Change search
Link to record
Permanent link

Direct link
Publications (10 of 74) Show all publications
Alani, M. M. & Awad, A. I. (2023). An Intelligent Two-Layer Intrusion Detection System for the Internet of Things. IEEE Transactions on Industrial Informatics, 19(1), 683-692
Open this publication in new window or tab >>An Intelligent Two-Layer Intrusion Detection System for the Internet of Things
2023 (English)In: IEEE Transactions on Industrial Informatics, ISSN 1551-3203, E-ISSN 1941-0050, Vol. 19, no 1, p. 683-692Article in journal (Refereed) Published
Abstract [en]

The Internet of Things (IoT) has become an enabler paradigm for different applications, such as healthcare, education, agriculture, smart homes, and recently, enterprise systems (E-IoTs). Significant advances in IoT networks have been hindered by security vulnerabilities and threats, which, if not addressed, can negatively impact the deployment and operation of IoT-enabled systems. This study addresses IoT security and presents an intelligent two-layer intrusion detection system for IoT. The system's intelligence is driven by machine learning techniques for intrusion detection, with the two-layer architecture handling flow-based and packet-based features. By selecting significant features, the time overhead is minimized without affecting detection accuracy. The uniqueness and novelty of the proposed system emerge from combining machine learning and selection modules for flow-based and packet-based features. The proposed intrusion detection works at the network layer, and hence, it is device and application transparent. In our experiments, the proposed system had an accuracy of 99.15% for packet-based features with a testing time of 0.357 μs. The flow-based classifier had an accuracy of 99.66% with a testing time of 0.410 μs. A comparison demonstrated that the proposed system outperformed other methods described in the literature. Thus, it is an accurate and lightweight tool for detecting intrusions in IoT systems.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2023
Keywords
Internet of Things, intrusion detection, machine learning, flow-based features, packet-based features, efficiency
National Category
Information Systems
Research subject
Information systems
Identifiers
urn:nbn:se:ltu:diva-92495 (URN)10.1109/tii.2022.3192035 (DOI)000880654600069 ()2-s2.0-85135233186 (Scopus ID)
Note

Validerad;2022;Nivå 2;2022-11-28 (sofila)

Available from: 2022-08-16 Created: 2022-08-16 Last updated: 2022-11-28Bibliographically approved
Shokry, M., Awad, A. I., Abd-Ellah, M. K. & Khalaf, A. A. M. (2023). CORAS Model for Security Risk Assessment in Advanced Metering Infrastructure Systems. In: Aboul Ella Hassanien; Václav Snášel; Mincong Tang; Tien-Wen Sung; Kuo-Chi Chang (Ed.), Aboul Ella Hassanien; Václav Snášel; Mincong Tang; Tien-Wen Sung; Kuo-Chi Chang (Ed.), Proceedings of the 8th International Conference on Advanced Intelligent Systems and Informatics 2022: . Paper presented at 8th International Conference on Advanced Intelligent Systems and Informatics (AISI’22), Cairo, Egypt, November 20-22, 2022 (pp. 449-459). Springer Nature
Open this publication in new window or tab >>CORAS Model for Security Risk Assessment in Advanced Metering Infrastructure Systems
2023 (English)In: Proceedings of the 8th International Conference on Advanced Intelligent Systems and Informatics 2022 / [ed] Aboul Ella Hassanien; Václav Snášel; Mincong Tang; Tien-Wen Sung; Kuo-Chi Chang, Springer Nature, 2023, p. 449-459Conference paper, Published paper (Refereed)
Abstract [en]

The risk assessment process is one of the most important tasks that must be performed on critical infrastructure systems to detect security vulnerabilities and risks. The risk assessment task is used to evaluate the likelihood and the impact of the potential threats on the critical assets of any system by determining the threats, the unwanted incidents, and the mitigation techniques to reduce these risks. The advanced metering infrastructure (AMI) system is considered one of the critical infrastructure systems and part of the smart grid system. AMI collects electricity consumption data from the customer’s residence to the electricity data center through bidirectional communication channels to be analyzed. This paper conducts a risk assessment process on the AMI system using the CORAS risk assessment model and CORAS risk assessment tool v1.4 to identify possible risks. The study applies the eight steps of the CORAS model to the AMI system from determining the critical assets in the AMI system to determining the mitigation techniques that can be applied to overcome the existing security vulnerabilities. In the end, this study provides a better understanding of the AMI security risks toward identifying adequate security perimeters for AMI systems.

