Cyber Defense Mechanisms 1st edition by Gautam

Kumar, ‎Dinesh Kumar Saini, ‎Nguyen Ha Huy

Cuong 1000171981 9781000171983 download

https://ebookball.com/product/cyber-defense-mechanisms-1st-
edition-by-gautam-kumar-aeurzdinesh-kumar-saini-aeurznguyen-ha-
huy-cuong-1000171981-9781000171983-20174/

Download more ebook instantly today - Get yours now at ebookball.com

 Get Your Digital Files Instantly: PDF, ePub, MOBI and More
Quick Digital Downloads: PDF, ePub, MOBI and Other Formats

Cyber Defense Mechanisms Security Privacy and Challenges 1st edition

by Gautam Kumar, Dinesh Kumar Saini, Nguyen Ha Huy Cuong ISBN
0367540967 9780367540968

https://ebookball.com/product/cyber-defense-mechanisms-security-
privacy-and-challenges-1st-edition-by-gautam-kumar-dinesh-kumar-
saini-nguyen-ha-huy-cuong-isbn-0367540967-9780367540968-17068/

Electricity AC DC Motors Controls and Maintenace 10th Edition by

Jeffrey Keljik 1111646759 9781111646752

https://ebookball.com/product/electricity-ac-dc-motors-controls-
and-maintenace-10th-edition-by-jeffrey-
keljik-1111646759-9781111646752-17638/

Holistic Approach to Quantum Cryptography in Cyber Security 1st

edition by Shashi Bhushan, Manoj Kumar, Pramod Kumar, Renjith Ravi and
Anuj Kumar Singh 1000614506 9781000614503

https://ebookball.com/product/holistic-approach-to-quantum-
cryptography-in-cyber-security-1st-edition-by-shashi-bhushan-
manoj-kumar-pramod-kumar-renjith-ravi-and-anuj-kumar-
singh-1000614506-9781000614503-20012/

Introduction To 80 86 Assembly Language And Computer Architecture 1st

Edition by Detmer ISBN 0763717738 9780763717735

https://ebookball.com/product/introduction-to-80-86-assembly-
language-and-computer-architecture-1st-edition-by-detmer-
isbn-0763717738-9780763717735-12404/
Effective C++ Cd 85 Specific Ways to Improve Your Programs and Designs
Cdr Edition by Scott Meyers ISBN 0201310155 978-0201310153

https://ebookball.com/product/effective-c-cd-85-specific-ways-to-
improve-your-programs-and-designs-cdr-edition-by-scott-meyers-
isbn-0201310155-978-0201310153-10822/

Introduction to 80 86 Assembly Language and Computer Architecture 1st

Edition by Richard C Detmer ISBN 0763746622 9780763746629

https://ebookball.com/product/introduction-to-80-86-assembly-
language-and-computer-architecture-1st-edition-by-richard-c-
detmer-isbn-0763746622-9780763746629-9016/

(Ebook PDF) High Power Converters and AC Drives 2nd edition by Bin Wu,
Mehdi Narimani 1119156068 9781119156062 full chapters

https://ebookball.com/product/ebook-pdf-high-power-converters-
and-ac-drives-2nd-edition-by-bin-wu-mehdi-
narimani-1119156068-9781119156062-full-chapters-14628/

Proceedings of International Conference on Smart Computing and Cyber

Security Strategic Foresight Security Challenges and Innovation 1st
edition by Prasant Kumar Pattnaik, Mangal Sain, Ahmed Al Absi, Pardeep
Kumar 9811579903 9789811579905
https://ebookball.com/product/proceedings-of-international-
conference-on-smart-computing-and-cyber-security-strategic-
foresight-security-challenges-and-innovation-1st-edition-by-
prasant-kumar-pattnaik-mangal-sain-ahmed-al-absi-par/

Robbins and Kumar Basic Pathol 10th edition by Vinay Kumar, Abul
Abbas, Jon Aster 9780323394123 0323394124

https://ebookball.com/product/robbins-and-kumar-basic-
pathol-10th-edition-by-vinay-kumar-abul-abbas-jon-
aster-9780323394123-0323394124-1814/
Cyber Defense
Mechanisms
 Artifcial Intelligence (AI): Elementary to
Advanced Practices
Series Editors:
Vijender Kumar Solanki, Zhongyu (Joan) Lu, and Valentina E. Balas

In the emerging smart city technology and industries, the role of artifcial intelli-
gence (AI) is getting more prominent. This AI book series aims to cover the latest AI
work, which will help the naïve user to get support to solve existing problems and for
the experienced AI practitioners, and assists to shedding light for new avenues in the
AI domains. It covers the recent work carried out in AI and its associated domains,
logics, pattern recognition, NLP, expert systems, machine learning, blockchain, and
Big Data. The work domain of AI is quite deep, so this book discusses the latest
trends which are evolving with the concepts of AI and helps practitioners, students,
researchers, and those who are new to this feld to gain some new insights.

Cyber Defense Mechanisms

Security, Privacy, and Challenges
Edited by Gautam Kumar, Dinesh Kumar Saini, and Nguyen Ha Huy Cuong
Artifcial Intelligence Trends for Data Analytics Using Machine Learning
and Deep Learning Approaches
Edited by K. Gayathri Devi, Mamata Rath, and Nguyen Thi Dieu Linh

For more information on this series, please visit: https://www.crcpress.com/

Artificial-Intelligence-AI-Elementary-to-Advanced-Practices/book-series/
CRCAIEAP
 Cyber Defense
Mechanisms
Security, Privacy, and Challenges

Edited by
Gautam Kumar, Dinesh Kumar Saini, and
Nguyen Ha Huy Cuong
First edition published 2021
by CRC Press
6000 Broken Sound Parkway NW, Suite 300, Boca Raton, FL 33487-2742

and by CRC Press

2 Park Square, Milton Park, Abingdon, Oxon, OX14 4RN

© 2021 Taylor & Francis Group, LLC

CRC Press is an imprint of Taylor & Francis Group, LLC

Reasonable eforts have been made to publish reliable data and information, but the author and
publisher cannot assume responsibility for the validity of all materials or the consequences of
their use. Te authors and publishers have attempted to trace the copyright holders of all material
reproduced in this publication and apologize to copyright holders if permission to publish in this
form has not been obtained. If any copyright material has not been acknowledged please write and
let us know so we may rectify in any future reprint.

Except as permitted under U.S. Copyright Law, no part of this book may be reprinted, reproduced,
transmitted, or utilized in any form by any electronic, mechanical, or other means, now known or
hereafter invented, including photocopying, microflming, and recording, or in any information
storage or retrieval system, without written permission from the publishers.

For permission to photocopy or use material electronically from this work, access www.copyright.
com or contact the Copyright Clearance Center, Inc. (CCC), 222 Rosewood Drive, Danvers, MA
01923, 978-750-8400. For works that are not available on CCC please contact mpkbookspermissions@
tandf.co.uk

Trademark notice: Product or corporate names may be trademarks or registered trademarks, and are
used only for identifcation and explanation without intent to infringe.

ISBN: 978-0-367-40883-1 (hbk)

ISBN: 978-0-367-54096-8 (pbk)
ISBN: 978-0-367-81643-8 (ebk)

Typeset in Times
by codeMantra
Contents
Preface......................................................................................................................vii
Editors.......................................................................................................................ix
Contributors ..............................................................................................................xi

Chapter 1 Security Threat Analysis and Prevention towards Attack Strategies... 1

Suman De

Chapter 2 Defense against the Survivability to Network Strategies................... 23

K. V. S. S. S. S. Sairam, Shreyas Arunesh, K. Pranava Bhat,
K. Sarveswara Rao, and K. Annapurna

Chapter 3 Defense Mechanism to Self-Adaptive Cyber-Physical Security

Systems............................................................................................... 33
Pati Prasanthi, Gautam Kumar, and Anuj Kumar Goel

Chapter 4 Secure Channel Allocation in Cognitive Radio–Wireless

Sensor Networks................................................................................. 47
S. Mangairkarasi and D. Arivudainambi

Chapter 5 Security Issues in IoT Networks......................................................... 63

Dinesh Kumar Saini and Amna Al-Sdidi

Chapter 6 IoT Ecosystem Implications to Real-World Security Scenario .......... 75

Dinesh Kumar Saini and B. Y. Sandhiyaa

Chapter 7 Design Principles and Privacy in Cloud Computing.......................... 85

Mohammad Wazid and Ashok Kumar Das

Chapter 8 Big Data Analysis on Smart Tools and Techniques ......................... 111
Jabar H. Yousif and Dinesh Kumar Saini

Chapter 9 Lightweight Security Protocols for Blockchain Technology ........... 131

Jangirala Srinivas and Ashok Kumar Das

v
vi Contents

Chapter 10 Privacy and Challenges to Data-Intensive Techniques .................... 157

Pati Prasanthi, Gautam Kumar, Sheo Kumar, and
Mrutunjaya S. Yalawar

Chapter 11 Dynamic Modeling on Malware and Its Defense in Wireless

Computer Network Using Pre-Quarantine....................................... 171
Yerra Shankar Rao, Hemraj Saini, Ranjita Rath,
and Tarini Charan Panda

Chapter 12 Privacy Preservation Algorithms on Cryptography for AI

as Human-like Robotic Player for Fighting Game Using
Rule-Based Method.......................................................................... 185
Mohammad Farhan Ferdous

Chapter 13 Web-Based Smart Agriculture System ............................................ 197

Rachna Jain, Meenu Gupta, and Shivam Singh

Index...................................................................................................................... 213
Preface
Security and privacy is one of most crucial, in this digital age, for all of us in daily
human being life. To deal the same with tools and technologies is one of the big chal-
lenges, because so many attacks are reported in all kinds of computer systems and
networks. It is becoming increasingly important to develop robust, adaptive, scal-
able, and reliable security and privacy mechanisms for applications and its related
areas. In relation to the same, it is imperative to understand the fundamentals with
recent attacks such as cyber security principles, vulnerabilities, and handful and
optimized solutions used as defense mechanisms. The security mechanisms are pre-
sented to mitigate negative implications associated with cyberattacks and privacy
issues in various technologies. The objective of this book is to collect and address
a variety of problems in relation to cyberdefense mechanisms, because in the fast
growing environment, the research trends in this area are always having a great
demand in the form of prospective cyberdefense cryptographers and most to car-
rier buildings. The contributors are addressing theoretical and practical aspects to
security mechanisms, challenges, and opportunities. This book aims is to attract
graduates/postgraduates/researchers/practitioners who are working in computer
science and information technology.
The overall objectives covered are as follows:

• To improve the awareness of readers about recent security attacks, preven-

tion strategies applied, and existing mechanisms.
• To analyze and present the state-of-the-art survivability to network
strategies.
• To address defense mechanisms to self-adaptive cyber-physical security
systems and wireless sensor network (WSN).
• To improve security solutions and address issues in IoT network and system
implications to real-world security scenario.
• To provide a broad look on Big Data Analysis tools and techniques as a
solution to defense mechanisms.
• To analyze and present the state-of-the-art lightweight solution security
technique approach, as defense mechanisms, using blockchain technology.
• To discuss an innovative privacy and challenges to data-intensive techniques

vii
Editors
Dr. Gautam Kumar is currently working as Associate
Professor at CMR Engineering College, Hyderabad, India.
He received his PhD degree in computer science and engi-
neering from Jaypee University of Information Technology,
Himachal Pradesh, India, in 2017. He did his M.Tech in
Rajasthan Technical University, Kota, India, in 2012, and
B.E. in Rajiv Gandhi Proudyogiki Vishwavidyalaya, Bhopal,
India, in 2005. He has the academic experience more than
14+ years. His research interests are in the feld of cryptogra-
phy, information security, design and analysis of algorithms.
He has published more than 25 research journals and conferences papers of repute
in Science Citation, Scopus, and indexed journals and conferences. He has handled
various responsibilities as a president of Institute’s Innovation Council, Ministry of
Human Resource Development (MHRD), India, and a Convenor/SPOC of Smart-India
Hackathon, New Delhi, India. He is a reviewer of (i) Security and Communication
Networks, John Wiley & Sons and Hindawi, (ii) The Computer Journal, Oxford
Academic, and many reputes of IEEE/ACM international conferences.

Dr. Dinesh Kumar Saini is working as acting Dean and

Associate Professor in the Faculty of Computing and
Information Technology since 2008. Prior to this, he worked
in the King Saud University, Riyadh, Saudi Arabia. His major
area of research is data engineering, environmental informat-
ics, agent technology, security, software Systems, content
management systems, learning objects, and higher education.
He has published manuscripts extensively on mathematical
modeling in cybersystems, malicious object propagation,
immune system design, and environmental informatics.

Dr. Nguyen Ha Huy Cuong obtained his doctorate in com-

puter science/resource allocation cloud computing in 2017
from the University of Da Nang, Vietnam. He has published
over 50 research papers. His main research interests include
the resource allocation, detection, prevention, and avoidance
of cloud computing and distributed systems. He serves as
a technical committee program member, track chair, ses-
sion chair, and reviewer of many international conferences
and journals. He is a guest editor of journal International Journal of Information
Technology Project Management (IJITPM) with special issue on “Recent Works
on Management and Technological Advancement.” Currently, he is working at the
University of Da Nang—College of Information Technology, Vietnam.

ix
Contributors
Amna Al-Sdidi Suman De
Faculty of Computing and Information Developer
Technology SAP Labs India Pvt. Ltd.
Sohar University Bangalore, Karnataka, India
Sohar, Oman
Mohammad Farhan Ferdous
K. Annapurna Department of Information Science
Department of Computer Science & Japan Advanced Institute of Science
Engineering and Technology
Canara Engineering College (Affliated Ishikawa, Japan
to VTU, Belagavi, India) Japan-Bangladesh Robotics &
Benjanapadavu, Mangalore, India Advanced Technology Research
Center (JBRATRC)
D. Arivudainambi Dhaka, Bangladesh
Department of Mathematics
Anna University Anuj Kumar Goel
Chennai, Tamil Nadu, India Department of Electronics &
Communication Engineering
Shreyas Arunesh CMR Engineering College
Department of Electronics and Hyderabad, Telangana, India
Communication
NMAMIT (Autonomous and Affliated Meenu Gupta
to VTU, Belagavi) Department of Computer Science and
Karkala, Karnataka, India Engineering
Chandigarh University
K. Pranava Bhat Chandigarh, Punjab, India
Department of Electronics and
Communication Rachna Jain
NMAMIT (Autonomous and Affliated Department of Computer Science and
to VTU, Belagavi) Engineering
Karkala, Karnataka, India Bharati Vidyapeeth’s College of
Engineering
Ashok Kumar Das Delhi, India
Center for Security, Theory and
Algorithmic Research Gautam Kumar
International Institute of Information Department of Computer Science and
Technology Engineering
Hyderabad, Telangana, India CMR Engineering College
Hyderabad, Telangana, India

xi
xii Contributors

Sheo Kumar Dinesh Kumar Saini

Department of Computer Science and Faculty of Computing and Information
Engineering Technology
CMR Engineering College Sohar University
Hyderabad, Telangana, India Sohar, Oman

S. Mangairkarasi Hemraj Saini

Department of Mathematics Department of Computer Science and
Anna University Engineering
Chennai, Tamil Nadu, India Jaypee University of Information
Technology
Tarini Charan Panda Waknaghat, Himachal Pradesh, India
Department of Mathematics
Ravenshaw University K. V. S. S. S. S. Sairam
Cuttack, Odisha, India NMAMIT (Autonomous and Affliated
to VTU, Belagavi)
Pati Prasanthi Karkala, Karnataka, India
Department of Computer Science and Canara Engineering College (Affliated
Engineering to VTU, Belagavi)
Stanley College of Engineering and Benjanapadavu, Mangalore, India
Technology for Women
Hyderabad, Telangana, India B. Y. Sandhiyaa
Department of Software Engineering
K. Sarveswara Rao SRM Institute of Science & Technology
NMAMIT (Autonomous and Affliated Chennai, Tamil Nadu, India
to VTU, Belagavi)
Karkala, Karnataka, India Shivam Singh
Canara Engineering College (Affliated Department of Computer Science and
to VTU, Belagavi) Engineering
Benjanapadavu, Mangalore, India Bharati Vidyapeeth’s College of
Engineering
Yerra Shankar Rao Delhi, India
Department of Mathematics
Gandhi Institute of Excellent Jangirala Srinivas
Technocrats Jindal Global Business School
Bhubaneswar, Odisha, India O. P. Jindal Global University
Sonipat, Haryana, India
Ranjita Rath
Department of Mathematics, Gandhi Mohammad Wazid
Institute of Engineering Technology Department of Computer Science and
University Gunupur, Engineering
Gunupur, Odisha, India Graphic Era (Deemed to be University)
Dehradun, Uttarakhand, India
Contributors xiii

Mrutunjaya S. Yalawar Jabar H. Yousif

Department of Computer Science & Faculty of Computing & Information
Engineering Technology
CMR Engineering College Sohar University
Hyderabad, Telangana, India Sohar, Oman
 1 Security Threat Analysis
and Prevention towards
Attack Strategies
Suman De
SAP Labs India Pvt. Ltd.

