Visible to the public Biblio

Found 859 results

Filters: First Letter Of Last Name is A  [Clear All Filters]
[A] B C D E F G H I J K L M N O P Q R S T U V W X Y Z   [Show ALL]
Ahmadi, Mansour, Ulyanov, Dmitry, Semenov, Stanislav, Trofimov, Mikhail, Giacinto, Giorgio.  2016.  Novel Feature Extraction, Selection and Fusion for Effective Malware Family Classification. Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy. :183–194.

Modern malware is designed with mutation characteristics, namely polymorphism and metamorphism, which causes an enormous growth in the number of variants of malware samples. Categorization of malware samples on the basis of their behaviors is essential for the computer security community, because they receive huge number of malware everyday, and the signature extraction process is usually based on malicious parts characterizing malware families. Microsoft released a malware classification challenge in 2015 with a huge dataset of near 0.5 terabytes of data, containing more than 20K malware samples. The analysis of this dataset inspired the development of a novel paradigm that is effective in categorizing malware variants into their actual family groups. This paradigm is presented and discussed in the present paper, where emphasis has been given to the phases related to the extraction, and selection of a set of novel features for the effective representation of malware samples. Features can be grouped according to different characteristics of malware behavior, and their fusion is performed according to a per-class weighting paradigm. The proposed method achieved a very high accuracy (\$\textbackslashapprox\$ 0.998) on the Microsoft Malware Challenge dataset.

Ahmadi, S. Sareh, Rashad, Sherif, Elgazzar, Heba.  2019.  Machine Learning Models for Activity Recognition and Authentication of Smartphone Users. 2019 IEEE 10th Annual Ubiquitous Computing, Electronics Mobile Communication Conference (UEMCON). :0561–0567.
Technological advancements have made smartphones to provide wide range of applications that enable users to perform many of their tasks easily and conveniently, anytime and anywhere. For this reason, many users are tend to store their private data in their smart phones. Since conventional methods for security of smartphones, such as passwords, personal identification numbers, and pattern locks are prone to many attacks, this research paper proposes a novel method for authenticating smartphone users based on performing seven different daily physical activity as behavioral biometrics, using smartphone embedded sensor data. This authentication scheme builds a machine learning model which recognizes users by performing those daily activities. Experimental results demonstrate the effectiveness of the proposed framework.
Ahmadian, Amir Shayan, Peldszus, Sven, Ramadan, Qusai, Jürjens, Jan.  2017.  Model-Based Privacy and Security Analysis with CARiSMA. Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering. :989–993.

We present CARiSMA, a tool that is originally designed to support model-based security analysis of IT systems. In our recent work, we added several new functionalities to CARiSMA to support the privacy of personal data. Moreover, we introduced a mechanism to assist the system designers to perform a CARiSMA analysis by automatically initializing an appropriate CARiSMA analysis concerning security and privacy requirements. The motivation for our work is Article 25 of Regulation (EU) 2016/679, which requires appropriate technical and organizational controls must be implemented for ensuring that, by default, the processing of personal data complies with the principles on processing of personal data. This implies that initially IT systems must be analyzed to verify if such principles are respected. System models allow the system developers to handle the complexity of systems and to focus on key aspects such as privacy and security. CARiSMA is available at and our screen cast at

Ahmadian, M. M., Shahriari, H. R..  2016.  2entFOX: A framework for high survivable ransomwares detection. 2016 13th International Iranian Society of Cryptology Conference on Information Security and Cryptology (ISCISC). :79–84.

Ransomwares have become a growing threat since 2012, and the situation continues to worsen until now. The lack of security mechanisms and security awareness are pushing the systems into mire of ransomware attacks. In this paper, a new framework called 2entFOX' is proposed in order to detect high survivable ransomwares (HSR). To our knowledge this framework can be considered as one of the first frameworks in ransomware detection because of little publicly-available research in this field. We analyzed Windows ransomwares' behaviour and we tried to find appropriate features which are particular useful in detecting this type of malwares with high detection accuracy and low false positive rate. After hard experimental analysis we extracted 20 effective features which due to two highly efficient ones we could achieve an appropriate set for HSRs detection. After proposing architecture based on Bayesian belief network, the final evaluation is done on some known ransomware samples and unknown ones based on six different scenarios. The result of this evaluations shows the high accuracy of 2entFox in detection of HSRs.

