Wazen Shbair

Wazen Shbair
University of Luxembourg · Computer Science and Communications Research Unit

PhD
Senior Blockchain Architect

About

45
Publications
88,796
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
725
Citations
Introduction
Wazen SHBAIR is a research associate at the Interdisciplinary Center for Security Reliability and Trust, SnT, at the University of Luxembourg. In May 2017 he received his Ph.D. on service-level monitoring of HTTPS traffic from the University of Lorraine, France. Currently his research area is blockchain technology.
Additional affiliations
May 2017 - May 2022
University of Luxembourg
Position
  • Research Associate
June 2016 - May 2017
Lorrain de Recherche en Informatique et Ses Applications
Position
  • Engineer
Education
December 2013 - May 2017
University of Lorraine
Field of study
  • Network security and monitoring
September 2006 - September 2009
Cairo University
Field of study
  • Computer Engineering
September 2001 - September 2006
Islamic University of Gaza
Field of study
  • Computer Engineering

Publications

Publications (45)
Conference Paper
Full-text available
With the large increase in the adoption of blockchain technologies, their underlying peer-to-peer networks must also scale with the demand. In this context, previous works highlighted the importance of ensuring efficient and resilient communication for the underlying consensus and replication mechanisms. However , they were mainly focused on mainst...
Conference Paper
Full-text available
The XRP Ledger is one of the oldest and most well-established blockchains, using a particular type of consensus mechanism that differs from the typical Proof of Work and Proof of Stake. The underlying p2p network uses flooding to disseminate certain types of messages during the consensus rounds, leading to performance and scalability issues. In thi...
Conference Paper
Full-text available
Recent technologies such as inter-ledger payments, non-fungible tokens, and smart contracts are all fruited from the ongoing development of Distributed Ledger Technologies. The foreseen trend is that they will play an increasingly visible role in daily life, which will have to be backed by appropriate operational resources. For example, due to incr...
Preprint
Full-text available
With the growing adoption of Distributed Ledger Technologies and the subsequent scaling of these networks, there is an inherent need for efficient and resilient communication used by the underlying consensus and replication mechanisms. While resilient and efficient communication is one of the main pillars of an efficient blockchain network as a who...
Preprint
Full-text available
PayString is an initiative to make payment identifiers global and human-readable, facilitating the exchange of payment information. However, the reference implementation lacks privacy and security features, making it possible for anyone to access the payment information as long as the PayString identifier is known. We propose an innovative solution...
Conference Paper
Full-text available
The security of distributed applications backed by blockchain technology relies mainly on keeping the associated cryptographic keys (i.e. private keys) in well-protected storage. Since they are the unique proof of ownership of the underlying digital assets. If the keys are stolen or lost, there is no way to recover the assets. The cold wallet is a...
Poster
Full-text available
PayString is an initiative to make payment identifiers global and human-readable, facilitating the exchange of payment information. However, the reference implementation lacks privacy and security features, making it possible for anyone to access the payment information as long as the PayString identifier is known. We propose an innovative solution...
Preprint
Full-text available
The security of distributed applications backed by blockchain technology relies mainly on keeping the associated cryptographic keys (i.e. private keys) in well-protected storage. Since they are the unique proof of ownership of the underlying digital assets. If the keys are stolen or lost, there is no way to recover the assets. The cold wallet is a...
Conference Paper
Full-text available
Banks in Europe must comply with new EU regulation and legislation. Recent legislation has focused on personal data, Know Your Customer (KYC), and anti-money laundering. As a result, the cost of KYC compliance is higher than ever, requiring time consuming work by both the banks and their customers in the form of document collection and verification...
Preprint
Full-text available
HTTPS is quickly rising alongside the need of Internet users to benefit from security and privacy when accessing the Web, and it becomes the predominant application protocol on the Internet. This migration towards a secure Web using HTTPS comes with important challenges related to the management of HTTPS traffic to guarantee basic network propertie...
Preprint
Full-text available
Traffic monitoring is essential for network management tasks that ensure security and QoS. However, the continuous increase of HTTPS traffic undermines the effectiveness of current service-level monitoring that can only rely on unreliable parameters from the TLS handshake (X.509 certificate, SNI) or must decrypt the traffic. We propose a new machin...
Article
Full-text available
Pretty Good Privacy (PGP) is one of the most prominent cryptographic standards offering end-to-end encryption for email messages and other sensitive information exchange. PGP allows to verify the identity of the correspondent in information exchange as well as the information integrity. PGP implements asymmetric encryption with certificates shared...
Conference Paper
Full-text available
Future blockchain applications are anticipated to serve millions of users. Thus the evaluation of new blockchain applications have to consider large-scale assessment of the technologies behind the scene. Most of current testing approaches have been done either on simulators or via local small blockchain networks. Hence, the performance in real worl...
Conference Paper
Full-text available
