This timely textbook presents a comprehensive guide to the core topics in cybersecurity, covering issues of security that extend beyond traditional computer networks to the ubiquitous mobile communications and online social networks that have become part of our daily lives. In the context of our growing dependence on an ever-changing digital ecosystem, this book stresses the importance of security awareness, whether in our homes, our businesses, or our public spaces. This fully updated new edition features new material on the security issues raised by blockchain technology, and its use in logistics, digital ledgers, payments systems, and digital contracts. **Topics and features:** * Explores the full range of security risks and vulnerabilities in all connected digital systems * Inspires debate over future developments and improvements necessary to enhance the security of personal, public, and private enterprise systems * Raises thought-provoking questions regarding legislative, legal, social, technical, and ethical challenges, such as the tension between privacy and security * Describes the fundamentals of traditional computer network security, and common threats to security * Reviews the current landscape of tools, algorithms, and professional best practices in use to maintain security of digital systems * Discusses the security issues introduced by the latest generation of network technologies, including mobile systems, cloud computing, and blockchain * Presents exercises of varying levels of difficulty at the end of each chapter, and concludes with a diverse selection of practical projects * Offers supplementary material for students and instructors at an associated website, including slides, additional projects, and syllabus suggestions This important textbook/reference is an invaluable resource for students of computer science, engineering, and information management, as well as for practitioners working in data- and information-intensive industries. Preface What Is New in This Edition Audience Book Resources Instructor Support Materials Contents Part I: Introduction to Traditional Computer Network Security 1: Computer Network Fundamentals 1.1 Introduction 1.2 Computer Network Models 1.3 Computer Network Types 1.3.1 Local Area Networks (LANs) 1.3.2 Wide Area Networks (WANs) 1.3.3 Metropolitan Area Networks (MANs) 1.4 Data Communication Media Technology 1.4.1 Transmission Technology 1.4.1.1 Analog Encoding of Digital Data 1.4.1.2 Digital Encoding of Digital Data 1.4.1.3 Multiplexing of Transmission Signals 1.4.2 Transmission Media 1.4.2.1 Wired Transmission Media 1.4.2.2 Wireless Communication 1.5 Network Topology 1.5.1 Mesh 1.5.2 Tree 1.5.3 Bus 1.5.4 Star 1.5.5 Ring 1.6 Network Connectivity and Protocols 1.6.1 Open System Interconnection (OSI) Protocol Suite 1.6.2 Transmission Control Protocol/Internet Protocol (TCP/IP) Model 1.6.2.1 Application Layer 1.6.2.2 Transport Layer 1.6.2.3 Network Layer 1.6.2.4 Data Link Layer 1.6.2.5 Physical Layer 1.7 Network Services 1.7.1 Connection Services 1.7.1.1 Connection-Oriented Services 1.7.1.2 Connectionless Service 1.7.2 Network Switching Services 1.7.2.1 Circuit Switching 1.7.2.2 Packet Switching 1.8 Network Connecting Devices 1.8.1 LAN Connecting Devices 1.8.1.1 A Hub 1.8.1.2 A Repeater 1.8.1.3 A Bridge 1.8.1.4 A Switch 1.8.2 Internetworking Devices 1.8.2.1 Routers 1.8.2.2 Gateways 1.9 Network Technologies 1.9.1 LAN Technologies 1.9.1.1 Star-Based Ethernet (IEEE 802.3) LAN 1.9.1.2 Token Ring/IEEE 805.2 1.9.1.3 Other LAN Technologies 1.9.2 WAN Technologies 1.9.2.1 Integrated Services Digital Network (ISDN) 1.9.2.2 X.25 1.9.2.3 Other WAN Technologies 1.9.3 Wireless LANs 1.10 Conclusion References 2: Computer Network Security Fundamentals 2.1 Introduction 2.1.1 Computer Security 2.1.2 Network Security 2.1.3 Information Security 2.2 Securing the Computer Network 2.2.1 Hardware 2.2.2 Software 2.3 Forms of Protection 2.3.1 Access Control 2.3.1.1 Hardware Access Control Systems 2.3.1.2 Software Access