Index
Note: Page numbers followed by “f” and “t” refer to figures and tables, respectively.
A
cloud computing, security challenges,
392
leveraging semantic web technologies
DEMONS ontological access control model,
499–502
implementing RBAC, with ontologies,
494–495
online social networks (OSNs),
498–499
ontology-based context awareness,
496–497
state-of-the-art ontological models,
502–503
virtual infrastructure setup,
392
Access control lists (ACLs),
425–426
Access control ontology (ACO),
498–499
Acquisition program protection planning,
11f
A3 cross-site scripting,
483
Activity specification generation algorithm,
406f
Address resolution protocol (ARP),
118
Address-space layout randomization (ASLR) mechanism,
336,
338
Advanced encryption standard (AES),
142–143
Advanced persistent threats (APTs),
353,
426
Advanced security network metrics,
187–188
DARPA’98 IDS evaluation program,
188
description of experiments,
195–199
discriminators extraction process,
198
metrics extraction process,
198
localization metrics,
194
Agent based artificial immune system (ABAIS),
446
Agent-based intrusion detection systems
IDS-NIDIA architecture,
155f
IDS-NIDIA, prototyping/extending,
165
authentication/authorization/secure message exchange,
158–159
XML specification/Web services,
166
Agile software development,
16
Aircrack-ng, cracking output of,
119f
Al Qa’ida-influenced radicalization and terrorism,
561
Amazon Elastic Compute Cloud (EC2),
382
Amazon Web Services’ Elastic Compute Cloud,
512
Amazon web services (AWS) security,
382
Amplified spontaneous emission (ASE) noise,
177–178
erbium-doped fiber amplifiers (EDFA),
177–178
intent-based vulnerabilities
implementation/experimentation methodology,
411–413
model definition/notations,
399–401
security testing methodology,
404–411
test case execution, definition,
410–411
Android applications security testing (APSET),
398,
411
Android configuration file,
404
Android documentation,
402
Android IPC mechanism,
399
Anti-CSRF token, pinterest’s response,
322f
Anti-ML (AML) activities,
579
Apache 2 HTTP server,
486
App Center Web application,
319
Application-level security threats,
387–388
Artificial intelligence,
446
Associated press (AP) tweets,
281–282
Association of Chief Police Officers (ACPO),
561
Attribute based access control (ABAC),
495
Australian/New Zealand Standard (AS/NZS 4360),
302
Authenticating broadcast,
269
Authentication, authorization, and accounting (AAA) features,
391
Authentication schema,
159f
Authorization service,
220
Autocorrelation peak (ACP),
175
Automated intrusion prevention system (AIPS),
188
Avalanche photo diode (APD),
143–144
AVI (attack+vulnerability→intrusion) model,
336–337
mapping memory errors,
338f
Awareness, of information security,
100
B
information exchange/intended policy integration,
67f
information exchange scenario,
67f
Big-data Crash Repository application,
67
Binary knapsack problem,
306
Bit error rate (BER) measurement,
178–179
Bomb-making websites,
539
Bring your own device (BYOD),
426
Browser-side modifications,
323
Build-in not bolt-on security,
18
Buildroot configuration menu interface,
346f
Busybox-httpd application,
345
Byte for byte approach,
352
C
Case-based reasoning (CBR),
585–586
CCTA risk analysis and management method (CRAMM),
302
CDX 2009 TCP dump files,
198
CDX 2009 vulnerable servers,
196t
Certified information systems security professional (CISSP),
10
Channel side information (CSI),
228
Chaos-based communications,
179,
180
Chrome browser
dailymotion test , screenshot,
325f
C-INCAMI conceptual framework,
42
C-INCAMI requirements, context, measurement, and evaluation components,
28f
Cisco firewall syntax,
509
Clauser-Horne-Shimony-Holt (CHSH) Bell inequality,
144
governance, risk, and compliance (GRC),
380
data confidentiality,
382
provisioned access control infrastructure (DACI),
392
service level agreement (SLA),
381
topological similarities,
382f
virtual machine (VM),
380
Cloud security alliance (CSA),
391
Cloud service provider (CSP),
381
Cloud’s infrastructure,
380
Clusters
heterogeneous/homogeneous, training speeds,
293f
