Visible to the public Biblio

Found 859 results

Filters: First Letter Of Last Name is A  [Clear All Filters]
[A] B C D E F G H I J K L M N O P Q R S T U V W X Y Z   [Show ALL]
Agosta, Giovanni, Barenghi, Alessandro, Pelosi, Gerardo.  2016.  Automated Instantiation of Side-channel Attacks Countermeasures for Software Cipher Implementations. Proceedings of the ACM International Conference on Computing Frontiers. :455–460.

Side Channel Attacks (SCA) have proven to be a practical threat to the security of embedded systems, exploiting the information leakage coming from unintended channels concerning an implementation of a cryptographic primitive. Given the large variety of embedded platforms, and the ubiquity of the need for secure cryptographic implementations, a systematic and automated approach to deploy SCA countermeasures at design time is strongly needed. In this paper, we provide an overview of recent compiler-based techniques to protect software implementations against SCA, making them amenable to automated application in the development of secure-by-design systems.

Agosta, Giovanni, Barenghi, Alessandro, Pelosi, Gerardo, Scandale, Michele.  2016.  Encasing Block Ciphers to Foil Key Recovery Attempts via Side Channel. Proceedings of the 35th International Conference on Computer-Aided Design. :96:1–96:8.

Providing efficient protection against energy consumption based side channel attacks (SCAs) for block ciphers is a relevant topic for the research community, as current overheads are in the 100x range. Unprofiled SCAs exploit information leakage from the outmost rounds of a cipher; we propose a solution encasing it between keyed transformations amenable to an efficient SCA protection. Our solution can be employed as a drop in replacement for an unprotected implementation, or be retrofit to an existing one, while retaining communication capabilities with legacy insecure endpoints. Experiments on a Cortex-M4 μC, show performance improvements in the range of 60x, compared with available solutions.

Agostino Ardagna, Claudio, Asal, Rasool, Damiani, Ernesto, El Ioini, Nabil, Pahl, Claus.  2019.  Trustworthy IoT: An Evidence Collection Approach Based on Smart Contracts. 2019 IEEE International Conference on Services Computing (SCC). :46–50.
Today, Internet of Things (IoT) implements an ecosystem where a panoply of interconnected devices collect data from physical environments and supply them to processing services, on top of which cloud-based applications are built and provided to mobile end users. The undebatable advantages of smart IoT systems clash with the need of a secure and trustworthy environment. In this paper, we propose a service-based methodology based on blockchain and smart contracts for trustworthy evidence collection at the basis of a trustworthy IoT assurance evaluation. The methodology balances the provided level of trustworthiness and its performance, and is experimentally evaluated using Hyperledger fabric blockchain.
Agrafiotis, Ioannis, Erola, Arnau, Goldsmith, Michael, Creese, Sadie.  2016.  A Tripwire Grammar for Insider Threat Detection. Proceedings of the 8th ACM CCS International Workshop on Managing Insider Security Threats. :105–108.
The threat from insiders is an ever-growing concern for organisations, and in recent years the harm that insiders pose has been widely demonstrated. This paper describes our recent work into how we might support insider threat detection when actions are taken which can be immediately determined as of concern because they fall into one of two categories: they violate a policy which is specifically crafted to describe behaviours that are highly likely to be of concern if they are exhibited, or they exhibit behaviours which follow a pattern of a known insider threat attack. In particular, we view these concerning actions as something that we can design and implement tripwires within a system to detect. We then orchestrate these tripwires in conjunction with an anomaly detection system and present an approach to formalising tripwires of both categories. Our intention being that by having a single framework for describing them, alongside a library of existing tripwires in use, we can provide the community of practitioners and researchers with the basis to document and evolve this common understanding of tripwires.
Agrafiotis, Ioannis, Erola, Arnau, Goldsmith, Michael, Creese, Sadie.  2016.  A Tripwire Grammar for Insider Threat Detection. Proceedings of the 8th ACM CCS International Workshop on Managing Insider Security Threats. :105–108.

