Cyber Defense Mechanisms: Security,

Privacy, and Challenges 1st Edition

Gautam Kumar
Visit to download the full and correct content document:
https://textbookfull.com/product/cyber-defense-mechanisms-security-privacy-and-chal
lenges-1st-edition-gautam-kumar/
More products digital (pdf, epub, mobi) instant
download maybe you interests ...

Biota Grow 2C gather 2C cook Loucas

https://textbookfull.com/product/biota-grow-2c-gather-2c-cook-
loucas/

Security and Privacy in Cyber-Physical Systems First

Edition Houbing Song

https://textbookfull.com/product/security-and-privacy-in-cyber-
physical-systems-first-edition-houbing-song/

Adversarial and Uncertain Reasoning for Adaptive Cyber

Defense Control and Game Theoretic Approaches to Cyber
Security Sushil Jajodia

https://textbookfull.com/product/adversarial-and-uncertain-
reasoning-for-adaptive-cyber-defense-control-and-game-theoretic-
approaches-to-cyber-security-sushil-jajodia/

Mobile Security and Privacy Advances Challenges and

Future Research Directions 1st Edition Man Ho Au

https://textbookfull.com/product/mobile-security-and-privacy-
advances-challenges-and-future-research-directions-1st-edition-
man-ho-au/
DIGITAL FORTRESS NAVIGATING CYBER THREATS MASTERING T
ART OF ONLINE SECURITY AND PRIVACY 1st Edition David
Goodlin

https://textbookfull.com/product/digital-fortress-navigating-
cyber-threats-mastering-the-art-of-online-security-and-
privacy-1st-edition-david-goodlin/

Challenges to Internal Security of India ( Includes

Disaster Management) Ashok Kumar

https://textbookfull.com/product/challenges-to-internal-security-
of-india-includes-disaster-management-ashok-kumar/

Cyber Security for Cyber Physical Systems 1st Edition

Saqib Ali

https://textbookfull.com/product/cyber-security-for-cyber-
physical-systems-1st-edition-saqib-ali/

Antibiotics Challenges Mechanisms Opportunities 1st

Edition Christopher Walsh

https://textbookfull.com/product/antibiotics-challenges-
mechanisms-opportunities-1st-edition-christopher-walsh/

Security And Privacy Joseph Savirimuthu

https://textbookfull.com/product/security-and-privacy-joseph-
savirimuthu/
Cyber Defense
Mechanisms
 Artifcial Intelligence (AI): Elementary to
Advanced Practices
Series Editors:
Vijender Kumar Solanki, Zhongyu (Joan) Lu, and Valentina E. Balas

In the emerging smart city technology and industries, the role of artifcial intelli-
gence (AI) is getting more prominent. This AI book series aims to cover the latest AI
work, which will help the naïve user to get support to solve existing problems and for
the experienced AI practitioners, and assists to shedding light for new avenues in the
AI domains. It covers the recent work carried out in AI and its associated domains,
logics, pattern recognition, NLP, expert systems, machine learning, blockchain, and
Big Data. The work domain of AI is quite deep, so this book discusses the latest
trends which are evolving with the concepts of AI and helps practitioners, students,
researchers, and those who are new to this feld to gain some new insights.

Cyber Defense Mechanisms

Security, Privacy, and Challenges
Edited by Gautam Kumar, Dinesh Kumar Saini, and Nguyen Ha Huy Cuong
Artifcial Intelligence Trends for Data Analytics Using Machine Learning
and Deep Learning Approaches
Edited by K. Gayathri Devi, Mamata Rath, and Nguyen Thi Dieu Linh

For more information on this series, please visit: https://www.crcpress.com/

Artificial-Intelligence-AI-Elementary-to-Advanced-Practices/book-series/
CRCAIEAP
 Cyber Defense
Mechanisms
Security, Privacy, and Challenges

Edited by
Gautam Kumar, Dinesh Kumar Saini, and
Nguyen Ha Huy Cuong
First edition published 2021
by CRC Press
6000 Broken Sound Parkway NW, Suite 300, Boca Raton, FL 33487-2742

and by CRC Press

2 Park Square, Milton Park, Abingdon, Oxon, OX14 4RN

© 2021 Taylor & Francis Group, LLC

CRC Press is an imprint of Taylor & Francis Group, LLC

Reasonable eforts have been made to publish reliable data and information, but the author and
publisher cannot assume responsibility for the validity of all materials or the consequences of
their use. Te authors and publishers have attempted to trace the copyright holders of all material
reproduced in this publication and apologize to copyright holders if permission to publish in this
form has not been obtained. If any copyright material has not been acknowledged please write and
let us know so we may rectify in any future reprint.

Except as permitted under U.S. Copyright Law, no part of this book may be reprinted, reproduced,
transmitted, or utilized in any form by any electronic, mechanical, or other means, now known or
hereafter invented, including photocopying, microflming, and recording, or in any information
storage or retrieval system, without written permission from the publishers.

For permission to photocopy or use material electronically from this work, access www.copyright.
com or contact the Copyright Clearance Center, Inc. (CCC), 222 Rosewood Drive, Danvers, MA
01923, 978-750-8400. For works that are not available on CCC please contact mpkbookspermissions@
tandf.co.uk

Trademark notice: Product or corporate names may be trademarks or registered trademarks, and are
used only for identifcation and explanation without intent to infringe.

ISBN: 978-0-367-40883-1 (hbk)

ISBN: 978-0-367-54096-8 (pbk)
ISBN: 978-0-367-81643-8 (ebk)

Typeset in Times
by codeMantra
Contents
Preface......................................................................................................................vii
Editors.......................................................................................................................ix
Contributors ..............................................................................................................xi

Chapter 1 Security Threat Analysis and Prevention towards Attack Strategies... 1

Suman De

Chapter 2 Defense against the Survivability to Network Strategies................... 23

K. V. S. S. S. S. Sairam, Shreyas Arunesh, K. Pranava Bhat,
K. Sarveswara Rao, and K. Annapurna

Chapter 3 Defense Mechanism to Self-Adaptive Cyber-Physical Security

Systems............................................................................................... 33
Pati Prasanthi, Gautam Kumar, and Anuj Kumar Goel

Chapter 4 Secure Channel Allocation in Cognitive Radio–Wireless

Sensor Networks................................................................................. 47
S. Mangairkarasi and D. Arivudainambi

Chapter 5 Security Issues in IoT Networks......................................................... 63

Dinesh Kumar Saini and Amna Al-Sdidi

Chapter 6 IoT Ecosystem Implications to Real-World Security Scenario .......... 75

Dinesh Kumar Saini and B. Y. Sandhiyaa

Chapter 7 Design Principles and Privacy in Cloud Computing.......................... 85

Mohammad Wazid and Ashok Kumar Das

Chapter 8 Big Data Analysis on Smart Tools and Techniques ......................... 111
Jabar H. Yousif and Dinesh Kumar Saini

Chapter 9 Lightweight Security Protocols for Blockchain Technology ........... 131

Jangirala Srinivas and Ashok Kumar Das

v
vi Contents

Chapter 10 Privacy and Challenges to Data-Intensive Techniques .................... 157

Pati Prasanthi, Gautam Kumar, Sheo Kumar, and
Mrutunjaya S. Yalawar

Chapter 11 Dynamic Modeling on Malware and Its Defense in Wireless

Computer Network Using Pre-Quarantine....................................... 171
Yerra Shankar Rao, Hemraj Saini, Ranjita Rath,
and Tarini Charan Panda

Chapter 12 Privacy Preservation Algorithms on Cryptography for AI

as Human-like Robotic Player for Fighting Game Using
Rule-Based Method.......................................................................... 185
Mohammad Farhan Ferdous

Chapter 13 Web-Based Smart Agriculture System ............................................ 197

Rachna Jain, Meenu Gupta, and Shivam Singh

Index...................................................................................................................... 213
Preface
Security and privacy is one of most crucial, in this digital age, for all of us in daily
human being life. To deal the same with tools and technologies is one of the big chal-
lenges, because so many attacks are reported in all kinds of computer systems and
networks. It is becoming increasingly important to develop robust, adaptive, scal-
able, and reliable security and privacy mechanisms for applications and its related
areas. In relation to the same, it is imperative to understand the fundamentals with
recent attacks such as cyber security principles, vulnerabilities, and handful and
optimized solutions used as defense mechanisms. The security mechanisms are pre-
sented to mitigate negative implications associated with cyberattacks and privacy
issues in various technologies. The objective of this book is to collect and address
a variety of problems in relation to cyberdefense mechanisms, because in the fast
growing environment, the research trends in this area are always having a great
demand in the form of prospective cyberdefense cryptographers and most to car-
rier buildings. The contributors are addressing theoretical and practical aspects to
security mechanisms, challenges, and opportunities. This book aims is to attract
graduates/postgraduates/researchers/practitioners who are working in computer
science and information technology.
The overall objectives covered are as follows:

• To improve the awareness of readers about recent security attacks, preven-

tion strategies applied, and existing mechanisms.
• To analyze and present the state-of-the-art survivability to network
strategies.
• To address defense mechanisms to self-adaptive cyber-physical security
systems and wireless sensor network (WSN).
• To improve security solutions and address issues in IoT network and system
implications to real-world security scenario.
• To provide a broad look on Big Data Analysis tools and techniques as a
solution to defense mechanisms.
• To analyze and present the state-of-the-art lightweight solution security
technique approach, as defense mechanisms, using blockchain technology.
• To discuss an innovative privacy and challenges to data-intensive techniques

vii
Editors
Dr. Gautam Kumar is currently working as Associate
Professor at CMR Engineering College, Hyderabad, India.
He received his PhD degree in computer science and engi-
neering from Jaypee University of Information Technology,
Himachal Pradesh, India, in 2017. He did his M.Tech in
Rajasthan Technical University, Kota, India, in 2012, and
B.E. in Rajiv Gandhi Proudyogiki Vishwavidyalaya, Bhopal,
India, in 2005. He has the academic experience more than
14+ years. His research interests are in the feld of cryptogra-
phy, information security, design and analysis of algorithms.
He has published more than 25 research journals and conferences papers of repute
in Science Citation, Scopus, and indexed journals and conferences. He has handled
various responsibilities as a president of Institute’s Innovation Council, Ministry of
Human Resource Development (MHRD), India, and a Convenor/SPOC of Smart-India
Hackathon, New Delhi, India. He is a reviewer of (i) Security and Communication
Networks, John Wiley & Sons and Hindawi, (ii) The Computer Journal, Oxford
Academic, and many reputes of IEEE/ACM international conferences.

Dr. Dinesh Kumar Saini is working as acting Dean and

Associate Professor in the Faculty of Computing and
Information Technology since 2008. Prior to this, he worked
in the King Saud University, Riyadh, Saudi Arabia. His major
area of research is data engineering, environmental informat-
ics, agent technology, security, software Systems, content
management systems, learning objects, and higher education.
He has published manuscripts extensively on mathematical
modeling in cybersystems, malicious object propagation,
immune system design, and environmental informatics.

