Nur Izura Udzir

• Doctor of Philosophy in Computer Science
• Professor (Associate) at Universiti Putra Malaysia

Blockchain technology, initially introduced through cryptocurrencies like Bitcoin, has revolutionized trust and data storage. However, challenges such as fairness in reward distribution, scalability, security, and efficiency limit the potential of blockchain technology compared to non-blockchain solutions. In this paper, we propose Proof-of-Green (...

Random number generation plays a vital role in cryptographic systems and computational applications, where uniformity, unpredictability, and robustness are essential. This paper presents the Entropy Mixing Network (EMN), a novel hybrid random number generator designed to enhance randomness quality by combining deterministic pseudo-random generation...

Deployment of file sharing systems on wireless networks introduces several challenges specially when mobility comes into view. Thus, many researches have been performed in this field. The aim of this paper is to perform a systematic review on the existing solutions for file sharing in mobile devices based on Peer-to-Peer or shortly P2P approach. Fi...

The ongoing challenge against network security issues persists, necessitating the exploration of alternative approaches. Anomaly-based strategies, diverging from traditional signature-based methods, gain popularity for their effectiveness in detecting new attacks. However, accurately defining normal network behavior becomes increasingly challenging...

The Internet of Things (IoT) and cloud computing are rapidly gaining momentum as decentralized internet-based technologies and have led to an increase in information in nearly every technical and commercial industry. However, ensuring the security of IoT systems is a pressing issue due to the complexities involved in connected and shared environmen...

In this work, the result of the initial attempt to propose an Association of Southeast Asian Nations (ASEAN) digital security and interoperability standard to support the mobility among ASEAN countries is presented. Literature reviews on existing coronavirus disease 2019 (COVID-19) related digital technologies of six ASEAN member countries are cond...

Sensitive records stored in the cloud such as healthcare records, private conversation and credit card information are targets of hackers and privacy abuse. Current information and record management systems have difficulties achieving privacy protection of such sensitive records in a secure, transparent, decentralized and trustless environment. The...

The development of block cipher have resulted in a number of cryptographic algorithms such as FOX, BC2, HIGHT, KLEIN, KAMFEE, KAMKAR, ARIA, BLOWFISH256, DESL, REBC2, DSDP, 3D-AES and many more. As time goes by, the evolvement of technology will also contribute towards the development of new block ciphers. Although there have been so much evolvement...

Despite the rapidly growing studies on Arabic text steganography (ATS) noted recently; systematic, in-depth, and critical reviews are in scarcity due to high overlap or low segregation level among the existing review articles linked to this research area. As such, the objective of this paper is to present an extensive systematic literature review (...

Skyline queries, which are based on the concept of Pareto dominance, filter the objects from a potentially large multi-dimensional collection of objects by keeping the best, most favoured objects in satisfying the user's preferences. With today's advancement of technology, ad hoc meetings or impromptu gatherings involving a group of people are beco...

Domain Generation Algorithm (DGA) has been used by botnets to obfuscate the connections between the bot master and its bots. The recent DGAs, namely dictionary-based, or word-list DGAs are more sophisticated and difficult to detect. They have high resemblance with the legit domain names as they use a set of words from the dictionary to construct me...

The rapid growth of online communication has increased the demand for secure communication. Most government entities, healthcare providers, the legal sector, financial and banking, and other industries are vulnerable to information security issues. Text steganography is one way to protect secure communication by hiding secret messages in the cover...

Recently, with the advancement of technology, ad-hoc meetings or impromptu gathering are becoming more and more common. The meetings/gatherings which involve at least two people will require a specific physical point location that is useful or interesting to them, called point of interest (PoI) . These people might be residing at different locati...

Policy evaluation is a process to determine whether a request submitted by a user satisfies the access control policies defined by an organization. Naming heterogeneity between the attribute values of a request and a policy is common due to syntactic variations and terminological variations, particularly among organizations of a distributed environ...