The threat from insiders is an ever-growing concern for organisations, and in recent years the harm that insiders pose has been widely demonstrated. This paper describes our recent work into how we might support insider threat detection when actions are taken which can be immediately determined as of concern because they fall into one of two categories: they violate a policy which is specifically crafted to describe behaviours that are highly likely to be of concern if they are exhibited, or they exhibit behaviours which follow a pattern of a known insider threat attack. In particular, we view these concerning actions as something that we can design and implement tripwires within a system to detect. We then orchestrate these tripwires in conjunction with an anomaly detection system and present an approach to formalising tripwires of both categories. Our intention being that by having a single framework for describing them, alongside a library of existing tripwires in use, we can provide the community of practitioners and researchers with the basis to document and evolve this common understanding of tripwires.

Agrawal, Divy, Ba, Lamine, Berti-Equille, Laure, Chawla, Sanjay, Elmagarmid, Ahmed, Hammady, Hossam, Idris, Yasser, Kaoudi, Zoi, Khayyat, Zuhair, Kruse, Sebastian et al..  2016.  Rheem: Enabling Multi-Platform Task Execution. Proceedings of the 2016 International Conference on Management of Data. :2069–2072.

Many emerging applications, from domains such as healthcare and oil & gas, require several data processing systems for complex analytics. This demo paper showcases system, a framework that provides multi-platform task execution for such applications. It features a three-layer data processing abstraction and a new query optimization approach for multi-platform settings. We will demonstrate the strengths of system by using real-world scenarios from three different applications, namely, machine learning, data cleaning, and data fusion.

Agrawal, R., Stokes, J. W., Selvaraj, K., Marinescu, M..  2019.  Attention in Recurrent Neural Networks for Ransomware Detection. ICASSP 2019 - 2019 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP). :3222–3226.

Ransomware, as a specialized form of malicious software, has recently emerged as a major threat in computer security. With an ability to lock out user access to their content, recent ransomware attacks have caused severe impact at an individual and organizational level. While research in malware detection can be adapted directly for ransomware, specific structural properties of ransomware can further improve the quality of detection. In this paper, we adapt the deep learning methods used in malware detection for detecting ransomware from emulation sequences. We present specialized recurrent neural networks for capturing local event patterns in ransomware sequences using the concept of attention mechanisms. We demonstrate the performance of enhanced LSTM models on a sequence dataset derived by the emulation of ransomware executables targeting the Windows environment.

Agrawal, Shashank, Mohassel, Payman, Mukherjee, Pratyay, Rindal, Peter.  2018.  DiSE: Distributed Symmetric-Key Encryption. Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. :1993–2010.

Threshold cryptography provides a mechanism for protecting secret keys by sharing them among multiple parties, who then jointly perform cryptographic operations. An attacker who corrupts up to a threshold number of parties cannot recover the secrets or violate security. Prior works in this space have mostly focused on definitions and constructions for public-key cryptography and digital signatures, and thus do not capture the security concerns and efficiency challenges of symmetric-key based applications which commonly use long-term (unprotected) master keys to protect data at rest, authenticate clients on enterprise networks, and secure data and payments on IoT devices. We put forth the first formal treatment for distributed symmetric-key encryption, proposing new notions of correctness, privacy and authenticity in presence of malicious attackers. We provide strong and intuitive game-based definitions that are easy to understand and yield efficient constructions. We propose a generic construction of threshold authenticated encryption based on any distributed pseudorandom function (DPRF). When instantiated with the two different DPRF constructions proposed by Naor, Pinkas and Reingold (Eurocrypt 1999) and our enhanced versions, we obtain several efficient constructions meeting different security definitions. We implement these variants and provide extensive performance comparisons. Our most efficient instantiation uses only symmetric-key primitives and achieves a throughput of upto 1 million encryptions/decryptions per seconds, or alternatively a sub-millisecond latency with upto 18 participating parties.