Place, publisher, year, edition, pages
Springer Nature, 2023
Series
Lecture Notes on Data Engineering and Communications Technologies (LNDECT), ISSN 2367-4512, E-ISSN 2367-4520 ; 152
Keywords
Advanced metering infrastructure (AMI), CORAS risk assessment model, Risk assessment, Security threats, Smart grids
National Category
Computer Systems
Research subject
Information systems
Identifiers
urn:nbn:se:ltu:diva-94837 (URN)10.1007/978-3-031-20601-6_39 (DOI)2-s2.0-85142633433 (Scopus ID)
Conference
8th International Conference on Advanced Intelligent Systems and Informatics (AISI’22), Cairo, Egypt, November 20-22, 2022
Note

ISBN for host publication: 978-3-031-20600-9; 978-3-031-20601-6

Available from: 2022-12-15 Created: 2022-12-15 Last updated: 2022-12-15Bibliographically approved
Alani, M. M. & Awad, A. I. (2022). AdStop: Efficient Flow-based Mobile Adware Detection using Machine Learning. Computers & security (Print), 117, Article ID 102718.
Open this publication in new window or tab >>AdStop: Efficient Flow-based Mobile Adware Detection using Machine Learning
2022 (English)In: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 117, article id 102718Article in journal (Refereed) Published
Abstract [en]

In recent years, mobile devices have become commonly used not only for voice communications but also to play a major role in our daily activities. Accordingly, the number of mobile users and the number of mobile applications (apps) have increased exponentially. With a wide user base exceeding 2 billion users, Android is the most popular operating system worldwide, which makes it a frequent target for malicious actors. Adware is a form of malware that downloads and displays unwanted advertisements, which are often offensive and always unsolicited. This paper presents a machine learning-based system (AdStop) that detects Android adware by examining the features in the flow of network traffic. The design goals of AdStop are high accuracy, high speed, and good generalizability beyond the training dataset. A feature reduction stage was implemented to increase the accuracy of Adware detection and reduce the time overhead. The number of relevant features used in training was reduced from 79 to 13 to improve the efficiency and simplify the deployment of AdStop. In experiments, the tool had an accuracy of 98.02% with a false positive rate of 2% and a false negative rate of 1.9%. The time overhead was 5.54 s for training and 9.36 µs for a single instance in the testing phase. In tests, AdStop outperformed other methods described in the literature. It is an accurate and lightweight tool for detecting mobile adware.

Place, publisher, year, edition, pages
Elsevier, 2022
Keywords
Mobile adware, Malware detection, Traffic flow, Machine learning, Feature engineering, Time efficiency
National Category
Computer Systems Computer Sciences
Research subject
Information systems
Identifiers
urn:nbn:se:ltu:diva-90117 (URN)10.1016/j.cose.2022.102718 (DOI)000797939000002 ()2-s2.0-85128191461 (Scopus ID)
Note

Validerad;2022;Nivå 2;2022-04-20 (hanlid)

Available from: 2022-04-07 Created: 2022-04-07 Last updated: 2022-06-03Bibliographically approved
Wang, J., Baker, T., Zhou, Y., Awad, A. I., Wang, B. & Zhu, Y. (2022). Automatic mapping of configuration options in software using static analysis. Journal of King Saud University - Computer and Information Sciences, 34(10, Part B), 10044-10055
Open this publication in new window or tab >>Automatic mapping of configuration options in software using static analysis
Show others...
2022 (English)In: Journal of King Saud University - Computer and Information Sciences, ISSN 1319-1578, Vol. 34, no 10, Part B, p. 10044-10055Article in journal (Refereed) Published
Abstract [en]

Configuration errors are some of the main reasons for software failures. Some configuration options may even negatively impact the software’s security, so that if a user sets the options inappropriately, there may be a huge security risk for the software. Recent studies have proposed mapping option read points to configuration options as the first step in alleviating the occurrence of configuration errors. Sadly, most available techniques use humans, and the rest require additional input, like an operation manual. Unfortunately, not all software is standardized and friendly. We propose a technique based on program and static analysis that can automatically map all the configuration options of a program just by reading the source code. Our evaluation shows that this technique achieves 88.6%, 97.7%, 94.6%, 94.8%, and 92.6% success rates with the Hadoop modules Common, Hadoop distributed file system, MapReduce, and YARN, and also PX4, when extracting configuration options. We found 53 configuration options in PX4 that were not documented and submitted these to the developers. Compared with published work, our technique is more effective in mapping options, and it may lay the foundation for subsequent research on software configuration security.