Skyline processing, an established preference evaluation technique, aims at discovering the best, most preferred objects, i.e. those that are not dominated by other objects, in satisfying the user’s preferences. In today’s society, due to the advancement of technology, ad-hoc meetings or impromptu gathering are becoming more and more common. Decidi...

Skyline query has been studied extensively and a significant number of skyline algorithms have been proposed, mostly attempt to resolve the optimisation problem that is mainly associated with reduction in the processing time of skyline computations. While databases change their states and/or structures throughout their lifetime to reflect the curre...

Blockchain technology provides a tremendous opportunity to transform current personal health record (PHR) systems into a decentralised network infrastructure. However, such technology possesses some drawbacks, such as issues in privacy and storage capacity. Given its transparency and decentralised features, medical data are visible to everyone on t...

Protecting sensitive information transmitted via public channels is a significant issue faced by governments, militaries, organizations, and individuals. Steganography protects the secret information by concealing it in a transferred object such as video, audio, image, text, network, or DNA. As text uses low bandwidth, it is commonly used by Intern...

The growth in the use of blockchain technology in healthcare is remarkable and has a significant impact on the healthcare industry. In this work, the gap between the healthcare industry and blockchain technologies was addressed by evaluating previous activities. Bibliometric analysis of dataset distribution, venues, keywords and citations was condu...

The enormous development in the utilization of the Internet has driven by a continuous improvement in the region of security. The enhancement of the security embedded techniques is applied to save the intellectual property. There are numerous types of security mechanisms. Steganography is the art and science of concealing secret information inside...

Intrusion detection has drawn considerable interest as researchers endeavor to produce efficient models that offer high detection accuracy. Nevertheless, the challenge remains in developing reliable and efficient Intrusion Detection System (IDS) that is capable of handling large amounts of data, with trends evolving in real-time circumstances. The...

Arabic text steganography (ATS) offers a potential opportunity in hiding secret information in characters and features. The combination with any other security sub discipline such as cryptography usually will enhance its level of security. However, it is limited in its ability to optimize embedded data capacity with a high perceptual transparency l...

Substitution boxes (S-Boxes) are critical components of numerous block ciphers deployed for nonlinear transformation in the cipher process where the nonlinearity provides important protection against linear and differential cryptanalysis. Classical S-Boxes are represented by predefine fixed table structures which are either use for Data Encryption...

The enormous development in the utilization of the Internet has driven by a continuous improvement in the region of security. The enhancement of the security embedded techniques is applied to save the intellectual property. There are numerous types of security mechanisms. Steganography is the art and science of concealing secret information inside...

Arabic text steganography (ATS) offers a potential opportunity in hiding secret information in characters and features. The combination with any other security sub discipline such as cryptography usually will enhance its level of security. However, it is limited in its ability to optimize embedded data capacity with a high perceptual transparency l...

Skyline query which relies on the notion of Pareto dominance filters the data items from a database by ensuring only those data items that are not worse than any others are selected as skylines. However, the dynamic nature of databases in which their states and/or structures change throughout their lifetime to incorporate the current and latest inf...

Text book for universities students and staff

OBJEKTIF 1) Menyusun aktiviti yang memberi faedah kepada komuniti (LS) 2) Melaksanakan program Bersama komuniti dengan sikap professional dan bertanggungjawab (TS) 3) Menganjurkan program libat sama dengan komuniti (P2) ABSTRAK Pusat Ko-Kurikulum dan Pembangunan Pelajar UPM melalui kursus Ko-Kurikulum Berkredit iaitu Bakti Siswa (QKK 2101) menjadi...

OBJEKTIF 1) Mempamerkan kebolehan menguruskan dan mengimarahkan masjid (P2) 2) Mempamerkan sifat kepimpinan dalm program pengimarahan masjid (LS) 3) Menganjurkan program berkaitan pengurusan masjid dengan komuniti (TS) INOMOS APLIKASI KEMAHIRAN INSANIAH CTPS MELALUI PBL DALAM KO-KURIKULUM BERKREDIT ABSTRAK Masjid merupakan rumah ibadah bagi umat Is...

