Browsing by Author "Kaiiali, Mustafa"
Now showing 1 - 11 of 11
Results Per Page
Sort Options
Item Open Access Cloud Computing in the Quantum Era(IEEE, 2019-06-12) Kaiiali, Mustafa; Sezer, Sakir; Khalid, AyeshaCloud computing has become the prominent technology of this era. Its elasticity, dynamicity, availability, heterogeneity, and pay as you go pricing model has attracted several companies to migrate their businesses' services into the cloud. This gives them more time to focus solely on their businesses and reduces the management and backup overhead leveraging the flexibility of cloud computing. On the other hand, quantum technology is developing very rapidly. Experts are expecting to get an efficient quantum computer within the next decade. This has a significant impact on several sciences including cryptography, medical research, and other fields. This paper analyses the reciprocal impact of quantum technology on cloud computing and vice versa.Item Metadata only A Cloud-based Architecture for Mitigating Privacy Issues in Online Social Networks(Zarqa University, 2019-09) Kaiiali, Mustafa; Iliyasu, Auwal; Wazan, Ahmad; Habbal, Adib; Muhammad, YusufOnline social media networks have revolutionized the way information is shared across our societies and around the world. Information is now delivered for free to a large audience within a short period of time. Anyone can publish news and information and become a content creator over the internet. However, along with these benefits is the privacy issue that raises a serious concern due to incidences of privacy breaches in Online Social Networks (OSNs). Various projects have been developed to protect users’ privacy in OSNs. This paper discusses those projects and analysestheir pros and cons. Then it proposes a new cloud-based model to shield up OSNs users against unauthorized disclosure of their private data. The model supports both trusted (private) as well as untrusted (3rd party) clouds. An efficiency analysis is provided at the end to show that the proposed model offers a lot of improvements over existing ones.Item Embargo Designing a Secure Exam Management System (SEMS) for M-Learning Environments(IEEE, 2016-02-03) Kaiiali, Mustafa; Ozkaya, Armagan; Altun, Halis; Haddad, Hatem; Alier, MarcM-learning has enhanced the e-learning by making the learning process learner-centered. However, enforcing exam security in open environments where each student has his/her own mobile/tablet device connected to a Wi-Fi network through which it is further connected to the Internet can be one of the most challenging tasks. In such environments, students can easily exchange information over the network during exam time. This paper aims to identify various vulnerabilities that may violate exam security in m-learning environments and to design the appropriate security services and countermeasures that can be put in place to ensure exam security. It also aims to integrate the resulting secure exam system with an existing, open-source, and widely accepted Learning Management System (LMS) and its service extension to the m-learning environment, namely “the Moodbile Project”.Item Open Access Designing a VM-level vertical scalability service in current cloud platforms: A new hope for wearable computers(TUBITAK, 2017-07-30) Kaiiali, MustafaPublic clouds are becoming ripe for enterprise adoption. Many companies, including large enterprises, are increasingly relying on public clouds as a substitute for, or a supplement to, their own computing infrastructures. On the other hand, cloud storage service has attracted over 625 million users. However, apart from the storage service, other cloud services, such as the computing service, have not yet attracted the end users’ interest for economic and technical reasons. Cloud service providers offers horizontal scalability to make their services scalable and economical for enterprises while it is still not economical for the individual users to use their computing services due to the lack of vertical scalability. Moreover, current virtualization technologies and operating systems, specifically the guest operating systems installed on virtual machines, do not support the concept of vertical scalability. In addition, network remote access protocols are meant to administer remote machines but they are unable to run the non-administrative tasks such as playing heavy games and watching high quality videos remotely in a way that makes the users feel as if they are sitting locally on their personal machines. On the other hand, the industry is yet unable to make efficient wearable computers a reality due to the limited size of the wearable devices, where it is infeasible to place efficient processors and big enough hard disks. This paper aims to highlight the need for the vertical scalability service and design the appropriate cloud, virtualization layer, and operating system services to incorporate vertical scalability in current cloud platforms in a way that will make it economically and technically efficient for the end users to use cloud virtual machines as if they are using their personal laptops. Through these services, the cloud takes wearable computing to the next stage and makes wearable computers a reality.Item Open Access MaldomDetector: A System for Detecting Algorithmically Generated Domain Names with Machine Learning(Elsevier, 2020-03-12) Almashhadani, Ahmad O.; Kaiiali, Mustafa; Carlin, Domhnall; Sezer, SakirOne of the leading