Visible to the public Biblio

Filters: Author is Al-Sharif, Ziad A.  [Clear All Filters]
Al-hamouri, Rahaf, Al-Jarrah, Heba, Al-Sharif, Ziad A., Jararweh, Yaser.  2020.  Measuring the Impacts of Virtualization on the Performance of Thread-Based Applications. 2020 Seventh International Conference on Software Defined Systems (SDS). :131–138.
The following topics are dealt with: cloud computing; software defined networking; cryptography; telecommunication traffic; Internet of Things; authorisation; software radio; cryptocurrencies; data privacy; learning (artificial intelligence).
Qawasmeh, Ethar, Al-Saleh, Mohammed I., Al-Sharif, Ziad A..  2019.  Towards a Generic Approach for Memory Forensics. 2019 Sixth HCT Information Technology Trends (ITT). :094—098.

The era of information technology has, unfortunately, contributed to the tremendous rise in the number of criminal activities. However, digital artifacts can be utilized in convicting cybercriminal and exposing their activities. The digital forensics science concerns about all aspects related to cybercrimes. It seeks digital evidence by following standard methodologies to be admitted in court rooms. This paper concerns about memory forensics for the unique artifacts it holds. Memory contains information about the current state of systems and applications. Moreover, an application's data explains how a criminal has been interacting the application just before the memory is acquired. Memory forensics at the application level is currently random and cumbersome. Targeting specific applications is what forensic researchers and practitioner are currently striving to provide. This paper suggests a general solution to investigate any application. Our solution aims to utilize an application's data structures and variables' information in the investigation process. This is because an application's data has to be stored and retrieved in the means of variables. Data structures and variables' information can be generated by compilers for debugging purposes. We show that an application's information is a valuable resource to the investigator.

Al-Saleh, Mohammed I., Al-Sharif, Ziad A., Alawneh, Luay.  2019.  Network Reconnaissance Investigation: A Memory Forensics Approach. 2019 10th International Conference on Information and Communication Systems (ICICS).

Perpetrators utilize different network reconnaissance techniques in order to discover vulnerabilities and conduct their attacks. Port scanning can be leveraged to conclude open ports, available services, and even running operating systems along with their versions. Even though these techniques are effective, their aggressiveness for information gain could leave an apparent sign of attack, which can be observed by the variety of security controls deployed at the network perimeter of an organization. However, not all such attacks can be stopped nor the corresponding security controls can defend against insiders. In this paper, we tackle the problem of reconnaissance detection using a different approach. We utilize the rich information that is kept in memory (or RAM). We observe that packets sent or received stay in memory for a while. Our results show that inspecting memory for attack signs is beneficial. Furthermore, correlating contents that are obtained from different memories empowers the investigation process and helps reach to conclusions.