Skyline queries rely on the notion of Pareto dominance, filter the data items by keeping only those data items that are the best, most preferred, also known as skylines, from a database to meet the user’s preferences. Skyline query has been studied extensively and a significant number of skyline algorithms have been proposed, mostly attempt to reso...

Sensitive records stored in the cloud such as healthcare records, private conversation and credit card information are targets of hackers and privacy abuse. Current information and record management systems have difficulties achieving privacy protection of such sensitive records in a secure, transparent, decentralized and trustless environment. The...

Blockchain in healthcare applications requires robust security and privacy mechanism for high-level authentication, interoperability and medical records sharing to comply with the strict legal requirements of the Health Insurance Portability and Accountability Act of 1996. Blockchain technology in the healthcare industry has received considerable r...

Sniffing is one of the most prominent causes for most of the attacks in the digitized computing environment. Through various packet analyzers or sniffers available free of cost, the network packets can be captured and analyzed. The sensitive information of the victim like user credentials, passwords, a PIN which is of more considerable interest to...

Block cipher algorithms become an essential domain in Information Technology (IT) due to ever increasing the number of attacks. In point of fact, it is significant to produce a security evaluation of block cipher algorithms to determine a statistical non-random behavior of attacks. In relation to this, a new theoretical attack such as related-key d...

Observing network traffic flow for anomalies is a common method in Intrusion Detection. More effort has been taken in utilizing the data mining and machine learning algorithms to construct anomaly based intrusion detection systems, but the dependency on the learned models that were built based on earlier network behaviour still exists, which restri...

Distributed denial of service (DDoS) attack has been significantly discussed in the computer security domain, particularly due to the damaging effects it causes to organisations' assets. However, it confronts the challenge under massive growth of internet user traffic and lightning speed of computer access. In this paper, we present a comprehensive...

Although scalar multiplication is highly fundamental to elliptic curve cryptography (ECC), it is the most time-consuming operation. The performance of such scalar multiplication depends on the performance of its scalar recoding which can be measured in terms of the time and memory consumed, as well as its level of security. This paper focuses on th...

Skyline processing, an established preference evaluation technique, aims at discovering the best objects, i.e. those that are not dominated by any other objects, in satisfying the user’s preferences. Most of the skyline approaches are limited to a single user query. However, in real world scenario, due to the advancement of technology, adhoc meetin...

The notion of skyline processing is to discover the data items that are not dominated by any other data items. It is a well-known technique that is utilised to determine the best results that meet the user’s preferences. However, the rapid growth and frequent changes of data make the process of identifying skyline points no longer a trivial task. M...

Background The evolution of distributed web-based applications and cloud computing has brought about the demand to store a large amount of big data in distributed databases. Such efficient systems offer excessive availability and scalability to users. The new type of database resolves many new challenges especially in large-scale and high concurren...

Incompleteness of data is a common problem in many databases including web heterogeneous databases, multi-relational databases, spatial and temporal databases and data integration. The incompleteness of data introduces challenges in processing queries as providing accurate results that best meet the query conditions over incomplete database is not...

Biometric authentication refers to the use of measurable characteristics (or features) of the human body to provide secure, reliable and convenient access to a computer system or physical environment. These features (physiological or behavioural) are unique to individual subjects because they are usually obtained directly from their owner’s body. M...

The tremendous growth of internet-of-things integrated with VoIP applications gives a serious challenge to digital forensic researchers. This integration gives more challenges in investigation process because there are various types of VoIP application with different design and implementation features. There are diverse VoIP applications used by cr...

Direct storage of biometric templates in databases exposes the authentication system and legitimate users to numerous security and privacy challenges. Biometric cryptosystems or template protection schemes are used to overcome the security and privacy challenges associated with the use of biometrics as a means of authentication. This paper presents...

