Preface xviiAcknowledgment xxvii1 A Comprehensive Study of Security Issues and Research Challenges in Different Layers of Service-Oriented IoT Architecture 1Ankur O. Bang, Udai Pratap Rao and Amit A. Bhusari1.1 Introduction and Related Work 21.2 IoT: Evolution, Applications and Security Requirements 41.2.1 IoT and Its Evolution 51.2.2 Different Applications of IoT 51.2.3 Different Things in IoT 71.2.4 Security Requirements in IoT 81.3 Service-Oriented IoT Architecture and IoT Protocol Stack 101.3.1 Service-Oriented IoT Architecture 101.3.2 IoT Protocol Stack 111.3.2.1 Application Layer Protocols 121.3.2.2 Transport Layer Protocols 131.3.2.3 Network Layer Protocols 151.3.2.4 Link Layer and Physical Layer Protocols 161.4 Anatomy of Attacks on Service-Oriented IoT Architecture 241.4.1 Attacks on Software Service 241.4.1.1 Operating System-Level Attacks 241.4.1.2 Application-Level Attacks 251.4.1.3 Firmware-Level Attacks 251.4.2 Attacks on Devices 261.4.3 Attacks on Communication Protocols 261.4.3.1 Attacks on Application Layer Protocols 261.4.3.2 Attacks on Transport Layer Protocols 281.4.3.3 Attacks on Network Layer Protocols 281.4.3.4 Attacks on Link and Physical Layer Protocols 301.5 Major Security Issues in Service-Oriented IoT Architecture 311.5.1 Application - Interface Layer 321.5.2 Service Layer 331.5.3 Network Layer 331.5.4 Sensing Layer 341.6 Conclusion 35References 362 Quantum and Post-Quantum Cryptography 45Om Pal, Manoj Jain, B.K. Murthy and Vinay Thakur2.1 Introduction 462.2 Security of Modern Cryptographic Systems 462.2.1 Classical and Quantum Factoring of A Large Number 472.2.2 Classical and Quantum Search of An Item 492.3 Quantum Key Distribution 492.3.1 BB84 Protocol 502.3.1.1 Proposed Key Verification Phase for BB84 512.3.2 E91 Protocol 512.3.3 Practical Challenges of Quantum Key Distribution 522.3.4 Multi-Party Quantum Key Agreement Protocol 532.4 Post-Quantum Digital Signature 532.4.1 Signatures Based on Lattice Techniques 542.4.2 Signatures Based on Multivariate Quadratic Techniques 552.4.3 Hash-Based Signature Techniques 552.5 Conclusion and Future Directions 55References 563 Artificial Neural Network Applications in Analysis of Forensic Science 59K.R. Padma and K.R. Don3.1 Introduction 603.2 Digital Forensic Analysis Knowledge 613.3 Answer Set Programming in Digital Investigations 613.4 Data Science Processing with Artificial Intelligence Models 633.5 Pattern Recognition Techniques 633.6 ANN Applications 653.7 Knowledge on Stages of Digital Forensic Analysis 653.8 Deep Learning and Modelling 673.9 Conclusion 68References 694 A Comprehensive Survey of Fully Homomorphic Encryption from Its Theory to Applications 73Rashmi Salavi, Dr. M. M. Math and Dr. U. P. Kulkarni4.1 Introduction 734.2 Homomorphic Encryption Techniques 764.2.1 Partial Homomorphic Encryption Schemes 774.2.2 Fully Homomorphic Encryption Schemes 784.3 Homomorphic Encryption Libraries 794.4 Computations on Encrypted Data 834.5 Applications of Homomorphic Encryption 854.6 Conclusion 86References 875 Understanding Robotics through Synthetic Psychology 91Garima Saini and Dr. Shabnam5.1 Introduction 915.2 Physical Capabilities of Robots 925.2.1 Artificial Intelligence and Neuro Linguistic Programming (NLP) 935.2.2 Social Skill Development and Activity Engagement 935.2.3 Autism Spectrum Disorders 935.2.4 Age-Related Cognitive Decline and Dementia 945.2.5 Improving Psychosocial Outcomes through Robotics 945.2.6 Clients with Disabilities and Robotics 945.2.7 Ethical Concerns and Robotics 955.3 Traditional Psychology, Neuroscience and Future Robotics 955.4 Synthetic Psychology and Robotics: A Vision of the Future 975.5 Synthetic Psychology: The Foresight 985.6 Synthetic Psychology and Mathematical Optimization 995.7 Synthetic Psychology and Medical Diagnosis 995.7.1 Virtual Assistance and Robotics 1005.7.2 Drug Discovery and Robotics 1005.8 Conclusion 101References 1016 An Insight into Digital Forensics: History, Frameworks, Types and Tools 105G Maria Jones and S Godfrey Winster6.1 Overview 1056.2 Digital Forensics 1076.2.1 Why Do We Need Forensics Process? 