CONTENTS
1.1 Introduction ......................................................................................................2
1.2 History of Security Breaches............................................................................3
1.3 Common Security Threats................................................................................4
1.3.1 Malware ................................................................................................4
1.3.2 Phishing ................................................................................................5
1.3.3 Spear Phishing ......................................................................................5
1.3.4 “Man in the Middle” (MitM) Attack....................................................5
1.3.5 Trojans ..................................................................................................5
1.3.6 Ransomware .........................................................................................6
1.3.7 Denial-of-Service Attack or Distributed Denial-of-Service
Attack (DDoS) ......................................................................................6
1.3.8 Attacks on IoT Devices.........................................................................6
1.3.9 Data Breaches .......................................................................................6
1.3.10 Malware on Mobile Apps .....................................................................6
1.4 Security Challenges in Modern Day ................................................................7
1.4.1 Cloud Computing..................................................................................7
1.4.2 Social Media .........................................................................................8
1.4.3 Smart Phones ........................................................................................8
1.4.4 General Data Protection Regulations (GDPR) .....................................9
1.4.5 Attacks Based on Machine Learning and AI .......................................9
1.4.6 Attacks against Cryptocurrencies and Blockchain Systems .............. 10
1.4.7 Switching to DevOps.......................................................................... 10
1.4.8 Biometric Authentication.................................................................... 11
1.4.9 Fileless Malware ................................................................................. 11
1.5 Attack Strategies and Brief Study on Advanced Persistent Threat (APT)..... 12
1.5.1 How an APT Attack Works................................................................ 12
1.5.2 Some Instances of APTs..................................................................... 13
1.5.3 Characteristics of APTs ...................................................................... 14
1.6 Prevention Measures....................................................................................... 15
1.6.1 Identify the Threats ............................................................................ 15

1
2 Cyber Defense Mechanisms

1.6.2 Beware of Cybercrimes ...................................................................... 15

1.6.3 Observe All Stakeholders ................................................................... 15
1.6.4 Usage of Two-Factor Authentication .................................................. 15
1.6.5 Conduct Regular Audits ..................................................................... 16
1.6.6 Draft a Credit Sign-Off Policy ........................................................... 16
1.6.7 Protect Vital Data ............................................................................... 16
1.6.8 Perform Risk Assessments ................................................................. 16
1.6.9 Insure against Cybercrime.................................................................. 16
1.6.10 Gather In-Depth Knowledge about Risk Factors................................ 17
1.7 Threat Modeling ............................................................................................. 18
1.8 Role of a Threat Analyst.................................................................................20
1.9 Summary ........................................................................................................ 21
References................................................................................................................ 22

1.1 INTRODUCTION
Cybersecurity has become a matter of primary concern for organizations and world
governments alike. The essence of every application is ranging from web-based
offerings to mobile applications run into the common challenge of defending against
intrusions by foreign attacks of cybercriminals. Data security provides another angle
to the all security practices, and the governed aspects of policies like General Data
Protection Regulations (GDPR) make it essential to software vendors to abide the
needs of relevant governing laws and ensure quality with respect to security. This
introduces the importance of incorporating security analysts to evaluate and ensure
that the required guidelines and regulations are maintained wherever required. This
chapter takes a tour of generic security threats and how the role of a security analyst
helps discover potential threats and faws in any software offering. The recent secu-
rity threats are also explored and briefy discussed along with the possible prevention
steps against known attack strategies.
Threat analysis is the process of evaluating suspicious actions and reach of
unrecognized intelligence bodies or cybercriminals [1]. A cybersecurity threat is
described as a malicious activity that looks to hamper the digital world. The activity
could be damaging of data, intervention in a communication channel, or unauthor-
ized retrieval of data. The generic target of hackers* includes business organiza-
tions, government bodies, institutions, and even individuals with infuential identity.
Cyberattacks can involve threats such as denial-of-service (DoS), malwares, software
viruses, and phishing emails. These threats target entities with an online presence
and relevance with respect to the attack. History has shown cyberattacks that have
resulted in breaches of Government security missions, data breach in media houses,
and massive fund transfers in bank frauds affecting regular activities of human life.
Security threats can be damaging but often follow well-defned strategic moves,
which leads to a possible breach. The prevention of attack scenarios is well estab-
lished by a study of possible attack strategies and the necessary steps that are needed

* Hackers (indicative to crackers) are individuals who break into a system to gain unauthorized access
to confdential data or to affect the regular functionality of a system.
Security Threat Analysis and Prevention 3

to be taken to avoid any such breaches. Detecting, preventing, or dislodging the

threat in the most convenient time reduces the business impact and the possibility
of considerable effects. This chapter explores attack strategies and patterns that are
used by cybercriminals or hackers to break in various systems.

1.2 HISTORY OF SECURITY BREACHES

Confdential data extrapolation, social media breaches, and bank frauds are some
common threats that make new headlines frequently. Keeping aside the generic
ones, the terror spread through WannaCry ransomware attack or WikiLeaks have
had signifcant impact on people and government powerhouses. In 2019 alone,
29 major breaches in fnancial institutions were affected, resulting in millions of
dollars loss for them [2].
In May 2017 a ransomware attack called WannaCry targeted Microsoft Windows-
based operating systems to demand ransom payments in Bitcoin cryptocurrency and
was considered as a global epidemic. It was a type of crypto-ransomware (malicious
software), used by cybercriminals to extort money. Such malwares achieve this by
encrypting important fles, so that the user is unable to read them, or they lock the
user out of their own system, so that it cannot be accessed. This type of malicious
software encryption is called crypto-ransomware and is often termed as locker ran-
somware. Crypto-ransomware keeps the data hostage, in return of ransom payment
from the user.
More recently, a Football Leaks hacker, Rui Pinto, hacked and exposed the break-
ing of Financial Fair Play rules and is said to have accessed over 70 million docu-
ments and 3.4 TB of information about numerous football clubs [3]. He had leaked
the information to German news magazine, Der Spiegel, and was imprisoned in 2019
for 90 separate cases of hacking and fraud. Table 1.1 shows the list of well-known
cyberattacks or breaches.
We also refer to the fraud cases or cyberattacks on fnancial institutions men-
tioned in the Carnegie Endowment for International Peace and see a huge rise in
the numbers in recent years, which is shown in Figure 1.1. The facts hint at the
more growing importance of securing systems by proper threat modeling. Be that
as it may, the risk scene has been more concerning with country states progressively
joining the blend and with the subsequent harm heightening, from burglary to inter-
ruption and demolition [4].

TABLE 1.1
List of Well-Known Cyberattacks or Breaches
Incident Type of Attack Year
WannaCry Ransomware Malware software demanding ransom 2017
Koobface worm Malware in social media sites—213K users affected 2009
Equifax Data breach affecting 145.5 million users 2017
Dream market breach Sixteen websites hacked and out on sale in the Dark web 2019
Friend Finder networks 412 Million accounts hacked and exposed 2016
4 Cyber Defense Mechanisms

FIGURE 1.1 Cyberattack frequency on fnancial institutions since 2007 as per Carnegie
Endowment.

1.3 COMMON SECURITY THREATS

Cyberattacks can emerge from multiple sources. Intruders target multiple possi-
bilities to break in a system and can damage to it. A cyberthreat is an activity that
intends to snoop data, distort data, or attempt to create major damage. These threats
can be classifed into some major types [5].

1.3.1 MALWARE
Malware is an application which does a harmful activity on a device, network, or
system. Activities can result to corruption of data, gaining unauthorized access on
confdential information or manipulation of data. The word “malware” is formed
keeping the essence of two different words “malicious” and “software.” A malware
can be a virus, Trojan, spyware, or ransomware that causes damage to a system.
Viruses tend to associate itself with other entities to clear fle content, or infect and
damage relevant fle content. Viruses spread with control, resulting in damage of a
system’s primary features, and damaging or corrupting fle content. Such software
appears as executables (.exe) or batches (.bat), and cause harm to the system. Trojans
are malwares that disguise itself as legitimate software or are hidden in legitimate
software that has been tampered with. It acts discretely by making backdoors in the
security system to allow signifcant malwares inside. Spywares are malicious soft-
ware which are developed to spy on users. They hide themselves in the background
and observe the user’s online activities, including passwords, credit card numbers,
user behavior for websites, and other relevant activities. The primary objective of
Worms is to infect a complete network of devices, both local and across the web, via
network protocols, or interfaces. Ransomware attempts to lock down systems and
relevant fle content and sends a word to erase or damage signifcant data unless a
ransom is paid. Another type of malware is Adware which is not harmful but causes
a distraction for users and also creates an easier route for other malwares to creep
Security Threat Analysis and Prevention 5

into the system. Attackers can also utilize a network of computer to infect and work
for personal benefts which is also another type of malware and is commonly known
as Botnet.

1.3.2 PHISHING
Phishing is a message-based (especially electronic mails) threat which constitutes
of tricking the end-user into exposing private data or luring to download malicious
software by following a link sent with the email. The email is drafted in a way to
make the recipient believe the source and trust the sending entity. Once the recipi-
ent is lured into the content, they are coaxed into providing private information or
forced to download malware onto the target’s computer. A common example is a
mail containing prize winning notifcation and requesting bank details for follow-up
on receiving the winnings.

1.3.3 SPEAR PHISHING

It is a more classic form of phishing that involves the intruder to gain information
about the victim and positions itself as an entity that the target knows and trusts.
The primary target in this case are individuals rather than a wide group of people.
Attackers observe and do a complete study on their victims via social media and
other publicly available data to appear more authentic. This is often the frst to step
to take down the cybersecurity barriers of an organization.

1.3.4 “MAN IN THE MIDDLE” (MITM) ATTACK

This form of security attack occurs when an intruder creates a channel between
the sender and recipient of the emails, and reads confdential messages, and in fact
modifes the contents before it reaches the intended target. Both end-users are under
the impression that the communication is clear. This attack is often used by military
to create a state of confusion for an opponent camp. It requires three players—the
victim (sender), target user (recipient), and the “man in the middle,” who’s intruding
into the communications without the awareness of the communicating parties.

1.3.5 TROJANS
They are a form of malicious software which reaches a network appearing to be a
generic software but installs malicious code after it is inside the target system. It
draws motivation from ancient Greek History and was named after the same. Trojans
are employed by cybercriminals and intruders to attain unauthorized access to net-
works. End-users are tricked through social engineering techniques into download-
ing and installing Trojans. Once installed, Trojans enable cyberthieves to spy, steal
confdential data, and gain unauthorized access to the target system. The activities
involve data deletion, blockage, modifcation, copy, and affecting the performance of
systems or network of computers.
6 Cyber Defense Mechanisms

1.3.6 RANSOMWARE
Ransomware is a malware that constitutes of encryption of information on the
host network and asking for money in return of availability of the system to the
affected individual again. This type of a threat may involve low-hanging nuisances
to major incidents as observed during the locking of confdential government
information for the whole area of Atlanta and WannaCry ransomware software in
2018 and 2017, respectively.

1.3.7 DENIAL-OF-SERVICE ATTACK OR DISTRIBUTED

DENIAL-OF-SERVICE ATTACK (DDOS)
This attack happens when authorized end-users are locked from accessing relevant
systems, devices, or other network entities due to the activity of a malicious cyber-
intruder. Services affected include emails, sites, online accounts (e.g., banking or
social), and similar services that are dependent on the affected system. A DoS sce-
nario is accomplished by making the targeted host or system busy with traffc; it
simply crashes or disallows the user to respond, resulting in access failures for autho-
rized users. These attacks are time-consuming as well as prove to be costly as their
resources and services are inaccessible. A DoS is known to be a distributed attack
where multiple systems are working together to cause harm to one target, e.g., food-
ing a server network with high traffc.

1.3.8 ATTACKS ON IOT DEVICES

Internet-of-things (IoT) devices are prone to various forms of cyberattacks. It
involves cybercriminals having full control of the equipment to consider it a play
for a distributed denial-of-service (DDoS) attack by gaining illegitimate entry to
the data that is gathered in the equipment. Devices with huge volume of data,
geographic diversifcation, and not-updated system software are the primary aim
to malwares [6].

1.3.9 DATA BREACHES

This refers to stealing of information by a harmful intruder. The general objective
for such assaults involves identity theft, a need to act as a whistleblower (e.g., Edward
Snowden or Julian Assange) or espionage.

1.3.10 MALWARE ON MOBILE APPS

Mobile-based applications have been prone to cyberthreats similar to other soft-
ware applications. Cybercriminals use malicious software inside app downloads and
mobile-based sites, and use other phishing techniques. Such an attack on mobile
application can provide the intruder with enablement to private data, geographical
data, bank account details, and so on.
Security Threat Analysis and Prevention 7

1.4 SECURITY CHALLENGES IN MODERN DAY

Keeping the above threats in mind, the challenges of digitization and evolution of
technology have also seen new challenges offered to the cyberworld that are to be
considered before choosing the safety guidelines of a system. Guaranteeing cyber-
security is turning out to be harder with time as hackers execute new assaults, abuse
current open pointers, and use new hacking techniques continually; at the same time,
administrative establishments modify and develop gauges. Here, we discuss the fea-
tures of each innovation in modern day and evaluate the security threats associated
with the same.