Code-division multiple access (CDMA),
174
Coherent one-way system (COW),
145–146
Combined air operations center (CAOC),
15–16
Command, control, communications, computers, intelligence, surveillance and reconnaissance (C4ISR) systems,
15–16
Command line interface-(CLI) based tool,
290
Common vulnerabilities and exposures (CVE) identifier,
431
Communication Fraud Control Association (CFCA) reports,
359
Comparative fit index (CFI),
584–585
Component under test (CUT),
404
test case generation,
405f
Computer emergency response team (CERT),
425
Confidentiality, integrity and availability (CIA),
35
Confirmatory factor analysis (CFA) techniques,
584
Connecticut Transportation Department and the Department of Public Safety to establish a Connecticut Crash Data Repository (CTCDR),
66
Content management systems (CMSs),
387
Contextual-Information Need, Concept model, Attribute, Metric, and Indicator (C-INCAMI) framework,
27
Continuous variable QKD (CV-QKD) system,
145
Cooperative amplify-and-forward (CAF),
229–230
relay networks, overview of,
227–228
Cooperative amplify-and-forward (CAF) network
ergodic secrecy rate,
239f
Cooperative relay network, fading distributions,
227–228,
232t
Cougaar-based intrusion detection system (CIDS),
154
Countermeasures
cryptographic protocols, using,
478
quantitative data about current risk,
311t
trust building, between software layers,
478
Crash repository application,
68
Critical program information and technology (CPI/T)
component-level critical analysis,
12–13
identification and protection,
11–12
Cross platform component object model (XPCOM),
471
anti-CSRF mechanisms in web,
322–323
Barth, C Jackson, and JC Mitchell,
320–321
browser-side modifications,
323
detection algorithm
high level diagram of,
321f
findings/observations,
323
LinkedIn profile stats, screenshot,
327f
malicious exploit of website,
316
modified user’s comment tab,
330f
server-side modifications,
323
in social media/networking sites,
324–330
test framework, description,
324
Cross-site tracing (XST),
483
Cryptographic hash functions,
113
Cryptographic protocols,
478
Wentworth Institute of Technology (WIT),
111
Currency transaction report (CTR),
581
Customer due diligence (CDD),
580
Cybercrime-as-a-service (CaaS) economy,
434
dynamic environments,
426
responding to cybersecurity incidents,
425–426
Cyber security education
firewall education
firewall exercises, evaluation of,
509–511
Cyber-security field,
455
main system structure,
448f
security auditing, intelligent agents,
446–450
security cyber-assistant system,
446–450
security paradigm shift,
445
Cyber-war
advanced persistent threats,
434–435
cyber-crime industry, underground,
433–434
D
DARPA’98 IDS evaluation program,
188
unintentional data leakage,
432
Data encryption standard (DES) algorithm,
112–113
DDoS-as-a-Service (DDoSaaS),
434
Defense advanced research projects agency (DARPA),
145
ontological access control,
494
Dempster-Shafer theory,
265
Department of Defense (DoD)
acquisition management phases,
9f
acquisition program protection planning,
11f
DoD architecture framework (DoDAF),
20
National Institute of Standards and Technology (NIST),
14
Developers’ responses
questionnaire for design validation,
221t
D-H method, key exchange,
603f
Discretionary access control (DAC),
493–494
Distributed file system (DFS),
282
Document object model (DOM),
473
DoDI 5000.02 defense acquisition management system,
14
DoD Information Assurance Certification and Accreditation Process (DIACAP),
11–12
DoD Information Technology Security Certification and Accreditation Process (DITSCAP),
11–12
Dynamic binary translation,
342–343
Dynamic programming algorithm,
304
Dynamic security association (DSA),
392
E
electronic transaction law (ETL)
Jordan’s e-business initiatives,
129–134
national e-commerce strategy
e-Commerce strategy,
129t
Economic and Social Commission for Western Asia (ESCWA),
131
Einstein-Podolsky-Rosen (EPR) experiment,
144
Employed four-wave mixing (FWM),
175
Emulation-based processor diversification
challenges
networking server weaknesses,
339–340
protection against attacks,
351–352
exploit, software fault,
