Cyber-Vigilance and Digital Trust

Cyber threats are ever increasing. Adversaries are getting more sophisticated and cyber criminals are infiltrating companies in a variety of sectors. In today's landscape, organizations need to acquire and develop effective security tools and mechanisms - not only to keep up with cyber criminals, but also to stay one step ahead. Cyber-Vigilance and Digital Trust develops cyber security disciplines that serve this double objective, dealing with cyber security threats in a unique way. Specifically, the book reviews recent advances in cyber threat intelligence, trust management and risk analysis, and gives a formal and technical approach based on a data tainting mechanism to avoid data leakage in Android systems

Autorentext

Wiem Tounsi, PhD, is Head of the Managed Security Services and R&D division at Axians Cybersecurity Paris, France. Her research interests include network security and privacy issues, mainly policies management, threat analysis and lightweight cryptography. She has authored several research papers in high-level international journals and conferences, and has been an invited keynote speaker at several major scientific conferences.

Inhalt

Introduction ix
Wiem TOUNSI

Chapter 1. What Is Cyber Threat Intelligence and How Is It Evolving? **1
Wiem TOUNSI

1.1. Introduction 1

1.2. Background 3

1.2.1. New Generation Threats 3

1.2.2. Analytical Frameworks 6

1.3. Cyber Threat Intelligence 9

1.3.1. Cyber Threat Intelligence Sources 9

1.3.2. Cyber Threat Intelligence Sub-Domains 11

1.3.3. Technical Threat Intelligence (TTI) 13

1.4. Related Work 14

1.5. Technical Threat Intelligence Sharing Problems 16

1.5.1. Benefits of CTI Sharing for Collective Learning 16

1.5.2. Reasons for Not Sharing 17

1.6. Technical Threat Intelligence Limitations 21

1.6.1. Quantity Over Quality 21

1.6.2. IOC-Specific Limitations 22

1.7. Cyber Threat Intelligent Libraries or Platforms 25

1.7.1. Benefits of CTI Libraries Based In the Cloud 26

1.7.2. Reluctance to Use Cloud Services 26

1.8. Discussion 27

1.8.1. Sharing Faster Is Not Sufficient 27

1.8.2. Reducing the Quantity of Threat Feeds 28

1.8.3. Trust to Share Threat Data and to Save Reputation Concerns 30

1.8.4. Standards for CTI Representation and Sharing 31

1.8.5. Cloud-Based CTI Libraries for Collective Knowledge and Immunity 34

1.9. Evaluation of Technical Threat Intelligence Tools 36

1.9.1. Presentation of Selected Tools 37

1.9.2. Comparative Discussion 38

1.10. Conclusion and Future Work 39

1.11. References 40

Chapter 2. Trust Management Systems: A Retrospective Study on Digital Trust **51
Reda YAICH

2.1. Introduction 51

2.2. What Is Trust? 52

2.3. Genesis of Trust Management Systems 54

2.3.1. Access Control Model 54

2.3.2. Identity-Based Access Control 55

2.3.3. Lattice-Based Access Control 57

2.3.4. Role-Based Access Control 58

2.3.5. Organization-Based Access Control 59

2.3.6. Attribute-Based Access Control 61

2.4. Trust Management 62

2.4.1. Definition 62

2.4.2. Trust Management System 64

2.4.3. Foundations 65

2.4.4. Automated Trust Negotiation 70

2.5. Classification of Trust Management Systems 72

2.5.1. Authorization-Based TMSs 73

2.5.2. Automated Trust Negotiation Systems 81

2.6. Trust Management In Cloud Infrastructures 90

2.6.1. Credentials-Based Trust Models 90

2.6.2. SLA-Based Trust Models 90

2.6.3. Feedback-Based Trust Models 91

2.6.4. Prediction-Based Trust Models 92

2.7. Conclusion 93

2.8. References 94

Chapter 3. Risk Analysis Linked to Network Attacks **105
Kamel KAROUI

3.1. Introduction 105

3.2. Risk Theory 107

3.2.1. Risk Analysis Terminology 107

3.2.2. Presentation of the Main Risk Methods 109

3.2.3. Comparison of the Main Methods 116

3.3. Analysis of IS Risk In the Context of IT Networks 120

3.3.1. Setting the Context 120

3.3.2. Risk Assessment 127

3.3.3. Risk Treatment 133

3.3.4. Acceptance of Risks 136

3.3.5. Risk Communication 137

3.3.6. Risk Monitoring 138

3.4. Conclusion 138

3.5. References 138

Chapter 4. Analytical Overview on Secure Information Flow In Android Systems: Protecting Private Data Used By Smartphone Applications **141
Mariem GRAA

4.1. Introduction 142

4.2. Information Flow 143

4.2.1. Explicit Flows 143

4.2.2. Implicit Flows 143

4.2.3. Covert Channels 144

4.3. Data Tainting 145

4.3.1. Interpreter Approach 145

4.3.2. Architecture-Based Approach 146 4.3.3. Static Taint Ana...