Info
- Utilizzare la checkbox di selezione a fianco di ciascun documento per attivare le funzionalità di stampa, invio email, download nei formati disponibili del (i) record.
Android malware detection using machine learning : data-driven fingerprinting and threat intelligence / / ElMouatez Billah Karbab [and three others]
| Android malware detection using machine learning : data-driven fingerprinting and threat intelligence / / ElMouatez Billah Karbab [and three others] |
| Pubbl/distr/stampa | Cham, Switzerland : , : Springer, , [2021] |
| Descrizione fisica | 1 online resource (212 pages) |
| Disciplina | 005.8 |
| Collana | Advances in Information Security |
| Soggetto topico |
Malware (Computer software) - Prevention
Computer security - Standards |
| ISBN | 3-030-74664-X |
| Formato | Materiale a stampa  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Contents -- List of Figures -- List of Tables -- 1 Introduction -- 1.1 Motivations -- 1.2 Objectives -- 1.3 Research Contributions -- 1.4 Book Organization -- References -- 2 Background and Related Work -- 2.1 Background -- 2.1.1 Android OS Overview -- 2.1.1.1 Android Apk Format -- 2.1.1.2 Android Markets -- 2.1.2 Android Security -- 2.1.2.1 Android Security Threats -- 2.1.2.2 Design Challenges of Malware Detection Systems -- 2.2 Android Malware Detection Overview -- 2.3 Taxonomy of Android Malware Detection Systems -- 2.3.1 Malware Threats -- 2.3.2 Detection System Deployment -- 2.4 Performance Criteria for Malware Detection -- 2.4.1 Feature Selection -- 2.4.2 Detection Strategy -- 2.5 General Malware Threat Detection -- 2.5.1 Workstation-Based Solutions -- 2.5.2 Mobile-Based Solutions -- 2.5.3 Hybrid Solutions -- 2.5.4 Discussions -- 2.6 Specific Malware Threat Detection -- 2.6.1 Workstation-Based Solutions -- 2.6.2 Mobile-Based Solutions -- 2.6.3 Hybrid Solutions -- 2.6.4 Discussions -- 2.7 Android Malware Detection Helpers -- 2.7.1 Discussions -- 2.8 Summary -- References -- 3 Fingerprinting Android Malware Packages -- 3.1 Approximate Static Fingerprint -- 3.1.1 Fingerprint Structure -- 3.1.2 Fingerprints Generation -- 3.1.2.1 N-grams -- 3.1.2.2 Feature Hashing -- 3.1.2.3 Fingerprint Computation Process -- 3.1.2.4 Compute Fingerprints Similarity -- 3.2 Malware Detection Framework -- 3.2.1 Peer-Fingerprint Voting -- 3.2.2 Peer-Matching -- 3.2.2.1 Family-Fingerprinting -- 3.3 Experimental Results -- 3.3.1 Testing Setup -- 3.3.2 Evaluation Results -- 3.3.2.1 Family-Fingerprinting Results -- 3.3.2.2 Peer-Matching Results -- 3.3.2.3 Peer-Voting vs Merged Fingerprints -- 3.3.3 Discussion -- 3.4 Summary -- References -- 4 Robust Android Malicious Community Fingerprinting -- 4.1 Threat Model -- 4.2 Usage Scenarios -- 4.3 Clustering Process.
