Visible to the public Biblio

Found 859 results

Filters: First Letter Of Last Name is A  [Clear All Filters]
[A] B C D E F G H I J K L M N O P Q R S T U V W X Y Z   [Show ALL]
A
Abate, Carmine, Blanco, Roberto, Garg, Deepak, Hritcu, Catalin, Patrignani, Marco, Thibault, Jérémy.  2019.  Journey Beyond Full Abstraction: Exploring Robust Property Preservation for Secure Compilation. 2019 IEEE 32nd Computer Security Foundations Symposium (CSF). :256–25615.
Good programming languages provide helpful abstractions for writing secure code, but the security properties of the source language are generally not preserved when compiling a program and linking it with adversarial code in a low-level target language (e.g., a library or a legacy application). Linked target code that is compromised or malicious may, for instance, read and write the compiled program's data and code, jump to arbitrary memory locations, or smash the stack, blatantly violating any source-level abstraction. By contrast, a fully abstract compilation chain protects source-level abstractions all the way down, ensuring that linked adversarial target code cannot observe more about the compiled program than what some linked source code could about the source program. However, while research in this area has so far focused on preserving observational equivalence, as needed for achieving full abstraction, there is a much larger space of security properties one can choose to preserve against linked adversarial code. And the precise class of security properties one chooses crucially impacts not only the supported security goals and the strength of the attacker model, but also the kind of protections a secure compilation chain has to introduce. We are the first to thoroughly explore a large space of formal secure compilation criteria based on robust property preservation, i.e., the preservation of properties satisfied against arbitrary adversarial contexts. We study robustly preserving various classes of trace properties such as safety, of hyperproperties such as noninterference, and of relational hyperproperties such as trace equivalence. This leads to many new secure compilation criteria, some of which are easier to practically achieve and prove than full abstraction, and some of which provide strictly stronger security guarantees. For each of the studied criteria we propose an equivalent “property-free” characterization that clarifies which proof techniques apply. For relational properties and hyperproperties, which relate the behaviors of multiple programs, our formal definitions of the property classes themselves are novel. We order our criteria by their relative strength and show several collapses and separation results. Finally, we adapt existing proof techniques to show that even the strongest of our secure compilation criteria, the robust preservation of all relational hyperproperties, is achievable for a simple translation from a statically typed to a dynamically typed language.
Abazar, T., Masjedi, P., Taheri, M..  2020.  A Binary Relevance Adaptive Model-Selection for Ensemble Steganalysis. 2020 17th International ISC Conference on Information Security and Cryptology (ISCISC). :77—81.

Steganalysis is an interesting classification problem in order to discriminate the images, including hidden messages from the clean ones. There are many methods, including deep CNN networks to extract fine features for this classification task. Nevertheless, a few researches have been conducted to improve the final classifier. Some state-of-the-art methods try to ensemble the networks by a voting strategy to achieve more stable performance. In this paper, a selection phase is proposed to filter improper networks before any voting. This filtering is done by a binary relevance multi-label classification approach. The Logistic Regression (LR) is chosen here as the last layer of network for classification. The large-margin Fisher’s linear discriminant (FLD) classifier is assigned to each one of the networks. It learns to discriminate the training instances which associated network is suitable for or not. Xu-Net, one of the most famous state-of-the-art Steganalysis models, is chosen as the base networks. The proposed method with different approaches is applied on the BOSSbase dataset and is compared with traditional voting and also some state-of-the-art related ensemble techniques. The results show significant accuracy improvement of the proposed method in comparison with others.

Abbas, H., Suguri, H., Yan, Z., Allen, W., Hei, X. S..  2020.  IEEE Access Special Section: Security Analytics and Intelligence for Cyber Physical Systems. IEEE Access. 8:208195—208198.