Ahmadon, M. A. B., Yamaguchi, S., Saon, S., Mahamad, A. K..  2017.  On service security analysis for event log of IoT system based on data Petri net. 2017 IEEE International Symposium on Consumer Electronics (ISCE). :4–8.

The Internet of Things (IoT) has bridged our physical world to the cyber world which allows us to achieve our desired lifestyle. However, service security is an essential part to ensure that the designed service is not compromised. In this paper, we proposed a security analysis for IoT services. We focus on the context of detecting malicious operation from an event log of the designed IoT services. We utilized Petri nets with data to model IoT service which is logically correct. Then, we check the trace from an event log by tracking the captured process and data. Finally, we illustrated the approach with a smart home service and showed the effectiveness of our approach.

Ahmed Khurshid, University of Illinois at Urbana-Champaign, Wenxuan Zhou, University of Illinois at Urbana-Champaign, Matthew Caesar, University of Illinois at Urbana-Champaign, P. Brighten Godfrey, University of Illinois at Urbana-Champaign.  2012.  VeriFlow: Verifying Network-Wide Invariants in Real Time. First Workshop on Hot Topics in Software Defined Networks (HotSDN 2012).

Networks are complex and prone to bugs. Existing tools that check configuration files and data-plane state operate offline at timescales of seconds to hours, and cannot detect or prevent bugs as they arise. Is it possible to check network-wide invariants in real time, as the network state evolves? The key challenge here is to achieve extremely low latency during the checks so that network performance is not affected. In this paper, we present a preliminary design, VeriFlow, which suggests that this goal is achievable. VeriFlow is a layer between a software-defined networking controller and network devices that checks for network-wide invariant violations dynamically as each forwarding rule is inserted. Based on an implementation using a Mininet OpenFlow network and Route Views trace data, we find that VeriFlow can perform rigorous checking within hundreds of microseconds per rule insertion.

Ahmed, Abdelmuttlib Ibrahim Abdalla, Khan, Suleman, Gani, Abdullah, Hamid, Siti Hafizah Ab, Guizani, Mohsen.  2018.  Entropy-based Fuzzy AHP Model for Trustworthy Service Provider Selection in Internet of Things. 2018 IEEE 43rd Conference on Local Computer Networks (LCN). :606—613.

Nowadays, trust and reputation models are used to build a wide range of trust-based security mechanisms and trust-based service management applications on the Internet of Things (IoT). Considering trust as a single unit can result in missing important and significant factors. We split trust into its building-blocks, then we sort and assign weight to these building-blocks (trust metrics) on the basis of its priorities for the transaction context of a particular goal. To perform these processes, we consider trust as a multi-criteria decision-making problem, where a set of trust worthiness metrics represent the decision criteria. We introduce Entropy-based fuzzy analytic hierarchy process (EFAHP) as a trust model for selecting a trustworthy service provider, since the sense of decision making regarding multi-metrics trust is structural. EFAHP gives 1) fuzziness, which fits the vagueness, uncertainty, and subjectivity of trust attributes; 2) AHP, which is a systematic way for making decisions in complex multi-criteria decision making; and 3) entropy concept, which is utilized to calculate the aggregate weights for each service provider. We present a numerical illustration in trust-based Service Oriented Architecture in the IoT (SOA-IoT) to demonstrate the service provider selection using the EFAHP Model in assessing and aggregating the trust scores.