354
security approach, proposed,
340–344
memory error detection,
343
replacement strategy, stages,
343–344
building cross-compilers,
346
Encryption module layout,
600f
Encryption protects data transmission,
174
Environment topological information,
258–259
Ergodic secrecy rate
vs. relay location angle,
238f
Event functions and inference rules,
255
Event reasoning, for trajectory tracking,
261f
event representation,
256
Executes JavaScript on Web pages,
471
Extensible markup access control language (XACML)
eXtensible Markup Language (XML),
591
flexibility/expressiveness/usability of,
592–593
fuzzy classification phase,
595–597
performance evaluation,
612t
F
Facial/color recognition,
258
Fade distribution, impact,
234f
Federal Information Management Act (FISMA),
445
Federated identity management services (FIdM),
392
Fiber-optic networks, secure communication
availability
jamming/anti-jamming,
179
optical chaos-based communications,
179–180
open systems interconnection (OSI) model,
173
optical encryption, schematic diagram,
175f
privacy/optical steganography,
177–179
File-sharing category,
512
Financial action task force (FATF),
580
Financial criminal enforcement network (FinCEN),
581
Financial security
anti-money laundering efforts,
579–581
international cooperation,
580
electricity consumption approach,
583–584
national expenditure and income,
582
built-in developer’s tool of,
324f
Fraud management system (FMS),
360,
367
Fully qualified domain name (FQDN),
428
Fuzzy classification
rate importance level, sample output of,
599f
development process,
571f
G
Game
informational scenario,
93f
informational screen,
95f
introductory information,
94f
message received main screen,
94f
password awareness,
91–93
phishing awareness,
93–94
Gamification system,
86–87
information security awareness,
95
General web mining methods,
565t
Global information grid architecture,
16f
Global Information Technology Report (GITR),
125
Global security policy schema set (GSPSS),
74,
80f
assumptions/equivalence finding,
74–76
for big-data application,
78
data ownerover requester,
78
hierarchical approach,
78
integrated security rule sets,
77–78
safe and lazy approach,
77
Goal-oriented context-aware measurement and evaluation (GOCAME),
26,
26
M&E process
high-level activities for,
31f
multi-criteria decision analysis,
40
Goal-Question-Metric (GQM) approach,
42–43
Governance, risk, and compliance (GRC) console,
380
Government to business (G2B),
126–127
Government to consumer (G2C),
126–127
Gross national product (GNP),
582
H
Hadoop-based classifier,
298
classification speed,
297f
training speed comparison of,
296f
Hadoop-based parameters,
293
Hadoop distributed file system (HDFS),
282,
283
Hadoop Master-Slave cluster architecture,
283f
Health Insurance Portability and Accountability Act (HIPAA),
432
Help the Heroes, T-shirt,
550
Heterogeneous cluster setup,
292f
Hop-by-hop authentication scheme,
269–270
HStreaming’s StreamGen,
290
Human factors
and information security,
102
Hyper text markup language (HTML),
481
Hyper text transfer protocol (HTTP),
481
I
The Impact of Information Richness on Information Security Awareness Training Effectiveness,
101
Improvised explosive devices (IED),
545
INCOSE SSE Working Group,
21
Information and communications technologies (ICT),
security assessment
GOCAME conceptual framework,
27–29
measurement and evaluation (M&E) projects,
25
measurement component,
29
non-functional requirements component,
27
security/risk assessment,
26
system-of-systems (SoS) environment,
Information and communication technologies (ICTs),
99,
523
advancement and integration,
99
Information assurance (IA),
10,
11
Information exchange environment (IEE),
99,
99
Information model ontology (IMO),
499
Information retrieval agent structure,
450f
Information security,
423
Information security and assurance (ISA),
85
digital games, benefits of,
89
adoption in multiple domains,
88–89
system architecture,
89–90
Information security awareness
Information security learning continuum,
102–104
Information security management systems (ISMS),
100