4.4 Static Features -- 4.4.1 N-grams -- 4.4.1.1 Classes.dex Byte N-grams -- 4.4.1.2 Assembly Opcodes N-grams -- 4.4.2 Native Library N-grams -- 4.4.2.1 APK N-grams -- 4.4.3 Manifest File Features -- 4.4.4 Android API Calls -- 4.4.5 Resources -- 4.4.6 APK Content Types -- 4.4.7 Feature Preprocessing -- 4.5 LSH Similarity Computation -- 4.6 Community Detection -- 4.7 Community Fingerprint -- 4.8 Experimental Results -- 4.8.1 Dataset and Test Setup -- 4.8.1.1 App Detection Metrics -- 4.8.1.2 Community Detection Metrics -- 4.8.2 Mixed Dataset Results -- 4.8.3 Results of Malware-Only Datasets -- 4.8.4 Community Fingerprint Results -- 4.9 Hyper-Parameter Analyses -- 4.9.1 Purity Analysis -- 4.9.2 Coverage Analysis -- 4.9.3 Number of Communities Analysis -- 4.9.4 Efficiency Analysis -- 4.10 Case Study: Recall and Precision Settings -- 4.11 Case Study: Obfuscation -- 4.12 Summary -- References -- 5 Android Malware Fingerprinting Using Dynamic Analysis -- 5.1 Threat Model -- 5.2 Overview -- 5.2.1 Notation -- 5.3 Methodology -- 5.3.1 Behavioral Reports Generation -- 5.3.2 Report Vectorization -- 5.3.3 Build Models -- 5.3.4 Ensemble Composition -- 5.3.5 Ensemble Prediction Process -- 5.4 MalDy Framework -- 5.4.1 Machine Learning Algorithms -- 5.5 Evaluation Results -- 5.5.1 Evaluation Datasets -- 5.5.2 Effectiveness -- 5.5.2.1 Classifier Effect -- 5.5.2.2 Effect of the Vectorization Technique -- 5.5.2.3 Effect of Tuning Hyper-Parameters -- 5.5.3 Portability -- 5.5.3.1 MalDy on Win32 Malware -- 5.5.3.2 MalDy Train Dataset Size -- 5.5.4 Efficiency -- 5.6 Summary -- References -- 6 Fingerprinting Cyber-Infrastructures of Android Malware -- 6.1 Threat Model -- 6.2 Usage Scenarios -- 6.3 Methodology -- 6.3.1 Threat Communities Detection -- 6.3.2 Action Prioritization -- 6.3.2.1 PageRank Algorithm -- 6.3.3 Security Correlation. 6.3.3.1 Network Enrichment Using Passive DNS -- 6.3.3.2 Threat Network Tagging -- 6.4 Experimental Results -- 6.4.1 Android Malware Dataset -- 6.4.2 Implementation -- 6.4.3 Drebin Threat Network -- 6.4.4 Family Threat Networks -- 6.5 Summary -- References -- 7 Portable Supervised Malware Fingerprinting Using Deep Learning -- 7.1 Threat Model -- 7.2 Usage Scenarios -- 7.3 Methodology -- 7.3.1 MalDozer Method Embedding -- 7.3.2 MalDozer Neural Network -- 7.3.3 Implementation -- 7.4 Evaluation -- 7.4.1 Datasets -- 7.4.2 Malware Detection Performance -- 7.4.2.1 Unknown Malware Detection -- 7.4.2.2 Resiliency Against API Evolution Over Time -- 7.4.2.3 Resiliency Against Changing the Order of API Methods -- 7.4.3 Family Attribution Performance -- 7.4.4 Runtime Performance -- 7.4.4.1 Model Complexity Evaluation -- 7.5 Summary -- References -- 8 Resilient and Adaptive Android Malware Fingerprinting and Detection -- 8.1 Methodology -- 8.1.1 Approach -- 8.1.2 Android App Representation -- 8.1.3 Malware Detection -- 8.1.3.1 Fragment Detection -- 8.1.3.2 Inst2Vec Embedding -- 8.1.3.3 Classification Model -- 8.1.3.4 Dataset Notation -- 8.1.3.5 Detection Ensemble -- 8.1.3.6 Confidence Analysis -- 8.1.3.7 PetaDroid Adaptation Mechanism -- 8.1.4 Malware Clustering -- 8.1.4.1 InstNGram2Vec -- 8.1.4.2 Deep Neural Auto-Encoder and Digest Generation -- 8.1.4.3 Malware Family Clustering -- 8.1.5 Implementation -- 8.2 Evaluation -- 8.2.1 Android Dataset -- 8.2.2 Malware Detection -- 8.2.2.1 Detection Performance -- 8.2.2.2 Dataset Size Effect -- 8.2.2.3 Ensemble Size Effect -- 8.2.3 Family Clustering -- 8.2.4 Obfuscation Resiliency -- 8.2.5 Change Over Time Resiliency -- 8.2.6 PetaDroid Automatic Adaptation -- 8.2.7 Efficiency -- 8.3 Comparative Study -- 8.3.1 Detection Performance Comparison -- 8.3.2 Efficiency Comparison -- 8.3.3 Time Resiliency Comparison. 