Control Systems 2.3.2 Authentication 2.3.3 Confidentiality 2.3.4 Integrity 2.3.5 Nonrepudiation 2.4 Security Standards 2.4.1 Security Standards Based on Type of Service/Industry 2.4.1.1 Public Key Cryptography Standards (PKCS) 2.4.1.2 The Standards for Interoperable Secure MIME (S/MIME) 2.4.1.3 Federal Information Processing Standards (FIPS) 2.4.1.4 Secure Sockets Layer (SSL) 2.4.1.5 Web Services Security Standards 2.4.2 Security Standards Based on Size/Implementation 2.4.3 Security Standards Based on Interests 2.4.3.1 British Standard 799 (BS 7799) 2.4.3.2 Orange Book 2.4.4 Security Best Practices References Part II: Security Issues and Challenges in the Traditional Computer Network 3: Security Threats and Threat Motives to Computer Networks 3.1 Introduction 3.2 Sources of Security Threats 3.2.1 Design Philosophy 3.2.2 Weaknesses in Network Infrastructure and Communication Protocols 3.2.3 Rapid Growth of Cyberspace 3.2.4 The Growth of the Hacker Community 3.2.4.1 The Big “Bungs” The Internet Worm Michelangelo Virus Pathogen, Queeg, and Smeg Viruses Melissa Virus The Y2K Bug The Goodtimes E-Mail Virus Distributed Denial of Service (DDoS) Love Bug Virus Palm Virus Anna Kournikova Virus Code Red: “For One Moment Last Week, the Internet Stood Still” SQL Worm Hackers View Eight Million Visa/MasterCard, Discover, and American Express Accounts 3.2.5 Vulnerability in Operating System Protocol 3.2.6 The Invisible Security Threat: The Insider Effect 3.2.7 Social Engineering 3.2.8 Physical Theft 3.3 Security Threat Motives 3.3.1 Terrorism 3.3.2 Military Espionage 3.3.3 Economic Espionage 3.3.4 Targeting the National Information Infrastructure 3.3.5 Vendetta/Revenge 3.3.6 Hate (National Origin, Gender, and Race) 3.3.7 Notoriety 3.3.8 Greed 3.3.9 Ignorance 3.4 Security Threat Management 3.4.1 Risk Assessment 3.4.2 Forensic Analysis 3.5 Security Threat Correlation 3.5.1 Threat Information Quality 3.6 Security Threat Awareness References 4: Introduction to Computer Network Vulnerabilities 4.1 Definition 4.2 Sources of Vulnerabilities 4.2.1 Design Flaws 4.2.1.1 Human Factors 4.2.1.2 Software Complexity 4.2.1.3 Trustworthy Software Sources 4.2.1.4 Software Reuse, Reengineering, and Outlived Design 4.2.2 Poor Security Management 4.2.3 Incorrect Implementation 4.2.4 Internet Technology Vulnerability 4.2.5 Changing Nature of Hacker Technologies and Activities 4.2.6 Difficulty of Fixing Vulnerable Systems 4.2.7 Limits of Effectiveness of Reactive Solutions 4.2.8 Social Engineering 4.3 Vulnerability Assessment 4.3.1 Vulnerability Assessment Services 4.3.1.1 Vulnerability Scanning 4.3.1.2 Vulnerability Assessment and Penetration Testing 4.3.1.3 Application Assessment 4.3.2 Advantages of Vulnerability Assessment Services References 5: Cyber Crimes and Hackers 5.1 Introduction 5.2 Cybercrimes 5.2.1 Ways of Executing Cybercrimes 5.2.1.1 Penetration 5.2.1.2 Distributed Denial of Service (DDoS) 5.2.1.3 Motives of DDoS Attack 5.2.2 Cybercriminals 5.3 Hackers 5.3.1 History of Hacking 5.3.2 Types of Hackers 5.3.2.1 Crackers 5.3.2.2 Hacktivists 5.3.2.3 Computer Viruses and Worms 5.3.2.4 Cyberterrorists 5.3.3 Hacker Motives 5.3.4 Hacking Topologies 5.3.4.1 One-to-One 5.3.4.2 One-to-Many 5.3.4.3 Many-to-One 5.3.4.4 Many-to-Many 5.3.5 Hackers’ Tools of System Exploitation 5.3.5.1 Viruses 5.3.5.2 Worm 5.3.5.3 Sniffer 5.3.6 Types of Attacks 5.4 Dealing with the Rising Tide of Cybercrimes 5.4.1 Prevention 5.4.2 Detection 5.4.3 Recovery 5.5 Conclusion References 6: Scripting and Security in Computer Networks and Web Browsers 6.1 Introduction 6.2 Scripting 6.3 Scripting Languages 6.3.1 Server-Side Scripting Languages 6.3.1.1 Perl Scripts 6.3.1.2 PHP 6.3.2 Client-Side Scripting Languages 6.3.2.1 JavaScripts 6.3.2.2 VBScript 6.4 Scripting in Computer Networks 6.4.1 Introduction to the Common Gateway Interface (CGI) 6.4.1.1 CGI Scripts in a Three-Way Handshake 6.4.2 Server-Side Scripting: The CGI Interface 6.5 Computer Networks Scripts and Security 6.5.1 CGI Script Security 6.5.1.1 