Cybersecurity Issues in Emerging Technologies

Cover
Half Title
Title Page
Copyright Page
Table of Contents
Foreword
Preface
Editors
Contributors
Chapter 1 The Evolution of Hardware-Assisted Security
1.1 Introduction
1.2 Threat Landscape
1.2.1 Common Software Vulnerabilities
1.2.2 Software Exploitation
1.3 Security Mechanisms in Hardware
1.3.1 Protection Rings
1.3.2 Supervisor Mode Execute/Access Prevention
1.3.3 Data Execution Prevention
1.3.4 Intel Memory Protection Extensions
1.3.5 Intel Memory Protection Keys
1.3.6 ARM Memory Tagging
1.3.7 Instruction Set Randomization
1.3.8 Control-Flow Integrity
1.3.8.1 Intel Control-flow Enforcement Technology
1.3.8.2 ARM Pointer Integrity
1.4 Trusted Execution Environments
1.4.1 Execute Only Memory
1.4.2 Aegis
1.4.3 ARM TrustZone
1.4.4 Intel Software Guard Extensions
1.5 Hardware Vulnerabilities
1.5.1 Transient Instruction Execution
1.5.2 Cache as a Side-Channel
1.5.3 Proposed Defenses
1.6 Conclusion
References
Chapter 2 Cybersecurity of the Unmanned Ship
2.1 Introduction
2.2 Architectural Views
2.2.1 TheExtended Maritime Architecture Framework
2.2.2 The CPSs of the Unmanned Ship
2.3 Cyber Risks of the Unmanned Ship
2.4 Cybersecurity Requirements for the Unmanned Ship
2.5 Treating the Cyber Risk of the Unmanned Ship
2.6 Conclusions
References
Chapter 3 Agile Incident Response in Industrial Control Environments
3.1 Introduction
3.2 Complying with Legal Requirements and Guidance for Operators
3.3 Current Issues in Managing Incidents in Industrial Control Environments
3.4 Agile Approach to Incident Management
3.5 Assessment Event
3.5.1 The Scenario
3.5.2 Blue Team Composition
3.5.3 Agile Methodologies
3.5.3.1 Sprints
3.5.3.2 Sprint Planning
3.5.3.3 Sprint Retrospectives
3.5.3.4 Scrum Meetings
3.5.4 Task Allocation
3.5.4.1 Self-Selection of Tasks
3.5.4.2 T-Shaped Team
3.5.5 Agile Tools
3.5.5.1 Incident Backlog
3.5.5.2 Scrum Board
3.5.5.3 Learning Matrix
3.5.6 Event Questionnaires
3.6 Discussion and Conclusions
3.7 Glossary
References
Chapter 4 Multi-Stage Threat Modeling and Security Monitoring in 5GCN
4.1 Introduction
4.2 Related Work
4.2.1 5GCN Threats
4.2.2 Multi-Stage Attack Modeling
4.3 Threat Modeling of the 5GCN
4.3.1 Identification
4.3.2 Threat Decomposition
4.3.3 Modeling 5GCN Threats as Graphs
4.3.4 A 5GCN Threat Graph Example
4.4 Graph-Based Security Monitoring for the 5GCN Infrastructure
4.5 Open Research Challenges and Future Work
4.5.1 Detection of Multi-Stage Attack Scenarios
4.5.2 A Centralized Threat Detection Engine
4.5.3 A 5G Network TTP Matrix
Note
References
Chapter 5 Blockchain Technology for 6G Communication Networks: A Vision for the Future
5.1 Introduction
5.1.1 Blockchain Overview
5.1.1.1 Blockchain Technology Architecture
5.2 Blockchain and Cryptography
5.2.1 Confidentiality
5.2.2 Integrity
5.2.3 Availability
5.2.4 Privacy
5.3 Consensus Mechanism
5.3.1 The Consensus Problem
5.3.1.1 Ledger Consensus
5.3.2 Blockchain Consensus Algorithms
5.3.2.1 Proof-Based Algorithms
5.3.2.2 Voting-based Algorithms