Agrawal, Shriyansh, Sanagavarapu, Lalit Mohan, Reddy, YR.  2019.  FACT - Fine grained Assessment of web page CredibiliTy. TENCON 2019 - 2019 IEEE Region 10 Conference (TENCON). :1088–1097.
With more than a trillion web pages, there is a plethora of content available for consumption. Search Engine queries invariably lead to overwhelming information, parts of it relevant and some others irrelevant. Often the information provided can be conflicting, ambiguous, and inconsistent contributing to the loss of credibility of the content. In the past, researchers have proposed approaches for credibility assessment and enumerated factors influencing the credibility of web pages. In this work, we detailed a WEBCred framework for automated genre-aware credibility assessment of web pages. We developed a tool based on the proposed framework to extract web page features instances and identify genre a web page belongs to while assessing it's Genre Credibility Score ( GCS). We validated our approach on `Information Security' dataset of 8,550 URLs with 171 features across 7 genres. The supervised learning algorithm, Gradient Boosted Decision Tree classified genres with 88.75% testing accuracy over 10 fold cross-validation, an improvement over the current benchmark. We also examined our approach on `Health' domain web pages and had comparable results. The calculated GCS correlated 69% with crowdsourced Web Of Trust ( WOT) score and 13% with algorithm based Alexa ranking across 5 Information security groups. This variance in correlation states that our GCS approach aligns with human way ( WOT) as compared to algorithmic way (Alexa) of web assessment in both the experiments.
Aguilar, Eryn, Dancel, Jevis, Mamaud, Deysaree, Pirosch, Dorothy, Tavacoli, Farin, Zhan, Felix, Pearce, Robbie, Novack, Margaret, Keehu, Hokunani, Lowe, Benjamin et al..  2019.  Highly Parallel Seedless Random Number Generation from Arbitrary Thread Schedule Reconstruction. 2019 IEEE International Conference on Big Knowledge (ICBK). :1–8.
Security is a universal concern across a multitude of sectors involved in the transfer and storage of computerized data. In the realm of cryptography, random number generators (RNGs) are integral to the creation of encryption keys that protect private data, and the production of uniform probability outcomes is a revenue source for certain enterprises (most notably the casino industry). Arbitrary thread schedule reconstruction of compare-and-swap operations is used to generate input traces for the Blum-Elias algorithm as a method for constructing random sequences, provided the compare-and-swap operations avoid cache locality. Threads accessing shared memory at the memory controller is a true random source which can be polled indirectly through our algorithm with unlimited parallelism. A theoretical and experimental analysis of the observation and reconstruction algorithm are considered. The quality of the random number generator is experimentally analyzed using two standard test suites, DieHarder and ENT, on three data sets.
Agustin, J. P. C., Jacinto, J. H., Limjoco, W. J. R., Pedrasa, J. R. I..  2017.  IPv6 Routing Protocol for Low-Power and Lossy Networks Implementation in Network Simulator \#x2014; 3. TENCON 2017 - 2017 IEEE Region 10 Conference. :3129–3134.

Wireless Sensor Networks (WSN) are widely used to monitor and control physical environments. An efficient energy management system is needed to be able to deploy these networks in lossy environments while maintaining reliable communication. The IPv6 Routing Protocol for Low-Power and Lossy networks is a routing protocol designed to properly manage energy without compromising reliability. This protocol has currently been implemented in Contiki OS, TinyOS, and OMNeT++ Castalia. But these applications also simulate all operation mechanics of a specified hardware model instead of just simulating the protocol only, thus adding unnecessary overhead and slowing down simulations on RPL. In light of this, we have implemented a working ns-3 implementation of RPL with support for multiple RPL instances with the use of a global repair mechanism. The behavior and output of our simulator was compared to Cooja for verification, and the results are similar with a minor difference in rank computation.