Ahmed, Abu Shohel, Aura, Tuomas.  2018.  Turning Trust Around: Smart Contract-Assisted Public Key Infrastructure. 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :104–111.
In past, several Certificate Authority (CA) compromise and subsequent mis-issue of certificate raise the importance of certificate transparency and dynamic trust management for certificates. Certificate Transparency (CT) provides transparency for issued certificates, thus enabling corrective measure for a mis-issued certificate by a CA. However, CT and existing mechanisms cannot convey the dynamic trust state for a certificate. To address this weakness, we propose Smart Contract-assisted PKI (SCP) - a smart contract based PKI extension - to manage dynamic trust network for PKI. SCP enables distributed trust in PKI, provides a protocol for managing dynamic trust, assures trust state of a certificate, and provides a better trust experience for end-users.
Ahmed, Alaa H., Sadri, Fereidoon.  2018.  Datafusion: Taking Source Confidences into Account. Proceedings of the 8th International Conference on Information Systems and Technologies. :9:1–9:6.
Data fusion is a form of information integration where large amounts of data mined from sources such as web sites, Twitter feeds, Facebook postings, blogs, email messages, news streams, and the like are integrated. Such data is inherently uncertain and unreliable. The sources have different degrees of accuracy and the data mining process itself incurs additional uncertainty. The main goal of data fusion is to discover the correct data among the uncertain and possibly conflicting mined data. We investigate a data fusion approach that, in addition to the accuracy of sources, incorporates the correctness (confidence) measures that most data mining approaches associate with mined data. There are a number of advantages in incorporating these confidences. First, we do not require a training set. The initial training set is obtained using the confidence measures. More importantly, a more accurate fusion can result by taking the confidences into account. We present an approach to determine the correctness threshold using users' feedback, and show it can significantly improve the accuracy of data fusion. We evaluate of the performance and accuracy of our data fusion approach for two groups of experiments. In the first group data sources contain random (unintentional) errors. In the second group data sources contain intentional falsifications.
Ahmed, Asraa, Hasan, Taha, Abdullatif, Firas A., T., Mustafa S., Rahim, Mohd Shafry Mohd.  2019.  A Digital Signature System Based on Real Time Face Recognition. 2019 IEEE 9th International Conference on System Engineering and Technology (ICSET). :298—302.

This study proposed a biometric-based digital signature scheme proposed for facial recognition. The scheme is designed and built to verify the person’s identity during a registration process and retrieve their public and private keys stored in the database. The RSA algorithm has been used as asymmetric encryption method to encrypt hashes generated for digital documents. It uses the hash function (SHA-256) to generate digital signatures. In this study, local binary patterns histograms (LBPH) were used for facial recognition. The facial recognition method was evaluated on ORL faces retrieved from the database of Cambridge University. From the analysis, the LBPH algorithm achieved 97.5% accuracy; the real-time testing was done on thirty subjects and it achieved 94% recognition accuracy. A crypto-tool software was used to perform the randomness test on the proposed RSA and SHA256.

Ahmed, C. M., Mathur, A. P..  2017.  Hardware Identification via Sensor Fingerprinting in a Cyber Physical System. 2017 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C). :517–524.

A lot of research in security of cyber physical systems focus on threat models where an attacker can spoof sensor readings by compromising the communication channel. A little focus is given to attacks on physical components. In this paper a method to detect potential attacks on physical components in a Cyber Physical System (CPS) is proposed. Physical attacks are detected through a comparison of noise pattern from sensor measurements to a reference noise pattern. If an adversary has physically modified or replaced a sensor, the proposed method issues an alert indicating that a sensor is probably compromised or is defective. A reference noise pattern is established from the sensor data using a deterministic model. This pattern is referred to as a fingerprint of the corresponding sensor. The fingerprint so derived is used as a reference to identify measured data during the operation of a CPS. Extensive experimentation with ultrasonic level sensors in a realistic water treatment testbed point to the effectiveness of the proposed fingerprinting method in detecting physical attacks.