Server-Side Script Security 6.5.2 JavaScript and VBScript Security 6.5.3 Web Script Security 6.6 Dealing with the Script Security Problems References Additional References 7: Security Assessment, Analysis, and Assurance 7.1 Introduction 7.2 System Security Policy 7.3 Building a Security Policy 7.3.1 Security Policy Access Rights Matrix 7.3.1.1 Logical Access Restriction to the System Resources 7.3.1.2 Physical Security of Resources and Site Environment 7.3.1.3 Cryptographic Restrictions 7.3.2 Policy and Procedures 7.3.2.1 Common Attacks and Possible Deterrents 7.3.2.2 Staff 7.3.2.3 Equipment Certification 7.3.2.4 Audit Trails and Legal Evidence 7.3.2.5 Privacy Concerns 7.3.2.6 Security Awareness Training 7.3.2.7 Incident Handling 7.4 Security Requirements Specification 7.5 Threat Identification 7.5.1 Human Factors 7.5.2 Natural Disasters 7.5.3 Infrastructure Failures 7.5.3.1 Hardware Failures 7.5.3.2 Software Failures 7.5.3.3 Humanware Failures 7.6 Threat Analysis 7.6.1 Approaches to Security Threat Analysis 7.6.1.1 Threat Analysis by Annualized Loss Expectancies 7.6.1.2 Schneier’s Attack Tree Method 7.7 Vulnerability Identification and Assessment 7.7.1 Hardware 7.7.2 Software 7.7.2.1 System Software 7.7.2.2 Application Software 7.7.2.3 Control Software 7.7.3 Humanware 7.7.4 Policies, Procedures, and Practices 7.7.4.1 Quality 7.7.4.2 Conformity 7.7.4.3 Comprehensiveness 7.8 Security Certification 7.8.1 Phases of a Certification Process 7.8.2 Benefits of Security Certification 7.9 Security Monitoring and Auditing 7.9.1 Monitoring Tools 7.9.2 Type of Data Gathered 7.9.3 Analyzed Information 7.9.4 Auditing 7.10 Products and Services References Part III: Dealing with Computer Network Security Challenges 8: Disaster Management 8.1 Introduction 8.1.1 Categories of Disasters 8.1.1.1 Natural Disasters: Due to Forces of Nature 8.1.1.2 Human-Caused Disasters 8.2 Disaster Prevention 8.3 Disaster Response 8.4 Disaster Recovery 8.4.1 Planning for a Disaster Recovery 8.4.1.1 Disaster Recovery Committee 8.4.2 Procedures of Recovery 8.4.2.1 Identifying and Prioritizing the Disaster 8.4.2.2 Identifying Critical Resources 8.4.2.3 Developing a Notification Plan 8.4.2.4 Training of Employees 8.4.2.5 Priorities for the Restoration of Essential Functions 8.5 Make Your Business Disaster Ready 8.5.1 Always Be Ready for a Disaster 8.5.2 Always Back Up Media 8.5.3 Risk Assessment 8.6 Resources for Disaster Planning and Recovery 8.6.1 Local Disaster Resources References 9: Access Control and Authorization 9.1 Definitions 9.2 Access Rights 9.2.1 Access Control Techniques and Technologies 9.2.1.1 Access Control Matrix 9.2.1.2 Access Control Lists 9.2.1.3 Access Control Capability 9.2.1.4 Role-Based Access Control 9.2.1.5 Rule-Based Access Control 9.2.1.6 Restricted Interfaces 9.2.1.7 Content-Dependent Access Control 9.2.1.8 Other Access Control Techniques and Technologies 9.3 Access Control Systems 9.3.1 Physical Access Control 9.3.2 Access Cards 9.3.3 Electronic Surveillance 9.3.4 Biometrics 9.3.4.1 Fingerprint Readers 9.3.4.2 Voice Recognition 9.3.4.3 Hand Geometry 9.3.4.4 Iris Scan 9.3.5 Event Monitoring 9.4 Authorization 9.4.1 Authorization Mechanisms 9.4.1.1 Discretionary Authorization 9.4.1.2 Mandatory Access Control 9.5 Types of Authorization Systems 9.5.1 Centralized 9.5.2 Decentralized 9.5.3 Implicit 9.5.4 Explicit 9.6 Authorization Principles 9.6.1 Least Privilege 9.6.2 Separation of Duties 9.7 Authorization Granularity 9.7.1 Fine-Grained Authorization 9.7.2 Coarse-Grained Authorization 9.8 Web Access and Authorization References 10: Authentication 10.1 Definition 10.2 Multiple Factors and Effectiveness of Authentication 10.3 Authentication Elements 10.3.1 Person or Group Seeking Authentication 10.3.2 Distinguishing Characteristics for Authentication 10.3.3 The Authenticator 10.3.4 The Authentication Mechanism 10.3.5 Access Control Mechanism 10.4 Types of Authentication 10.4.1 Nonrepudiable Authentication 10.4.2 Repudiable Authentication 10.5 Authentication