Ahalawat, Anchal, Dash, Shashank Sekhar, Panda, Abinas, Babu, Korra Sathya.  2019.  Entropy Based DDoS Detection and Mitigation in OpenFlow Enabled SDN. 2019 International Conference on Vision Towards Emerging Trends in Communication and Networking (ViTECoN). :1–5.
Distributed Denial of Service(DDoS) attacks have become most important network security threat as the number of devices are connected to internet increases exponentially and reaching an attack volume approximately very high compared to other attacks. To make the network safe and flexible a new networking infrastructure such as Software Defined Networking (SDN) has come into effect, which relies on centralized controller and decoupling of control and data plane. However due to it's centralized controller it is prone to DDoS attacks, as it makes the decision of forwarding of packets based on rules installed in switch by OpenFlow protocol. Out of all different DDoS attacks, UDP (User Datagram Protocol) flooding constitute the most in recent years. In this paper, we have proposed an entropy based DDoS detection and rate limiting based mitigation for efficient service delivery. We have evaluated using Mininet as emulator and Ryu as controller by taking switch as OpenVswitch and obtained better result in terms of bandwidth utilization and hit ratio which consume network resources to make denial of service.
Ahamed, Md. Salahuddin, Asiful Mustafa, Hossen.  2019.  A Secure QR Code System for Sharing Personal Confidential Information. 2019 International Conference on Computer, Communication, Chemical, Materials and Electronic Engineering (IC4ME2). :1–4.
Securing and hiding personal confidential information has become a challenge in these modern days. Due to the lack of security and confidentiality, forgery of confidential information can cause a big margin loss to a person. Personal confidential information needs to be securely shared and hidden with the expected recipient and he should be able to verify the information by checking its authenticity. QR codes are being used increasingly to share data for different purposes. In information communication, QR code is important because of its high data capacity. However, most existing QR code systems use insecure data format and encryption is rarely used. A user can use Secure QR Code (SQRC) technology to keep information secured and hidden. In this paper, we propose a novel SQRC system which will allow sharing authentic personal confidential information by means of QR code verification using RSA digital signature algorithm and also allow authorizing the information by means of QR code validation using RSA public key cryptographic algorithm. We implemented the proposed SQRC system and showed that the system is effective for sharing personal confidential information securely.
Ahmad, A., Hassan, M.M., Aziz, A..  2014.  A Multi-token Authorization Strategy for Secure Mobile Cloud Computing. Mobile Cloud Computing, Services, and Engineering (MobileCloud), 2014 2nd IEEE International Conference on. :136-141.

Cloud computing is an emerging paradigm shifting the shape of computing models from being a technology to a utility. However, security, privacy and trust are amongst the issues that can subvert the benefits and hence wide deployment of cloud computing. With the introduction of omnipresent mobile-based clients, the ubiquity of the model increases, suggesting a still higher integration in life. Nonetheless, the security issues rise to a higher degree as well. The constrained input methods for credentials and the vulnerable wireless communication links are among factors giving rise to serious security issues. To strengthen the access control of cloud resources, organizations now commonly acquire Identity Management Systems (IdM). This paper presents that the most popular IdM, namely OAuth, working in scope of Mobile Cloud Computing has many weaknesses in authorization architecture. In particular, authors find two major issues in current IdM. First, if the IdM System is compromised through malicious code, it allows a hacker to get authorization of all the protected resources hosted on a cloud. Second, all the communication links among client, cloud and IdM carries complete authorization token, that can allow hacker, through traffic interception at any communication link, an illegitimate access of protected resources. We also suggest a solution to the reported problems, and justify our arguments with experimentation and mathematical modeling.

Ahmad, A. A., Günlük, O..  2015.  Robust-to-dynamics linear programming. 2015 54th IEEE Conference on Decision and Control (CDC). :5915–5919.

We consider a class of robust optimization problems that we call “robust-to-dynamics optimization” (RDO). The input to an RDO problem is twofold: (i) a mathematical program (e.g., an LP, SDP, IP, etc.), and (ii) a dynamical system (e.g., a linear, nonlinear, discrete, or continuous dynamics). The objective is to maximize over the set of initial conditions that forever remain feasible under the dynamics. The focus of this paper is on the case where the optimization problem is a linear program and the dynamics are linear. We establish some structural properties of the feasible set and prove that if the linear system is asymptotically stable, then the RDO problem can be solved in polynomial time. We also outline a semidefinite programming based algorithm for providing upper bounds on robust-to-dynamics linear programs.

