H. Abdel-Wahab

Old Dominion University, Norfolk, Virginia, United States

Are you H. Abdel-Wahab?

Claim your profile

Publications (107)22.7 Total impact

  • Emad Eldin Mohamed, Hussein M. Abdel-Wahab
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper aims at providing message authentication service in overlay multicast. Previous work has mostly focused on the network layer IP multicast and not as much work has been done on the application layer overlay multicast. A main feature of overlay multicast is that end systems carry on the responsibility of delivering the multicast traffic. Taking advantage of this feature, this paper presents a new collusion resistant technique, which is based on digital signature, for overlay multicast message authentication. The proposed technique minimizes both the computational cost (through signature amortization) and the communication overhead (using retransmissions and utilizing multiple multicast groups in handling message loss). In addition, it resists denial of service attacks via early dropping of forged messages. A simulation study is conducted to evaluate our proposed technique. Results of the study show that the proposed technique outperforms earlier ones.
    Transactions on Computational Science. 01/2009; 4:53-67.
  • Emad Eldin Mohamed, Hussein M. Abdel-Wahab
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper presents new end-to-end multicast services for multimedia collaborative applications. In particular, issues investigated include error control, congestion control, flow control, and security. The proposed multicast services can be built atop IP multicast or a best effort overlay multicast. The contribution of this paper is twofold. First, we determine the required services and we propose a simple interface to provide them. Second, we investigate mechanisms how these services can be implemented. Our solutions take into considerations the heterogeneity of the environment in which the applications are running along with their special characteristics and specific demands from the network layer.
    IJAMC. 01/2007; 1:224-236.
  • Ye Wang, Hussein M. Abdel-Wahab
    [Show abstract] [Hide abstract]
    ABSTRACT: Many techniques have been applied to anomaly detection to detect novel attacks, such as statistical analysis, clustering, support vector machines, neural networks and etc. Although the results are promising, there’s still a serious problem, high false positive rates, which make anomaly detection systems practically unusable. We observe that most network Intrusion Detection systems (IDSs) work on information that is only available on lower layers of the network or on higher layers, but not on both. We argue that by correlating the information on different layers, we can have a more efficient anomaly detection system. We introduce an anomaly detection system based on the layer correlation. Bayesian networks and statistical analysis are used to build normal system models for the anomaly detection engine. The prototype system is tested on tcpdump traces including normal and anomalous email activities. Our experimental results show that our proposed solution is capable of reducing false alarm rates.
    Proceedings of the 11th IEEE Symposium on Computers and Communications (ISCC 2006), 26-29 June 2006, Cagliari, Sardinia, Italy; 01/2006
  • Yan He, Hussein M. Abdel-Wahab
    [Show abstract] [Hide abstract]
    ABSTRACT: Quality of Service (QoS) support for Mobile Ad-hoc NETworks (MANETs) is a challenging task due to the dynamic topology and limited resource in MANETs, and the QoS model should be the first matter to consider as a system goal. The INSIGNIA framework and DiffServ model can both provide a system-level QoS support for MANETs, but each have pros and cons in service precision and scalability. In this paper, we propose a hybrid QoS model for MANETs, called HQMM, which combines the per-flow granularity of INSIGNIA and the per-class granularity of DiffServ, to provide a responsive, scalable, and flexible QoS support for MANETs. The simulation results show that HQMM can achieve effective service differentiation and offer the best QoS to the per-flow service under various mobility conditions.
    Proceedings of the 11th IEEE Symposium on Computers and Communications (ISCC 2006), 26-29 June 2006, Cagliari, Sardinia, Italy; 01/2006
  • L.A. Al-Sulaiman, H. Abdel-Wahab
    [Show abstract] [Hide abstract]