1.4.1 CLOUD COMPUTING

The intricacies of changing data and software to the cloud continue to pull in clients
for storing their data in DropBox or iCloud, utilize Gmail or Live Mail to handle
their electronic messages, and manage their social lives with the help of tools such
as Evernote and Mint.com. In complexity to IoT gadgets, cloud stages store a lot of
sensitive and important information [7]. While cloud suppliers put a great deal of
exertion into guaranteeing the security of their administrations, there are still an
excessive number of cyberthreats that cannot be overlooked.
The following characteristics play a major role in attracting cybercriminals to
create an impact [8]:
Confguration mismanagement: As per Symantec, actualizing both software-
as-a-service and infrastructure-as-a-service safety will continue as a battle
for some associations. Institutions are not totally mindful of the intricacies
associated with verifying cloud information, and considerably, further breaks
brought about via mistake, bargain, or confguration will emerge sooner rather
than later.
Specter and Meltdown vulnerabilities: A few aggressors attempt to abuse
Specter and Meltdown issues and spotlight the respective assaults on the CPUs
utilized by cloud vendors. The most ideal way to tackle such circumstances is to
ensure that the equipment is refreshed—current fxes fxing diverse Specter and
Meltdown lapses have been discharged constantly. Notwithstanding, as Specter
problems are hard for fxing, a few specialists recommend supplanting every infu-
enced processor.
Insecure application programming interfaces (API): In many cloud frame-
works, APIs continue to be the main aspects other than the trusted authoritative
limit having an open IP target. Along these lines, unmanaged APIs may provide an
aggressor extensive access to cloud SaaS products and mark the whole framework
in danger.
Data loss: A major concern that ought to be considered and not overlooked is
losing the organization’s information because of some non-noxious causes, e.g., a
catastrophic event or human blunder. The best way to moderate such dangers is by
making bunches of reinforcements of important data and putting away them at physi-
cal destinations situated in various pieces of the globe.
8 Cyber Defense Mechanisms

1.4.2 SOCIAL MEDIA

Online networking, e.g., Facebook, and Twitter, has demonstrated dangerous devel-
opment lately. At the end of 2012, there are in excess of 450 million dynamic cli-
ent profles of Twitter with an ever-expanding list of new registrations in Facebook
arriving at right around 1 billion clients. Long-range interpersonal communication
destinations have been exceptionally famous and become the favored strategy for
correspondence for most youthful ages. Every one of these online networking sites
regularly gives instruments where clients share their own data (e.g., name, address,
sexual orientation, DoB, and inclination towards specifc hobbies), photographs, sta-
tus feeds, and spread connections.
Assailants exploit the web-based life rage as another mechanism for propelling
deceptive assaults. Before the fnish of 2008, Kaspersky Lab assortment had in excess
of 43K malevolent documents identifying with Internet-based life. A document distrib-
uted by IT cyberattack mitigation and information assurance company, Sophos, uncov-
ered a disturbing ascent in assaults on clients of online social sites. In the overview
led by Sophos, around 60% organizations worry that their representatives give a lot of
data in informal communities, whereas around 66% organizations believe that utiliz-
ing interpersonal organizations represent an extraordinary risk to the organizations.
Koobface, a worm which travels via Internet in 2009, was strikingly a popular
malicious software case that uses expansion of web-based life. The Koobface botnet
computerizes production of current online profles to get to know clueless clients, thus
spamming and tempting connections that divert to malware. Another mainstream mal-
ware assault is fnished via utilization of a noteworthy number of Twitter and Facebook
end-user profles which are not authentic or are currently unused. At that point, the
lawbreakers stunt users in the interpersonal organization webpage into “friendling” or
tailing those and tapping on their announcements that regularly resulted in opening of
pernicious sites. Elsewhere, it is observed that an enormous amount of malwares were
distributed in the wake of clicking for content on “drifting” points through Twitter.

1.4.3 SMART PHONES

Cell phones, combined with progress in remote advancements, have become an
inexorably complex PC and specialized gadget that is promptly conveyed by people
for the duration of the day. There are various styles of assaults focused to exploit the
expansion of portable processing. The aggressor tries to damage the encryption of
the portable system. An intruder then tries to snoop in stealthily on Wi-Fi correspon-
dences to collect information (e.g., user details and secret phrase). Security problems
observed for Bluetooth on smart phones are contemplated and resulted in multiple
problems. For instance, Cabir is a worm that spreads through Bluetooth association.
It scans for close by telephones containing Bluetooth in discoverable state and sends
the worm to the designated gadget. The client must acknowledge the approaching
document and run the code. In the wake of execution, the worm contaminates the
machine. To forestall correspondence-associated assaults, organizing traffc traded
through telephones is observed, e.g., observation on arranging directing focuses or
checking the utilization of system versatile conventions.
Security Threat Analysis and Prevention 9

Another sort of assaults is observed from the vulnerabilities in versatile pro-

gramming applications particularly with portable Internet browser. Weakness in the
Internet browser for Android was found in October 2008 misusing out of date and
helpless library.
Malignant assailants target telephones as a channel to distribute malware. To
control the malware proliferation, portable organizations offer a concentrated open
commercial center commended with an endorsement procedure before facilitating
the application. The unifed commercial center assists with evacuating any applica-
tion whenever discovered suspicious prior to being downloaded by the clients. For
instance, Apple embraces a verifying procedure to guarantee all products adjust to
Apple’s standards prior to being released through the AppStore. Apple affrms a
product by code marking using encryption keys. Getting to the product by means of
AppStore is the main route for iPhone gadgets to introduce other applications. Like
Apple, Android also has an open commercial center to have applications. Android
utilizes public supporting to rate the applications by clients. In light of client objec-
tions, applications can be expelled from commercial center and expel them from
the gadget also. Another methodology taken by the versatile organizations to secure
their portable stages is observed in the possibility of a sandboxing. Sandboxing
divides various procedures to keep them from connecting and harming one another
in this way viably restricting any opportunity for malevolent code to be embedded
and surpassing the running procedures from doing unsafe exercises. Apple iOS cen-
ters around constraining privileges to the API for products from the Apple Store,
whereas Android utilizes its sandboxing on hidden inheritance Linux bit.

1.4.4 GENERAL DATA PROTECTION REGULATIONS (GDPR)

The GDPR upholds guidelines for authoritative compliances including measures
that defend against cherishing security. The utilization of Data Protection Impact
Assessments (DPIAs) helps keep exhaustive information preparing records and
obligatory detailing of information breaches. The essential need of such a framework
is responsibility, which is what the information controllers are responsible for, and can
relate consistence with the accompanying six general security standards overseeing
accountability, reasonableness, and straightforwardness. At the end of the day, individual
information is executed legally, decently, and in a straightforward way. Another issue
is programmers utilizing rebelliousness with GDPR to further their potential beneft by
coercing organizations which doesn’t meet the prerequisites mentioned in the guideline.
Gilad Peleg, CEO of SecBI, forecasts that badly arranged organizations should fgure
out how to “become at any rate halfway agreeable” with the new guideline [9].

1.4.5 ATTACKS BASED ON MACHINE LEARNING AND AI

Artifcial Intelligence (AI) or man-made consciousness and machine learning (ML)
programming “learn” through outcomes of previous occasions and arrive at the set
objective. Although numerous cybersecurity experts employ AI/ML devices to fore-
stall digital assaults, quite possibly programmers similarly use the same inventive
answers for developing elaborately refned cyberattacks. Man-made intelligence
10 Cyber Defense Mechanisms

along with ML can be used to perform multiple forms of attacks—from sending

huge amounts of spam/misrepresentation/phishing messages through chatbots to
AI-fueled secret key speculating to executing cryptographic attacks.

1.4.6 ATTACKS AGAINST CRYPTOCURRENCIES AND BLOCKCHAIN SYSTEMS

Blockchain innovation has been a standard wellspring of interruption in the realm of
information security. Associations of both open and private division face the normal
worry of giving the best of security affrmations to the clients. A blockchain is a
disseminated database of records for all exchanges that is been prepared and shared
between all partners. The exchanges are confrmed by endorsement or assent from
greatest members related to the framework. The accessibility of such record, once
entered, can’t be moved back. The blockchain comprises distinct and inspectable
record of all exchanges made in the framework. Numerous organizations receiving
cryptographic money innovation don’t execute proper security controls. Accordingly,
they keep on encountering budgetary misfortunes, predicted Bill Weber, the head
security strategist at eSentire.
While dealing with digital currencies and blockchain frameworks, there are three
fundamental sorts of assaults that should be set up for managing:

• Overshadowing assault: A system-level assault on a blockchain frame-

work, when an aggressor oversees all the associations going to and from
the unfortunate casualty’s hub. This kind of assault might be utilized for
concealing data about the utilization of digital forms of money inside the
system and performing twofold spend assaults.
• Sybil assault: An assault where one hub in the system secures a few
personalities.
• DDoS assaults: While numerous mainstream digital forms of money,
e.g., Bitcoin works in insurance against DDoS assaults; the hazard is excep-
tionally large for all the unsafe cryptographic forms of money.

1.4.7 SWITCHING TO DEVOPS

When switching to DevOps prompts superior profciency, larger speed, and progres-
sively responsive conveyance of IT benefts, this development may likewise pres-
ent genuine cybersecurity dangers. Numerous associations are as yet attempting to
apply suffcient security controls in the DevOps practice. Subsequently, organiza-
tions should be prepared to manage a great deal of conceivable security issues when
switching to DevOps. These include

• Security group misconfguration: As conditions become bigger, they inter-

connect handful, hundreds, or even a large number of various security
gatherings. Dealing with these gatherings is a test, as the scarcest miscon-
fguration prompts a huge security issue.
• Incidental exposure of public content: The information is put away in a
freely open Simple Storage Service (S3) container. On the off chance that
Security Threat Analysis and Prevention 11

the information isn’t designed accurately, it might prompt empowering

access to delicate and important data.
• Excessive number of false positives: Anomaly discovery turns into a
genuine test since conditions change continually, making more bogus posi-
tives than the framework can manage. Aggressors may utilize this issue to
further their potential beneft, concealing their exercises behind genuine
procedures inside the unfortunate casualty’s condition.

1.4.8 BIOMETRIC AUTHENTICATION

Biometric authentication acquires greater ubiquity as a creative digital security arrange-
ment. While a few people consider biometrics to be another and productive method for
improving the security for undertakings, others consider it to be a potential issue.
There are numerous sorts of confrmations dependent on biometrics: normal
thumb fltering to a progressively imaginative tone, retinal, or facial acknowledg-
ment. Numerous individuals accept that biometric frameworks are about diffcult
to bargain—the information can’t be speculated and is one of a kind for each user.
Subsequently, it is by all accounts a superior answer for a solitary factor confrma-
tion and an incredible expansion to a multifaceted validation framework. In any case,
biometric frameworks have their downsides.
A signifcant issue is that biometric data can in any case be taken or copied, much
the same as a client’s login and secret phrase. In any case, rather than a secret word,
the client is unable to update the sweeps of their retina or get another facial update.
Thus, it throws newer diffculties for security experts later on.

1.4.9 FILELESS MALWARE

Many organizations are now fxating on a new issue of non-malware threats. Another
noteworthy issue is the expanding ubiquity of non-malware assaults. Numerous asso-
ciations despite everything need groundwork for this sort of digital dangers, which
just urges the assailants to utilize Fileless malicious software considerably more.
The typical non-malware assaults misuse Windows vulnerabilities and run their
payloads in the system. These contaminations are erased through rebooting of the
framework. However, there are progressively unpredictable forms of non-malware
assaults. A few assaults can utilize the current Windows instruments for malevolent
purposes, whereas the others can keep on running their pernicious code considerably
after the framework reboot. The couple of fundamental concerns to why Fileless
malicious software is more earnestly to recognize are as follows:

• They consist of less indicators of compromise (IoC) than the customary

malicious software.
• They utilize the injured individual’s apparatuses, claiming to be an authen-
tic procedure inside the framework.

Thus, conventional enemy of malware programming can’t distinguish non-malware

dangers viably, and new arrangements are called for.
12 Cyber Defense Mechanisms

1.5 ATTACK STRATEGIES AND BRIEF STUDY ON

ADVANCED PERSISTENT THREAT (APT)
The above sections elated various attack strategies that threaten the existence of
organizations, government bodies, and individual entities in the cyberworld. The
attacks can target multiple co-existing stakeholders and pose a huge threat on all
involved. Ransomware, specially, has an immense impact in the current world. Bank
attacks or demanding of ransom in return of allowing the end-user to get back con-
trol of intervened access has shaken many institutions in the recent past. We would
be looking at a special type of an attack in this particular section. An advanced
persistent threat (APT) is a planned and centered cyberthreat that has an interloper
access to a framework and remains unknown for some time [10]. The point of an
APT ambush is when in doubt to screen mastermind move and make data instead of
making hurt the framework or affliation.
Capable ambushes ordinarily target relationship in sections, for instance, national
guard, delivering, and the cash-related industry, as those associations oversee high-
regard information, including secured advancement, military plans, and other data
from governments and undertaking affliations. The goal of major APT attacks is to
achieve and continue to have constant access to the center to orchestrate rather than
get in and out as quick as could be permitted.
To get entrance, APT attackers often use moved attack procedures, includ-
ing pushed tries of zero-day vulnerabilities, similarly as astoundingly centered
around stick phishing and other social structuring frameworks. To keep up access
without being discovered, chance performers use pushed techniques, includ-
ing continually adjusting threatening code to avoid acknowledgment and other
refned evasion frameworks. For example, aggressors upheld by nation-states may
target authorized advancement to expand a high ground in explicit organizations.
Various targets may join power scattering and communicate interchanges utilities
and different systems, public activity, media affliations, and optional and other
political targets.
Yet APT attacks can be diffcult to perceive, and data theft is once in a while
absolutely subtle. In any case, the exhibition of exfltrating data from an afflia-
tion may be the primary snippet of data security specialists who need to realize
that their frameworks are persevering through an assault. Cybersecurity specialists
often design systems based on recognizing abnormalities in outbound data to check
whether the framework has been the goal of an APT ambush.

1.5.1 HOW AN APT ATTACK WORKS

Aggressors executing APTs commonly adopt the accompanying consecutive strat-
egy to pick up and keep up continuous access to an objective:

• Gain access: APT gatherings access an objective by focusing on frame-

works through the web, by means of lance phishing messages or an applica-
tion powerlessness with the goal of utilizing any entrance by embeddings
vindictive programming into the objective.
Security Threat Analysis and Prevention 13

• Establish a dependable balance: After accessing the objective, risk on-

screen characters utilize their entrance to do assist surveillance, just as to
start misusing the malware they’ve introduced to make systems of indirect
accesses and passages that they can use to move around unnoticed. APTs
may utilize progressed malware strategies, e.g., code reworking to cover
their tracks.
• Gain signifcantly more noteworthy access: Once inside the targeted sys-
tem, APT on-screen characters may utilize such techniques as secret word
splitting to increase regulatory rights so they can control a greater amount
of the framework and get considerably more profound degrees of access.
• Move along the side: Once risk on-screen characters have broken their
objective frameworks, including picking up head rights, they would then
be able to move around the endeavor organized voluntarily. Furthermore,
they can endeavor to get to different servers, just as other secure regions of
the system.
• Stage the assault: At this point, the programmers unify, encode, and pack
the information so they can exfltrate it.
• Take the information: The aggressors reap the information and move it to
their own framework.
• Remain until they’re distinguished: The cybercriminals can rehash this
procedure for extensive stretches of time until they’re identifed, or they
can make a secondary passage so they can get to the framework again
eventually.

Unlike increasingly common cyberattacks, progressed constant dangers will in gen-

eral be done by means of strategies that have been redone to the objective as opposed
to with progressively broad apparatuses that might be more qualifed to focus on
countless exploited people. APTs are likewise commonly done over any longer time
span—in contrast to standard assaults, which might be progressively evident and, in
this way, simpler for protectors to safeguard against.

