Here are my research papers all published in IEEE conferences and Journals.
|Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks
|Cloud computing is still in its infancy in regards to its software as services (SAS), web services, utility computing and platform as services (PAS). All of these have remained individualized systems that you still need to plug into, even though these systems are heading towards full integration. One of the most serious threats to cloud computing itself comes from HTTP Denial of Service or XML-Based Denial of Service attacks. These types of attacks are simple and easy to implement by the attacker, but to security experts they are twice as difficult to stop. In this paper, we recreate some of the current attacks that attackers may initiate as HTTP and XML. We also offer a solution to traceback through our Cloud TraceBack (CTB) to find the source of these attacks, and introduce the use of a back propagation neutral network, called Cloud Protector, which was trained to detect and filter such attack traffic. Our results show that we were able to detect and filter most of the attack messages and were able to identify the source of the attack within a short period of time.
|Chaos theory based detection against network mimicking DDoS attacks
|DDoS attack traffic is difficult to differentiate from legitimate network traffic during transit from the attacker, or zombies, to the victim. In this paper, we use the theory of network self-similarity to differentiate DDoS flooding attack traffic from legitimate self-similar traffic in the network. We observed that DDoS traffic causes a strange attractor to develop in the pattern of network traffic. From this observation, we developed a neural network detector trained by our DDoS prediction algorithm. Our preliminary experiments and analysis indicate that our proposed chaotic model can accurately and effectively detect DDoS attack traffic. Our approach has the potential to not only detect attack traffic during transit, but to also filter it
|Defending Grid Web Services from XDoS attacks by SOTA
|9-13th March, 2009
|Grid Web Services are still relevantly a new to business systems, and as more systems are being attached to it, any threat to it could bring collapse and huge harm. Some of these potential threats to Grid Web services come in a new form of a new denial of service attack (DoS), called XML Denial of Service or XDOS attacks. Though, as yet, there have not been any reported attacks from the media, we have observed these attacks are actually far less complex to implement than any previous Denial of Service (DoS), but still just as affective. Current security applications for grid web services (WS-Security for example), based on our observations, and are not up to job of handling the problem. In this paper, we build on our previous work called Service Oriented Traceback Architecture (SOTA), and apply our model to Grid Networks that employ web services. We further introduce a filter defence system, called XDetector, to work in combination with SOTA. Our results show that SOTA in conjunction with XDetector makes for an effective defence against XDoS attacks and upcoming DXDoS.
|Protecting Information Systems from DDoS Attack Using Multicore Methodology
|8-11 July 2008
|Previous work, in the area of defense systems has focused on developing a firewall like structure, in order to protect applications from attacks. The major drawback for implementing security in general, is that it affects the performance of the application they are trying to protect. In fact, most developers avoid implementing security at all. With the coming of new multicore systems, we might at last be able to minimize the performance issues that security places on applications. In our bodyguard framework we propose a new kind of defense that acts alongside, not in front, of applications. This means that performance issues that effect system applications are kept to a minimum, but at the same time still provide high grade security. Our experimental results demonstrate that a ten to fifteen percent speedup in performance is possible, with the potential of greater speedup.
|Multi-Core Defense System (MSDS) for Protecting Computer Infrastructure against DDoS Attacks
|1-4 December, 2008
|Distributed Denial of Service attacks is one of the most challenging areas to deal with in Security. Not only do security managers have to deal with flood and vulnerability attacks. They also have to consider whether they are from legitimate or malicious attackers. In our previous work we developed a framework called bodyguard, which is to help security software developers from the current serialized paradigm, to a multi-core paradigm. In this paper, we update our research work by moving our bodyguard paradigm, into our new Ubiquitous Multi-Core Framework. From this shift, we show a marked improvement from our previous result of 20% to 110% speedup performance with an average cost of 1.5 ms. We also conducted a second series of experiments, which we trained up Neural Network, and tested it against actual DDoS attack traffic. From these experiments, we were able to achieve an average of 93.36%, of this attack traffic.
|Protecting web services with Service Oriented Traceback Architecture.