Methods 10.5.1 Password Authentication 10.5.1.1 Reusable Passwords 10.5.1.2 One-Time Passwords 10.5.1.3 Challenge-Response Passwords 10.5.1.4 Combined Approach Authentication 10.5.2 Public Key Authentication 10.5.2.1 Secure Sockets Layer (SSL) Authentication 10.5.2.2 Kerberos Authentication 10.5.2.3 MD5 for Authentication 10.5.3 Remote Authentication 10.5.3.1 Secure RPC Authentication 10.5.3.2 Dial-In Authentication 10.5.3.3 Radius 10.5.4 Anonymous Authentication 10.5.5 Digital Signature-Based Authentication 10.5.6 Wireless Authentication 10.6 Developing an Authentication Policy References 11: Cryptography 11.1 Definition 11.1.1 Block Ciphers 11.2 Symmetric Encryption 11.2.1 Symmetric Encryption Algorithms 11.2.2 Problems with Symmetric Encryption 11.3 Public Key Encryption 11.3.1 Public Key Encryption Algorithms 11.3.2 Problems with Public Key Encryption 11.3.3 Public Key Encryption Services 11.4 Enhancing Security: Combining Symmetric and Public Key Encryptions 11.5 Key Management: Generation, Transportation, and Distribution 11.5.1 The Key Exchange Problem 11.5.2 Key Distribution Centers (KDCs) 11.5.3 Public Key Management 11.5.3.1 Certificate Authority (CA) 11.5.3.2 Digital Certificates 11.5.3.3 Using a Private Certificate Authority 11.5.4 Key Escrow 11.6 Public Key Infrastructure (PKI) 11.6.1 Certificates 11.6.2 Certificate Authority 11.6.3 Registration Authority (RA) 11.6.4 Lightweight Directory Access Protocols (LDAP) 11.6.5 Role of Cryptography in Communication 11.7 Hash Function 11.8 Digital Signatures References 12: Firewalls 12.1 Definition 12.2 Types of Firewalls 12.2.1 Packet Inspection Firewalls 12.2.1.1 IP Address Filtering 12.2.1.2 TCP and UDP Port Filtering 12.2.1.3 Packet Filtering Based on Initial Sequence Numbers (ISNs) and Acknowledgment (ACK) Bits 12.2.1.4 Problems with Packet Filtering Firewalls 12.2.2 Application Proxy Server: Filtering Based on Known Services 12.2.2.1 Application Proxy Positive Security Model Negative Security Model 12.2.2.2 SOCKS Proxy 12.2.3 Virtual Private Network (VPN) Firewalls 12.2.4 Small Office or Home (SOHO) Firewalls 12.3 Configuration and Implementation of a Firewall 12.4 The Demilitarized Zone (DMZ) 12.4.1 Scalability and Increasing Security in a DMZ 12.5 Improving Security Through the Firewall 12.6 Firewall Forensics 12.7 Firewall Services and Limitations 12.7.1 Firewall Services 12.7.2 Limitations of Firewalls References 13: System Intrusion Detection and Prevention 13.1 Definition 13.2 Intrusion Detection 13.2.1 The System Intrusion Process 13.2.1.1 Reconnaissance 13.2.1.2 Physical Intrusion 13.2.1.3 Denial of Service 13.2.2 The Dangers of System Intrusions 13.3 Intrusion Detection Systems (IDSs) 13.3.1 Anomaly Detection 13.3.2 Misuse Detection 13.4 Types of Intrusion Detection Systems 13.4.1 Network-Based Intrusion Detection Systems (NIDSs) 13.4.1.1 Architecture of a Network-Based Intrusion Detection Network Tap/Load Balancer Network Sensor/Monitoring Analyzer Alert Notifier Command Console/Manager Response Subsystem Database 13.4.1.2 Placement of IDS Sensors 13.4.1.3 Advantages of Network-Based Intrusion Detection Systems 13.4.1.4 Disadvantages of NIDS 13.4.2 Host-Based Intrusion Detection Systems (HIDS) 13.4.2.1 Advantages of Host-Based Intrusion Detection Systems 13.4.2.2 Disadvantages of HIDS 13.4.3 The Hybrid Intrusion Detection System 13.5 The Changing Nature of IDS Tools 13.6 Other Types of Intrusion Detection Systems 13.6.1 System Integrity Verifiers (SIVs) 13.6.2 Log File Monitors (LFM) 13.6.3 Honeypots 13.6.3.1 Advantages of Honeypots 13.7 Response to System Intrusion 13.7.1 Incident Response Team 13.7.2 IDS Logs as Evidence 13.8 Challenges to Intrusion Detection Systems 13.8.1 Deploying IDS in Switched Environments 13.9 Implementing an Intrusion Detection System 13.10 Intrusion Prevention Systems (IPSs) 13.10.1 Network-Based Intrusion Prevention Systems (NIPSs) 13.10.1.1 Traffic Normalizer 13.10.1.2 The Detection Engine 13.10.1.3 Traffic Shaper 13.10.1.4 NIPS Benefits 