1.5.2 SOME INSTANCES OF APTS

The Sykipot APT malicious software family used imperfections in Adobe Reader
and Acrobat. It was observed in 2006, and further assaults utilizing the malware
apparently proceeded through 2013. Risk entertainers utilized the Sykipot malware
family as a component of a long-running arrangement of cyberattacks chiefy focus-
ing on the US and UK associations, including government organizations, protection
contractual employees, and media communications organizations. The programmers
utilized a lance phishing assault that included connections and malevolent connec-
tions containing zero-day abuses in focused messages.
The GhostNet cyberespionage incident was observed in 2009. It was done from
China, and the attacks were initiated through lance phishing messages consisting of
malevolent connections. The attacks traded off PCs in excess of 100 countries. The
assailants concentrated on gaining access to system gadgets of government services
and international safe havens. These attacks gave the programmers power to control
14 Cyber Defense Mechanisms

these undermined devices, changing them to tuning in and recording devices by

remotely switching on their cameras and sound chronicle abilities.
The Stuxnet worm used to attack Iran’s nuclear program was perceived by
cybersecurity examiners in 2010. Until now, it is seen as one of the most developed
bits of malware ever perceived. The malware concentrated on SCADA (supervi-
sory control and data verifying) structures and was spread with polluted USB con-
traptions. Both the USA and Israel have been associated with the improvement of
Stuxnet, and remembering that neither one of the countries has offcially perceived
its activity in making it, there have been casual insistences that they were obligated
for Stuxnet.
APT29, the Russian progressed tireless risk bunch otherwise called Cozy Bear
has been connected to various assaults, inclusive of a 2015 lance phishing assault on
the Pentagon, just as the 2016 assaults on the Democratic National Committee.
APT28, the Russian progressed diligent risk bunch otherwise called Fancy Bear,
Pawn Storm, Sofacy Group, and Sednit, was recognized by analysts at Trend Micro
in 2014. APT28 has been connected to assaults against military and government
focuses in Eastern Europe, including Ukraine and Georgia, just as crusades focusing
on NATO associations and US protection temporary workers.
APT34, a progressed relentless risk bunch connected to Iran, was distinguished
in 2017 by scientists at FireEye, yet has been dynamic since 2014 at any rate. The risk
bunch has focused on organizations in the Middle East with assaults against mone-
tary, government, vitality, compound, and broadcast communications organizations.
APT37, otherwise called Reaper, StarCruft, and Group 123, is a progressed
relentless risk connected to North Korea that is accepted to have started around
2012. It has been associated with stick phishing assaults abusing an Adobe Flash
zero-day powerlessness.
Progressed determined dangers are not a marvel, and various APTs have been
distinguished since the mid-2000s, and they go back similar to 2003, when China-
based programmers ran the Titan Rain crusade against US government focuses
trying to occupy sensitive state mysteries. The assailants focused on military infor-
mation and propelled APT assaults on the very good quality frameworks of govern-
ment offces, including NASA and the FBI. Security investigators highlighted the
Chinese People’s Liberation Army as the wellspring of the assaults.

1.5.3 CHARACTERISTICS OF APTS

Advanced consistent risks routinely show certain characteristics refecting the ele-
vated level of coordination critical to break high-regard targets. For example, most
APTs are fnished in various stages, refecting a comparable basic gathering of get-
ting passage, keeping up and broadening access, and trying to remain undetected
in the appalling setback arrange until the goals of the attack have been developed.
Advanced steady threats are also perceived by their consideration on working up
various motivations behind a deal. APTs regularly attempt to develop different moti-
vations behind an area to the engaged frameworks, which enables them to know
whether or not the malevolent activity is found, and event response is actuated,
engaging digital security defenders to shut one exchange off.
Security Threat Analysis and Prevention 15

1.6 PREVENTION MEASURES

Evaluation of the above threats raises the questions of how such attacks can be
stopped or mitigated to ensure that the systems are not affected, and any fnancial or
physical damage is averted. We look at possible measures that can be taken to ensure
that threats posed by hackers and other cyberthreats can be kept minimum.

1.6.1 IDENTIFY THE THREATS

Key risks like unapproved access to your PC should be taken care of before you per-
severe through any loss of information. Most associations contain very fragile infor-
mation which, at whatever point spilled, could be ruinous for the association [11].
Cybercriminals are consistently scanning for opportunities to assault security and
take data that is of basic criticalness, so it’s more brilliant to maintain a strategic
distance from potential dangers to guarantee your association’s signifcant informa-
tion is protected. Recognize and oversee possible risks to the business before they
cause danger.

1.6.2 BEWARE OF CYBERCRIMES

Always be wary about cybercriminals, plan as if an attack is being expected any-
time. This permits one to ensure that the partnership is safe continuously using the
critical procedures and plans. Consistently track relevant data that is appealing for
lawbreakers and which isn’t. Likewise, create multiple methodologies using appro-
priate threat appraisals to ensure compelling measures have been taken when the
requirement comes.

1.6.3 OBSERVE ALL STAKEHOLDERS

Accomplices are a key segment of the association as they have bits of information
on the business and know about the assignments. Keep laborers moved, debilitate
them from spilling out critical information, and endeavor to make them dynami-
cally dedicated to the association. In like manner, keep the support of the signif-
cant number of messages that are exchanged between employees. Be careful with
how they use passwords and shield these passwords from unapproved staff. You
can use a Password Manager for making and managing the passwords of your
association.

1.6.4 USAGE OF TWO-FACTOR AUTHENTICATION

Limit the danger of being breached by utilizing a two-factor authentication method
for the organization. Ensure that all representatives utilize two-factor authentication
since it builds security by involving an extra advance for getting to profles. Right
now, one needs to enter a secret key along with a code that is sent to the user’s cell
phone, something that is solitarily available to the end-user. This twofold validation
permits us to block the information and eliminates programmers from assaulting.
16 Cyber Defense Mechanisms

1.6.5 CONDUCT REGULAR AUDITS

Exactly when your association starts to create, you land at a point where you can’t
deal the security of your data and need to constrain the risk of getting hacked. For
this specifc explanation, you can have an audit performed by digital security coun-
sels who are masters at guaranteeing your data. Moreover, you can get a full-time
security offcial who will be responsible for dealing with all security-related issues
and assurance the prosperity of your business.

1.6.6 DRAFT A CREDIT SIGN-OFF POLICY

To remain safe from cyberattacks, create and base a concrete close down strategy
for the representatives. This approach ensures that all employees return systems,
devices, and other gadgets prior to leaving the compound. Furthermore, their mail-
boxes are encoded so that information is not leaked, and relevant content remains
secret.

1.6.7 PROTECT VITAL DATA

Consistently guarantee that the most sensitive information of the organization is safe.
Information that is vulnerable and can be targeted by hackers needs to be secured at
the earliest. Beware of how this critical data is piling up and is being used by employ-
ees, and guarantee that this cannot be read by any employee without permission.
Relook at the strategies multiple times to guarantee that relevant data is protected
and distant from interlopers.

1.6.8 PERFORM RISK ASSESSMENTS

Perform direct digital security appraisals all the time so as to relieve the dangers.
There ought to be a different division in your organization that is committed to lim-
iting the danger of information damage. Risk management is a key factor that con-
tributes towards the development of your organization as it shields the business from
getting presented to contenders who are continually searching for bits of knowledge.
You can likewise recruit an expert like a cybercrime consultant or risk mitigation
specialist, who are experts at protecting the organization against attacks and are
famous for providing positive results to the business.

1.6.9 INSURE AGAINST CYBERCRIME

Many institutions provide protection arrangements against digital violations and
assailants. This can end up being a wise investment for the company as it covers all
the threats and risks that emerge as a result of programmers and malwares. Moreover,
by covering your organization for digital wrongdoing, a thought-out plan regarding
the harms that the organization can endure is in mind and can gauge the degree of
the risk that your organization is engaged with.
Security Threat Analysis and Prevention 17

1.6.10 GATHER IN-DEPTH KNOWLEDGE ABOUT RISK FACTORS

The more data one contains about the threats associated with the business, the better
security measures or options one will take to safeguard the organization. It is better
to comprehend the idea of the business and investigate for all possible imaginable
risk which can hamper the organization. Draw out precise feedbacks for the com-
pany just to ensure that it remains clean from all forms of malwares and collate a
defnite blueprint of the principles and guidelines which every representative must
follow to ensure that the safety of the business is not compromised. Subsequent to
arranging the consequences of the feedbacks, create and actualize cybersecurity
methodologies which reduce or eliminate the threats that have been recognized.
There are powerful and reasonable approaches to reduce and eliminate the associa-
tion’s introduction to more traditional forms of digital assault on frameworks that are
available on the Internet. The accompanying controls are laid out in cyberessentials,
together with more data about how to execute them:

• Limit frewalls and Internet gateways: create and arrange border protec-
tions, particularly web intermediary, web separating, content checking, and
frewall strategies to recognize and square executable downloads, square
access to known vindictive spaces and keep clients’ PCs from discussing
legitimately with the Internet.
• Malware security: set up and keep up malware barriers to identify and react
to realized assault code.
• Patch management: fx known vulnerabilities with the most recent adapta-
tion of the product, to forestall assaults which misuse programming bugs.
• Whitelisting and execution control: keep obscure programming from hav-
ing the option to run or introduce itself, including AutoRun on USB and
CD drives.
• Secure design: limit the usefulness of each gadget, working framework and
application to the base required for business to work.
• Password policy: guarantee that a proper secret key arrangement is set up
and followed.
• User access control: incorporate restricting typical clients’ execution con-
sents and implement the guideline of least beneft.

In the event that your association is probably going to be focused by an all the more
actually profcient assailant, give yourself more prominent certainty by extending
the ten steps to cybersecurity with the following additional measures:

• Security monitoring: to distinguish any sudden or suspicious action.

• Client preparing instruction and mindfulness: staff ought to comprehend
their job in keeping your association secure and report any unordinary
action.
• Security incident management: set up plans to manage an assault as a
viable reaction will lessen the effect on your business.
18 Cyber Defense Mechanisms

1.7 THREAT MODELING

Practically, all product frameworks today face an assortment of dangers, and the
quantity of dangers develops as innovation changes. Malware that abuses program-
ming vulnerabilities grew 151% in the second quarter of 2018, and digital wrongdo-
ing harm costs are evaluated to reach $6 trillion every year by 2021. Dangers can
emerge out of outside or inside associations, and they can have crushing outcomes.
Assaults can impair frameworks altogether or lead to the spilling of delicate data,
which would lessen customer trust in the framework supplier. To keep dangers from
exploiting framework defects, managers can utilize risk demonstrating strategies to
advise protective measures. Threat-modeling strategies are utilized to make [12]

• A refection of the framework.

• Profles of potential assailants, involving their objectives and strategies.
• An index of potential dangers that may emerge.

Threat modeling has a stepwise approach to it, which is given as follows:

1. Identify the assets.

2. Create an architecture overview.
3. Decompose the application.
4. Identify the threats.
5. Document the threats.
6. Rate the threats.

Using this, numerous risks demonstrating strategies have been created. They can be
joined to make a progressively strong and balanced perspective on potential dangers.
Not every one of them is far reaching; some are conceptual, and others are individu-
als driven. A few strategies center explicitly around hazard or security concerns.
Risk demonstrating ought to be performed right off the bat in the advancement
cycle where possible issues are identifed early and cured, forestalling a lot expensive
fx later in the future. Utilizing danger demonstrating to consider security prereq-
uisites can prompt proactive building choices that help diminish dangers from the
beginning. This can be especially useful in the region of digital physical frame-
works. A rundown of threat modeling strategies is given as follows (further clarifed
in Table 1.2):

• STRIDE and Associated Derivations.

• Process for Attack Simulation and Threat Analysis (PASTA).
• Linkability, Identifability, Non-repudiation, Detectability, Disclosure of
information, Unawareness and Non-compliance (LINDDUN).
• Common Vulnerability Scoring System (CVSS).
• Attack Trees.
• Persona non grata (PnG).
• Security Cards.
• Hybrid Threat Modelling Method (hTMM).
Security Threat Analysis and Prevention 19

TABLE 1.2
Threat Modeling Methods and Their Characteristics
Method Characteristics
STRIDE • Identifes relevant mitigation techniques
• Time-consuming but easy-to-use
PASTA • Identifes relevant mitigation techniques
• Directly supports risk management
• Ensures collaboration between all stakeholders
• Has built-in prioritization to threat prevention
• Laborious but contains rich documentation
LINDDUN • Identifes relevant mitigation techniques
• Has built-in prioritization to threat prevention
• Laborious and time-consuming
CVSS • Has built-in prioritization to threat prevention
• Provides consistent results when repeated
• Contains automated components
• Consists of score calculations that are not transparent
Attack trees • Identifes relevant mitigation techniques
• Provides consistent results when repeated
• Easy-to-use with complete understanding of the system
PnG • Provides consistent results when repeated
• Directly supports risk management
• Identifes relevant mitigation techniques
• Detects only subsets of threats
Security cards • Ensures collaboration between all stakeholders
• Targets rare threats
• Results in many false positives
hTMM • Has built-in prioritization to threat prevention
• Ensures collaboration between all stakeholders
• Provides consistent results when repeated
Quantitative TMM • Has built-in prioritization to threat prevention
• Provides consistent results when repeated
• Contains automated components
Trike • Identifes relevant mitigation techniques
• Has built-in prioritization to threat prevention
• Ensures collaboration between all stakeholders
• Directly supports risk management
• Contains automated components
• Contains vague, insuffcient documentation
VAST modeling • Identifes relevant mitigation techniques
• Has built-in prioritization to threat prevention
• Ensures collaboration between all stakeholders
• Directly supports risk management
• Contains automated components
• Provides consistent results when repeated
• Designed to be scalable
• Very less documentation available publicly
(Continued)
20 Cyber Defense Mechanisms

TABLE 1.2 (Continued)

Threat Modeling Methods and Their Characteristics
Method Characteristics
OCTAVE • Identifes relevant mitigation techniques
• Has built-in prioritization to threat prevention
• Ensures collaboration between all stakeholders
• Directly supports risk management
• Provides consistent results when repeated
• Designed to be scalable
• Time-consuming and vague documentation available

• Quantitative Threat Modelling Method (Quantitative TMM).

• Trike.
• Visual, Agile, and Simple Threat (VAST) Modelling.
• Operationally Critical Threat, Asset, and Vulnerability Evaluation
(OCTAVE).

1.8 ROLE OF A THREAT ANALYST

There is a huge dearth in the number of security professionals around the globe and
fnding the right resource to safeguard an organizations interest in the cyberworld
in a necessity. A threat analyst is responsible for mitigating risks and defning secu-
rity guidelines in an organization. Following are some skills required by the threat
analyst to be a professional in the same feld [13]:

• Skilled in assessing data for unwavering quality, legitimacy, and signifcance.

• Skilled in distinguishing elective scientifc understandings to limit unfore-
seen results.
• Skilled in distinguishing critical objective components, to incorporate
critical objective components for the digital area.
• Skilled in distinguishing digital dangers which may endanger association
and additionally accomplice interests.
• Skilled in planning and showing briefngs.
• Skilled in giving comprehension of target or risk frameworks through the
recognizable proof and connection investigation of physical, useful, or
social connections.
• Skilled in ftting examination to the vital levels (e.g., arrangement and
hierarchical).
• Skilled in utilizing Boolean administrators to build basic and complex
inquiries.
• Skilled in utilizing various expository instruments, databases, and proce-
dures (e.g., Analyst’s Notebook, A-Space, Anchory, M3, dissimilar/merged
reasoning, connect diagrams, and grids).
Security Threat Analysis and Prevention 21

• Skilled in utilizing different web crawlers (e.g., Google, Yahoo, LexisNexis,

and DataStar) and apparatuses in leading open-source look.
• Skilled in using criticism to improve procedures, items, and administrations.
• Skilled in using virtual collective workspaces as well as apparatuses
(e.g., IWS, VTCs, visit rooms, SharePoint).
• Skilled in documentation, investigation, and altering digital-related
intelligence/appraisal items from different sources.

