Cyber-Security Threats, Actors, and Dynamic Mitigation
暫譯: 網路安全威脅、行為者與動態緩解
Kolokotronis, Nicholas, Shiaeles, Stavros
相關主題
商品描述
Cyber-Security Threats, Actors, and Dynamic Mitigation provides both a technical and state-of-the-art perspective as well as a systematic overview of the recent advances in different facets of cyber-security. It covers the methodologies for modeling attack strategies used by threat actors targeting devices, systems, and networks such as smart homes, critical infrastructures, and industrial IoT.
With a comprehensive review of the threat landscape, the book explores both common and sophisticated threats to systems and networks. Tools and methodologies are presented for precise modeling of attack strategies, which can be used both proactively in risk management and reactively in intrusion prevention and response systems. Several contemporary techniques are offered ranging from reconnaissance and penetration testing to malware detection, analysis, and mitigation. Advanced machine learning-based approaches are also included in the area of anomaly-based detection, that are capable of detecting attacks relying on zero-day vulnerabilities and exploits.
Academics, researchers, and professionals in cyber-security who want an in-depth look at the contemporary aspects of the field will find this book of interest. Those wanting a unique reference for various cyber-security threats and how they are detected, analyzed, and mitigated will reach for this book often.
商品描述(中文翻譯)
《網路安全威脅、行為者與動態緩解》提供了技術性和最前沿的觀點,並系統性地概述了網路安全各個方面的最新進展。它涵蓋了針對設備、系統和網路(如智慧家庭、關鍵基礎設施和工業物聯網)的威脅行為者所使用的攻擊策略建模方法。
本書對威脅環境進行了全面的回顧,探討了系統和網路面臨的常見和複雜威脅。書中介紹了用於精確建模攻擊策略的工具和方法,這些方法可用於風險管理中的主動應用,也可用於入侵預防和響應系統中的被動應用。提供了多種當代技術,從偵查和滲透測試到惡意軟體檢測、分析和緩解。還包括基於先進機器學習的異常檢測方法,這些方法能夠檢測依賴於零日漏洞和利用的攻擊。
對於希望深入了解網路安全領域當代各個方面的學術界、研究人員和專業人士來說,本書將引起他們的興趣。那些希望獲得有關各種網路安全威脅及其檢測、分析和緩解的獨特參考資料的人,將經常翻閱這本書。
作者簡介
Nicholas Kolokotronis is an Associate Professor and head of the Cryptography and Security Group at the Department of Informatics and Telecommunications, University of the Peloponnese. He received his B.Sc. in mathematics from the Aristotle University of Thessaloniki, Greece, in 1995, an M.Sc. in highly efficient algorithms (highest honors) in 1998 and a Ph.D. in cryptography in 2003, both from the National and Kapodistrian University of Athens.
Since 2004, he has held visiting positions at the University of Piraeus, University of the Peloponnese, the National and Kapodistrian University of Athens, and the Open University of Cyprus. During 2002-04, he was with the European Dynamics S.A., Greece, as a security consultant. He has been a member of working groups for the provisioning of professional cyber-security training to large organizations, including the Hellenic Telecommunications and Posts Commission (EETT). He has published more than 85 papers in international scientific journals, conferences, and books and has participated in more than 20 EU-funded and national research and innovation projects. He has been a co-chair of conferences (IEEE CSR 2021), workshops (IEEE SecSoft 2019, IEEE CSRIoT 2019, 2020, and ACM EPESec 2020), and special sessions focusing on IoT security. Moreover, he has been a TPC member in many international conferences, incl. IEEE ISIT, IEEE GLOBECOM, IEEE ICC, ARES, and ISC.
He is currently a Guest Editor in Engineering - cyber security, digital forensics and resilience area of Springer's Applied Sciences Journal (since 2019) and in the Reviewer Board of MDPI's Cryptography journal (since 2020), whereas he has been an Associate Editor of the EURASIP Journal on Wireless Communications and Networking (2009-17) and a regular reviewer for a number of prestigious journals, incl. IEEE TIFS, IEEE TIT, Springer's DCC, etc. His research interests span the broad areas of cryptography, security, and coding theory.
Stavros Shiaeles is an Assistant Professor in cyber-security at the University of Portsmouth, UK. He worked as an expert in cyber-security and digital forensics in the UK and EU, serving companies and research councils. His research interest span in the broad area of cyber-security and more specifically in OSINT, social engineering, distributed denial-of-service attacks, cloud security, digital forensics, network anomaly detection, and malware mitigation. Dr Shiaeles has authored more than 60 publications in academic journals and conferences, co-chaired many workshops and conferences and actively involved in research projects as Principal Investigator leading his cyber-security research team.
