- Victoria, British Columbia, Canada
Sherif Saad
University of Victoria, Ece, Post-Doc
Research Interests:
Research Interests:
A critical component of any blockchain or distributed ledger technology (DLT) platform is the consensus algorithm. Blockchain consensus algorithms are the primary vehicle for the nodes within a blockchain network to reach an agreement. In... more
A critical component of any blockchain or distributed ledger technology (DLT) platform is the consensus algorithm. Blockchain consensus algorithms are the primary vehicle for the nodes within a blockchain network to reach an agreement. In recent years, many blockchain consensus algorithms have been proposed mainly for private and permissioned blockchain networks. However, the performance of these algorithms and their reliability in hostile environments or the presence of byzantine and other network failures are not well understood. In addition, the testing and validation of blockchain applications come with many technical challenges. In this paper, we apply chaos engineering and testing to understand the performance of consensus algorithms in the presence of different loads, byzantine failure and other communication failure scenarios. We apply chaos engineering to evaluate the performance of three different consensus algorithms (PBFT, Clique, Raft) and their respective blockchain pl...
Research Interests:
Preserving privacy in VANETs is a significant challenge for users and public acceptance of VANETs. The use of a pseudonym is a common technique for enhancing the user’s privacy in VANETs. Several Pseudonym Changing Schemes (PCS) for... more
Preserving privacy in VANETs is a significant challenge for users and public acceptance of VANETs. The use of a pseudonym is a common technique for enhancing the user’s privacy in VANETs. Several Pseudonym Changing Schemes (PCS) for user’s privacy in VANETs have been proposed. The highly dynamic topology of the vehicular network can impact the way the pseudonymous identifiers are changed. To make these changes inconspicuous, we introduce the Context-Aware and Traffic Adaptive privacy scheme, which takes into account the rapidly changing traffic condition. In this paper, we propose a new PCS that aims to benefit the most from the context of the vehicle and traffic patterns to leverage a suitable situation for changing pseudonyms that increases anonymity. The vehicles change the pseudonym simultaneously in a region to increase privacy by maximizing the anonymity set. The proposed approach is evaluated in the presence of an adversary actor who could engineer privacy attacks against any given PCS.
Research Interests:
The area of location privacy in VANET is getting more attention after the emergence of V2X technologies. As the security and privacy are important for the customer's safety, the vehicles equipped with V2X technology must have strong... more
The area of location privacy in VANET is getting more attention after the emergence of V2X technologies. As the security and privacy are important for the customer's safety, the vehicles equipped with V2X technology must have strong techniques to preserve the security and privacy. Pseudonymous authentication proves to satisfy these requirements. The pseudonyms used in this process are subjected to change frequently as the using same pseudonym can be used for tracking the vehicle. Therefore, the pseudonym changing strategies are required for the unlinkability of a pseudonym, untraceability of the vehicle and higher location privacy. In this survey, we examine and discuss the general pseudonym authentication, the requirements, security threats, attack models, privacy metrics and provide a detailed analytical review of pseudonym changing strategies. It gives extensive classi cation of the strategies with a comparison based on various parameters which will help in understanding the ...
Research Interests:
Research Interests:
Online public reviews have significant influenced customers who purchase products or seek services. Fake reviews are posted online to promote or demote targeted products or reputation of the organizations and businesses. Spam review... more
Online public reviews have significant influenced customers who purchase products or seek services. Fake reviews are posted online to promote or demote targeted products or reputation of the organizations and businesses. Spam review detection has been the focus of many researchers in recent years. As the online services have been growing rapidly, the importance of the issue is ever increasing and needs to be addressed properly. In this regard, there is a variety of approaches that have been introduced to distinguish truthful reviews from the fake ones. The main features engineered in the past studies typically involve two types of linguistic-based and behavioural-based characteristics of the reviews. Unsupervised, supervised and semi-supervised machine learning methods have been widely utilized to perform such a classification. This paper introduces a novel approach to detect fake reviews from the genuine ones using linguistic features. Unsupervised learning via self-organizing maps...
Research Interests:
With the rapid growth of cloud computing and remote workforces, organizations are increasingly aware of the risk of data leaks and data exfiltration. Handling such risk has become more challenging because organizations today usually deal... more
With the rapid growth of cloud computing and remote workforces, organizations are increasingly aware of the risk of data leaks and data exfiltration. Handling such risk has become more challenging because organizations today usually deal with big data. In particular, organizations must deal with massive amounts of unstructured data. As a result, modern data leak prevention (DLP) solutions must support automated methods to detect and identify confidential and sensitive information in both structured and unstructured data. In this paper, we demonstrate the benefits of using deep learning to identify unstructured context-dependent sensitive information, in contrast to traditional machine learning methods and rule-based methods.