1.9 SUMMARY
This chapter discusses some very common security threats and attack strategies
used by hackers or cybercriminals to get access to a system and cause damage to
it. We learned more about threat modeling techniques and basic prevention mea-
sures that are employed by organizations to ensure that the relevant data is safe and
secured. The following has been covered:

• Cybersecurity has become a matter of primary concern for organizations and

world governments alike. Threat analysis is the process of evaluating suspi-
cious actions and reach of unrecognized intelligence bodies or cybercriminals.
• History shows that there have been multiple breaches that have affected
the cybersecurity of organizations including WannaCry ransomware and
WikiLeaks.
• Common cybersecurity threats include malware, phishing, spear phishing,
MitM attack, Trojans, ransomware, Dos or DDoS, and data breaches.
• A software which does a malicious activity on a target network or system.
Activities can result to corruption of data, gaining unauthorized access on
confdential information or manipulation of data.
• Trojan is a form of malicious software that enters a network appearing to
be a generic software but installs malicious code after it is inside the target
system.
• Modern-day challenges pose a greater threat to the society as it involves lat-
est technology vehicles such as cloud, cryptocurrencies, and AI/ML along
with newly laid guidelines for GDPR.
• An APT is a planned and centered cyberthreat that has an interloper access
to a framework and remains unknown for some time. The point of an APT
ambush is when in doubt to screen mastermind move and make data instead
of making hurt the framework or affliation.
• All attacks can be prevented from an organization perspective if certain
measures are taken. The measures were discussed in brief to ensure that
proper steps are taken for risk mitigation.
• Threat-modeling strategies are utilized to make a refection of the
framework, profles of potential assailants, involving their objectives and
strategies, and an index of potential dangers that may emerge.
• The last section of this chapter looked at the skillset required to be a threat
analyst who would be responsible for mitigating risks and defning security
guidelines in an organization.
22 Cyber Defense Mechanisms

REFERENCES
1. P. Napolitano, G. Rossi, M. Lombardi, F. Garzia, M. Ilariucci and G. Forino, “Threats
Analysis and Security Analysis for Critical Infrastructures: Risk Analysis vs. Game
Theory,” 2018 International Carnahan Conference on Security Technology (ICCST),
Montreal, QC, 2018, pp. 1–5. doi: 10.1109/CCST.2018.8585725.
2. NortonLifeLock, “A Brief History of Data Breaches.” Available: https://www.lifelock.
com/learn-data-breaches-history-of-data-breaches.html. Last Accessed: 15.02.2020.
3. M. Henriquez, “The Top 12 Data Breaches of 2019.” Available: https://www.securi-
tymagazine.com/articles/91366-the-top-12-data-breaches-of-2019. Last Accessed:
15.02.2020.
4. Carnegie Endowment for International Peace, “Timeline of Cyber Incidents Involving
Financial Institutions.” Available: https://carnegieendowment.org/specialprojects/pro-
tectingfnancialstability/timeline. Last Accessed: 15.02.2020.
5. D. Galinec, D. Možnik and B. Guberina, “Cybersecurity and Cyber Defence:
National Level Strategic Approach,” Automatika, 58(3), 273–286, 2017. doi:
10.1080/00051144.2017.1407022.
6. L. Ming, G. Zhao, M. Huang, X. Kuang, H. Li and M. Zhang, “Security Analysis of
Intelligent Transportation Systems Based on Simulation Data,” 2018 1st International
Conference on Data Intelligence and Security (ICDIS), South Padre Island, TX, 2018,
pp. 184–187. doi: 10.1109/ICDIS.2018.00037.
7. S. Manzoor, H. Zhang and N. Suri, “Threat Modeling and Analysis for the Cloud
Ecosystem,” 2018 IEEE International Conference on Cloud Engineering (IC2E),
Orlando, FL, 2018, pp. 278–281. doi: 10.1109/IC2E.2018.00056.
8. J. Jang-Jaccard and S. Nepal, “A Survey of Emerging Threats in Cybersecurity,”
Journal of Computer and System Sciences, 80(5), 973–993, 2014. doi: 10.1016/j.
jcss.2014.02.005.
9. M. Gogan, “Cybersecurity Challenges That Need to be on Your Radar Right Now!,”
Available: https://www.readitquik.com/articles/security-2/cybersecurity-challenges-
that-need-to-be-on-your-radar-right-now/. Last Accessed: 15.02.2020.
10. M. Rouse, “Advanced Persistent Threat (APT).” Available: https://searchsecurity.tech-
target.com/defnition/advanced-persistent-threat-APT. Last Accessed: 14.02.2020.
11. L. Sion, K. Yskout, D. Van Landuyt and W. Joosen, “Risk-Based Design Security
Analysis,” 2018 IEEE/ACM 1st International Workshop on Security Awareness
from Design to Deployment (SEAD), Gothenburg, 2018, pp. 11–18. doi: 10.23919/
SEAD.2018.8472848.
12. N. Shevchenko, “Threat Modelling: 12 Available Methods,” Carnegie Melon University.
Available: https://insights.sei.cmu.edu/sei_blog/2018/12/threat-modeling-12-available-
methods.html. Last Accessed: 15.02.2020.
13. NICCS, “Threat Analysis,” National Initiative for Cybersecurity Careers and Studies.
Available: https://niccs.us-cert.gov/workforce-development/cyber-security-workforce-
framework/threat-analysis. Last accessed: 15.02.2020.
 2 Defense against
the Survivability to
Network Strategies
K. V. S. S. S. S. Sairam, Shreyas Arunesh,
K. Pranava Bhat, and K. Sarveswara Rao
NMAMIT (Autonomous and Affliated to VTU, Belagavi)
K. Annapurna
Canara Engineering College (Affliated to VTU, Belagavi)

CONTENTS
2.1 Introduction .................................................................................................... 23
2.2 Survivability Network Architecture—SONET and Self-Healing
Ring Transportation........................................................................................24
2.3 Single-Access Optical Network Ring Architecture........................................24
2.4 Multiaccess Optical Network Ring Architecture ...........................................25
2.5 Channel Demand Routing Ring Architecture ................................................26
2.6 Result .............................................................................................................. 29
2.7 Conclusion ...................................................................................................... 31
References................................................................................................................ 31

2.1 INTRODUCTION
Network survivability represents the resistance towards the physical as well as natu-
ral disasters rather than by cross talk media in the fber network strategy bandwidth
play a vital role in order to increase the interoffce networking with fber stranded
which deals the survivability aspects. It also addresses the network failures (physical
connectivity and logical connectivity.
The previous work involves the network protection by using the topologies arbi-
tration. In this protection, a method which handles normal cable penetration and
transition failures is improved, and further, it also rebuilds the network on central-
ized system [1–3]. It is the state of the network and also improves the topology inde-
pendent connectivity.
Further, a variety of source conveyance by

• The optical access network-traffc growth.

• The contact evaluation of network strategies on network topology design.

23
24 Cyber Defense Mechanisms

• The routing algorithms distribution for optical network strategies.

• Exploration of the coordination system scheme in single-period cross-con-
nectivity and multiperiod cross-connectivity by which the packet transition
in network topology.

The accomplishment of the optical network strategies is by dedicated light paths

(wavelength-lambda assignments) to utilize and maximize the spare capacity [4,5].
In this, effective routing concept is light path that can travel through optical physi-
cal logical link cross-connectivity (OPLLXC). Further to achieve the best futures
of network demand connectivity by means of a combined approach. This approach
mainly depicts the optical network demand utilization (ONDU) as well as the single
multiple period failure restoration (SMPFR) [6–8].

i. The network strategy simplifes the interconnectivity and allows fast

restoration.
ii. It also provides the broader optical network demand functionality.
iii. It also establishes the reliability between source and destination nodes.
iv. Multiplexing hierarchy with respect to digital signals for the utilization of
broadband services.
v. It also uses the add-drop multiplexer (ADM) to remove the loss in network
confguration.

2.2 SURVIVABILITY NETWORK ARCHITECTURE—SONET

AND SELF-HEALING RING TRANSPORTATION
In optical network strategy, SONET OC-3, OC-12, OC-48, and OC-192 represents
a transparent channel and their central offces. It manages the customized channel
of optical network architecture through the SONET synchronous transport signal
and synchronous transport module (SSTS and SSTM). It depends on the demand
through digital connectivity system, i.e., centralized pattern in which all the cus-
tomer demands will refer to a unidirectional central site through single-direction
self-healing ring, as shown in Figure 2.1, survivability network architecture—
SONET and self-healing ring transportation [9,10].
Single-period CO and multiperiod CO provides the protection against cable cut. In
this, the ADM at each central offce in duplex working mode by means of inner ring
and the outer ring confguration. This will be done by both CW and CCW, the protec-
tion towards this strategy with respect to working and protection fber (WPF). At the
destination, the signal selection is available for both the path signals. Let us consider
the path 1—λ 1 and path 2—λ 2. During the operation, both signals are examined
under Monitoring. If the fber is cut, the service selects the alternate path [11].

2.3 SINGLE-ACCESS OPTICAL NETWORK RING ARCHITECTURE

The above system is a basic application which is connected with the Integrated
Digital Connectivity Carrier System (IDCCS). In this, remote signal terminal is
operated by means of digital connectivity. The main function is to communicate
Defense against the Survivability 25

FIGURE 2.1 Survivability network architecture—SONET and self-healing ring

transportation.

the transition with the central offce. It forms a chain, further connected to a chain
of SONET and ADMs which collects the traffc through DS1-DSn. The topology
provides the backup in turn to reroute circuits in opposite direction, as shown in
Figure 2.2, to single-access optical network ring architecture.
It provides an interconnection between the access ring and internetwork connec-
tivity which is connected with multiple period confguration connectivity. It refects
SONET—integrated planning concept which includes both path connectivities at
least one bidirectional ring [12].

2.4 MULTIACCESS OPTICAL NETWORK RING ARCHITECTURE

In this architecture, network providers enhanced the network connectivity by design-
ing the access to provide a protection from multi-CO failure as shown in Figure 2.3.
In this, it depicts multiple connectivity of single-direction self-healing paths. It oper-
ates at a higher speed as compared to normal network. In this, each ring comprises
two paths in opposite directions towards transmission and reception of packets. It is
also known as multiperiod point of existence to enhance the service survivability. In
this, it is interconnected with a pair of point sources (nodes) which provides the paths
between rings. The point of existence from the digital signal services to inter-cross-
connectivity via interoffce network which distributes the channel from single-access
ring to multiple access rings. In this, ADMs are served with DS-STS-STM-OC-N in
order to preserve the link and path connectivity’s across the inner working architec-
ture. Further, the synchronous transport signal to synchronous transport module is
multiplexed and de-multiplexed via and access ring in CW and CCW [13].
26 Cyber Defense Mechanisms

FIGURE 2.2 Single-access optical network ring architecture.

The virtual terminal signal serving two nodes determines one ADM in clockwise
direction (CW) and another ADM in counterclockwise direction (CCW) by satisfy-
ing the ring connectivity into single period and multiperiod, as shown in Figure 2.3,
multi access optical network ring architecture.

2.5 CHANNEL DEMAND ROUTING RING ARCHITECTURE

It illustrates the digital signal routing between the network topology connectivities
and the ring architecture connectivities across different scenarios. In Figure 2.4,
channel demand routing ring architecture shows the signal routing to customers
from the internetworking and the access ring to the point of existence. It depicts the
revertive switching through the normal directional, which affects a link failure in
multiperiod ring access network [14].
Table 2.1 summarizes the comparison of different SONET ring architectures.
It consists of one bidirectional ring. This arrangement depicts the different virtual
circuit and virtual path by carrying optical carrier multiplexed signals by OC-3,
OC-12, OC-48, and OC-192 optical signals. In this, sharing bandwidth provides an
independent interoffce network as shown in Table 2.2 distinction between SONET
ring architectures (b). It is suitable for network provider which addresses the dual
connectivity between ADM and spare bandwidth capacity connectivity [15].
The NXN network topology determines its cross-connectivity by round latency
time which is given by transit time and waiting time. In multiperiod confguration,
Defense against the Survivability 27

FIGURE 2.3 Multiaccess optical network ring architecture.

the data is integrated and cross-connectivity is obtained by using digital signal lev-
els. Further, these levels are enhanced by optical carrier transmission and reception
by using dynamic network unit as depicted in ring architecture, as shown in the
above Figure 2.5. The NXN splitter splits the each multiperiod connectivity (MPC)
(integrated) in the form of both data cross-connectivity (DXC) and dynamic network
unit (DNU).
It consists of a network, switch, and a router where the data is transmitted and
received from and to input port to output port, as shown in Figure 2.6. In this, the
controller provides architecture, and it prevents the collision across packet transfer.
The input queue is dynamically fexible and also variable in the form of space switch.
In results, comparison between single-access and multiaccess ring architecture
has been tabulated with respect to 12 × 12. The parameters, i.e., round trip delay,
have been evaluated in terms of the node connectivity confguration such as 1–2
and 2–1 … 12–11 and 11–12; that is, each source and destination packet delivery
determines its propagation, transmission, and queue speed, and fnally, latency has
been measured, and the values are represented in Tables 2.3 and 2.4. Further, the
node connectivity confguration could be enhanced to NXN connectivity.
28 Cyber Defense Mechanisms

FIGURE 2.4 Channel demand routing ring architecture.

TABLE 2.1
Comparison of Different SONET Ring Architectures (a)
Attributes DCS ADM
Switching VC (virtual circuit) VP (virtual path)
Network utilization Lower Higher
Node confguration complexity Lower Higher
Path capacity NO Yes

TABLE 2.2
Distinction between SONET Ring Architectures (b)
Ring Single Single CO Multi-CO Spare
Architecture Cable Failure Failure ADM Failure Capacity Cost
Single CO YES NO Conditional Base NO LOW
Dual CO YES YES YES Drop continues NO HIGH
Defense against the Survivability 29

FIGURE 2.5 Ring architecture confgurations.

FIGURE 2.6 Single-period and multiperiod data cross-connectivity.