Dr. Nguyen Ha Huy Cuong obtained his doctorate in com-

puter science/resource allocation cloud computing in 2017
from the University of Da Nang, Vietnam. He has published
over 50 research papers. His main research interests include
the resource allocation, detection, prevention, and avoidance
of cloud computing and distributed systems. He serves as
a technical committee program member, track chair, ses-
sion chair, and reviewer of many international conferences
and journals. He is a guest editor of journal International Journal of Information
Technology Project Management (IJITPM) with special issue on “Recent Works
on Management and Technological Advancement.” Currently, he is working at the
University of Da Nang—College of Information Technology, Vietnam.

ix
Contributors
Amna Al-Sdidi Suman De
Faculty of Computing and Information Developer
Technology SAP Labs India Pvt. Ltd.
Sohar University Bangalore, Karnataka, India
Sohar, Oman
Mohammad Farhan Ferdous
K. Annapurna Department of Information Science
Department of Computer Science & Japan Advanced Institute of Science
Engineering and Technology
Canara Engineering College (Affliated Ishikawa, Japan
to VTU, Belagavi, India) Japan-Bangladesh Robotics &
Benjanapadavu, Mangalore, India Advanced Technology Research
Center (JBRATRC)
D. Arivudainambi Dhaka, Bangladesh
Department of Mathematics
Anna University Anuj Kumar Goel
Chennai, Tamil Nadu, India Department of Electronics &
Communication Engineering
Shreyas Arunesh CMR Engineering College
Department of Electronics and Hyderabad, Telangana, India
Communication
NMAMIT (Autonomous and Affliated Meenu Gupta
to VTU, Belagavi) Department of Computer Science and
Karkala, Karnataka, India Engineering
Chandigarh University
K. Pranava Bhat Chandigarh, Punjab, India
Department of Electronics and
Communication Rachna Jain
NMAMIT (Autonomous and Affliated Department of Computer Science and
to VTU, Belagavi) Engineering
Karkala, Karnataka, India Bharati Vidyapeeth’s College of
Engineering
Ashok Kumar Das Delhi, India
Center for Security, Theory and
Algorithmic Research Gautam Kumar
International Institute of Information Department of Computer Science and
Technology Engineering
Hyderabad, Telangana, India CMR Engineering College
Hyderabad, Telangana, India

xi
xii
Sheo Kumar
Department of Computer Science and
Engineering
CMR Engineering College
Hyderabad, Telangana, India
S. Mangairkarasi
Department of Mathematics
Anna University
Chennai, Tamil Nadu, India
Tarini Charan Panda
Department of Mathematics
Ravenshaw University
Cuttack, Odisha, India
Pati Prasanthi
Department of Computer Science and
Engineering
Stanley College of Engineering and
Technology for Women
Hyderabad, Telangana, India
K. Sarveswara Rao
NMAMIT (Autonomous and Affliated
to VTU, Belagavi)
Karkala, Karnataka, India
Canara Engineering College (Affliated
to VTU, Belagavi)
Benjanapadavu, Mangalore, India
Yerra Shankar Rao
Department of Mathematics
Gandhi Institute of Excellent
Technocrats
Bhubaneswar, Odisha, India
Ranjita Rath
Department of Mathematics, Gandhi
Institute of Engineering Technology
University Gunupur,
Gunupur, Odisha, India
Contributors
Dinesh Kumar Saini
Faculty of Computing and Information
Technology
Sohar University
Sohar, Oman
Hemraj Saini
Department of Computer Science and
Engineering
Jaypee University of Information
Technology
Waknaghat, Himachal Pradesh, India
K. V. S. S. S. S. Sairam
NMAMIT (Autonomous and Affliated
to VTU, Belagavi)
Karkala, Karnataka, India
Canara Engineering College (Affliated
to VTU, Belagavi)
Benjanapadavu, Mangalore, India
B. Y. Sandhiyaa
Department of Software Engineering
SRM Institute of Science & Technology
Chennai, Tamil Nadu, India
Shivam Singh
Department of Computer Science and
Engineering
Bharati Vidyapeeth’s College of
Engineering
Delhi, India
Jangirala Srinivas
Jindal Global Business School
O. P. Jindal Global University
Sonipat, Haryana, India
Mohammad Wazid
Department of Computer Science and
Engineering
Graphic Era (Deemed to be University)
Dehradun, Uttarakhand, India
Contributors xiii

Mrutunjaya S. Yalawar Jabar H. Yousif

Department of Computer Science & Faculty of Computing & Information
Engineering Technology
CMR Engineering College Sohar University
Hyderabad, Telangana, India Sohar, Oman
 1 Security Threat Analysis
and Prevention towards
Attack Strategies
Suman De
SAP Labs India Pvt. Ltd.

CONTENTS
1.1 Introduction ......................................................................................................2
1.2 History of Security Breaches............................................................................3
1.3 Common Security Threats................................................................................4
1.3.1 Malware ................................................................................................4
1.3.2 Phishing ................................................................................................5
1.3.3 Spear Phishing ......................................................................................5
1.3.4 “Man in the Middle” (MitM) Attack....................................................5
1.3.5 Trojans ..................................................................................................5
1.3.6 Ransomware .........................................................................................6
1.3.7 Denial-of-Service Attack or Distributed Denial-of-Service
Attack (DDoS) ......................................................................................6
1.3.8 Attacks on IoT Devices.........................................................................6
1.3.9 Data Breaches .......................................................................................6
1.3.10 Malware on Mobile Apps .....................................................................6
1.4 Security Challenges in Modern Day ................................................................7
1.4.1 Cloud Computing..................................................................................7
1.4.2 Social Media .........................................................................................8
1.4.3 Smart Phones ........................................................................................8
1.4.4 General Data Protection Regulations (GDPR) .....................................9
1.4.5 Attacks Based on Machine Learning and AI .......................................9
1.4.6 Attacks against Cryptocurrencies and Blockchain Systems .............. 10
1.4.7 Switching to DevOps.......................................................................... 10
1.4.8 Biometric Authentication.................................................................... 11
1.4.9 Fileless Malware ................................................................................. 11
1.5 Attack Strategies and Brief Study on Advanced Persistent Threat (APT)..... 12
1.5.1 How an APT Attack Works................................................................ 12
1.5.2 Some Instances of APTs..................................................................... 13
1.5.3 Characteristics of APTs ...................................................................... 14
1.6 Prevention Measures....................................................................................... 15
1.6.1 Identify the Threats ............................................................................ 15

1
2 Cyber Defense Mechanisms

1.6.2 Beware of Cybercrimes ...................................................................... 15

1.6.3 Observe All Stakeholders ................................................................... 15
1.6.4 Usage of Two-Factor Authentication .................................................. 15
1.6.5 Conduct Regular Audits ..................................................................... 16
1.6.6 Draft a Credit Sign-Off Policy ........................................................... 16
1.6.7 Protect Vital Data ............................................................................... 16
1.6.8 Perform Risk Assessments ................................................................. 16
1.6.9 Insure against Cybercrime.................................................................. 16
1.6.10 Gather In-Depth Knowledge about Risk Factors................................ 17
1.7 Threat Modeling ............................................................................................. 18
1.8 Role of a Threat Analyst.................................................................................20
1.9 Summary ........................................................................................................ 21
References................................................................................................................ 22

1.1 INTRODUCTION
Cybersecurity has become a matter of primary concern for organizations and world
governments alike. The essence of every application is ranging from web-based
offerings to mobile applications run into the common challenge of defending against
intrusions by foreign attacks of cybercriminals. Data security provides another angle
to the all security practices, and the governed aspects of policies like General Data
Protection Regulations (GDPR) make it essential to software vendors to abide the
needs of relevant governing laws and ensure quality with respect to security. This
introduces the importance of incorporating security analysts to evaluate and ensure
that the required guidelines and regulations are maintained wherever required. This
chapter takes a tour of generic security threats and how the role of a security analyst
helps discover potential threats and faws in any software offering. The recent secu-
rity threats are also explored and briefy discussed along with the possible prevention
steps against known attack strategies.
Threat analysis is the process of evaluating suspicious actions and reach of
unrecognized intelligence bodies or cybercriminals [1]. A cybersecurity threat is
described as a malicious activity that looks to hamper the digital world. The activity
could be damaging of data, intervention in a communication channel, or unauthor-
ized retrieval of data. The generic target of hackers* includes business organiza-
tions, government bodies, institutions, and even individuals with infuential identity.
Cyberattacks can involve threats such as denial-of-service (DoS), malwares, software
viruses, and phishing emails. These threats target entities with an online presence
and relevance with respect to the attack. History has shown cyberattacks that have
resulted in breaches of Government security missions, data breach in media houses,
and massive fund transfers in bank frauds affecting regular activities of human life.
Security threats can be damaging but often follow well-defned strategic moves,
which leads to a possible breach. The prevention of attack scenarios is well estab-
lished by a study of possible attack strategies and the necessary steps that are needed

* Hackers (indicative to crackers) are individuals who break into a system to gain unauthorized access
to confdential data or to affect the regular functionality of a system.
Security Threat Analysis and Prevention 3

to be taken to avoid any such breaches. Detecting, preventing, or dislodging the

threat in the most convenient time reduces the business impact and the possibility
of considerable effects. This chapter explores attack strategies and patterns that are
used by cybercriminals or hackers to break in various systems.

1.2 HISTORY OF SECURITY BREACHES

Confdential data extrapolation, social media breaches, and bank frauds are some
common threats that make new headlines frequently. Keeping aside the generic
ones, the terror spread through WannaCry ransomware attack or WikiLeaks have
had signifcant impact on people and government powerhouses. In 2019 alone,
29 major breaches in fnancial institutions were affected, resulting in millions of
dollars loss for them [2].
In May 2017 a ransomware attack called WannaCry targeted Microsoft Windows-
based operating systems to demand ransom payments in Bitcoin cryptocurrency and
was considered as a global epidemic. It was a type of crypto-ransomware (malicious
software), used by cybercriminals to extort money. Such malwares achieve this by
encrypting important fles, so that the user is unable to read them, or they lock the
user out of their own system, so that it cannot be accessed. This type of malicious
software encryption is called crypto-ransomware and is often termed as locker ran-
somware. Crypto-ransomware keeps the data hostage, in return of ransom payment
from the user.
More recently, a Football Leaks hacker, Rui Pinto, hacked and exposed the break-
ing of Financial Fair Play rules and is said to have accessed over 70 million docu-
ments and 3.4 TB of information about numerous football clubs [3]. He had leaked
the information to German news magazine, Der Spiegel, and was imprisoned in 2019
for 90 separate cases of hacking and fraud. Table 1.1 shows the list of well-known
cyberattacks or breaches.
We also refer to the fraud cases or cyberattacks on fnancial institutions men-
tioned in the Carnegie Endowment for International Peace and see a huge rise in
the numbers in recent years, which is shown in Figure 1.1. The facts hint at the
more growing importance of securing systems by proper threat modeling. Be that
as it may, the risk scene has been more concerning with country states progressively
joining the blend and with the subsequent harm heightening, from burglary to inter-
ruption and demolition [4].

