Preface

This book on Computer Security Threats discusses the fundamentals of computer security and presents a broad set of ideas and some of the advanced research in this field. The book is triggered by the understanding that digitalization and growing dependence on the Internet poses an increased risk of computer security threats in the modern world. The chapters discuss different research frontiers in computer security with algorithms and implementation details for use in the real world. Researchers and practitioners in areas such as statistics, pattern recognition, machine learning, artificial intelligence, deep learning, data mining, data analytics and visualization are contributing to the field of computer security.

This book consists of four sections: Section I is an introduction to computer security threats, Section II is on Malwares, Section III is on Botnets, and Section IV is on Blockchain. The book has eight chapters included in these four sections. The chapters include the introduction to computer security threats and techniques that address the threats. Section I is exclusively the introduction to the computer security threats. Section II is on the malicious software or malware, which is the main source of computer security threats. Another major computer security threat is due to botnets and hence Section III is on botnets. Blockchain technology is a decentralized, distributed ledger that records the provenance of a digital asset and its cryptographic algorithm makes it immune to attack. In a world where cyber security has become a key issue, blockchain is a potentially revolutionary technology as it promotes new levels of trust and transparency. Hence, Section IV is specifically on the security aspects of blockchain. Technologies explored in the chapters included in each of these four sections are introduced for the reader in every chapter.

The introductory chapter on computer security threats provides a detailed introduction on the common computer system threats. The logical threats are a main cause of security incidents on computer systems. Knowing these threats and their characteristics helps in identifying the threats and aids in proactively devising steps to protect the systems. The chapter includes motivations and objectives of the hackers. The chapter also includes the classification of threats, which also includes an exhaustive coverage of all the threats. The details of the top security menaces of 2020 are introduced and the expectation for the latter half of 2020 is also discussed.

Malware is the main source of computer security threats and hence the second chapter is specifically focused on the detection of malware embedded into web pages, using client honeypot. In today's world with everyone depending on the Internet, web pages are facing a severe threat of client side browser attacks. The spread of malware uses software vulnerabilities, which attack the client application that sends a request to server. The detection methodology discussed in this chapter is based on client honeypot, which detects the various malicious program linked with web pages. Client honeypots are active security devices in search of malicious servers that attack clients. The client honeypot pretends to be a client and interacts with the server to examine whether an attack happens. Often the focus of client honeypots in on web browsers, but any client that interacts with servers can be part of client honeypot.

**II**

**Chapter 7 87**

**Chapter 8 99**

Blockchain: From Industry 4.0 to the Machine Economy

*by Paula Fraga-Lamas and Tiago M. Fernández-Caramés*

Leveraging Blockchain for Sustainability and Open Innovation:

A Cyber-Resilient Approach toward EU Green Deal and UN Sustainable

*by Oscar Lage*

Development Goals

Chapter III is on the threats from botnets as various cyber-attacks based on botnets having become one of the most serious security threats on the Internet. Botnet is a common computing platform that can be controlled remotely by attackers by invading several systems called bots in the network space. It is thus an attacking platform consisting of multiple bots controlled by a hacker. As botnets continue to evolve, the behavioral research on botnets is observed to be totally inadequate. The question of how to apply some behavioral problems to botnet research and combine the psychology of the operator to analyze the future trend of botnets is still a challenging issue. As the initial chapter in the section on botnets, Chapter III introduces and discusses the classification and working mechanism of botnets. The chapter also includes the threats evaluation of botnets.

Chapter IV is the evaluation of botnet threats based on evidence chains. At present, although network administrators have firewalls, intrusion detection systems, intrusion prevention systems, and other technical means to achieve partial network protection, they are still confronted with severe challenges in the detection and prevention of botnets, which are known as a threatening attack platform. This chapter proposes a method of botnet threat assessment based on evidence chains. The DS evidence theory is used for network security situational awareness. On the basis of determining the recognition framework, all possible results are considered, and each piece of the evidence is assigned a basic credibility, and the final credibility of the target is fused using the composition rule. The experiments show that this method can work efficiently and detect the major threats in a protected network in real time.

Chapter V is on deploying blockchain in supply chains. In the rapidly evolving environment of the international supply chain, the traditional network of manufacturers and suppliers has grown into a vast ecosystem made of various products that move through multiple parties and require cooperation among stakeholders. Additionally, the demand for improved product visibility and source-to-store traceability has never been higher. However, traditional data sharing procedures in today's supply chain are inefficient, costly, and inadaptable as compared to new and innovative technology. Blockchain technology has shown promising results for improving supply chain networks in recent applications, and has already impacted our society and lifestyle by reshaping many business and industry processes. In an effort to understand the integration of blockchain technology in the supply chain, this chapter systematically summarizes its current status, key characteristics, potential challenges, and pilot applications.

Chapter VI discusses the blockchain applications in cybersecurity. In this chapter the different aspects that relate the application of blockchain with techniques commonly used in the field of cybersecurity are analyzed. Beginning by introducing the use of blockchain technology as a secure infrastructure, the chapter investigates how blockchain can be useful to achieve several security requirements common to most applications. In order to maintain simplicity, this chapter has focused only on some specific cybersecurity disciplines: backup & recovery, threat intelligence, and content delivery networks.

