Handbook on Securing Cyber-Physical Critical Infrastructure

The worldwide reach of the Internet allows malicious cyber criminals to coordinate and launch attacks on both cyber and cyber-physical infrastructure from anywhere in the world. This purpose of this handbook is to introduce the theoretical foundations and practical solution techniques for securing c...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Das, Sajal K, Kant, Krishna, Zhang, Nan
Format: E-Book
Sprache:Englisch
Veröffentlicht: Chantilly Elsevier Science & Technology 2012
Morgan Kaufmann
Ausgabe:1
Schlagworte:
Computer networks
Computer security
Handbooks, manuals, etc
Security measures
ISBN:0124158153, 9780124158153
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Inhaltsangabe:
  • Front Cover -- Handbook on Securing Cyber-Physical Critical Infrastructure: Foundations and Challenges -- Copyright -- Dedication -- About the Authors -- Table of Contents -- Contributors -- Foreword -- Securing Cyber-Physical Infrastructure: Perspectives and Overview of the Handbook -- I-1 Introduction -- I-2 Scope of the Handbook -- I-3 Overview of the Handbook -- I-3.1 Part I: Theoretical Foundations -- I-3.2 Part II: Security for Wireless Mobile Networks -- I-3.3 Part III: Security for Sensor Networks -- I-3.4 Part IV: Platform Security -- I-3.5 Part V: Cloud Computing and Data Security -- I-3.6 Part VI: Event Monitoring and Situation Awareness -- I-3.7 Part VII: Policy Issues in Security Management -- I-3.8 Part VIII: Security Issues in Real-World Systems -- I-4 How to Use The Handbook -- I-4.1 Advanced Undergraduate or Graduate Course -- I-4.2 A Training Course -- Acknowledgements -- I Theoretical Foundations -- References -- 1 Security and Vulnerability of Cyber-Physical Infrastructure Networks: A Control-Theoretic Approach -- 1.1 Introduction -- 1.2 Definitions for Security and Vulnerability of Network Dynamics -- 1.2.1 Review: Differential Equation Models for Infrastructure Networks -- 1.2.2 Defining Security Measures for the Dynamical Network Example -- 1.2.3 Definitions of Vulnerability for Infrastructure Network Dynamics -- A Model for Attacks -- Measuring the Impact of Attacks -- Defining Vulnerability -- 1.2.4 Integrated Analysis: Prevention, Attack, and Mitigation Together -- Scenario 1: Attack Design by Adversaries -- Scenario 2: Prevention of Large-Impact Attacks -- Scenario 3: Attack Detection/Mitigation and Stealth -- 1.2.5 An Illustrative Example -- 1.3 Network Control Tools for Characterizing and Designing Security and Vulnerability -- 1.3.1 Tools for Network Inference
  • 6.2.3 Attack Models -- 6.2.4 Case Studies -- Cellular Networks -- Wireless Local Area Networks -- 6.3 Resiliency to Outsider Cross-Layer Attacks -- 6.3.1 Physical Layer Resiliency -- Spread Spectrum -- Smart Antennas -- Mobility-Based Resiliency -- 6.3.2 Link Layer Resiliency -- Cryptographic Interleavers and Coding -- Rate Adaptation -- 6.4 Resiliency to Insider Cross-Layer Attacks -- 6.4.1 Polynomial Key Assignment for Robust Broadcast and Insider Attackers Identification -- Polynomial-Based Key Assignment Against T Traitors (PBK-T) -- Performance Analysis -- An Example -- Traitors Identification -- Random Key Assignment -- 6.4.2 Zero Pre-Shared Secrets Spread Spectrum Communications -- Zero Pre-Shared Key DSSS -- Key Scheduled Reverse-Time Decoding -- 6.5 