TABLE 1.1
List of Well-Known Cyberattacks or Breaches
Incident Type of Attack Year
WannaCry Ransomware Malware software demanding ransom 2017
Koobface worm Malware in social media sites—213K users affected 2009
Equifax Data breach affecting 145.5 million users 2017
Dream market breach Sixteen websites hacked and out on sale in the Dark web 2019
Friend Finder networks 412 Million accounts hacked and exposed 2016
4 Cyber Defense Mechanisms

FIGURE 1.1 Cyberattack frequency on fnancial institutions since 2007 as per Carnegie
Endowment.

1.3 COMMON SECURITY THREATS

Cyberattacks can emerge from multiple sources. Intruders target multiple possi-
bilities to break in a system and can damage to it. A cyberthreat is an activity that
intends to snoop data, distort data, or attempt to create major damage. These threats
can be classifed into some major types [5].

1.3.1 MALWARE
Malware is an application which does a harmful activity on a device, network, or
system. Activities can result to corruption of data, gaining unauthorized access on
confdential information or manipulation of data. The word “malware” is formed
keeping the essence of two different words “malicious” and “software.” A malware
can be a virus, Trojan, spyware, or ransomware that causes damage to a system.
Viruses tend to associate itself with other entities to clear fle content, or infect and
damage relevant fle content. Viruses spread with control, resulting in damage of a
system’s primary features, and damaging or corrupting fle content. Such software
appears as executables (.exe) or batches (.bat), and cause harm to the system. Trojans
are malwares that disguise itself as legitimate software or are hidden in legitimate
software that has been tampered with. It acts discretely by making backdoors in the
security system to allow signifcant malwares inside. Spywares are malicious soft-
ware which are developed to spy on users. They hide themselves in the background
and observe the user’s online activities, including passwords, credit card numbers,
user behavior for websites, and other relevant activities. The primary objective of
Worms is to infect a complete network of devices, both local and across the web, via
network protocols, or interfaces. Ransomware attempts to lock down systems and
relevant fle content and sends a word to erase or damage signifcant data unless a
ransom is paid. Another type of malware is Adware which is not harmful but causes
a distraction for users and also creates an easier route for other malwares to creep
Security Threat Analysis and Prevention 5

into the system. Attackers can also utilize a network of computer to infect and work
for personal benefts which is also another type of malware and is commonly known
as Botnet.

1.3.2 PHISHING
Phishing is a message-based (especially electronic mails) threat which constitutes
of tricking the end-user into exposing private data or luring to download malicious
software by following a link sent with the email. The email is drafted in a way to
make the recipient believe the source and trust the sending entity. Once the recipi-
ent is lured into the content, they are coaxed into providing private information or
forced to download malware onto the target’s computer. A common example is a
mail containing prize winning notifcation and requesting bank details for follow-up
on receiving the winnings.

1.3.3 SPEAR PHISHING

It is a more classic form of phishing that involves the intruder to gain information
about the victim and positions itself as an entity that the target knows and trusts.
The primary target in this case are individuals rather than a wide group of people.
Attackers observe and do a complete study on their victims via social media and
other publicly available data to appear more authentic. This is often the frst to step
to take down the cybersecurity barriers of an organization.

1.3.4 “MAN IN THE MIDDLE” (MITM) ATTACK

This form of security attack occurs when an intruder creates a channel between
the sender and recipient of the emails, and reads confdential messages, and in fact
modifes the contents before it reaches the intended target. Both end-users are under
the impression that the communication is clear. This attack is often used by military
to create a state of confusion for an opponent camp. It requires three players—the
victim (sender), target user (recipient), and the “man in the middle,” who’s intruding
into the communications without the awareness of the communicating parties.

1.3.5 TROJANS
They are a form of malicious software which reaches a network appearing to be a
generic software but installs malicious code after it is inside the target system. It
draws motivation from ancient Greek History and was named after the same. Trojans
are employed by cybercriminals and intruders to attain unauthorized access to net-
works. End-users are tricked through social engineering techniques into download-
ing and installing Trojans. Once installed, Trojans enable cyberthieves to spy, steal
confdential data, and gain unauthorized access to the target system. The activities
involve data deletion, blockage, modifcation, copy, and affecting the performance of
systems or network of computers.
6 Cyber Defense Mechanisms

1.3.6 RANSOMWARE
Ransomware is a malware that constitutes of encryption of information on the
host network and asking for money in return of availability of the system to the
affected individual again. This type of a threat may involve low-hanging nuisances
to major incidents as observed during the locking of confdential government
information for the whole area of Atlanta and WannaCry ransomware software in
2018 and 2017, respectively.

1.3.7 DENIAL-OF-SERVICE ATTACK OR DISTRIBUTED

DENIAL-OF-SERVICE ATTACK (DDOS)
This attack happens when authorized end-users are locked from accessing relevant
systems, devices, or other network entities due to the activity of a malicious cyber-
intruder. Services affected include emails, sites, online accounts (e.g., banking or
social), and similar services that are dependent on the affected system. A DoS sce-
nario is accomplished by making the targeted host or system busy with traffc; it
simply crashes or disallows the user to respond, resulting in access failures for autho-
rized users. These attacks are time-consuming as well as prove to be costly as their
resources and services are inaccessible. A DoS is known to be a distributed attack
where multiple systems are working together to cause harm to one target, e.g., food-
ing a server network with high traffc.

1.3.8 ATTACKS ON IOT DEVICES

Internet-of-things (IoT) devices are prone to various forms of cyberattacks. It
involves cybercriminals having full control of the equipment to consider it a play
for a distributed denial-of-service (DDoS) attack by gaining illegitimate entry to
the data that is gathered in the equipment. Devices with huge volume of data,
geographic diversifcation, and not-updated system software are the primary aim
to malwares [6].

1.3.9 DATA BREACHES

This refers to stealing of information by a harmful intruder. The general objective
for such assaults involves identity theft, a need to act as a whistleblower (e.g., Edward
Snowden or Julian Assange) or espionage.

1.3.10 MALWARE ON MOBILE APPS

Mobile-based applications have been prone to cyberthreats similar to other soft-
ware applications. Cybercriminals use malicious software inside app downloads and
mobile-based sites, and use other phishing techniques. Such an attack on mobile
application can provide the intruder with enablement to private data, geographical
data, bank account details, and so on.
Security Threat Analysis and Prevention 7

1.4 SECURITY CHALLENGES IN MODERN DAY

Keeping the above threats in mind, the challenges of digitization and evolution of
technology have also seen new challenges offered to the cyberworld that are to be
considered before choosing the safety guidelines of a system. Guaranteeing cyber-
security is turning out to be harder with time as hackers execute new assaults, abuse
current open pointers, and use new hacking techniques continually; at the same time,
administrative establishments modify and develop gauges. Here, we discuss the fea-
tures of each innovation in modern day and evaluate the security threats associated
with the same.

1.4.1 CLOUD COMPUTING

The intricacies of changing data and software to the cloud continue to pull in clients
for storing their data in DropBox or iCloud, utilize Gmail or Live Mail to handle
their electronic messages, and manage their social lives with the help of tools such
as Evernote and Mint.com. In complexity to IoT gadgets, cloud stages store a lot of
sensitive and important information [7]. While cloud suppliers put a great deal of
exertion into guaranteeing the security of their administrations, there are still an
excessive number of cyberthreats that cannot be overlooked.
The following characteristics play a major role in attracting cybercriminals to
create an impact [8]:
Confguration mismanagement: As per Symantec, actualizing both software-
as-a-service and infrastructure-as-a-service safety will continue as a battle
for some associations. Institutions are not totally mindful of the intricacies
associated with verifying cloud information, and considerably, further breaks
brought about via mistake, bargain, or confguration will emerge sooner rather
than later.
Specter and Meltdown vulnerabilities: A few aggressors attempt to abuse
Specter and Meltdown issues and spotlight the respective assaults on the CPUs
utilized by cloud vendors. The most ideal way to tackle such circumstances is to
ensure that the equipment is refreshed—current fxes fxing diverse Specter and
Meltdown lapses have been discharged constantly. Notwithstanding, as Specter
problems are hard for fxing, a few specialists recommend supplanting every infu-
enced processor.
Insecure application programming interfaces (API): In many cloud frame-
works, APIs continue to be the main aspects other than the trusted authoritative
limit having an open IP target. Along these lines, unmanaged APIs may provide an
aggressor extensive access to cloud SaaS products and mark the whole framework
in danger.
Data loss: A major concern that ought to be considered and not overlooked is
losing the organization’s information because of some non-noxious causes, e.g., a
catastrophic event or human blunder. The best way to moderate such dangers is by
making bunches of reinforcements of important data and putting away them at physi-
cal destinations situated in various pieces of the globe.
8 Cyber Defense Mechanisms

1.4.2 SOCIAL MEDIA

Online networking, e.g., Facebook, and Twitter, has demonstrated dangerous devel-
opment lately. At the end of 2012, there are in excess of 450 million dynamic cli-
ent profles of Twitter with an ever-expanding list of new registrations in Facebook
arriving at right around 1 billion clients. Long-range interpersonal communication
destinations have been exceptionally famous and become the favored strategy for
correspondence for most youthful ages. Every one of these online networking sites
regularly gives instruments where clients share their own data (e.g., name, address,
sexual orientation, DoB, and inclination towards specifc hobbies), photographs, sta-
tus feeds, and spread connections.
Assailants exploit the web-based life rage as another mechanism for propelling
deceptive assaults. Before the fnish of 2008, Kaspersky Lab assortment had in excess
of 43K malevolent documents identifying with Internet-based life. A document distrib-
uted by IT cyberattack mitigation and information assurance company, Sophos, uncov-
ered a disturbing ascent in assaults on clients of online social sites. In the overview
led by Sophos, around 60% organizations worry that their representatives give a lot of
data in informal communities, whereas around 66% organizations believe that utiliz-
ing interpersonal organizations represent an extraordinary risk to the organizations.
Koobface, a worm which travels via Internet in 2009, was strikingly a popular
malicious software case that uses expansion of web-based life. The Koobface botnet
computerizes production of current online profles to get to know clueless clients, thus
spamming and tempting connections that divert to malware. Another mainstream mal-
ware assault is fnished via utilization of a noteworthy number of Twitter and Facebook
end-user profles which are not authentic or are currently unused. At that point, the
lawbreakers stunt users in the interpersonal organization webpage into “friendling” or
tailing those and tapping on their announcements that regularly resulted in opening of
pernicious sites. Elsewhere, it is observed that an enormous amount of malwares were
distributed in the wake of clicking for content on “drifting” points through Twitter.

