Congratulations to Shams Zawoad, Ragib Hasan, and John W Grimes for having their work on litigation hold enabled cloud storage accepted in the 15th Annual DFRWS (USA) Conference.

Shams Zawoad, Ragib Hasan, and John W Grimes, “LINCS: Towards Building a Trustworthy Litigation Hold Enabled Cloud Storage System”, the 15th Annual DFRWS (USA) Conference, Philadelphia, PA, August 2015.

Congratulations to Shams Zawoad, Ragib Hasan, Gary Warner, and Md Munirul Haque for having their work on Cloud-based Spam URL Deduplication for Big Datasets accepted in the International Journal of Cloud Computing (IJCC).

Shams Zawoad, Ragib Hasan, Gary Warner, Md Munirul Haque “Towards a Cloud-based Approach for Spam URL Deduplication for Big Datasets”, International Journal of Cloud Computing (IJCC), 2(3), 2014, pp. 1-14.

Abstract
Spam emails are often used to advertise phishing websites and lure users to visit such sites. URL blacklisting is a widely used technique for blocking malicious phishing websites. To prepare an effective blacklist, it is necessary to analyze possible threats and include the identified malicious sites in the blacklist. However, the number of URLs acquired from spam emails is quite large. Fetching and analyzing the content of this large number of websites are very expensive tasks given limited computing and storage resources. To solve the problem of massive computing and storage resource requirements, we need a highly distributed and scalable architecture, where we can provision additional resources to fetch and analyze on the fly. Moreover, there is a high degree of redundancy in the URLs extracted from spam emails, where more than one spam emails contain the same URL. Hence, preserving the contents of all the websites causes significant storage waste. Additionally, fetching content from a fixed IP address introduces the possibility of being reversed blacklisted by malicious websites. In this paper, we propose and develop CURLA – a Cloud-based spam URL Analyzer, built on top of Amazon Elastic Computer Cloud (EC2) and Amazon Simple Queue Service (SQS). CURLA allows deduplicating large number of spam-based URLs in parallel, which reduces the cost of establishing equally capable local infrastructure. Our system builds a database of unique spam-based URL and accumulates the content of these unique websites in a central repository. This database and website repository will be a great resource to identify phishing websites and other counterfeit websites. We show the effectiveness of our architecture using real-life, large-scale spam-based URL data.

Congratulations to Ragib Hasan, Shams Zawoad, Rasib Khan, Md. Mahmud Hossain, and Jinfang Xu on having three papers accepted in the 3rd International Conference on Mobile Cloud Computing, Services, and Engineering, San Francisco (IEEE Mobile Cloud), Mar 2015.

Rasib Khan, Ragib Hasan, Jinfang Xu, “SEPIA: Secure-PIN-Authentication-as-a-Service for ATM using Mobile and Wearable Devices”, accepted as full paper in IEEE Mobile Cloud 2015.

Ragib Hasan, Md. Mahmud Hossain, Rasib Khan, “Aura: An IoT based Cloud Infrastructure for Localized Mobile Computation Outsourcing”, accepted as short paper in IEEE Mobile Cloud 2015.

Shams Zawoad and Ragib Hasan, “Towards a Systematic Analysis of Challenges and Issues in Secure Mobile Cloud Forensics”, accepted as poster paper in IEEE Mobile Cloud 2015.

Congratulations to Ragib Hasan, Rasib Khan, Shams Zawoad, and Munirul Haque for having their work “WORAL: A Witness Oriented Secure Location Provenance Framework for Mobile Devices” accepted for publication in IEEE Transactions on Emerging Topics in Computing.

Ragib Hasan, Rasib Khan, Shams Zawoad, Md Haque, “WORAL: A Witness Oriented Secure Location Provenance Framework for Mobile Devices”, to appear in IEEE Transactions on Emerging Topics in Computing (TETC) SI on Cyber Security, 2015

Abstract

Location based services allow mobile device users to access various services based on the users’ current physical location information. Path-critical applications, such as supply chain verification, require a chronological ordering of location proofs. It is a significant challenge in distributed and user-centric architectures for users to prove their presence and the path of travel in a privacy-protected and secure manner. So far, proposed schemes for secure location proofs are mostly subject to tampering, not resistant to collusion attacks, do not offer preservation of the provenance, and are not flexible enough for users to prove their provenance of location proofs. In this paper, we present WORAL, a complete ready-to-deploy framework for generating and validating witness oriented asserted location provenance records. The WORAL framework is based on the Asserted Location Proof protocol [1] and the OTIT model [2] for generating secure location provenance on the mobile devices. WORAL allows user-centric, collusion resistant, tamper-evident, privacy protected, verifiable, and provenance preserving location proofs for mobile devices. The paper presents the schematic development, feasibility of usage, comparative advantage over similar protocols, and implementation of WORAL for Android device users including a Google Glass based client for enhanced usability.

