Advances in Information Security

Information Hiding: Steganography and Watermarking - Attacks and Countermeasures deals with information hiding. With the proliferation of multimedia on the Internet, information hiding addresses two areas of concern: privacy of information from surveillance (steganography) and protection of intellectual property (digital watermarking).
Steganography (literally, covered writing) explores methods to hide the existence of hidden messages. These methods include invisible ink, microdot, digital signature, covert channel, and spread spectrum communication. Digital watermarks represent a commercial application of steganography. Watermarks can be used to track the copyright and ownership of electronic media.
In this volume, the authors focus on techniques for hiding information in digital media. They analyze the hiding techniques to uncover their limitations. These limitations are employed to devise attacks against hidden information. The goal of these attacks is to expose the existence of a secret message or render a digital watermark unusable. In assessing these attacks, countermeasures are developed to assist in protecting digital watermarking systems. Understanding the limitations of the current methods will lead us to build more robust methods that can survive various manipulation and attacks.
The more information that is placed in the public's reach on the Internet, the more owners of such information need to protect themselves from theft and false representation. Systems to analyze techniques for uncovering hidden information and recover seemingly destroyed information will be useful to law enforcement authorities in computer forensics and digital traffic analysis.
Information Hiding: Steganography and Watermarking - Attacks and Countermeasures presents the authors' research contributions in three fundamental areas with respect to image-based steganography and watermarking: analysis of data hiding techniques, attacks against hidden information, and countermeasures to attacks against digital watermarks.
Information Hiding: Steganography and Watermarking &endash; Attacks and Countermeasures is suitable for a secondary text in a graduate level course, and as a reference for researchers and practitioners in industry.

Information security concerns the confidentiality, integrity, and availability of information processed by a computer system. With an emphasis on prevention, traditional information security research has focused little on the ability to survive successful attacks, which can seriously impair the integrity and availability of a system.
Trusted Recovery And Defensive Information Warfare uses database trusted recovery, as an example, to illustrate the principles of trusted recovery in defensive information warfare. Traditional database recovery mechanisms do not address trusted recovery, except for complete rollbacks, which undo the work of benign transactions as well as malicious ones, and compensating transactions, whose utility depends on application semantics. Database trusted recovery faces a set of unique challenges. In particular, trusted database recovery is complicated mainly by (a) the presence of benign transactions that depend, directly or indirectly on malicious transactions; and (b) the requirement by many mission-critical database applications that trusted recovery should be done on-the-fly without blocking the execution of new user transactions.
Trusted Recovery And Defensive Information Warfare proposes a new model and a set of innovative algorithms for database trusted recovery. Both read-write dependency based and semantics based trusted recovery algorithms are proposed. Both static and dynamic database trusted recovery algorithms are proposed. These algorithms can typically save a lot of work by innocent users and can satisfy a variety of attack recovery requirements of real world database applications.
Trusted Recovery And Defensive Information Warfare is suitable as a secondary text for a graduate level course in computer science, and as a reference for researchers and practitioners in information security.

Intrusion Detection In Distributed Systems: An Abstraction-Based Approach presents research contributions in three areas with respect to intrusion detection in distributed systems. The first contribution is an abstraction-based approach to addressing heterogeneity and autonomy of distributed environments. The second contribution is a formal framework for modeling requests among cooperative IDSs and its application to Common Intrusion Detection Framework (CIDF). The third contribution is a novel approach to coordinating different IDSs for distributed event correlation.

Image and Video Encryption provides a unified overview of techniques for encryption of images and video data. This ranges from commercial applications like DVD or DVB to more research oriented topics and recently published material. This volume introduces different techniques from unified viewpoint, then evaluates these techniques with respect to their respective properties (e.g., security, speed.....).

The authors experimentally compare different approaches proposed in the literature and include an extensive bibliography of corresponding published material.

This book discusses fundamental security issues in wireless sensor networks, techniques for the protection of such networks, as well as results from recent studies in wireless sensor network security. It contains example applications for target tracking, scientific exploration and data acquisition in hazardous environments, and includes a fairly new study on capabilities of mu-TESLA, a broadcast authentication technique for wireless sensor networks. The book assists both professionals and students to understand background knowledge in wireless sensor network security and prepare them for producing research in this domain.

Preserving Privacy for On-Line Analytical Processing addresses the privacy issue of On-Line Analytic Processing (OLAP) systems. OLAP systems usually need to meet two conflicting goals. First, the sensitive data stored in underlying data warehouses must be kept secret. Second, analytical queries about the data must be allowed for decision support purposes. The main challenge is that sensitive data can be inferred from answers to seemingly innocent aggregations of the data. This volume reviews a series of methods that can precisely answer data cube-style OLAP, regarding sensitive data while provably preventing adversaries from inferring data.

Preserving Privacy for On-Line Analytical Processing is appropriate for practitioners in industry as well as graduate-level students in computer science and engineering.

