-
A Comparative Analysis Between SciTokens, Verifiable Credentials, and Smart Contracts: Novel Approaches for Authentication and Secure Access to Scientific Data
Authors:
Md Jobair Hossain Faruk,
Bilash Saha,
Jim Basney
Abstract:
Managing and exchanging sensitive information securely is a paramount concern for the scientific and cybersecurity community. The increasing reliance on computing workflows and digital data transactions requires ensuring that sensitive information is protected from unauthorized access, tampering, or misuse. This research paper presents a comparative analysis of three novel approaches for authentic…
▽ More
Managing and exchanging sensitive information securely is a paramount concern for the scientific and cybersecurity community. The increasing reliance on computing workflows and digital data transactions requires ensuring that sensitive information is protected from unauthorized access, tampering, or misuse. This research paper presents a comparative analysis of three novel approaches for authenticating and securing access to scientific data: SciTokens, Verifiable Credentials, and Smart Contracts. The aim of this study is to investigate the strengths and weaknesses of each approach from trust, revocation, privacy, and security perspectives. We examine the technical features and privacy and security mechanisms of each technology and provide a comparative synthesis with the proposed model. Through our analysis, we demonstrate that each technology offers unique advantages and limitations, and the integration of these technologies can lead to more secure and efficient solutions for authentication and access to scientific data.
△ Less
Submitted 28 August, 2023;
originally announced November 2023.
-
Software Supply Chain Vulnerabilities Detection in Source Code: Performance Comparison between Traditional and Quantum Machine Learning Algorithms
Authors:
Mst Shapna Akter,
Md Jobair Hossain Faruk,
Nafisa Anjum,
Mohammad Masum,
Hossain Shahriar,
Akond Rahman,
Fan Wu,
Alfredo Cuzzocrea
Abstract:
The software supply chain (SSC) attack has become one of the crucial issues that are being increased rapidly with the advancement of the software development domain. In general, SSC attacks execute during the software development processes lead to vulnerabilities in software products targeting downstream customers and even involved stakeholders. Machine Learning approaches are proven in detecting…
▽ More
The software supply chain (SSC) attack has become one of the crucial issues that are being increased rapidly with the advancement of the software development domain. In general, SSC attacks execute during the software development processes lead to vulnerabilities in software products targeting downstream customers and even involved stakeholders. Machine Learning approaches are proven in detecting and preventing software security vulnerabilities. Besides, emerging quantum machine learning can be promising in addressing SSC attacks. Considering the distinction between traditional and quantum machine learning, performance could be varies based on the proportions of the experimenting dataset. In this paper, we conduct a comparative analysis between quantum neural networks (QNN) and conventional neural networks (NN) with a software supply chain attack dataset known as ClaMP. Our goal is to distinguish the performance between QNN and NN and to conduct the experiment, we develop two different models for QNN and NN by utilizing Pennylane for quantum and TensorFlow and Keras for traditional respectively. We evaluated the performance of both models with different proportions of the ClaMP dataset to identify the f1 score, recall, precision, and accuracy. We also measure the execution time to check the efficiency of both models. The demonstration result indicates that execution time for QNN is slower than NN with a higher percentage of datasets. Due to recent advancements in QNN, a large level of experiments shall be carried out to understand both models accurately in our future research.
△ Less
Submitted 31 May, 2023;
originally announced June 2023.