A Cyber Physical System (CPS) is a smart network system with actuators, embedded sensors, and processors to interact with the physical world by guaranteeing the performance and supporting real-time operations of safety critical applications. These systems drive innovation and are a source of competitive advantage in today’s challenging world. By observing the behavior of physical processes and activating actions, CPS can alter its behavior to make the physical environment perform better and more accurately. By definition, CPS basically has two major components including cyber systems and physical processes. Examples of CPS include autonomous transportation systems, robotics systems, medical monitoring, automatic pilot avionics, and smart grids. Advances in CPS will empower scalability, capability, usability, and adaptability, which will go beyond the simple systems of today. At the same time, CPS has also increased cybersecurity risks and attack surfaces. Cyber attackers can harm such systems from multiple sources while hiding their identities. As a result of sophisticated threat matrices, insufficient knowledge about threat patterns, and industrial network automation, CPS has become extremely insecure. Since such infrastructure is networked, attacks can be prompted easily without much human participation from remote locations, thereby making CPS more vulnerable to sophisticated cyber-attacks. In turn, large-scale data centers managing a huge volume of CPS data become vulnerable to cyber-attacks. To secure CPS, the role of security analytics and intelligence is significant. It brings together huge amounts of data to create threat patterns, which can be used to prevent cyber-attacks in a timely fashion. The primary objective of this Special Section in IEEE A CCESS is to collect a complementary and diverse set of articles, which demonstrate up-to-date information and innovative developments in the domain of security analytics and intelligence for CPS.

Abbas, M. S., Mahdi, S. S., Hussien, S. A..  2020.  Security Improvement of Cloud Data Using Hybrid Cryptography and Steganography. 2020 International Conference on Computer Science and Software Engineering (CSASE). :123–127.
One of the significant advancements in information technology is Cloud computing, but the security issue of data storage is a big problem in the cloud environment. That is why a system is proposed in this paper for improving the security of cloud data using encryption, information concealment, and hashing functions. In the data encryption phase, we implemented hybrid encryption using the algorithm of AES symmetric encryption and the algorithm of RSA asymmetric encryption. Next, the encrypted data will be hidden in an image using LSB algorithm. In the data validation phase, we use the SHA hashing algorithm. Also, in our suggestion, we compress the data using the LZW algorithm before hiding it in the image. Thus, it allows hiding as much data as possible. By using information concealment technology and mixed encryption, we can achieve strong data security. In this paper, PSNR and SSIM values were calculated in addition to the graph to evaluate the image masking performance before and after applying the compression process. The results showed that PSNR values of stego-image are better for compressed data compared to data before compression.
Abbas, Syed Ghazanfar, Hashmat, Fabiha, Shah, Ghalib A..  2020.  A Multi-layer Industrial-IoT Attack Taxonomy: Layers, Dimensions, Techniques and Application. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1820—1825.

Industrial IoT (IIoT) is a specialized subset of IoT which involves the interconnection of industrial devices with ubiquitous control and intelligent processing services to improve industrial system's productivity and operational capability. In essence, IIoT adapts a use-case specific architecture based on RFID sense network, BLE sense network or WSN, where heterogeneous industrial IoT devices can collaborate with each other to achieve a common goal. Nonetheless, most of the IIoT deployments are brownfield in nature which involves both new and legacy technologies (SCADA (Supervisory Control and Data Acquisition System)). The merger of these technologies causes high degree of cross-linking and decentralization which ultimately increases the complexity of IIoT systems and introduce new vulnerabilities. Hence, industrial organizations becomes not only vulnerable to conventional SCADA attacks but also to a multitude of IIoT specific threats. However, there is a lack of understanding of these attacks both with respect to the literature and empirical evaluation. As a consequence, it is infeasible for industrial organizations, researchers and developers to analyze attacks and derive a robust security mechanism for IIoT. In this paper, we developed a multi-layer taxonomy of IIoT attacks by considering both brownfield and greenfield architecture of IIoT. The taxonomy consists of 11 layers 94 dimensions and approximately 100 attack techniques which helps to provide a holistic overview of the incident attack pattern, attack characteristics and impact on industrial system. Subsequently, we have exhibited the practical relevance of developed taxonomy by applying it to a real-world use-case. This research will benefit researchers and developers to best utilize developed taxonomy for analyzing attack sequence and to envisage an efficient security platform for futuristic IIoT applications.

Abbas, W., Koutsoukos, X..  2015.  Efficient Complete Coverage Through Heterogeneous Sensing Nodes. Wireless Communications Letters, IEEE. 4:14-17.

We investigate the coverage efficiency of a sensor network consisting of sensors with circular sensing footprints of different radii. The objective is to completely cover a region in an efficient manner through a controlled (or deterministic) deployment of such sensors. In particular, it is shown that when sensing nodes of two different radii are used for complete coverage, the coverage density is increased, and the sensing cost is significantly reduced as compared to the homogeneous case, in which all nodes have the same sensing radius. Configurations of heterogeneous disks of multiple radii to achieve efficient circle coverings are presented and analyzed.

