Cloud Security: Attacks, Techniques, Tools, and Challenges
暫譯: 雲端安全:攻擊、技術、工具與挑戰
Mishra, Preeti, Pilli, Emmanuel S., Joshi, R. C.
相關主題
商品描述
Cloud computing has gained paramount attention and most of the companies are adopting this new paradigm and gaining significant benefits. As number of applications and business operations are being facilitated by the cloud computing paradigm, it has become the potential target to attackers. The importance of well-organized architecture and security roles have become greater with the growing popularity.
Cloud Security: Attacks, Techniques, Tools, and Challenges, provides an in-depth technical description about various key essential aspects of cloud security. We have endeavored to provide a technical foundation that will be practically useful not just for students and independent researchers but also for professional cloud security analysts for conducting security procedures, and all those who are curious in the field of cloud security
The book offers comprehensive coverage of the most essential topics, including:
- Basic fundamentals of Cloud Computing
- Cloud security concepts, vulnerabilities, security standards and reference models
- Cloud security goals, key issues and privacy requirements
- Threat model, detailed taxonomy of cloud attacks, Attack feature analysis - case study
- A detailed taxonomy of IDS techniques and Cloud Intrusion Detection Systems (IDS)
- Attack and security tools, LibVMI - case study
- Advanced approaches: Virtual Machine Introspection (VMI) and Hypervisor Introspection (HVI)
- Container security: threat model, attacks and defense systems
This book is intended for both academic and professional audience. It could also be used as a textbook, for a semester course at undergraduate and post graduate level in Computer Science, Information Technology, Information Security, and Information Science & Management. The book serves as basic reference volume for researchers in cloud security. It will be useful to practitioners, cloud security team, and the cloud security auditor as well. To get the most out of this book, the reader should have a working knowledge of various operating system environments, hypervisors, cloud computing fundamentals, programming languages like Python and a working knowledge of security tools.
商品描述(中文翻譯)
雲端運算已獲得極大的關注,且大多數公司正在採用這一新範式並獲得顯著的好處。隨著越來越多的應用程式和商業運作受到雲端運算範式的支持,它已成為攻擊者的潛在目標。隨著其日益普及,良好組織的架構和安全角色的重要性也變得更加突出。
《雲端安全:攻擊、技術、工具與挑戰》提供了有關雲端安全各個關鍵要素的深入技術描述。我們努力提供一個技術基礎,這不僅對學生和獨立研究人員實用,也對專業的雲端安全分析師在進行安全程序時有幫助,還有所有對雲端安全領域感到好奇的人。
本書全面涵蓋了最重要的主題,包括:
- 雲端運算的基本原則
- 雲端安全概念、漏洞、安全標準和參考模型
- 雲端安全目標、關鍵問題和隱私要求
- 威脅模型、雲端攻擊的詳細分類、攻擊特徵分析 - 案例研究
- IDS 技術的詳細分類和雲端入侵檢測系統 (IDS)
- 攻擊和安全工具,LibVMI - 案例研究
- 進階方法:虛擬機內省 (VMI) 和虛擬機監控 (HVI)
- 容器安全:威脅模型、攻擊和防禦系統
本書適合學術界和專業人士使用。它也可以作為教科書,用於計算機科學、資訊技術、資訊安全及資訊科學與管理的本科和研究生課程。該書作為雲端安全研究人員的基本參考書籍,對從業者、雲端安全團隊和雲端安全審計師也將非常有用。為了充分利用本書,讀者應具備各種操作系統環境、虛擬機監控、雲端運算基本知識、Python 等程式語言的工作知識,以及安全工具的基本了解。
作者簡介
Preeti Mishra is currently working as an Assistant Professor in the Department of Computer Science in Doon University, Dehradun, UK, India which is a State Government University. Earlier, she was associated with Graphic Era Deemed to be University Dehradun. She has 10+ years teaching and research experience. She received her Ph. D. degree in the field of Cloud Security from Malaviya National Institute of Technology Jaipur, India under the supervision of Dr. Emmanuel S. Pilli and Prof. Vijay Varadharajan (2017). She is a B. Tech and M. Tech Gold Medalist. She has published various SCI/SCIE indexed reputed International Journals and reputed conference papers in the area of security and privacy. Some of her key research publications have been published in IEEE Transaction on Cloud Computing (with IF 5.720), IEEE Communication Surveys and Tutorials (with IF 25.249), IEEE Transactions on Industrial Informatics (IF: 9+) etc. as main author. She has also published several publications in reputed international conferences. She worked as a visiting scholar in Macquarie University Sydney under Prof. Vijay Varadharajan in 2015 and has been awarded a fellowship, administered by the Department Administrators in Department of Computing, Macquarie University, Sydney. She has also been awarded by Graphic Era Deemed to be University Dehradun for outstanding contribution in research. Her research proposal, valued more than 20 lakhs got approved by SERB-DST, Govt. of India in the area of Cloud Security. Her area of interest includes Cloud Security, E-mail Security and Network Security, Internet of Things, Blockchain, Cyber Security, Mobile Security, Adversarial Machine Learning etc. She is currently serving as a Lead Guest Editor in IEEE Transaction on Industrial Informatics (TII).