1.4.3 SMART PHONES

Cell phones, combined with progress in remote advancements, have become an
inexorably complex PC and specialized gadget that is promptly conveyed by people
for the duration of the day. There are various styles of assaults focused to exploit the
expansion of portable processing. The aggressor tries to damage the encryption of
the portable system. An intruder then tries to snoop in stealthily on Wi-Fi correspon-
dences to collect information (e.g., user details and secret phrase). Security problems
observed for Bluetooth on smart phones are contemplated and resulted in multiple
problems. For instance, Cabir is a worm that spreads through Bluetooth association.
It scans for close by telephones containing Bluetooth in discoverable state and sends
the worm to the designated gadget. The client must acknowledge the approaching
document and run the code. In the wake of execution, the worm contaminates the
machine. To forestall correspondence-associated assaults, organizing traffc traded
through telephones is observed, e.g., observation on arranging directing focuses or
checking the utilization of system versatile conventions.
Security Threat Analysis and Prevention 9

Another sort of assaults is observed from the vulnerabilities in versatile pro-

gramming applications particularly with portable Internet browser. Weakness in the
Internet browser for Android was found in October 2008 misusing out of date and
helpless library.
Malignant assailants target telephones as a channel to distribute malware. To
control the malware proliferation, portable organizations offer a concentrated open
commercial center commended with an endorsement procedure before facilitating
the application. The unifed commercial center assists with evacuating any applica-
tion whenever discovered suspicious prior to being downloaded by the clients. For
instance, Apple embraces a verifying procedure to guarantee all products adjust to
Apple’s standards prior to being released through the AppStore. Apple affrms a
product by code marking using encryption keys. Getting to the product by means of
AppStore is the main route for iPhone gadgets to introduce other applications. Like
Apple, Android also has an open commercial center to have applications. Android
utilizes public supporting to rate the applications by clients. In light of client objec-
tions, applications can be expelled from commercial center and expel them from
the gadget also. Another methodology taken by the versatile organizations to secure
their portable stages is observed in the possibility of a sandboxing. Sandboxing
divides various procedures to keep them from connecting and harming one another
in this way viably restricting any opportunity for malevolent code to be embedded
and surpassing the running procedures from doing unsafe exercises. Apple iOS cen-
ters around constraining privileges to the API for products from the Apple Store,
whereas Android utilizes its sandboxing on hidden inheritance Linux bit.

1.4.4 GENERAL DATA PROTECTION REGULATIONS (GDPR)

The GDPR upholds guidelines for authoritative compliances including measures
that defend against cherishing security. The utilization of Data Protection Impact
Assessments (DPIAs) helps keep exhaustive information preparing records and
obligatory detailing of information breaches. The essential need of such a framework
is responsibility, which is what the information controllers are responsible for, and can
relate consistence with the accompanying six general security standards overseeing
accountability, reasonableness, and straightforwardness. At the end of the day, individual
information is executed legally, decently, and in a straightforward way. Another issue
is programmers utilizing rebelliousness with GDPR to further their potential beneft by
coercing organizations which doesn’t meet the prerequisites mentioned in the guideline.
Gilad Peleg, CEO of SecBI, forecasts that badly arranged organizations should fgure
out how to “become at any rate halfway agreeable” with the new guideline [9].

1.4.5 ATTACKS BASED ON MACHINE LEARNING AND AI

Artifcial Intelligence (AI) or man-made consciousness and machine learning (ML)
programming “learn” through outcomes of previous occasions and arrive at the set
objective. Although numerous cybersecurity experts employ AI/ML devices to fore-
stall digital assaults, quite possibly programmers similarly use the same inventive
answers for developing elaborately refned cyberattacks. Man-made intelligence
10 Cyber Defense Mechanisms

along with ML can be used to perform multiple forms of attacks—from sending

huge amounts of spam/misrepresentation/phishing messages through chatbots to
AI-fueled secret key speculating to executing cryptographic attacks.

1.4.6 ATTACKS AGAINST CRYPTOCURRENCIES AND BLOCKCHAIN SYSTEMS

Blockchain innovation has been a standard wellspring of interruption in the realm of
information security. Associations of both open and private division face the normal
worry of giving the best of security affrmations to the clients. A blockchain is a
disseminated database of records for all exchanges that is been prepared and shared
between all partners. The exchanges are confrmed by endorsement or assent from
greatest members related to the framework. The accessibility of such record, once
entered, can’t be moved back. The blockchain comprises distinct and inspectable
record of all exchanges made in the framework. Numerous organizations receiving
cryptographic money innovation don’t execute proper security controls. Accordingly,
they keep on encountering budgetary misfortunes, predicted Bill Weber, the head
security strategist at eSentire.
While dealing with digital currencies and blockchain frameworks, there are three
fundamental sorts of assaults that should be set up for managing:

• Overshadowing assault: A system-level assault on a blockchain frame-

work, when an aggressor oversees all the associations going to and from
the unfortunate casualty’s hub. This kind of assault might be utilized for
concealing data about the utilization of digital forms of money inside the
system and performing twofold spend assaults.
• Sybil assault: An assault where one hub in the system secures a few
personalities.
• DDoS assaults: While numerous mainstream digital forms of money,
e.g., Bitcoin works in insurance against DDoS assaults; the hazard is excep-
tionally large for all the unsafe cryptographic forms of money.

1.4.7 SWITCHING TO DEVOPS

When switching to DevOps prompts superior profciency, larger speed, and progres-
sively responsive conveyance of IT benefts, this development may likewise pres-
ent genuine cybersecurity dangers. Numerous associations are as yet attempting to
apply suffcient security controls in the DevOps practice. Subsequently, organiza-
tions should be prepared to manage a great deal of conceivable security issues when
switching to DevOps. These include

• Security group misconfguration: As conditions become bigger, they inter-

connect handful, hundreds, or even a large number of various security
gatherings. Dealing with these gatherings is a test, as the scarcest miscon-
fguration prompts a huge security issue.
• Incidental exposure of public content: The information is put away in a
freely open Simple Storage Service (S3) container. On the off chance that
Security Threat Analysis and Prevention 11

the information isn’t designed accurately, it might prompt empowering

access to delicate and important data.
• Excessive number of false positives: Anomaly discovery turns into a
genuine test since conditions change continually, making more bogus posi-
tives than the framework can manage. Aggressors may utilize this issue to
further their potential beneft, concealing their exercises behind genuine
procedures inside the unfortunate casualty’s condition.

1.4.8 BIOMETRIC AUTHENTICATION

Biometric authentication acquires greater ubiquity as a creative digital security arrange-
ment. While a few people consider biometrics to be another and productive method for
improving the security for undertakings, others consider it to be a potential issue.
There are numerous sorts of confrmations dependent on biometrics: normal
thumb fltering to a progressively imaginative tone, retinal, or facial acknowledg-
ment. Numerous individuals accept that biometric frameworks are about diffcult
to bargain—the information can’t be speculated and is one of a kind for each user.
Subsequently, it is by all accounts a superior answer for a solitary factor confrma-
tion and an incredible expansion to a multifaceted validation framework. In any case,
biometric frameworks have their downsides.
A signifcant issue is that biometric data can in any case be taken or copied, much
the same as a client’s login and secret phrase. In any case, rather than a secret word,
the client is unable to update the sweeps of their retina or get another facial update.
Thus, it throws newer diffculties for security experts later on.

1.4.9 FILELESS MALWARE

Many organizations are now fxating on a new issue of non-malware threats. Another
noteworthy issue is the expanding ubiquity of non-malware assaults. Numerous asso-
ciations despite everything need groundwork for this sort of digital dangers, which
just urges the assailants to utilize Fileless malicious software considerably more.
The typical non-malware assaults misuse Windows vulnerabilities and run their
payloads in the system. These contaminations are erased through rebooting of the
framework. However, there are progressively unpredictable forms of non-malware
assaults. A few assaults can utilize the current Windows instruments for malevolent
purposes, whereas the others can keep on running their pernicious code considerably
after the framework reboot. The couple of fundamental concerns to why Fileless
malicious software is more earnestly to recognize are as follows:

• They consist of less indicators of compromise (IoC) than the customary

malicious software.
• They utilize the injured individual’s apparatuses, claiming to be an authen-
tic procedure inside the framework.

Thus, conventional enemy of malware programming can’t distinguish non-malware

dangers viably, and new arrangements are called for.
12 Cyber Defense Mechanisms

1.5 ATTACK STRATEGIES AND BRIEF STUDY ON

ADVANCED PERSISTENT THREAT (APT)
The above sections elated various attack strategies that threaten the existence of
organizations, government bodies, and individual entities in the cyberworld. The
attacks can target multiple co-existing stakeholders and pose a huge threat on all
involved. Ransomware, specially, has an immense impact in the current world. Bank
attacks or demanding of ransom in return of allowing the end-user to get back con-
trol of intervened access has shaken many institutions in the recent past. We would
be looking at a special type of an attack in this particular section. An advanced
persistent threat (APT) is a planned and centered cyberthreat that has an interloper
access to a framework and remains unknown for some time [10]. The point of an
APT ambush is when in doubt to screen mastermind move and make data instead of
making hurt the framework or affliation.
Capable ambushes ordinarily target relationship in sections, for instance, national
guard, delivering, and the cash-related industry, as those associations oversee high-
regard information, including secured advancement, military plans, and other data
from governments and undertaking affliations. The goal of major APT attacks is to
achieve and continue to have constant access to the center to orchestrate rather than
get in and out as quick as could be permitted.
To get entrance, APT attackers often use moved attack procedures, includ-
ing pushed tries of zero-day vulnerabilities, similarly as astoundingly centered
around stick phishing and other social structuring frameworks. To keep up access
without being discovered, chance performers use pushed techniques, includ-
ing continually adjusting threatening code to avoid acknowledgment and other
refned evasion frameworks. For example, aggressors upheld by nation-states may
target authorized advancement to expand a high ground in explicit organizations.
Various targets may join power scattering and communicate interchanges utilities
and different systems, public activity, media affliations, and optional and other
political targets.
Yet APT attacks can be diffcult to perceive, and data theft is once in a while
absolutely subtle. In any case, the exhibition of exfltrating data from an afflia-
tion may be the primary snippet of data security specialists who need to realize
that their frameworks are persevering through an assault. Cybersecurity specialists
often design systems based on recognizing abnormalities in outbound data to check
whether the framework has been the goal of an APT ambush.

1.5.1 HOW AN APT ATTACK WORKS

Aggressors executing APTs commonly adopt the accompanying consecutive strat-
egy to pick up and keep up continuous access to an objective:

• Gain access: APT gatherings access an objective by focusing on frame-

works through the web, by means of lance phishing messages or an applica-
tion powerlessness with the goal of utilizing any entrance by embeddings
vindictive programming into the objective.
Security Threat Analysis and Prevention 13

• Establish a dependable balance: After accessing the objective, risk on-

screen characters utilize their entrance to do assist surveillance, just as to
start misusing the malware they’ve introduced to make systems of indirect
accesses and passages that they can use to move around unnoticed. APTs
may utilize progressed malware strategies, e.g., code reworking to cover
their tracks.
• Gain signifcantly more noteworthy access: Once inside the targeted sys-
tem, APT on-screen characters may utilize such techniques as secret word
splitting to increase regulatory rights so they can control a greater amount
of the framework and get considerably more profound degrees of access.
• Move along the side: Once risk on-screen characters have broken their
objective frameworks, including picking up head rights, they would then
be able to move around the endeavor organized voluntarily. Furthermore,
they can endeavor to get to different servers, just as other secure regions of
the system.
• Stage the assault: At this point, the programmers unify, encode, and pack
the information so they can exfltrate it.
• Take the information: The aggressors reap the information and move it to
their own framework.
• Remain until they’re distinguished: The cybercriminals can rehash this
procedure for extensive stretches of time until they’re identifed, or they
can make a secondary passage so they can get to the framework again
eventually.

