Catalogue Search | MBRL
Are you sure you want to remove the book from the shelf?
{{itemTitle}}
571,507
result(s) for
"Data security"
Sort by:
Facing cyber threats head on : protecting yourself and your business
\"Facing Cyber Threats Head On explains battle against hackers as a fight between people, not technologies. Brian Minick offers a new approach to defending against cyber attacks, one that balances business risk with the cost of creating defenses that can change as quickly and often as attackers can.\"-- Provided by publisher.
Book
Correction: Cryptanalysis and improvement of an elliptic curve based signcryption scheme for firewalls
[This corrects the article DOI: 10.1371/journal.pone.0208857.].[This corrects the article DOI: 10.1371/journal.pone.0208857.].
Journal Article
Introduction to computer and network security : navigating shades of gray
\"This text provides a classroom-tested, practical introduction to software design and implementation, cryptographic tools, and networking issues while addressing social, economic, and political implications. It covers cutting-edge topics, such as wireless security and attacks on websites, privacy and digital rights management, and recent work on security and economics. The text includes hands-on projects to help students better understand how computers and networks function. It also contains a number of case studies and discussion points\"-- Provided by publisher.
Book
An efficient blockchain-based authentication scheme with transferability
In the development of web applications, the rapid advancement of Internet technologies has brought unprecedented opportunities and increased the demand for user authentication schemes. Before the emergence of blockchain technology, establishing trust between two unfamiliar entities relied on a trusted third party for identity verification. However, the failure or malicious behavior of such a trusted third party could undermine such authentication schemes (e.g., single points of failure, credential leaks). A secure authorization system is another requirement of user authentication schemes, as users must authorize other entities to act on their behalf in some situations. If the transfer of authentication permissions is not adequately restricted, security risks such as unauthorized transfer of permissions to entities may occur. Some research has proposed blockchain-based decentralized user authentication solutions to address these risks and enhance availability and auditability. However, as we know, most proposed schemes that allow users to transfer authentication permissions to other entities require significant gas consumption when deployed and triggered in smart contracts. To address this issue, we proposed an authentication scheme with transferability solely based on hash functions. By combining one-time passwords with Hashcash, the scheme can limit the number of times permissions can be transferred while ensuring security. Furthermore, due to its reliance solely on hash functions, our proposed authentication scheme has an absolute advantage regarding computational complexity and gas consumption in smart contracts. Additionally, we have deployed smart contracts on the Goerli test network and demonstrated the practicality and efficiency of this authentication scheme.
Journal Article
Cybersecurity Blue Team toolkit
A practical handbook to cybersecurity for both tech and non-tech professionals. As reports of major data breaches fill the headlines, it has become impossible for any business, large or small, to ignore the importance of cybersecurity. Most books on the subject, however, are either too specialized for the non-technical professional or too general for positions in the IT trenches. Thanks to author Nadean Tanner's wide array of experience from teaching at a University to working for the Department of Defense, the Cybersecurity Blue Team Toolkit strikes the perfect balance of substantive and accessible, making it equally useful to those in IT or management positions across a variety of industries. This handy guide takes a simple and strategic look at best practices and tools available to both cybersecurity management and hands-on professionals, whether they be new to the field or looking to expand their expertise. Tanner gives comprehensive coverage to such crucial topics as security assessment and configuration, strategies for protection and defense, offensive measures, and remediation while aligning the concept with the right tool using the CIS Controls version 7 as a guide. Readers will learn why and how to use fundamental open source and free tools such as Ping, Tracert, PuTTY, PathPing, Sysinternals, NMAP, OpenVAS, Nexpose Community, OSSEC, Hamachi, InSSIDer, Wireshark, Solarwinds Kiwi, Syslog Server, Metasploit, Burp, Clonezilla and many more. Up-to-date and practical cybersecurity instruction, applicable to both management and technical positions - Straightforward explanations of the theory behind cybersecurity best practices - Designed to be an easily navigated tool for daily use - Includes training appendix on Linux, how to build a virtual lab and glossary of key terms. The Cybersecurity Blue Team Toolkit is an excellent resource for anyone working in digital policy as well as IT security professionals, technical analysts, program managers, and Chief Information and Technology Officers. This is one handbook that won't gather dust on the shelf, but remain a valuable reference at any career level, from student to executive.