8.4 Case Studies -- 8.4.1 Scalable Detection -- 8.4.2 Scalable Automatic Adaptation -- 8.5 Summary -- References -- 9 Conclusion -- 9.1 Concluding Remarks -- 9.2 Lessons Learned -- 9.3 Future Research Directions -- References -- Index. |
| Record Nr. | UNISA-996464514303316 |
| Cham, Switzerland : , : Springer, , [2021] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
Android malware detection using machine learning : data-driven fingerprinting and threat intelligence / / ElMouatez Billah Karbab [and three others]
| Android malware detection using machine learning : data-driven fingerprinting and threat intelligence / / ElMouatez Billah Karbab [and three others] |
| Pubbl/distr/stampa | Cham, Switzerland : , : Springer, , [2021] |
| Descrizione fisica | 1 online resource (212 pages) |
| Disciplina | 005.8 |
| Collana | Advances in Information Security |
| Soggetto topico |
Malware (Computer software) - Prevention
Computer security - Standards |
| ISBN | 3-030-74664-X |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Contents -- List of Figures -- List of Tables -- 1 Introduction -- 1.1 Motivations -- 1.2 Objectives -- 1.3 Research Contributions -- 1.4 Book Organization -- References -- 2 Background and Related Work -- 2.1 Background -- 2.1.1 Android OS Overview -- 2.1.1.1 Android Apk Format -- 2.1.1.2 Android Markets -- 2.1.2 Android Security -- 2.1.2.1 Android Security Threats -- 2.1.2.2 Design Challenges of Malware Detection Systems -- 2.2 Android Malware Detection Overview -- 2.3 Taxonomy of Android Malware Detection Systems -- 2.3.1 Malware Threats -- 2.3.2 Detection System Deployment -- 2.4 Performance Criteria for Malware Detection -- 2.4.1 Feature Selection -- 2.4.2 Detection Strategy -- 2.5 General Malware Threat Detection -- 2.5.1 Workstation-Based Solutions -- 2.5.2 Mobile-Based Solutions -- 2.5.3 Hybrid Solutions -- 2.5.4 Discussions -- 2.6 Specific Malware Threat Detection -- 2.6.1 Workstation-Based Solutions -- 2.6.2 Mobile-Based Solutions -- 2.6.3 Hybrid Solutions -- 2.6.4 Discussions -- 2.7 Android Malware Detection Helpers -- 2.7.1 Discussions -- 2.8 Summary -- References -- 3 Fingerprinting Android Malware Packages -- 3.1 Approximate Static Fingerprint -- 3.1.1 Fingerprint Structure -- 3.1.2 Fingerprints Generation -- 3.1.2.1 N-grams -- 3.1.2.2 Feature Hashing -- 3.1.2.3 Fingerprint Computation Process -- 3.1.2.4 Compute Fingerprints Similarity -- 3.2 Malware Detection Framework -- 3.2.1 Peer-Fingerprint Voting -- 3.2.2 Peer-Matching -- 3.2.2.1 Family-Fingerprinting -- 3.3 Experimental Results -- 3.3.1 Testing Setup -- 3.3.2 Evaluation Results -- 3.3.2.1 Family-Fingerprinting Results -- 3.3.2.2 Peer-Matching Results -- 3.3.2.3 Peer-Voting vs Merged Fingerprints -- 3.3.3 Discussion -- 3.4 Summary -- References -- 4 Robust Android Malicious Community Fingerprinting -- 4.1 Threat Model -- 4.2 Usage Scenarios -- 4.3 Clustering Process.
