Cliff Wang - Böcker

Shared resources, such as the Internet, have created a highly interconnected cyber-infrastructure. Critical infrastructures in domains such as medical, power, telecommunications, and finance are highly dependent on information systems. These two factors have exposed our critical infrastructures to malicious attacks and accidental failures. Many malicious attacks are achieved by malicious code or malware, such as viruses and worms. Given the deleterious affects of malware on our cyber infrastructure, identifying malicious programs is an important goal. Unfortunately, malware detectors have not kept pace with the evasion techniques commonly used by hackers, i.e., the good guys are falling behind in the arms race.Malware Detection captures the state of the art research in the area of malicious code detection, prevention and mitigation.

Localization is a critical process in mobile ad hoc networks and wireless sensor networks. Wireless sensor node or MANET devices need to know the network's location or its relative location, with respect to the rest of the network neighbors. However, due to the open spectrum nature of wireless communication, it is subject to attacks and intrusions. Hence the wireless network synchronization needs to be both robust and secure. Furthermore, issues such as energy constraints and mobility make the localization process even more challenging.Secure Localization and Time Synchronization for Wireless Sensor and Ad Hoc Networks presents the latest research results in the area of secure localization for both wireless mobile ad hoc networks and wireless sensor networks.

Botnets have become the platform of choice for launching attacks and committing fraud on the Internet. A better understanding of Botnets will help to coordinate and develop new technologies to counter this serious security threat. Botnet Detection: Countering the Largest Security Threat, a contributed volume by world-class leaders in this field, is based on the June 2006 ARO workshop on Botnets. This edited volume represents the state-of-the-art in research on Botnets. It provides botnet detection techniques and response strategies, as well as the latest results from leading academic, industry and government researchers. Botnet Detection: Countering the Largest Security Threat is intended for researchers and practitioners in industry. This book is also appropriate as a secondary text or reference book for advanced-level students in computer science.

Motivation for the Book This book seeks to establish the state of the art in the cyber situational awareness area and to set the course for future research. A multidisciplinary group of leading researchers from cyber security, cognitive science, and decision science areas elab orate on the fundamental challenges facing the research community and identify promising solution paths. Today, when a security incident occurs, the top three questions security admin istrators would ask are in essence: What has happened? Why did it happen? What should I do? Answers to the ?rst two questions form the core of Cyber Situational Awareness. Whether the last question can be satisfactorily answered is greatly de pendent upon the cyber situational awareness capability of an enterprise. A variety of computer and network security research topics (especially some sys tems security topics) belong to or touch the scope of Cyber Situational Awareness. However, the Cyber Situational Awareness capability of an enterprise is still very limited for several reasons: • Inaccurate and incomplete vulnerability analysis, intrusion detection, and foren sics. • Lack of capability to monitor certain microscopic system/attack behavior. • Limited capability to transform/fuse/distill information into cyber intelligence. • Limited capability to handle uncertainty. • Existing system designs are not very “friendly” to Cyber Situational Awareness.

Shared resources, such as the Internet, have created a highly interconnected cyber-infrastructure. Critical infrastructures in domains such as medical, power, telecommunications, and finance are highly dependent on information systems. These two factors have exposed our critical infrastructures to malicious attacks and accidental failures. Many malicious attacks are achieved by malicious code or malware, such as viruses and worms. Given the deleterious affects of malware on our cyber infrastructure, identifying malicious programs is an important goal. Unfortunately, malware detectors have not kept pace with the evasion techniques commonly used by hackers, i.e., the good guys are falling behind in the arms race.Malware Detection captures the state of the art research in the area of malicious code detection, prevention and mitigation.

Localization is a critical process in mobile ad hoc networks and wireless sensor networks. Wireless sensor node or MANET devices need to know the network's location or its relative location, with respect to the rest of the network neighbors. However, due to the open spectrum nature of wireless communication, it is subject to attacks and intrusions. Hence the wireless network synchronization needs to be both robust and secure. Furthermore, issues such as energy constraints and mobility make the localization process even more challenging.Secure Localization and Time Synchronization for Wireless Sensor and Ad Hoc Networks presents the latest research results in the area of secure localization for both wireless mobile ad hoc networks and wireless sensor networks.

Botnets have become the platform of choice for launching attacks and committing fraud on the Internet. A better understanding of Botnets will help to coordinate and develop new technologies to counter this serious security threat. Botnet Detection: Countering the Largest Security Threat, a contributed volume by world-class leaders in this field, is based on the June 2006 ARO workshop on Botnets. This edited volume represents the state-of-the-art in research on Botnets. It provides botnet detection techniques and response strategies, as well as the latest results from leading academic, industry and government researchers. Botnet Detection: Countering the Largest Security Threat is intended for researchers and practitioners in industry. This book is also appropriate as a secondary text or reference book for advanced-level students in computer science.