 

New data services are emerging everyday, which also brings new challenges to protect data security. The internet and the web offer means to collecting and sharing data with unprecedented flexibility and convenience. This book identifies and addresses these new challenges.

This book provides a comprehensive review of the most up to date research related to cloud security auditing and discusses auditing the cloud infrastructure from the structural point of view, while focusing on virtualization-related security properties and consistency between multiple control layers. It presents an off-line automated framework for auditing consistent isolation between virtual networks in OpenStack-managed cloud spanning over overlay and layer 2 by considering both cloud layers' views. A runtime security auditing framework for the cloud with special focus on the user-level including common access control and authentication mechanisms e.g., RBAC, ABAC and SSO is covered as well.
This book also discusses a learning-based proactive security auditing system, which extracts probabilistic dependencies between runtime events and applies such dependencies to proactively audit and prevent security violations resulting from critical events. Finally, this book elaborates the design and implementation of a middleware as a pluggable interface to OpenStack for intercepting and verifying the legitimacy of user requests at runtime.
Many companies nowadays leverage cloud services for conducting major business operations (e.g., Web service, inventory management, customer service, etc.). However, the fear of losing control and governance still persists due to the inherent lack of transparency and trust in clouds. The complex design and implementation of cloud infrastructures may cause numerous vulnerabilities and misconfigurations, while the unique properties of clouds (elastic, self-service, multi-tenancy) can bring novel security challenges. In this book, the authors discuss how state-of-the-art security auditing solutions may help increase cloud tenants' trust in the service providers by providing assurance on the compliance with the applicable laws, regulations, policies, and standards. This book introduces the latest research results on both traditional retroactive auditing and novel (runtime and proactive) auditing techniques to serve different stakeholders in the cloud. This book covers security threats from different cloud abstraction levels and discusses a wide-range of security properties related to cloud-specific standards (e.g., Cloud Control Matrix (CCM) and ISO 27017). It also elaborates on the integration of security auditing solutions into real world cloud management platforms (e.g., OpenStack, Amazon AWS and Google GCP).
This book targets industrial scientists, who are working on cloud or security-related topics, as well as security practitioners, administrators, cloud providers and operators.Researchers and advanced-level students studying and working in computer science, practically in cloud security will also be interested in this book.

This book addresses automated software fingerprinting in binary code, especially for cybersecurity applications. The reader will gain a thorough understanding of binary code analysis and several software fingerprinting techniques for cybersecurity applications, such as malware detection, vulnerability analysis, and digital forensics. More specifically, it starts with an overview of binary code analysis and its challenges, and then discusses the existing state-of-the-art approaches and their cybersecurity applications. Furthermore, it discusses and details a set of practical techniques for compiler provenance extraction, library function identification, function fingerprinting, code reuse detection, free open-source software identification, vulnerability search, and authorship attribution. It also illustrates several case studies to demonstrate the efficiency, scalability and accuracy of the above-mentioned proposed techniques and tools. 
This book also introduces several innovative quantitative and qualitative techniques that synergistically leverage machine learning, program analysis, and software engineering methods to solve binary code fingerprinting problems, which are highly relevant to cybersecurity and digital forensics applications. The above-mentioned techniques are cautiously designed to gain satisfactory levels of efficiency and accuracy. 
Researchers working in academia, industry and governmental agencies focusing on Cybersecurity will want to purchase this book. Software engineers and advanced-level students studying computer science, computer engineering and software engineering will also want to purchase this book.

The authors develop a malware fingerprinting framework to cover accurate android malware detection and family attribution in this book. The authors emphasize the following: (1) the scalability over a large malware corpus; (2) the resiliency to common obfuscation techniques; (3) the portability over different platforms and architectures.
First, the authors propose an approximate fingerprinting technique for android packaging that captures the underlying static structure of the android applications in the context of bulk and offline detection at the app-market level. This book proposes a malware clustering framework to perform malware clustering by building and partitioning the similarity network of malicious applications on top of this fingerprinting technique. Second, the authors propose an approximate fingerprinting technique that leverages dynamic analysis and natural language processing techniques to generate Android malware behavior reports. Based on this fingerprinting technique, the authors propose a portable malware detection framework employing machine learning classification. Third, the authors design an automatic framework to produce intelligence about the underlying malicious cyber-infrastructures of Android malware. The authors then leverage graph analysis techniques to generate relevant intelligence to identify the threat effects of malicious Internet activity associated with android malware.
The authors elaborate on an effective android malware detection system, in the online detection context at the mobile device level.  It is suitable for deployment on mobile devices, using machine learning classification on method call sequences. Also, it is resilient to common code obfuscation techniques and adaptive to operating systems and malware change overtime, using natural language processing and deep learning techniques.
Researchers working in mobile and network security, machine learning and pattern recognition will find this book useful as a reference. Advanced-level students studying computer science within these topic areas will purchase this book as well.