4.4 Static Features -- 4.4.1 N-grams -- 4.4.1.1 Classes.dex Byte N-grams -- 4.4.1.2 Assembly Opcodes N-grams -- 4.4.2 Native Library N-grams -- 4.4.2.1 APK N-grams -- 4.4.3 Manifest File Features -- 4.4.4 Android API Calls -- 4.4.5 Resources -- 4.4.6 APK Content Types -- 4.4.7 Feature Preprocessing -- 4.5 LSH Similarity Computation -- 4.6 Community Detection -- 4.7 Community Fingerprint -- 4.8 Experimental Results -- 4.8.1 Dataset and Test Setup -- 4.8.1.1 App Detection Metrics -- 4.8.1.2 Community Detection Metrics -- 4.8.2 Mixed Dataset Results -- 4.8.3 Results of Malware-Only Datasets -- 4.8.4 Community Fingerprint Results -- 4.9 Hyper-Parameter Analyses -- 4.9.1 Purity Analysis -- 4.9.2 Coverage Analysis -- 4.9.3 Number of Communities Analysis -- 4.9.4 Efficiency Analysis -- 4.10 Case Study: Recall and Precision Settings -- 4.11 Case Study: Obfuscation -- 4.12 Summary -- References -- 5 Android Malware Fingerprinting Using Dynamic Analysis -- 5.1 Threat Model -- 5.2 Overview -- 5.2.1 Notation -- 5.3 Methodology -- 5.3.1 Behavioral Reports Generation -- 5.3.2 Report Vectorization -- 5.3.3 Build Models -- 5.3.4 Ensemble Composition -- 5.3.5 Ensemble Prediction Process -- 5.4 MalDy Framework -- 5.4.1 Machine Learning Algorithms -- 5.5 Evaluation Results -- 5.5.1 Evaluation Datasets -- 5.5.2 Effectiveness -- 5.5.2.1 Classifier Effect -- 5.5.2.2 Effect of the Vectorization Technique -- 5.5.2.3 Effect of Tuning Hyper-Parameters -- 5.5.3 Portability -- 5.5.3.1 MalDy on Win32 Malware -- 5.5.3.2 MalDy Train Dataset Size -- 5.5.4 Efficiency -- 5.6 Summary -- References -- 6 Fingerprinting Cyber-Infrastructures of Android Malware -- 6.1 Threat Model -- 6.2 Usage Scenarios -- 6.3 Methodology -- 6.3.1 Threat Communities Detection -- 6.3.2 Action Prioritization -- 6.3.2.1 PageRank Algorithm -- 6.3.3 Security Correlation. 6.3.3.1 Network Enrichment Using Passive DNS -- 6.3.3.2 Threat Network Tagging -- 6.4 Experimental Results -- 6.4.1 Android Malware Dataset -- 6.4.2 Implementation -- 6.4.3 Drebin Threat Network -- 6.4.4 Family Threat Networks -- 6.5 Summary -- References -- 7 Portable Supervised Malware Fingerprinting Using Deep Learning -- 7.1 Threat Model -- 7.2 Usage Scenarios -- 7.3 Methodology -- 7.3.1 MalDozer Method Embedding -- 7.3.2 MalDozer Neural Network -- 7.3.3 Implementation -- 7.4 Evaluation -- 7.4.1 Datasets -- 7.4.2 Malware Detection Performance -- 7.4.2.1 Unknown Malware Detection -- 7.4.2.2 Resiliency Against API Evolution Over Time -- 7.4.2.3 Resiliency Against Changing the Order of API Methods -- 7.4.3 Family Attribution Performance -- 7.4.4 Runtime Performance -- 7.4.4.1 Model Complexity Evaluation -- 7.5 Summary -- References -- 8 Resilient and Adaptive Android Malware Fingerprinting and Detection -- 8.1 Methodology -- 8.1.1 Approach -- 8.1.2 Android App Representation -- 8.1.3 Malware Detection -- 8.1.3.1 Fragment Detection -- 8.1.3.2 Inst2Vec Embedding -- 8.1.3.3 Classification Model -- 8.1.3.4 Dataset Notation -- 8.1.3.5 Detection Ensemble -- 8.1.3.6 Confidence Analysis -- 8.1.3.7 PetaDroid Adaptation Mechanism -- 8.1.4 Malware Clustering -- 8.1.4.1 InstNGram2Vec -- 8.1.4.2 Deep Neural Auto-Encoder and Digest Generation -- 8.1.4.3 Malware Family Clustering -- 8.1.5 Implementation -- 8.2 Evaluation -- 8.2.1 Android Dataset -- 8.2.2 Malware Detection -- 8.2.2.1 Detection Performance -- 8.2.2.2 Dataset Size Effect -- 8.2.2.3 Ensemble Size Effect -- 8.2.3 Family Clustering -- 8.2.4 Obfuscation Resiliency -- 8.2.5 Change Over Time Resiliency -- 8.2.6 PetaDroid Automatic Adaptation -- 8.2.7 Efficiency -- 8.3 Comparative Study -- 8.3.1 Detection Performance Comparison -- 8.3.2 Efficiency Comparison -- 8.3.3 Time Resiliency Comparison. 8.4 Case Studies -- 8.4.1 Scalable Detection -- 8.4.2 Scalable Automatic Adaptation -- 8.5 Summary -- References -- 9 Conclusion -- 9.1 Concluding Remarks -- 9.2 Lessons Learned -- 9.3 Future Research Directions -- References -- Index. |
| Record Nr. | UNINA-9910492141603321 |
| Cham, Switzerland : , : Springer, , [2021] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Automotive cybersecurity : an introduction to ISO/SAE 21434 / / by Dr. David Ward and Paul Wooderson
| Automotive cybersecurity : an introduction to ISO/SAE 21434 / / by Dr. David Ward and Paul Wooderson |
| Autore | Ward David D (Electronics engineer) |
| Edizione | [1st ed.] |