Ahmed, Chuadhry Mujeeb, Zhou, Jianying, Mathur, Aditya P..  2018.  Noise Matters: Using Sensor and Process Noise Fingerprint to Detect Stealthy Cyber Attacks and Authenticate Sensors in CPS. Proceedings of the 34th Annual Computer Security Applications Conference. :566–581.
A novel scheme is proposed to authenticate sensors and detect data integrity attacks in a Cyber Physical System (CPS). The proposed technique uses the hardware characteristics of a sensor and physics of a process to create unique patterns (herein termed as fingerprints) for each sensor. The sensor fingerprint is a function of sensor and process noise embedded in sensor measurements. Uniqueness in the noise appears due to manufacturing imperfections of a sensor and due to unique features of a physical process. To create a sensor's fingerprint a system-model based approach is used. A noise-based fingerprint is created during the normal operation of the system. It is shown that under data injection attacks on sensors, noise pattern deviations from the fingerprinted pattern enable the proposed scheme to detect attacks. Experiments are performed on a dataset from a real-world water treatment (SWaT) facility. A class of stealthy attacks is designed against the proposed scheme and extensive security analysis is carried out. Results show that a range of sensors can be uniquely identified with an accuracy as high as 98%. Extensive sensor identification experiments are carried out on a set of sensors in SWaT testbed. The proposed scheme is tested on a variety of attack scenarios from the reference literature which are detected with high accuracy
Ahmed, Chuadhry Mujeeb, Ochoa, Martin, Zhou, Jianying, Mathur, Aditya P., Qadeer, Rizwan, Murguia, Carlos, Ruths, Justin.  2018.  NoisePrint: Attack Detection Using Sensor and Process Noise Fingerprint in Cyber Physical Systems. Proceedings of the 2018 on Asia Conference on Computer and Communications Security. :483–497.

An attack detection scheme is proposed to detect data integrity attacks on sensors in Cyber-Physical Systems (CPSs). A combined fingerprint for sensor and process noise is created during the normal operation of the system. Under sensor spoofing attack, noise pattern deviates from the fingerprinted pattern enabling the proposed scheme to detect attacks. To extract the noise (difference between expected and observed value) a representative model of the system is derived. A Kalman filter is used for the purpose of state estimation. By subtracting the state estimates from the real system states, a residual vector is obtained. It is shown that in steady state the residual vector is a function of process and sensor noise. A set of time domain and frequency domain features is extracted from the residual vector. Feature set is provided to a machine learning algorithm to identify the sensor and process. Experiments are performed on two testbeds, a real-world water treatment (SWaT) facility and a water distribution (WADI) testbed. A class of zero-alarm attacks, designed for statistical detectors on SWaT are detected by the proposed scheme. It is shown that a multitude of sensors can be uniquely identified with accuracy higher than 90% based on the noise fingerprint.

Ahmed, Farooq, Li, Xudong, Niu, Yukun, Zhang, Chi, Wei, Lingbo, Gu, Chengjie.  2020.  UniRoam: An Anonymous and Accountable Authentication Scheme for Cross-Domain Access. 2020 International Conference on Networking and Network Applications (NaNA). :198—205.
In recent years, cross-domain roaming through Wi-Fi is ubiquitous, and the number of roaming users has increased dramatically. It is essential to authenticate users belonging to different institutes to ensure network privacy and security. Existing systems, such as eduroam, have centralized and hierarchical structure on indorse accounts that create privacy and security issues. We have proposed UniRoam, a blockchain-based cross-domain authentication scheme that provides accountability and anonymity without any trusted authority. Unlike traditional centralized approaches, UniRoam provides access authentication for its servers and users to provide anonymity and accountability without any privacy leakage issues efficiently. By using the sovrin identifier as an anonymous identity, we integrate our system with Hyperledger and Intel SGX to authenticate users that preserves both anonymity and trust when the user connects to the network. Therefore, UniRoam is highly “faulted-tolerant” to deal with different attacks and provides an effective solution that can be deployed easily in different environments.
Ahmed, H. M., Jassim, R. W..  2020.  Distributed Transform Encoder to Improve Diffie-Hellman Protocol for Big Message Security. 2020 3rd International Conference on Engineering Technology and its Applications (IICETA). :84—88.