Information security retrieval and awareness (ISRA) model,
101
Information security user awareness,
107t
assessment, and education,
108f
Input output symbolic transition systems (ioSTS),
398,
399
Instruction set randomization (ISR),
339
Integrated Automated Fingerprint Identification System (IAFIS),
65–66,
66
Integrated security rule sets, resolving conflicts,
77–78
Intel Xeon X3350 processor,
292
International monetary fund (IMF),
577
Internet engineering task force (IETF),
481–482
Internet explorer (IE),
323
Internet protocol (IP) address,
425,
525
Internet protocol(IP)-based service,
362–363
Internet protocol version 4 (IPv4) address space,
429
Internet relay chat (IRC) botnet,
431–432
Intrusion detection systems (IDSs),
153,
455
IDS-NIDIA architecture,
155f
intUnderflow() function,
351
IP addresses
IP traffic classification,
189
J
Java
reverse engineering, vulnerability,
163
Java run-time environment (JRE),
343
JavaScript POST XMLHttpRequest,
328
JavaScript’s eval() function,
475
Java virtual machine (JVM),
292
K
Karen National Union (KNU),
521
KDD ’99 intrusion detection dataset,
289–290
dynamic programming solution,
303–304
KnownSubjectAcquired events,
261
L
Layered service provider (LSP),
477
Link discovery based on correlation analysis (LDCA),
586
LinkedIn CSRF vulnerabilities,
322–323
Lithium niobate (LiNbO
3) material,
179
Lithium triborate (LBO) nonlinear crystal,
144
Local security
into global security, integrating processes,
75f
Local security policy schema set (LSPSS),
73f,
74
assumptions/equivalence finding,
74–76
integration process,
76–77
Low orbit ion cannon (LOIC),
435
M
Mac backdoor malware,
435
Mach-Zehnder interferometer (MZI),
143
Mamdani fuzzy inference system,
597f
Managerial actions toward information security (MATI security),
101
Mandatory access control (MAC),
493–494
Man-in-the-browser attack
ajax transmission mechanism,
474
cross-site scripting (XSS) attacks,
474
high-level depiction of,
284f
Massively multiplayer online roleplaying games (MMORPGs),
88
Master boot record (MBR) wiping,
427
Master role index (MRI),
70,
70,
71f
Maximum posterior (MAP) hypothesis,
287–288
McCauley, 12 mechanisms,
563t
μ-Denial-of-service (μ-DOS),
348
Measurement device independent QKD (MDI-QKD),
149
Message authentication code (MAC),
269,
269
Message delivery, reliability of,
161
messages stored, representation of,
168f
Metrics
extraction
assessment, process,
197f
analytical framework,
236
Michelson interferometer,
144
Microsoft Security Essentials,
514
Mission assurance categories (MAC),
18t
Moment generating function-(MGF),
230–231
Moskalenko’s, 12 mechanisms,
563t
Mozilla’s cross-platform component model,
471
Multi-Objective Tabu Search (MOTS),
302
Multiple-access interference (MAI),
175
Multi-process architectures,
339
for server architectures,
340f
Multi-process server,
348
Multi-threaded architectures,
339
N
Naive Bayes class (NBC),
287
Naive Bayes classifier,
288
National Institute of Science and Technology (NIST),
102–103
National vulnerability database (NVD),
431
Native POSIX Threading (NPTL),
346
Necko system level API (NSPR),
476
Network address translation (NAT),
429
Network APIs
man-in-the-browser attack,
476f
Network-based intrusion detection system,
285
Network connection events,
462t
Networking professionals, security projects
asymmetric encryption, assignment,
116–117
hash functions, assignment in,
113
and network security course,
111–112
symmetric encryption, assignment in,
112–113
wireless network security
802.11 WEP key cracking experiment,
118–119
802.11 wireless security,
118
Network interface card (NIC),
285
Network intrusion detection system (NIDS),
167–168
Network metrics
Wentworth Institute of Technology (WIT),
111
Network sensor agents (NSA),
154–155
Network-type private information retrieval, algebraic approaches
algebraic description
GF(2
m), cyclotomic classes of,
249
two-hypotheses testing problem,
250
algorithmic description
polynomial representation,
247
data processing scheme
parameters/complexities, constraints,
246–247
New York Police Department (NYPD),
561
Next-generation firewall techniques,
514