Game-Theoretic Models and Mechanisms -- 6.5.1 Game Formulations -- 6.5.2 Best Response Optimization -- 6.5.3 Equilibria Characterization -- 6.5.4 Basic Game -- 6.5.5 Optimization Problems -- 6.5.6 Nash Equilibria -- 6.5.7 Generalizations -- 6.6 Conclusions -- Exercises -- References -- 7 Security for Mobile Ad Hoc Networks -- 7.1 Introduction -- 7.2 Basic Features of Manet -- 7.3 Security Challenges -- 7.4 Security Attacks -- 7.4.1 Passive Attacks -- 7.4.2 Active Attacks -- Attacks by dropping packets -- Attacks using modification of protocol messages -- Attacks using impersonation -- Attacks using fabrication -- Wormhole attacks -- 7.5 Providing Basic Security Infrastructure -- 7.5.1 Centralized CA -- 7.5.2 Partially Distributed Threshold CA -- 7.5.3 Fully Distributed Threshold CA -- 7.5.4 Hierarchical CA -- 7.5.5 Self-Organized Key Management -- 7.5.6 Composite Key Management -- 7.5.7 Autonomous Key Management -- 7.5.8 Certificateless Public-Key Management -- 7.5.9 Symmetric-Key Distribution -- 7.5.10 Symmetric Group Key Distribution -- 7.5.11 Logical Key Hierarchy (LKH)
  • Traffic Payload Signature-Based Strategy -- Target IP Address Occupancy-Based Strategy -- Traffic Pattern-Based Strategy -- 4.4.2 Reaction Strategy -- 4.5 Worm Evolution -- 4.5.1 Payload Signature Reattack -- 4.5.2 IP-Occupancy Reattack -- 4.5.3 Traffic Pattern Reattack -- Basic Ideas -- Epidemic Modeling and Analysis -- 4.6 Defense Evolution versus Worm Evolution -- 4.6.1 Methodology -- 4.6.2 Payload Signature-Based Detection: Reload -- 4.6.3 IP Address Occupancy-Based Detection: Reload -- 4.6.4 Traffic Pattern-Based Detection: Reload -- 4.7 Final Remarks -- Questions -- References -- II Security for Wireless Mobile Networks -- References -- 5 Mobile Wireless Network Security -- 5.1 Introduction -- 5.2 Wireless Communications Security -- 5.2.1 Wireless Communications Specific Threats -- 5.2.2 Security in Wireless Communications -- 5.2.3 Stream Cipher -- 5.2.4 Block Cipher -- 5.2.5 Authentication -- 5.3 Mobility Support Security -- 5.3.1 Mobility Support in IPV4 and IPv6 -- 5.3.2 Mobile Communications Specific Threats -- 5.3.3 Basic Security in Mobility Support in IPv4 and IPv6 -- Basic Security in Mobility Support for IPv4 -- Message Origin Authentication -- Message Replay Protection -- Basic Security in Mobility Support for IPv6 -- Return Routability Procedure -- 5.3.4 Extension to Basic Security -- Mutual Authentication Using Public Key Infrastructure -- Secure Smooth Handoff -- Cryptographically Generated Addresses -- Denial of Service Attack Mitigation -- Firewall Traversal -- 5.4 Conclusion and Future Research -- Exercises -- References -- 6 Robust Wireless Infrastructure against Jamming Attacks -- 6.1 Introduction -- 6.2 Design Vulnerabilities of Wireless Infrastructure -- 6.2.1 Design Principles of Wireless Infrastructure -- Radio Resources Efficiency -- Energy Conservation -- Control Mechanisms -- 6.2.2 Vulnerability to Cross-Layer Attacks
  • 7.6 Security Solutions