Place, publisher, year, edition, pages
Elsevier, 2022
Keywords
Software security, Configuration error, Configuration option, Option read point, Program analysis, Static analysis
National Category
Information Systems Software Engineering
Research subject
Information Systems
Identifiers
urn:nbn:se:ltu:diva-93987 (URN)10.1016/j.jksuci.2022.10.004 (DOI)000999620800072 ()2-s2.0-85140966613 (Scopus ID)
Note

Validerad;2023;Nivå 2;2023-04-20 (joosat);

Funder: National Key R&D Program of China (grant no. 2020YFB100560); National Natural Science Foundation of China (grant no. U21A20463); Fundamental Research Funds for the Central Universities of China (grant no, KKJB320001536)

Licens fulltext: CC BY License

Available from: 2022-11-10 Created: 2022-11-10 Last updated: 2024-08-15Bibliographically approved
Sodhro, A. H., Awad, A. I., van de Beek, J. & Nikolakopoulos, G. (2022). Intelligent authentication of 5G healthcare devices: A survey. Internet of Things: Engineering Cyber Physical Human Systems, 20, Article ID 100610.
Open this publication in new window or tab >>Intelligent authentication of 5G healthcare devices: A survey
2022 (English)In: Internet of Things: Engineering Cyber Physical Human Systems, E-ISSN 2542-6605, Vol. 20, article id 100610Article, review/survey (Refereed) Published
Abstract [en]

The dynamic nature of wireless links and the mobility of devices connected to the Internet of Things (IoT) over fifth-generation (5G) networks (IoT-5G), on the one hand, empowers pervasive healthcare applications. On the other hand, it allows eavesdroppers and other illegitimate actors to access secret information. Due to the poor time efficiency and high computational complexity of conventional cryptographic methods and the heterogeneous technologies used, it is easy to compromise the authentication of lightweight wearable and healthcare devices. Therefore, intelligent authentication, which relies on artificial intelligence (AI), and sufficient network resources are extremely important for securing healthcare devices connected to IoT-5G. This survey considers intelligent authentication and includes a comprehensive overview of intelligent authentication mechanisms for securing IoT-5G devices deployed in the healthcare domain. First, it presents a detailed, thoughtful, and state-of-the-art review of IoT-5G, healthcare technologies, tools, applications, research trends, challenges, opportunities, and solutions. We selected 20 technical articles from those surveyed based on their strong overlaps with IoT, 5G, healthcare, device authentication, and AI. Second, IoT-5G device authentication, radio-frequency fingerprinting, and mutual authentication are reviewed, characterized, clustered, and classified. Third, the review envisions that AI can be used to integrate the attributes of the physical layer and 5G networks to empower intelligent healthcare devices. Moreover, methods for developing intelligent authentication models using AI are presented. Finally, the future outlook and recommendations are introduced for IoT-5G healthcare applications, and recommendations for further research are presented as well. The remarkable contributions and relevance of this survey may assist the research community in understanding the research gaps and the research opportunities relating to the intelligent authentication of IoT-5G healthcare devices.

Place, publisher, year, edition, pages
Elsevier, 2022
Keywords
Internet of Things (IoT), Internet of Things security, Device authentication, Artificial intelligence, Healthcare security, 5G networks
National Category
Information Systems Computer Sciences
Research subject
Information systems; Signal Processing; Robotics and Artificial Intelligence
Identifiers
urn:nbn:se:ltu:diva-92871 (URN)10.1016/j.iot.2022.100610 (DOI)000862155700002 ()2-s2.0-85138101077 (Scopus ID)
Funder
The Kempe Foundations
Note

Validerad;2022;Nivå 2;2022-09-27 (hanlid)

Available from: 2022-09-08 Created: 2022-09-08 Last updated: 2023-09-04Bibliographically approved
Farooq, U., Asim, M., Tariq, N., Baker, T. & Awad, A. I. (2022). Multi-Mobile Agent Trust Framework for Mitigating Internal Attacks and Augmenting RPL Security. Sensors, 22(12), Article ID 4539.
Open this publication in new window or tab >>Multi-Mobile Agent Trust Framework for Mitigating Internal Attacks and Augmenting RPL Security
Show others...
2022 (English)In: Sensors, E-ISSN 1424-8220, Vol. 22, no 12, article id 4539Article in journal (Refereed) Published
Abstract [en]