Unlike increasingly common cyberattacks, progressed constant dangers will in gen-

eral be done by means of strategies that have been redone to the objective as opposed
to with progressively broad apparatuses that might be more qualifed to focus on
countless exploited people. APTs are likewise commonly done over any longer time
span—in contrast to standard assaults, which might be progressively evident and, in
this way, simpler for protectors to safeguard against.

1.5.2 SOME INSTANCES OF APTS

The Sykipot APT malicious software family used imperfections in Adobe Reader
and Acrobat. It was observed in 2006, and further assaults utilizing the malware
apparently proceeded through 2013. Risk entertainers utilized the Sykipot malware
family as a component of a long-running arrangement of cyberattacks chiefy focus-
ing on the US and UK associations, including government organizations, protection
contractual employees, and media communications organizations. The programmers
utilized a lance phishing assault that included connections and malevolent connec-
tions containing zero-day abuses in focused messages.
The GhostNet cyberespionage incident was observed in 2009. It was done from
China, and the attacks were initiated through lance phishing messages consisting of
malevolent connections. The attacks traded off PCs in excess of 100 countries. The
assailants concentrated on gaining access to system gadgets of government services
and international safe havens. These attacks gave the programmers power to control
14 Cyber Defense Mechanisms

these undermined devices, changing them to tuning in and recording devices by

remotely switching on their cameras and sound chronicle abilities.
The Stuxnet worm used to attack Iran’s nuclear program was perceived by
cybersecurity examiners in 2010. Until now, it is seen as one of the most developed
bits of malware ever perceived. The malware concentrated on SCADA (supervi-
sory control and data verifying) structures and was spread with polluted USB con-
traptions. Both the USA and Israel have been associated with the improvement of
Stuxnet, and remembering that neither one of the countries has offcially perceived
its activity in making it, there have been casual insistences that they were obligated
for Stuxnet.
APT29, the Russian progressed tireless risk bunch otherwise called Cozy Bear
has been connected to various assaults, inclusive of a 2015 lance phishing assault on
the Pentagon, just as the 2016 assaults on the Democratic National Committee.
APT28, the Russian progressed diligent risk bunch otherwise called Fancy Bear,
Pawn Storm, Sofacy Group, and Sednit, was recognized by analysts at Trend Micro
in 2014. APT28 has been connected to assaults against military and government
focuses in Eastern Europe, including Ukraine and Georgia, just as crusades focusing
on NATO associations and US protection temporary workers.
APT34, a progressed relentless risk bunch connected to Iran, was distinguished
in 2017 by scientists at FireEye, yet has been dynamic since 2014 at any rate. The risk
bunch has focused on organizations in the Middle East with assaults against mone-
tary, government, vitality, compound, and broadcast communications organizations.
APT37, otherwise called Reaper, StarCruft, and Group 123, is a progressed
relentless risk connected to North Korea that is accepted to have started around
2012. It has been associated with stick phishing assaults abusing an Adobe Flash
zero-day powerlessness.
Progressed determined dangers are not a marvel, and various APTs have been
distinguished since the mid-2000s, and they go back similar to 2003, when China-
based programmers ran the Titan Rain crusade against US government focuses
trying to occupy sensitive state mysteries. The assailants focused on military infor-
mation and propelled APT assaults on the very good quality frameworks of govern-
ment offces, including NASA and the FBI. Security investigators highlighted the
Chinese People’s Liberation Army as the wellspring of the assaults.

1.5.3 CHARACTERISTICS OF APTS

Advanced consistent risks routinely show certain characteristics refecting the ele-
vated level of coordination critical to break high-regard targets. For example, most
APTs are fnished in various stages, refecting a comparable basic gathering of get-
ting passage, keeping up and broadening access, and trying to remain undetected
in the appalling setback arrange until the goals of the attack have been developed.
Advanced steady threats are also perceived by their consideration on working up
various motivations behind a deal. APTs regularly attempt to develop different moti-
vations behind an area to the engaged frameworks, which enables them to know
whether or not the malevolent activity is found, and event response is actuated,
engaging digital security defenders to shut one exchange off.
Another random document with
no related content on Scribd:
„Wat nu gedaan?

„Een bitje gewacht! Maar ’t en beterde niet met Mijnheer Pastor, en de

menschen wierden ongeduldig!

„De pastor kreeg een gedacht. Koster! riep hij, ’k en kan [75]ik volstrekt in
de kerke niet gaan, ge zult gij moeten de kruiskes geven.

„De koster, die zijnen pastor gewend was, verstond dat nog al wel.

„Zegt de pastor toen:

„Ge weet wat ge moet zeggen, binst dat ge de kruiskes geeft: Memento,
homo! quia pulvis es et in pulverum reverteris (Herinner, mensch! dat gij
stof zijt en in stof zult wederkeeren).

„Wat belieft er u? zei de koster.

„De pastor herhaalde ’t latijn, maar de koster en verstond het nog niet.

„Na drie of vier keeren wierd de pastor ongeduldig:

„Ge zijt ezel geboren, schreeuwde de pastor, en ge zult ezel sterven!

„Ja, Mijnheer Pastor, zei de koster, en hij trok de kerke binnen, peinzende
in zijn eigen dat ze toch aardige dingen zeggen aan de menschen in ’t
latijn.

„En hij begon maar kruiskes te geven en te herhalen dat hij schuimde:

„Ge zijt ezel geboren, en ge zult ezel sterven!

„De menschen keken wat aardig en dat wierd beklapt en besproken als zij
buiten de kerke kwamen.

„En de historie en bleef in de prochie niet; ze wierd wijd en breed

verspreid in ’t omliggende en verder, en zoo kwam het dat de lieden van
Cuerne den name van ezels kregen.

„Onverdiend!”
Hier voren (op bladzijde 70) heb ik reeds met een enkel woord
vermeld de verzen van eenen Vlaming uit den ouden tijd, waarin al
de spotnamen van Vlaamsche steden en dorpen zijn opgenoemd.
Op dat hoogst merkwaardige stuk wil ik hier nader terug komen.

In het midden der zestiende eeuw leefde te Brugge een procureur,

namens Eduwaert de Dene, Lymans zone; die „Factor” was van de
rederijkerskamer „De drie Sanctinnen” aldaar. Deze man bracht de
Vlaamsche spotnamen in rijm te zamen, en smeedde daar lange
verzen van, die hij den naam gaf van Den langhen Adieu (het lange
Vaarwel). Eduwaert de Dene stelt [76]het voor alsof hij allen
Vlamingen, de inwoners van allerlei Vlaamsche steden en dorpen,
die hij allen afzonderlijk bij hunne spotnamen noemt, vaarwel zegt,
eer hij sterven gaat. Immers zóó moet men den telkens herhaalden
slotregel der verzen verstaan: „Adieu, eer ick reyse naer Adams
moer.” Adam, de eerste mensch, was uit de aarde voortgekomen;
„Ende de H E E R E Godt hadde den mensche geformeert uyt het
stof der aerden”, zoo lezen we in den Bijbel. Dus, in
overdrachtelijken zin genomen, was de aarde de moeder van Adam.
Zoo iemand gestorven is, wordt zijn doode lichaam in de aarde
begraven. Men kan hiervan zeggen: hij reist naar (of in) de aarde;
met andere woorden: hij reist maar de moeder van Adam, naar
„Adams moer.”

De bedoelde verzen nu luiden als volgt:

Den langhen Adieu

Niet oudgestich
In tjaer ghemaect nieu
1500 ende tzestich.
Adieu, P o o r t e r s van Brugge, adieu H e e r e n van
Ghendt,
Adieu, K i n d r e n van Ipre, wijdt verre bekent,
 Adieu, D a r y n c b a r n e r s van den Vryen mede,
Adieu, S c h o t t e r s van Douay, ende daer omtrent,
Adieu, S p e e r e b r e k e r s der Rysselsche stede,
N o t e c r a e c k e r s van Orchies, naer doude zede,
L e d i c h g h a n g h e r s van Oudenaerde ghepresen.
Adieu insghelijcx, oock zoo ick dandere dede,
P a s t e y e t e r s van Curtrijcke mits desen;
Adieu, C u p e r s van Damme: adieu, moet wesen,
W i t v o e t e n van Aelst, B e e n h a u w e r s van Male,
H u d e v e t t e r s van Gheerdsberghe hooghe geresen,
V o o r v e c h t e r s van Cassele int speciale,
V a c h t p l u c k e r s van Poperynghe tprincipale:
S l a e p e r s van Vuerne, hebt oock huwen toer.
R a e p e t e r s van Waes, elck end int generale,
Adieu, eer ick reyse naer Adams moer.

Adieu, van Dermonde M a c k e l e t e r s daer,

P e l s n a e y e r s van Nieneven openbaar,
D r y n c k e r s van Winnoxberghe, Z o u t z i e d e r s van
Biervliedt,
R o c h e t e r s van Muenickeree der naer.
Adieu, M o s t a e r t e t e r s die men t’ Oosthende ziet,
B u e t e r e t e r s van Dixmude en vergheet ick niet;
Adieu, metten C o n ij n e t e r s van Dunkercke goet; [77]
Adieu, D r a p e n i e r s van Comene, mijn jonste biedt;
Adieu, oock an de V u l d e r s van Caprijcke vroedt,
En den S c h i p g a e r n e m a e c k e r s van Oudenburgh, tmoet
Oock adieu gheseyt sijn, ken cans my bedwynghen,
C a b e l j a u e t e r s van Nieupoort, zijt oock ghegroet!
S a e y w e v e r s van Hondscote, Ghistelsche
Hovelynghen,
D r o o g h a e r t s van Werveke int ommerynghen,
C a e r d e m a e c k e r s van Deynse op heurlieder vloer;
 Ghy, S a u d e n i e r s van Grevelynghe, laet hu niet
besprynghen
Adieu, eer ick reyse naar Adams moer.

Adieu oock, G r o o t s p r e k e r s van Thorout, ghy

L u e g h e n a e r s van Ardenburch, den W i l t j a g h e r s by
Van Maldeghem, C a n d e e l e t e r s van Meenen voort,
K e t e l b o e t e r s van Middelburch; adieu van my
C r u d e n i e r s van Oostburch; insghelijcx adieu (hoort!)
L ij n w a d i e r s van Thielt, twelck menich oorboort;
Oock mede R o o t b i e r d r y n c k e r s van Haerlebeke:
Ghy P e p e r l o o c k e t e r s van Eecloo verstoort;
K e e r m e s h o u d e r s van Ruusselare meniche weke,
C a p p o e n e t e r s van Meessene, waert nood ’tbleke
Met menich smetsere ende goet gheselle:
An de W y n z u p e r s van Hulst ick adieu spreke,
S n o u c k e t e r s van Acxele, C a e s e m a e c k e r s van
Belle,
De Te g h e l b a c k e r s van Stekene oock mede telle;
R o o m e t e r s van Moerbeke, ghy sonder poer,
Ende W a e r m o e s e t e r s van Coolkercke snelle,
Adieu, eer ick reyse naer Adams moer.