The prevailing trend of the seamless digital collection has prompted privacy concern not only among academia but also among the majority. In enforcing the automation of privacy policies and law, access control has been one of the most devoted subjects. Despite the recent advances in access control frameworks and models, there are still issues that...

Biometrics provides a secure means of authentication because it is difficult to copy, forge, or steal biometric modalities. However, unprotected biometric data can be used to violate the security of the authentication system and the privacy of legitimate users. This paper proposes and implements a modified shielding function which provides multi-bi...

Cancelable and hybrid biometric cryptosystems are two techniques used to offer protection against the security and privacy challenges faced by users of biometric authentication systems. The main objective of this paper is to present a critical review of current and emerging trends as well as open research issues in cancellable and hybrid biometric...

Common Criteria (CC) is an international standard body for certifying security products and services. CC is used for information technology security evaluation that covers generic security model, security functional and security assurance components. The standard is published to unify pre-existing security standard for users, vendors, manufactures...

Processing thousands of applications to pursue university programs can be a tedious and time-consuming task as it involves matching applicants’ qualifications with the applied programs and the program requirements. The selection officer also will have to calculate the merit score of the applicants. In some cases, the selection officer would face di...

The rapid growth of data is inevitable, and retrieving the best results that meet the user’s preferences is essential. To achieve this, skylines were introduced in which data items that are not dominated by the other data items in the database are retrieved as results (skylines). In most of the existing skyline approaches, the databases are assumed...

Due to its great benefits over many database applications, skyline queries have received formidable concern in the last decades. Skyline queries attempt to assist users by identifying the set of data items which represents the best results that meet the conditions of a given query. Most of the existing skyline techniques concentrate on identifying...

Biometric authentication is the use of unique human features to provide secure, reliable, friendly and convenient access to an environment or a computer installation. However, the use of biometrics as a means of authentication exposes legitimate users to security threats, privacy attacks and loss of identity. This paper proposes and implements a no...

Preserving privacy is a challenge and requires the management of access control, which may be based on role, purpose or trust. There are many recent advances of access control models have been developed to avoid unauthorized users access to the privacy. However, there are still issues that impede the development of effective access control. The iss...

Web caching plays a key role in delivering web items to end users in World Wide Web (WWW). On the other hand, cache size is considered as a limitation of web caching. Furthermore, retrieving the same media object from the origin server many times consumes the network bandwidth. Furthermore, full caching for media objects is not a practical solution...

Web caching plays a key role in delivering web items to end users in World Wide Web (WWW). On the other hand, cache size is considered as a limitation of web caching. Furthermore, retrieving the same media object from the origin server many times consumes the network bandwidth. Furthermore, full caching for media objects is not a practical solution...

Cloud computing provides dynamic capacity and capabilities, and it imparts resources as services over the Internet. In cloud computing, information migrated to third parties and it poses enormous security challenges such as privacy leakage and illegal access. This paper presents an authentication logic to protect data from illegal access before and...

Recently, damage caused by DDoS attacks increases year by year. Along with the advancement of communication technology, this kind of attack also evolves and it has become more complicated and hard to detect using flash crowd agent, slow rate attack and also amplification attack that exploits a vulnerability in DNS server. Fast detection of the DDoS...

In recent years, there has been great attention given to skyline queries that incorporate and provide more flexible query operators that return data items (skylines) which are not being dominated by other data items in all dimensions (attributes) of the database. Many variations in skyline techniques have been proposed in the literature. However, m...

Filtering is used in intrusion detection to remove the insignificant events from a log to facilitate the analysis method to focus on the significant events and to minimize processing overhead. Generally, filtering is performed using filtering rules, which are framed using a set of data (training data), or the known facts on anomalous events. This k...

Intrusion detection systems (IDS) effectively complement other security mechanisms by detecting malicious activities on a computer or network, and their development is evolving at an extraordinary rate. The anomaly-based IDS, which uses learning algorithms, allows detection of unknown attacks. Unfortunately, the major challenge of this approach is...

