Blockchain technology is being hailed as one of the most revolutionary and disruptive innovations of today. Blockchain technology was first identified in the world's most popular digital currency, Bitcoin, but now has changed the perception of many organizations and empowered them to use it, even for storage and the transfer of value.
This book will start by introducing you to the common cyberthreat landscape and common attacks, such as malware, phishing, insider threats, and DDoS. The next set of chapters will help you understand the workings of blockchain technology, Ethereum, and Hyperledger architecture, and how they fit into the cybersecurity ecosystem. These chapters will also help you write your first distributed application on Ethereum blockchain and the Hyperledger Fabric framework. Later, you will learn about the security triad and its adaptation with blockchain. The last set of chapters will take you through the core concepts of cybersecurity, such as DDoS protection, PKI-based identity, 2FA, and DNS security. You will learn how blockchain plays a crucial role in fundamentally transforming cybersecurity solutions.
Toward the end of the book, you will learn about real-world deployment examples of blockchain in security cases, and also understand the short-term challenges and the future of cybersecurity with blockchain.
The book is targeted toward cybersecurity professionals, or any stakeholders dealing with cybersecurity who want to understand the next level of securing infrastructure using blockchain. A basic understanding of blockchain would be an added advantage.
Chapter 1, Cyber Threat Landscape and Security Challenges, covers the emerging global cyber threat landscape, what is making threats stronger and more sophisticated, and the defender's perspective, including governments; International Security Alliance (ISA); and industry alliances, corporations, executives, Chief Security Officers (CSOs), and security analysts.
Chapter 2, Security Must Evolve, describes some serious and urgent changes in the security mindset, such as the zero-trust approach, breach acceptance, and changes in the security foundation.
Chapter 3, Introducing Blockchain and Ethereum, describes blockchain from its birth and its continuous adoption in various industries and verticals. We will also get to know how organizations are using blockchain to solve their problems.
Chapter 4, Hyperledger – Blockchain for Businesses, introduces you to the Hyperledger project, with its open source collaboration, and develops a cross-industry blockchain technologies. It also provides a demonstration of the deployment of dApps with Hyperledger peers.
Chapter 5, Blockchain on the CIA Security Triad, explains that any security measures are designed to protect one or more facets of the CIA triad, and therefore it's a smart way to adapt blockchain in the underlying security foundation, such as enterprise key and certificate management, encryption, and access control.
Chapter 6, Deploying PKI-Based Identity with Blockchain, covers the real-world deployment of Blockchain in security cases with current state review, protocol implementation, architecture, structure, and API client integration.
Chapter 7, Two-Factor Authentication with Blockchain, contains insights into the components and workings of two-factor authentication. At the end, we will get to see how a decentralized two-factor authentication system can be built with an Ethereum blockchain.
Chapter 8, Blockchain-Based DNS Security Platform, discusses existing DNS infrastructure, challenges, and how blockchain helps to build a more robust and secure decentralized DNS infrastructure.
Chapter 9, Deploying Blockchain-Based DDoS Protection, covers the impact of a DDoS attack, its anatomy, challenges with existing DDoS protection solutions, and how an Ethereum blockchain can transform your DDoS protection platform.
Chapter 10, Facts about Blockchain and Cyber Security, covers some potential challenges with the blockchain system, such as node theft, the availability of distributed nodes, malicious code injection into a distributed ledger, reputation risk, target reconnaissance, and bypassing the offboarding and onboarding procedure.
The hardware requirements are as follows:
- Ubuntu 16.04
The software requirements are as follows:
- Linux
- Node.js
- Truffle
- Ganache-CLI
We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it from https://www.packtpub.com/sites/default/files/downloads/HandsOnCybersecuritywithBlockchain_ColorImages.pdf.
There are a number of text conventions used throughout this book.
CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "This folder include our smart contract, TwoFactorAuth.sol."
A block of code is set as follows:
forward-zones=bit.=127.0.0.1:5333,dns.=127.0.0.1:5333,eth.=127.0.0.1:5333,p2p.=127.0.0.1:5333 export-etc-hosts=off allow-from=0.0.0.0/0 local-address=0.0.0.0 local-port=53
When we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:
$ node registerAdmin.js
//File Structure Tuna-app/tuna-chaincode.go
Any command-line input or output is written as follows:
sudo apt-get update sudo apt-get install git npm sudo apt-get install nodejs-legacy
Bold: Indicates a new term, an important word, or words that you see onscreen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "We need to set the environment field to the Web3 Provider option."
Feedback from our readers is always welcome.
General feedback: Email [email protected] and mention the book title in the subject of your message. If you have questions about any aspect of this book, please email us at [email protected].
Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.
Piracy: If you come across any illegal copies of our works in any form on the Internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.
If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.
Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!
For more information about Packt, please visit packtpub.com.
The information within this book is intended to be used only in an ethical manner. Do not use any information from the book if you do not have written permission from the owner of the equipment. If you perform illegal actions, you are likely to be arrested and prosecuted to the full extent of the law. Packt Publishing does not take any responsibility if you misuse any of the information contained within the book. The information herein must only be used while testing environments with proper written authorizations from appropriate persons responsible.