    ABSTRACT: MANET applications and services pose many interesting challenges due to their unique features. Specifically, security is getting a lot of attention in every aspect of MANETs due to their inherent vulnerability to attacks. Threats exist in every layer of the MANET stack, and different solutions have been adapted for each security problem. Another problem for MANETs is availability, and adding more resources does not necessarily make the system more available. Certificate authority (CA) is one of the most important entities in public key infrastructure (PKI) and needs to be designed carefully when adapted to MANETs. The main goal of our work is to provide a framework that addresses the issues of performance and security of CA in MANETs. Additionally, we would like to increase the availability of CA services, while lowering packet overhead of the network, without increasing the network vulnerability. In this paper, we present a framework suitable for exchanging PKI certificates in MANETs. By caching and exchanging certificates between clients collaboratively, we show that our system can meet the performance challenges of providing CA service without sacrificing system security. Using NS-2 Simulator, we have demonstrated the feasibility of the framework, quantitatively, compared to other related research that has addressed the same problem in MANETs environments.
    Computers and Communications, 2005. ISCC 2005. Proceedings. 10th IEEE Symposium on; 07/2005
  • Source
    E.E. Mohamed, H. Abdel-Wahab, I. Salama
    [Show abstract] [Hide abstract]
    ABSTRACT: Summary form only given. A critical issue in multicast communication is how to identify multicast groups. In the Internet, multicast addresses and port numbers distinguish multicast groups from each other. Multicast addresses are used within the network to route the multicast traffic to its destination hosts, whereas port numbers are used within the hosts to demultiplex multiple traffic among the host processes. For a process to join a multicast group, it must join both the address and the port number of the group. Within a host, port numbers can be considered as a limited resource. In general, if a port is already allocated to a process, it cannot be assigned to another one at the same time. This implies that a process may not be able to join a multicast group if the port number of that group is already occupied in the host by another process. This paper focuses on the port blocking problem. Mainly, the paper introduces models and techniques to measure multicast port blocking. First, it presents an experimental work in the study of the problem of port blocking. Second, it introduces two models of the problem: analytical model and simulation model. Results obtained from both the experimental work and the developed models show that port blocking plays an active role in multicast address management and the overall multicast communication.
    Computer Systems and Applications, 2005. The 3rd ACS/IEEE International Conference on; 02/2005
  • L.A. Al-Sulaiman, H. Abdel-Wahab
    [Show abstract] [Hide abstract]
    ABSTRACT: Summary form only given. There are many issues that should be considered when porting systems or applications to mobile ad-hoc network (MANET) environments. In particular, security and performance of MANET have gained wide attention; yet, PKI (public key infrastructure) is no exception. There were some serious attempts to address the issues of providing certificate authority (CA) services in MANETs. In this paper, we present an enhanced design over the existing approaches in order to provide CA services in MANET. We show a new approach that utilizes cooperative caching between the clients to increase system availability even when the network is partitioned. Moreover, it reduces the need to increase the number of participant mobile certificate authority (MOCA) nodes used to increase the availability of the system; thus reducing the overhead of replicas synchronization and key refreshing occurred when the number of MOCAs is relatively large. By careful design and under reasonable assumptions, we show that certificate caching could be integrated and deployed in MANET without sacrificing the system security.
    Computer Systems and Applications, 2005. The 3rd ACS/IEEE International Conference on; 02/2005
  • Source
    Young-ri Choi, Mohamed G. Gouda, Hussein M. Abdel-Wahab, Ehab S. Elmallah
    [Show abstract] [Hide abstract]
    ABSTRACT: Flood is a communication primitive that can be initiated by the base station of a sensor network to send a copy of some message to every sensor in the network. When a flood of some message is initiated, the message is forwarded by every sensor that receives the message until the sensors decide not to forward the message any more. This uncontrolled flood can cause the forwarded messages to collide with one another, with the result that many sensors in the network do not receive any copy of the flooded message. In this paper, we present a flood protocol, called the disciplined flood protocol, that aims to reduce message collisions, avoids redundant message forwarding, and guarantees the termination of a flood without requiring any sensor to maintain any extra information. The disciplined flood protocol is simple and practical for sensor networks that have limited resources.