2.6 RESULT
Single-access ring and multiaccess ring architecture with round trip delay and
latency are measured by its packet transition from single-period connectivity (SPC)
to MPC, which is shown in Tables 2.3 and 2.4. In this, network topology of size
12 × 12 is considered where demand connectivity is represented across each point
to point. In optical networks, the survivability strategy is estimated in the form of
single node to single node connectivity and/or multinode to multinode, for example,
9–2; the single-access ring network is obtained as 3.7581765, the multiperiod access
ring 0.0098565, and the total round trip delay 0.151851515. It adapts various traffc
conditions across different cross-connectivity systems. It results the performance of
spare path capacity assignment including link/path rout optimization.
30 Cyber Defense Mechanisms

TABLE 2.3
Single-Access Ring and Multiaccess Ring Architecture with Round Trip Delay
S. No Point to Point (S, D) Single-Access Ring Multiaccess Ring Round Trip Delay
1 1–2 4.951578 0.0012565 0.168234229
1–3 3.7581765 0.0085469 0.198534665
1–4 5.104979 0.0079654 0.1587822636
1–5 3.9315035 0.0064782 0.178962542
2 2–1 5.2865985 0.0074422 0.01556511
2–3 3.7581765 0.0098565 0.151851515
2–4 5.1604979 0.3298523 0.1518418115
2–5 3.9315035 0.0012786 0.101485181
3 3–1 5.22865985 0.0059812 0.01556511
3–2 3.7581765 0.0076942 0.151851515
3–4 5.1049765 0.0002593 0.1518418115
3–5 3.7581765 0.0034985 0.101485181
4 4–1 5.104979 0.0002549 0.168234229
4–2 3.7581765 0.0005879 0.198534665
4–3 4.951578 0.5568632 0.1587822636
4–5 3.7581765 0.2156265 0.178962542
5 5–1 4.951578 0.0059812 0.01556511
5–2 3.7581765 0.0076942 0.151851515
5–3 3.9315035 0.0002593 0.1518418115
5–4 5.104979 0.0034985 0.101485181
6 6–1 5.2865985 0.0074422 0.215151511
6–2 3.7581765 0.0098565 0.15181612
6–3 5.1604979 0.3298523 0.051505615
6–4 3.9315035 0.0012786 0.11858155

TABLE 2.4
Single-Access Ring and Multiaccess Ring with Latency
S. No Bit Rate—PP (S, D) Single-Access Ring Multiaccess Ring Latency
7 7–1 4.951578 0.0012565 0.168234229
7–2 3.7581765 0.0085469 0.198534665
7–3 3.9315035 0.0079654 0.1587822636
   
7–6 5.104979 0.0064782 0.178962542
8 8–1 4.951578 0.0059812 0.215151511
8–2 3.7581765 0.0076942 0.15181612
8–3 3.9315035 0.0002593 0.051505615
   
8–7 5.104979 0.0034985 0.11858155
(Continued)
Other documents randomly have
different content
The text on this page is estimated to be only 23.83%
accurate

ROMA SKTHIANOHI.M TABKLLVF. 34:^ 184. Wucnsoli.

Se(h.. i6, p. 48. In fragmento quoquoversus m. 0,03* cum aliqua
(urle prolouies Osiris el lilleris : 185. Wurn.srli. Set/t.^ V7, p 48. In
duobus unius tabellae rragmentis, altero alto m. 0,06, lato m. 0,03,
altero m. 0,10 et m. 0,0G. Apparent prtes protomes Osiris in
sarcophago et protomarum trium aliarum. 186. Wucnsch, Seth., 48,
p. 48. In iragmentis duobus unius tabellae, quorum ost alterum
allum m. 0,06, latum m. 0,07, alterum quoquoversus m. 0,05.
Homanenl n^urarum vesti^ia quarum una tanlum protome certe
aj^noscitur. 187. Wuonscli, Lasim: Selh.y 411, p. i?l-;i2 ; in
uh(M|inMqu^n' (lolincata vsl al) auclon' iuia»-!); Cagnal, XXXI, 1897,
p. 4il. n. iOi, i',tCagnal Toulain, u. ii7, ropclivtTUul o Wurnscliio stMJ
rxlicuios lanluui vltsus (a oi ad (inuui) (Mlidrrunl. In tabella alta m.
0,17, lata m. 0,12, reperta convoluta, nunc circum* quaque mutila,
de cuius inventione haec memoravit doctissimus vir J. Gatli
(/hillellino dolla Commissioue arc/ieolo()ira comuuale di Homa^
1876, p. 115) : die 15 m. lanuarii, a. 1876, <* nello .»
The text on this page is estimated to be only 19.09%
accurate

244 SETIllANOllUM TABELLAE ROMA e usiris cuX2[JL(i)

Serpei ns. iQ sarcophago (?) euA2;x lO ejX2 euX eu e 5 • Osiris £•/
euX2[jL(i) • i5 c momie »(? ) H^[eu]X2(jL • • 6. W euX • 21 OLZ eu
jiO • • [J.0 • • e xiaiO • f * 12 <*>? euX2[;.(i) a'.0 • at 20 Go • li.0
euX2(jL aiO • 2 cp 2[Jt. euXa !7]'.0 e 6 |*a •/«*> euA. 0 t • • cy. eu
e • t a 25 . . (i){JL2Xu£ o)[X2Xue • l* . • . . . Xue (4);jL2Xu («)(X2X
c (i)2Xu2e (i)|JL2 • '? Xueau);jL (i);jL 6 • 3o cv XUiJ0J,U.2 (4) • ^••;
U£52*A(i)|X (i)(jL2Xue x».aYjOr^2p2p2 .... V s 0 au);x2Xue 0 (i>
(jLaXue • X2(X. . . C^ ff ci);x . . . • Xa(x c^? (i)(JL . . . 1 • Xa 35
fr,pai Cr^pwai CTQ?ur,j' 4o • • • • • • • • • • • . • . . . • ■ • • (i)(X2X
(4)(JL2 b)(X (I) P e X • • • X Caput ^ asininum Typhonis-Selh 9^ ' '
supra . (i)(x incertam ^,.. figuram po8itum. ^w • • . rj(X(i)e)^ r/A£ .
• • . 0 e(x« . X .)xa. . . . c ■ • . . a> . . . . . . (1)01 t f 0 •
The text on this page is estimated to be only 20.17%
accurate

HOMA SKTHIANORIIM TABELLAE 245 'if» . (,) [JL

7M|j.aXu£ y.a» 0 ZU)\J.X\j\ ... X j(i)'x . aX . . 3t r>o j(i);a(i) [X C(i);x
(0 T^S . • . ?(•) u pt . . . 'E;opy.vi) JtjLa^ xyioi if'/Y£/^0' >^*'t «Yia
cvcjjLaTa • a Oo) • • . .Sf) rjv£i:'.7-/jjaTc tw xaTC^o) touto) xat u tO
. . . CY;7aT£ y.aTaBT^ijaTe evroBtaaTe axoTiaaTE y.aTar:p£'i^aT£
TJv^epYr^ gaTs 0A£7aTe ixcy.TivaT£ Tjv/.AajaTi Iv>/£p'ov Tov
if^vuoyov y.at 'cas'j<; tcu; rzzfcu;] ajTCj £v 'f^ xjp\z^ 'f^i'Mp^ £v
T(o •-<'.>z'.y.(o 'P(,');xr,;, ;ay) Ta; 6jpa; xaXw? [i5-^^^^<]» omisit
C. — Hestitui in (ine ex titulis agitatorum karthaginiensium [D, 7'.,
234
The text on this page is estimated to be only 21.17%
accurate

246 LATIUM roma 240), Xt-^nr) proposuerat W. — 6()-6i

"xta^r,. Triaaa^, doricae est dialecti T^iOLl^tti pro Tzii^i»). — 61 i-
TiccOev {zn sTT^scoOev) fornria deterior est pro cTTtcOsv, ut docuit
L. Radermacher (fiheiu. Mus., LIl, 1897, p. 635). In hac tabella
commutantur interdum o et w, cf. v. 58 •^iViw^fov iz: il;v{oxov, (33
Trpotvi; = TpdKvac. — 62 Omiserunt W. , Lastra et C, errore, ut
opinor, typothetae. — 63 azdepiaTa adiectivus est adverbii more
tdhibitus. 'Aziptffro^, auctore eodem Radermachero (loc, cil.), d;
effrtv ock^ ip{ffTou, hic post prandium significat; opponuntur ergo
^poNa^ cjpo^ et azaptjTa, M matutina fif meridiana spectacula »
Buecheler (apud W.). 188. KailM»l, 1047; Wuonsrli, D. T. A,, prarf. p.
xiv sq. i< Romae sine dubio reperta lammina ut videtur plumbea;
nihil nisi in Vaticano esse notavit Visconti. » K. . . Xi ;(j) Tw a(oc(o 'd
vX . . . vTiixrjprj y.at T:ap . . X» . cu . . jzia TOD OVOjJLOU
Tuff(*)v[o5] fs]7:iTaffJt aot
The text on this page is estimated to be only 27.02%
accurate

KOMA LATILM 247 MY (= litayuuri) ex coniectura Kaibeli,

nulla apparent post iuM litterarom veatigia. •— 8 xa^r/^ptvi^, id est
quotidianas ; ^rfa; non intell^. — 9 Z7t^^, supplevit K. — 10-13
Inaudito paene in hisce tabellis modo defertor Nicomedes non tam
ut devoventis quam at ipeius Osiris inimi* ciit ; poenas igitur capiet
deus de sceleato homine qui papyreon ineendil vetitamque piscium
camem comedit. — De hoc xsxup^Ys toO 'OrapcftK qoae comiter in
usum meum contulit Isidorus Levy transcribere ioval : c Bien
qu*aucun texte ancien ne mentione d*0^tn5 dans les papyna,....
dans la foule des mythes locaux... on a certainement pu donoer
place k rhistoire d*uc morceau [corporis Osiris in partes
quattuordecim a Typhone dilaniati] (peut-^tre de la tdte) recueilli
parmi les roseaux par la pi^t^ d*Isis. Un monumentqui, en
apparence, nous transporte bien loin de l*Egypte, me semble
indiquer l*existence d*une croyance analogue parmi les Gd^les
d*Attis. Lacisted'Ostie(.l/oniim#^n/i, IX, pl. VIU; cf. Annali^ 1869,
p. 242 et Decharme, Htv. n,ch., VII, I88(>. p. 2^sq.) represente la
t^te d*Attis parmi les roseaux. Est-ce la le^^ende osirienne k
laquelle />. /., 188 fait aliusion qui a innuence le mythe phrygien?
Est-ce au contraire une le^^ende nee aux bords du Gallus qui s*est
introduite dans les croyances de quelque confrerie d^Occident, qui a
substitue le p«pyrus k\ik cannal Je n'ose r^pondre, maisjesuis bien
tent^de rapprocher la ciste et la tabella et de penser que nous
avons ia un exemple de plus des singuliers produits du syncretisme
de T^poque imp^riale. » — Praelerea prohibitos fuisse Aegyptios
notum est quominus certis piscibus maxime oxyrrhyncho vescerentur
utpote sacris (Herod., II, 37; Piut., de Is. et Os., 7 ; i6\Sijmpos., VIII
; C^Ma*'^^, Vlll, 2, p. 729 A; Strab.,812; Aelian., De nat. animal.j X,
46; cf. Parthey, I, 103 sq. ..civo'*, iptov xai 15 avj iOiXr;^ iv, twv
£S£T,xaT(i)v, £Xai|:v, c;:^, y^^^r'-^ r/Ojwv ;x: vcuv... ; Maspero.
fiist. anc, I, p. 180); quapropter temptavit idem vir doctus in fine v.
12 Ta>[v leptovj probabiliter. Quid vero sibi velit haec edendorum
piscium interdictio in tabella veri simillime romana non expedio. —
11 0 addidit W., cum duae deessent litterae. — 13 Post Kaibelum
restituendum esl L^apjaXa6i£j, ^sjv £T£xl£j [r, ^cTva). 189. Kaibt'1,
1048; Wut^Tisrli, /J. T. /1., praof., p. xi. % Lammina opistho^raph.-i
multitariam fracta apud Fredianum antiquarium >, Komae. K.
The text on this page is estimated to be only 19.53%
accurate

