Handbook of Big Data Analytics and Forensics

Choo, Kim-Kwang Raymond, Dehghantanha, Ali

  • 出版商: Springer
  • 出版日期: 2022-12-04
  • 售價: $5,020
  • 貴賓價: 9.5$4,769
  • 語言: 英文
  • 頁數: 287
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 3030747557
  • ISBN-13: 9783030747558
  • 相關分類: 大數據 Big-dataData Science
  • 海外代購書籍(需單獨結帳)
    無現貨庫存(No stock available)


This handbook discusses challenges and limitations in existing solutions, and presents state-of-the-art advances from both academia and industry, in big data analytics and digital forensics. The second chapter comprehensively reviews IoT security, privacy, and forensics literature, focusing on IoT and unmanned aerial vehicles (UAVs). The authors propose a deep learning-based approach to process cloud's log data and mitigate enumeration attacks in the third chapter. The fourth chapter proposes a robust fuzzy learning model to protect IT-based infrastructure against advanced persistent threat (APT) campaigns. Advanced and fair clustering approach for industrial data, which is capable of training with huge volume of data in a close to linear time is introduced in the fifth chapter, as well as offering an adaptive deep learning model to detect cyberattacks targeting cyber physical systems (CPS) covered in the sixth chapter.

The authors evaluate the performance of unsupervised machine learning for detecting cyberattacks against industrial control systems (ICS) in chapter 7, and the next chapter presents a robust fuzzy Bayesian approach for ICS's cyber threat hunting. This handbook also evaluates the performance of supervised machine learning methods in identifying cyberattacks against CPS. The performance of a scalable clustering algorithm for CPS's cyber threat hunting and the usefulness of machine learning algorithms for MacOS malware detection are respectively evaluated.

This handbook continues with evaluating the performance of various machine learning techniques to detect the Internet of Things malware. The authors demonstrate how MacOSX cyberattacks can be detected using state-of-the-art machine learning models. In order to identify credit card frauds, the fifteenth chapter introduces a hybrid model. In the sixteenth chapter, the editors propose a model that leverages natural language processing techniques for generating a mapping between APT-related reports and cyber kill chain. A deep learning-based approach to detect ransomware is introduced, as well as a proposed clustering approach to detect IoT malware in the last two chapters.

This handbook primarily targets professionals and scientists working in Big Data, Digital Forensics, Machine Learning, Cyber Security Cyber Threat Analytics and Cyber Threat Hunting as a reference book. Advanced level-students and researchers studying and working in Computer systems, Computer networks and Artificial intelligence will also find this reference useful.








Kim-Kwang Raymond Choo received the Ph.D. in Information Security in 2006 from Queensland University of Technology, Australia. He currently holds the Cloud Technology Endowed Professorship at The University of Texas at San Antonio (UTSA). He is an IEEE Computer Society Distinguished Visitor (2021 - 2023), and a Web of Science's Highly Cited Researcher in the field of Cross-Field - 2020. In 2015, he and his team won the Digital Forensics Research Challenge organized by Germany's University of Erlangen-Nuremberg. He is the recipient of the 2019 IEEE Technical Committee on Scalable Computing (TCSC) Award for Excellence in Scalable Computing (Middle Career Researcher), the 2018 UTSA College of Business Col. Jean Piccione and Lt. Col. Philip Piccione Endowed Research Award for Tenured Faculty, the British Computer Society's 2019 Wilkes Award Runner-up, the 2014 Highly Commended Award by the Australia New Zealand Policing Advisory Agency, the Fulbright Scholarship in 2009, the 2008 Australia Day Achievement Medallion, and the British Computer Society's Wilkes Award in 2008. He has also received best paper awards from the IEEE Consumer Electronics Magazine for 2020, EURASIP Journal on Wireless Communications and Networking (JWCN) in 2019, IEEE TrustCom 2018, and ESORICS 2015; the Korea Information Processing Society's Journal of Information Processing Systems (JIPS) Survey Paper Award (Gold) 2019; the IEEE Blockchain 2019 Outstanding Paper Award; and Best Student Paper Awards from Inscrypt 2019 and ACISP 2005.
Since receiving his PhD in 2011, Dr. Dehghantanha has made significant contributions to the fast-moving fields of cybersecurity and cyber threat intelligence. He is a Canada Research Chair in Cybersecurity and Threat Intelligence, and an EU Marie-Curie Fellow Alumni in digital forensics. Dr. Dehghantanha has pioneered the use of ML-based systems for threat hunting in IoT/ICS devices using physical characteristics (e.g. power consumption) as opposed to application-level characteristics (e.g. IP addresses). His works have resulted in an Intrusion Detection System (IDS) for IoT networks; and deep learning models for threat hunting in the edge layer of ICS networks. In 2019, with support from the Department of National Defense Canada, he has developed the first multi-view fuzzy machine learning system for cyber threat attribution. He is among few academics contributing to fundamental research in cyber threat intelligence, with most research taking place in industry settings. His work helps define this new discipline while informing practical strategies. He has built a Cyber Kill Chain-based threat intelligence framework for analyzing banking Trojan campaigns which is widely used to model different attack campaigns, including APT groups activities, analyzing crypto-ransomware campaigns, and analyzing Advanced Persistent Threat (APT) groups targeting critical national infrastructure. He is currently the director of Cyber Science Lab at the University of Guelph, Ontario, Canada.