Ahmad, Abdul Mutaal, Lukowicz, Paul, Cheng, Jingyuan.  2016.  FPGA Based Hardware Acceleration of Sensor Matrix. Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing: Adjunct. :793–802.
This paper describes the hardware acceleration of various feature calculation functions used in activity recognition. In this work we have used a large scale sensing matrix which recognizes and counts gym exercises. Human activity is played on pressure matrix and the sensor data is sent to computer using a wired protocol for further processing. The recorded data from matrix is huge making it impractical to process on a smart phone. We propose a FPGA (Field Programmable Gate Array) based processing methodology which not only accelerates sensing data processing but also reduces the size of 2D sensor data matrix to 10 features. The resultant feature set can be transferred using wireless medium to a smart phone or other processing unit where the classification can be done. Our system takes a matrix of arbitrary size and output a 'features' set for each matrix frame. We used HLS (High Level Synthesis), an approach to write algorithm for FPGA using SystemC/C/C++ instead of traditional VHDL/Verilog. Results show promising improvement in processing time as compared to Matlab. Since the size of data is reduced, wireless medium can be use to transmit data. Additionally, the development time for FPGA designs is greatly reduced due to the usage of an abstracted high level synthesis approach. This system is currently developed for pressure sensing system but this strategy can be applied to other sensing application like temperature sensor grid.
Ahmad, F., Adnane, A., KURUGOLLU, F., Hussain, R..  2019.  A Comparative Analysis of Trust Models for Safety Applications in IoT-Enabled Vehicular Networks. 2019 Wireless Days (WD). :1-8.
Vehicular Ad-hoc NETwork (VANET) is a vital transportation technology that facilitates the vehicles to share sensitive information (such as steep-curve warnings and black ice on the road) with each other and with the surrounding infrastructure in real-time to avoid accidents and enable comfortable driving experience.To achieve these goals, VANET requires a secure environment for authentic, reliable and trusted information dissemination among the network entities. However, VANET is prone to different attacks resulting in the dissemination of compromised/false information among network nodes. One way to manage a secure and trusted network is to introduce trust among the vehicular nodes. To this end, various Trust Models (TMs) are developed for VANET and can be broadly categorized into three classes, Entity-oriented Trust Models (ETM), Data oriented Trust Models (DTM) and Hybrid Trust Models (HTM). These TMs evaluate trust based on the received information (data), the vehicle (entity) or both through different mechanisms. In this paper, we present a comparative study of the three TMs. Furthermore, we evaluate these TMs against the different trust, security and quality-of-service related benchmarks. Simulation results revealed that all these TMs have deficiencies in terms of end-to-end delays, event detection probabilities and false positive rates. This study can be used as a guideline for researchers to design new efficient and effective TMs for VANET.
Ahmad, Ibtihaj, Zarrar, Muhammad Kaab, Saeed, Takreem, Rehman, Saad.  2018.  Security Aspects of Cyber Physical Systems. 2018 1st International Conference on Computer Applications Information Security (ICCAIS). :1–6.
Cyber Physical System (CPS) is one of the emerging technologies of the day due to its large number of applications. Its applications extends to automotive, commercial, medical, home appliances and manufacturing industries. Mass research is being conducted in this area including design models, signal processing, control system models, communication models and security. One of the most important aspects of these is security and privacy of CPS. There are a number of vulnerabilities and threats that can be used by an attacker to exploit a cyber physical system. This paper provides a brief review of current security threats, vulnerabilities and its solutions for CPS. For the sake of simplicity the security threats have been divided into two classes i.e. control security and information security. Based on this division various attack methods and their possible solutions have been discussed.
Ahmad, Jawad, Tahir, Ahsen, Khan, Jan Sher, Khan, Muazzam A, Khan, Fadia Ali, Arshad, Habib, Zeeshan.  2019.  A Partial Ligt-weight Image Encryption Scheme. 2019 UK/ China Emerging Technologies (UCET). :1—3.

