Secure Computer and Network Systems: Modeling, Analysis and Design / Edition 1

Hardcover (Print)
Buy New
Buy New from
Used and New from Other Sellers
Used and New from Other Sellers
from $68.95
Usually ships in 1-2 business days
(Save 55%)
Other sellers (Hardcover)
  • All (13) from $68.95   
  • New (8) from $68.95   
  • Used (5) from $79.70   


Computer and network systems have given us unlimited opportunities for reducing cost, improving efficiency, and increasing revenues, as demonstrated by an increasing number of computer and network applications. Yet our dependence on computer and network systems also exposes us to new risks, which threaten the security of, and present new challenges for protecting, our assets and information. The reliability of computer and network systems ultimately depends on security and quality of service (QoS) performance.

This book presents quantitative modeling and analysis techniques to address the numerous challenges in cyber attack prevention and detection for security and QoS, including: the latest research on computer and network behavior under attack and normal use conditions, new design principles and algorithms, which can be used by engineers and practitioners to build secure computer and network systems, enhance security practice and move to providing QoS assurance on the Internet, mathematical and statistical methods for achieving the accuracy and timeliness of cyber attack detection with the lowest computational overhead, guidance on managing admission control, scheduling, reservation and service of computer and network jobs to assure the service stability and end-to-end delay of those jobs even under Denial of Service attacks or abrupt demands.

Secure Computer and Network Systems is an up-to-date resource for practising engineers and researchers involved in security, reliability and quality management of computer and network systems. It is also a must-read for postgraduate students developing advanced technologies for improving computer network dependability.

Read More Show Less

Editorial Reviews

From the Publisher
"Ye provides many theories, as well as actual test results, to make this book a valuable source of ideas.  It can also serve as a reference guide for those exploring this field." (Computing Reviews, September 10, 2008)

"Since the next generation of computer network systems and information infrastructure relies on scientific and engineering approaches to provide security, QoS, and ultimately system dependability, this book might help people in academia and industry working to achieve this goal." (IEEE Computer Magazine, June 2008)

Read More Show Less

Product Details

  • ISBN-13: 9780470023242
  • Publisher: Wiley
  • Publication date: 3/14/2008
  • Edition number: 1
  • Pages: 354
  • Product dimensions: 6.93 (w) x 9.92 (h) x 0.97 (d)

Meet the Author

Professor Ye received her Ph.D. degree (1991) in Industrial Engineering from Purdue University, West Lafayette, Indiana, and holds MS (1988) and BS (1985) degrees in Computer Science. With her multi-disciplinary educational background, Dr. Ye has devoted her academic career to establishing the scientific and engineering foundation for assuring quality/reliability of information systems and industrial systems.
Read More Show Less