Research Interests:
The deployment of connected and autonomous vehicles is expected to increase rapidly in the coming decade. For successful operation, it is critical to maintain the security and privacy of the communication messages exchanged among such... more
The deployment of connected and autonomous vehicles is expected to increase rapidly in the coming decade. For successful operation, it is critical to maintain the security and privacy of the communication messages exchanged among such vehicles. One important aspect of this is to maintain the location privacy of vehicles/users that use unencrypted basic safety messages (BSM) to exchange information with nearby vehicles. The use of temporary identifiers called pseudonyms have been proposed for protecting location privacy. A pseudonym change strategy (PCS) determines the conditions under which pseudonyms should change. The goal is to change pseudonyms in a way that prevents an attacker from linking multiple pseudonyms to the same vehicle. In this paper we explore how an intelligent attacker placement scheme can impact the success rate for linking pseudonyms. We propose a new speed-based attacker placement algorithm that can be used to evaluate different PCS. Simulation results indicate...
One of the major limitations of current Intrusion Detection System (IDS) technology is alerts flooding which is a time consuming and resource intensive problem for intrusion analysts and organizations. Alerts flooding has been handled... more
One of the major limitations of current Intrusion Detection System (IDS) technology is alerts flooding which is a time consuming and resource intensive problem for intrusion analysts and organizations. Alerts flooding has been handled using alerts aggregation techniques. In general, the majority of IDS alerts aggregation techniques use alerts similarity to aggregate and summarize alerts. Because intrusion characteristics are expressed using symbolic attributes, measuring the similarity between IDS alerts is difficult. Previous techniques in the area of alerts aggregation mostly use perfect match or ad-hoc techniques to measure the similarity between alerts attributes. In this paper, we propose a new IDS alerts aggregation and reduction technique based on semantic similarity between intrusions. We define a new metric to measure semantic similarity between different intrusion instances. In addition we propose a new information loss metric to measure the quality of the alert aggregatio...
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Vehicular communication discloses critical information about the vehicle. Association of this information to the drivers put the privacy of the driver at risk. The broadcast of safety messages in plain text is essential for safety... more
Vehicular communication discloses critical information about the vehicle. Association of this information to the drivers put the privacy of the driver at risk. The broadcast of safety messages in plain text is essential for safety applications but not secure with respect to the privacy of the driver. Many pseudonymous schemes are proposed in the literature, yet the level of privacy is not being compared among these schemes. Our contribution in this paper is the identification of the vulnerabilities in the existing pseudonym changing schemes, determining the attacking capabilities of the local-passive attacker and demonstration of the optimal case for an attacker to deploy the network of eavesdropping stations with the feasible attacking capabilities. We have also provided the analysis and comparison of the different pseudonym changing schemes with a new metric to measure tracking ability of the local-passive attacker in highway and urban scenarios as well as with the varying number of attacking stations.
This paper focuses on the effective classification of the behavior of users accessing computing devices to authenticate them. The authentication is based on keystroke dynamics which captures the user's behavioral biometric and applies... more
This paper focuses on the effective classification of the behavior of users accessing computing devices to authenticate them. The authentication is based on keystroke dynamics which captures the user's behavioral biometric and applies machine learning concepts to classify them. The users type a strong passcode ".tie5Roanl" to record their typing pattern. In order to confirm identity anonymous data from 94 users were collected to carry out the research. Given the raw data, features were extracted from the attributes based on the button pressed and action timestamp events. The Support Vector Machine (SVM) classifier uses multi-class classification with one vs. one decision shape function to classify different users. To reduce the classification error, it is essential to identify the important features from the raw data. In an effort to confront the generation of features from attributes an efficient feature extraction algorithm has been developed, obtaining high classification performance are now being sought. In this paper, we have applied minimum redundancy maximum relevance mRMR feature selection to increase the classification performance metrics and to confirm the identity of the users based on the way they access computing devices. From the results, we conclude that touch pressure, touch size and coordinates effectively contribute to identifying each user. The research will contribute significantly to the field of cyber-security by forming a robust au thentication system using machine learning algorithms.
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
... This ontology provides a formal description of the concepts characterizing the network forensics domain and describes the relationships between these concepts. In addition, the ontology is used to provide a formal description for... more
... This ontology provides a formal description of the concepts characterizing the network forensics domain and describes the relationships between these concepts. In addition, the ontology is used to provide a formal description for network forensics analysis methods. ...
Research Interests:
In this paper we propose a new approach to manage alerts flooding in IDSs. The proposed approach uses semantic analysis and ontology engineering techniques to combine and fuse two or more raw IDS alerts into one summarized... more
In this paper we propose a new approach to manage alerts flooding in IDSs. The proposed approach uses semantic analysis and ontology engineering techniques to combine and fuse two or more raw IDS alerts into one summarized hybrid/meta-alert. Our approach applies a new method based on measuring the semantic similarity between IDS alerts attributes to identify the alerts that are