5.4 Blockchain for 6G Networks
5.4.1 Challenges in 6G
5.4.2 Blockchain-Based Solutions
5.4.2.1 Infrastructure Solutions
5.4.2.2 Emerging Applications
5.5 Discussion
5.5.1 Open Research Issues
5.6 Conclusion
References
Chapter 6 Securing Components on a 5G Core
6.1 Introduction
6.1.1 Security across Previous Generations
6.1.2 Structure of the M5G Project
6.1.3 The Need to Secure the 5G Core
6.1.4 Proposal
6.1.5 Chapter Structure
6.2 Security in 5G
6.2.1 Security Architecture of 5G Networks
6.2.2 Current Research
6.3 Related Work
6.4 Architecture and Components
6.4.1 Event Processing and Visualization Platform
6.4.2 AppIDPS
6.4.2.1 Internal View
6.4.2.2 Metrics and Policy Messages
6.4.3 NEF
6.5 First Results
6.5.1 Event Processing and Visualization Platform Tests
6.5.2 Network Exposure Function Tests
6.5.3 Integration Scenario
6.5.3.1 Testbed Description
6.5.3.2 Dashboard
6.6 Conclusion
Acknowledgments
Notes
References
Chapter 7 RF Jamming Attacks and Countermeasures in Wireless Vehicular Networks
7.1 Introduction
7.1.1 Motivation
7.2 RF Jamming Attacks in Vehicular Networks
7.3 RF Jamming Classification Using Relative Speed Estimation
7.3.1 System Model
7.3.2 Jamming Attack Scenarios
7.3.3 Estimation of Relative Speed Metric
7.3.4 The variations of relative speed (V RS) Algorithm
7.3.5 Proposed IDS Based on Supervised Learning
7.4 Enhancing the Proposed IDS with Data Fusion Techniques
7.5 Simulation and Performance Evaluation
7.5.1 Detection Performance under Different ∆u Values
7.5.2 Evaluation under Different Interference Levels
7.5.3 Data Fusion Results
7.6 Discussion and Conclusions
7.7 Glossary
References
Chapter 8 Smart Cars and Over-the-Air Updates
8.1 Introduction
8.2 Benefits
8.3 Threats and Vulnerabilities
8.3.1 Smart Car Components
8.3.2 The Attacker’s Targets
8.3.3 Over-the-Air Updates and Security Issues
8.3.3.1 Classification of OTA Update Attacks
8.3.3.2 Attacks on OTA Updates
8.4 Existing Solutions
8.4.1 Considerations
8.4.2 External Protection
8.4.3 Internal Protection
8.4.4 Update-Specific Protection
8.5 Discussion
8.6 Conclusions
8.7 Glossary
References
Chapter 9 Emerging Malware Threats: The Case of Ransomware
9.1 Evolution of Ransomware
9.2 Emerging Threats
9.3 Financial Impact
9.4 Ransomware and Social Engineering
9.5 Legislation Challenges
9.6 Concluding Remarks
References
Chapter 10 Holistic Immunization: A Comprehensive Model to Tackle Hybrid Threats in the Cyber Domain
10.1 Introduction: Background and Driving Forces
10.2 Problem Definition – The Cyber Crisis Management
10.3 Proposed Model
10.4 Concluding Remarks
10.5 Glossary
References
Chapter 11 The Cyber Skills Gap
11.1 Introduction
11.2 The Skills Gap in the Landscape of Industry 4.0
11.2.1 The Skills Gap
11.2.2 Tier 1: Employers
11.2.3 Tier 2: Academia
11.2.4 Tier 3: Government
11.3 Defining an Agenda for Cybersecurity Skills
11.3.1 Evolution of the Cyber Discipline
11.4 A Framework to Address the Skills Gap in Cyber
11.5 Recommendations
11.6 Conclusion
References
Index