|8-11 July 2008
|Service oriented architecture (SOA) is a way of reorganizing software infrastructure into a set of service abstracts. In the area of applying SOA to Web service security, there have been some well defined security dimensions. However, current Web security systems, like WS-Security are not efficient enough to handle distributed denial of service (DDoS) attacks. Our new approach, service oriented traceback architecture (SOTA), provides a framework to be able to identify the source of an attack. This is accomplished by deploying our defence system at distributed routers, in order to examine the incoming SOAP messages and place our own SOAP header. By this method, we can then use the new SOAP header information, to traceback through the network the source of the attack. According to our experimental performance evaluations, we find that SOTA is quite scaleable, simple and quite effective at identifying the source.
|Ubiquitous Multicore (UM) Methodology for Multimedia
|13-15 Oct. 2008
|For at least a decade or more, multimedia developers have taken for granted, that each generation of microprocessors would lead them to modify their application, in order make them run substantially faster. This so-called 'free' ride seems to be coming to an end, with results in increased clock speeds, the widening of the gap in processor and memory performance, and the tradeoffs that are needed to meet the former two points. In this paper, we propose a ubiquitous multicore (UM) design, in order to speed up computations and allow real-time multimedia. To accomplish this objective, we separate out the different multimedia and place them on their own separate core processors. For example, a manager trains his/her staff on security, by utilizing different multimedia. For example, showing a visual documentary on security which asks staff members questions, records their answers and updates the manager in real-time. As our experiments show, our UM system increases performance speeds at an average of 100%, with the average execution cost of 1.4 ms, which shows multimedia resources are being used more efficiently and effectively.
|Detecting and Tracing DDoS Attacks by Intelligent Decision Prototype
|17-21 March 2008
|Over the last couple of months a large number of distributed denial of service (DDoS) attacks have occurred across the world, especially targeting those who provide Web services. IP traceback, a counter measure against DDoS, is the ability to trace IP packets back to the true source/s of the attack. In this paper, an IP traceback scheme using a machine learning technique called intelligent decision prototype (IDP), is proposed. IDP can be used on both probabilistic packet marking (PPM) and deterministic packet marking (DPM) traceback schemes to identify DDoS attacks. This will greatly reduce the packets that are marked and in effect make the system more efficient and effective at tracing the source of an attack compared with other methods. IDP can be applied to many security systems such as data mining, forensic analysis, intrusion detection systems (IDS) and DDoS defense systems.
|Protecting web services from DDoS attacks by SOTA
|17-21 March 2008
|In the area of SOA and Web Service Security,many well defined security dimensions have been established. However, current Web Security Systems (WS-Security for example) are not equipped to handle Distributed Denial of Service (DDoS) attacks. In this paper we extend upon our previous work on, Service Oriented Traceback Architecture (SOTA), in order to defend WebServices against such attacks. SOTA’s main objective is to identify the true identity of forged messages, since an attacker tries to hide their identity, in which to avoid current defence systems and escape prosecution. To accomplish the main objective, SOTA should be attached as close to the source of the attack. When an incoming SOAP message comes into the router, it is tagged with our own SOAP header. The header can be used to traverse the network back to the true source of the attack. According to our experimental evaluations we find that SOTA is simple and effective to use against DDoS attacks.
|Detecting and Mitigating HX-DoS Attacks against Cloud Web Services
|26-28 Sept. 2012
|Cyber-Physical Systems allow for the interaction of the cyber world and physical worlds using as a central service called Cloud Web Services. Cloud Web Services can sit well within three models of Cyber-Physical Systems, Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), and Infrastructure-as-a-Service (IaaS). With any Cyber-Physical system use Cloud Web Services it inherits a security problem, the HX-DoS attack. HX-DoS attack is a combination of HTTP and XML messages that are intentionally sent to flood and destroy the communication channel of the cloud service provider. The relevance of this research is that TCP/IP flood attacks are a common problem and a lot of research to mitigate them has previously been discussed. But HTTP denial of service and XML denial of service problem has only been addressed in a few papers. In this paper, we get closer to closing this gap on this problem with our new defence system called Pre-Decision, Advance Decision, Learning System (ENDER). In our previous experiments using our Cloud Protector, we were successful at detecting and mitigate 91% with a 9% false positive of HX-DoS attack traffic. In this paper, ENDER was able to improve upon this result by being trained and tested on the same data, but with a greater result of 99% detection and 1% false positive.