-
Bayesian Hyperparameter Optimization for Deep Neural Network-Based Network Intrusion Detection
Authors:
Mohammad Masum,
Hossain Shahriar,
Hisham Haddad,
Md Jobair Hossain Faruk,
Maria Valero,
Md Abdullah Khan,
Mohammad A. Rahman,
Muhaiminul I. Adnan,
Alfredo Cuzzocrea
Abstract:
Traditional network intrusion detection approaches encounter feasibility and sustainability issues to combat modern, sophisticated, and unpredictable security attacks. Deep neural networks (DNN) have been successfully applied for intrusion detection problems. The optimal use of DNN-based classifiers requires careful tuning of the hyper-parameters. Manually tuning the hyperparameters is tedious, ti…
▽ More
Traditional network intrusion detection approaches encounter feasibility and sustainability issues to combat modern, sophisticated, and unpredictable security attacks. Deep neural networks (DNN) have been successfully applied for intrusion detection problems. The optimal use of DNN-based classifiers requires careful tuning of the hyper-parameters. Manually tuning the hyperparameters is tedious, time-consuming, and computationally expensive. Hence, there is a need for an automatic technique to find optimal hyperparameters for the best use of DNN in intrusion detection. This paper proposes a novel Bayesian optimization-based framework for the automatic optimization of hyperparameters, ensuring the best DNN architecture. We evaluated the performance of the proposed framework on NSL-KDD, a benchmark dataset for network intrusion detection. The experimental results show the framework's effectiveness as the resultant DNN architecture demonstrates significantly higher intrusion detection performance than the random search optimization-based approach in terms of accuracy, precision, recall, and f1-score.
△ Less
Submitted 7 July, 2022;
originally announced July 2022.
-
An Investigation on Non-Invasive Brain-Computer Interfaces: Emotiv Epoc+ Neuroheadset and Its Effectiveness
Authors:
Md Jobair Hossain Faruk,
Maria Valero,
Hossain Shahriar
Abstract:
In this study, we illustrate the progress of BCI research and present scores of unveiled contemporary approaches. First, we explore a decoding natural speech approach that is designed to decode human speech directly from the human brain onto a digital screen introduced by Facebook Reality Lab and University of California San Francisco. Then, we study a recently presented visionary project to contr…
▽ More
In this study, we illustrate the progress of BCI research and present scores of unveiled contemporary approaches. First, we explore a decoding natural speech approach that is designed to decode human speech directly from the human brain onto a digital screen introduced by Facebook Reality Lab and University of California San Francisco. Then, we study a recently presented visionary project to control the human brain using Brain-Machine Interfaces (BMI) approach. We also investigate well-known electroencephalography (EEG) based Emotiv Epoc+ Neuroheadset to identify six emotional parameters including engagement, excitement, focus, stress, relaxation, and interest using brain signals by experimenting the neuroheadset among three human subjects where we utilize two supervised learning classifiers, Naive Bayes and Linear Regression to show the accuracy and competency of the Epoc+ device and its associated applications in neurotechnological research. We present experimental studies and the demonstration indicates 69% and 62% improved accuracy for the aforementioned classifiers respectively in reading the performance matrices of the participants. We envision that non-invasive, insertable, and low-cost BCI approaches shall be the focal point for not only an alternative for patients with physical paralysis but also understanding the brain that would pave us to access and control the memories and brain somewhere very near.
△ Less
Submitted 24 June, 2022;
originally announced July 2022.
-
Blockchain-based Medical Image Sharing and Automated Critical-results Notification: A Novel Framework
Authors:
Jiyoun Randolph,
Md Jobair Hossain Faruk,
Hossain Shahriar,
Maria Valero,
Liang Zhao,
Nazmus Sakib,
Bilash Saha
Abstract:
In teleradiology, medical images are transmitted to offsite radiologists for interpretation and the dictation report is sent back to the original site to aid timely diagnosis and proper patient care. Although teleradiology offers great benefits including time and cost efficiency, after-hour coverages, and staffing shortage management, there are some technical and operational limitations to overcom…
▽ More
In teleradiology, medical images are transmitted to offsite radiologists for interpretation and the dictation report is sent back to the original site to aid timely diagnosis and proper patient care. Although teleradiology offers great benefits including time and cost efficiency, after-hour coverages, and staffing shortage management, there are some technical and operational limitations to overcome in reaching its full potential. We analyzed the current teleradiology workflow to identify inefficiencies. Image unavailability and delayed critical result communication stemmed from lack of system integration between teleradiology practice and healthcare institutions are among the most substantial factors causing prolonged turnaround time. In this paper, we propose a blockchain-based medical image sharing and automated critical-results notification platform to address the current limitation. We believe the proposed platform will enhance efficiency in workflow by eliminating the need for intermediaries and will benefit patients by eliminating the need for storing medical images in hard copies. While considerable progress was achieved, further research on governance and HIPAA compliance is required to optimize the adoption of the new application. Towards an idea to a working paradigm, we will implement the prototype during the next phase of our study.
