Books & Videos

Table of Contents

  1. Chapter 1 Introduction to Cybersecurity Science

    1. What Is Cybersecurity Science?

    2. The Importance of Cybersecurity Science

    3. The Scientific Method

    4. Cybersecurity Theory and Practice

    5. Human Factors

    6. The Role of Metrics

    7. Conclusion

    8. References

  2. Chapter 2 Conducting Your Own Cybersecurity Experiments

    1. Asking Good Questions and Formulating Hypotheses

    2. Designing a Fair Test

    3. Analyzing Your Results

    4. Putting Results to Work

    5. A Checklist for Conducting Experimentation

    6. Conclusion

    7. References

  3. Chapter 3 Cybersecurity Experimentation and Test Environments

    1. Modeling and Simulation

    2. Open Datasets for Testing

    3. Desktop Testing

    4. Cloud Computing

    5. Cybersecurity Testbeds

    6. A Checklist for Selecting an Experimentation and Test Environment

    7. Conclusion

    8. References

  4. Chapter 4 Software Assurance

    1. An Example Scientific Experiment in Software Assurance

    2. Fuzzing for Software Assurance

    3. The Scientific Method and the Software Development Life Cycle

    4. Adversarial Models

    5. Case Study: The Risk of Software Exploitability

    6. How to Find More Information

    7. Conclusion

    8. References

  5. Chapter 5 Intrusion Detection and Incident Response

    1. An Example Scientific Experiment in Intrusion Detection

    2. False Positives and False Negatives

    3. Performance, Scalability, and Stress Testing

    4. Case Study: Measuring Snort Detection Performance

    5. How to Find More Information

    6. Conclusion

    7. References

  6. Chapter 6 Situational Awareness and Data Analytics

    1. An Example Scientific Experiment in Situational Awareness

    2. Experimental Results to Assist Human Network Defenders

    3. Machine Learning and Data Mining for Network Monitoring

    4. Case Study: How Quickly Can You Find the Needle in the Haystack?

    5. How to Find More Information

    6. Conclusion

    7. References

  7. Chapter 7 Cryptography

    1. An Example Scientific Experiment in Cryptography

    2. Experimental Evaluation of Cryptographic Designs and Implementation

    3. Provably Secure Cryptography and Security Assumptions

    4. Cryptographic Security and the Internet of Things

    5. Case Study: Evaluating Composable Security

    6. How to Find More Information

    7. Conclusion

    8. References

  8. Chapter 8 Digital Forensics

    1. An Example Scientific Experiment in Digital Forensics

    2. Scientific Validity and the Law

    3. Scientific Reproducibility and Repeatability

    4. Case Study: Scientific Comparison of Forensic Tool Performance

    5. How to Find More Information

    6. Conclusion

    7. References

  9. Chapter 9 Malware Analysis

    1. An Example Scientific Experiment in Malware Analysis

    2. Scientific Data Collection for Simulators and Sandboxes

    3. Game Theory for Malware Analysis

    4. Case Study: Identifying Malware Families with Science

    5. How to Find More Information

    6. Conclusion

    7. References

  10. Chapter 10 System Security Engineering

    1. An Example Scientific Experiment in System Security Engineering

    2. Regression Analysis

    3. Moving Target Defense

    4. Case Study: Defending Against Unintentional Insider Threats

    5. How to Find More Information

    6. Conclusion

    7. References

  11. Chapter 11 Human-Computer Interaction and Usable Security

    1. An Example Scientific Experiment in Usable Security

    2. Double-Blind Experimentation

    3. Usability Measures: Effectiveness, Efficiency, and Satisfaction

    4. Methods for Gathering Usability Data

    5. Case Study: An Interface for User-Friendly Encrypted Email

    6. How to Find More Information

    7. Conclusion

    8. References

  12. Chapter 12 Visualization

    1. An Example Scientific Experiment in Cybersecurity Visualization

    2. Graphical Representations of Cybersecurity Data

    3. Experimental Evaluation of Security Visualization

    4. Case Study: Is My Visualization Helping Users Work More Effectively?

    5. How to Find More Information

    6. Conclusion

    7. References

  13. Appendix Understanding Bad Science, Scientific Claims, and Marketing Hype

    1. Dangers of Manipulative Graphics and Visualizations

    2. Recognizing and Understanding Scientific Claims

    3. Vendor Marketing

    4. Clarifying Questions for Salespeople, Researchers, and Developers

    5. References