1076.2.2 Forensics Process Principles 1086.3 Digital Forensics History 1086.3.1 1985 to 1995 1086.3.2 1995 to 2005 1096.3.3 2005 to 2015 1106.4 Evolutionary Cycle of Digital Forensics 1116.4.1 Ad Hoc 1116.4.2 Structured Phase 1116.4.3 Enterprise Phase 1126.5 Stages of Digital Forensics Process 1126.5.1 Stage 1 - 1995 to 2003 1126.5.2 Stage II - 2004 to 2007 1136.5.3 Stage III - 2007 to 2014 1146.6 Types of Digital Forensics 1156.6.1 Cloud Forensics 1166.6.2 Mobile Forensics 1166.6.3 IoT Forensics 1166.6.4 Computer Forensics 1176.6.5 Network Forensics 1176.6.6 Database Forensics 1186.7 Evidence Collection and Analysis 1186.8 Digital Forensics Tools 1196.8.1 X-Ways Forensics 1196.8.2 SANS Investigative Forensics Toolkit - SIFT 1196.8.3 EnCase 1196.8.4 The Sleuth Kit/Autopsy 1226.8.5 Oxygen Forensic Suite 1226.8.6 Xplico 1226.8.7 Computer Online Forensic Evidence Extractor (COFEE) 1226.8.8 Cellebrite UFED 1226.8.9 OSForeniscs 1236.8.10 Computer-Aided Investigative Environment (CAINE) 1236.9 Summary 123References 1237 Digital Forensics as a Service: Analysis for Forensic Knowledge 127Soumi Banerjee, Anita Patil, Dipti Jadhav and Gautam Borkar7.1 Introduction 1277.2 Objective 1287.3 Types of Digital Forensics 1297.3.1 Network Forensics 1297.3.2 Computer Forensics 1427.3.3 Data Forensics 1477.3.4 Mobile Forensics 1497.3.5 Big Data Forensics 1547.3.6 IoT Forensics 1557.3.7 Cloud Forensics 1577.4 Conclusion 161References 1618 4S Framework: A Practical CPS Design Security Assessment & Benchmarking Framework 163Neel A. Patel, Dhairya A. Parekh, Yash A. Shah and Ramchandra Mangrulkar8.1 Introduction 1648.2 Literature Review 1668.3 Medical Cyber Physical System (MCPS) 1708.3.1 Difference between CPS and MCPS 1718.3.2 MCPS Concerns, Potential Threats, Security 1718.4 CPSSEC vs. Cyber Security 1728.5 Proposed Framework 1738.5.1 4S Definitions 1748.5.2 4S Framework-Based CPSSEC Assessment Process 1758.5.3 4S Framework-Based CPSSEC Assessment Score Breakdown & Formula 1818.6 Assessment of Hypothetical MCPS Using 4S Framework 1878.6.1 System Description 1878.6.2 Use Case Diagram for the Above CPS 1888.6.3 Iteration 1 of 4S Assessment 1898.6.4 Iteration 2 of 4S Assessment 1958.7 Conclusion 2008.8 Future Scope 201References 2019 Ensuring Secure Data Sharing in IoT Domains Using Blockchain 205Tawseef Ahmed Teli, Rameez Yousuf and Dawood Ashraf Khan9.1 IoT and Blockchain 2059.1.1 Public 2089.1.1.1 Proof of Work (PoW) 2099.1.1.2 Proof of Stake (PoS) 2099.1.1.3 Delegated Proof of Stake (DPoS) 2109.1.2 Private 2109.1.3 Consortium or Federated 2109.2 IoT Application Domains and Challenges in Data Sharing 2119.3 Why Blockchain? 2149.4 IoT Data Sharing Security Mechanism On Blockchain 2169.4.1 Double-Chain Mode Based On Blockchain Technology 2169.4.2 Blockchain Structure Based On Time Stamp 2179.5 Conclusion 219References 21910 A Review of Face Analysis Techniques for Conventional and Forensic Applications 223Chethana H.T. and Trisiladevi C. Nagavi10.1 Introduction 22410.2 Face Recognition 22510.2.1 Literature Review on Face Recognition 22610.2.2 Challenges in Face Recognition 22810.2.3 Applications of Face Recognition 22910.3 Forensic Face Recognition 22910.3.1 Literature Review on Face Recognition for Forensics 23110.3.2 Challenges of Face Recognition in Forensics 23310.3.3 Possible Datasets