△ Less
Submitted 7 July, 2022;
originally announced July 2022.
-
A Review of Quantum Cybersecurity: Threats, Risks and Opportunities
Authors:
Md Jobair Hossain Faruk,
Sharaban Tahora,
Masrura Tasnim,
Hossain Shahriar,
Nazmus Sakib
Abstract:
The promise of quantum computing is not speeding up conventional computing rather delivering an exponential advantage for certain classes of problems, with profound implications for cybersecurity for instance. With the advent and development of quantum computers, cyberspace security can surely become the most critical problem for the Internet in near future. On contrary, prosaic quantum technology…
▽ More
The promise of quantum computing is not speeding up conventional computing rather delivering an exponential advantage for certain classes of problems, with profound implications for cybersecurity for instance. With the advent and development of quantum computers, cyberspace security can surely become the most critical problem for the Internet in near future. On contrary, prosaic quantum technology can be promising to transform cybersecurity. This research aims to synthesize basic and fundamental studies concerning quantum cybersecurity that can be emerged both as a threat and solution to critical cybersecurity issues based on a systematic study. We provide a comprehensive, illustrative description of the current state-of-the-art quantum computing and cybersecurity and present the proposed approaches to date. Findings in quantum computing cybersecurity suggest that quantum computing can be adopted for the betterment of cybersecurity threats while it poses the most unexpected threats to cybersecurity. The focus and depth of this systematic survey not only provide quantum and cybersecurity practitioners and researchers with a consolidated body of knowledge about current trends in this area but also underpins a starting point for further research in this field.
△ Less
Submitted 7 July, 2022;
originally announced July 2022.
-
A Novel IoT-based Framework for Non-Invasive Human Hygiene Monitoring using Machine Learning Techniques
Authors:
Md Jobair Hossain Faruk,
Shashank Trivedi,
Mohammad Masum,
Maria Valero,
Hossain Shahriar,
Sheikh Iqbal Ahamed
Abstract:
People's personal hygiene habits speak volumes about the condition of taking care of their bodies and health in daily lifestyle. Maintaining good hygiene practices not only reduces the chances of contracting a disease but could also reduce the risk of spreading illness within the community. Given the current pandemic, daily habits such as washing hands or taking regular showers have taken primary…
▽ More
People's personal hygiene habits speak volumes about the condition of taking care of their bodies and health in daily lifestyle. Maintaining good hygiene practices not only reduces the chances of contracting a disease but could also reduce the risk of spreading illness within the community. Given the current pandemic, daily habits such as washing hands or taking regular showers have taken primary importance among people, especially for the elderly population living alone at home or in an assisted living facility. This paper presents a novel and non-invasive framework for monitoring human hygiene using vibration sensors where we adopt Machine Learning techniques. The approach is based on a combination of a geophone sensor, a digitizer, and a cost-efficient computer board in a practical enclosure. Monitoring daily hygiene routines may help healthcare professionals be proactive rather than reactive in identifying and controlling the spread of potential outbreaks within the community. The experimental result indicates that applying a Support Vector Machine (SVM) for binary classification exhibits a promising accuracy of ~95% in the classification of different hygiene habits. Furthermore, both tree-based classifier (Random Forrest and Decision Tree) outperforms other models by achieving the highest accuracy (100%), which means that classifying hygiene events using vibration and non-invasive sensors is possible for monitoring hygiene activity.
△ Less
Submitted 7 July, 2022;
originally announced July 2022.