Chapter VII is on the blockchain and the Industry 4.0. It is understood that the extreme automation of factories is necessary in order to face the fourth industrial revolution. This new industrial paradigm will force our industries to manufacture much shorter and customized series at increasingly competitive prices, even tackling the manufacture of thousands of different configurations of a single base product.

**V**

In order to achieve this, the production processes must have a flexibility in their configuration that has never been imagined before. This flexibility and ability to adapt automatically to demand is the essence of the fourth industrial revolution and is part of the Western strategy to recover an industrial sector increasingly threatened by the Eastern production of large series at competitive prices. After more than a dozen Proofs of Concept with different manufacturing and energy industries, the chapter describes the scenarios in which blockchain technology brings the greatest benefits to Industry 4.0. After different experiments and through interviews with people in charge of innovation from different industries, the chapter includes an in-depth analysis of the true added value of blockchain in the industry. The outcome

is the principal four values of blockchain technology applied to Industry 4.0.

development of cyber-resilient and high-impact sustainable solutions.

their support and efforts in bringing the book to fruitful completion.

various computer security threats and its defensive measures.

The intended audience of this book will mainly consist of students, researchers, practitioners, data analysts, and business professionals who seek information on the

I would like to convey my gratitude to everyone who contributed to this book including the authors of the accepted chapters. My special thanks to the Author Service Manager, Ms. Kristina Kardum and other staff of IntechOpen publishing for

> **Ciza Thomas** Professor,

A Coruña, Spain

India

Government of Kerala,

Faculty of Computer Science, University of A Coruña,

Directorate of Technical Education,

**Tiago M. Fernández Caramés and Paula Fraga-Lamas**

Group of Electronic Technology and Communications (GTEC),

Chapter VIII is on leveraging blockchain for sustainability and open innovation: a cyber-resilient approach towards EU green deal and UN sustainable development goals. In 2015, the United Nations member states identified seventeen Sustainable Development Goals (SDGs) to be fulfilled by 2030. SDGs are an urgent global call for action to provide a blueprint for shared prosperity in a sustainable world. By the end of 2019, the European Green Deal, a roadmap to implement the UN 2030 agenda with a commitment to a growth strategy that will turn environmental challenges into opportunities across all policy areas was presented. To achieve these SDGs, blockchain is one of the key enabling technologies that can help to create sustainable and secure solutions, since it is able to deliver accountability, transparency, traceability, and cyber-resilience, as well as to provide a higher operational efficiency in global partnerships. This chapter overviews the potential of blockchain to face sustainability challenges by describing several relevant applications. The chapter also enumerates different open challenges and recommendations with the aim of guiding all the stakeholders committed to the

In order to achieve this, the production processes must have a flexibility in their configuration that has never been imagined before. This flexibility and ability to adapt automatically to demand is the essence of the fourth industrial revolution and is part of the Western strategy to recover an industrial sector increasingly threatened by the Eastern production of large series at competitive prices. After more than a dozen Proofs of Concept with different manufacturing and energy industries, the chapter describes the scenarios in which blockchain technology brings the greatest benefits to Industry 4.0. After different experiments and through interviews with people in charge of innovation from different industries, the chapter includes an in-depth analysis of the true added value of blockchain in the industry. The outcome is the principal four values of blockchain technology applied to Industry 4.0.

Chapter VIII is on leveraging blockchain for sustainability and open innovation: a cyber-resilient approach towards EU green deal and UN sustainable development goals. In 2015, the United Nations member states identified seventeen Sustainable Development Goals (SDGs) to be fulfilled by 2030. SDGs are an urgent global call for action to provide a blueprint for shared prosperity in a sustainable world. By the end of 2019, the European Green Deal, a roadmap to implement the UN 2030 agenda with a commitment to a growth strategy that will turn environmental challenges into opportunities across all policy areas was presented. To achieve these SDGs, blockchain is one of the key enabling technologies that can help to create sustainable and secure solutions, since it is able to deliver accountability, transparency, traceability, and cyber-resilience, as well as to provide a higher operational efficiency in global partnerships. This chapter overviews the potential of blockchain to face sustainability challenges by describing several relevant applications. The chapter also enumerates different open challenges and recommendations with the aim of guiding all the stakeholders committed to the development of cyber-resilient and high-impact sustainable solutions.

The intended audience of this book will mainly consist of students, researchers, practitioners, data analysts, and business professionals who seek information on the various computer security threats and its defensive measures.

I would like to convey my gratitude to everyone who contributed to this book including the authors of the accepted chapters. My special thanks to the Author Service Manager, Ms. Kristina Kardum and other staff of IntechOpen publishing for their support and efforts in bringing the book to fruitful completion.