problems in cyber security at present is the unceasing emergence of sophisticated attacks, such as botnets and ransomware, that rely heavily on Command and Control (C&C) channels to conduct their malicious activities remotely. To avoid channel detection, attackers constantly try to create different covert communication techniques. One such technique is Domain Generation Algorithm (DGA), which allows malware to generate numerous domain names until it finds its corresponding C&C server. It is highly resilient to detection systems and reverse engineering, while allowing the C&C server to have several redundant domain names. This paper presents a malicious domain name detection system, MaldomDetector, which is based on machine learning. It is capable of detecting DGA-based communications and circumventing the attack before it makes any successful connection with the C&C server, using only domain name's characters. MaldomDetector uses a set of easy-to-compute and language-independent features in addition to a deterministic algorithm to detect malicious domains. The experimental results demonstrate that MaldomDetector can operate efficiently as a first alarm to detect DGA-based domains of malware families while maintaining high detection accuracy.Item Open Access MFMCNS: A Multi-Feature and Multi-Classifier Network-based System for Ransomworm Detection(Elsevier, 2022-07-29) Almashhadani, Ahmad O.; Carlina, Domhnall; Kaiiali, Mustafa; Sezer, SakirRansomware is a type of advanced malware that can encrypt a user’s files or lock a computer system until a ransom has been paid. Ransomworm is a type of malware that combines the payload of ransomware with the propagation feature of a computer worm. Most host-based detection methods require the host to be infected and the payload to be executed first to be able to identify anomalies and detect the malware. By the time of infection, it might too late as some of the system’s assets would have been already encrypted or exfiltrated by the malware. On the contrary, the network-based methods can be one of the crucial means in detecting ransomworm activities when it attempts to spread to infect other networks before executing the payload. Therefore, a thorough analysis of ransomworm network traffic can be one of the essential means for early detection. This paper presents a comprehensive behavioral analysis of ransomworm network traffic, taking WannaCry, which launched a worldwide cyberattack, and NotPetya as a case study. Two sets of related features were extracted based on two independent flow levels: session-based and time-based. On top of each set, an independent classifier was built. Moreover, to improve the reliability, a multi-feature and multi-classifier network-based system, MFMCNS, has been proposed. MFMCNS employs these classifiers working in parallel on different flow levels, then it adopts a fusion rule to combine the classifiers’ decisions. The experimental results prove that MFMCNS is reliable and has high detection accuracy.Item Embargo A Multi-Classifier Network-Based Crypto Ransomware Detection System: A Case Study of Locky Ransomware(IEEE, 2019-03-26) O. Almashhadani, Ahmad; Kaiiali, Mustafa; Sezer, Sakir; O’Kane, PhilipRansomware is a type of advanced malware that has spread rapidly in recent years, causing significant financial losses for a wide range of victims, including organizations, healthcare facilities, and individuals. Modern host-based detection methods require the host to be infected first in order to identify anomalies and detect the malware. By the time of infection, it can be too late as some of the system's assets would have been already exfiltrated or encrypted by the malware. Conversely, the network-based methods can be effective in detecting ransomware attacks, as most ransomware families try to connect to command and control servers before their harmful payloads are executed. Therefore, a careful analysis of ransomware network traffic can be one of the key means for early detection. This paper demonstrates a comprehensive behavioral analysis of crypto ransomware network activities, taking Locky, one of the most serious families, as a case study. A dedicated testbed was built, and a set of valuable and informative network features were extracted and classified into multiple types. A network-based intrusion detection system was implemented, employing two independent classifiers working in parallel on different levels: packet and flow levels. The experimental evaluation of the proposed detection system demonstrates that it offers high detection accuracy, low false positive rate, valid extracted features, and is highly effective in tracking ransomware network activities.Item Open Access Network Intrusion Detection based on Amino Acid Sequence Structure Using Machine Learning(MDPI, 2023-10-17) Ibaisi, Thaer AL; Kuhn, Stefan; Kaiiali, Mustafa; Kazim, MuhammadThe detection of intrusions in computer networks, known as Network-Intrusion-Detection Systems (NIDSs), is a critical field in network security. Researchers have explored various methods to design NIDSs with improved accuracy, prevention measures, and faster anomaly identification. Safeguarding computer systems by quickly identifying external intruders is crucial for seamless business continuity and data protection. Recently, bioinformatics techniques have been adopted in NIDSs’ design, enhancing their capabilities and strengthening network security. Moreover, researchers in