Man in the middle Attack (MIMA) problem of Diffie-Hellman key exchange (D-H) protocol, has led to introduce the Hash Diffie-Hellman key exchange (H-D-H) protocol. Which was cracked by applying the brute force attack (BFA) results of hash function. For this paper, a system will be suggested that focusses on an improved key exchange (D-H) protocol, and distributed transform encoder (DTE). That system utilized for enhanced (D-H) protocol algorithm when (D-H) is applied for generating the keys used for encrypting data of long messages. Hash256, with two secret keys and one public key are used for D-H protocol improvements. Finally, DTE where applied, this cryptosystem led to increase the efficiency of data transfer security with strengthening the shared secret key code. Also, it has removed the important problems such as MITM and BFA, as compared to the previous work.

Ahmed, Hamdi Abdurhman, Jang, Jong Wook.  2018.  Document Certificate Authentication System Using Digitally Signed QR Code Tag. Proceedings of the 12th International Conference on Ubiquitous Information Management and Communication. :65:1–65:5.
Now a day document such as Degree certificate can be easily forged fully or partially modifying obtained score result like GPA (Grade Point Average). Digital signature are used to detect unauthorized modification to data and to authenticate the identity of signatory. The Quick Response (QR) code was designed for storage information and high-speed readability. This paper proposed a method that QR code will contain a digital signature with the student data such as degree holder's name, major program, GPA obtained and more, which will be signed by Higher Educational Institute (HEI). In order to use this system, all HEI have to register in central system, the central system provide another system that will deploy in each HEI. All digitally signed certificate generating process are offline. To verify the digital signature signed with QR code, we developed specific smart phone application which will scan and authenticate the certificate without the need to address the certificate issuing institution and gaining access to user's security credentials.
Ahmed, Irfan, Roussev, Vassil, Johnson, William, Senthivel, Saranyan, Sudhakaran, Sneha.  2016.  A SCADA System Testbed for Cybersecurity and Forensic Research and Pedagogy. Proceedings of the 2Nd Annual Industrial Control System Security Workshop. :1–9.

This paper presents a supervisory control and data acquisition (SCADA) testbed recently built at the University of New Orleans. The testbed consists of models of three industrial physical processes: a gas pipeline, a power transmission and distribution system, and a wastewater treatment plant–these systems are fully-functional and implemented at small-scale. It utilizes real-world industrial equipment such as transformers, programmable logic controllers (PLC), aerators, etc., bringing it closer to modeling real-world SCADA systems. Sensors, actuators, and PLCs are deployed at each physical process system for local control and monitoring, and the PLCs are also connected to a computer running human-machine interface (HMI) software for monitoring the status of the physical processes. The testbed is a useful resource for cybersecurity research, forensic research, and education on different aspects of SCADA systems such as PLC programming, protocol analysis, and demonstration of cyber attacks.

Ahmed, M. E., Kim, H..  2017.  DDoS Attack Mitigation in Internet of Things Using Software Defined Networking. 2017 IEEE Third International Conference on Big Data Computing Service and Applications (BigDataService). :271–276.

Securing Internet of Things (IoT) systems is a challenge because of its multiple points of vulnerability. A spate of recent hacks and security breaches has unveiled glaring vulnerabilities in the IoT. Due to the computational and memory requirement constraints associated with anomaly detection algorithms in core networks, commercial in-line (part of the direct line of communication) Anomaly Detection Systems (ADSs) rely on sampling-based anomaly detection approaches to achieve line rates and truly-inline anomaly detection accuracy in real-time. However, packet sampling is inherently a lossy process which might provide an incomplete and biased approximation of the underlying traffic patterns. Moreover, commercial routers uses proprietary software making them closed to be manipulated from the outside. As a result, detecting malicious packets on the given network path is one of the most challenging problems in the field of network security. We argue that the advent of Software Defined Networking (SDN) provides a unique opportunity to effectively detect and mitigate DDoS attacks. Unlike sampling-based approaches for anomaly detection and limitation of proprietary software at routers, we use the SDN infrastructure to relax the sampling-based ADS constraints and collect traffic flow statistics which are maintained at each SDN-enabled switch to achieve high detection accuracy. In order to implement our idea, we discuss how to mitigate DDoS attacks using the features of SDN infrastructure.