This book provides the foundations for understanding hardware security and trust, which have become major concerns for national security over the past decade. Coverage includes security and trust issues in all types of electronic devices and systems such as ASICs, COTS, FPGAs, microprocessors/DSPs, and embedded systems. This serves as an invaluable reference to the state-of-the-art research that is of critical significance to the security of, and trust in, modern society’s microelectronic-supported infrastructures.

Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats was developed by a group of leading researchers.

Motivation for the Book This book seeks to establish the state of the art in the cyber situational awareness area and to set the course for future research. A multidisciplinary group of leading researchers from cyber security, cognitive science, and decision science areas elab orate on the fundamental challenges facing the research community and identify promising solution paths. Today, when a security incident occurs, the top three questions security admin istrators would ask are in essence: What has happened? Why did it happen? What should I do? Answers to the ?rst two questions form the core of Cyber Situational Awareness. Whether the last question can be satisfactorily answered is greatly de pendent upon the cyber situational awareness capability of an enterprise. A variety of computer and network security research topics (especially some sys tems security topics) belong to or touch the scope of Cyber Situational Awareness. However, the Cyber Situational Awareness capability of an enterprise is still very limited for several reasons: • Inaccurate and incomplete vulnerability analysis, intrusion detection, and foren sics. • Lack of capability to monitor certain microscopic system/attack behavior. • Limited capability to transform/fuse/distill information into cyber intelligence. • Limited capability to handle uncertainty. • Existing system designs are not very “friendly” to Cyber Situational Awareness.

Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats was developed by a group of leading researchers. It describes the fundamental challenges facing the research community and identifies new promising solution paths. Moving Target Defense which is motivated by the asymmetric costs borne by cyber defenders takes an advantage afforded to attackers and reverses it to advantage defenders. Moving Target Defense is enabled by technical trends in recent years, including virtualization and workload migration on commodity systems, widespread and redundant network connectivity, instruction set and address space layout randomization, just-in-time compilers, among other techniques. However, many challenging research problems remain to be solved, such as the security of virtualization infrastructures, secure and resilient techniques to move systems within a virtualized environment, automatic diversification techniques, automated ways to dynamically change and manage the configurations of systems and networks, quantification of security improvement, potential degradation and more. Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats is designed for advanced -level students and researchers focused on computer science, and as a secondary text book or reference. Professionals working in this field will also find this book valuable.

Our cyber defenses are static and are governed by lengthy processes, e.g., for testing and security patch deployment.  Adversaries could plan their attacks carefully over time and launch attacks at cyber speeds at any given moment.  We need a new class of defensive strategies that would force adversaries to continually engage in reconnaissance and re-planning of their cyber operations.  One such strategy is to present adversaries with a moving target where the attack surface of a system keeps changing. Moving Target Defense II: Application of Game Theory and Adversarial Modeling includes contributions from world experts in the cyber security field.  In the first volume of MTD, we presented MTD approaches based on software transformations, and MTD approaches based on network and software stack configurations. In this second volume of MTD, a group of leading researchers describe game theoretic, cyber maneuver, and software transformation approaches for constructing and analyzing MTD systems. Designed as a professional book for practitioners and researchers working in the cyber security field, advanced -level students and researchers focused on computer science will also find this book valuable as a secondary text book or reference.

This book presents a range of cloud computing security challenges and promising solution paths. In Chapter 2, Chen and Sion present a dollar cost model of cloud computing and explore the economic viability of cloud computing with and without security mechanisms involving cryptographic mechanisms.

This book provides the foundations for understanding hardware security and trust, which have become major concerns for national security over the past decade. Coverage includes security and trust issues in all types of electronic devices and systems such as ASICs, COTS, FPGAs, microprocessors/DSPs, and embedded systems. This serves as an invaluable reference to the state-of-the-art research that is of critical significance to the security of, and trust in, modern society’s microelectronic-supported infrastructures.

Our cyber defenses are static and are governed by lengthy processes, e.g., for testing and security patch deployment.  Adversaries could plan their attacks carefully over time and launch attacks at cyber speeds at any given moment.  We need a new class of defensive strategies that would force adversaries to continually engage in reconnaissance and re-planning of their cyber operations.  One such strategy is to present adversaries with a moving target where the attack surface of a system keeps changing. Moving Target Defense II: Application of Game Theory and Adversarial Modeling includes contributions from world experts in the cyber security field.  In the first volume of MTD, we presented MTD approaches based on software transformations, and MTD approaches based on network and software stack configurations. In this second volume of MTD, a group of leading researchers describe game theoretic, cyber maneuver, and software transformation approaches for constructing and analyzing MTD systems. Designed as a professional book for practitioners and researchers working in the cyber security field, advanced -level students and researchers focused on computer science will also find this book valuable as a secondary text book or reference.