Adieu, H o p p e w i n d e r s van Okeghem sterck,

Adieu, O v e r m o e d i g h e van Ronsse int werck,
P a p e t e r s van Denterghem, daer in onverzaet,
G a n s s e d r ij v e r s van Laerne, scherp int bemerck;
Te Zele daer vyndt men de V l a s b o o t e r s , jaet;
Adieu, S t i e r m a n s van Wendune, elck met zijn maet.
Ende ghy, M u s s e l e t e r s van Bouchoute reyn,
V i s s c h e r s van Blanckeberghe oock adieu ontfaet;
Adieu, P u t o o r e t e r s van Waestene int pleyn,
Adieu, D i e n a e r s van Sint Anna ter Mude certeyn,
 V e r z e y l d e r s van Heyst ten Zeeusschen gronde.
C o k e r m a e c k e r s van Ruurle, van V l a e t e r s tgreyn;
Die van Sint Jans Steene oock adieu tallen stonde,
C o m p o o s t e t e r s van Loo, T h o o l n a e r s van
Reppelmonde,
Adieu, Eillynghen tsaemen met den Ackerboer,
Adieu, dus namelicke Vlaandren int ronde,
Adieu, eer ick reyse naer Adams moer. [78]
Adieu, voorts noch, ende wederom oorlof, adieu,
Al dat oud was, en zichtens 14 gheworden nieu!

Ook al deze oude Vlaamsche spotnamen vertoonen weêr ten

duidelijksten de bijzondere kenmerken van zulke Nederlandsche
namen in ’t algemeen. Ook dezen zijn grootendeels meer bijnamen
in schertsenden zin, dan smaad- of hoonnamen en scheldnamen
van krenkenden aard. Zoo treffen we hier weêr de namen aan die
ontleend zijn aan allerlei nering en bedrijf in ’t bijzonder eigen aan
deze of gene plaats; b.v. H u d e v e t t e r s van Geeraartsberge en
de P e l s n a a i e r s van Ninove, de S a e y w e v e r s van
Hondschoten en de C r u d e n i e r s van Oostburg, de
K a a s m a k e r s van Belle en de S t u u r l i e d e n van Wenduine.
Verder ook de namen ontleend aan de eene of andere spijze of
lekkernij, die hier of daar bijzonder gaarne of bijzonder menigvuldig
door de lieden werd gegeten; b.v. de P a s t e i - e t e r s van Kortrijk
en de R a a p - e t e r s van Waas, de R o g - e t e r s van
Munnikereede en de K o n ij n - e t e r s van Duinkerke, de
K a b e l j a u w - e t e r s van Nieuwpoort en de S n o e k - e t e r s van
Aksel. Als rechtstreeksche spotnamen merken we op de
L e d i g g a n g e r s van Oudenaarden, de W i t v o e t e n van Aalst,
de V o o r v e c h t e r s van Kassel en de S l a p e r s van Veurne; de
G r o o t s p r e k e r s van Thorhout en de K e r m i s h o u d e r s van
Rousselare. Onder deze laatste soort van namen zijn er zeker velen,
die aan het een of ander geschiedkundig voorval hunnen oorsprong
te danken hebben.

Toen deze verzen berijmd werden was Vlaanderen nog in zijn

geheel, nog één en onverdeeld. Sedert is de westelijkste gouw van
Vlaanderen bij Frankrijk gevoegd, en de noordelijkste bij Noord-
Nederland. Maar Eduwaert de Dene noemt, zeer te recht zoo wel
de spotnamen op van de inwoners van Biervliet, Aardenburg,
Oostburg, Hulst, Aksel, Sint-Anna-ter-Muiden en Sint-Jans-Steen
(allen thans tot Noord-Nederland behoorende—Zeeuwsch
Vlaanderen), als die van Douay, Rijssel, Orchies, Kassei, Sint-
Winoks-Bergen, Duinkerke, Hondschoten, Grevelingen, Belle,
tegenwoordig deel uitmakende van Frankrijk—Fransch-Vlaanderen.
Ja, in één versregel vinden we de S n o e k e t e r s van [79]Aksel
vermeld naast de K a a s m a k e r s van Belle; die van Aksel zoo wel
als die van Belle zijn oorspronkelijk goede Vlamingen, maar thans,
en reeds sedert twee of drie eeuwen als Noord-Nederlanders en als
Franschen geheel van elkanderen vervreemd.

Sommigen van deze oude namen leven nog heden in den mond des
volks. De H e e r e n van Gent, de K i n d e r e n van Yperen, de
P a s t e i - e t e r s van Kortrijk, de M a k e l - e t e r s van
Dendermonde, de W i t v o e t e n van Aalst, en anderen zijn nog
heden ten dage zoo goed bekend als tijdens Eduwaert den Dene.
Daarentegen zijn de rijke en machtige P o o r t e r s van Brugge uit
de zestiende eeuw in onze negentiende eeuw tot Z o t t e n
vernederd, zijn de oude L e d i g g a n g e r s van Oudenaarde thans
B o o n e n k n o o p e r s , de H u i d e v e t t e r s van Geeraartsbergen
thans B e r g k r u i p e r s , de K a n d e e l e t e r s van Meenen thans
Ta a r t e b a k k e r s , de R o o m e t e r s van Moerbeke thans
S m e e r k o e k e t e r s (de hedendaagsche lieden van Meenen en
van Moerbeke zijn toch liefhebbers van lekkernij gebleven, zoo als
hunne oud-eeuwsche voorvaders reeds waren); de
V a c h t p l u k k e r s van Poperinge heeten thans K e i k o p p e n , de
O v e r m o e d i g e n van Ronse zijn tot Z o t t e n ,
V l i e g e n v a n g e r s en S l e k k e n t r e k k e r s geworden, en de
zestiende-eeuwsche B u e t e r - e t e r s van Diksmude thans, min
hoffelijk, tot B o t e r - k o p p e n .

Uit een taalkundig oogpunt zijn eenigen van deze namen zeer
merkwaardig; b.v. de D a r y n c b a r n e r s van ’t Land van den Vrijen
van Brugge (eene gouw in ’t Noorden van West-Vlaanderen), die in ’t
hedendaagsche Hollandsche Nederduitsch T u r f b r a n d e r s
zouden moeten genoemd worden. Darync, Darink, Daring,
hedendaags in West-Vlaanderen als dèring of derring uitgesproken,
is de oorspronkelijke vorm van ons hedendaagsch Noord-
Nederlandsche woord derrie.—Verder de H u d e v e t t e r s
(Lederbereiders) van Geeraartsbergen, de D r o o g h a e r t s
(Droogscheerders) van Werveke, de T h o o l n a e r s (Tollenaars of,
zoo als de verbasterde Hollanders zeggen, „Douanen”) van
Rupelmonde, enz.

Merkwaardig is het ook dat Eduwaert de Dene in zijne verzen

almede de „R o c h - e t e r s van Muenickeree” noemt. Muenickeree,
[80]Munnikeree (Monnikereede in hedendaagschen taalvorm) was in
de middeleeuwen een bloeiend stedeke aan het Zwin, tusschen
Sluis, Damme en Brugge in Vlaanderland. In de zestiende eeuw
verviel het plaatsje, in vervolg van tijd verviel het al meer en meer,
eindelijk ook geheel en al, en in deze negentiende eeuw verdween
het geheel van den aardbodem, om ter nauwer nood de heugenis
van zijn bestaan achter te laten. Door het verloopen, het verslijken
en verzanden, en door het inpolderen van den zeearm het Zwin is
zelfs de plaats waar Munnikereede lag niet meer nauwkeurig aan te
wijzen. Maar al is het stadje te niet gegaan, er zijn toch nog
Munnikereeders over gebleven, lieden wier voorouders te
Munnikereede woonden, lieden die dus van daar oorspronkelijk
herkomstig zijn. Een man uit Munnikereede (misschien ook wel een
geheel gezin) heeft oudtijds, om de eene of andere reden, zijne
woonplaats verlaten, en zich in Holland gevestigd, evenals in de
zestiende eeuw zoo vele andere Vlamingen met hem. Die man
noemde zich in zijne nieuwe woonplaats, ter onderscheiding van
anderen, met den als voor de hand liggenden toenaam „Van
Muenickeree” of „Van Munnikeree” of „Van Munnikreede” (de spelling
van den naam doet er niet toe). En eene maagschap van dien naam,
te weten: „v a n M u n n e k r e d e ”, ’s mans nakomelingschap,
bestaat nog heden, en komt of kwam nog in de laatste helft dezer
eeuw voor te Delft, Rotterdam, Haarlem, Heemskerk. De
geslachtsnaam heeft dus in dit geval den plaatsnaam, de oud-
ingezetene van Munnikereede heeft, in zijne nakomelingen, het
stedeke zelf overleefd. En zelfs de spotnaam waarmede de oude
Munnikereeders in de middeleeuwen door andere Vlamingen
werden genoemd, is ons nog overgeleverd geworden en bewaard
gebleven.

Daar zijn nog oudere Vlaamsche spotnamen bekend, dan dezen van
1560. In de Anzeiger für Kunde der Teutschen Vorzeit, jaargang
1835, bladzijde 299 vindt men een lijstje van die namen
medegedeeld, ’t welk volgens de meening van sommige geleerden
tusschen de jaren 1347 en 1414 moet zijn opgesteld. Deze
middeleeuwsche spotnamen zijn in hoofdzaak de zelfden als die
men in „den langhen Adieu” vindt opgesomd. Sommigen echter
wijken in meerdere of mindere mate af van de namen in dat [81]rijm
voorkomende. Zoo heeten in dit middeleeuwsche lijstje de
ingezetenen van Poperingen V a c h t p l o t e r s , terwijl Eduwaert
de Dene ze V a c h t p l u c k e r s noemt; die van Meenen
P e l s m a k e r s , tegenover de C a n d e e l e t e r s van de Dene; die
van Werveke V e r w a t e n l i e d e n , tegenover de
D r o o g h a e r t s van de Dene; die van Deinse G a r e n c o e p e r s
tegenover de C a e r d e m a e c k e r s van de Dene. En er worden in
het oude lijstje ook eenigen genoemd, die de Dene niet heeft; bij
voorbeeld de W a f e l e t e r s van Bethune, de U t r e c h t s c h e
V l a m i n g e n van de Vier-Ambachten, de P l a t t e G e s e l l e n
van Sleedingen (hedendaags Sleidinge), de D a n s e r s van
Everghem, de S c i p h e e r e n van der Sluus, de T u u s c h e r s van
Theemsche (hedendaags Temseke), en anderen.