13.10.2 Host-Based Intrusion Prevention Systems (HIPSs) 13.10.2.1 HIPS Benefits 13.11 Intrusion Detection Tools References 14: Computer and Network Forensics 14.1 Definition 14.2 Computer Forensics 14.2.1 History of Computer Forensics 14.2.2 Elements of Computer Forensics 14.2.2.1 The Material 14.2.2.2 Relevance 14.2.2.3 Validity 14.2.3 Investigative Procedures 14.2.3.1 Looking for Evidence 14.2.3.2 Handling Evidence 14.2.3.3 Evidence Recovery 14.2.3.4 Preserving Evidence 14.2.3.5 Transporting Evidence 14.2.4 Analysis of Evidence 14.2.4.1 Data Hiding Deleted Files Hidden Files Slack Space Bad Blocks Steganography Utilities Password-Cracking Software NTFS Streams Codes and Compression 14.2.4.2 Operating System-Based Evidence Analysis Microsoft-based File Systems (FAT8, FAT16, FAT 32, and VFAT) NTFS File System Unix and Linux File Systems Macintosh File System 14.3 Network Forensics 14.3.1 Intrusion Analysis 14.3.1.1 Incident Response Plan 14.3.1.2 Incident Response 14.3.1.3 Technical Analysis of the Intrusions 14.3.1.4 Reverse Hacking 14.3.2 Damage Assessment 14.4 Forensic Tools 14.4.1 Computer Forensic Tools 14.4.1.1 Software-Based Forensic Tools 14.4.1.2 Hardware-based Forensic Tools 14.4.2 Network Forensic Tools References 15: Virus and Content Filtering 15.1 Definitions 15.2 Scanning, Filtering, and Blocking 15.2.1 Content Scanning 15.2.1.1 Pattern-Based Scanning 15.2.1.2 Heuristic Scanning 15.2.2 Inclusion Filtering 15.2.3 Exclusion Filtering 15.2.4 Other Types of Content Filtering 15.2.4.1 URL Filtering 15.2.4.2 Keyword Filtering 15.2.4.3 Packet Filtering 15.2.4.4 Profile Filtering 15.2.4.5 Image Analysis Filtering 15.2.5 Location of Content Filters 15.2.5.1 Filtering on the End User’s Computer 15.2.5.2 Filtering at the ISP’s Computer 15.2.5.3 Filtering by an Organization Server 15.2.5.4 Filtering by a Third Party 15.3 Virus Filtering 15.3.1 Viruses 15.3.1.1 Virus Infection/Penetration 15.3.1.2 Sources of Virus Infections 15.3.1.3 Types of Viruses 15.3.1.4 How Viruses Work 15.3.1.5 Antivirus Technologies 15.4 Content Filtering 15.4.1 Application-Level Filtering 15.4.1.1 Technical Issues 15.4.1.2 Nontechnical Issues 15.4.2 Packet-Level Filtering and Blocking 15.4.2.1 Technical Issues 15.4.2.2 Nontechnical Issues 15.4.3 Filtered Material 15.5 Spam References 16: Standardization and Security Criteria: Security Evaluation of Computer Products 16.1 Introduction 16.2 Product Standardization 16.2.1 Need for Standardization of (Security) Products 16.2.2 Common Computer Product Standards 16.3 Security Evaluations 16.3.1 Purpose of Security Evaluation 16.3.2 Security Evaluation Criteria 16.3.3 Basic Elements of an Evaluation 16.3.4 Outcome/Benefits 16.4 Major Security Evaluation Criteria 16.4.1 Common Criteria (CC) 16.4.2 FIPS 16.4.3 The Orange Book/TCSEC 16.4.4 Information Technology Security Evaluation Criteria (ITSEC) 16.4.5 The Trusted Network Interpretation (TNI): The Red Book 16.5 Does Evaluation Mean Security? References 17: Computer Network Security Protocols 17.1 Introduction 17.2 Application-Level Security 17.2.1 Remote Authentication Dial-In User Service (RADIUS) 17.2.1.1 Authentication Protocols 17.2.1.2 Accounting Protocols 17.2.1.3 Key Features of RADIUS 17.2.2 Terminal Access Controller Access Control System (TACACS+) 17.2.3 Pretty Good Privacy (PGP) 17.2.3.1 Authentication 17.2.3.2 Confidentiality 17.2.3.3 Compression 17.2.3.4 E-Mail Compatibility 17.2.3.5 Segmentation 17.2.4 Secure/Multipurpose Internet Mail Extension (S/MIME) 17.2.4.1 Encryption 17.2.4.2 Digital Signatures 17.2.5 Secure HTTP (S-HTTP) 17.2.5.1 Cryptographic Algorithm for S-HTTP 17.2.5.2 Digital Signatures for S-HTTP 17.2.5.3 Message and Sender Authentication in S-HTTP 17.2.6 Hypertext Transfer Protocol over Secure Socket Layer (HTTPS) 17.2.7 Secure Electronic Transactions (SET) 17.2.7.1 Authentication 17.2.7.2 Confidentiality 17.2.7.3 Message Integrity 17.2.7.4 Linkage 17.2.8 Kerberos 17.2.8.1 Ticket-Granting Ticket 17.3 Security in the Transport Layer 17.3.1 