| Pubbl/distr/stampa | Warrendale, Pennsylvania : , : SAE International, , 2021 |
| Descrizione fisica | 1 online resource (1 PDF (xii, 93 pages)) : color illustrations |
| Disciplina | 629.2826 |
| Soggetto topico |
Automotive computers - Security measures
Computer security - Standards COMPUTERS / Security / General TECHNOLOGY & ENGINEERING / Automotive TRANSPORTATION / Automotive / General Computer security Automotive technology and trades Road and motor vehicles: general interest |
| ISBN |
1-4686-0083-4
1-4686-0081-8 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto | Preface -- About the authors -- Chapter 1: Introduction to automotive cybersecurity -- Chapter 2: Cybersecurity for automotive cyber-physical systems -- Chapter 3: Establishing a cybersecurity process -- Chapter 4: Assurance and certification -- Chaper 5: Conclusions and going further -- References -- Index. |
| Record Nr. | UNINA-9910795798803321 |
Ward David D (Electronics engineer)
|
||
| Warrendale, Pennsylvania : , : SAE International, , 2021 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Automotive cybersecurity : an introduction to ISO/SAE 21434 / / by Dr. David Ward and Paul Wooderson
| Automotive cybersecurity : an introduction to ISO/SAE 21434 / / by Dr. David Ward and Paul Wooderson |
| Autore | Ward David D (Electronics engineer) |
| Edizione | [1st ed.] |
| Pubbl/distr/stampa | Warrendale, Pennsylvania : , : SAE International, , 2021 |
| Descrizione fisica | 1 online resource (1 PDF (xii, 93 pages)) : color illustrations |
| Disciplina | 629.2826 |
| Soggetto topico |
Automotive computers - Security measures
Computer security - Standards COMPUTERS / Security / General TECHNOLOGY & ENGINEERING / Automotive TRANSPORTATION / Automotive / General Computer security Automotive technology and trades Road and motor vehicles: general interest |
| ISBN |
1-4686-0083-4
1-4686-0081-8 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto | Preface -- About the authors -- Chapter 1: Introduction to automotive cybersecurity -- Chapter 2: Cybersecurity for automotive cyber-physical systems -- Chapter 3: Establishing a cybersecurity process -- Chapter 4: Assurance and certification -- Chaper 5: Conclusions and going further -- References -- Index. |
| Record Nr. | UNINA-9910826019903321 |
|
Ward David D (Electronics engineer)
|
||
| Warrendale, Pennsylvania : , : SAE International, , 2021 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Cloud computing [[electronic resource] ] : an overview of the technology and the issues facing American innovators : hearing before the Subcommittee on Intellectual Property, Competition, and the Internet of the Committee on the Judiciary, House of Representatives, One Hundred Twelfth Congress, second session, July 25, 2012
| Cloud computing [[electronic resource] ] : an overview of the technology and the issues facing American innovators : hearing before the Subcommittee on Intellectual Property, Competition, and the Internet of the Committee on the Judiciary, House of Representatives, One Hundred Twelfth Congress, second session, July 25, 2012 |
| Pubbl/distr/stampa | Washington : , : U.S. G.P.O., , 2012 |
| Descrizione fisica | 1 online resource (iv, 152 pages) : illustrations |
| Soggetto topico |
Cloud computing
Cloud computing - Security measures - United States Computer security - Standards Electronic information resources - Access control Web services - Security measures - United States Computer networks - Security measures - United States Data protection - United States |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Altri titoli varianti | Cloud computing |
| Record Nr. | UNINA-9910702143403321 |
| Washington : , : U.S. G.P.O., , 2012 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
A comprehensive guide to the NIST cybersecurity framework 2.0 : strategies, implementation, and best practice / / Jason Edwards
| A comprehensive guide to the NIST cybersecurity framework 2.0 : strategies, implementation, and best practice / / Jason Edwards |
| Autore | Edwards Jason (Cybersecurity expert) |
| Edizione | [1st ed.] |
| Pubbl/distr/stampa | Hoboken, NJ : , : Wiley, , 2025 |
| Descrizione fisica | 1 online resource |
| Disciplina | 005.8 |
| Soggetto topico | Computer security - Standards |
| ISBN |
9781394280391