    01/2005;
  • Ye Wang, Hussein M. Abdel-Wahab
    [Show abstract] [Hide abstract]
    ABSTRACT: Intrusion detection system (IDS) is one of the most important security protection mechanisms. Although many IDS commercial products and research projects exist, we still face a serious problem under current systems, a high false positive rate. We observe that current network IDSs don't make full use of the information available from different levels and points of the protected network, and we argue that the utilization of this information is essential. We introduce a new framework for network IDSs based on a network context awareness (NCA) layer as an additional data source to IDSs. We describe the architecture of NCA and methods of how to extract network information into NCA. A correlation engine is presented that works on alerts generated by a specific IDS system (Snort) and NCA information. Our experimental results using simulated attacks show that our proposed solution significantly reduces the false alarm rate and has the potential to greatly improve the efficacy of detecting novel attacks.
    Proceedings of the 10th IEEE Symposium on Computers and Communications (ISCC 2005), 27-30 June 2005, Murcia, Cartagena, Spain; 01/2005
  • Source
    E.E. Mohamed, H. Abdel-Wahab
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper investigates the problem of multicast error control in heterogeneous environments for multimedia collaborative applications. Typically, these applications consist of several components such as audio, video, and shared applications. Each of these components has its error control demands that may be different from other components. In a heterogeneous environment, destinations experience different error patterns. Directing error control transmissions to all multicast group members wastes the resources of the unaffected destinations. A technique to overcome this problem is to use multiple multicast groups to deliver error control transmissions only to the affected destinations. This technique places an overhead on the network in maintaining the delivery trees for the extra groups. This paper investigates utilizing multiple groups to control errors in multicast communication and presents a simulation study to evaluate the impact of these groups over the network; an important factor that has been ignored by previous studies.
    Computers and Communications, 2004. Proceedings. ISCC 2004. Ninth International Symposium on; 01/2004
  • Source
    Emad Eldin Mohamed, Hussein M. Abdel-Wahab
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper introduces a multicast routing technique that is suitable for multimedia collaborative applications. Typically, the multicast groups for such applications are small and of slow membership dynamics. Moreover, the group members are not assumed to be located in a single domain; rather, they may span a global inter-network. An important requirement for multimedia collaborative applications is the delivery time—a shortest path delivery tree is of a major interest in constructing the multicast tree. Our routing technique constructs a distribution tree per source and it uses explicit membership messages to build and maintain the tree. Thus, it combines the advantages of both broadcast and prune and shared tree techniques; that is, it produces shortest path trees, yet the bandwidth consumed in building and maintaining such trees is minimal. We present a simulation study to compare the performance of our technique against broadcast and prune and shared tree techniques. Results of the simulation show that our technique outperforms previous ones.
    Computer Communications. 01/2004; 27:604-615.
  • Source
    W.E. Farag, H. Abdel-Wahab
    [Show abstract] [Hide abstract]
    ABSTRACT: The increasing use of multimedia streams nowadays necessitates the development of efficient and effective methodologies for manipulating databases in storing them. Moreover, content-based access to multimedia databases requires in its retrieval stage to effectively asses the similarity of video data. This work proposes a new technique for measuring video data similarity that attempts to model some of the factors that reflect human notion in evaluating video data similarity. This model presents one step towards designing intelligent content-based video retrieval systems capable of measuring the similarity among video clips in a way similar to what humans do. The performance of the proposed model was tested where the system yielded very satisfactory values of recall and precision under various testing scenarios.
    Computers and Communication, 2003. (ISCC 2003). Proceedings. Eighth IEEE International Symposium on; 01/2003
  • Source
    Ayman Abdel-Hamid, Hussein M. Abdel-Wahab
    [Show abstract] [Hide abstract]
