Sherif Saad

University of Windsor · School of Computer Science

The action of spreading false information through fake news articles presents a significant danger to society because it has the ability to shape public opinion with inaccurate facts. This can lead to negative effects, such as reduced trust in institutions and the promotion of conflict, division, and even violence. In this article, a text augmentat...

Annotated data is critical for machine learning models, but producing large amounts of data with high-quality labeling is a time-consuming and labor-intensive process. Natural language processing (NLP) and machine learning models have traditionally relied on the labels given by human annotators with varying degrees of competency, training, and expe...

Blockchain and distributed ledger technologies rely on distributed consensus algorithms. In recent years many consensus algorithms and protocols have been proposed; most of them are for permissioned blockchain networks. However, the performance of these algorithms is not well understood. This paper introduces an approach to evaluating consensus alg...

The fierce competition in eCommerce is a painful headache for logistics companies. In 2021, Canada Post’s parcel volume peaked at 361 million units with a minimum charge of $10 per each. Last-Mile Delivery (LMD) is the final leg of the supply chain that ends with the package at the customer’s doorstep. LMD is the most costly process, accounting for...

In an Intelligent Transportation System (ITS), many applications, such as collision avoidance and lane change warning, require real-time information from vehicles on the road. This typically includes detailed status information such as location, speed, heading and a vehicle identifier, which can be used to infer precise movement patterns leading to...

A critical component of any blockchain or distributed ledger technology (DLT) platform is the consensus algorithm. Blockchain consensus algorithms are the primary vehicle for the nodes within a blockchain network to reach an agreement. In recent years, many blockchain consensus algorithms have been proposed mainly for private and permissioned block...

With the rapid growth of cloud computing and remote workforces, organizations are increasingly aware of the risk of data leaks and data exfiltration. Handling such risk has become more challenging because organizations today usually deal with big data. In particular, organizations must deal with massive amounts of unstructured data. As a result, mo...

Online public reviews have significant influenced customers who purchase products or seek services. Fake reviews are posted online to promote or demote targeted products or reputation of the organizations and businesses. Spam review detection has been the focus of many researchers in recent years. As the online services have been growing rapidly, t...

In today’s digital world, it is common to exchange sensitive data between different parties. There are many examples of sensitive data or documents that require a digital exchange, such as banking information, insurance data, health records. In many cases, the exchange exists between unknown and untrusted parties. Therefore, it is essential to exec...

In cyberattack detection and prevention systems, cybersecurity analysts always prefer solutions that are as interpretable and understandable as rule-based or signature-based detection. This is because of the need to tune and optimize these solutions to mitigate and control the effect of false positives and false negatives. Interpreting machine lear...

Robust authentication of Internet of Things (IoT) is a difficult problem due to the fact that quite often IoT nodes are resource-constrained and lack the storage and compute capability required by conventional security mechanisms. We propose, in the current paper, a new lightweight multi-factor authentication scheme for IoT nodes that combines temp...

In cyberattack detection and prevention systems, cybersecu-rity analysts always prefer solutions that are as interpretable and understandable as rule-based or signature-based detection. This is because of the need to tune and optimize these solutions to mitigate and control the effect of false positives and false negatives. Interpreting machine lea...

In cyberattack detection and prevention systems, cybersecurity analysts always prefer solutions that are as interpretable and understandable as rule-based or signature-based detection. This is because of the need to tune and optimize these solutions to mitigate and control the effect of false positives and false negatives. Interpreting machine lear...

New computing paradigms, modern feature-rich programming languages and off-the-shelf software libraries enabled the development of new sophisticated malware families. Evidence of this phenomena is the recent growth of fileless malware attacks. Fileless malware or memory resident malware is an example of an Advanced Volatile Threat (AVT). In a filel...

New computing paradigms, modern feature-rich programming languages and off-the-shelf software libraries enabled the development of new sophisticated malware families. Evidence of this phenomena is the recent growth of fileless malware attacks. Fileless malware or memory resident malware is an example of an Advanced Volatile Threat (AVT). In a filel...

In this paper, we argue that machine learning techniques are not ready for malware detection in the wild. Given the current trend in malware development and the increase of unconventional malware attacks, we expect that dynamic malware analysis is the future for antimalware detection and prevention systems. A comprehensive review of machine learnin...

In a vehicular ad‐hoc network, vehicles periodically broadcast safety messages to neighboring vehicles containing information about their identity, location, speed, and other relevant information. The time‐critical nature of these messages means they are typically sent without encryption, which can compromise the privacy of the vehicle/driver. The...

In this paper, we argue that detecting malware attacks in the wild is a unique challenge for machine learning techniques. Given the current trend in malware development and the increase of unconventional malware attacks, we expect that dynamic malware analysis is the future for antimalware detection and prevention systems. A comprehensive review of...