Next generation networks (NGN),
362–363
partial ontology of,
206f
SIG, evaluation/analysis task,
217f
softgoal interdependency graph,
210f
Non-disclosure agreement (NDA),
384–385
Non-executable bit (NX),
339
Non-Hadoop-based Naive Bayes algorithms
training speed comparison of,
296f
Non-Hadoop-based Naive Bayes classifier,
294
NYPD four-stage radicalization process,
561t
O
OLAP cube technology,
587
Online radicalization
behavioral intensity,
545
challenge of tackling,
551
investigation and modeling of,
539–541
radicalization-factor model (RFM),
543f
radicalizationfactor model, influencing factors,
541–542
single behavioral indicators,
544
Online radicalized profiles,
566t
Online self-radicalization,
570t
signed concept map of,
571f
Online social networks (OSNs),
498
Ontological access control rule,
501f
Ontology administration point (OAP),
495
Ontology-based context awareness,
494
Ontology-based social network access control (OSNAC) model,
498–499
Open source vulnerability database (OSVDB),
431
Open systems interconnection (OSI) model,
173
Open web application security project (OWASP),
391,
482
Operation Red October,
435
Optical chaos communication, schematic diagram,
180f
Optical exclusive OR (XOR) logic operation,
175
Optical steganography,
177
Optimal power and rate adaptation (OPRA) policy,
242
Optimal security countermeasure selection
binary knapsack-based approach
dynamic programming algorithm,
306–309
computational example and comparison,
309–312
P
Packet-switched networks,
359
Pair-Wise Jaccard similarity scores,
460t
Palo Alto’s educational modules,
512
Password awareness game,
91–93
Paths’ fading distributions,
235t
Payment card industry data security standard (PCIDSS),
381
PC revolution hackers,
434
Peer-to-peer (P2P) botnets,
428
Performance level of the stored cross-site scripting immunity (P_SXSS) elementary indicator,
36–37,
38–39
Performance tuning configurations,
294f
architectural models for,
219f
confidentiality, lack of,
209
initial architectural models for,
212f
Php Web applications,
487
Policy integration approaches,
82
Policy model ontology (PMO),
499,
500f
Policy semantic point (PSP),
496
security rules set (SRSet) of,
77
Post-traumatic stress disorder (PTSD),
522
Privacy-aware access control,
493–494
Privacy preference manager (PPM),
497–498
Probability density function (PDF),
228
Program protection planning process,
12t
Pseudo code
proposed binary knapsack algorithm,
308f
Public key infrastructure (PKI),
128,
159
Public switched telephone network (PSTN),
360
Pyramid model, prevention,
561t
Q
Quantum key distribution (QKD) technologies,
142–143,
176
first entanglement-based system,
144
device independent QKD (DI-QKD),
148–149
measurement device independent QKD (MDI-QKD),
149
military QKD usage scenario,
149
Swissquantum network,
146
R
Radical online profiles, investigation,
564
general web mining methods,
565t
Gill’s pathway model,
562
New York Police Department (NYPD),
561
political radicalization,
562
radicalization, psychological model,
563–564
Taarnby’s eight-stage recruitment process,
560
TerrorismMarc sageman’s, four-stage process,
560
Wiktorowicz’s al-Muhajiroun model,
562
Random domain name generator (RDNG),
428
Rational unified process (RUP),
16
RAVE lab firewall exercises,
510
Real-time network intrusion detection
practical application scenario,
290–298
system design, technologies
anomaly-based intrusion detection system,
286
D3, Javascript-based visualization API,
286
Ganglia, cluster monitor,
287
Hadoop distributed file system (HDFS),
283
host intrusion detection system,
285
intrusion detection systems,
285–289
MapReduce programming model,
283
misuse-based intrusion detection system,
286
network intrusion detection system,
285
using hadoop-based Bayesian classifier,
281–282
Relation based access control model (RelBAC),
498
Remote administration tools (RATs),
428
Remote procedure call (RPC),
155–156
Resource-efficient multi-source authentication
methodology
semi-encrypted key pre-distribution,
276
resource requirements,
277
wireless sensor network (WSN),
267
Return oriented programming (ROP) sequence,