Abbas, W., Laszka, A., Vorobeychik, Y., Koutsoukos, X..  2017.  Improving network connectivity using trusted nodes and edges. 2017 American Control Conference (ACC). :328–333.

Network connectivity is a primary attribute and a characteristic phenomenon of any networked system. A high connectivity is often desired within networks; for instance to increase robustness to failures, and resilience against attacks. A typical approach to increasing network connectivity is to strategically add links; however adding links is not always the most suitable option. In this paper, we propose an alternative approach to improving network connectivity, that is by making a small subset of nodes and edges “trusted,” which means that such nodes and edges remain intact at all times and are insusceptible to failures. We then show that by controlling the number of trusted nodes and edges, any desired level of network connectivity can be obtained. Along with characterizing network connectivity with trusted nodes and edges, we present heuristics to compute a small number of such nodes and edges. Finally, we illustrate our results on various networks.

Abbas, Waseem, Perelman, Lina Sela, Amin, Saurabh, Koutsoukos, Xenofon.  2015.  An Efficient Approach to Fault Identification in Urban Water Networks Using Multi-Level Sensing. Proceedings of the 2Nd ACM International Conference on Embedded Systems for Energy-Efficient Built Environments. :147–156.

The objective of this work is to develop an efficient and practical sensor placement method for the failure detection and localization in water networks. We formulate the problem as the minimum test cover problem (MTC) with the objective of selecting the minimum number of sensors required to uniquely identify and localize pipe failure events. First, we summarize a single-level sensing model and discuss an efficient fast greedy approach for solving the MTC problem. Simulation results on benchmark test networks demonstrate the efficacy of the fast greedy algorithm. Second, we develop a multi-level sensing model that captures additional physical features of the disturbance event, such as the time lapsed between the occurrence of disturbance and its detection by the sensor. Our sensor placement approach using MTC extends to the multi-level sensing model and an improved identification performance is obtained via reduced number of sensors (in comparison to single-level sensing model). In particular, we investigate the bi-level sensing model to illustrate the efficacy of employing multi-level sensors for the identification of failure events. Finally, we suggest extensions of our approach for the deployment of heterogeneous sensors in water networks by exploring the trade-off between cost and performance (measured in terms of the identification score of pipe/link failures).

Abbas, Waseem, Laszka, Aron, Vorobeychik, Yevgeniy, Koutsoukos, Xenofon.  2015.  Scheduling Intrusion Detection Systems in Resource-Bounded Cyber-Physical Systems. Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy. :55–66.

In order to be resilient to attacks, a cyber-physical system (CPS) must be able to detect attacks before they can cause significant damage. To achieve this, \emph{intrusion detection systems} (IDS) may be deployed, which can detect attacks and alert human operators, who can then intervene. However, the resource-constrained nature of many CPS poses a challenge, since reliable IDS can be computationally expensive. Consequently, computational nodes may not be able to perform intrusion detection continuously, which means that we have to devise a schedule for performing intrusion detection. While a uniformly random schedule may be optimal in a purely cyber system, an optimal schedule for protecting CPS must also take into account the physical properties of the system, since the set of adversarial actions and their consequences depend on the physical systems. Here, in the context of water distribution networks, we study IDS scheduling problems in two settings and under the constraints on the available battery supplies. In the first problem, the objective is to design, for a given duration of time $T$, scheduling schemes for IDS so that the probability of detecting an attack is maximized within that duration. We propose efficient heuristic algorithms for this general problem and evaluate them on various networks. In the second problem, our objective is to design scheduling schemes for IDS so that the overall lifetime of the network is maximized while ensuring that an intruder attack is always detected. Various strategies to deal with this problem are presented and evaluated for various networks.

Abbas, Waseem, Perelman, Lina Sela, Amin, Saurabh, Koutsoukos, Xenofon.  2017.  Resilient Sensor Placement for Fault Localization in Water Distribution Networks. Proceedings of the 8th International Conference on Cyber-Physical Systems. :165–174.

