Faheem Ullah’s research while affiliated with Zayed University and other places

The widespread adoption of microservice architectures has given rise to a new set of software security challenges. These challenges stem from the unique features inherent in microservices. It is important to systematically assess and address these software security issues through effective security risk assessments. However, existing risk assessment approaches, such as expert-based manual assessment, prove inefficient in accurately evaluating the security risks of microservices. Furthermore, the absence of security vulnerability metrics hampers the evaluation of these risks. To address these issues, we propose CyberWise Predictor, a framework designed for predicting and assessing security risks associated with microservice architectures. Our framework employs transformers, which are deep learning-based natural language processing models, to analyze descriptions of vulnerabilities for predicting vulnerability metrics to assess security risks. Our experimental evaluation shows the effectiveness of CyberWise Predictor, achieving an average accuracy of 92% in automatically predicting vulnerability metrics for their risk assessment.

Cyber situational awareness systems are increasingly used for creating cyber common operating pictures for cybersecurity analysis and education. However, these systems face data occlusion and convolution issues due to the burgeoning complexity, dimensionality, and heterogeneity of cybersecurity data, which damages cyber situational awareness of end-users. Moreover, conventional forms of human–computer interactions, such as mouse and keyboard, increase the mental effort and cognitive load of cybersecurity practitioners when analyzing cyber situations of large-scale infrastructures. Therefore, immersive technologies, such as virtual reality, augmented reality, and mixed reality, are employed in the cybersecurity realm to create intuitive, engaging, and interactive cyber common operating pictures. Immersive cyber situational awareness (ICSA) systems provide several unique visualization techniques and interaction features for the perception, comprehension, and projection of cyber situational awareness. However, there has been no attempt to comprehensively investigate and classify the existing state of the art in the use of immersive technologies for cyber situational awareness. Therefore, in this paper, we have gathered, analyzed, and synthesized the existing body of knowledge on ICSA systems. In particular, our survey has identified visualization and interaction techniques, evaluation mechanisms, and different levels of cyber situational awareness (i.e., perception, comprehension, and projection) for ICSA systems. Consequently, our survey has enabled us to propose (i) a reference framework for designing and analyzing ICSA systems by mapping immersive visualization and interaction techniques to the different levels of ICSA; (ii) future research directions for advancing the state of the art on ICSA systems; and (iii) an in-depth analysis of the industrial implications of ICSA systems to enhance cybersecurity operations.

Purpose: The increasing number of cyber-attacks has elevated the importance of cybersecurity for organizations. This has also increased the demand for professionals with the necessary skills to protect these organizations. As a result, many individuals are looking to enter the field of cybersecurity. However, there is a lack of clear understanding of the skills required for a successful career in this field. In this paper, we identify the skills required for cybersecurity professionals. We also determine how the demand for cyber skills relates to various cyber roles such as security analyst and security architect. Furthermore, we identify the programming languages that are important for cybersecurity professionals. Design/Methodology: For this study, we have collected and analyzed data from 12,161 job ads and 49,002 Stack Overflow posts. By examining this, we identified patterns and trends related to skill requirements, role-specific demands, and programming languages in cybersecurity. Findings: Our results reveal that (i) communication skills and project management skills are the most important soft skills, (ii) as compared to soft skills, the demand for technical skills varies more across various cyber roles, and (iii) Java is the most commonly used programming language. Originality: Our findings serve as a guideline for individuals aiming to get into the field of cybersecurity. Moreover, our findings are useful in terms of informing educational institutes to teach the correct set of skills to students doing degrees in cybersecurity.

Cyber situational awareness systems are increasingly used for creating cyber common operating pictures for cybersecurity analysis and education. However, these systems face data occlusion and convolution issues due to the burgeoning complexity, dimensionality, and heterogeneity of cybersecurity data, which damages cyber Situational Awareness (SA) of end-users. Moreover, conventional ways of human-computer interactions, such as mouse and keyboard, increase the mental effort and cognitive load of cybersecurity practitioners, when analyzing cyber situations of large-scale infrastructures. Therefore, immersive technologies, such as virtual reality, augmented reality, and mixed reality, are employed in the cybersecurity realm to create intuitive, engaging, and interactive cyber common operating pictures. The Immersive Cyber Situational Awareness (ICSA) systems provide several unique visualization techniques and interaction features for the perception, comprehension, and projection of cyber SA. However, there has been no attempt to comprehensively investigate and classify the existing state of the art in the use of immersive technologies for cyber SA. Therefore, in this paper, we have gathered, analyzed, and synthesized the existing body of knowledge on ICSA systems. In particular, our survey has identified visualization and interaction techniques, evaluation mechanisms, and different levels of cyber SA (i.e., perception, comprehension, and projection) for ICSA systems. Consequently, our survey has enabled us to propose: (i) a reference framework for designing and analyzing ICSA systems by mapping immersive visualization and interaction techniques to the different levels of ICSA; (ii) future research directions for advancing the state-of-the-art on ICSA systems; and (iii) an in-depth analysis of the industrial implications of ICSA systems to enhance cybersecurity operations.