> **Ciza Thomas** Professor, Directorate of Technical Education, Government of Kerala, India

**Tiago M. Fernández Caramés and Paula Fraga-Lamas** Group of Electronic Technology and Communications (GTEC),

Faculty of Computer Science, University of A Coruña, A Coruña, Spain

**IV**

Chapter III is on the threats from botnets as various cyber-attacks based on botnets having become one of the most serious security threats on the Internet. Botnet is a common computing platform that can be controlled remotely by attackers by invading several systems called bots in the network space. It is thus an attacking platform consisting of multiple bots controlled by a hacker. As botnets continue to evolve, the behavioral research on botnets is observed to be totally inadequate. The question of how to apply some behavioral problems to botnet research and combine the psychology of the operator to analyze the future trend of botnets is still a challenging issue. As the initial chapter in the section on botnets, Chapter III introduces and discusses the classification and working mechanism of botnets. The

Chapter IV is the evaluation of botnet threats based on evidence chains. At present, although network administrators have firewalls, intrusion detection systems, intrusion prevention systems, and other technical means to achieve partial network protection, they are still confronted with severe challenges in the detection and prevention of botnets, which are known as a threatening attack platform. This chapter proposes a method of botnet threat assessment based on evidence chains. The DS evidence theory is used for network security situational awareness. On the basis of determining the recognition framework, all possible results are considered,

and each piece of the evidence is assigned a basic credibility, and the final

credibility of the target is fused using the composition rule. The experiments show that this method can work efficiently and detect the major threats in a protected

Chapter V is on deploying blockchain in supply chains. In the rapidly evolving environment of the international supply chain, the traditional network of manufacturers and suppliers has grown into a vast ecosystem made of various products that move through multiple parties and require cooperation among stakeholders. Additionally, the demand for improved product visibility and source-to-store traceability has never been higher. However, traditional data sharing procedures in today's supply chain are inefficient, costly, and inadaptable as compared to new and innovative technology. Blockchain technology has shown promising results for improving supply chain networks in recent applications, and has already impacted our society and lifestyle by reshaping many business and industry processes. In an effort to understand the integration of blockchain technology in the supply chain, this chapter systematically summarizes its current

status, key characteristics, potential challenges, and pilot applications.

intelligence, and content delivery networks.

Chapter VI discusses the blockchain applications in cybersecurity. In this chapter the different aspects that relate the application of blockchain with techniques commonly used in the field of cybersecurity are analyzed. Beginning by

introducing the use of blockchain technology as a secure infrastructure, the chapter investigates how blockchain can be useful to achieve several security requirements common to most applications. In order to maintain simplicity, this chapter has focused only on some specific cybersecurity disciplines: backup & recovery, threat

Chapter VII is on the blockchain and the Industry 4.0. It is understood that the extreme automation of factories is necessary in order to face the fourth industrial revolution. This new industrial paradigm will force our industries to manufacture much shorter and customized series at increasingly competitive prices, even tackling the manufacture of thousands of different configurations of a single base product.

chapter also includes the threats evaluation of botnets.

network in real time.

**1**

Section 1

Introduction

Section 1 Introduction

**3**

concludes the chapter.

**Chapter 1**

*Ciza Thomas*

**1. Introduction**

Security Threats

by exploiting the errors in the software.

usually detrimental and is termed an attack.

Introductory Chapter: Computer

Along with the tremendous progress in Internet technology in the last few decades, the sophistication of the exploits and thereby the threats to computer systems have also equally increased. The exploitation is done by malicious hackers who find vulnerabilities or weaknesses, which are the pre-existing errors in the security settings in the computer systems. The common types of vulnerabilities are errors in the design or configuration of network infrastructure, protocols, communication media, operating systems, web-based applications and services, databases, etc. Threat is a potential risk that exploits a vulnerability to infringe security and cause probable damage/disruption to the information/service stored/offered in/by computer systems or through communication links. A threat to a computer systems occurs when the confidentiality (preventing exposure to unauthorized parties), integrity (not modified without authorization), and availability (readily available on demand by authorized parties) of information on systems are affected. Thus, a computer system threat in general can include anything deliberate, unintended, or caused by natural calamity that effects in data loss/manipulation or physical destruction of hardware. Accordingly, the threats on computer system are classified as physical threats and nonphysical threats. Physical threats cause impairment to hardware or theft to system or hard disk that holds critical data. Nonphysical threats target the data and the software on the computer systems by corrupting the data or

The exploits when successful result in security attacks on computer systems. Hence, threat is a possible danger caused by system vulnerability, while attack is the attempt of unauthorized action or a harmful action. The realization of a threat is

In this introductory chapter, the computer security threats are defined as probable attacks from hackers that let them to gain illicit entree to a computer. In this chapter, a detailed introduction is given on the common computer system threats. The logical threats are a main cause of security incidents on computer systems. Knowing these threats and their characteristics helps in identifying the threats and to proactively devise steps in protecting the systems. The organization of this chapter is as follows. Section 2 introduces the motivation and objective of the hackers. Section 3 is on the classification of threats, which also includes an exhaustive coverage of all the threats. The details of the top security menaces of 2020 and the expectation for the latter half of 2020 are introduced in Section 4. Section 5