In this paper, we study the sensor placement problem in urban water networks that maximizes the localization of pipe failures given that some sensors give incorrect outputs. False output of a sensor might be the result of degradation in sensor's hardware, software fault, or might be due to a cyber attack on the sensor. Incorrect outputs from such sensors can have any possible values which could lead to an inaccurate localization of a failure event. We formulate the optimal sensor placement problem with erroneous sensors as a set multicover problem, which is NP-hard, and then discuss a polynomial time heuristic to obtain efficient solutions. In this direction, we first examine the physical model of the disturbance propagating in the network as a result of a failure event, and outline the multi-level sensing model that captures several event features. Second, using a combinatorial approach, we solve the problem of sensor placement that maximizes the localization of pipe failures by selecting m sensors out of which at most e give incorrect outputs. We propose various localization performance metrics, and numerically evaluate our approach on a benchmark and a real water distribution network. Finally, using computational experiments, we study relationships between design parameters such as the total number of sensors, the number of sensors with errors, and extracted signal features.

Abbasi, Ali, Wetzels, Jos, Holz, Thorsten, Etalle, Sandro.  2019.  Challenges in Designing Exploit Mitigations for Deeply Embedded Systems. 2019 IEEE European Symposium on Security and Privacy (EuroS P). :31–46.

Memory corruption vulnerabilities have been around for decades and rank among the most prevalent vulnerabilities in embedded systems. Yet this constrained environment poses unique design and implementation challenges that significantly complicate the adoption of common hardening techniques. Combined with the irregular and involved nature of embedded patch management, this results in prolonged vulnerability exposure windows and vulnerabilities that are relatively easy to exploit. Considering the sensitive and critical nature of many embedded systems, this situation merits significant improvement. In this work, we present the first quantitative study of exploit mitigation adoption in 42 embedded operating systems, showing the embedded world to significantly lag behind the general-purpose world. To improve the security of deeply embedded systems, we subsequently present μArmor, an approach to address some of the key gaps identified in our quantitative analysis. μArmor raises the bar for exploitation of embedded memory corruption vulnerabilities, while being adoptable on the short term without incurring prohibitive extra performance or storage costs.

Abbasi, Milad Haji, Majidi, Babak, Eshghi, Moahmmad, Abbasi, Ebrahim Haji.  2019.  Deep Visual Privacy Preserving for Internet of Robotic Things. 2019 5th Conference on Knowledge Based Engineering and Innovation (KBEI). :292—296.

In the past few years, visual information collection and transmission is increased significantly for various applications. Smart vehicles, service robotic platforms and surveillance cameras for the smart city applications are collecting a large amount of visual data. The preservation of the privacy of people presented in this data is an important factor in storage, processing, sharing and transmission of visual data across the Internet of Robotic Things (IoRT). In this paper, a novel anonymisation method for information security and privacy preservation in visual data in sharing layer of the Web of Robotic Things (WoRT) is proposed. The proposed framework uses deep neural network based semantic segmentation to preserve the privacy in video data base of the access level of the applications and users. The data is anonymised to the applications with lower level access but the applications with higher legal access level can analyze and annotated the complete data. The experimental results show that the proposed method while giving the required access to the authorities for legal applications of smart city surveillance, is capable of preserving the privacy of the people presented in the data.

Abd Aziz, N., Udzir, N.I., Mahmod, R..  2014.  Performance analysis for extended TLS with mutual attestation for platform integrity assurance. Cyber Technology in Automation, Control, and Intelligent Systems (CYBER), 2014 IEEE 4th Annual International Conference on. :13-18.

A web service is a web-based application connected via the internet connectivity. The common web-based applications are deployed using web browsers and web servers. However, the security of Web Service is a major concern issues since it is not widely studied and integrated in the design stage of Web Service standard. They are add-on modules rather a well-defined solutions in standards. So, various web services security solutions have been defined in order to protect interaction over a network. Remote attestation is an authentication technique proposed by the Trusted Computing Group (TCG) which enables the verification of the trusted environment of platforms and assuring the information is accurate. To incorporate this method in web services framework in order to guarantee the trustworthiness and security of web-based applications, a new framework called TrustWeb is proposed. The TrustWeb framework integrates the remote attestation into SSL/TLS protocol to provide integrity information of the involved endpoint platforms. The framework enhances TLS protocol with mutual attestation mechanism which can help to address the weaknesses of transferring sensitive computations, and a practical way to solve the remote trust issue at the client-server environment. In this paper, we describe the work of designing and building a framework prototype in which attestation mechanism is integrated into the Mozilla Firefox browser and Apache web server. We also present framework solution to show improvement in the efficiency level.