Microservice architectures are revolutionizing both small businesses and large corporations, igniting a new era of innovation with their exceptional advantages in maintainability, reusability, and scalability. However, these benefits come with significant security challenges, as the increased complexity of service interactions, expanded attack surfaces, and intricate dependency management introduce a new array of cybersecurity vulnerabilities. While security concerns are mounting, there is a lack of comprehensive research that integrates a review of existing knowledge with empirical analysis of microservice vulnerabilities. This study aims to fill this gap by gathering, analyzing, and synthesizing existing literature on security vulnerabilities associated with microservice architectures. Through a thorough examination of 62 studies, we identify, analyze, and report 126 security vulnerabilities inherent in microservice architectures. This comprehensive analysis enables us to (i) propose a taxonomy that categorizes microservice vulnerabilities based on the distinctive features of microservice architectures; (ii) conduct an empirical analysis by performing vulnerability scans on four diverse microservice benchmark applications using three different scanning tools to validate our taxonomy; and (iii) map our taxonomy vulnerabilities with empirically identified vulnerabilities, providing an in-depth vulnerability analysis at microservice, application, and scanning tool levels. Our study offers crucial guidelines for practitioners and researchers to advance both the state-of-the-practice and the state-of-the-art in securing microservice architectures.

Microservice architectures are revolutionizing both small businesses and large corporations, igniting a new era of innovation with their exceptional advantages in maintainability, reusability, and scalability. However, these benefits come with significant security challenges, as the increased complexity of service interactions, expanded attack surfaces, and intricate dependency management introduce a new array of cybersecurity vulnerabilities. While security concerns are mounting, there is a lack of comprehensive research that integrates a review of existing knowledge with empirical analysis of microservice vulnerabilities. This study aims to fill this gap by gathering, analyzing, and synthesizing existing literature on security vulnerabilities associated with microservice architectures. Through a thorough examination of 62 studies, we identify, analyze, and report 126 security vulnerabilities inherent in microservice architectures. This comprehensive analysis enables us to (i) propose a taxonomy that categorizes microservice vulnerabilities based on the distinctive features of microservice architectures; (ii) conduct an empirical analysis by performing vulnerability scans on four diverse microservice benchmark applications using three different scanning tools to validate our taxonomy; and (iii) map our taxonomy vulnerabilities with empirically identified vulnerabilities, providing an in-depth vulnerability analysis at microservice, application, and scanning tool levels. Our study offers crucial guidelines for practitioners and researchers to advance both the state-of-the-practice and the state-of-the-art in securing microservice architectures.

Big Data Cyber Security Analytics (BDCA) systems leverage big data technologies to collect, store, and analyze a large volume of security event data for detecting cyber-attacks. Architecting BDCA systems is a complex design activity, which involves critical decisions about the selection of architectural tactics for the satisfaction of various quality goals. Software architects need to consider associated dependencies, constraints, and impact on quality goals, which makes the design process quite challenging. To facilitate the design process, we propose guidance models for supporting the systematic design of BDCA systems. The guidance models facilitate architects to map functional and non-functional requirements for BDCA systems to a set of architectural tactics.KeywordsSecurityBig DataArchitectural TacticDesign

A benchmark study of modern distributed databases (e.g., Cassandra, MongoDB, Redis, and MySQL) is an important source of information for selecting the right technology for managing data in edge-cloud deployments. While most of the existing studies have investigated the performance and scalability of distributed databases in cloud computing, there is a lack of focus on resource utilization (e.g., energy, bandwidth, and storage consumption) of workload offloading for distributed databases deployed in edge-cloud environments. For this purpose, we conducted experiments on various physical and virtualized computing nodes including variously powered servers, Raspberry Pi, and hybrid cloud (OpenStack and Azure). Our extensive experimental results reveal insights into which database under which offloading scenario is more efficient in terms of energy, bandwidth, and storage consumption.