The deployment of connected and autonomous vehicles is expected to increase rapidly in the coming decade. For successful operation, it is critical to maintain the security and privacy of the communication messages exchanged among such vehicles. One important aspect of this is to maintain the location privacy of vehicles/users that use unencrypted b...

The deployment of connected and autonomous vehicles is expected to increase rapidly in the coming decade. For successful operation, it is critical to maintain the security and privacy of the communication messages exchanged among such vehicles. One important aspect of this is to maintain the location privacy of vehicles/users that use unencrypted b...

The use of pseudonyms has been proposed in VANETs to enhance location privacy of users. In order to prevent tracking, the pseudonyms associated with a vehicle must be changed frequently and a pseudonym change strategy (PCS) determines the conditions under which pseudonyms should change. An effective PCS is critical for maintaining the privacy of ve...

The area of location privacy in VANET is getting more attention after the emergence of V2X technologies. As the security and privacy are important for the customer's safety, the vehicles equipped with V2X technology must have strong techniques to preserve the security and privacy. Pseudonymous authentication proves to satisfy these requirements. Th...

This paper focuses on the effective classification of the behavior of users accessing computing devices to authenticate them. The authentication is based on keystroke dynamics which captures the user's behavioral biometric and applies machine learning concepts to classify them. The users type a strong passcode ".tie5Roanl" to record their typing pa...

In recent years, deceptive content such as fake news and fake reviews, also known as opinion spams, have increasingly become a dangerous prospect for online users. Fake reviews have affected consumers and stores alike. Furthermore, the problem of fake news has gained attention in 2016, especially in the aftermath of the last U.S. presidential elect...

Fake news is a phenomenon which is having a significant impact on our social life, in particular in the political world. Fake news detection is an emerging research area which is gaining interest but involved some challenges due to the limited amount of resources (i.e., datasets, published literature) available. We propose in this paper, a fake new...

A key challenge in online education is the difficulty in ensuring the authenticity of remote test takers during online exams. This chapter discusses how such challenge can be addressed through continuous authentication using biometric technologies. A multimodal biometric framework involving three modalities is used for such purpose. The framework i...

Intrusion detection systems (IDSs) produce a massive number of intrusion alerts. A huge number of these alerts are false positives. Investigating false positive alerts is an expensive and time consuming process, and as such represents a significant problem for intrusion analysts. This shows the needs for automated approaches to eliminate false posi...

Stylometry consists of the analysis of linguistic styles and writing characteristics of the authors for identification, characterization, or verification purposes. In this paper, we investigate authorship verification for the purpose of user authentication process. In this setting, authentication consists of comparing sample writing of an individua...

Botnets represent one of the most serious cybersecurity threats faced by organizations today. Botnets have been used as the main vector in carrying many cyber crimes reported in the recent news. While a significant amount of research has been accomplished on botnet analysis and detection, several challenges remain unaddressed, such as the ability t...

Intrusion analysis is a resource intensive, complex and expensive process for any organization. The reconstruction of the attack scenario is an important aspect of such endeavor. We tackle in this paper several challenges overlooked by existing attack scenarios reconstruction techniques that undermine their performances. These include the ability t...

Authorship verification can be checked using stylometric techniques through the analysis of linguistic styles and writing characteristics of the authors. Stylometry is a behavioral feature that a person exhibits during writing and can be extracted and used potentially to check the identity of the author of online documents. Although stylometric tec...

Building the attack scenario is the first step to understand an attack and extract useful attack intelligence. Existing attack scenario reconstruction approaches, however, suffer from several limitations that weaken the elicitation of the attack scenarios and decrease the quality of the generated attack scenarios. In this paper, we discuss the limi...

Botnets are becoming the predominant threat on the Internet today and is the primary vector for carrying out attacks against organizations and individuals. Botnets have been used in a variety of cybercrime, from click-fraud to DDOS attacks to the generation of spam. In this paper we propose an approach to detect botnet activity by classifying netwo...

In this paper we propose a new approach to manage alerts flooding in IDSs. The proposed approach uses semantic analysis and ontology engineering techniques to combine and fuse two or more raw IDS alerts into one summarized hybrid/meta-alert. Our approach applies a new method based on measuring the semantic similarity between IDS alerts attributes t...

Network forensics is an after the fact process to investigate malicious activities conducted over computer networks by gathering useful intelligence. Recently, several machine learning techniques have been proposed to automate and develop intelligent network forensics systems. An intelligent network forensics system that reconstructs intrusion scen...

We propose, in this paper, a new ontology for network-forensics analysis. The proposed ontology is the first cyber-forensics to integrate both network-forensics domain knowledge and problem-solving knowledge. As such it can be used as a knowledge base for developing sophisticated intelligent network-forensics systems to support complex chain of rea...