|Multi-core Security Defense System (MSDS)
|7-10 Dec. 2008
|Today's security program developers are not only facing an uphill battle of developing and implementing. But now have to take into consideration, the emergence of next generation of multi-core system, and its effect on security application design. In our previous work, we developed a framework called bodyguard. The objective of this framework was to help security software developers, shift from their use of serialized paradigm, to a multi-core paradigm. Working within this paradigm, we developed a security bodyguard system called Farmer. This abstract framework placed particular applications into categories, like security or multi-media, which were ran on separate core processors within the multi-core system. With further analysis of the bodyguard paradigm, we found that this paradigm was suitable to be used in other computer science areas, such as spam filtering and multi-media. In this paper, we update our research work within the bodyguard paradigm, and showed a marked improvement of 110% speedup performance with an average cost of 1.5 ms.
|Protecting web services from distributed denial of service attacks
|The outcome of the research was the development of three network defence systems to protect corporate network infrastructure. The results showed that these defences were able to detect and filter around 94% of the DDoS attack traffic within a matter of seconds.
|Link to show a description
Here are my research papers that I published with other authors.
|A Generic Framework for Three-Factor Authentication: Preserving Security and Privacy in Distributed Systems
|As part of the security within distributed systems, various services and resources need protection from unauthorized use. Remote authentication is the most commonly used method to determine the identity of a remote client. This paper investigates a systematic approach for authenticating clients by three factors, namely password, smart card, and biometrics. A generic and secure framework is proposed to upgrade two-factor authentication to three-factor authentication. The conversion not only significantly improves the information assurance at low cost but also protects client privacy in distributed systems. In addition, our framework retains several practice-friendly properties of the underlying two-factor authentication, which we believe is of independent interest.
|Intelligent energy management control of vehicle air conditioning via look-ahead system
|Air conditioning systems (A/C) significantly increase the energy consumption of a vehicle and negatively influence its performance. A/C can be considered the main auxiliary load on a vehicle engine when it is operating. Thus, there are significant savings to be made by operating an A/C system smartly, both in terms of running costs and the effect on the environment. This paper presents an intelligent energy management system that is able to reduce the energy consumption of a vehicle with an air conditioning system and improve its efficiency by using the look-ahead system uses information from various information systems to make intelligent decisions. The new energy management system features: a prediction of road power demand by using look-ahead control of vehicle systems, an intelligent control strategy to manage the operation of the A/C, the blower, and the gates, to provide the optimum comfort temperature with the consideration of the in cabin air quality while minimizing energy consumption. Two simulations are performed by using the developed fuzzy air conditioning enhanced look-ahead System and ordinary fuzzy air conditioning and then the results are compared together with the results from Coordinated Energy Management System (CEMS). The results of fuzzy air conditioning enhanced with look-ahead system demonstrate it is capable of saving 12% and 3% more energy comparing with CEMS and ordinary fuzzy air conditioning system respectively.
|Download Note: I don't believe my name should be on this paper since I just assisted Dr Khayyam a little abit in 2011. I place this paper in order for you to download a great paper from a great man.
|Multi-classifier Classification of Spam Email on a Ubiquitous Multi-core Architecture
|October, 18-21, 2008
|This paper presents an innovative fusion based multi-classifier email classification on a ubiquitous multi-core architecture. Many approaches use text-based single classifiers or multiple weakly trained classifiers to identify spam messages from a large email corpus. We build upon our previous work on multi-core by apply our ubiquitous multi-core framework to run our fusion based multi-classifier architecture. By running each classifier process in parallel within their dedicated core, we greatly improve the performance of our proposed multi-classifier based filtering system. Our proposed architecture also provides a safeguard of user mailbox from different malicious attacks. Our experimental results show that we achieved an average of 30% speedup at the average cost of 1.4 ms. We also reduced the instance of false positive, which is one of the key challenges in spam filtering system, and increases email classification accuracy substantially compared with single classification techniques.