1394280394 9781394280384 1394280386 9781394280377 1394280378 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Cover -- Title Page -- Copyright -- Contents -- Preface -- Acknowledgments -- Chapter 1 Introduction -- Why This Book? -- Overview of Cybersecurity Challenges -- Chapter 2 Understanding the NIST Cybersecurity Framework 2.0 -- Fundamental Changes from Version 1.X -- Core Components of the Framework -- The Functions: Govern, Identify, Protect, Detect, Respond, and Recover -- CSF Organizational Profiles -- CSF Tiers -- Chapter 3 Cybersecurity Controls -- Delving Deeper into Cybersecurity Measures -- Comprehensive Assessment of Cybersecurity Safeguards -- Chapter 4 Compliance and Implementation -- Tailoring the Framework to Different Organizations -- Compliance Considerations -- Integrating with Other Standards and Frameworks -- Chapter 5 Organizational Context (GV.OC) -- GV.OC‐01: The Organizational Mission Is Understood and Informs Cybersecurity Risk Management -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.OC‐02: Internal and External Stakeholders are Understood, and Their Needs and Expectations Regarding Cybersecurity Risk Management Are Understood and Considered -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.OC‐03: Legal, Regulatory, and Contractual Requirements Regarding Cybersecurity-Including Privacy and Civil Liberties Obligations-Are Understood and Managed -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.OC‐04: Critical Objectives, Capabilities, and Services that Stakeholders Depend on or Expect from the Organization are Understood and Communicated -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.OC‐05: Outcomes, Capabilities, and Services that the Organization Depends on Are Understood and Communicated -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC).
Chapter 6 Risk Management Strategy (GV.RM) -- GV.RM‐01: Risk Management Objectives are Established and Agreed to by Organizational Stakeholders -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.RM‐02: Risk Appetite and Risk Tolerance Statements are Established, Communicated, and Maintained -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.RM‐03: Cybersecurity Risk Management Activities and Outcomes Are Included in Enterprise Risk Management Processes -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.RM‐04: Strategic Direction That Describes Appropriate Risk Response Options Is Established and Communicated -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.RM‐05: Lines of Communication Across the Organization Are Established for Cybersecurity Risks, Including Risks from Suppliers and Other Third Parties -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.RM‐06: A Standardized Method for Calculating, Documenting, Categorizing, and Prioritizing Cybersecurity Risks Is Established and Communicated -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.RM‐07: Strategic Opportunities (i.e., Positive Risks) Are Characterized and Are Included in Organizational Cybersecurity Risk Discussions -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- Chapter 7 Roles, Responsibilities, and Authorities (GV.RR) -- GV.RR‐01: Organizational Leadership Is Responsible and Accountable for Cybersecurity Risk and Fosters a Culture That Is Risk‐Aware, Ethical, and Continually Improving -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC). GV.RR‐02: Roles, Responsibilities, and Authorities Related to Cybersecurity Risk Management Are Established, Communicated, Understood, and Enforced -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.RR‐03: Adequate Resources Are Allocated Commensurate with the Cybersecurity Risk Strategy, Roles, Responsibilities, and Policies -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.RR‐04: Cybersecurity Is Included in Human Resource Practices -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- Chapter 8 Policy (GV.PO) -- GV.PO‐01: Policy for Managing Cybersecurity Risks Is Established Based on Organizational Context, Cybersecurity Strategy, and Priorities and Is Communicated and Enforced -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.PO‐02: Policy for Managing Cybersecurity Risks Is Reviewed, Updated, Communicated, and Enforced to Reflect Changes in Requirements, Threats, Technology, and Organizational Mission -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- Chapter 9 