Information Security Research Center (ISRC)

Setting up, integration and operation of Cyber Security solutions for protecting Global ICT Infrastructures from threats, identify attacks on their systems, applications and networks, and protect their data and network and communications:

• Network and Communication Security
• Web and Service-Oriented Architectures’ Security
• Business Process Security and Privacy of Big Data Platforms
• Big Data Analysis for Security

Security assurance is an important feature for considering the reliability of information systems (hardware/software) and the measure of security features, practices and procedures as well as enforcing the security policy, metrics, formal methods and security dependability certification. 

• Security Risk Assessment
• Security Metrics
• Continuous Security Monitoring and Testing
• Advanced Intrusion Detection Systems
• Network, System and Cloud Auditing and Forensics
• Formal Methods and Proofs
• Security and Dependability Certification

The Data Protection Act 1998 (DPA) is an Act of Parliament of the United Kingdom of Great Britain and Northern Ireland which defines UK law on the processing of data on identifiable living people. It is the main piece of legislation that governs the protection of personal data in the UK. Later, it becomes ISO 27000 for complying with Data Protection Act. Also, Data encryption (hardware/software) is to protect sensitive data and keep it secret from potential attackers.

• High Performance Homomorphic Encryption
• Lightweight Cryptography and Mutual Authentication
• Secret Sharing
• Secure Multiparty Computation
• Hardware Security

Cyber-physical systems (CPS) have been at the main of critical infrastructures and industrial PLC control systems for many years. Recently, there are a number of cases of Cyber-attacks such as Stuxnet, Aramco and etc. Thus, one needs to secure CPS by providing prevention, detection, recovery and resilience for Cyber-attacks.

• Secure Sensor Networks
• Embedded System Security
• Surveillance and Drones
• Internet of Things Security
• eHealthcare Security
• Quantum Key Distribution

• C Ardagna, R Asal, E Damiani, Quang Hieu Vu: From Security to Assurance in the Cloud: A Survey. ACM Comput. Surv. 48(1): 2 (2015)
• MA Hadavi, R Jalili, E Damiani, S Cimato, “Security and searchability in secret sharing-based data outsourcing”, Int. J. of Inf. Sec., 1-17, Springer, 2015
• M Sepehri, S Cimato, E Damiani: Privacy-Preserving Query Processing by Multi-Party Computation. Comput. J. 58(10): 2195-2212 (2015)
• A Shoufan, H Alnoon, J Baek, “On the power consumption of cryptographic processors in civil microdrones”, ICISSP 2015 - 1st International Conference on Information Systems Security and Privacy, Proceedings, 283-290, 2015.
• C Yeun, M Shemaili, M Zemerly, K Mubarak, H Yeun, Y Chang, B Zafar, M Simsim, Y Salih, “ID-Based Secure Real-Time Tracking System”, the International Journal of Advanced Logistics, Taylor & Francis, Vol. 4. No. 2, 100-114, May 2015.
• Y  AlSalami, T Martin and C Yeun, “Linear and Differential Properties of Randomly Generated DES-Like Substitution Boxes”, Lecture Notes in Electrical Engineering, Springer Vol. 330, 517-524, 2015.
• F Khan, “Dominant strategies in two-qubit quantum computations”, Quantum Information Processing, Vol. 14, No. 6, pp 1799-1808, 2015.
• O Wahab, J Bentahar, H Otrok, A Mourad, “A survey on trust and reputation models for Web services: Single, composite, and communities”, Decision Support Systems, Vol. 74, 121-134, 2015.
• H Jebbaoui, A Mourad, H Otrok, R  Haraty, “Semantics-based approach for detecting flaws, conflicts and redundancies in XACML policies”, Computers and Electrical Engineering, Vol. 4, 91-103, 2015.
• J Baek, Y Byon, E Hableel, M Al-Qutayri, “Making air traffic surveillance more reliable: A new authentication framework for automatic dependent surveillance-broadcast (ADS-B) based on online/offline identity-based signature”, Security and Communication Networks, Vol.  8, No. 5, 25 740-750, 2015.
• J Baek, Q Vu, J Liu, X Huang, Y Xiang, “A secure cloud computing based framework for big data information management of smart grid”, IEEE Transactions on Cloud Computing, Vol.  3, No. 2, 233-244, 2015.
• B Albelooshi, K Salah, T Martin, E Damiani, “Experimental Proof: Data Remanence in Cloud VMs”, 2015 IEEE 8th International Conference on Cloud Computing, pp. 1017-1020, 2015.
• H Marzouqi, M Al-Qutayri, K Salah, “Review of Elliptic Curve Cryptography processor designs”, Microprocessors and Microsystems 39 (2), 97-112, 2015.
• D Shehada, MJ Zemerly, CY Yeun, M Al Qutayri, Y Al Hammadi, “A framework for comparison of trust models for multi agent systems”, 2015 International Conference on Information and Communication Technology Research, ICTRC 2015, 2015.