Abd, S. K., Salih, R. T., Al-Haddad, S. A. R., Hashim, F., Abdullah, A. B. H., Yussof, S..  2015.  Cloud computing security risks with authorization access for secure Multi-Tenancy based on AAAS protocol. TENCON 2015 - 2015 IEEE Region 10 Conference. :1–5.

Many cloud security complexities can be concerned as a result of its open system architecture. One of these complexities is multi-tenancy security issue. This paper discusses and addresses the most common public cloud security complexities focusing on Multi-Tenancy security issue. Multi-tenancy is one of the most important security challenges faced by public cloud services providers. Therefore, this paper presents a secure multi-tenancy architecture using authorization model Based on AAAS protocol. By utilizing cloud infrastructure, access control can be provided to various cloud information and services by our suggested authorization system. Each business can offer several cloud services. These cloud services can cooperate with other services which can be related to the same organization or different one. Moreover, these cooperation agreements are supported by our suggested system.

AbdAllah, E. G., Zulkernine, M., Hassanein, H. S..  2018.  A Security Framework for ICN Traffic Management. 2018 IEEE 16th Intl Conf on Dependable, Autonomic and Secure Computing, 16th Intl Conf on Pervasive Intelligence and Computing, 4th Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress(DASC/PiCom/DataCom/CyberSciTech). :78-85.

Information Centric Networking (ICN) changed the communication model from host-based to content-based to cope with the high volume of traffic due to the rapidly increasing number of users, data objects, devices, and applications. ICN communication model requires new security solutions that will be integrated with ICN architectures. In this paper, we present a security framework to manage ICN traffic by detecting, preventing, and responding to ICN attacks. The framework consists of three components: availability, access control, and privacy. The availability component ensures that contents are available for legitimate users. The access control component allows only legitimate users to get restrictedaccess contents. The privacy component prevents attackers from knowing content popularities or user requests. We also show our specific solutions as examples of the framework components.

Abdallah, W., Boudriga, N., Daehee Kim, Sunshin An.  2014.  An efficient and scalable key management mechanism for wireless sensor networks. Advanced Communication Technology (ICACT), 2014 16th International Conference on. :687-692.

A major issue to secure wireless sensor networks is key distribution. Current key distribution schemes are not fully adapted to the tiny, low-cost, and fragile sensors with limited computation capability, reduced memory size, and battery-based power supply. This paper investigates the design of an efficient key distribution and management scheme for wireless sensor networks. The proposed scheme can ensure the generation and distribution of different encryption keys intended to secure individual and group communications. This is performed based on elliptic curve public key encryption using Diffie-Hellman like key exchange and secret sharing techniques that are applied at different levels of the network topology. This scheme is more efficient and less complex than existing approaches, due to the reduced communication and processing overheads required to accomplish key exchange. Furthermore, few keys with reduced sizes are managed in sensor nodes which optimizes memory usage, and enhances scalability to large size networks.

Abdel-Fattah, F., Farhan, K. A., Al-Tarawneh, F. H., AlTamimi, F..  2019.  Security Challenges and Attacks in Dynamic Mobile Ad Hoc Networks MANETs. 2019 IEEE Jordan International Joint Conference on Electrical Engineering and Information Technology (JEEIT). :28-33.

Mobile Ad hoc Network (MANET for short) is a new art of wireless technology that connect a group of mobile nodes in a dynamically decentralized fashion without the need of a base station, or a centralized administration, whereas each mobile node can work as a router. MANET topology changes frequently, because of the MANET dynamically formation nature, and freely to move randomly. MANET can function as standalone or can be connected to external networks. Mobile nodes are characterized with minimal human interaction, weight, less memory, and power. Despite all the pros of MANET and the widely spreading in many and critical industries, MANET has some cons and suffers from severe security issues. In this survey we emphasize on the different types of attacks at MANET protocol stack, and show how MANET is vulnerable to those attacks.