Oversight (GV.OV) -- GV.OV‐01: Cybersecurity Risk Management Strategy Outcomes Are Reviewed to Inform and Adjust Strategy and Direction -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.OV‐02: The Cybersecurity Risk Management Strategy Is Reviewed and Adjusted to Ensure Coverage of Organizational Requirements and Risks -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.OV‐03: Organizational Cybersecurity Risk Management Performance Is Evaluated and Reviewed for Adjustments Needed -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- Chapter 10 Cybersecurity Supply Chain Risk Management (GV.SC). GV.SC‐01: Establishing a Cybersecurity Supply Chain Risk Management Program -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.SC‐02: Cybersecurity Roles and Responsibilities Within the Supply Chain -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.SC‐03: Integrating Cybersecurity Supply Chain Risk Management into Organizational Frameworks -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.SC‐04: Prioritizing Suppliers by Criticality in Cybersecurity Supply Chain Risk Management -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.SC‐05: Establishing Cybersecurity Requirements in Supply Chain Contracts -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.SC‐06: Enhancing Cybersecurity Through Diligent Supplier Selection and Management -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.SC‐07: Mastering Supplier Risk Management in the Cybersecurity Landscape -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.SC‐08: Collaborative Incident Management with Suppliers -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.SC‐09: Fortifying Cybersecurity Through Strategic Supply Chain Security Integration -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- GV.SC‐10: Navigating Cybersecurity After the Conclusion of Supplier Partnerships -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- Chapter 11 Asset Management (ID.AM) -- ID.AM‐01: Inventories of Hardware Managed by the Organization Are Maintained -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC). ID.AM‐02: Inventories of Software, Services, and Systems Managed by the Organization Are Maintained -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- ID.AM‐03: Representations of the Organization's Authorized Network Communication and Internal and External Network Data Flows Are Maintained -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- ID.AM‐04: Inventories of Services Provided by Suppliers Are Maintained -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- ID.AM‐05: Assets Are Prioritized Based on Classification, Criticality, Resources, and Impact on the Mission -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- ID.AM‐07: Inventories of Data and Corresponding Metadata for Designated Data Types Are Maintained -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- ID.AM‐08: Systems, Hardware, Software, Services, and Data Are Managed Throughout Their Life Cycles -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- Chapter 12 Risk Assessment (ID.RA) -- ID.RA‐01: Vulnerabilities in Assets Are Identified, Validated, and Recorded -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- ID.RA‐02: Cyber Threat Intelligence Is Received from Information Sharing Forums and Sources -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- ID.RA‐03: Internal and External Threats to the Organization Are Identified and Recorded -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC) -- ID.RA‐04: Potential Impacts and Likelihoods of Threats Exploiting Vulnerabilities Are Identified and Recorded -- Recommendations -- NIST 800‐53 Controls -- Simplified Security Controls (SSC). ID.RA‐05: Threats, Vulnerabilities, Likelihoods, and Impacts Are Used to Understand Inherent Risk and Inform Risk Response Prioritization. |
| Record Nr. | UNINA-9911020034603321 |
|
Edwards Jason (Cybersecurity expert)
|
||
| Hoboken, NJ : , : Wiley, , 2025 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Cryptographic algorithms and key sizes for personal identity verification [[electronic resource] /] / W. Timothy Polk, Donna F. Dodson, William E. Burr
| Cryptographic algorithms and key sizes for personal identity verification [[electronic resource] /] / W. Timothy Polk, Donna F. Dodson, William E. Burr |