Ahmed, M. E., Kim, H., Park, M..  2017.  Mitigating DNS query-based DDoS attacks with machine learning on software-defined networking. MILCOM 2017 - 2017 IEEE Military Communications Conference (MILCOM). :11–16.

Securing Internet of Things is a challenge because of its multiple points of vulnerability. In particular, Distributed Denial of Service (DDoS) attacks on IoT devices pose a major security challenge to be addressed. In this paper, we propose a DNS query-based DDoS attack mitigation system using Software-Defined Networking (SDN) to block the network traffic for DDoS attacks. With some features provided by SDN, we can analyze traffic patterns and filter suspicious network flows out. To show the feasibility of the proposed system, we particularly implemented a prototype with Dirichlet process mixture model to distinguish benign traffic from malicious traffic and conducted experiments with the dataset collected from real network traces. We demonstrate the effectiveness of the proposed method by both simulations and experiment data obtained from the real network traffic traces.

Ahmed, N., Talib, M. A., Nasir, Q..  2018.  Program-flow attestation of IoT systems software. 2018 15th Learning and Technology Conference (L T). :67–73.
Remote attestation is the process of measuring the integrity of a device over the network, by detecting modification of software or hardware from the original configuration. Several remote software-based attestation mechanisms have been introduced, that rely on strict time constraints and other impractical constraints that make them inconvenient for IoT systems. Although some research is done to address these issues, they integrated trusted hardware devices to the attested devices to accomplish their aim, which is costly and not convenient for many use cases. In this paper, we propose “Dual Attestation” that includes two stages: static and dynamic. The static attestation phase checks the memory of the attested device. The dynamic attestation technique checks the execution correctness of the application code and can detect the runtime attacks. The objectives are to minimize the overhead and detect these attacks, by developing an optimized dynamic technique that checks the application program flow. The optimization will be done in the prover and the verifier sides.
Ahmed, Noor O., Bhargava, Bharat.  2016.  Mayflies: A Moving Target Defense Framework for Distributed Systems. Proceedings of the 2016 ACM Workshop on Moving Target Defense. :59–64.

prevent attackers from gaining control of the system using well established techniques such as; perimeter-based fire walls, redundancy and replications, and encryption. However, given sufficient time and resources, all these methods can be defeated. Moving Target Defense (MTD), is a defensive strategy that aims to reduce the need to continuously fight against attacks by disrupting attackers gain-loss balance. We present Mayflies, a bio-inspired generic MTD framework for distributed systems on virtualized cloud platforms. The framework enables systems designed to defend against attacks for their entire runtime to systems that avoid attacks in time intervals. We discuss the design, algorithms and the implementation of the framework prototype. We illustrate the prototype with a quorum-based Byzantime Fault Tolerant system and report the preliminary results.

Ahmed, Sadia.  2016.  Time and Frequency Domain Analysis and Measurement Results of Varying Acoustic Signal to Determine Water Pollutants in the Rio Grande River. Proceedings of the 11th ACM International Conference on Underwater Networks & Systems. :30:1–30:2.

Water occupies three forth of earth's surface. Water is directly and indirectly polluted in many ways. Therefore, it is of vital importance to monitor water pollution levels effectively and regularly. It is a well known fact that changes in the water medium and its parameters directly affect the propagation of acoustic signal through it. As a result, time and frequency domain analysis of an acoustic signal propagating through water can be a valued indicator of water pollution. Preliminary investigative results to determine water contaminants using acoustic signal in an indoor laboratory tank environment was presented in [1]. This paper presents an extended abstract of the continuing research involving a time and frequency domain analysis of acoustic signal in the presence of three water pollutants, namely fertilizer, household detergent, and pesticide. A measurement will be conducted in the Rio Grande River, Espanola, NM, at three different locations by transmitting a single pulse through the water at different depths and distances. The same measurement will be conducted in a tank with clean water and in a tank with three pollutants added separately. The three sets of received signal from the three measurements will be compared to each other. The sets of received signal from the measurement results will be compared to the simulated result of the time and frequency domain response of the acoustic signal for validation. To the best knowledge of the author(s) utilizing acoustic signal and its properties to determine water pollutants using the proposed method is a new approach.