He is currently a Guest Editor in the topical collection Cyber security, digital forensics and resilience at Springer's Applied Sciences Journal (since 2019), Topic Editor at MDPI Forensic Sciences Journal (since 2020), Guest editor in the Special Issue Advancements in Networking and Cyber Security at MDPI Electronics Journal (2020), Guest editor in the Special Issue on Novel Cyber-Security Paradigms for Software-defined and Virtualized Systems at Elsevier Computer Networks Journal (2020), Active member at IEEE Technical Committee on Information Infrastructure and Networking (TCIIN) and a regular reviewer for several prestigious journals.
Further to his academic qualifications, he holds a series of professional certifications, namely EC-Council Certified Ethical Hacker (CEH), EC-Council Advanced Penetration Testing (CAST611), ISACA Cobit 5 Foundation and a Cyberoam Certified Network and Security Professional (CCNSP), and he is EC-Council accredited instructor providing professional certifications training on cyber-security and penetration testing. He is also a Fellow of the BCS and a Fellow of the Higher Education Academy in the UK.
Before entering academia, Dr Shiaeles was in the industry, where he has more than ten years of experience, and he has worked on various aspects of IT and cyber-security, gaining invaluable hands-on knowledge on various systems and software developing.
作者簡介(中文翻譯)
Nicholas Kolokotronis 是希臘佩洛波尼索斯大學資訊與電信系的副教授及密碼學與安全小組的負責人。他於1995年在希臘塞薩洛尼基的亞里士多德大學獲得數學學士學位,1998年獲得高效演算法碩士學位(最高榮譽),並於2003年獲得雅典國立暨卡波迪斯特里亞大學的密碼學博士學位。
自2004年以來,他曾在比雷埃夫斯大學、佩洛波尼索斯大學、雅典國立暨卡波迪斯特里亞大學及塞浦路斯開放大學擔任訪問職位。在2002年至2004年間,他在希臘的歐洲動力公司(European Dynamics S.A.)擔任安全顧問。他曾是為大型組織提供專業網路安全訓練的工作小組成員,包括希臘電信與郵政委員會(EETT)。他在國際科學期刊、會議和書籍上發表了超過85篇論文,並參與了超過20個歐盟資助及國家研究與創新項目。他曾擔任會議的共同主席(IEEE CSR 2021)、研討會(IEEE SecSoft 2019、IEEE CSRIoT 2019、2020及ACM EPESec 2020)及專題會議,專注於物聯網安全。此外,他還是多個國際會議的TPC成員,包括IEEE ISIT、IEEE GLOBECOM、IEEE ICC、ARES及ISC。
他目前是Springer的《應用科學期刊》中工程 - 網路安全、數位取證及韌性領域的客座編輯(自2019年起),以及MDPI的《密碼學期刊》的審稿委員(自2020年起),並曾擔任EURASIP《無線通訊與網路期刊》的副編輯(2009-2017)及多個知名期刊的常規審稿人,包括IEEE TIFS、IEEE TIT、Springer的DCC等。他的研究興趣涵蓋密碼學、安全性及編碼理論的廣泛領域。
Stavros Shiaeles 是英國朴茨茅斯大學的網路安全助理教授。他曾在英國及歐盟擔任網路安全及數位取證的專家,為公司及研究委員會提供服務。他的研究興趣涵蓋網路安全的廣泛領域,特別是在開源情報(OSINT)、社會工程、分散式拒絕服務攻擊、雲安全、數位取證、網路異常檢測及惡意軟體緩解等方面。Shiaeles博士在學術期刊和會議上發表了超過60篇論文,並共同主持了多個研討會和會議,積極參與研究項目,擔任主要研究者領導他的網路安全研究團隊。
他目前是Springer的《應用科學期刊》中網路安全、數位取證及韌性專題集的客座編輯(自2019年起),MDPI《法醫科學期刊》的主題編輯(自2020年起),MDPI《電子期刊》中關於網路及網路安全進展的特刊的客座編輯(2020年),Elsevier《計算機網路期刊》中關於軟體定義及虛擬化系統的新型網路安全範式的特刊的客座編輯(2020年),IEEE資訊基礎設施與網路技術委員會(TCIIN)的活躍成員,以及多個知名期刊的常規審稿人。
除了學術資格外,他還擁有一系列專業認證,包括EC-Council認證的道德駭客(CEH)、EC-Council進階滲透測試(CAST611)、ISACA Cobit 5基礎認證及Cyberoam認證的網路與安全專業人員(CCNSP),並且是EC-Council認可的講師,提供網路安全及滲透測試的專業認證訓練。他也是英國BCS的研究員及高等教育學院的研究員。
在進入學術界之前,Shiaeles博士曾在業界工作,擁有超過十年的經驗,並在IT及網路安全的各個方面工作,獲得了對各種系統和軟體開發的寶貴實務知識。