248 LATIUM MUfTUiufAB A a b c d ['V[i.oiq exixajX^oiJLe

Sa((Jiove( xat (oetouu e . apt [oXXot Oeoi] cf ytypa[k[LiiCi h cour^t
v^at [toutw tw] iJLoXW[8a)], ^OCvet ^OCv^etv] ' 'wii 0av[6vTi] [v
]r|V xaTOYO^ 5 iQ SepouoTo^ B « /■ S A » ouOYjaeiY] . w8eY)
(jTOtJ y*Y®^* • *»* [p]r|teeerfr|Y) TjtT)? . . . 09xa Ot|xou a^et
....... t; xaTapeuffa etTcou . [iij9t Or|e[ii touto) . . SepouaTOu 09Tt{
Tpa 5 SoOXc^ no[ii7nr){ou av . eTt^ ev 8ta0i^xiQ ^tu) ot Ka\
TuxT) et^ eviauTov I . . . SoOXo^ » Emendavit Kaibel qui titulum ita
interpretatur : c Dirae sunt, quibua ligari videtur Servatus, Pompei
fortasse alicuiua servus. > A : — 1 a e?ctxaX£o[jLe=: einxaXoC(jLai.
— 2b Wuenschio adsentior dicenti : c Num in vs. 2 recte suppletum
sit oXXot Oeo( valde dubito, eum formulae illiua tabeUarum
nostrarum recordor o( evTaOOa YCYptfR^^vot, quae semper ad eos
pertinet, qui devoventur. > -^.3 d 0zv[6vt«.] vel Oav[ano]. B. — 4 9
Tp iunctae. — 6e eTt^, 6 pro C errore fortasee posito, correxit K.
[o]aTt^. MINTURNAE 190. Mommscn, C. 7. L., X., 8249, ubi
dclinoata cst tabella; Stornaiuolo, cum cfrigic lamminac; Mancini in
Atti della R, Ac^ cademia di archeologia lettere e belle arti di Napoli,
XII, 18841886, 2» pars, p. 76-81, tab. III, n. 2; Wuensch, D. T. A.,
praef.» p. XXVII.
 MINTURNAE LATIUM 249 Tabella alta m. 0,182, lata m.
0,099, < reperta complicata et clavo transnxa in sepulcro ex tegulis
facto, cranio defuncti supposita ; simul prodiit sigillum marmoreum
operis elegantis mulierem repraesentans concinnatam, altum cent.
11, latum cent. 4. Reperta $unt mense Aug. a. 1879, CLXX metris a
ponte Liris ferreo, m. LXXX ab amphitheatro Minturnensi, » in loco
quem vulgo dicunt la campagna Virilassi. Mo. Destinata est museo
Campano. Dii iferi vobis romedo si quicua saclitales kheies ac iadro
Ticene odi Carisi qugud acat quod icidai omnia in adversa dii iferi
vobis r> comedo ilius . memra colore ficura caput capilla umbra
cerebm frute supn.,,:Aa os nasu mclu bucas la.,,, rbu vitu nes colu
iocur umeros cor fulmolo ilestinas velrc bracia dicila os manus ublicu
visica femen* cenua ci^ra talos planta ticidos dii iferi si elud vider,
dabescete • - • • • • ■ 0 i5 vobis sactu ilud libns ob anu■ * • • *
versariu facere dibus parnntibus ilius ,,,, ta peculin tabescas Dii
i(n)feri, vobis com(m)e(n)do, si quic;^qjUa(m) sa(n)ctilatrijs
h(a)bel[i]s, ac t(r)ad\r>o T[y|c(h)ene(n) Carisi, quodqu[o]d a[g]at,
quod i(n)cida(n)l omnia in adversa. Dii i(n)feri, vobis 5
com(m)e(n)do il(l)ius . mem(b)ra, colore(m), fr«r]ura(m), caput,
capill[os], umbra(m), cerebru(m), tru(n)te(m), supe[rcil]ia, os,
na8u(m), me(n)tu(m), buc(c)as, la[bra, ve]rbu(m), vrul?]tu(m),
col(l)u(m), i[elcur, (h)umeros, cor, [p]ulmones, ,o i(n)teslina,
ve(n)tre(m), bra(ch)ia, di[gjil 
 I ^ 250 ' LATIUM MINTORIfAB os, manus, u(m)b(i)licu(in),
v[e]8ica(m), fem[i]Qa, [g]enua, crura, talos, planla(s), [d]i[g]i[t]08.
Dii i(n)feri, si [illam?] vider[o] [t]abe8ce(n)te(m) i5 vobis
sa(n)ctu(m) ii(l)ud iib(e)ns ob an(n)uver8ariu(m) facere dibus
parentibus il(l)iu8....ta pecuHu(m) tabescas. Defigitur Tychene vel
Tyche^ Carisi uxor vel serva, cum omnibus corporis sui partibus;
vide praeterea infra ad v. 18. 1-2 € Restitutio parum certa » Mo. — i
di , ifreri errore Ma. — 2 Legi quoque fortasse potest habites;
acta{e) pro 7*(y)c(A)ene Ma., qui punctum esse in lammina post
acla docuit; sed neque punctum video in imaginibus a Stornaiuolo et
a Mommseno editis, neque sententiam a Mancinio restitutam
intellego. — 3 quodquxd aga[n)t Ma. ; quod [ut\ supplevit S., quod
vero idem videtur atque ut ; hic et in v. 9.1145 omissas prius litteras
supra versum adiectas habes. — 5 Ante memra est littera aut litterae
particuia supervacanea. — 6 cavilo (= capilloi) errore Ma. — 7 supirc
ti ia Ma. — 8 [ve]rba^ {h)alitu(m) Zangemeister Breg.f et apud Mo.,
visu in fine Bormann apud Mo., placuit Mancinio risu{m)^
v(u)Uu{m), mihi certa videntur [ve]rbu(m) et vitu adiecta lineola-,
v(ti)[/]m(m) temptavi. Monuit Vendryes posse ibi divinari vltu eadem
correptione qua non raro in scriptura tuenu pro iuvenis datur,
adiuero pro a(f tuvero ... Stornaiuolo iunxit hunc versum cum
sequenti proposuitque veniriculum{1), — 9 Unus St. recte legit
fulmones in tabella. — 13 ticidos, de t ei d inter se permutatis vide
quae notata sunt ad 129 b 13. — 14-18 Mancinio teste ab altero
homine exarata est pars inferior tituli quinque versua
comprehendens, nee iam malier {Tychene vel Tyche) sed vir
deGgitur. Legit ergo : Dii i{n)feri, si il{t)ud videro tabescente{m)y
vobis sa(n)ctu{m) il{l)ud [l]ibe{n)s — t/(/}ita solv{e)ro ; Mommsen
et Wuensch : si iUa{m) — vobis sacrificiu{m) lubens — il(L)'iu[s]
voveo(^) ; Stomaiuolo supplevit [t//ani], postea 15 vobe (zizvovi)
sa(n)clu(m) il(l)ud |^mert/o?] — 14 e//am pro t7/am scriptum fuisse
posse observavit Zangemeister, collato 104, 3. — 15 sactificiu pro
sacrificiu Z., audacter minis. — 16 dibus (= diis) parentibus^ in titulo
probabiliter Capuano (C /. /.., 1, 1241 = X, 4255) sepulcrum dicitur
deitinferum parmtum sarmm, Fuisse diis manibus a deOgente voti
compote paren 
 MINTUHNAK LATIUM 251 tatum una haec indicat tabella. —
18 Peculiu placuit Mancinio nomen esse cuiusdam inimici servi qui,
postquam Tychenen in priore parte defixisset, ipse fuerit in altera vel
a Carisio, Tychenae contuge, vel ab ipsa Tychene defixus ; quod
plane faisum esse demonstrant quae sunt ad 192 in fine disputata.
Utrum igitur verbum tabescere transitive necne adhibeatur non
liquet; cf. 195. 5. Ter adjiellari deos inferos (v. 1.4.14) non temere
sed magico ritu iudicavit Stornaiuolo. Si^riiium marmoreum una cum
tilulo repertum imaginem Tychenae fuisse suspicatus est S., negavit
W. ; « Ules enim, ait, imagines nec marmoreae neque artificiosae
erant, sed rudes et cereae aut laneae. » Idem tamen vir doctissimus
nuper (Puppe) publici iuris fecit plumbeam defixi cuiusdam hominis
effigiem et de aenea memoravit (de his statunculis disserui supra ad
finem cap. III) ; unde probabilior, non certa, fit Stornaiuoli
coniectura.
The text on this page is estimated to be only 20.98%
accurate

CAMPANIA CALES 191. Sofj^linno, Notizie degli scavi, 1883,

p. 'HS; C. Mancini Atii (ieila /?. Accademia di arclieologia, lettere e
helle arii^ Nnpoli, iSSiiSBG, XII. pars 2, p. 73-70. tah. III, 1; Ilim,
Ephem.j VIII, p. 133, n. r)2i>, acn' inrisani adcxeniplar Miancinii;
Wucnsoh, Fiucht., 8, p. 239; vl'. Ihin, lihein. Mus., XLIX, 1894, p.
317. In lammina opisthographa quae tribus hastis latis m. 0,02,
longis m. 0,09 constat, mter se cohaerentihus dispositisque ut infra
habes versus ordinatos (de forma tabellae vide />. T. A., 131).
Reperta est CaHbus [Caivi /iisorla), inter rudera humilis sepulcri iuxta
monumenta aetatis Tiberianae ; exstat Capuae in museo (W. lapsu
calami c in das Museo Campana >^). A B ASVa O • l^3ilNI • lliia
NASANO-lllia 1 cc o t tc z QVARTAII-SATIAII ;;;tiirtia'SALVIa
 CALIilS CAMPANIA 253 Defixio inler amatorias reputanda.
Audaciiis quam par est Mancini sic restituit : Dii inferi, C[aium)
Babu[Uiu[m) C{aii) /ilium, el fol{u)r{am) e[i)m Terliam Salviam^
Quartac Satiae (/iliam), recipite inferis ; \ctau]dite domu[m) suam ;
fotura/wque, ait, u verrebbe a signincare la liscaldatricey in scnso
erotico »; vult praeterea idein lamminam in phalli speciern
informatam fuisse. Reclius Sogliano, etsi interdum et ipse a vero
abest : Dii inferi C. /Jahuitum e.t forl eus Tertia Salutaris] Quartae
Satiae recipite infeiis pie soynusum. Wuensch interpretatus est : /fil(\
infcri : C. //ahulium et /^ \vont\in[u\s Tertia Salvia. Dite, \pr
om[i\s[s)um Quartae Satiae recipite inferis. Huecheler tandem (apud
Ihm, Kpliem,) rem paene perspexisse videtur : € /Jii inferi C,
/hibullium et /'otr[ivem) eius — euis est in lammina — Ti'rtia[ni)
Salvia[m) : Quartae satiavi\t\ (id est Terlia Babullio satietalem creavit
Quartae ideoque Quarta utrumque devovet) : recipite iiiferisj Uilr^
\d]omum tuam. Hoc enim puto in lammina esse, non dom[u)
vivam... Optat ut di inferi eos recipiant locis inferis, Dis ad se ». A. —
Ut Wuenschio ila inihi /Jite esl in plumbo, vocativus ex Dis quem
le;,Mmus et in altera tabella Romana (0. 7'., 139, 12). — Ba'
buUum^ interpungi putat W., ut difficilius curiosis verum appareat
nomen. Gens /iabuliia nota erat in Campania ; cf. C. I. /-*., X, ad
indicem nominum. — Vix concedas Fotrinis pro /*yontinus perperam
fuisse positum; subiecit etiam qui ita emendavit W. Fonteius subesse
in titulo. Tertia Salvia nominativo dari non absurdum est^ nec raro in
graecis defixionibus sic una adhibentur nominativus et accusativus
[D, 7'., 53 b; 58-59; 71; d. />. T. .4., 141 a). B. — Sniia nomen, si
cum Wuenschio lacis, non est in ea regione inauditum (cf. C. /. A., X,
4989 a). — promissum — infensy id est : « nehmt die Verheissung
der Quarta Satia in die Unterwelt », nam delixa promittitur inferis
Satia ; minime de sponso (promisso) res hic agitur. W. Immo ne
promissum quidem fuisse in plumbo exaratum conlenderim. —
recipite dixit magus quanquam unum Ditem adloquitur, sed /Jitc,
infrri in allero latere inscripta tum quoque in mente habet.
Animadvertendum est lineolis non punctis usum fuisse qui titulum
confecit ut vocabula aut syllabas distingueret.
The text on this page is estimated to be only 22.52%
accurate

254 CAMPANIA capua CAPUA 192. Fahivlli, C /. /.,2749, tab.

XLVIII; Zvetaieff. %//. 49, tal). VII, II. "); Inscr., 128; De<;cke,
Vermvth.^ 22; von Planla, Gnim., II, |). 5!7, 629-631, ii. 129;
Corssen, Ep/iem. epigr,, II, |). 158, II. I ; 'Aeii^chrift fnr
verf/leichcnde Sprachforschung a Kuliiiio iMlila. XI, |). 338-363;
Mincrvini, Cap,, tah. VIII. n. 1 ; Waclisiiiutli, Kurk., |). 365 K;
Ilusclike, Dia/ekt.; Fiorelli, Cat. l, |). 37, n. 137; Wueiisch, /). T. A.^
prael'., p. xxiv; cf. Pascal, p. 4. Tabella alta m. 0,072, lata m. 0,175,
a Simmaco Dona reperta convoluta a. 1857, in sepulcro aetatis
romanae oppidi 5. Maria di Capua Vetere, cum titulo dextrorsum
scripto ; c nicht nach 80-40 v. Chr. ^esetzt werden darf » Buecheler
(Osk., p. 74). Exstat in museo Neapolitano (12140). Ita
descripserunt et verterunt ZvelaiefT stfui klum ' virriis tr /Itipiu •
virriiis pl asis ' bivellis uppiis ' helleviis luvikis . tUitavis staliis ' gaviis
• nep • fatium • nrp • deikum • putians lavkis uhlaois • nuveUuni
vclliam • ne/> • detkum nep • falium puliad nep ' memnim • nep •
nlatn • sifei • keriiad Stenius Glumnius (?) Virrius Trehius — Virreius
Pl. Assius Bivelhus Oppius Hellevius .'> Lucius Octavius ly
The text on this page is estimated to be only 26.31%
accurate

CAPUA CAMl»ANIA 255 Statius Gavins nec fari nec dicere

possini. Luciiis Octavius Novellum Velliam (exsecraiur) nec (iicere nec
fari possit, ncc inonumentum neque ollam sibi velii. von Planla sleni
klutn • viniis Ir ' apfii • vin'iiis jtldsia • hivoAlis ftppiis heUeviis :')
Inoikis ' nhlnvis slaiiis • rjaviis • nep - fatium • nep • dfikum •
piUians Invkis • ('(hlavis • nuvellum velliam • ni'p • dt^ikum ncp •
/alium pttliud tirp ' inrmniiii • nen • iHam • sifci • hrriiatl Slenius
Glum. Vn^rius 7V. -ro 'Virreius Pl. .Ixius Biveilius Oppius Helvius r>
Lucius Octavius Statius Gavius nec fari nec dicere possini. Lucius
Octavius /Vovellum ' VeUiam nec dicere nec fari possit nec
monumenium nec ollam sibi capiat. In priore lituli parte (v. 1-6) petit
a diis qui scripsii ne sex sibi adversarii homines loqui iam possint ;
apparet inde ei e v. 8 iudiciariam esse defixionem. De parte altera (v.
7-9) vide quae sunt infra disputaia. I sie t\\ C., 5/671. M., Wa.; lat.
Clum.i^) C; Ar/um. cognomen decurtatum, de Clutncnus cogitat Pl.
— 2 Flapiu « lectio dubia ei quomodo latine reddi possit, parum
liquet. > Z. /rwcr. ; flapiu^ Virreiis, lat. Trehia Flavia Virrii {uxor) M.,
Wa. ; Stl{*!)apin, st (pvo f) « cum ipsius lamminue scriptione
consentire dubiianii mibi nuper affirmavit G. de Petra > C, lat.
Trehius — ius Vin-eius C ; post tr fuisse poiesi * vel 7. deinde la vel
una tantum littera « aut /«, ibique dantur ei decurtatum sive
cognomen (cf. v. 1) sive gentilicium et posiea gentilicium inlejrrum.
—3 /^/(?) C; lat. Nau/ms (?) ,lariM«(?) M., Wa. ; uirum Pl.
 25G CAMPANIA aPUA Asis [Axiusl .tr/wA?) an Plasis
[Piarius) sit legendum incertum est. Pl. — 4 lu'Hevi[i s, lat. Ileivius C;
Heivius quoque M., Wa. — 5 Luvicis M., \Va. — 6 fjaaviis C. ; piUeans
M., Wa. ; de formula quae in hoc versu et in 8 continelur, cf. D. 7'.,
139, 2-3.6. — 7 Luvcis M., Wa. ; uhtavis C. — 8 potiad Pa. — 9 Lat.
olam Pa. ; capiat C, D.; nec memoriam nec oiiam sibi habeat M., Wa.
; significatur his verbiB : insepultus iaceat; conlulit Pl. ad memnim
(= memona = sepulcrum) C, /. A., IX, p. 811 et X, p. 1189. Skutsch
notat apud Wu., ad n. 1 : c sunt de quibus vehementer dubitem,
velut monumentum et oiia et nominum, quae creduntur propria,
ratio interdum permira. » De altera tituli parte (v. 7-9) maximeque
de v. 7 coDtendunt viri docti, quanquam in hoc omnes consentiunt
eiusdem Lucii Octavii nomen in v. 5 et 7 iteratum fuisse. Quod cum
animadvertisset Minervini praetereaque duas esse inscriptionis
partes linea divisas, coniecit L. Octavium postquam percepit se cum
ceteris iuxta positis fuisse devotum, noD rupisse lamminam neque
quolibet modo delevisse, aed ut ulcisceretur inimico eadem fuisse
usum in qua ei, hoc est Novello Velliati^ diras nirsus precaretur ;
quapropter, non dissentiente Zvetaieffo, interpretatus est : 7 Lucius
Octavius {imprecatur) Novellum Velleiatem, Vicissim ergo L. Octavius
et Novellus Vellias defigunt et defiguntur. Procul a vero abhorrere
hanc intellegendi rationem decrevit Huschke et ipse longe aliter
explicavit atque ceteri : Slr ha vel hn\ldum • virriis trugivapui • virriiis
piasis ' biveiiis uppiis ' heilevis F> iuvikis ' uhtavis statiis ' gaviis •
nep • fatlum • nep - deikum • pulians iuvkis • tfhfavis • nuveliium
veiiiam • nep • deikum nep • fatium piitiad nep • memnim • nep •
ulam • sifei • heriiad Defixio • Virrius Trucivapida Virreis, Plasius
Bivellius, Oppius Helvius, 5 Lucius Octavius
 CAPUA CAMPANIA 257 Statius Gavius neque respondere
neque dicere possint. Lucius Octavius, denuo velim, neque dicere
neque respondere possit nequc memoria neque aula sibi potiatur. 1
Virrius nomen est daemonis cuiusdam masculinum. — !2 Vvreis
simile nomen femininum ; trucivapidaj Virreis cognomen, quod est «
horrendum quid et letale spirans ». — 9 Lat. memoria pro
monumento sumitur ; aula, c an einer Stelle unter der Erde ein
Todter seine aula hat. » — Ut, neglectis quae de v. 1-2 commentus
est Huschke, cetera contemplemur, duplicem esse in lammina
defixionem docuit, quarum altera (v. 1-6) quattuor homines inferis
diis mandantur Bivellius, Helvius, Octavius, Gavius, altera Octavius
utpote devoventi infensissimus iterum obligatur neque in hac tantum
sed et in futura post mortem vita. Quae sensit Planta de hac inter
Minervinium et Huschkium haud facile componenda lite repetere
operae pretium est : « Wie soll man sich, von allem anderen
abgesehen, vorstellen, dassLucius Octavius [ut placuil MinerviniOj
das Blei, in welchem er selbst verwQnscht war, dem Grabe
ubergeben habe, ohne wenigstens seinen eigenen Namen zu
zerslOren? Wenn in Nuvellum Velliam Eigennamen vorliegen [in quo
unus repugnat H.], so muss dahinter ein anderes Verbum, z. B.
reddat (wenn es sich um einen entfuhrten Sklaven oder dgl.
handelt...) oder abhovreat, detesletur oder dgl. [cf. D. 7*., 139, iA
odio sit.,,] erganzt werden. Will man dies nicht, so bleibt wohl nur
ubrig, mit Huschke nHvellum velliam als denuo velim zu deuten. » a
Aulumno anni 1875 Neapoli apud Bourguignon negotiatorem
argentariuni exemplar alterum vidimus tam simile huic inscriptioni, ut
falsum id esse appareret. Quod idem de Petra et Minervini viri artis
epigraphicae peritissimi per litteras nos docuerunt. » Z. Syll. 193.
(lainurriiii 930; ZvelaiclT, St/ll., 50, rf. |». 152 sq., cuin lai)ula; /nscr.y
129; Dcccki». Verpnnlh,2{; voii Planla, Gram.,II, |).:;i:;s(|.,G25-G29,
n. {28\Bleilafely\K 438; Buccliclcr, OsA.,cum iinaj^inr lilhoyrapliica ;
Brcal, Revue criiique^ 1878, I, p. 89-92; Bu.ii^-c; Ilusclikc;
Sclirunipf; Pascal; Wucnsch, D. T. A.j pracf., |). XXIV ; F. Skutscii,
ibid.^ m adnotalione 1 ; cf. von Duhn. 17
 258 CAMPANIA capua Tabellam opisthographam, altam m.
0,08, latam m. 0,22, supero sinisiroque margine mutilam, a Carolo
PaiurelH et fratribus Pcucale repertam convolutam mense Aprili a.
1876 in quodam sepulcro osco, in vico Curti, prope .S\ Maria di
Capna Velerey comparavit Fridericus von Duhn et Buechelero misit;
qui dum eam explicat rupta est, nulto vero litterarum detrimento.
Adservatur in museo Neapolitano a Buechelero dono data (von
Duhn, p. 22). Exarutam fuisse altero a. Chr. n. ineunte saeculo visum
est eidem viro doctissimo (p. 76) et Buggeio (p. 60). Cum dissentianl
in multis locis viri oscae linguae perili qui titulum tractaverunt, quae
le^it quisque et excogitavit referre potius duxi. Unum apud omnes
constat, fuisse hac lammina defixum Ecribentis inimicum. Immo, si
plerisque credere licet, a Vibia Aquia Cereri Ultrici eiusquc comilibus
diis mandatur Pacius Cluvatius quod ei aliquid sustulit, sive filiolam
(Buecheler), sive « ministrum > (Bugge, von Planta), sive c poculum
»^(Huschke, Deecke),ut torqueatur omni suppliciorum geneie.
The text on this page is estimated to be only 5.19%
accurate