This publication presents a relation computation or calculus for international relations using a mathematical modeling. It examined trust for international relations and its calculus, which related to Bayesian inference, Dempster-Shafer theory and subjective logic. Based on an observation in the literature, we found no literature discussing the cal...

This paper proposes a hybrid scheme which combines modified shielding function with a one-way transformation technique known as matrix transformation. The modified shielding function is an improved version of the generic shielding function which eliminates the need for quantization and reliable bit selection. Concatenated error correction is applie...

In this big data era, more and more personal data have been used and further analyzed. Big data analytics has changed the traditional forms of data analysis and create a new predictive approach to knowledge and investigation. It then arise the issue of privacy and data protection related to personal data. This paper will discuss the personal data p...

Computer forensics and privacy protection fields are two conflicting directions in computer security. In the other words, computer forensics tools try to discover and extract digital evidences related to a specific crime, while privacy protection techniques aim at protecting the data owner's privacy. As a result, finding a balance between these two...

Biometric authentication is the use of unique human features to provide a secure, reliable and convenient access to an environment or a computer system. However, there are numerous security and privacy concerns associated with the use of biometrics as a means of authentication. Unprotected biometric data can be used by an impostor to impersonate le...

Privacy policies are required by most, if not all, existing privacy acts to make clear how private data are collected, used and disclosed. They are used as a guideline by the data collector to control its behaviour. They also help the data owner to know how the data will be maintained. Therefore, defining privacy policies for computer forensics is...

Recently, many scholars have tried to design new security methods inspired by biological techniques, as DNA, Some of which are in the domains of cryptography and steganography. In this article, a new DNA-based S-Box was designed inspired by biology DNA techniques to be used for SPN symmetric block ciphers. The new DNA-base S-Box is used in order to...

File integrity monitoring (FIM) tool is used to mitigate integrity violation risk in an operating system and storage environment. The main challenge is to ensure the modification of related files can be detected as soon as the event occurs as fast detection can be vital to prevent further damage. However, issues on FIM is about the performance pena...

Skyline queries provide a flexible query operator that returns data items (skylines) which are not being dominated by other data items in all dimensions (attributes) of the database. Most of the existing skyline techniques determine the skylines by assuming that the values of dimensions for every data item are available (complete). However, this as...

Web proxy caches are used to improve the performance of the World Wide Web (WWW). Many advantages can be gathered from caching such as improving the hit rates, reducing network traffic, and alleviating loads on origin servers. On the other hand, retrieving the same object many times consumes the network bandwidth. Thus, in order to overcome this Im...

The use of key-dependent MixColumns can be regarded as one of the applied techniques for changing the quality of a cryptographic algorithm. This article explains one approach for altering the MixColumns transformation engaged in the AES algorithm. The approach employed methods inspired from DNA processes and structure, which relied on the key.The p...

Nowadays in database systems finding the best results that meet the preferences of users is the most important issue. Skyline queries present data items that are not being dominated by the other data items in a database. Most of the approaches assume that the database is complete which means there are no missing values in the database dimensions. I...

The use of key-dependent shiftRows can be considered as one of the applied methods for altering the quality of a cryptographic algorithm. This article describes one approach for changing the ShiftRows transformation employed in the algorithm AES. The approach employs methods inspired from DNA processes and structure which depended on the key while...

Distributed Denial of Service (DDoS) is a major threat among many security issues. To overcome this problem, many studies have been carried out by researchers, however due to inefficiency of their techniques in terms of accuracy and computational cost, proposing an efficient method to detect DDoS attack is still a hot topic in research. Current pap...

As the influence of Internet and networking technologies as communication medium advance and expand across the globe, cyber attacks also grow accordingly. Anomaly detection systems (ADSs) are employed to scrutinize information such as packet behaviours coming from various locations on network to find those intrusive activities as fast as possible w...

Data mining is a common automated way of generating normal patterns for intrusion detection systems. In this work a large dataset is customized to be suitable for both sequence mining and association rule learning. These two different mining methods are then tested and compared to find out which one produces more accurate valid patterns for the int...