Due to greater network capacity and faster data speed, fifth generation (5G) technology is expected to provide a huge improvement in Internet of Things (IoTs) applications, Augmented & Virtual Reality (AR/VR) technologies, and Machine Type Communications (MTC). Consumer will be able to send/receive high quality multimedia data. For the protection of sensitive multimedia data, a large number of encryption algorithms are available, however, these encryption schemes does not provide light-weight encryption solution for real-time application requirements. This paper proposes a new multi-chaos computational efficient encryption for digital images. In the proposed scheme, plaintext image is transformed using Lifting Wavelet Transform (LWT) and only one-fourth part of the transformed image is encrypted using light-weight Chebyshev and Intertwining maps. Both chaotic maps were chaotically coupled for the confusion and diffusion processes which further enhances the image security. Encryption/decryption speed and other security measures such as correlation coefficient, entropy, Number of Pixels Change Rate (NPCR), contrast, energy, homogeneity confirm the superiority of the proposed light-weight encryption scheme.

Ahmad, Kashif, Conci, Nicola, Boato, Giulia, De Natale, Francesco G. B..  2016.  USED: A Large-scale Social Event Detection Dataset. Proceedings of the 7th International Conference on Multimedia Systems. :50:1–50:6.

Event discovery from single pictures is a challenging problem that has raised significant interest in the last decade. During this time, a number of interesting solutions have been proposed to tackle event discovery in still images. However, a large scale benchmarking image dataset for the evaluation and comparison of event discovery algorithms from single images is still lagging behind. To this aim, in this paper we provide a large-scale properly annotated and balanced dataset of 490,000 images, covering every aspect of 14 different types of social events, selected among the most shared ones in the social network. Such a large scale collection of event-related images is intended to become a powerful support tool for the research community in multimedia analysis by providing a common benchmark for training, testing, validation and comparison of existing and novel algorithms. In this paper, we provide a detailed description of how the dataset is collected, organized and how it can be beneficial for the researchers in the multimedia analysis domain. Moreover, a deep learning based approach is introduced into event discovery from single images as one of the possible applications of this dataset with a belief that deep learning can prove to be a breakthrough also in this research area. By providing this dataset, we hope to gather research community in the multimedia and signal processing domains to advance this application.

Ahmad, M., Shahid, A., Qadri, M. Y., Hussain, K., Qadri, N. N..  2017.  Fingerprinting non-numeric datasets using row association and pattern generation. 2017 International Conference on Communication Technologies (ComTech). :149–155.

Being an era of fast internet-based application environment, large volumes of relational data are being outsourced for business purposes. Therefore, ownership and digital rights protection has become one of the greatest challenges and among the most critical issues. This paper presents a novel fingerprinting technique to protect ownership rights of non-numeric digital data on basis of pattern generation and row association schemes. Firstly, fingerprint sequence is formulated by using secret key and buyer's Unique ID. With the chunks of these sequences and by applying the Fibonacci series, we select some rows. The selected rows are candidates of fingerprinting. The primary key of selected row is protected using RSA encryption; after which a pattern is designed by randomly choosing the values of different attributes of datasets. The encryption of primary key leads to develop an association between original and fake pattern; creating an ease in fingerprint detection. Fingerprint detection algorithm first finds the fake rows and then extracts the fingerprint sequence from the fake attributes, hence identifying the traitor. Some most important features of the proposed approach is to overcome major weaknesses such as error tolerance, integrity and accuracy in previously proposed fingerprinting techniques. The results show that technique is efficient and robust against several malicious attacks.

Ahmad, Muhammad Aminu, Woodhead, Steve, Gan, Diane.  2016.  A Safeguard Against Fast Self-propagating Malware. Proceedings of the 6th International Conference on Communication and Network Security. :65–69.

This paper presents a detection and containment mechanism for fast self-propagating network worm malware. The detection part of the mechanism uses two categories of network host activities to identify worm behaviour in a network. Upon an identified worm activity in a network, a data-link containment system is used to isolate the internal source of infection, and a network level containment system is used to block inbound worm datagrams. The mechanism has been demonstrated using a software prototype. A number of worm experiments have been conducted to evaluate the prototype. The empirical results show the effectiveness of the developed mechanism in containing fast network worm malware at an early stage with almost no false positives.

ahmad, sahan, Zobaed, SM, Gottumukkala, Raju, Salehi, Mohsen Amini.  2019.  Edge Computing for User-Centric Secure Search on Cloud-Based Encrypted Big Data. 2019 IEEE 21st International Conference on High Performance Computing and Communications; IEEE 17th International Conference on Smart City; IEEE 5th International Conference on Data Science and Systems (HPCC/SmartCity/DSS). :662–669.