Book
Predicting Attack Pattern via Machine Learning by Exploiting Stateful Firewall as Virtual Network Function in an SDN Network
Decoupled data and control planes in Software Defined Networks (SDN) allow them to handle an increasing number of threats by limiting harmful network links at the switching stage. As storage, high-end servers, and network devices, Network Function Virtualization (NFV) is designed to replace purpose-built network elements with VNFs (Virtualized Network Functions). A Software Defined Network Function Virtualization (SDNFV) network is designed in this paper to boost network performance. Stateful firewall services are deployed as VNFs in the SDN network in this article to offer security and boost network scalability. The SDN controller’s role is to develop a set of guidelines and rules to avoid hazardous network connectivity. Intruder assaults that employ numerous socket addresses cannot be adequately protected by these strategies. Machine learning algorithms are trained using traditional network threat intelligence data to identify potentially malicious linkages and probable attack targets. Based on conventional network data (DT), Bayesian Network (BayesNet), Naive-Bayes, C4.5, and Decision Table (DT) algorithms are used to predict the target host that will be attacked. The experimental results shows that the Bayesian Network algorithm achieved an average prediction accuracy of 92.87%, Native–Bayes Algorithm achieved an average prediction accuracy of 87.81%, C4.5 Algorithm achieved an average prediction accuracy of 84.92%, and the Decision Tree algorithm achieved an average prediction accuracy of 83.18%. There were 451 k login attempts from 178 different countries, with over 70 k source IP addresses and 40 k source port addresses recorded in a large dataset from nine honeypot servers.
Journal Article
A Secure Medical Data Framework Integrating Blockchain and Edge Computing: An Attribute-Based Signcryption Approach
With the rapid digitization of healthcare information, ensuring the security and privacy of patient data has become a critical research focus. This study introduces a novel Attribute-Based Signcryption (ABSC) framework combining blockchain and edge computing technologies to efficiently and securely manage medical data. The framework collects data via smart devices, which is then processed and encrypted at edge nodes and stored securely on the blockchain. Access to sensitive information is controlled with precision by predefined attribute sets, ensuring that only authorized users can retrieve the data. The experimental results demonstrate the significant advantages of this framework in improving data security, reducing computational overhead, and enhancing access efficiency.
Journal Article
Security analytics : a data centric approach to information security
\"The book gives useful insight on various machine learning techniques for cyber security analytics. Nowadays around 98% objects and devices are connected with the outside world through sensors and actuators. They are increasingly networked with one another and on the internet.This book gives a comprehensive overview of security issues in cyber physical systems by examining and analyzing the vulnerabilities. It also brings current understanding of common web vulnerabilities and its analysis while maintaining awareness and knowledge of contemporary standards, practices, procedures and methods of Open Web Application Security Project. This book is a medium to funnel creative energy and develop new skills of hacking and analysis of security. It also aids to plunge into a career in cybersecurity to even the unlearned. This book also expedites the learning of the basics of investigating crimes, including intrusion from the outside and damaging practices from the inside, how criminals apply across devices, networks, and the internet at large and analysis of security data. It also expounds on how to analyse in order to recover information after a cybercrime\"-- Provided by publisher.
Book
Enhancing Industrial IoT Network Security through Blockchain Integration
In the rapidly evolving landscape of industrial ecosystems, Industrial IoT networks face increasing security challenges. Traditional security methods often struggle to protect these networks adequately, posing risks to data integrity, confidentiality, and access control. Our research introduces a methodology that leverages blockchain technology to enhance the security and trustworthiness of IoT networks. This approach starts with sensor nodes collecting and compressing data, followed by encryption using the ChaCha20-Poly1305 algorithm and transmission to local aggregators. A crucial element of our system is the private blockchain gateway, which processes and classifies data based on confidentiality levels, determining their storage in cloud servers or the Interplanetary File System for enhanced security. The system’s integrity and authenticity are further reinforced through the proof of authority consensus mechanism. This system employs Zero Knowledge Proof challenges for device authorization, optimizing data retrieval while maintaining a delicate balance between security and accessibility. Our methodology contributes to mitigating vulnerabilities in Industrial IoT networks and is part of a broader effort to advance the security and operational efficiency of these systems. It reflects an understanding of the diverse and evolving challenges in IoT security, emphasizing the need for continuous innovation and adaptation in this dynamic field.
Journal Article