    ABSTRACT: Mobile IP is a network layer solution to the wide-area mobility problem in the Internet. Mobility agents' hierarchies and regional registrations have been introduced in the foreign domain as a local-area mobility support solution. In this paper, we critique the current regional registration proposal identifying some drawbacks with its registration mechanisms signaling design. In addition, we introduce novel registration frameworks for regional and home registrations asso ciated with intra-hierarchy handoffs. We attempt to emphasize the local handoff aspect and benefit from the presence of a mobility support overlay network in the form of an agents' hierarchy. Performance evaluationresults through network simulation demonstrate the effectiveness of the proposed techniques in reducing UDP packet loss, and maintaining better TCP throughput versus a base Mobile IP implementation,in the case of a distant home agent.
    Proceedings of the Eighth IEEE Symposium on Computers and Communications (ISCC 2003), 30 June - 3 July 2003, Kiris-Kemer, Turkey; 01/2003
  • Source
    E. Mohamed, H. Abdel-Wahab
    [Show abstract] [Hide abstract]
    ABSTRACT: We investigate the problem of congestion control for multicast traffic over datagram packet switched networks and present an end-to-end solution to it. The focus of our study is on multimedia collaborative applications. The group members of such applications, typically, span a heterogeneous inter-network, where routers and links may vary widely in their capabilities. Recently, two end-to-end approaches have been introduced for multicast congestion control: hierarchical multicast (a window based approach), and multiple group (a rate based approach). In this paper, we introduce a new end-to-end technique for multicast congestion control that utilizes multiple groups and is window based. We have conducted an analytical study to evaluate our work, which shows encouraging results compared to other techniques.
    Computers and Communication, 2003. (ISCC 2003). Proceedings. Eighth IEEE International Symposium on; 01/2003
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: In recent years, we have seen the introduction and use of many distance learning systems. Some of these systems are characterized as Interactive which means the dominant mode of instruction is live or synchronous using networked multimedia technology such as audio, video and shared workspaces. In this paper, we present the common features and essential elements that should be implemented in such systems. Throughout this paper, we will use as a model and case study the IRI-h system (for Interactive Remote Instruction-heterogeneous) that we have developed and implemented in Java and have used to support distance learning at Old Dominion University.
    International Journal of Distance Education Technologies 01/2003; 1:17-36.
  • S.M. Ghanem, H. Abdel-Wahab
    [Show abstract] [Hide abstract]
    ABSTRACT: In many secure group communication models, there exists a group manager that creates the group key and distributes it to every group member. Such group manager is responsible for changing and re-distributing (rekeying) the group key whenever it deems necessary. Many applications will require very fast rekeying so that it is not disruptive to their performance. In this paper, we present a generic software model for secure group key management. We present the main components along with their functionality and interactions. With emphasis on the rekey manager, we discuss two issues that critically impact the rekey time: establishment and maintenance of the logical key hierarchy (LKH), and the key packet construction for a changed key. We show that our novel idea of maintaining balanced LKH as B<sup>+</sup> search tree greatly reduces the number of changed keys compared to an unbalanced LKH. In addition, we show that a rekey packet construction using simple XOR operations between keys instead of the usual encryption technique substantially reduces rekey time. We preformed experiments that demonstrate the effectiveness and feasibility of our approaches.
    Computers and Communication, 2003. (ISCC 2003). Proceedings. Eighth IEEE International Symposium on; 01/2003
  • Source
    M. Ei-Kadi, S. Olariu, H. Abdel-Wahab
    [Show abstract] [Hide abstract]