Table of Contents

Preface     xi
An Overview of Computer and Network Security
Assets, vulnerabilities and threats of computer and network systems     3
Risk assessment     3
Assets and asset attributes     4
Resource, process and user assets and their interactions     5
Cause-effect chain of activity, state and performance     6
Asset attributes     8
Vulnerabilities     11
Boundary condition error     12
Access validation error and origin validation error     12
Input validation error     13
Failure to handle exceptional conditions     13
Synchronization errors     13
Environment error     13
Configuration error     14
Design error     14
Unknown error     15
Threats     15
Objective, origin, speed and means of threats     15
Attack stages     21
Asset risk framework     21
Summary     22
References     23
Protection of computer and network systems     25
Cyber attack prevention     25
Access and flow control     25
Secure computer and network design     29
Cyber attack detection     29
Data, events and incidents     30
Detection     31
Assessment     32
Cyber attack response     32
Summary     33
References     33
Secure System Architecture and Design
Asset protection-driven, policy-based security protection architecture     39
Limitations of a threat-driven security protection paradigm     39
A new, asset protection-driven paradigm of security protection     40
Data to monitor: assets and asset attributes     41
Events to detect: mismatches of asset attributes     41
Incidents to analyze and respond: cause-effect chains of mismatch events     42
Proactive asset protection against vulnerabilities     42
Digital security policies and policy-based security protection     43
Digital security policies     43
Policy-based security protection     45
Enabling architecture and methodology     46
An Asset Protection Driven Security Architecture (APDSA)     46
An Inside-Out and Outside-In (IOOI) methodology of gaining knowledge about data, events and incidents     47
Further research issues     48
Technologies of asset attribute data acquisition      48
Quantitative measures of asset attribute data and mismatch events     48
Technologies for automated monitoring, detection, analysis and control of data, events, incidents and COA     49
Summary     49
References     50
Job admission control for service stability     53
A token bucket method of admission control in DiffServ and InteServ models     53
Batch Scheduled Admission Control (BSAC) for service stability     55
Service stability in service reservation for instantaneous jobs     56
Description of BSAC     57
Performance advantage of the BSAC router model over a regular router model     60
Summary     64
References     64
Job scheduling methods for service differentiation and service stability     65
Job scheduling methods for service differentiation     65
Weighted Shortest Processing Time (WSPT), Earliest Due Date (EDD) and Simplified Apparent Tardiness Cost (SATC)     65
Comparison of WSPT, ATC and EDD with FIFO in the best effort model and in the DiffServ model in service differentiation     66
Job scheduling methods for service stability     70
Weighted Shortest Processing Time - Adjusted (WSPT-A) and its performance in service stability     70
Verified Spiral (VS) and Balanced Spiral (BS) methods for a single service resource and their performance in service stability     73
Dynamics Verified Spiral (DVS) and Dynamic Balanced Spiral (DBS) methods for parallel identical resources and their performance in service stability     78
Summary     79
References     79
Job reservation and service protocols for end-to-end delay guarantee     81
Job reservation and service in InteServ and RSVP     81
Job reservation and service in I-RSVP     82
Job reservation and service in SI-RSVP     86
Service performance of I-RSVP and SI-RSVP in comparison with the best effort model     89
The simulation of a small-scale computer network with I-RSVP, SI-RSVP and the best effort model     89
The simulation of a large-scale computer network with I-RSVP, SI-RSVP and the best effort model     91
Service performance of I-RSVP, SI-RSVP and the best effort model     93
Summary     102
References     103
Mathematical/Statistical Features and Characteristics of Attack and Normal Use Data
Collection of Windows performance objects data under attack and normal use conditions     107
Windows performance objects data     107
Description of attacks and normal use activities     111
Apache Resource DoS     111
ARP Poison     111
Distributed DoS     112
Fork Bomb     113
FTP Buffer Overflow     113
Hardware Keylogger     113
Remote Dictionary     113
Rootkit     113
Security Audit     114
Software Keylogger     114
Vulnerability Scan     114
Text Editing     114
Web Browsing     114
Computer network setup for data collection     115
Procedure of data collection     115
Summary     118
References     118
Mean shift characteristics of attack and normal use data     119
The mean feature of data and two-sample test of mean difference     119
Data pre-processing     121
Discovering mean shift data characteristics for attacks     121
Mean shift attack characteristics     122
Examples of mean shift attack characteristics     122
Mean shift attack characteristics by attacks and windows performance objects     124
Attack groupings based on the same and opposite attack characteristics     128
Unique attack characteristics     136
Summary     139
References     139
Probability distribution change characteristics of attack and normal use data     141
Observation of data patterns     141
Skewness and mode tests to identify five types of probability distributions     146
Procedure for discovering probability distribution change data characteristics for attacks     148
Distribution change attack characteristics     150
Percentages of the probability distributions under the attack and normal use conditions     150
Examples of distribution change attack characteristics     151
Distribution change attack characteristics by attacks and Windows performance objects     151
Attack groupings based on the same and opposite attack characteristics     161
Unique attack characteristics     167
Summary     173
References     174
Autocorrelation change characteristics of attack and normal use data     175
The autocorrelation feature of data     175
Discovering the autocorrelation change characteristics for attacks     176
Autocorrelation change attack characteristics     178
Percentages of variables with three autocorrelation levels under the attack and normal use conditions     178
Examples of autocorrelation change attack characteristics     179
Autocorrelation change attack characteristics by attacks and Windows performance objects     182
Attack groupings based on the same and opposite attack characteristics     182
Unique attack characteristics     193
Summary     193
References     196
Wavelet change characteristics of attack and normal use data     197
The wavelet feature of data     197
Discovering the wavelet change characteristics for attacks     201
Wave change attack characteristics     203
Examples of wavelet change attack characteristics     203
Wavelet change attack characteristics by attacks and Windows performance objects     204
Attack groupings based on the same and opposite attack characteristics     222
Unique attack characteristics     225
Summary     243
References     243
Cyber Attack Detection: Signature Recognition
Clustering and classifying attack and normal use data     247
Clustering and Classification Algorithm - Supervised (CCAS)     248
Training and testing data     251
Application of CCAS to cyber attack detection     251
Detection performance of CCAS     253
Summary     256
References     256
Learning and recognizing attack signatures using artificial neural networks     257
The structure and back-propagation learning algorithm of feedforward ANNs     257
The ANN application to cyber attack detection     260
Summary     270
References     271
Cyber Attack Detection: Anomaly Detection
Statistical anomaly detection with univariate and multivariate data     275
EWMA control charts     275
Application of the EWMA control chart to cyber attack detection     277
Chi-Square Distance Monitoring (CSDM) method     284
Application of the CSDM method to cyber attack detection     286
Summary     288
References     288
Stochastic anomaly detection using the Markov chain model of event transitions     291
The Markov chain model of event transitions for cyber attack detection     291
Detection performance of the Markov chain model-based anomaly detection technique and performance degradation with the increased mixture of attack and normal use data     293
Summary     295
References     296
Cyber Attack Detection: Attack Norm Separation
Mathematical and statistical models of attack data and normal use data     299
The training data for data modeling     299
Statistical data models for the mean feature      300
Statistical data models for the distribution feature     300
Time-series based statistical data models for the autocorrelation feature     301
The wavelet-based mathematical model for the wavelet feature     304
Summary     309
References     312
Cuscore-based attack norm separation models     313
The cuscore     313
Application of the cuscore models to cyber attack detection     314
Detection performance of the cuscore detection models     316
Summary     323
References     325
Security Incident Assessment
Optimal selection and correlation of attack data characteristics in attack profiles     329
Integer programming to select an optimal set of attack data characteristics     329
Attack profiling     330
Summary     332
References     332
Index     333
Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)