  • Initial-Condition Estimation on a Laplacian Network System -- Steady-State Probability Estimation for an Ergodic Markov Chain -- Spectrum Estimation in a Laplacian Network -- 1.3.2 Tools for Modeling Environmental Uncertainties -- 1.3.3 Graph-Theoretic Tools for Network Control and Design -- 1.3.4 Tools for Control-Theoretic Feature-Based Partitioning -- 1.4 Conclusions and Future Work -- Exercises -- References -- 2 Game Theory for Infrastructure Security: The Power of Intent-Based Adversary Models -- 2.1 Introduction -- 2.1.1 Motivation in Anomaly Detection -- 2.1.2 Motivation in Anonymous Communication Systems -- 2.1.3 Technical Results -- Anomaly Detection -- Anonymous Communication Systems -- 2.2 Preliminaries -- 2.2.1 Game Theory Basics -- Overview -- Model of Intent: Utility Function (Payoff) -- Nash Equilibrium -- Taxonomy of Games -- Strategic Game -- Extensive Game -- 2.2.2 Anomaly Detection Basics -- 2.2.3 Anonymous Communication Basics -- 2.3 Intent-based Adversary Model for Anomaly Detection -- 2.3.1 An Intent-Based View of Participating Parties: Smart Insiders, Naïve Attackers, and the Defender -- Smart Insiders -- Naïve Attackers -- Defender -- 2.3.2 Formal Game-Theoretic Formulation -- Defender's Reputation -- 2.3.3 Power of Intent-Based Adversary Model: Maintaining Defender's Reputation in Anomaly Detection -- Systems with only Smart Insiders -- Basic Idea -- Reputation-Establishment Algorithm -- Theoretical Analysis -- Systems with Smart Insiders and Naïve Attackers -- Basic Idea -- Reputation-Establishment Algorithm -- 2.4 Intent-based Adversary Model for Anonymous Communication Systems -- 2.4.1 An Intent-Based View of Participating Parties: Tor and Entry-exit Linking Attackers -- Model of Tor -- Model of Entry-Exit Linking Attackers -- 2.4.2 Performance of Path Selection -- 2.4.3 Formal Game-Theoretic Formulation
  • Adversary and Defender's Strategies -- Adversary's Strategy -- Defender's Strategy -- Adversary and Defender's Utility Functions -- Adversary's Objective -- Defender's Objective -- Objective of Game-Theoretic Analysis -- 2.4.4 Power of Intent-Based Model: Analysis of Starting Round of Interactions -- Round 1: Basic Design -- Defender (Tor)'s Current Strategy -- Adversary's Strategy -- Round 2: Stratified Path Selection -- Defender's Strategy -- Adversary's Strategy -- Observation from Round 2 -- Round 3: Bandwidth Order Selection -- Defender's Strategy. -- Adversary's Strategy -- Observation from Round 3 -- Round 4: Adaptive Exit Selection -- Defender's Strategy -- Adversary's Strategy -- Observation from Round 4 -- 2.5 Conclusion -- Exercises -- References -- 3 An Analytical Framework for Cyber-Physical Networks -- 3.1 Introduction -- 3.2 Spatial Dispersion Models -- 3.2.1 A Brief Review -- 3.2.2 A Hierarchy of Dispersion Models -- 3.3 CPN Design and Analysis -- 3.3.1 An Analytical CPN Model -- Sensor Nodes -- Computation Nodes -- Node Placement and Coverage -- 3.3.2 Placement and Coverage Problems -- 3.3.3 Projective Space and Fusers -- 3.3.4 Bayesian and Empirical Estimation Methods -- 3.4 CPN Infrastructure Robustness -- 3.4.1 Robustness Based on Expectations -- 3.4.2 Intentional Compromises -- 3.5 Conclusions -- Exercises -- Acknowledgments -- References -- 4 Evolution of Widely Spreading Worms and Countermeasures: Epidemic Theory and Application -- 4.1 Introduction -- 4.2 Objectives and strategies of Worm propagator and defender -- 4.2.1 Worm Propagator -- 4.2.2 Defender -- 4.3 Worm Initial Attacks -- 4.3.1 Identification Strategies -- Pure Random Scan Strategy -- Hit List Scan Strategy -- Social Network Scan Strategy -- 4.3.2 Epidemic Modeling and Analysis -- 4.4 Defense Against Initial Attacks -- 4.4.1 Detection Strategy