351,
351
Return-to-zero (NRZ),
177
Risk evaluation activity,
40
Rivest, Shamir, and Adleman (RSA) algorithm,
141
Root mean square error of approximation (RMSEA),
584–585
Rule-enforced semantic network,
460–461
S
SaaS administration tool,
389
SA-Austrian Institute of Technology (AIT),
145–146
Satisfiability modulo theories (SMT),
412–413
secure channel, creation,
167f
Secure communication based on quantum cryptography (SECOQC),
145–146,
146
Secure cooperative wireless communications
cooperative amplify-and-forward relay networks, ergodic secrecy rates,
230–231
dissimilar mean signal strengths, effects of,
237–238
eavesdroppers, effects of,
240
fade distributions, effects of,
233–235
multiple cooperating relays, effects of,
239–240
SNR, MGF approximation,
233
transmit power allocation, effects of
distinct transmission phases,
236–237
Secure file transfer protocol (SFTP),
158
Secure Sockets Layer - v 2 (SSLv2),
165
Security
big-data application,
67f
awareness
requirements tree specification for,
30t
Security cyber-assistant system,
446–450
Security information and event management (SIEM) process,
425
Security officer interface agent,
448f
Security operations center (SOC),
425
Security rules schema,
72f
Security testing methodology,
398
SEF, statistical en-route filtering mechanism,
269
Selection[], algorithm operations on,
310f
authentication/authorization/secure message exchange,
158–159
Semantic based access control (SBAC) model,
496,
503t
Bayesian probability model,
457
rule enforced semantic network,
460–461
similarity-based semantic network,
457–460
Semi-encrypted key pre-distribution,
273f
Sensor/communication nodes,
228
Separation and binding of duty (SoD),
493–494
Session initiation protocol (SIP),
360
user’s domain, proxy responsibility,
360
Sheffield Hallam University staff,
524–525
Short message service (SMS) messages,
427
Signals leading, to core dump,
347t
Signal-to-noise ratio (SNR),
175
Signature-based fraud detection,
364–367
long-term/short-term signatures, comparison,
365
Signature-based technique,
363
Similarity based semantic network,
459
Similarity coefficient,
459
Single Unix specification (SIS),
345
SIP basic operation,
361f
Small to medium-size businesses (SMBs),
383
Smartphones, BYOD paradigm,
427
Smartphone, system prototype overview,
345f
Social and media sites,
315
Social media anti-radicalization training for credible voices (SMART-CV),
549–551,
553–554
Social networking systems ontology (SNO),
498–499
Softgoal interdependency graph (SIG),
204,
205–206
NFR approach, evaluation/analysis task,
217f
Software development life cycle (SDLC),
387–388
Software risk management (SRM),
39,
39
Spam and open relay blocking system (SORBS),
425
Specification example,
407f
Split-join one-way key chain (SOKC),
267
key disclosure fields,
276
multi-source authentication capabilities,
268
Spread stealth pulses
temporal phase modulation, schematic diagram,
178f
Stack-smashing protection (SSP),
338–339
Stego steganography demonstration
graphical interface of,
114f
Stored cross-site scripting immunity (XSS),
32t,
35,
36t,
41,
42
Storyboards
password awareness game,
91–93
phishing awareness game,
93–94
Strengths, weaknesses, opportunities, and threats (SWOT) analysis,
128–129
Structured query language injection (SQLi),
431
Subject reacquisition (SR),
256
Support vector machines (SVM) algorithms,
286
Surveillance
methodological issues
Suspicious activity report (SAR),
581
SXMS
fuzzy classification phase,
617
System architecture,
291f
System controller agents (SCA),
155
System design
System monitoring agents (SMA),
154–155
System security engineering
System security engineering (SSE),
cost-benefit decision,
8–9
methods, processes, and tools (MPT), ,
10–14
acquisition program protection planning,
11–13,
11f,
12t
agile and self-organizing system,
20–21
complex systems, discovery/understanding of,
15–17
critical reviews,
14,
15f
early design considerations,
19
formalized security requirements,
18
global information grid architecture,
16f
information assurance,
14
leveraging system architectures,
20
metrics and evaluation,