Abdelaal, M., Karadeniz, M., Dürr, F., Rothermel, K..  2020.  liteNDN: QoS-Aware Packet Forwarding and Caching for Named Data Networks. 2020 IEEE 17th Annual Consumer Communications Networking Conference (CCNC). :1–9.
Recently, named data networking (NDN) has been introduced to connect the world of computing devices via naming data instead of their containers. Through this strategic change, NDN brings several new features to network communication, including in-network caching, multipath forwarding, built-in multicast, and data security. Despite these unique features of NDN networking, there exist plenty of opportunities for continuing developments, especially with packet forwarding and caching. In this context, we introduce liteNDN, a novel forwarding and caching strategy for NDN networks. liteNDN comprises a cooperative forwarding strategy through which NDN routers share their knowledge, i.e. data names and interfaces, to optimize their packet forwarding decisions. Subsequently, liteNDN leverages that knowledge to estimate the probability of each downstream path to swiftly retrieve the requested data. Additionally, liteNDN exploits heuristics, such as routing costs and data significance, to make proper decisions about caching normal as well as segmented packets. The proposed approach has been extensively evaluated in terms of the data retrieval latency, network utilization, and the cache hit rate. The results showed that liteNDN, compared to conventional NDN forwarding and caching strategies, achieves much less latency while reducing the unnecessary traffic and caching activities.
Abdelbari, Hassan, Shafi, Kamran.  2017.  A Genetic Programming Ensemble Method for Learning Dynamical System Models. Proceedings of the 8th International Conference on Computer Modeling and Simulation. :47–51.
Modelling complex dynamical systems plays a crucial role to understand several phenomena in different domains such as physics, engineering, biology and social sciences. In this paper, a genetic programming ensemble method is proposed to learn complex dynamical systems' underlying mathematical models, represented as differential equations, from systems' time series observations. The proposed method relies on decomposing the modelling space based on given variable dependencies. An ensemble of learners is then applied in this decomposed space and their output is combined to generate the final model. Two examples of complex dynamical systems are used to test the performance of the proposed methodology where the standard genetic programming method has struggled to find matching model equations. The empirical results show the effectiveness of the proposed methodology in learning closely matching structure of almost all system equations.
Abdelghani, TSCHROUB.  2019.  Industrial Control Systems (Ics) Security in Power Transmission Network. 2019 Algerian Large Electrical Network Conference (CAGRE). :1–4.

The goal of this document is to provide knowledge of Security for Industrial Control Systems (ICS,) such as supervisory control and data acquisition (SCADA) which is implemented in power transmission network, power stations, power distribution grids and other big infrastructures that affect large number of persons and security of nations. A distinction between IT and ICS security is given to make a difference between the two disciplines. In order to avoid intrusion and destruction of industrials plants, some recommendations are given to preserve their security.

Abdelhadi, Ameer M.S., Bouganis, Christos-Savvas, Constantinides, George A..  2019.  Accelerated Approximate Nearest Neighbors Search Through Hierarchical Product Quantization. 2019 International Conference on Field-Programmable Technology (ICFPT). :90—98.
A fundamental recurring task in many machine learning applications is the search for the Nearest Neighbor in high dimensional metric spaces. Towards answering queries in large scale problems, state-of-the-art methods employ Approximate Nearest Neighbors (ANN) search, a search that returns the nearest neighbor with high probability, as well as techniques that compress the dataset. Product-Quantization (PQ) based ANN search methods have demonstrated state-of-the-art performance in several problems, including classification, regression and information retrieval. The dataset is encoded into a Cartesian product of multiple low-dimensional codebooks, enabling faster search and higher compression. Being intrinsically parallel, PQ-based ANN search approaches are amendable for hardware acceleration. This paper proposes a novel Hierarchical PQ (HPQ) based ANN search method as well as an FPGA-tailored architecture for its implementation that outperforms current state of the art systems. HPQ gradually refines the search space, reducing the number of data compares and enabling a pipelined search. The mapping of the architecture on a Stratix 10 FPGA device demonstrates over ×250 speedups over current state-of-the-art systems, opening the space for addressing larger datasets and/or improving the query times of current systems.
Abdelhakim, Boudhir Anouar, Mohamed, Ben Ahmed, Mohammed, Bouhorma, Ikram, Ben Abdel Ouahab.  2018.  New Security Approach for IoT Communication Systems. Proceedings of the 3rd International Conference on Smart City Applications. :2:1–2:8.