Ook in dit lijstje vinden de taalgeleerde en de geschiedkundige veel

van hunne gading, ter verklaring; zoo als de T u u s c h e r s (Ruilers,
in ’t hedendaagsche Friesch nog túskers, tyskers) van Temseke en
de S c i p h e e r e n van der Sluus. Deze laatste naam dagteekent uit
den middeleeuwschen tijd, toen het hedendaagsche stille en
vervallene stedeke Sluis, thans tot het Zeeuwsche deel van
Vlaanderen, dus tot Noord-Nederland behoorende, eene bloeiende
Vlaamsche handelsstad was, de mededingster van het naburige
Brugge. Vele rijke reeders (S c i p h e e r e n ) woonden toen daar.

En dan de U t r e c h t s e V l a m i n g e n van de Vier-Ambachten, die

nog herinneren aan den overouden tijd toen de noordelijkste gouw
van Vlaanderland, in de middeleeuwen de Vier-Ambachten
genoemd, en thans Zeeuwsch-Vlaanderen, soms ook nog Staatsch-
Vlaanderen geheeten, in het kerkelijke niet tot een Vlaamsch bisdom
(Gent of Brugge) behoorden, maar tot het aartsbisdom van Utrecht.
In deze gouw toch was de bevolking in de vroege middeleeuwen
hoofdzakelijk van Frieschen bloede, en de Friezen bewesten
Lauwers en bewesten Flie behoorden, sedert ze Christenen waren,
tot dat aartsbisdom. Van daar dat de Vlamingen van Hulst en Aksel,
van Biervliet en Aardenburg hier U t r e c h t s c h e V l a m i n g e n
worden geheeten. Men zie over deze zaak mijn werk Oud
Nederland, de aanteekeningen op bladzijden 109 en 110.
De ingezetenen van Duinkerke worden in den Langhen Adieu [82]en
eveneens in dit oude lijstje C o n y n e t e r s genoemd, en deze naam
is voor lieden die midden in het duin, midden in die meest geliefde
verblijfplaats der konijnen wonen, en die aan die ligging in de duinen
zelfs den naam hunner stad ontleend hebben, zeker zeer
eigenaardig en gepast. Ik zelf echter, eenige jaren geleden een en
ander maal te Duinkerke vertoevende, en daar den luiden vragende
naar hunnen spotnaam, en naar die van andere Fransch-Vlamingen,
kreeg telkens ten antwoord: K e u n e t e r s van Duunkerke. 15 Hieruit
blijkt dat keun de Vlaamsche benaming is van konijn; en in der daad
vinden we ook in De Bo’s Westvlaamsch Idioticon het woord keun
voor konijn aangegeven. De ingezetenen van het dorp Heist op Zee,
bij Brugge, en dat ook midden in het duin aan zee gelegen is (als
Zandvoort), dragen heden ten dage almede den spotnaam van
K e u n s (Konijnen). Door onze taalgeleerden wordt ons
hedendaagsch algemeen Nederlandsch woord konijn voorgesteld
als afgeleid of herkomstig van het Latijnsche woord cuniculus. Het is
toch opmerkelijk, ja, het komt mij zonderling voor, zelfs ongelooflijk,
dat zulk een algemeen bekend inlandsch dier als het konijn is, dat bij
duizendtallen in onze zeeduinen, en ook binnen ’s lands op
heidevelden en in woeste, zandige streken leeft, niet eenen
oorspronkelijk Nederlandschen, oorspronkelijk Dietschen, niet eenen
echt Germaanschen naam zoude hebben. Is misschien dit
Westvlaamsche keun de eigenlijke, de oorspronkelijk Dietsche naam
van het konijn? En moet men ons hedendaagsch woord konijn dan
als een oude verkleinvorm van keun (koon, kone) beschouwen?
Heeft ons woord konijn dan misschien niets met het Latijnsche
woord cuniculus te maken? En hebben dan, juist andersom, de
Romeinen hun woord cuniculus misschien afgeleid van ons woord
keun? Allemaal vragen, die ik niet beantwoorden kan, maar die den
taalvorscher zeker belangstelling zullen inboezemen. [83]
De ingezetenen van sommige gewesten, landstreken en eilanden in
hun geheel, ja sommige volken hebben ook wel hunne spotnamen.
Ook hierop wil ik nog kortelijk wijzen. Zoo heeten de Friezen
S t ij f k o p p e n , Noord-Bevelanders bij de andere Zeeuwen
P e e v r e t e r s , en de Zuid-Bevelanders P a d d e l a n d e r s .
(Peeën, dat is Zeeuwsch voor wortelen—de gewone als spijs
gebruikte wortelen van Daucus carota, en beetwortelen). De
opgezetenen van ’t eiland Walcheren in ’t bijzonder, op welk eiland,
naar men zegt, geen kikvorschen en geen padden voorkomen,
noemen dus het eiland Zuid-Beveland, waar deze amphibiën wel
gevonden worden, smadelijk ’t P a d d e l a n d . Die van Texel heeten
K w a l l e n , en die van Wieringen S k e p e n (Schapen), ’t is op bl.
62 en 63 reeds vermeld.

De Engelschman J o h n B u l l , de Franschman J e a n
P o t a g e e n zijn wijf M a r i a n n e , J a n t j e - K a a s de Hollander
(door Vlamingen en Brabanders zoo genoemd) en de Duitsche
M i c h e l of H a n s - M i c h e l zijn overbekend. Overbekend is ook in
onze dagen de spotnaam R o o i n e k en R o o i b a a i t j i e , dien
onze Zuid-Afrikaansche stamgenooten den Engelschman geven. De
Hollanders in ’t bijzonder hebben ook nog eenen bijzonderen
spotnaam voor den Duitscher, dien ze M o f noemen. Naar den
oorsprong van dezen naam is door velen vruchteloos gezocht.
Opmerkelijk is het dat de Duitschers, die langs onze oostelijke
grenzen wonen, dien spotnaam M o f (zij zeggen M u f ) wederkeerig
op de Nederlanders toepassen, en ons H o l l a n d e r - M u f
noemen; zie Ten Doornkaat Koolman, Wörterbuch der
Ostfriesischen Sprache, waar almede eene verklaring van dit woord
Muf of Mof te vinden is. De Nederlanders noemen geheel
Duitschland wel M o f f r i k a , maar de Duitschers zelven geven dien
naam M u f f r i k a in ’t bijzonder aan eene kleine gouw, langs onze
grenzen zich uitstrekkende, aan het zoogenoemde Nedersticht van
Munster, tusschen Oost-Friesland en Bentheim gelegen, en de
stadjes Meppen en Lingen met omstreken omvattende.

De Friezen hebben nog eenen bijzonderen spotnaam voor de

Duitschers in ’t algemeen; zij noemen dezen P o e p e n . Dit woord
poep is een bijzonder, een raadselachtig woord. Dat het niet het
woord poep is, in de gewone algemeen Nederlandsche volks- vooral
kinderspreektaal van bekende beteekenis, blijkt hieruit dat de
Friezen beide woorden nauwkeurig in uitspraak onderscheiden.
[84]Zij, met hun fijn en nauwkeurig onderscheidend taalgehoor,
spreken in den spotnaam P o e p dit woord uit met den zeer duidelijk
hoorbaren t w e e klank oe; terwijl ze, waar dit woord de andere
beteekenis heeft, slechts eenen enkelvoudigen klank laten hooren,
de u der Duitschers, de ou der Franschen. Uit nauwkeurige, en
steeds strikt volgehoudene onderscheid in uitspraak tusschen den
enkelvoudigen en den twee-klank oe, dat zoowel den Friezen als
den West- en Zee-Vlamingen thans nog bijzonder eigen is, maar
oudtijds algemeen Dietsch moet geweest zijn, verbiedt om aan te
nemen dat dit woord poep in beide beteekenissen van een en den
zelfden oorsprong zoude zijn. Maar wat het woord poep als
spotnaam dan wel zijn mag, van oorsprongswegen, het is mij niet
gelukt dit uit te vorschen.

De Friezen geven den naam P o e p wel aan de Duitschers in het

algemeen, maar in ’t bijzonder aan den Westfaalschen grasmaaier
en aan den Westfaalschen koopman in kleedingstoffen en
kleedingstukken, die met een groot pak van zijn koopwaar op den
rug, het Friesche platteland afreist, en die, ter onderscheiding van
zijnen landsman den grasmaaier, door de Friezen
F y n d o e k s p o e p genoemd wordt.

Overdrachtelijk noemt men in de Friesche gewesten (immers

Groningerland doet hierin mede, volgens Molema’s Woordenboek
der Groningsche volkstaal) een paard of eene koe van Duitsch,
gewoonlijk Oldenburgsch, zoogenoemd Bovenlandsch ras, ook
p o e p ; en zelfs eene bijzondere soort van aardappelen, ook van
Duitsche herkomst, en die anders wel „Munsterlanders” heeten,
noemt de Friesche boer p o e p e n . Ja, onze Friesche zeeman geeft
zelfs aan een schip (kof of tjalk), dat in Oost-Friesche en Weser-
Friesche havens thuis behoort, en dit door geringe afwijkingen in
bouw en tuig bemerkbaar doet zijn, den naam van p o e p .

Ook in noordelijk Noord-Holland, almede oorspronkelijk eene

Friesche gouw, is de spotnaam P o e p , G r a s p o e p , G r o e n e
P o e p voor den Duitschen Grasmaaier in gebruik, volgens Dr. G. J.
Boekenoogen’s werk De Zaansche Volkstaal, en volgens J.
Bouman’s werk De Volkstaal in Noord-Holland.

De echte Friezen in ’t land tusschen Flie en Lauwers beperken

hunnen spotnaam P o e p niet enkel tot de Duitschers. Ook de
Groningerlanders en de Drenten noemen ze P o e p e n , en [85]zelfs
de ingezetenen van de Friesche dorpen Kollum en Burum (in
uitspraak Boerum), die, ofschoon nog bewesten Lauwers wonende,
toch niet de zuivere Friesche taal spreken, maar eenen gemengden
tongval, een overgang van het Stad-Friesch tot het
Groningerlandsch—zelfs dezen moeten zich den spotnaam
P o e p e n laten welgevallen, alsof ze, door hunnen afwijkenden
tongval, reeds halve Groningerlanders, en alsof de
Groningerlanders, met hun Friso-Sassisch bloed en met hunne
Friso-Sassische gouwspraak reeds halve Duitschers waren.

Opmerkelijk is het, dat men dit woord P o e p als spotnaam ook hier
en daar elders in de Nederlanden terug vindt. De ingezetenen van
Deventer toch dragen bij de andere Overijsselaars en bij de
Gelderschen in hunne nabuurschap ook dezen naam. En ook de
Zeeuwen noemen hunne Vlaamsche en Brabantsche naburen
P o e p e n . Zoo hoorde ik in 1869 door een paar burgers van Goes
zeggen, van een gezelschap boeren en boerinnen uit de polders van
Zandvliet bij Antwerpen, die door ’t stadje Goes ronddwaalden: „’t
zijn maar P o e p e n ,” eenigszins minachtender wijze, juist zoo als
de Friezen spreken van de Duitschers. Volgens van Dale (zelf een
Zeeuwsche Vlaming), Nieuw Woordenboek der Nederlandsche taal,
is p o e p een scheldnaam dien de bewoners van Zuid-Beveland aan
de bewoners van Zeeuwsch-Vlaanderen geven. En volgens De Bo’s
Westvlaamsch Idioticon noemt men in West-Vlaanderen „iemand die
weinig verstand of weinig moed heeft,” een „dwazerik” dus, of een
„lafaard”, een „p o e p g a a i .”