Ahmed, Syed Umaid, Sabir, Arbaz, Ashraf, Talha, Ashraf, Usama, Sabir, Shahbaz, Qureshi, Usama.  2019.  Security Lock with Effective Verification Traits. 2019 International Conference on Computational Intelligence and Knowledge Economy (ICCIKE). :164–169.
To manage and handle the issues of physical security in the modern world, there is a dire need for a multilevel security system to ensure the safety of precious belongings that could be money, military equipment or medical life-saving drugs. Security locker solution is proposed which is a multiple layer security system consisting of various levels of authentication. In most cases, only relevant persons should have access to their precious belongings. The unlocking of the box is only possible when all of the security levels are successfully cleared. The five levels of security include entering of password on interactive GUI, thumbprint, facial recognition, speech pattern recognition, and vein pattern recognition. This project is unique and effective in a sense that it incorporates five levels of security in a single prototype with the use of cost-effective equipment. Assessing our security system, it is seen that security is increased many a fold as it is near to impossible to breach all these five levels of security. The Raspberry Pi microcomputers, handling all the traits efficiently and smartly makes it easy for performing all the verification tasks. The traits used involves checking, training and verifying processes with application of machine learning operations.
Ahmed, Tahmina, Sandhu, Ravi, Park, Jaehong.  2017.  Classifying and Comparing Attribute-Based and Relationship-Based Access Control. Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy. :59–70.
Attribute-based access control (ABAC) expresses authorization policy via attributes while relationship-based access control (ReBAC) does so via relationships. While ABAC concepts have been around for a long time, ReBAC is relatively recent emerging with its essential application in online social networks. Even as ABAC and ReBAC continue to evolve, there are conflicting claims in the literature regarding their comparison. It has been argued that ABAC can subsume ReBAC since attributes can encode relationships. Conversely there are claims that the multilevel (or indirect) relations of ReBAC bring fundamentally new capabilities. So far there is no rigorous comparative study of ABAC vis a vis ReBAC. This paper presents a comparative analysis of ABAC and ReBAC, and shows how various ReBAC features can be realized with different types of ABAC. We first identify several attribute types such as entity/non-entity and structured attributes that significantly influence ABAC or ReBAC expressiveness. We then develop a family of ReBAC models and a separate family of ABAC models based on the identified attribute types, with the goal of comparing the expressive power of these two model families. Further, we identify different dynamics of the models that are crucial for model comparison. We also consider different solutions for representing multilevel relationships with attributes. Finally, the ABAC and ReBAC model families are compared in terms of relative expressiveness and performance implications.
Ahmed, Yussuf, Naqvi, Syed, Josephs, Mark.  2018.  Aggregation of Security Metrics for Decision Making: A Reference Architecture. Proceedings of the 12th European Conference on Software Architecture: Companion Proceedings. :53:1–53:7.
Existing security technologies play a significant role in protecting enterprise systems but they are no longer enough on their own given the number of successful cyberattacks against businesses and the sophistication of the tactics used by attackers to bypass the security defences. Security measurement is different to security monitoring in the sense that it provides a means to quantify the security of the systems while security monitoring helps in identifying abnormal events and does not measure the actual state of an infrastructure's security. The goal of enterprise security metrics is to enable understanding of the overall security using measurements to guide decision making. In this paper we present a reference architecture for aggregating the measurement values from the different components of the system in order to enable stakeholders to see the overall security state of their enterprise systems and to assist with decision making. This will provide a newer dimension to security management by shifting from security monitoring to security measurement.