This book presents a range of cloud computing security challenges and promising solution paths. In Chapter 2, Chen and Sion present a dollar cost model of cloud computing and explore the economic viability of cloud computing with and without security mechanisms involving cryptographic mechanisms.

This is the first book on digital fingerprinting that comprehensively covers the major areas of study in a range of information security areas including authentication schemes, intrusion detection, forensic analysis and more.  Available techniques for assurance are limited and authentication schemes are potentially vulnerable to the theft of digital tokens or secrets.  Intrusion detection can be thwarted by spoofing or impersonating devices, and forensic analysis is incapable of demonstrably tying a particular device to specific digital evidence.  This book presents an innovative and effective approach that addresses these concerns.  This book introduces the origins and scientific underpinnings of digital fingerprinting. It also proposes a unified framework for digital fingerprinting, evaluates methodologies and includes examples and case studies. The last chapter of this book covers the future directions of digital fingerprinting. This book is designed for practitioners and researchers working in the security field and military. Advanced-level students focused on computer science and engineering will find this book beneficial as secondary textbook or reference.

This is the first book on digital fingerprinting that comprehensively covers the major areas of study in a range of information security areas including authentication schemes, intrusion detection, forensic analysis and more.

It features four major parts: cyber deception reasoning frameworks, dynamic decision-making for cyber deception, network-based deception, and malware deception. An important distinguishing characteristic of this book is its inclusion of student exercises at the end of each chapter.

This book discusses and summarizes current research issues, identifies challenges, and outlines future directions for proactive and dynamic network defense.

The 10 papers included in this State-of-the Art Survey present recent advances made by a large team of researchers working on the same US Department of Defense Multidisciplinary University Research Initiative (MURI) project during 2013-2019.

This book explores fundamental scientific problems essential for autonomous cyber defense. Specific areas include:Game and control theory-based moving target defenses (MTDs) and adaptive cyber defenses (ACDs) for fully autonomous cyber operations;The extent to which autonomous cyber systems can be designed and operated in a framework that is significantly different from the human-based systems we now operate;On-line learning algorithms, including deep recurrent networks and reinforcement learning, for the kinds of situation awareness and decisions that autonomous cyber systems will require;Human understanding and control of highly distributed autonomous cyber defenses;Quantitative performance metrics for the above so that autonomous cyber defensive agents can reason about the situation and appropriate responses as well as allowing humans to assess and improve the autonomous system.This book establishes scientific foundations for adaptive autonomous cyber systems and ultimately brings about a more secure and reliable Internet. The recent advances in adaptive cyber defense (ACD) have developed a range of new ACD techniques and methodologies for reasoning in an adaptive environment.Autonomy in physical and cyber systems promises to revolutionize cyber operations. The ability of autonomous systems to execute at scales, scopes, and tempos exceeding those of humans and human-controlled systems will introduce entirely new types of cyber defense strategies and tactics, especially in highly contested physical and cyber environments. The development and automation of cyber strategies that are responsive to autonomous adversaries pose basic new technical challenges for cyber-security.This book targets cyber-security professionals and researchers (industry, governments, and military). Advanced-level students in computer science and information systems will also find this book useful as a secondary textbook.

This book explores fundamental scientific problems essential for autonomous cyber defense. Specific areas include:Game and control theory-based moving target defenses (MTDs) and adaptive cyber defenses (ACDs) for fully autonomous cyber operations;The extent to which autonomous cyber systems can be designed and operated in a framework that is significantly different from the human-based systems we now operate;On-line learning algorithms, including deep recurrent networks and reinforcement learning, for the kinds of situation awareness and decisions that autonomous cyber systems will require;Human understanding and control of highly distributed autonomous cyber defenses;Quantitative performance metrics for the above so that autonomous cyber defensive agents can reason about the situation and appropriate responses as well as allowing humans to assess and improve the autonomous system.This book establishes scientific foundations for adaptive autonomous cyber systems and ultimately brings about a more secure and reliable Internet. The recent advances in adaptive cyber defense (ACD) have developed a range of new ACD techniques and methodologies for reasoning in an adaptive environment.Autonomy in physical and cyber systems promises to revolutionize cyber operations. The ability of autonomous systems to execute at scales, scopes, and tempos exceeding those of humans and human-controlled systems will introduce entirely new types of cyber defense strategies and tactics, especially in highly contested physical and cyber environments. The development and automation of cyber strategies that are responsive to autonomous adversaries pose basic new technical challenges for cyber-security.This book targets cyber-security professionals and researchers (industry, governments, and military). Advanced-level students in computer science and information systems will also find this book useful as a secondary textbook.