computer science have found inspiration in molecular biology’s survival mechanisms. These nature-designed mechanisms offer promising solutions for network security challenges, outperforming traditional techniques and leading to better results. Integrating these nature-inspired approaches not only enriches computer science, but also enhances network security by leveraging the wisdom of nature’s evolution. As a result, we have proposed a novel Amino-acid-encoding mechanism that is bio-inspired, utilizing essential Amino acids to encode network transactions and generate structural properties from Amino acid sequences. This mechanism offers advantages over other methods in the literature by preserving the original data relationships, achieving high accuracy of up to 99%, transforming original features into a fixed number of numerical features using bio-inspired mechanisms, and employing deep machine learning methods to generate a trained model capable of efficiently detecting network attack transactions in real-time.Item Open Access RootAsRole: a security module to manage the administrative privileges for Linux(Elsevier, 2022-10-25) Wazan, Ahmad Samer; Chadwick, David W; Venant, Remi; Billoir, Eddie; Laborde, Romain; Liza, Ahmad; Kaiiali, MustafaToday, Linux users use sudo/su commands to attribute Linux’s administrative privileges to their programs. These commands always give the whole list of administrative privileges to Linux programs, unless there are pre-installed default policies defined by Linux Security Modules(LSM). LSM modules require users to inject the needed privileges into the memory of the process and to declare the needed privileges in an LSM policy. This approach can work for users who have good knowledge of the syntax of LSM modules’ policies. Adding or editing an existing policy is a very time-consuming process because LSM modules require adding a complete list of traditional permissions as well as administrative privileges. We propose a new Linux module called RootAsRole that is dedicated to the management of administrative privileges. RootAsRole is not proposed to replace LSM modules but to be used as a complementary module to manage Linux administrative privileges. RootAsRole allows Linux administrators to define a set of roles that contain the administrative privileges and restrict their usage to a set of users/groups and programs. Finally, we conduct an empirical performance study to compare RootAsRole tools with sudo/su commands to show that the overhead added by our module remains acceptable.Item Open Access A secure data outsourcing scheme based on Asmuth – Bloom secret sharing(Taylor & Francis Online, 2016-01-01) I. M., Yusuf; Kaiiali, Mustafa; Habbal, Adib; Wazan, A. S.; S. I., AuwalData outsourcing is an emerging paradigm for data management in which a database is provided as a service by third-party service providers. One of the major benefits of offering database as a service is to provide organisations, which are unable to purchase expensive hardware and software to host their databases, with efficient data storage accessible online at a cheap rate. Despite that, several issues of data confidentiality, integrity, availability and efficient indexing of users’ queries at the server side have to be addressed in the data outsourcing paradigm. Service providers have to guarantee that their clients’ data are secured against internal (insider) and external attacks. This paper briefly analyses the existing indexing schemes in data outsourcing and highlights their advantages and disadvantages. Then, this paper proposes a secure data outsourcing scheme based on Asmuth–Bloom secret sharing which tries to address the issues in data outsourcing such as data confidentiality, availability and order preservation for efficient indexing.Item Metadata only Trust Management for Public Key Infrastructures: Implementing the X.509 Trust Broker(Hindawi, 2017-02-09) Wazan, Ahmad Samer; Laborde, Romain; Chadwick, David W.; Barrere, Francois; Benzekri, Abdelmalek; Kaiiali, Mustafa; Habbal, AdibA Public Key Infrastructure (PKI) is considered one of the most important techniques used to propagate trust in authentication over the Internet. This technology is based on a trust model defined by the original X.509 (1988) standard and is composed of three entities: the certification authority (CA), the certificate holder (or subject), and the Relying Party (RP). The CA plays the role of a trusted third party between the certificate holder and the RP. In many use cases, this trust model has worked successfully. However, we argue that the application of this model on the Internet implies that web users need to depend on almost anyone in the world in order to use PKI technology. Thus, we believe that the current TLS system is not fit for purpose and must be revisited as a whole. In response, the latest draft edition of X.509 has proposed a new trust model by adding new entity called the Trust Broker (TB). In this paper, we present an implementation approach that a Trust Broker could follow in order to give RPs trust information about a CA by assessing the quality of its issued certificates. This is related to the quality of the CA’s policies and procedures and its commitment to them. Finally, we present our Trust Broker implementation that demonstrates how RPs can make informed decisions about certificate holders in the context of the global web, without requiring large processing resources themselves.