|Assessing the level of I.T. security culture improvement: Results from three Australian SMEs
|November, 3-5, 2009
|Transitioning towards an improved IT security culture that fosters desired IT security behaviour and attitudes in individuals is pertinent to any organizational IT security strategy. To improve the current IT security culture of an organization and its members, an initial assessment covering four core questions was necessary to determine how much of an improvement was needed. The assessments and data collection techniques and corresponding results and findings are presented and discussed. The implications of this research will be of great benefit to both practitioners wanting to improve IT security culture and awareness in their organization, and will help to fill the lack empirical research within the academic field of IT security.
|Link to a download
|Adjacency Cache: Fast Web Cache Indexing and Lookup
|July, 11-13, 2007
|This paper describes the design and evaluation of a peer-to-peer cache indexing system, which can be used to integrate the resources of locally available web pages into a globally addressable index using a distributed hash table. The salient feature of the indexing system's design is the efficient dissemination of cache index information using a next-URL index which allows cache clients to determine ahead of time whether linked content is also available at a remote cache. In addition, conventional optimizations such as in browser caching and batching of index write requests are also used. These optimizations are evaluated using trace-driven simulation and the results show that these design trade-offs improve cache lookup performance.
|Link to Download
|POEM, A 3-dimensional exon taxonomy and patterns in untranslated exons
|September, 20th, 2008
|The existence of exons and introns has been known for thirty years. Despite this knowledge, there is a lack of formal research into the categorization of exons. Exon taxonomies used by researchers tend to be selected ad hoc or based on an information poor de-facto standard. Exons have been shown to have specific properties and functions based on among other things their location and order. These factors should play a role in the naming to increase specificity about which exon type(s) are in question.
|Link to download
|Image Indexing for Learning Content via a Mobile Phone
|May 17, 2010
|Mobile devices and especially mobile phones are being seen as an added opportunity for learning. Few problems are being faced today with content presentation on a mobile phone, as some mobile phones have limited capabilities and have small screen size which in fact is limiting proper display of learning content. We believe that if images are being indexed for mobile phones retrieval and stored on the server side, then a particular image could be retrieve in the least possible time via the mobile phone client. Lectures slides are normally in PowerPoint format by converting slides into images, we are providing efficient display modularity on a mobile phone platform, this ensures system scalability and efficiency as the communication between the mobile client and the server is being dramatically reduced for efficient display and retrieval.
|Link to Download
|E-Learning Over Mobile Phone Technology: Best Practices and Guidelines
|Over the past decade, we have seen a large advancement in picture and sound quality that is now offered through mobile phones. Through this advancement we have now seen the development of mobile phones that have cameras that can take picture and videos. They can also play music, provide internet services, pay-per-view TV, radio, and even hi-res computer games are now becoming available to mobile phone users. With all these available services that are now offered through mobile phone, we now believe that those who provide E-learning materials can now provide their presentations that is clear and concise, but also make their materials fun and enjoyable so that it does not have the opposite effect of learning. In this brief paper, we covered some of the best practices and guidelines that course designers could use in guiding them to provide Elearning material over mobile phones.
|Link to Download
|Introducing a Novel Hybrid Algorithm for a Client-Server Mobile Learning System
|Mar 05, 2012
|This paper is based on previous publications and work by the same authors during the implementation of a client-server mobile learning system called Image Indexing for Mobile Phone (ID4MP). The system has a good feature of efficiency, accuracy and performance in retrieving and delivering learning content to students' mobile phones. The system was developed based on a new hybrid algorithm called Ferial Hybrids Algorithm (FHSA). Content-based and Concept-based indexing are described, and the versatile new FHSA algorithm is introduced. This algorithm is unique as it combines Content-based and Concept-based indexing methods to form an efficient, accurate and novel retrieving mechanism. In this paper, we explain this new hybrid algorithm and its robust functionality when combining two indexing methods (Content-based and Concept-based) to retrieve learning content from the server to the client. This system can be implemented in educational institutions and can be made accessible to teachers and students.
|Link to Download