Secure Socket Layer (SSL) 17.3.1.1 SSL Objectives and Architecture 17.3.1.2 The SSL Handshake 17.3.1.3 SSL Cipher Spec Protocol 17.3.1.4 SSL Alert Protocol 17.3.1.5 SSL Record Protocol 17.3.2 Transport Layer Security (TLS) 17.4 Security in the Network Layer 17.4.1 Internet Protocol Security (IPsec) 17.4.1.1 Authentication Header (AH) 17.4.1.2 Encapsulating Security Payload (ESP) 17.4.1.3 Security Associations 17.4.1.4 Transport and Tunnel Modes 17.4.1.5 Other IPsec Issues 17.4.2 Virtual Private Networks (VPN) 17.4.2.1 Types of VPNs 17.4.3 VPN Tunneling Technology, PPTP, and L2TP 17.5 Security in the Physical Layer 17.5.1 Point-to-Point Protocol (PPP) 17.5.1.1 PPP Authentication 17.5.1.2 PPP Confidentiality 17.5.2 Other Network Physical Layer Security Protocols Include [13] References 18: Security in Wireless Networks and Devices 18.1 Introduction 18.2 Types of Wireless Broadband Networks 18.2.1 Wireless Personal Area Networks (WPANs) 18.2.2 Wireless Local Area Networks (WLANs) (Wi-Fi) 18.2.3 WiMAX LAN 18.2.3.1 Overview and Evolution of WiMAX 18.2.3.2 Protocol Layers of WiMAX 18.2.3.3 WiMAX Security Protocols 18.2.4 4G (LTE) and 5G: Enhancing Mobile Broadband 18.2.5 Mobile Cellular Network 18.2.5.1 Mobile Cellular Network Technologies 18.2.5.2 Mobile Cellular Communication Network Infrastructure 18.3 Development of Cellular Technology 18.3.1 First Generation 18.3.2 Second Generation 18.3.3 Third Generation 18.3.4 Fourth Generation (4G/LTE) 18.3.5 Fifth Generation (5G) 18.4 Other Features of Mobile Cellular Technology 18.4.1 Universality 18.4.2 Flexibility 18.4.3 Quality of Service (QoS) 18.4.4 Service Richness 18.4.5 Mobile Cellular Security Protocol Stack 18.4.5.1 Mobile Cellular Wireless Application Protocol (WAP) 18.5 Security Vulnerabilities in Cellular Wireless Networks 18.5.1 WLAN Security Concerns 18.5.1.1 Identity in WLANs 18.5.1.2 Lack of Access Control Mechanism 18.5.1.3 Lack of Authentication Mechanism in 802.11 18.5.1.4 Lack of a WEP Key Management Protocol 18.5.1.5 War-Driving, War-Walking, War-Flying, and War-Chalking 18.5.1.6 Insertion Attacks 18.5.1.7 Interception and Monitoring Wireless Traffic Attacks 18.5.1.8 AP and Client Misconfigurations and Attack 18.5.1.9 SNMP Community Words 18.5.1.10 Client Side Security Risk 18.5.1.11 Risks Due to Installation 18.5.1.12 Jamming 18.5.1.13 Client-to-Client Attacks 18.5.1.14 Parasitic Grids 18.5.2 Best Practices for Wi-Fi Security References 19: Security in Sensor Networks 19.1 Introduction 19.2 The Growth of Sensor Networks 19.3 Design Factors in Sensor Networks 19.3.1 Routing 19.3.1.1 Routing Protocols 19.3.2 Power Consumption 19.3.3 Fault Tolerance 19.3.4 Scalability 19.3.5 Production Costs 19.3.6 Nature of Hardware Deployed 19.3.7 Topology of Sensor Networks 19.3.8 Transmission Media 19.4 Security in Sensor Networks 19.4.1 Security Challenges 19.4.1.1 Aggregation 19.4.1.2 Node Capture/Node Deployment 19.4.1.3 Energy Consumption 19.4.1.4 Large Numbers of Nodes/Communication Challenges 19.4.2 Sensor Network Vulnerabilities and Attacks 19.4.2.1 Possible Attacks 19.4.3 Securing Sensor Networks 19.4.3.1 Necessary Conditions for a Secure Sensor Network 19.5 Security Mechanisms and Best Practices for Sensor Networks 19.6 Trends in Sensor Network Security Research 19.6.1 Cryptography 19.6.2 Key Management 19.6.3 Confidentiality, Authentication, and Freshness 19.6.4 Resilience to Capture References 20: Other Efforts to Secure Data in Computer Networks and Beyond 20.1 Introduction 20.2 Legislation 20.3 Regulation 20.4 Self-Regulation 20.4.1 Hardware-Based Self-Regulation 20.4.2 Software-Based Self-Regulation 20.5 Education 20.5.1 Focused Education 20.5.1.1 Formal Education 20.5.1.2 Occasional Education 20.5.2 Mass Education 20.6 Reporting Centers 20.7 Market Forces 20.8 Activism 20.8.1 Advocacy 20.8.2 Hotlines Reference Part IV: The Emergence of the Digital and Social Network Ecosystem The Elastic Extension of the Traditional Computer Network Through Virtualization, Cloud Computing and Mobile