| Autore | Polk William T |
| Edizione | [Draft.] |
| Pubbl/distr/stampa | Gaithersburg, MD : , : U.S. Dept. of Commerce, Technology Administration, National Institute of Standards and Technology, , [2005] |
| Descrizione fisica | 103 unnumbered pages : digital, PDF file |
| Altri autori (Persone) |
DodsonDonna F
BurrWilliam E |
| Collana | NIST special publication |
| Soggetto topico |
Computer security - Standards
Data encryption (Computer science) |
| Soggetto non controllato |
Conformance test
Cryptographic algorithms FIPS 201 Key sizes Personal Identity Verification PKI |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Record Nr. | UNINA-9910695198203321 |
|
Polk William T
|
||
| Gaithersburg, MD : , : U.S. Dept. of Commerce, Technology Administration, National Institute of Standards and Technology, , [2005] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Guidance for securing Microsoft Windows XP Home Edition : a NIST security configuration checklist : recommendations of the National Institute of Standards and Technology / / Karen Kent, Murugiah Souppaya, John Connor
| Guidance for securing Microsoft Windows XP Home Edition : a NIST security configuration checklist : recommendations of the National Institute of Standards and Technology / / Karen Kent, Murugiah Souppaya, John Connor |
| Pubbl/distr/stampa | [Gaithersburg, Md.] : , : U.S. Dept. of Commerce, Technology Administration, National Institute of Standards and Technology, , [2006] |
| Descrizione fisica | 1 online resource (175 unnumbered pages) : illustrations |
| Altri autori (Persone) |
ScarfoneKaren
SouppayaMurugiah ConnorJohn (Of Booz Allen Hamilton) |
| Collana | NIST special publication.Computer security |
| Soggetto topico |
Computer security - Standards
Microsoft software - Security measures |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Altri titoli varianti | Guidance for securing Microsoft Windows XP Home Edition |
| Record Nr. | UNINA-9910700820603321 |
| [Gaithersburg, Md.] : , : U.S. Dept. of Commerce, Technology Administration, National Institute of Standards and Technology, , [2006] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Guide to storage encryption technologies for end user devices (NIST special publication 800-111) : recommendations of the National Institute of Standards and Technology / / Karen Kent, Murugiah Souppaya, Matthew Sexton
| Guide to storage encryption technologies for end user devices (NIST special publication 800-111) : recommendations of the National Institute of Standards and Technology / / Karen Kent, Murugiah Souppaya, Matthew Sexton |
| Autore | Kent Karen (Karen Ann) |
| Edizione | [Draft.] |
| Pubbl/distr/stampa | Gaithersburg, Md. : , : U.S. Dept. of Commerce, , 2007 |
| Descrizione fisica | 1 online resource (40 pages) : illustrations |
| Disciplina | 005.8 |
| Collana | NIST special publication |
| Soggetto topico |
Computer networks - Security measures - United States
Computer security - Standards Data encryption (Computer science) |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Altri titoli varianti | Guide to Storage Encryption Technologies for End User Devices |
| Record Nr. | UNINA-9910698307703321 |
|
Kent Karen (Karen Ann)
|
||
| Gaithersburg, Md. : , : U.S. Dept. of Commerce, , 2007 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Guideline for implementing cryptography in the federal government / / Elaine B. Barker, William C. Barker, Annabelle Lee
| Guideline for implementing cryptography in the federal government / / Elaine B. Barker, William C. Barker, Annabelle Lee |
| Autore | Barker Elaine B. |
| Edizione | [Second edition.] |
| Pubbl/distr/stampa | Gaithersburg, Md. : , : National Institute of Standards and Technology, , 2005 |
| Descrizione fisica | 1 online resource (viii, 89 pages) |
| Disciplina | 005.8 |
| Collana | NIST special publication |
| Soggetto topico | Computer security - Standards |
| Soggetto non controllato |
Cryptographic algorithm
Cryptographic hash function Cryptographic key Cryptographic module Digital signature Key establishment Key management Message authentication code |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Record Nr. | UNINA-9910698257103321 |
|
Barker Elaine B.
|
||
| Gaithersburg, Md. : , : National Institute of Standards and Technology, , 2005 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