    ABSTRACT: Now that cellular networks are being called upon to support real-time interactive multimedia traffic such as video teleconferencing, these networks must be able to provide their users with quality-of-service (QoS) guarantees. Although the QoS provisioning problem arises in wireline networks as well, mobility of hosts, scarcity of bandwidth, and channel fading make QoS provisioning a challenging task in wireless networks. It has been noticed that multimedia applications can tolerate and gracefully adapt to transient fluctuations in the QoS that they receive from the network. The management of such adaptive multimedia applications is becoming a new research area in wireless networks. As it turns out, the additional flexibility afforded by the ability of multimedia applications to tolerate and adapt to transient changes in the QoS parameters can be exploited by protocol designers to significantly improve the overall performance of wireless systems. The main contribution of this paper is to propose a novel, rate-based, borrowing scheme for QoS provisioning in high-speed cellular networks carrying multimedia traffic. Our scheme attempts to allocate the desired bandwidth to every multimedia connection originating in a cell or being handed off to the cell. The novelty of our scheme is that, in case of insufficient bandwidth, in order not to deny service to requesting connections (new or hand-off), bandwidth will be borrowed, on a temporary basis, from existing connections. Our borrowing scheme guarantees that no connection gives up more than its fair share of bandwidth, in the sense that the amount of bandwidth borrowed from a connection is proportional to its tolerance to bandwidth loss. Importantly, our scheme ensures that the borrowed bandwidth is promptly returned to the degraded connections. Extensive simulation results show that our rate-based QoS provisioning scheme outperforms the best previously known schemes in terms of call dropping probability, call blocking probability, and bandwidth utilization
    IEEE Transactions on Parallel and Distributed Systems 03/2002; · 1.80 Impact Factor
  • Source
    Waleed E. Farag, Hussein M. Abdel-Wahab
    [Show abstract] [Hide abstract]
    ABSTRACT: As multimedia applications are rapidly spread at an ever-increasing rate, the call for efficient and effective methodologies for organizing and manipulating these data becomes a necessity. One of the basic problems that encounter such systems is to find efficient ways to summarize the huge amount of data involved. In this work, two adaptive algorithms are proposed in order to effectively select key frames from segmented video shots and both apply a two-level adaptation mechanism. The first level is based on the size of the input video file while the second level is performed on a shot-by-shot basis in order to account for the fact that different shots have different levels of activity. Experimental results show the efficiency and robustness of the proposed algorithms in selecting the near optimal set of key frames required to represent each shot.
    Proceedings of the 6th Joint Conference on Information Science, March 8-13, 2002, Research Triangle Park, North Carolina, USA; 01/2002
  • Source
    Waleed E. Farag, Hussein Abdel-Wahab
    [Show abstract] [Hide abstract]
    ABSTRACT: The increasing use of multimedia streams nowadays necessitates the development of efficient and effective methodologies for manipulating databases storing these streams. Moreover, content-based access to multimedia databases requires in its first stage to parse the video stream into separate shots then apply a method to summarize the huge amount of data involved in each shot. This work proposes a new paradigm capable of robustly and effectively analyzing the compressed MPEG video data. First, an abstract representation of the compressed MPEG video stream is extracted and used as input to a neural network module (NNM) that performs the shot detection task. Second, we propose two adaptive algorithms to effectively select key frames from segmented video shots produced by the segmentation stage. Both algorithms apply a two-level adaptation mechanism in which the first level is based on the dimension of the input video file while the second level is performed on a shot-by-shot basis in order to account for the fact that different shots have different levels of activity. Experimental results show the efficiency and robustness of the proposed system in detecting shot boundaries and flashlights occurring within shots and in selecting the near optimal set of key frames (KFs) required to represent each shot.
    Journal of Network and Computer Applications. 01/2002;
  • Samah Senbel, Hussein M. Abdel-Wahab
    Proceedings of the 6th Joint Conference on Information Science, March 8-13, 2002, Research Triangle Park, North Carolina, USA; 01/2002

Publication Stats

1k Citations
22.70 Total Impact Points

Institutions

  • 1991–2009
    • Old Dominion University
      • Department of Computer Science
      Norfolk, Virginia, United States
  • 2004
    • United Arab Emirates University
      Al Ain, Abu Dhabi, United Arab Emirates
  • 1999
    • DePaul University
      Chicago, Illinois, United States
  • 1996
    • University of Texas at Austin
      • Department of Computer Science
      Austin, TX, United States
    • Tokyo Metropolitan Institute
      Edo, Tōkyō, Japan
  • 1991–1994
    • University of North Carolina at Chapel Hill
      • Department of Computer Science
      North Carolina, United States