Technologies 21: Virtualization Technology and Security 21.1 Introduction 21.2 History of Virtualization 21.3 Virtualization Terminologies 21.3.1 Host CPU/Guest CPU 21.3.2 Host OS/Guest OS 21.3.3 Hypervisor 21.3.4 Emulation 21.4 Types of Computing System Virtualization 21.4.1 Platform Virtualization 21.4.1.1 Workstation Virtualization 21.4.1.2 Server Virtualization 21.4.2 Network Virtualization 21.4.3 Storage Virtualization 21.4.4 Application Virtualization 21.5 The Benefits of Virtualization 21.5.1 Reduction of Server Sprawl 21.5.2 Conservation of Energy 21.5.3 Reduced IT Management Costs 21.5.4 Better Disaster Recovery Management 21.5.5 Software Development Testing and Verification 21.5.6 Isolation of Legacy Applications 21.5.7 Cross-Platform Support 21.5.8 Minimizing Hardware Costs 21.5.9 Faster Server Provisioning 21.5.10 Better Load Balancing 21.5.11 Reduce the Data Center Footprint 21.5.12 Increase Uptime 21.5.13 Isolate Applications 21.5.14 Extend the Life of Older Applications 21.6 Virtualization Infrastructure Security 21.6.1 Hypervisor Security 21.6.2 Securing Communications Between Desktop and Virtual Infrastructure 21.6.3 Security of Communication Between Virtual Machines 21.6.4 Threats and Vulnerabilities Originating from a VM References 22: Cloud Computing Technology and Security 22.1 Introduction 22.2 Cloud Computing Infrastructure Characteristics 22.2.1 Ubiquitous Network Access 22.2.2 Measured Service 22.2.3 On-Demand Self-Service 22.2.4 Rapid Elasticity 22.2.5 Resource Pooling 22.2.6 Others 22.3 Cloud Computing Service Models 22.4 Cloud Computing Deployment Models 22.5 Virtualization and Cloud Computing 22.6 Benefits of Cloud Computing 22.6.1 Skills and Proficiency 22.7 Cloud Computing, Power Consumption, and Environmental Issues 22.8 Cloud Computing Security, Reliability, Availability, and Compliance Issues 22.8.1 Cloud Computing Actors, Their Roles, and Responsibilities 22.8.1.1 Amazon Web Services 22.8.1.2 Microsoft Windows Azure 22.8.1.3 Rackspace 22.8.2 Security of Data and Applications in the Cloud 22.8.2.1 Hypervisor Security 22.8.2.2 Host Security 22.8.2.3 Guest Machines 22.8.3 Security of Data in Transition: Cloud Security Best Practices 22.8.4 Service-Level Agreements (SLAs) 22.8.5 Data Encryption 22.8.6 Web Access Point Security 22.8.7 Compliance References 23: Mobile Systems and Corresponding Intractable Security Issues 23.1 Introduction 23.2 Current Major Mobile Operating Systems 23.3 Security in the Mobile Ecosystems 23.3.1 Application-Based Threats 23.3.2 Web-Based Threats 23.3.3 Network Threats 23.3.4 Physical Threats 23.3.5 Operating System-Based Threats 23.4 General Mobile Devices Attack Types 23.5 Mitigation of Mobile Devices Attacks 23.5.1 Mobile Device Encryption 23.5.2 Mobile Remote Wiping 23.5.3 Mobile Passcode Policy 23.6 Users Role in Securing Mobile Devices References 24: Internet of Things (IoT): Growth, Challenges, and Security 24.1 Introduction 24.2 Overview and Growth of the Internet of Things 24.3 Architecture and Networking of the IoT 24.3.1 Architecture and Protocol Stack of the IoT 24.3.2 Challenges of Using TCP/IP Architecture over the IoT 24.4 IoT Governance, Privacy, and Security Challenges 24.4.1 Governance and Privacy Concerns 24.4.2 Security Challenges 24.4.3 Autonomy 24.4.4 Computational Constraints 24.4.5 Discovery 24.4.6 Trust Relationships References 25: Blockchains, Cryptocurrency, and Smart Contracts Technology: Security Considerations 25.1 Introduction 25.2 Transactions 25.3 Blockchain 25.3.1 Working of Blockchain Technology 25.3.2 Building a Blockchain 25.3.2.1 Block Mining 25.3.2.2 Aggregating Transactions into Blocks Consensus and Consensus Algorithms 25.3.3 Proof-of-Work 25.3.3.1 Computing Power 25.3.3.2 Pooled Mining 25.3.4 Contracts 25.3.4.1 Smart Contracts 25.3.4.2 Creating a Smart Contract 25.3.5 Tokens 25.3.6 Wallets 25.4 Cryptocurrencies 25.4.1 Bitcoin 25.4.2 Ethereum 25.4.2.1 Ethereum Virtual Machine (EVM) 25.5 Security Issues 25.5.1 Black Markets 25.5.2 Money