with Proposed System
		12.5.3 Optimization in Multiple Enhancement Factors in Proposed System
	12.6 Conclusion
	12.7 Future Work
	Reference
13. Blockchain-Based Supply Chain System Using Intelligent Chatbot with IoT-RFID
	13.1 Introduction
	13.2 Background
		13.2.1 Ethereum
		13.2.2 Hyperledger Fabric
	13.3 Chatbot with Blockchain
		13.3.1 IOT (Internet of Things)
		13.3.2 RFID Chips
		13.3.3 RFID with Blockchain
		13.3.4 Modern Supply Chain
	13.4 Problem Statement
	13.5 Literature Review
	13.6 Methodology
	13.7 Conclusion
	References
Index