De oorsprong en de verspreiding van dezen raadselachtigen

spotnaam P o e p uit te vorschen, zal zeker wel de moeite loonen.

Als eene bijzondere uiting van volkseigenaard en van speelsch

volksvernuft, dienen ten slotte nog vermeld te worden eenige
rijmkes, die van sommige gouwen en eilanden, van sommige steden
en dorpen, ook van groepen van nabij elkanderen gelegene
plaatsen, bij het volk bekend zijn, en die als ter kenschetsing dienen
van sommige bijzonderheden, aan die gouwen en plaatsen eigen.
Deze rijmkes zijn uit de zelfde bron gevloeid, waaruit ook de
spotnamen ontstaan zijn; zij komen er in aard en strekking,
veelvuldig ook in oorsprong en in eigenaardig wezen mede overeen,
ja, zijn eigenlijk slechts als eene uitbreiding [86]daarvan te
beschouwen. Ik wil slechts enkele van die rijmkes hier mededeelen,
om de aandacht daarop te vestigen van navorschers, van allen die
belang stellen in volkseigene zaken, en die zulke zaken nog in tijds
behouden willen, eer de nieuwe tijd ze uit het geheugen der
menschen zal hebben doen verdwijnen.
Over al de Nederlanden zijn deze rijmkes verspreid, en, even als de
spotnamen, ook over Oost-Friesland en andere nabij gelegene
gouwen van naburige landen, waar de bevolking met die van onze
eigene gewesten zoo menig punt van overeenkomst heeft, of
daarmede oorspronkelijk eenzelvig is. Een enkel van die
Oostfriesche rijmkes, de stad Aurik betreffende, is reeds op bladzijde
58 hiervoren medegedeeld. Anderen uit de Friesche gewesten
beoosten Eems kan men vinden in Kern en Willms, Ostfriesland
wie es denkt und spricht (Norden, 1869). Een paar rijmkes van ’t
Ameland vindt men op bladzijden 27 en 28 hiervoren vermeld. Een
paar andere uit Friesland zijn nog:

Oostergoo het land,

Westergoo het geld.
De Wouden het verstand,
De Steden het geweld.

Hier wordt op geestige wijze het kenmerkende van de drie gouwen,

Oostergoo, Westergoo en de Zevenwouden, waarin Friesland
tusschen Flie en Lauwers van ouds her verdeeld is, met de elf
steden, uiteengezet.

Dokkum is een oude stad,

Een oude stad boven maten;
Daar verkoopt men anders niet
Als taai en ook garnaten.

In der daad, de stad Dokkum dagteekent reeds uit zeer ouden tijd;
reeds ten jare 754 verkondigde Sint-Bonifacius daar het Evangelie.
Het Dokkumer taai, eene soort van grof Sint-Nicolaasgebak, is in
geheel Friesland vermaard. En wat de Dokkumer garnaten
(garnalen) aangaat, daar moet men maar niet te luide van spreken,
als er Dokkumers bij zijn (zie bladzijde 21 en vervolgens). [87]
Zeer aardig kenschetsend zijn deze twee rijmkes, van een
Utrechtsch en van een Noordbrabantsch dorp:

Neêr-Langbroek,
Die schrale hoek!
Daar wonen niets dan edellui
En bedellui,
Ridders
En broodbidders;
Daar staan anders niet als kasteelen en nesten,
Sterkenburg is het beste.

Loon-op-Zand,
Licht volk, licht land;
Ze schooien den kost.
En ze stelen den brand. 16

Tamelijk onbeduidend daarentegen is het volgende rijmke van drie

Zeeuwsch-Vlaamsche dorpen Breskens, Schoondijke en de Groede:

De Bressianen
Zijn hanen,
Maar voor Schoondijke
Moeten ze wijken,
En komen die van de Groe,
Dan houden ze beter hun deuren maar toe!

Veelal heerscht in deze rijmkes een schimpende, smalende toon

tegenover andere naburige plaatsen, afgewisseld met lof voor de
eigene woonplaats. Bij voorbeeld uit Drente:

Koevorden is een fraaie stad,

Dalen is een moddergat,
 Wachtum is een eendepoel,
Hesselen is een koningsstoel.

Of uit Overijssel en Gelderland:

Deventer is een koopstad,

Zutfen is een loopstad,
Lochem is nog wat,
Maar Borkeloo is een hondegat.

[88]

Van groote ingenomenheid met zich zelven getuigt het volgende rijm
van sommige Noordhollandsche steden, dat bij de
Monnikendammers in zwang is:

Amsterdam ligt aan het IJ,

Monnikendam daar wonen wij;
Edam is een nest,
Hoorn doet zijn best,
Enkhuizen staat op tonnen.
Medemblik heeft het gewonnen.

Aardig is het rijmke van Kootwijk, een zeer nederig dorpke op de

Veluwe:

Kootwijk is een zoetendal,

En die er is die blijft er al.

Zoetendal, ten Sueten dale—dat klinkt zoo middeleeuwsch liefelijk!

Wie weet hoe oud dit rijm al is!

Ten slotte kan ik nog een zeer bijzonder rijm hier mede deelen, dat
betrekking heeft op de Friesche eilandenreeks die zich uitstrekt
tusschen de Weser en het Marsdiep, en dat door mij is
opgeschreven uit den mond van eenen Frieschen schipperszoon,
die met de tjalk van zijnen vader wel oostwaarts naar Emden,
Bremen en Hamburg, en wel zuidwaarts naar Amsterdam,
Rotterdam, Dordrecht en Antwerpen voer. Het rijm is niet in de
eigenlijke Friesche taal opgesteld, maar in het zoogenoemde Stad-
Friesch of „Stêdsk”, dat is Oud-Dietsch met Friesche woorden en
woordvormen vermengd, en met eenen Frieschen mond
uitgesproken.

Wrangero de skoone,
Spikeroog de krone,
Langeroog is ’n butterfat
En Baltrum is ’n sangat.
En de Norderneyers frete har mar half sat
Juust dat is ’n rooverland;
En Borkum is ’n tooverland;
Rottumeroog is ’n klein land,
Mar Skiermonnikoog is sterk bemand:
De Amelander skalken
Hewwe stolen drie balken,
Avons in ’e maneskijn,
Daarom sal ’t har wapen sijn. [89]
Skilingen het ’n hooge toren,
Flielan het siin naam ferloren,
Tessel is mar ’n seegat,
De Helderse T r a a n b o k k e n segge dat.

Eenige opmerkingen mogen dit rijm nader toelichten.

Wrangero (ook de visscherlieden van Urk, die ter uitoefening van

hun bedrijf op de Noordzee wel tot bij dit eiland komen, spreken
dezen naam nog op deze Oud-Friesche wijze uit)—Wrangero is een
oude en zeer goede, oorspronkelijk Friesche naamsvorm, ouder en
beter dan Wangeroog of Wangerooge, zoo als dit eiland thans in ’t
geijkte Nederlandsch en Hoogduitsch heet. Oudtijds woonde aan
den vasten wal, aan de Noordzeekust waar dit eiland tegenover ligt,
westelijk van den Wesermond, een Friesche volksstam, Wranger-
Friezen genoemd. (Hunne rechtstreeksche nakomelingen wonen
daar nog heden in het thans zoo genoemde Jeverland en
Butjadingerland). Toenmaals noemde men het land dier Wranger-
Friezen Wrangerland, en het eiland daarnevens in de Noordzee:
Wrangero, Wranger-o. De woordvormen o, oe (eu) ei (in ons woord
eiland nog bestaande en in den eilandsnaam Nordernei eveneens)
zijn oorspronkelijk eenzelvig met het hedendaagsche oog, in
Süderoog (Noord-Friesland), Wangeroog, (Weser-Friesland),
Langeroog (Oost-Friesland), Schiermonnikoog (Friesland tusschen
Flie en Lauwers), Valkoog (West-Friesland of Noord-Holland), enz.

Skilingen is de Friesche naamsvorm voor ’t eiland ter Schelling,

beter Schellingerland, dat in het dorp Wester-Schelling in der daad
eenen zeer hoogen toren heeft, de vuurtoren of Brandaris, die het
geheele zeegat van ’t Flie verlicht.

Flieland heeft althans voor de helft zijnen naam verloren. De

westelijke helft van dit eiland, met het aldaar gelegene dorp West-
Flieland is in de 17de eeuw ten deele, maar in de vorige eeuw
volkomen door de zee vernield en weggeslagen. Er is daar nog maar
eene zandplaat van over, die nu de Hors heet. Inderdaad, „Flieland
heeft zijn naam verloren.”

Dit is het einde van mijn opstel over spotnamen, spotrijmen, enz.
Mogen anderen hierin aanleiding vinden dit belangrijke onderwerp
nog eens beter en uitvoeriger te behandelen. [90]
[Inhoud]

BRONNEN EN LITTERATUUR OVER

SPOTNAMEN, ENZ.

Het tijdschrift De Navorscher (Amsterdam, 1851 en vervolgens), in

verschillende jaargangen. Men zie de Algemeene Registers, op
„Namen (Nederlandsche Spot- en Scheldnamen).”

Ons Volksleven. Tijdschrift voor taal-, volks- en oudheidkunde, onder

leiding van Jos. Cornelissen en J. B. Vervliet. Brecht (bij
Braeckmans, 1889 en vervolgens) in verschillende jaargangen.

A. Mertens, Iets over de spotnamen onzer Belgische steden.

Antwerpen, 1847.

Friesland en de Friezen (Plaatselijke schimpnamen). Leeuwarden,

1877.

Dr. E. Laurillard, Vlechtwerk. Amsterdam, 1880. Idem,

Sprokkelhout. Amsterdam, 1887. Idem, Op uw’ stoel door uw land.
Amsterdam, 1891. [91]

1 Vermoedelijk komen soortgelijke spotnamen als de Nederlandsche, wel in alle

landen en bij alle volken voor. Eenigen van die namen uit Duitschland vindt men
vermeld in het Korrespondenzblatt des Vereins für Niederdeutsche
Sprachforschung, VIII, 47; en anderen uit Frankrijk in De Navorscher, XV, 318. En
wat Engeland aan gaat, de spotnaam van de Londenaars, Cockneys, is daar
algemeen bekend. ↑
2 De Dokkumer kleermaker spreekt hier natuurlijk ook de dagelijksche spreektaal
van Dokkum—dat is: gewoon stad-Friesch, met enkele bijzonderheden. Bij
voorbeeld: Luwarden en sil, waar de Leeuwarders Leewarden en sal zeggen. Ook
brengt de Dokkumer tongval meê, dat de lange a eenigermate naar den aai klank
zweemende wordt uitgesproken. Van daar dat andere Friesche stedelingen de