Laundering 25.5.3 Fraud 25.6 Applications 25.6.1 Fighting the Endemic Corruption 25.7 Managed Blockchains 25.7.1 BaaS Providers 25.7.2 Big BaaS Users 25.8 Future of Blockchain and Cryptocurrencies 25.8.1 International Trade 25.8.2 Smart Contracts 25.8.3 Identity Management 25.9 Online Resources and Students Hands-on Videos References Part V: Securing the Last Frontiers – The Home Front 26: Conquering the Last Frontier in the Digital Invasion: The Home Front 26.1 Introduction 26.2 The Changing Home Network and Hotspots 26.2.1 Cable LAN 26.2.2 Wireless Home Networks 26.2.2.1 Wireless Personal Area Network (WPANs) 26.2.2.2 Wireless Local Area Networks (WLAN (WI-FI)) 26.2.2.3 WiMax LAN 26.2.2.4 4G and LTE LAN 26.2.2.5 5G Wireless Technology 26.2.3 Types of Broadband Internet Connections 26.2.4 Smart Home Devices 26.3 Data and Activities in the Home LAN 26.3.1 Work Data 26.3.2 Social Media Data 26.3.3 Banking and Investment Data 26.3.4 Health Devices 26.3.5 Home Monitoring and Security Devices 26.4 Threats to the Home and Home LAN 26.4.1 Most Common Threats to Homes and Home LANs 26.4.2 Actions to Safeguard the Family LAN 26.4.3 Using Encryption to Protect the Family LAN 26.4.4 Protecting the Family LAN with Known Protocols References Part VI: Hands-On Projects 27: Projects 27.1 Introduction 27.2 Part 1: Case Studies 27.3 Part 2: Weekly/Biweekly Laboratory Assignments 27.4 Part 3: Semester Projects 27.4.1 Intrusion Detection Systems 27.4.1.1 Installing Snort (www.snort.org) 27.4.1.2 Installation of TCPdump (http://www.tcpdump.org/) 27.4.1.3 Nping (http://nmap.org/nping/) 27.5 Scanning Tools for System Vulnerabilities 27.5.1 Scans with Nmap (www.insecure.org) 27.6 The Following Tools Are Used to Enhance Security in Web Applications 27.6.1 Public Key Infrastructure 27.6.1.1 Configuring E-Mail Security 27.7 Part 4: Research Projects 27.7.1 Consensus Defense 27.7.2 Specialized Security 27.7.3 Protecting an Extended Network 27.7.4 Automated Vulnerability Reporting 27.7.5 Turn-Key Product for Network Security Testing 27.7.6 The Role of Local Networks in the Defense of the National Critical Infrastructure 27.7.7 Enterprise VPN Security 27.7.8 Perimeter Security 27.7.9 Enterprise Security 27.7.10 Password Security: Investigating the Weaknesses Index This important text/reference presents a comprehensive guide to the field of computing and information security and assurance. The book takes a broad view of computer network security, encompassing online social networks, and wireless and mobile systems. This fully updated new edition explores the security issues, vulnerabilities and dangers encountered by the users of modern computing and communication devices, highlighting the need to develop improved algorithms, protocols, and best practices to enhance the security of public, private and enterprise systems alike. Topics and features: introduces the fundamentals of traditional computer networks, the security threats they face, and the best practices currently in use; discusses the security challenges introduced by virtualization software, cloud computing and mobile systems; examines the security quagmire presented by the home computing environment and the growing number of home hotspots (NEW); raises important legislative, legal, social, technical and ethical security issues, including the tension between the needs of individual privacy and collective security; provides both quickly workable and more thought-provoking exercises at the end of each chapter, with one chapter devoted entirely to lab exercises; supplies additional support material for instructors at an associated website, including laboratory exercises and projects, answers to selected exercises, and course slides. This unique work is suitable as both a teaching and a reference tool for all those interested in learning about security in the evolving computing ecosystem. Computer network and data security personnel and policy makers will also find the guide to be a useful and unique source of ideas.