Recently, the Internet of Things (IoT) has emerged as an important way to connect diverse physical devices to the internet. The IoT paves the way for a slew of new cutting-edge applications. Despite the prospective benefits and many security solutions offered in the literature, the security of IoT networks remains a critical concern, considering the massive amount of data generated and transmitted. The resource-constrained, mobile, and heterogeneous nature of the IoT makes it increasingly challenging to preserve security in routing protocols, such as the routing protocol for low-power and lossy networks (RPL). RPL does not offer good protection against routing attacks, such as rank, Sybil, and sinkhole attacks. Therefore, to augment the security of RPL, this article proposes the energy-efficient multi-mobile agent-based trust framework for RPL (MMTM-RPL). The goal of MMTM-RPL is to mitigate internal attacks in IoT-based wireless sensor networks using fog layer capabilities. MMTM-RPL mitigates rank, Sybil, and sinkhole attacks while minimizing energy and message overheads by 25–30% due to the use of mobile agents and dynamic itineraries. MMTM-RPL enhances the security of RPL and improves network lifetime (by 25–30% or more) and the detection rate (by 10% or more) compared to state-of-the-art approaches, namely, DCTM-RPL, RBAM-IoT, RPL-MRC, and DSH-RPL. 

Place, publisher, year, edition, pages
MDPI, 2022
Keywords
Internet of Things, RPL, rank attack, Sybil attack, sinkhole attack, trust, mobile agent
National Category
Computer Engineering Signal Processing
Research subject
Information systems
Identifiers
urn:nbn:se:ltu:diva-91967 (URN)10.3390/s22124539 (DOI)000817344800001 ()35746321 (PubMedID)2-s2.0-85132259586 (Scopus ID)
Note

Validerad;2022;Nivå 2;2022-06-28 (joosat);

Available from: 2022-06-28 Created: 2022-06-28 Last updated: 2022-07-11Bibliographically approved
Alani, M. M. & Awad, A. I. (2022). PAIRED: An Explainable Lightweight Android Malware Detection System. IEEE Access, 10, 73214-73228
Open this publication in new window or tab >>PAIRED: An Explainable Lightweight Android Malware Detection System
2022 (English)In: IEEE Access, E-ISSN 2169-3536, Vol. 10, p. 73214-73228Article in journal (Refereed) Published
Abstract [en]

With approximately 2 billion active devices, the Android operating system tops all other operating systems in terms of the number of devices using it. Android has gained wide popularity not only as a smartphone operating system, but also as an operating system for vehicles, tablets, smart appliances, and Internet of Things devices. Consequently, security challenges have arisen with the rapid adoption of the Android operating system. Thousands of malicious applications have been created and are being downloaded by unsuspecting users. This paper presents a lightweight Android malware detection system based on explainable machine learning. The proposed system uses the features extracted from applications to identify malicious and benign malware. The proposed system is tested, showing an accuracy exceeding 98% while maintaining its small footprint on the device. In addition, the classifier model is explained using Shapley Additive Explanation (SHAP) values.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2022
Keywords
Android, malware, malware detection, XAI, machine learning
National Category
Information Systems
Research subject
Information systems
Identifiers
urn:nbn:se:ltu:diva-92479 (URN)10.1109/access.2022.3189645 (DOI)000838549700001 ()2-s2.0-85134232226 (Scopus ID)
Note

Validerad;2022;Nivå 2;2022-08-15 (sofila)

Available from: 2022-08-15 Created: 2022-08-15 Last updated: 2022-09-05Bibliographically approved
Awad, A. I. & Abawajy, J. (2022). Preface. In: Ali Ismail Awad; Jemal Abawajy (Ed.), Security and Privacy in the Internet of Things: Architectures, Techniques, and Applications: (pp. xix-xxiii). John Wiley & Sons
Open this publication in new window or tab >>Preface
2022 (English)In: Security and Privacy in the Internet of Things: Architectures, Techniques, and Applications / [ed] Ali Ismail Awad; Jemal Abawajy, John Wiley & Sons, 2022, p. xix-xxiiiChapter in book (Other academic)
Place, publisher, year, edition, pages
John Wiley & Sons, 2022
National Category
Computer Sciences Computer Systems
Research subject
Information Systems
Identifiers
urn:nbn:se:ltu:diva-103570 (URN)2-s2.0-85128215277 (Scopus ID)
Note