This book introduces recent research results for cyber deception, a promising field for proactive cyber defense. The beauty and challenge of cyber deception is that it is an interdisciplinary research field requiring study from techniques and strategies to human aspects. This book covers a wide variety of cyber deception research, including game theory, artificial intelligence, cognitive science, and deception-related technology. Specifically, this book addresses three core elements regarding cyber deception:  Understanding human’s cognitive behaviors in decoyed network scenarios Developing effective deceptive strategies based on human’s behaviorsDesigning deceptive techniques that supports the enforcement of deceptive strategiesThe research introduced in this book identifies the scientific challenges, highlights the complexity and inspires the future research of cyber deception.Researchers working in cybersecurity and advanced-level computer science students focused on cybersecurity will find this book useful as a reference. This book also targets professionals working in cybersecurity.Chapter 'Using Amnesia to Detect Credential Database Breaches' and Chapter 'Deceiving ML-Based Friend-or-Foe Identification for Executables' are available open access under a Creative Commons Attribution 4.0 International License via link.springer.com.

This book introduces recent research results for cyber deception, a promising field for proactive cyber defense. The beauty and challenge of cyber deception is that it is an interdisciplinary research field requiring study from techniques and strategies to human aspects. This book covers a wide variety of cyber deception research, including game theory, artificial intelligence, cognitive science, and deception-related technology. Specifically, this book addresses three core elements regarding cyber deception:  Understanding human’s cognitive behaviors in decoyed network scenarios Developing effective deceptive strategies based on human’s behaviorsDesigning deceptive techniques that supports the enforcement of deceptive strategiesThe research introduced in this book identifies the scientific challenges, highlights the complexity and inspires the future research of cyber deception.Researchers working in cybersecurity and advanced-level computer science students focused on cybersecurity will find this book useful as a reference. This book also targets professionals working in cybersecurity.Chapter 'Using Amnesia to Detect Credential Database Breaches' and Chapter 'Deceiving ML-Based Friend-or-Foe Identification for Executables' are available open access under a Creative Commons Attribution 4.0 International License via link.springer.com.

Third, the AI/ML for cyber analysis theme focuses on using AI/ML to analyze tons of data in a timely manner and identify many complex threat patterns.This book is designed for undergraduates, graduate students in computer science and researchers in an interdisciplinary area of cyber forensics and AI embedded security applications.

Third, the AI/ML for cyber analysis theme focuses on using AI/ML to analyze tons of data in a timely manner and identify many complex threat patterns.This book is designed for undergraduates, graduate students in computer science and researchers in an interdisciplinary area of cyber forensics and AI embedded security applications.

This book, structured as an edited volume, consists of 12 chapters organized into four key themes: Theoretical Foundations, Human Factors, Application Domains, and Future Challenges. It highlights the dynamic and interdisciplinary nature of cyber deception research, offering insights into diverse application areas such as industrial control systems and AI security.Cyber deception has emerged as a critical strategy for defending digital assets across academia, industry, and government. By creating false information, deceptive environments, or misleading signals, it aims to confuse, delay, or misdirect adversaries while simultaneously gathering intelligence on their tactics. This proactive approach shifts the traditional information advantage from attackers to defenders, strengthening cybersecurity resilience.Designed as a foundational resource, this book is particularly valuable for students and early-career researchers seeking to understand cyber deception and identify pressing research challenges. It emphasizes the need for context-aware and adaptive strategies to counter the ever-evolving tactics of cyber adversaries. Furthermore, this book advocates for leveraging emerging technologies and interdisciplinary approaches to advance deception techniques. By addressing both current and future challenges, this volume provides a comprehensive roadmap for enhancing cyber deception strategies and fostering the development of more robust and resilient cybersecurity defences.

This book is the first publication to give a comprehensive, structured treatment to the important topic of situational awareness in cyber defense. It presents the subject in a logical, consistent, continuous discourse, covering key topics such as formation of cyber situational awareness, visualization and human factors, automated learning and inference, use of ontologies and metrics, predicting and assessing impact of cyber attacks, and achieving resilience of cyber and physical mission. Chapters include case studies, recent research results and practical insights described specifically for this book. Situational awareness is exceptionally prominent in the field of cyber defense. It involves science, technology and practice of perception, comprehension and projection of events and entities in cyber space. Chapters discuss the difficulties of achieving cyber situational awareness – along with approaches to overcoming the difficulties - in the relatively young field of cyber defense where key phenomena are so unlike the more conventional physical world. Cyber Defense and Situational Awareness is designed as a reference for practitioners of cyber security and developers of technology solutions for cyber defenders. Advanced-level students and researchers focused on security of computer networks will also find this book a valuable resource.