Emmanuel S. Pilli received his Ph.D. from IIT, Roorkee (2012) and is currently an Associate Professor and Head of Dept. of CSE in Malaviya National Institute of Technology, Jaipur, India. Pilli Emmanuel Shubhakar has 21 years of teaching, research and administrative experience. He completed a research project Investigating the Source of Spoofed E- mails from UCOST, Dehradun in 2016. He has coauthored a book Fundamentals of Network Forensics - A Research Perspective for Springer in 2016. A total of 4 students have been awarded PhD under his supervision and 12 Ph. D students are pursuing their research. He is Senior Member of both IEEE and ACM. His areas of interest include Security and Forensics, Cloud Computing, Big Data, IoT, Darkweb, and Blockchain etc. He is member of Cloud Computing Innovation Council of India (CCICI) and Forensic Science Workgroup on Cloud Computing of the NIST, USA.
Dr. R.C. Joshi Former Prof. E. & C.E. Department at IIT Roorkee and Chancellor at Graphic Era University Dehradun, received his B.E degree from NIT Allahabad in1967, M.E.1st Div. with Honors and Ph.D Degree from Roorkee University, now IIT Roorkee, in 1970 & 1980 respectively. He worked as a Lecturer in J.K Institute, Allahabad University during 1967-68.He joined Roorkee University in 1970 as Lecturer, became Reader in 1980 and Prof. in 1987. He had been Head of Electronics & Computer Engineering from Jan 1991-1994 & Jan. 1997 to Dec. 1999. He was also the Head of Institute Computer Centre, IIT Roorkee from March 1994 to Dec. 2005.He was on short visiting Professor's Assignment in University of Cincinnati, USA. University of Minnesota, U.S.A & Macquarie University Sydney Australia also visited France under Indo-France collaboration program during June 78 to Nov. 79. Dr. Joshi has guided 27 Ph.Ds, 250 M.Tech, Dissertation, 75 B.E Projects. He had taught more than 25 subjects in Computer Engineering, Electronics Engineering & Information Technology. He has worked as a Principal Investigator in number of Sponsored Projects of Ministry of Information & Communication Technology, DRDO, AICTE, UNDP, ISEA etc.
作者簡介(中文翻譯)
Preeti Mishra 目前在印度德拉敦的杜恩大學計算機科學系擔任助理教授,該校為州政府大學。她之前曾在德拉敦的圖形時代大學任職。她擁有超過10年的教學和研究經驗。她在印度賈普爾的馬拉維亞國立技術學院獲得雲安全領域的博士學位,指導教授為 Dr. Emmanuel S. Pilli 和 Prof. Vijay Varadharajan(2017年)。她是 B. Tech 和 M. Tech 的金獎得主。她在安全和隱私領域發表了多篇被 SCI/SCIE 索引的國際期刊和著名會議論文。她的一些重要研究出版物作為主要作者發表在 IEEE Transaction on Cloud Computing(影響因子 5.720)、IEEE Communication Surveys and Tutorials(影響因子 25.249)、IEEE Transactions on Industrial Informatics(影響因子:9+)等期刊上。她還在多個著名國際會議上發表了幾篇論文。2015年,她在澳大利亞悉尼的麥考瑞大學擔任訪問學者,指導教授為 Prof. Vijay Varadharajan,並獲得了由麥考瑞大學計算系的部門管理者頒發的獎學金。她還因在研究方面的傑出貢獻而獲得圖形時代大學的獎勵。她的研究提案,價值超過200萬印度盧比,已獲得印度政府的 SERB-DST 批准,專注於雲安全。她的研究興趣包括雲安全、電子郵件安全、網絡安全、物聯網、區塊鏈、網絡安全、移動安全、對抗性機器學習等。她目前擔任 IEEE Transaction on Industrial Informatics (TII) 的首席客座編輯。
Emmanuel S. Pilli 於2012年在印度羅爾基的印度理工學院獲得博士學位,目前是馬拉維亞國立技術學院計算機科學與工程系的副教授及系主任。Pilli Emmanuel Shubhakar 擁有21年的教學、研究和行政經驗。他於2016年完成了一項研究項目,調查來自德拉敦 UCOST 的偽造電子郵件來源。他於2016年共同編著了《網絡取證基礎 - 研究視角》一書,出版於 Springer。共有4名學生在他的指導下獲得博士學位,12名博士生正在進行研究。他是 IEEE 和 ACM 的高級會員。他的研究興趣包括安全與取證、雲計算、大數據、物聯網、暗網和區塊鏈等。他是印度雲計算創新委員會(CCICI)和美國國家標準與技術研究所(NIST)雲計算取證科學工作組的成員。
Dr. R.C. Joshi 曾任印度羅爾基印度理工學院電子與通信工程系教授及德拉敦圖形時代大學校長,於1967年獲得阿拉哈巴德國立技術學院的工學學士學位,1970年和1980年分別獲得羅爾基大學(現為印度理工學院羅爾基)的工學碩士(榮譽)和博士學位。他於1967-68年在阿拉哈巴德大學的 J.K. 學院擔任講師。1970年,他以講師身份加入羅爾基大學,1980年晉升為副教授,1987年成為教授。他曾於1991年1月至1994年1月及1997年1月至1999年12月擔任電子與計算機工程系主任。他還於1994年3月至2005年12月擔任印度理工學院羅爾基的計算中心主任。他曾在美國辛辛那提大學、明尼蘇達大學及澳大利亞麥考瑞大學擔任短期訪問教授,並於1978年6月至1979年11月在法國進行印度-法國合作計劃的訪問。Dr. Joshi 指導了27名博士生、250名碩士生的論文及75個工學項目。他教授過超過25門計算機工程、電子工程和信息技術的課程。他曾擔任多個由信息與通信技術部、DRDO、AICTE、UNDP、ISEA等機構資助的項目的首席研究員。