ISBN for host publication: 9781119607748, 9781119607755

Available from: 2024-01-09 Created: 2024-01-09 Last updated: 2024-01-09Bibliographically approved
Awad, A. I. & Abawajy, J. (Eds.). (2022). Security and Privacy in the Internet of Things: Architectures, Techniques, and Applications. John Wiley & Sons
Open this publication in new window or tab >>Security and Privacy in the Internet of Things: Architectures, Techniques, and Applications
2022 (English)Collection (editor) (Other academic)
Abstract [en]

The vast amount of data generated by the Internet of Things (IoT) has made information and cyber security vital for not only personal privacy, but also for the sustainability of the IoT itself. Security and Privacy in the Internet of Things brings together high-quality research on IoT security models, architectures, techniques, and application domains. This concise yet comprehensive volume explores state-of-the-art mitigations in IoT security while addressing important security and privacy challenges across different IoT layers. The book provides timely coverage of IoT architecture, security technologies and mechanisms, and applications. The authors outline emerging trends in IoT security and privacy with a focus on areas such as smart environments and e-health. Topics include authentication and access control, attack detection and prevention, securing IoT through traffic modeling, human aspects in IoT security, and IoT hardware security. Presenting the current body of knowledge in a single volume, Security and Privacy in the Internet of Things:

• Discusses a broad range of IoT attacks and defense mechanisms • Examines IoT security and privacy protocols and approaches • Covers both the logical and physical security of IoT devices • Addresses IoT security through network traffic modeling • Describes privacy preserving techniques in smart cities • Explores current threat and vulnerability analyses

Security and Privacy in the Internet of Things: Architectures, Techniques, and Applications is essential reading for researchers, industry practitioners, and students involved in IoT security development and IoT systems deployment.

Place, publisher, year, edition, pages
John Wiley & Sons, 2022. p. 336
National Category
Communication Systems Computer Engineering
Research subject
Information Systems
Identifiers
urn:nbn:se:ltu:diva-100689 (URN)10.1002/9781119607755 (DOI)2-s2.0-85148396500 (Scopus ID)9781119607748 (ISBN)9781119607755 (ISBN)
Available from: 2023-08-22 Created: 2023-08-22 Last updated: 2024-03-11Bibliographically approved
Shokry, M., Awad, A. I., Abd-Ellah, M. K. & Khalaf, A. A. .. (2022). Systematic survey of advanced metering infrastructure security: Vulnerabilities, attacks, countermeasures, and future vision. Future Generation Computer Systems, 136, 358-377
Open this publication in new window or tab >>Systematic survey of advanced metering infrastructure security: Vulnerabilities, attacks, countermeasures, and future vision
2022 (English)In: Future Generation Computer Systems, ISSN 0167-739X, E-ISSN 1872-7115, Vol. 136, p. 358-377Article, review/survey (Refereed) Published
Abstract [en]

There is a paradigm shift from traditional power distribution systems to smart grids (SGs) due to advances in information and communication technology. An advanced metering infrastructure (AMI) is one of the main components in an SG. Its relevance comes from its ability to collect, process, and transfer data through the internet. Although the advances in AMI and SG techniques have brought new operational benefits, they introduce new security and privacy challenges. Security has emerged as an imperative requirement to protect an AMI from attack. Currently, ensuring security is a major challenge in the design and deployment of an AMI. This study provides a systematic survey of the security of AMI systems from diverse perspectives. It focuses on attacks, mitigation approaches, and future visions. The contributions of this article are fourfold: First, the vulnerabilities that may exist in all components of an AMI are described and analyzed. Second, it considers attacks that exploit these vulnerabilities and the impact they can have on the performance of individual components and the overall AMI system. Third, it discusses various countermeasures that can protect an AMI system. Fourth, it presents the open challenges relating to AMI security as well as future research directions. The uniqueness of this review is its comprehensive coverage of AMI components with respect to their security vulnerabilities, attacks, and countermeasures. The future vision is described at the end.

Place, publisher, year, edition, pages
Elsevier, 2022
Keywords
Advanced metering infrastructure, Smart grid, Cybersecurity, Security vulnerability, Security threat, Security attack, Countermeasure
National Category
Computer Systems Other Electrical Engineering, Electronic Engineering, Information Engineering
Research subject
Information systems
Identifiers
urn:nbn:se:ltu:diva-91913 (URN)10.1016/j.future.2022.06.013 (DOI)000827459200006 ()2-s2.0-85133929595 (Scopus ID)
Note

Validerad;2022;Nivå 2;2022-07-27 (hanlid)

Available from: 2022-06-27 Created: 2022-06-27 Last updated: 2024-09-04Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0002-3800-0757

Search in DiVA

Show all publications