-
Ride-Hailing for Autonomous Vehicles: Hyperledger Fabric-Based Secure and Decentralize Blockchain Platform
Authors:
Ryan Shivers,
Mohammad Ashiqur Rahman,
Md Jobair Hossain Faruk,
Hossain Shahriar,
Alfredo Cuzzocrea,
Victor Clincy
Abstract:
Ride-hailing and ride-sharing applications have recently gained popularity as a convenient alternative to traditional modes of travel. Current research into autonomous vehicles is accelerating rapidly and will soon become a critical component of a ride-hailing platforms architecture. Implementing an autonomous vehicle ride-hailing platform proves a difficult challenge due to the centralized nature…
▽ More
Ride-hailing and ride-sharing applications have recently gained popularity as a convenient alternative to traditional modes of travel. Current research into autonomous vehicles is accelerating rapidly and will soon become a critical component of a ride-hailing platforms architecture. Implementing an autonomous vehicle ride-hailing platform proves a difficult challenge due to the centralized nature of traditional ride-hailing architectures. In a traditional ride-hailing environment the drivers operate their own personal vehicles so it follows that a fleet of autonomous vehicles would be required for a centralized ride-hailing platform to succeed. Decentralization of the ride-hailing platform would remove a roadblock along the way to an autonomous vehicle ride-hailing platform by allowing owners of autonomous vehicles to add their vehicles to a community-driven fleet when not in use. Blockchain technology is an attractive choice for this decentralized architecture due to its immutability and fault tolerance. This thesis proposes a framework for develo** a decentralized ride-hailing architecture that is verifiably secure. This framework is implemented on the Hyperledger Fabric blockchain platform. The evaluation of the implementation is done by applying known security models, utilizing a static analysis tool, and performing a performance analysis under heavy network load.
△ Less
Submitted 7 July, 2022;
originally announced July 2022.
-
Ransomware Classification and Detection With Machine Learning Algorithms
Authors:
Mohammad Masum,
Md Jobair Hossain Faruk,
Hossain Shahriar,
Kai Qian,
Dan Lo,
Muhaiminul Islam Adnan
Abstract:
Malicious attacks, malware, and ransomware families pose critical security issues to cybersecurity, and it may cause catastrophic damages to computer systems, data centers, web, and mobile applications across various industries and businesses. Traditional anti-ransomware systems struggle to fight against newly created sophisticated attacks. Therefore, state-of-the-art techniques like traditional a…
▽ More
Malicious attacks, malware, and ransomware families pose critical security issues to cybersecurity, and it may cause catastrophic damages to computer systems, data centers, web, and mobile applications across various industries and businesses. Traditional anti-ransomware systems struggle to fight against newly created sophisticated attacks. Therefore, state-of-the-art techniques like traditional and neural network-based architectures can be immensely utilized in the development of innovative ransomware solutions. In this paper, we present a feature selection-based framework with adopting different machine learning algorithms including neural network-based architectures to classify the security level for ransomware detection and prevention. We applied multiple machine learning algorithms: Decision Tree (DT), Random Forest (RF), Naive Bayes (NB), Logistic Regression (LR) as well as Neural Network (NN)-based classifiers on a selected number of features for ransomware classification. We performed all the experiments on one ransomware dataset to evaluate our proposed framework. The experimental results demonstrate that RF classifiers outperform other methods in terms of accuracy, F-beta, and precision scores.
△ Less
Submitted 2 July, 2022;
originally announced July 2022.