Used for Forensic Face Recognition 23510.3.4 Fundamental Factors for Improving Forensics Science 23510.3.5 Future Perspectives 23710.4 Conclusion 238References 23811 Roadmap of Digital Forensics Investigation Process with Discovery of Tools 241Anita Patil, Soumi Banerjee, Dipti Jadhav and Gautam Borkar11.1 Introduction 24211.2 Phases of Digital Forensics Process 24411.2.1 Phase I - Identification 24411.2.2 Phase II - Acquisition and Collection 24511.2.3 Phase III - Analysis and Examination 24511.2.4 Phase IV - Reporting 24511.3 Analysis of Challenges and Need of Digital Forensics 24611.3.1 Digital Forensics Process has following Challenges 24611.3.2 Needs of Digital Forensics Investigation 24711.3.3 Other Common Attacks Used to Commit the Crime 24811.4 Appropriateness of Forensics Tool 24811.4.1 Level of Skill 24811.4.2 Outputs 25211.4.3 Region of Emphasis 25211.4.4 Support for Additional Hardware 25211.5 Phase-Wise Digital Forensics Techniques 25311.5.1 Identification 25311.5.2 Acquisition 25411.5.3 Analysis 25611.5.3.1 Data Carving 25711.5.3.2 Different Curving Techniques 25911.5.3.3 Volatile Data Forensic Toolkit Used to Collect and Analyze the Data from Device 26011.5.4 Report Writing 26511.6 Pros and Cons of Digital Forensics Investigation Process 26611.6.1 Advantages of Digital Forensics 26611.6.2 Disadvantages of Digital Forensics 26611.7 Conclusion 267References 26712 Utilizing Machine Learning and Deep Learning in Cybesecurity: An Innovative Approach 271Dushyant Kaushik, Muskan Garg, Annu, Ankur Gupta and Sabyasachi Pramanik12.1 Introduction 27112.1.1 Protections of Cybersecurity 27212.1.2 Machine Learning 27412.1.3 Deep Learning 27612.1.4 Machine Learning and Deep Learning: Similarities and Differences 27812.2 Proposed Method 28112.2.1 The Dataset Overview 28212.2.2 Data Analysis and Model for Classification 28312.3 Experimental Studies and Outcomes Analysis 28312.3.1 Metrics on Performance Assessment 28412.3.2 Result and Outcomes 28512.3.2.1 Issue 1: Classify the Various Categories of Feedback Related to the Malevolent Code Provided 28512.3.2.2 Issue 2: Recognition of the Various Categories of Feedback Related to the Malware Presented 28612.3.2.3 Issue 3: According to the Malicious Code, Distinguishing Various Forms of Malware 28712.3.2.4 Issue 4: Detection of Various Malware Styles Based on Different Responses 28712.3.3 Discussion 28812.4 Conclusions and Future Scope 289References 29213 Applications of Machine Learning Techniques in the Realm of Cybersecurity 295Koushal Kumar and Bhagwati Prasad Pande13.1 Introduction 29613.2 A Brief Literature Review 29813.3 Machine Learning and Cybersecurity: Various Issues 30013.3.1 Effectiveness of ML Technology in Cybersecurity Systems 30013.3.2 Machine Learning Problems and Challenges in Cybersecurity 30213.3.2.1 Lack of Appropriate Datasets 30213.3.2.2 Reduction in False Positives and False Negatives 30213.3.2.3 Adversarial Machine Learning 30213.3.2.4 Lack of Feature Engineering Techniques 30313.3.2.5 Context-Awareness in Cybersecurity 30313.3.3 Is Machine Learning Enough to Stop Cybercrime? 30413.4 ML Datasets and Algorithms Used in Cybersecurity 30413.4.1 Study of Available ML-Driven Datasets Available for Cybersecurity 30413.4.1.1 KDD Cup 1999 Dataset (DARPA1998) 30513.4.1.2 NSL-KDD Dataset 30513.4.1.3 ECML-PKDD 2007 Discovery Challenge Dataset 30513.4.1.4 Malicious URL's Detection Dataset 30613.4.1.5 ISOT (Information Security and Object Technology) Botnet Dataset 30613.4.1.6 CTU-13 Dataset 30613.4.1.7 MAWILab Anomaly Detection Dataset 30713.4.1.8 ADFA-LD and ADFA-WD Datasets 30713.4.2 Applications ML Algorithms in Cybersecurity Affairs 30713.4.2.1 Clustering 30913.4.2.2 Support Vector