Know Your Customer (KYC) processes performed by banks on their customers are redundant, cumbersome and costly. Therefore, a system is proposed to automate menial tasks and allow sharing of data related to KYC. A blockchain dictates the collaboration between different participants and several services are built around it to support the functionality...
Conference Paper
Full-text available
Pretty Good Privacy (PGP) is one of the most prominent cryptographic standards, offering end-to-end encryption for email messages and other sensitive information. PGP allows to verify the identity of the correspondent in information exchange as well as the information integrity. It implements asymmetric encryption with certificates shared through a...
Conference Paper
Full-text available
Large files cannot be efficiently stored on blockchains. On one hand side, the blockchain becomes bloated with data that has to be propagated within the blockchain network. On the other hand, since the blockchain is replicated on many nodes, a lot of storage space is required without serving an immediate purpose, especially if the node operator doe...
Conference Paper
Full-text available
Conducting experiments to evaluate blockchain applications is a challenging task for developers, because there is a range of configuration parameters that control blockchain environments. Many public testnets (e.g. Rinkeby Ethereum) can be used for testing, however, we cannot adjust their parameters (e.g. Gas limit, Mining difficulty) to further th...
Conference Paper
Full-text available
Traditional Public-Key Infrastructure (PKI) is Certificate Authority based (CA-based). Thus, the security of PKI is completely relying on the security of CAs' infrastructure. However, many recent breaches show that the CA's infrastructure can be compromised as well as exposed to operational errors, while the Log-based PKIs and Web of Trust (WoT) ap...
Presentation
Full-text available
We developed a tool that facilitates nodes reservation, deployment and blockchain configuration over the Grid’5000 platform.
Presentation
Full-text available
Performance Measurement of Private Blockchains
Presentation
Full-text available
Blockchain an overview and research perspective
Thesis
Full-text available
In this thesis, we provide a privacy preserving for monitoring HTTPS services. First, we first investigate a recent technique for HTTPS services monitoring that is based on the Server Name Indication (SNI) field of the TLS handshake. We show that this method has many weakness, which can be used to cheat monitoring solutions.To mitigate this issue,...
Thesis
Full-text available
Surveys show that websites are more and more being served over HTTPS. On one side, HTTPS provides users with essential properties of security and privacy, but on the other side, it raises important challenges and issues for organizations, related to the security monitoring of encrypted traffic (filtering, anomaly detection, etc.). Existing HTTPS mo...
Data
We make our HTTPS dataset is publicly available with full payloads, which is not the case with current public ones. We aim to contribute in solving the absence of reference datasets for HTTPS. The dataset contains full HTTPS raw PCAP files of crawling top 779 accessed HTTPS websites. The scan was made daily based, two times per day using Goolge Chr...
Conference Paper
Full-text available
Recent surveys show that the proportion of encrypted web traffic is quickly increasing. On one side, it provides users with essential properties of security and privacy, but on the other side, it raises important challenges and issues for organizations, related to the security monitoring of encrypted traffic (filtering, anomaly detection, etc.). Th...
Conference Paper
Full-text available
The development of TLS-based encrypted traffic comes with new challenges related to the management and security analysis of encrypted traffic. There is an essential need for new methods to investigate, with a proper level of identification, the increasing number of HTTPS traffic that may hold security breaches. In fact, although many approaches det...
Poster
Full-text available
An Open and Flexible Architecture for Monitoring HTTPS Traffic
Conference Paper
Full-text available
Encrypted Internet traffic is an essential element to enable security and privacy in the Internet. Surveys show that websites are more and more being served over HTTPS. They highlight an increase of 48\% of sites using TLS over the past year, justifying the tendency that the Web is going to be encrypted. This motivates the development of new tools...
Conference Paper
Full-text available
In Palestine, 44.7% of the population is under 16 with literacy rate of 91.9% over all of the population. More than half of Palestinian youth own computers and have access to the Internet. With such prospect, ensuring information security and spreading awareness of it is one of the main challenges facing researchers on a national level. In this...
Conference Paper
Full-text available
This paper presents a genetic algorithm based approach to the scheduling of electricity distribution. Gaza strip challenges shortage of electricity power. Electricity Distribution Company overcomes this shortage by dividing the cities into sub-regions and providing them with electricity power in alternating manner. But this approach suffer from a l...
Book
The phenomenal growth of networked computers has fostered the deployment of many network applications such as command and control military communication, Email, web browsing, E-voting, and E-shopping. Many applications need ultra-secure protection. This problem can simply states as: “By the act of communicating, even if perfect confidentiality of t...
Conference Paper
Full-text available
Traffic analysis is a security attack where an adversary observes the statistical pattern of network traffic to infer sensitive information. Statistical properties such as packets length and inter-arrival time provide valuable information about an application, user's activities, and an underlying system. On the other hand, traffic analysis is categ...

Network

Cited By