• M Sepehri, S Cimato, E Damiani, “Privacy-Preserving Query Processing by Multi-Party Computation”, The Computer Journal, 12 October 2014.
• Marco Anisetti, Claudio Ardagna, Ernesto Damiani, “A Certification-Based Trust Model for Autonomic Cloud Computing Systems”, International Conference on Cloud and Autonomic Computing (ICCAC’14), 212-219, 2014.
• M Ahmed, Q Vu, R Asal, C Yeun, H Al Muhairi, “Lightweight Secure Storage Model with Fault-Tolerance in Cloud Environment” Electronic Commerce Research (ECR), Springer, Vol.14, No. 3, pp. 271-291, November 2014.
• A  AlMahmoud, M Colombo, C Yeun, H Al Muhairi, “An Authentication Protocol for Real-time Business Process Monitoring”, International Journal for Internet Technology and Secured Transactions (IJITST), Inderscience, Vol. 4, No. 3, pp. 223-239, October 2014. 
• O. Wahab, H Otrok, A Mourad, “A cooperative watchdog model based on Dempster-Shafer for detecting misbehaving vehicles”, Computer Communications, Vol.  41, 43-54, 2014.
• N Moati, H Otrok, A Mourad, J Robert, “Reputation-based cooperative detection model of selfish nodes in cluster-based QoS-OLSR protocol”, Wireless Personal Communications, Vol.  75, No. 3, 1747-1768, 2014.
• R Al-Dalky, K Salah, M Al-Qutayri, H Otrok, “Framework for a NetFPGA-based Snort NIDS”, 2014 9th International Symposium on Communication Systems, Networks & Digital Signal Processing (CSNDSP), 2014.
• H Marzouqi, M Al-Qutayri, K Salah, “Review of gate-level differential power analysis and fault analysis countermeasures”, Information Security, IET 8 (1), 51-66, 2014.

• S Cimato, E Damiani, F Zavatarelli, R Menicocci, “Towards the certification of cloud services”, IEEE Ninth World Congress on Services (SERVICES’13), 33-40, 2013.
• Marco Anisetti , Claudio A. Ardagna , Ernesto Damiani , “Francesco Saonara, A test-based security certification scheme for web services”, ACM Transactions on the Web (TWEB), Vol. 7, No. 2, 1-41, May 2013.
• J Baek, Q Vu, A. Shoufan, A  Jones, D Wong, “Stateful public-key encryption schemes forward-secure against state exposure”, Computer Journal, Vol. 56, No. 4, 497-507, 2013.
• A Shoufan, “A fault attack on a hardware-based implementation of the secure hash algorithm SHA-512”, 2013 International Conference on Reconfigurable Computing and FPGAs, 2013.
• H Al Hamadi, C Yeun, J Zemerly, “A Novel Security Scheme for the Smart Grid and SCADA Networks”, Wireless Personal Communications, Springer, Vol. 73, No. 4, pp. 1547-1559, December 2013.
• F Al Hawi, C Yeun, K Salah, “Secure Framework for the Return Routability Procedure in MIPv6” in Proceeding of the IEEE International Conference on Green Computing (IEEE GreenCom’13) and Communications, pp. 1386-1391, 2013.
• F Khan, S Phoenix, “Mini-maximizing two qubit quantum computations”, Quantum Information Processing, Vol. 12, No. 12, 3807-3819, 2013.
• S Phoenix, F Khan, “The role of correlation in quantum and classical games”, Vol.  12, No. 3, 1350011, 2013.
• O Hayatle, H Otrok, A Youssef, “A Markov Decision Process Model for High Interaction Honeypots”, Information Security Journal,  Vol. 22, No. 4, 159-170, 2013.
• N Al Ebri, H Otrok, A Mourad, Y Al-Hammadi, “Botnet detection: A cooperative game theoretical correlation-based model”, 2013 3rd International Conference on Communications and Information Technology, 28-32, 2013
• H Marzouqi, M Al-Qutayri, K Salah, “An FPGA implementation of NIST 256 prime field ECC processor”, 2013 IEEE 20th International Conference on Electronics, Circuits, and Systems (ICECS), 493-496, 2013.
• MH Sqalli, SN Firdous, K Salah, M Abu‐Amara, “Classifying malicious activities in Honeynets using entropy and volume‐based thresholds”, Security and Communication Networks 6 (5), 567-583, 2013.
• K Salah, JMA Calero, S Zeadally, S Al-Mulla, M Alzaabi, “Using cloud computing to implement a security overlay network”, Vol. 1, No. 1, 44-53, 2013.
• N Al Ebri, H Otrok, A Mourad, Y Al-Hammadi, “Botnet detection: A cooperative game theoretical correlation-based model”, 2013 3rd International Conference on Communications and Information Technology, ICCIT 2013, 28-32, 2013.