Machine (SVM) 30913.4.2.3 Nearest Neighbor (NN) 30913.4.2.4 Decision Tree 30913.4.2.5 Dimensionality Reduction 31013.5 Applications of Machine Learning in the Realm of Cybersecurity 31013.5.1 Facebook Monitors and Identifies Cybersecurity Threats with ML 31013.5.2 Microsoft Employs ML for Security 31113.5.3 Applications of ML by Google 31213.6 Conclusions 313References 31314 Security Improvement Technique for Distributed Control System (DCS) and Supervisory Control-Data Acquisition (SCADA) Using Blockchain at Dark Web Platform 317Anand Singh Rajawat, Romil Rawat and Kanishk Barhanpurkar14.1 Introduction 31814.2 Significance of Security Improvement in DCS and SCADA 32214.3 Related Work 32314.4 Proposed Methodology 32414.4.1 Algorithms Used for Implementation 32714.4.2 Components of a Blockchain 32714.4.3 MERKLE Tree 32814.4.4 The Technique of Stack and Work Proof 32814.4.5 Smart Contracts 32914.5 Result Analysis 32914.6 Conclusion 330References 33115 Recent Techniques for Exploitation and Protection of Common Malicious Inputs to Online Applications 335Dr. Tun Myat Aung and Ni Ni Hla15.1 Introduction 33515.2 SQL Injection 33615.2.1 Introduction 33615.2.2 Exploitation Techniques 33715.2.2.1 In-Band SQL Injection 33715.2.2.2 Inferential SQL Injection 33815.2.2.3 Out-of-Band SQL Injection 34015.2.3 Causes of Vulnerability 34015.2.4 Protection Techniques 34115.2.4.1 Input Validation 34115.2.4.2 Data Sanitization 34115.2.4.3 Use of Prepared Statements 34215.2.4.4 Limitation of Database Permission 34315.2.4.5 Using Encryption 34315.3 Cross Site Scripting 34415.3.1 Introduction 34415.3.2 Exploitation Techniques 34415.3.2.1 Reflected Cross Site Scripting 34515.3.2.2 Stored Cross Site Scripting 34515.3.2.3 DOM-Based Cross Site Scripting 34615.3.3 Causes of Vulnerability 34615.3.4 Protection Techniques 34715.3.4.1 Data Validation 34715.3.4.2 Data Sanitization 34715.3.4.3 Escaping on Output 34715.3.4.4 Use of Content Security Policy 34815.4 Cross Site Request Forgery 34915.4.1 Introduction 34915.4.2 Exploitation Techniques 34915.4.2.1 HTTP Request with GET Method 34915.4.2.2 HTTP Request with POST Method 35015.4.3 Causes of Vulnerability 35015.4.3.1 Session Cookie Handling Mechanism 35015.4.3.2 HTML Tag 35115.4.3.3 Browser's View Source Option 35115.4.3.4 GET and POST Method 35115.4.4 Protection Techniques 35115.4.4.1 Checking HTTP Referer 35115.4.4.2 Using Custom Header 35215.4.4.3 Using Anti-CSRF Tokens 35215.4.4.4 Using a Random Value for each Form Field 35215.4.4.5 Limiting the Lifetime of Authentication Cookies 35315.5 Command Injection 35315.5.1 Introduction 35315.5.2 Exploitation Techniques 35415.5.3 Causes of Vulnerability 35415.5.4 Protection Techniques 35515.6 File Inclusion 35515.6.1 Introduction 35515.6.2 Exploitation Techniques 35515.6.2.1 Remote File Inclusion 35515.6.2.2 Local File Inclusion 35615.6.3 Causes of Vulnerability 35715.6.4 Protection Techniques 35715.7 Conclusion 358References 35816 Ransomware: Threats, Identification and Prevention 361Sweta Thakur, Sangita Chaudhari and Bharti Joshi16.1 Introduction 36116.2 Types of Ransomwares 36416.2.1 Locker Ransomware 36416.2.1.1 Reveton Ransomware 36516.2.1.2 Locky Ransomware 36616.2.1.3 CTB Locker Ransomware 36616.2.1.4 TorrentLocker Ransomware 36616.2.2 Crypto Ransomware 36716.2.2.1 PC Cyborg Ransomware 36716.2.2.2 OneHalf Ransomware 36716.2.2.3 GPCode Ransomware 36716.2.2.4 CryptoLocker Ransomware 36816.2.2.5 CryptoDefense Ransomware 36816.2.2.6 CryptoWall Ransomware 36816.2.2.7 TeslaCrypt Ransomware 36816.2.2.8 Cerber Ransomware 36816.2.2.9 Jigsaw Ransomware 36916.2.2.10 Bad Rabbit Ransomware 36916.2.2.11 WannaCry Ransomware 36916.2.2.12 Petya Ransomware 36916.2.2.13 Gandcrab Ransomware 36916.2.2.14 