21
mission assurance,
17,
18t
risk assessment methodology,
13f
US DoD,
System security engineering-capability maturity model (SSE-CMM),
9–10
System security engineering process,
8–10
Systems engineering (SE),
critical reviews,
14,
15f
System sentinel agent (SSA),
163
System update agents (SUA),
155
T
TCL programming language,
511
Temporal semantic based access control (TSBAC) model,
496
counter-terrorism, collaboration,
553–554
Terrorism, staircase,
563t
Testbed architecture,
367f
Test case execution,
412f
Test case generation,
409f
Test-driven development (TDD),
16
The New York Times website,
320
Threats detection, visualization of,
291f
TPR, for dynamic information,
264t
Transmission control protocol (TCP),
165
Transport layer security – v 1 (TLSv1),
165
Transport level security,
477
Trusted repeater system,
146
Trust service integration kit (TSIK),
165
Trustworthiness, definition of,
222f
Trustworthiness satisficing
architectural modifications,
218t
Trustworthy software systems,
203–205
goal criticalities, development,
213
goal tradeoffs, development,
213
rationale, development,
213
trustworthy phoenix system, NFR approach,
209–219
validation/lessons learned,
219–222
U
Unified modeling language (UML)
security policy schema set (SPSS),
72–73
Uniform resource locators (URLs),
429–430
Unique set size (USS) memory,
352
UNIX file permissions,
510
User information security awareness,
105–106
User interface agent structure,
449f
User’s browser state,
328
V
Variant replacements policy,
344f
Video sensor observations,
257
Virtual access control infrastructure setup,
392
Virtual BattleSpace 2, training system,
88
Virtual infrastructure (VI),
392
Virtual infrastructure operator (VIO),
392
Virtualization
Virtual private network (VPN),
145
VoIP networks, fraud detection,
359,
360
alarm distribution, to call type,
370f
Communication Fraud Control Association (CFCA) reports,
359
known fraudulent cases,
367
signature-based technique testing,
368–370
fraud management system (FMS),
360
multi-level perceptron (MLP),
371
neural network self organizing map (NN-SOM) technique,
369–370,
371,
371t
next generation networks (NGN),
362–363
signature testing results,
370t
VSkimmer, steals credit card information,
427
Amazon web services (AWS) security,
382
applications, percentage of,
415f
browser architecture,
471
CDX 2009 vulnerable servers,
196t
methods, processes, and tools (MPT),
noteworthy vulnerable software,
431–432
W
Wavelength-hopping time-spreading (WHTS),
175
optical CDMA, schematic diagram,
176f
Web access control (WAC) ontology,
497–498
security actions/arrangements,
483–484
Web-based administration user interface tool,
388–389
Web ontology language (OWL),
493–494
Web server
spatial and temporal overhead,
353t
Web sessions, security
implementation/experiments,
486–489
results/application-specific details,
488–489
secure sockets layer (SSL),
482–483
Web applications security actions/arrangements,
483–484
Web system, security evaluation,
34–42
metrics/indicators for,
41–42
security characteristic specification,
35
security vulnerability issues,
39–40
stored cross-site scripting immunity,
36t
Wentworth Institute of Technology (WIT),
111
WEP key-cracking program,
118
West Point network border,
196
Why, what, who, when, where, and how (W5H),
25–26,
34
Wiesner’s quantum multiplexing,
143–146
Wi-Fi protected access (WPA)
authentication frame
Wireshark screenshot of,
119f
pre-shared key (PSK) mode,
118
Wiktorowicz’s al-Muhajiroun model,
562,
562t
Windows filtering platform (WFP),
477
Windows network APIs,
476f
Wired equivalent privacy (WEP),
118
Wireless ad hoc networks,
267
World wide web consortium (W3C)
Wyner wire-tap channel,
232
with single cooperative amplify-and-forward relay,
229f
X
model for registering public keys,
157f
with timestamp solution,
161f
XML access control (XAC),
593
XML key management specification,
See XKMS
XML role slice diagram (XRSD),
69f,
70
XML schema class diagram (XSCD),
68–70,
69f
master role index (MRI),
70
XML security
XSWRL ontology-based alert correlation approach,
456
Y
Z
Zero-day buffer overflow attacks,
188