• M Anisetti, CA Ardagna, E Damiani, “Container-level security certification of services”, Business System Management and Engineering, 93-108, 2012.
• N Al Ebri, J Baek, A Shoufan, Q Vu, “Efficient generic construction of forward-secure identity-based signature”, Proceedings - 2012 7th International Conference on Availability, Reliability and Security, ARES 2012, 55-64, 2012.
• Q Tian, A Shoufan, M Stoettinger, S Huss, “Power trace alignment for cryptosystems featuring random frequency countermeasures”, 2012 2nd International Conference on Digital Information Processing and Communications, ICDIPC 2012, 51-55, 2012.
• K Han, H Mun, T Shon, C Yeun, J Park, “Secure and efficient public key management in next generation mobile networks”, Personal and Ubiquitous Computing, Springer, Vol. 16, No. 6, pp. 677-685, August 2012.
• H Mun, K Han, Y Lee, C Yeun,  H Choi, “Enhanced secure anonymous authentication scheme for roaming service in global mobility networks”, Mathematical and Computer Modelling, Elsevier, Vol. 55, No. 1-2, pp. 214-222, January 2012.
• S Boyer, J Robert, H Otrok, C Rousseau, “An adaptive tit-for-tat strategy for IEEE 802.11 CSMA/CA protocol”, International Journal of Security and Networks, Vol. 7, No. 2, 95-106, 2012.
• A Jarray, A Quttoum, H Otrok, Z Dziong, “DDP: A Dynamic Dimensioning and Partitioning model of Virtual Private Networks resources”, Computer Communications, Vol. 35, No. 8, 906-915, 2012.
• J Kim, J Baek, J Zhou, T Shon, “An efficient and secure service discovery protocol for ubiquitous computing environments”, IEICE Transactions on Information and Systems, Vol.  E-95-D, No. 1, 117-125, 2012.
• J Baek, Q Vu, A Jones, S Al Mulla, C Yeun, “Smart-frame: A flexible, scalable, and secure information management framework for smart grids”, 2012 International Conference for Internet Technology and Secured Transactions, ICITST 2012, 668-673, 2012.
• K Salah, K Elbadawi, R Boutaba,  “Performance modeling and analysis of network firewalls”, IEEE Transactions on Network and Service Management,  9 (1), 12-21, 2012.
• F Al-Haidari, MH Sqalli, K Salah,  “Enhanced edos-shield for mitigating edos attacks originating from spoofed ip addresses”, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 1167-1174, 2012.
• M Anisetti, C Ardagna, E Damiani, “A low-cost security certification scheme for evolving services”,2012 IEEE 19th International Conference on Web Services (ICWS), 122-129, 2012.

• F Kerschbaum, A Schröpfer, A Zilli, R Pibernik, O Catrina, S De Hoogh, B Schoenmakers, S Cimato, E  Damiani, “Secure collaborative supply-chain management”, IEEE Computer, Vol. 44, No. 9, 38-43, 2011.
• M Anisetti, C Ardagna, E Damiani, “Fine-grained modeling of web services for test-based security certification”, 2011 IEEE International Conference on Services Computing (SCC),  456-463, 2011.
• S Malipatlolla, T Feller, A Shoufan, T Arul, S Huss, “A novel architecture for a secure update of cryptographic engines on trusted platform module”, 2011 International Conference on Field-Programmable Technology, 2011.
• A Shoufan, T Arul, “A benchmarking environment for performance evaluation of tree-based rekeying algorithms”, Journal of Systems and Software, Vol. 8, No. 7, 1130-1143, 2011.
• K Han, C Yeun, T Shon, J Park, K. Kim, “A scalable and efficient key escrow model for lawful interception of IDBC-based secure communication”, International Journal of Communication Systems, Wiley, Vol. 24, No. 4, pp. 461-472, April 2011.
• M Alzaabi, C Yeun, T Martin, “Ensuring Anonymity for LBSs in Smartphone Environment”, Journal of Information Processing Systems, KIPS, Vol. 7. No. 1, pp. 121-136, March 2011.
• F Khan, S Phoenix, “Nash equilibrium in quantum superpositions”, The International Society for Optical Engineering, Vol. 8957, 80570K, 2011.
• S Bleiler, F Khan, “Properly quantized history-dependent Parrondo games, Markov processes, and multiplexing circuits”, Physics Letters, Section A: General, Atomic and Solid State Physics, Vol. 375, No. 19, 1930-1943, 2011.
• N Mohammed, H Otrok, L Wang, M Debbabi, P Bhattacharya, “Mechanism design-based secure leader election model for intrusion detection in MANET”, IEEE Transactions on Dependable and Secure Computing, Vol. 8, No. 1, 2011, 89-103, 2011.
• A Mourad, H Otrok, L Baajour, “New Approach Targeting Security Patterns Development and Deployment”, Information Security Journal, Vol. 20, No. 4-5, 231-244, 2011.
• K Salah, K Sattar, M Sqalli, E Al‐Shaer, “A potential low‐rate DoS attack against network firewalls”, Security and Communication Networks 4 (2), 136-146, 2011.
• K Salah, “Analysis of a two-stage network server”, Applied Mathematics and Computation, 217 (23), 9635-9645, 2011.