-
Software Engineering Process and Methodology in Blockchain-Oriented Software Development: A Systematic Study
Authors:
Md Jobair Hossain Faruk,
Santhiya Subramanian,
Hossain Shahriar,
Maria Valero,
Xia Li,
Masrura Tasnim
Abstract:
Software Engineering is the process of a systematic, disciplined, quantifiable approach that has significant impact on large-scale and complex software development. Scores of well-established software process models have long been adopted in the software development life cycle that pour stakeholders towards the completion of final software product development. Within the boundary of advanced techn…
▽ More
Software Engineering is the process of a systematic, disciplined, quantifiable approach that has significant impact on large-scale and complex software development. Scores of well-established software process models have long been adopted in the software development life cycle that pour stakeholders towards the completion of final software product development. Within the boundary of advanced technology, various emerging and futuristic technology is evolving that really need the attention of the software engineering community whether the conventional software process techniques are capable to inherit the core fundamental into futuristic software development. In this paper, we study the impact of existing software engineering processes and models including Agile, and DevOps in Blockchain-Oriented Software Engineering. We also examine the essentiality of adopting state-of-art concepts and evolving the current software engineering process for blockchain-oriented systems. We discuss the insight of software project management practices in BOS development. The findings of this study indicate that utilizing state-of-art techniques in software processes for futuristic technology would be challenging and promising research is needed extensively towards addressing and improving state-of-the-art software engineering processes and methodology for novel technologies.
△ Less
Submitted 2 July, 2022;
originally announced July 2022.
-
Malware Detection and Prevention using Artificial Intelligence Techniques
Authors:
Md Jobair Hossain Faruk,
Hossain Shahriar,
Maria Valero,
Farhat Lamia Barsha,
Shahriar Sobhan,
Md Abdullah Khan,
Michael Whitman,
Alfredo Cuzzocreak,
Dan Lo,
Akond Rahman,
Fan Wu
Abstract:
With the rapid technological advancement, security has become a major issue due to the increase in malware activity that poses a serious threat to the security and safety of both computer systems and stakeholders. To maintain stakeholders, particularly, end users security, protecting the data from fraudulent efforts is one of the most pressing concerns. A set of malicious programming code, scripts…
▽ More
With the rapid technological advancement, security has become a major issue due to the increase in malware activity that poses a serious threat to the security and safety of both computer systems and stakeholders. To maintain stakeholders, particularly, end users security, protecting the data from fraudulent efforts is one of the most pressing concerns. A set of malicious programming code, scripts, active content, or intrusive software that is designed to destroy intended computer systems and programs or mobile and web applications is referred to as malware. According to a study, naive users are unable to distinguish between malicious and benign applications. Thus, computer systems and mobile applications should be designed to detect malicious activities towards protecting the stakeholders. A number of algorithms are available to detect malware activities by utilizing novel concepts including Artificial Intelligence, Machine Learning, and Deep Learning. In this study, we emphasize Artificial Intelligence (AI) based techniques for detecting and preventing malware activity. We present a detailed review of current malware detection technologies, their shortcomings, and ways to improve efficiency. Our study shows that adopting futuristic approaches for the development of malware detection applications shall provide significant advantages. The comprehension of this synthesis shall help researchers for further research on malware detection and prevention using AI.
△ Less
Submitted 25 June, 2022;
originally announced June 2022.
-
Towards Blockchain-Based Secure Data Management for Remote Patient Monitoring
Authors:
Md Jobair Hossain Faruk,
Hossain Shahriar,
Maria Valero,
Sweta Sneha,
Sheikh I. Ahamed Mohammad Rahman
Abstract:
Traditional data collection, storage and processing of Electronic Health Records (EHR) utilize centralized techniques that pose several risks of single point of failure and lean the systems to a number of internal and external data breaches that compromise their reliability and availability. Blockchain is an emerging distributed technology that can solve these issues due to its immutability and ar…
▽ More
Traditional data collection, storage and processing of Electronic Health Records (EHR) utilize centralized techniques that pose several risks of single point of failure and lean the systems to a number of internal and external data breaches that compromise their reliability and availability. Blockchain is an emerging distributed technology that can solve these issues due to its immutability and architectural nature that prevent records manipulation or alterations. In this paper, we discuss the progress and opportunities of remote patient monitoring using futuristic blockchain technologies and its two primary frameworks: Ethereum and Hyperledger Fabric. We also discuss the possible blockchain use cases in software engineering for systematic, disciplined, and quantifiable application development. The study extends by introducing a system architecture for EHR data management using Ethereum as a model. We discuss the challenges and limitations along with the initial evaluation results of the proposed system and draw future research directions in this promising area.