CAPUA CAMPANIA 259 Buerholor, p. 70 sq. i I ~ 2 «^ I "^

f^ C '^ '^ ' ^ • .«, •»» v> 5 ? 3 c «^ ^ •• r* t«« »^ • •w '5 --. a -S
^ i:: *- ir^ ■ 2 r3 ^ cr :: '^ ^ 5 3 o ^ 2 u ^ 1.1« O co — 7) o I PS
o 7J 0) co I i2 CO P « .^ •S -^. • s •«. -ic g 5 3 rc: w> c "^ c»» «/)
•« ^S -^ "" ?= 5« c "^ '^ ^ S s C- « 3 ^ 3 3 '2 -. 3 3 ^ -s: e •n* 3
V « 3 ?^ 3 '•c •*< « =^ S is •:r *s a. o <^ ^ 3 ** ^ 5 ,ci,-< ^ « o
•S 3 5 5- 2 -< *^ ^^ <*> <•» ^^ •■^«w •'<<3C ~_ 3 3 • -^ — i
•* i J^ • -^ .*• **■ 3 •^ ••^ r* 3 3 •.^ 3 i-C^ 3 ^ ^ 3 vj 3 2 3 3 3
-^C T' :-. -.^ — 2? 3 ~ » a .^ 3 ■'» 3 ^ •itf ..« ^ : li ^» .*» i^ 3 *-
3 t 3 3 - - 3 §"• 3 ^:^ ~ 3 a 3 3 Ji 2 .^ *- - 3 . ::^ 5 3 ^ i^ ^ .i ~ 3
o 3 <• — ^ C f^ 'N •"» >^ . ** .:: S u o ' ^ co co wr: li Versum in
parle exleriore lamminae exaratum paene .similem esse primo
inleriorisdocuil Buecheleret in hunc modum restiluit (p. 67sq.) :
 260 CAMPANIA capua Keriarenlik'n'i,.,] pai pui suva lyeriam
l]egin[um — ] krus\talar ?] quod sic fere verlas : Cereri ultrici . . .
quae qui suum arbitrium potestatem — cruentetur Buecheleri
interpretationem et commentationem damnavit Br^al : u il faut
avouer qu*il n*a gu^re jet^ de lumi^re sur (ce texte) ; apr^s avoir
lu les soixante-seize pages qu*il lui consacre, nous ne sommes pas
encore siir qu'il ait exactement vu le sujet » ; ipse tamen vix
dimidium versum correxit nedum totum titulum emendaret : f) inimk
axs patar inimk ais fnatar = ilem eius (Yibiae) pater, ilem eius mater.
At Bugd^e, Huschke, Deecke sibi magis fidentes tabellamque denuo
et seorsum aggressi quas infra retuli lectiones proposuerunt.
The text on this page is estimated to be only 9.85%
accurate

CAPUA CAMPANIA 261 Biifrp:!', p. ;)7 s(|. 2 o -^ o o ^ ^ ^

:> ^ •^ 55. Cl _ ^ 3 C "* 3 o -^ 2: 3 ■ ^ S .! « 5 -5 *^ o o « .::r o
2 « 3 *^ o 3 «c «o -2 I — o S 3 3 ~ V. ;^ 3 S2 -i «o « « P ^ 3 a 3
«o a d S 5 s^ ^ «.^ -c> ~ 2: c ** O » 2: c o 5: a, 2 i? 2 s 3 — ■ •<
o ^ 3 5 a Ji !5 3 V s: .2 o 3 ^ c «o 3 0 o «o *9 »< «O 3 «0 ' f«* O 2
> 3 •:: ^ 3 "X3 3 ::: ^ 2 ^.w •= O . 5 ? 3 3 3 - -z "^ 3 &t /^ M
*•«» .B 3 3 3 a. 3 «o >3 vo o c» — "^ Z -^ ^ !0 •^ •- ^ 3 O 5 -^ •
.- .« ^ J3 3 ? "C ^ [3 ^ 3 ^ 's' S 3" ^" §" "2 3 •- 3 - ^ .^ • •. *^ ^
• " -••> ^ ;^ "^ c* 2r v^ ;:; ?^- ^ • :^ o < o --i a .^ a. ^) ^s: 3 o
-c< . ■... o =* «o - i ^ s 3 **- 3 . «• 3 •«« S> 3 V9 ^^ 3 ^ C ^ '^
rj o 3 C^ '-^ S K^ •<••*- ^< • «.* co '^ 3 2^3 .:<;•- O* 3 ;;) 3 «o
3 3 *- ;5 0 «s.^ M 3 £ 9 b» :r -rt co '5 o «> C S ^ s ^ o -^ S ^ S c«
o u M s £ c .z: o w > CO 3 0) £ £ 2 «4.M u 0) 3 w 1 I -!-.= <»> a>
V o o CQ £ :3 co £ a to co o £ a u :3 CL, CQ u u o .2 .s 9i c« eo C s
00 Ui co ca 2 c« S 2 C3 •-• O S O) u O) 0) c O) o o c C •3 • - «0 *i
S. c- ^ 3 a> c« 3 cr CO £ ci c £ 'u 0) u 0) CO >• 3 . • C .2 £ G^ c o
C u u O .C s s .: co C M «0 '/) (O 0 =f o. ce c •» 0 0 0) c C 08 m c 9
u o « £ u ,eQ O *-O u u « bc g •■2 0} s. « "* u Sa> co o; ly .-* 3 2
c ^ •. o .s ^ 'S o c« ^ u c« CL U o co eo a> cd •e etf O u -0) u o S
.2 s c o u 2 D : •^ o I g3 ca c -o S c e« C bo _2 u ^ s CO C C« 3 C u
.-* '^ u « ^-2 s o „ o g 2 c •- ^ cr ^ •« o S -C C C 0) • -• .Z^ bD C
9 4i 0) "u eo C 0) "u O .c o o co 9 TZ rZ ^ ^ O tc a> 0^2 C tii 'T* U
0) o co o c co o eg £ .— j- eo ■3 *flS "O CO Ji' o (/: O O O a> S tc
0) c« £ O 9i co 9 (O c» e« '^ «.* 0) o 9 cr «3 j= o o C 9 O co o O C
co O) s CO cr 9 'u O4 O «^ o C eo - £ o .C s ^ . o • — u to a. u .2 9
^ C tfi c 3 O C 0-^9 (O CQ U > co > CO 4-» > • Z o «^ n o - tt o c
S (2 .5 3 -c G O^ O % < "^ .c a> 0) ••2 9 a c S ctf E? 9 0« o ce a
o. O o c« 9 0) u o .•14 eo a c s s. S^ •"* J5 O *^ C •- £ ^ e« "3 s 3
U s^ § o •« e co S s I « •c 8" ^ u <: £ « 3 ;;^ 9 3
The text on this page is estimated to be only 3.52%
accurate

262 CAMPANIA CAPOA llusclikc, [). 73 si|. 1 «o • ^ • iw ^

•« 1' I Ctf 9 s B 9 w «« 9 ^ .9 o -5- £ a e 0» a> •^ "« '^ c ''^ s «o
~ *9 tfW ^** ^* • •w 9 S -ir ■ ^ vi «^ t-^ 5^ - — ^ ^ '•* v^ '^ e
V 3 2^ fio E t eo 3 •-• •« • ■- •— * e • • "a ^ s r ^ c r- ^i* SS
S'*'!^ •**s^ *^C 2« •■— ^ Tc ^ S -^ •* :s a • ;5 »"^ ? 5 •^ •."^
••w *«w «- 5 S 5 5:.2 ^ ^ ^. s » •5 St si. ;: e ..« *9 o^ c: ^ 5: '•-
^ 2 a :^ •:: ^ *•# - •^s «o «» •^ .^ ^ ^ -^c >: *- M CA *•» .M co
•3 «^ • s> 5 5; «T «9 S ^ • 3 c 50 •5- §• "« -^ -^ . «^ 3 r* e; E\ ^
^ '2 1 J 3 O ^ • ••* «- s. **, 3 "^ •< •* .?. 3 •• ^ 3 -*e IT 3 ^ 1 :
*< eo C tn O o m 9 cd u C o o eo ■o CO 0) 3 •« VJ «0 3 O u o S O)
u "S 0) 2 S-i ^^ .'"^- -^ «r: .iw ^ IC - 2 *— 3 2 ~ -w .2 .« •*- ;X .:
£ e -^ ^ "t5 »2 •£ t C R» »#». -«^ ^ *^ C ^ .^ *••* •• 2 :2 «o <^
~ 5 c f 3 ** 2 «fl 3 . - s: *3 — •— ««N* 3 c>. ,:tf •^ 3 a M O a S O)
ee u s C9 3 co ? s s 3 3 QO •"- e* .«. 5 s: - -2 -^ ^ .^ ^ «^ ^ <^ ?
* ^ ^ «^ i^ '~ » s 3 oT ^ 2 .£ ^ «S ca c 09 5 3° 0) 4; C3 >• C- -^
S 4> O 5 co 0) 2 > '53 u S .. - 3 fcc C "S « 2 CL u 'a £ « 6 «A •-« « s
S • 12 ^ « *« g 3^3 C •-^ «i 3 «> 00 .C^ 3 o «J^ fceo c« v s s -^
^ * .-! U ^ S 0) tO ^ vj ca _^ c •- <« c V) ;#> u S ^ S o.2 -^ cc
^^ .S 'S ^ 1 3 « •55 ^% t E a> ^ «= 3 •« tfi — S 3 3 •^ 3 — • o*
• • 3 •"t: eo crj c g, o ^ c a> «0 a> •• u u « 8 S u ?£ g •- Xa> .2 >
^ 0) .S a c 0 8 1 "" " S 2 S Vi 0) 3 4> cr 3 :2 sr ^ a o* •S •» "S 3 0)
o a ee e« 0) o c 4) 8 ••14 •M 0) •S *s u 3 2 4) O 9) ••14 a> co Cu
m 3 3 O O OD I. S .S u co .3 <-3 T3 C .- 3 •S o '^ s u o u QU co '5«
o c . . 3 s £ S a 2 8 3 «2 ••M 7 •^ e« •^ u » o •.^ o « "5 "^ c 3 O
";?. '-> « 3 -b ^ •^ fiO 3 3 •2 g I ^ I z s a« •« 3 jii ^ .M 5> s § o g
S. g « -S O. 5 S « .!3 S 01 CO •c X. S-,2 § S « 9 0 9 cr cr c •• ••14
«0 3 'c i .2J 3 •S 2 3 ^ co B ^ .5 O" «0 0* S •u "^ JS *2i 3 w 3 a>
cr s .S £ ••? 2 «o .2: .2 1 2 2 3 0) g^|.s cr I •C a c M 3 09 O c ^ '8
CO w u S *^ •S e I S *" 2 fc qj O •s -5 s 8 0) •S S. 2 c o* ^ i •< » S
:s 3 . cr > oJ to s co o 3 n mmm o «•14 u •c *, 0) A, 0> :^ ^ = ::
^^ • «« 3 X s> l 3 r • c/ 3 .- , } • 3 s 3 %> <: (
The text on this page is estimated to be only 6.16%
accurate

CAPUA CAMPANIA 263 c 0) Qi a o o 3 OQ s C > o Q a 8 £ e

£:r^ 1 3 co •a A s 9 08 o u I 0 £ .s o
Welcome to Our Bookstore - The Ultimate Destination for Book Lovers
Are you passionate about books and eager to explore new worlds of
knowledge? At our website, we offer a vast collection of books that
cater to every interest and age group. From classic literature to
specialized publications, self-help books, and children’s stories, we
have it all! Each book is a gateway to new adventures, helping you
expand your knowledge and nourish your soul
Experience Convenient and Enjoyable Book Shopping Our website is more
than just an online bookstore—it’s a bridge connecting readers to the
timeless values of culture and wisdom. With a sleek and user-friendly
interface and a smart search system, you can find your favorite books
quickly and easily. Enjoy special promotions, fast home delivery, and
a seamless shopping experience that saves you time and enhances your
love for reading.
Let us accompany you on the journey of exploring knowledge and
personal growth!

ebookball.com