The Security is a real permanent problem in wired and wireless communication systems. This issue becomes more and more complex in the internet of things context where the security solution still poor and insufficient where the number of these noeud hugely increase (around 26 milliards in 2020). In this paper we propose a new security schema which avoid the use of cryptography mechanism based on the exchange of symmetric or asymmetric keys which aren't recommended in IoT devices due to their limitation in processing, stockage and energy. The proposed solution is based on the use of the multi-agent ensuring the security of connected objects. These objects programmed with agents are able to communicate with other objects without any need to compute keys. The main objective in this work is to maintain a high level of security with an optimization of the energy consumption of IoT devices.

Abdelhamid, N., Thabtah, F., Abdel-jaber, H..  2017.  Phishing detection: A recent intelligent machine learning comparison based on models content and features. 2017 IEEE International Conference on Intelligence and Security Informatics (ISI). :72–77.

In the last decade, numerous fake websites have been developed on the World Wide Web to mimic trusted websites, with the aim of stealing financial assets from users and organizations. This form of online attack is called phishing, and it has cost the online community and the various stakeholders hundreds of million Dollars. Therefore, effective counter measures that can accurately detect phishing are needed. Machine learning (ML) is a popular tool for data analysis and recently has shown promising results in combating phishing when contrasted with classic anti-phishing approaches, including awareness workshops, visualization and legal solutions. This article investigates ML techniques applicability to detect phishing attacks and describes their pros and cons. In particular, different types of ML techniques have been investigated to reveal the suitable options that can serve as anti-phishing tools. More importantly, we experimentally compare large numbers of ML techniques on real phishing datasets and with respect to different metrics. The purpose of the comparison is to reveal the advantages and disadvantages of ML predictive models and to show their actual performance when it comes to phishing attacks. The experimental results show that Covering approach models are more appropriate as anti-phishing solutions, especially for novice users, because of their simple yet effective knowledge bases in addition to their good phishing detection rate.

Abdellatif, Karim M., Chotin-Avot, Roselyne, Mehrez, Habib.  2016.  AEGIS-Based Efficient Solution for Secure Reconfiguration of FPGAs. Proceedings of the Third Workshop on Cryptography and Security in Computing Systems. :37–40.

The reconfiguration of FPGAs includes downloading the bit-stream file which contains the new design on the FPGA. The option to reconfigure FPGAs dynamically opens up the threat of stealing the Intellectual Property (IP) of the design. Since the configuration is usually stored in external memory, this can be easily tapped and read out by an eaves-dropper. This work presents a low cost solution in order to secure the reconfiguration of FPGAs. The proposed solution is based on an efficient-compact hardware implementation for AEGIS which is considered one of the candidates to the competition of CAESAR. The proposed architecture depends on using 1/4 AES-round for reducing the consumed area. We evaluated the presented design using 90 and 65 nm technologies. Our comparison to existing AES-based schemes reveals that the proposed design is better in terms of the hardware performance (Thr./mm2).

Abdellatif, Lasbahani, Chhiba, Mostafa, Mjihil, Oussama.  2017.  Deals with Integrating of Security Specifications During Software Design Phase Using MDA Approach. Proceedings of the Second International Conference on Internet of Things, Data and Cloud Computing. :196:1–196:7.
There are many recent propositions treating Model Driven Architecture (MDA) approaches to perform and automate code generation from design models. To the best of our knowledge and research, most of these propositions have been only focused on functional aspect by allowing code generation without considering this the non-functional aspect at the same time so that to generate secure object-oriented software basing on MDA approach. In this context, we are adding further details to integrate the security policies required in the form of secure models. The systems specification models will be enhanced with security requirements at different abstraction levels through a set of transformation models. Improving functional models with security constraints allow us to incorporate the security needs and automating generating secure applications with their security infrastructure using MDA approach. After carrying out a modification on MDA processes and UML meta-model to cover a better representation of security policies of an organization by updating different existing software engineering process to take into account nonfunctional aspect along with their functional aspect. This work presents a new methodology based on MDA approach and existing security technologies for allowing the integration of the proposed security requirements, which are obtained from security experts, during the system design. Within this context, we have focused on the essential elements of security, such as data encryption, Message Integrity, and Access Control in order to express the importance of merging both the functional and non-functional aspects altogether. We have chosen these properties to practically illustrate how to generate secure applications including their security policies. Then the source code will be obtained automatically from Platform Specific Models (PSM) by applying a set of model transformations and using a code generator designed for this mission. In addition, we can inject also other security-related properties, such as Availability, Traceability, non-repudiation, and Scalability issues during the whole development process by following the same methodology. these properties will be treated in the future work.