△ Less
Submitted 25 June, 2022;
originally announced June 2022.
-
Quantum Machine Learning for Software Supply Chain Attacks: How Far Can We Go?
Authors:
Mohammad Masum,
Mohammad Nazim,
Md Jobair Hossain Faruk,
Hossain Shahriar,
Maria Valero,
Md Abdullah Hafiz Khan,
Gias Uddin,
Shabir Barzanjeh,
Erhan Saglamyurek,
Akond Rahman,
Sheikh Iqbal Ahamed
Abstract:
Quantum Computing (QC) has gained immense popularity as a potential solution to deal with the ever-increasing size of data and associated challenges leveraging the concept of quantum random access memory (QRAM). QC promises quadratic or exponential increases in computational time with quantum parallelism and thus offer a huge leap forward in the computation of Machine Learning algorithms. This pap…
▽ More
Quantum Computing (QC) has gained immense popularity as a potential solution to deal with the ever-increasing size of data and associated challenges leveraging the concept of quantum random access memory (QRAM). QC promises quadratic or exponential increases in computational time with quantum parallelism and thus offer a huge leap forward in the computation of Machine Learning algorithms. This paper analyzes speed up performance of QC when applied to machine learning algorithms, known as Quantum Machine Learning (QML). We applied QML methods such as Quantum Support Vector Machine (QSVM), and Quantum Neural Network (QNN) to detect Software Supply Chain (SSC) attacks. Due to the access limitations of real quantum computers, the QML methods were implemented on open-source quantum simulators such as IBM Qiskit and TensorFlow Quantum. We evaluated the performance of QML in terms of processing speed and accuracy and finally, compared with its classical counterparts. Interestingly, the experimental results differ to the speed up promises of QC by demonstrating higher computational time and lower accuracy in comparison to the classical approaches for SSC attacks.
△ Less
Submitted 4 April, 2022;
originally announced April 2022.
-
Evolution of Quantum Computing: A Systematic Survey on the Use of Quantum Computing Tools
Authors:
Paramita Basak Upama,
Md Jobair Hossain Faruk,
Mohammad Nazim,
Mohammad Masum,
Hossain Shahriar,
Gias Uddin,
Shabir Barzanjeh,
Sheikh Iqbal Ahamed,
Akond Rahman
Abstract:
Quantum Computing (QC) refers to an emerging paradigm that inherits and builds with the concepts and phenomena of Quantum Mechanic (QM) with the significant potential to unlock a remarkable opportunity to solve complex and computationally intractable problems that scientists could not tackle previously. In recent years, tremendous efforts and progress in QC mark a significant milestone in solving…
▽ More
Quantum Computing (QC) refers to an emerging paradigm that inherits and builds with the concepts and phenomena of Quantum Mechanic (QM) with the significant potential to unlock a remarkable opportunity to solve complex and computationally intractable problems that scientists could not tackle previously. In recent years, tremendous efforts and progress in QC mark a significant milestone in solving real-world problems much more efficiently than classical computing technology. While considerable progress is being made to move quantum computing in recent years, significant research efforts need to be devoted to move this domain from an idea to a working paradigm. In this paper, we conduct a systematic survey and categorize papers, tools, frameworks, platforms that facilitate quantum computing and analyze them from an application and Quantum Computing perspective. We present quantum Computing Layers, Characteristics of Quantum Computer platforms, Circuit Simulator, Open-source Tools Cirq, TensorFlow Quantum, ProjectQ that allow implementing quantum programs in Python using a powerful and intuitive syntax. Following that, we discuss the current essence, identify open challenges and provide future research direction. We conclude that scores of frameworks, tools and platforms are emerged in the past few years, improvement of currently available facilities would exploit the research activities in the quantum research community.
△ Less
Submitted 4 April, 2022;
originally announced April 2022.