Kim-Kwang Raymond Choo於2006年從澳大利亞昆士蘭科技大學獲得資訊安全博士學位。他目前擔任美國德州聖安東尼奧大學(UTSA)的雲技術特聘教授。他是IEEE計算機學會的傑出訪問學者(2021-2023),並且是Web of Science在2020年跨領域領域中的高被引研究者。2015年,他和他的團隊贏得了德國埃爾朗根-紐倫堡大學組織的數字取證研究挑戰賽。他是2019年IEEE可擴展計算技術委員會(TCSC)卓越獎(中期職業研究者)、2018年UTSA商學院Col. Jean Piccione和Lt. Col. Philip Piccione特聘研究獎、英國計算機學會2019年Wilkes獎亞軍、2014年澳大利亞新西蘭警務顧問機構的高度表彰獎、2009年富布萊特獎學金、2008年澳大利亞日成就勳章和2008年英國計算機學會Wilkes獎的獲獎者。他還獲得了IEEE消費電子雜誌2020年最佳論文獎、2019年EURASIP無線通信和網絡期刊(JWCN)最佳論文獎、2018年IEEE TrustCom和2015年ESORICS最佳論文獎;2019年韓國信息處理學會信息處理系統期刊(JIPS)調查論文獎(金獎);2019年IEEE區塊鏈傑出論文獎;以及2019年Inscrypt和2005年ACISP的最佳學生論文獎。

自2011年獲得博士學位以來,Dehghantanha博士在網絡安全和網絡威脅情報這個快速發展的領域做出了重大貢獻。他是加拿大研究主席(Canada Research Chair)的網絡安全和威脅情報,也是數字取證方面的歐盟瑪麗居里學者校友。Dehghantanha博士開創了使用基於機器學習的系統來對物聯網/工業控制系統設備進行威脅狩獵,使用物理特徵(例如功耗)而不是應用層特徵(例如IP地址)。他的研究成果包括物聯網網絡的入侵檢測系統(IDS)和工業控制系統網絡邊緣層的深度學習模型用於威脅狩獵。在2019年,他在加拿大國防部的支持下,開發了第一個用於網絡威脅歸因的多視圖模糊機器學習系統。他是少數在網絡威脅情報的基礎研究方面做出貢獻的學者之一,大部分研究都在工業領域進行。他的工作有助於定義這個新的學科,同時提供實用的策略。他建立了基於Cyber Kill Chain的威脅情報框架,用於分析銀行木馬活動,被廣泛用於建模不同的攻擊活動,包括APT組織的活動、加密勒索軟件活動以及針對關鍵國家基礎設施的APT組織的活動。他目前是加拿大安大略省圭爾夫大學的Cyber Science Lab主任。