Rapid Ransomware 37016.2.2.15 Ryuk Ransomware 37016.2.2.16 Lockergoga Ransomware 37016.2.2.17 PewCrypt Ransomware 37016.2.2.18 Dhrama/Crysis Ransomware 37016.2.2.19 Phobos Ransomware 37116.2.2.20 Malito Ransomware 37116.2.2.21 LockBit Ransomware 37116.2.2.22 GoldenEye Ransomware 37116.2.2.23 REvil or Sodinokibi Ransomware 37116.2.2.24 Nemty Ransomware 37116.2.2.25 Nephilim Ransomware 37216.2.2.26 Maze Ransomware 37216.2.2.27 Sekhmet Ransomware 37216.2.3 MAC Ransomware 37216.2.3.1 KeRanger Ransomware 37316.2.3.2 Go Pher Ransomware 37316.2.3.3 FBI Ransom Ransomware 37316.2.3.4 File Coder 37316.2.3.5 Patcher 37316.2.3.6 ThiefQuest Ransomware 37416.2.3.7 Keydnap Ransomware 37416.2.3.8 Bird Miner Ransomware 37416.3 Ransomware Life Cycle 37416.4 Detection Strategies 37616.4.1 Unevil 37616.4.2 Detecting File Lockers 37616.4.3 Detecting Screen Lockers 37716.4.4 Connection-Monitor and Connection-Breaker Approach 37716.4.5 Ransomware Detection by Mining API Call Usage 37716.4.6 A New Static-Based Framework for Ransomware Detection 37716.4.7 White List-Based Ransomware Real-Time Detection Prevention (WRDP) 37816.5 Analysis of Ransomware 37816.5.1 Static Analysis 37916.5.2 Dynamic Analysis 37916.6 Prevention Strategies 38016.6.1 Access Control 38016.6.2 Recovery After Infection 38016.6.3 Trapping Attacker 38016.7 Ransomware Traits Analysis 38016.8 Research Directions 38416.9 Conclusion 384References 384Index 389

Mangesh M. Ghonge, PhD, is currently working at Sandip Institute of Technology and Research Center, Nashik, Maharashtra, India. He authored or co-authored more than 60 published articles in prestigious journals, book chapters, and conference papers. He is also the author or editor of ten books and has organized and chaired many national and international conferences.Sabyasachi Pramanik, PhD, is an assistant professor in the Department of Computer Science and Engineering, Haldia Institute of Technology, India. He earned his doctorate in computer science and engineering from the Sri Satya Sai University of Technology and Medical Sciences, Bhopal, India. He has many publications in various reputed international conferences, journals, and online book chapter contributions and is also serving as the editorial board member of many international journals. He is a reviewer of journal articles in numerous technical journals and has been a keynote speaker, session chair and technical program committee member in many international conferences. He has authored a book on wireless sensor networks and is currently editing six books for multiple publishers, including Scrivener Publishing.Ramchandra Mangrulkar, PhD, is an associate professor in the Department of Computer Engineering at SVKM's Dwarkadas J. Sanghvi College of Engineering, Mumbai, Maharashtra, India. He has published 48 papers and 12 book chapters and presented significant papers at technical conferences. He has also chaired many conferences as a session chair and conducted various workshops and is also a ICSI-CNSS Certified Network Security Specialist. He is an active member on boards of studies in various universities and institutes in India.Dac-Nhuong Le, PhD, is an associate professor and associate dean at Haiphong University, Vietnam. He earned his MSc and PhD in computer science from Vietnam National University, and he has over 20 years of teaching experience. He has over 50 publications in reputed international conferences, journals and online book chapter contributions and has chaired numerous international conferences. He has served on numerous editorial boards for scientific and technical journals and has authored or edited over 15 books by various publishers, including Scrivener Publishing.