Cloud service providers offer a low-cost and convenient solution to host unstructured data. However, cloud services act as third-party solutions and do not provide control of the data to users. This has raised security and privacy concerns for many organizations (users) with sensitive data to utilize cloud-based solutions. User-side encryption can potentially address these concerns by establishing user-centric cloud services and granting data control to the user. Nonetheless, user-side encryption limits the ability to process (e.g., search) encrypted data on the cloud. Accordingly, in this research, we provide a framework that enables processing (in particular, searching) of encrypted multiorganizational (i.e., multi-source) big data without revealing the data to cloud provider. Our framework leverages locality feature of edge computing to offer a user-centric search ability in a realtime manner. In particular, the edge system intelligently predicts the user's search pattern and prunes the multi-source big data search space to reduce the search time. The pruning system is based on efficient sampling from the clustered big dataset on the cloud. For each cluster, the pruning system dynamically samples appropriate number of terms based on the user's search tendency, so that the cluster is optimally represented. We developed a prototype of a user-centric search system and evaluated it against multiple datasets. Experimental results demonstrate 27% improvement in the pruning quality and search accuracy.

Ahmadi-Assalemi, Gabriela, al-Khateeb, Haider M., Epiphaniou, Gregory, Cosson, Jon, Jahankhani, Hamid, Pillai, Prashant.  2019.  Federated Blockchain-Based Tracking and Liability Attribution Framework for Employees and Cyber-Physical Objects in a Smart Workplace. 2019 IEEE 12th International Conference on Global Security, Safety and Sustainability (ICGS3). :1–9.
The systematic integration of the Internet of Things (IoT) and Cyber-Physical Systems (CPS) into the supply chain to increase operational efficiency and quality has also introduced new complexities to the threat landscape. The myriad of sensors could increase data collection capabilities for businesses to facilitate process automation aided by Artificial Intelligence (AI) but without adopting an appropriate Security-by-Design framework, threat detection and response are destined to fail. The emerging concept of Smart Workplace incorporates many CPS (e.g. Robots and Drones) to execute tasks alongside Employees both of which can be exploited as Insider Threats. We introduce and discuss forensic-readiness, liability attribution and the ability to track moving Smart SPS Objects to support modern Digital Forensics and Incident Response (DFIR) within a defence-in-depth strategy. We present a framework to facilitate the tracking of object behaviour within Smart Controlled Business Environments (SCBE) to support resilience by enabling proactive insider threat detection. Several components of the framework were piloted in a company to discuss a real-life case study and demonstrate anomaly detection and the emerging of behavioural patterns according to objects' movement with relation to their job role, workspace position and nearest entry or exit. The empirical data was collected from a Bluetooth-based Proximity Monitoring Solution. Furthermore, a key strength of the framework is a federated Blockchain (BC) model to achieve forensic-readiness by establishing a digital Chain-of-Custody (CoC) and a collaborative environment for CPS to qualify as Digital Witnesses (DW) to support post-incident investigations.
Ahmadi, Ali, Bidmeshki, Mohammad-Mahdi, Nahar, Amit, Orr, Bob, Pas, Michael, Makris, Yiorgos.  2016.  A Machine Learning Approach to Fab-of-origin Attestation. Proceedings of the 35th International Conference on Computer-Aided Design. :92:1–92:6.

We introduce a machine learning approach for distinguishing between integrated circuits fabricated in a ratified facility and circuits originating from an unknown or undesired source based on parametric measurements. Unlike earlier approaches, which seek to achieve the same objective in a general, design-independent manner, the proposed method leverages the interaction between the idiosyncrasies of the fabrication facility and a specific design, in order to create a customized fab-of-origin membership test for the circuit in question. Effectiveness of the proposed method is demonstrated using two large industrial datasets from a 65nm Texas Instruments RF transceiver manufactured in two different fabrication facilities.