Look at our videos online

1. Ragib Hasan, 2013 DHS S&T PI Meeting, VA, USA
2. WORAL Project Promo Video

References

[1] Rasib Khan, Shams Zawoad, Md Munirul Haque and Ragib Hasan, “Who, When, and Where? Location Proof Assertion for Mobile Devices“, DBSEC 2014 Vienna, Austria, July 14-16, 2014. [pdf]

[2] Rasib Khan, Shams Zawoad, Md. Haque, and Ragib Hasan, “OTIT: Towards Secure Provenance Modeling for Location Proofs“, in Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS), Kyoto, Japan, June 2014.  [pdf]

Congratulations to Shahid Al Noor, Ragib Hasan and Md Haque for having their work on CellCloud accepted in the International Journal of Cloud Computing (IJCC).

Shahid Al Noor, Ragib Hasan, and Md Haque “CellCloud: Towards A Cost Effective Formation of Mobile Cloud Based on Bidding Incentives“, To appear at the International Journal of Cloud Computing (IJCC), 2015.

Abstract

In recent years, cloud computing has become the dominant computing paradigm. Researchers have explored the possibility of building clouds out of loosely associated mobile computing devices. However, most such efforts failed due to the lack of a proper incentive model for the mobile device owners. In this paper, we propose CellCloud – a practical mobile cloud architecture which can be easily deployed on existing cellular phone network infrastructure. CellCloud is based on a novel reputation-based economic incentive model in order to compensate the phone owners for the use of their phones as cloud computing nodes. CellCloud offers a practical model for performing cloud operations, with lower costs compared to a traditional cloud. We provide an elaborate analysis of the model with security and economic incentives as major focus. Along with a cost equation model, we perform extensive simulations to evaluate the performance and analyze the feasibility of our proposed model. Our simulation results show that CellCloud creates a win-win scenario for all three stakeholders (client, cloud provider, and mobile device owners) to ensure the formation of a successful mobile cloud architecture.

Our recent work on a forensics-enabled cloud architecture was accepted in 11th Annual IFIP WG 11.9 International Conference on Digital Forensics

Shams Zawoad and Ragib Hasan, “FECloud: A Trustworthy Forensics-Enabled Cloud Architecture”, 11th Annual IFIP WG 11.9 International Conference on Digital Forensics, Orlando, Florida, Janurary 2015.

Abstract

The rapid migration from traditional computing and storage model to the cloud model creates the necessity of supporting reliable forensics in the cloud. However, today’s cloud computing architectures often lack support for forensic investigations because many of the assumptions that are taken for granted in traditional digital forensics do not apply to clouds. Hence, the existing digital forensics tools cannot handle the dynamic and black-box natures of clouds. Moreover, trustworthiness of evidence can be questionable because of the possibility of collusion between dishonest cloud providers, malicious users, and investigators. Since reliability and accuracy of evidence are very important factors while evaluating evidence during a criminal investigation and prosecution, we need to preserve the integrity of evidence before and after collecting from clouds. In this paper, we first identify the required properties to support trustworthy forensics in clouds. Based on the requirements, we propose a forensics-enabled cloud architecture (FECloud) to preserve and provide required evidence while protecting the privacy and integrity of the evidence. FECloud is designed on top of Openstack – a popular open source cloud computing platform. Incorporating architectures like FECloud may impose significant business impacts on Cloud Service Providers (CSP) as well as customers. CSPs can attract more customers with the assurance of providing proper forensics support. Likewise, customers do not require extreme investment on establishing their own forensics friendly infrastructures.

Title:`Cloud Forensics’,
Author: Shams Zawoad and Ragib Hasan,
Book Title: ‘Encyclopedia of Cloud Computing‘,
Publisher: Wiley,
Summary: Cloud forensics is a special branch of digital forensics, which is required to establish facts about incidents that are actively or passively related to clouds. However, today’s cloud computing architectures often lack support for forensic investigations because many of the assumptions that are taken for granted in traditional digital forensics do not apply to clouds. Hence, the existing digital forensics tools cannot cope with the dynamic and black-box natures of clouds. This chapter discusses the challenges of cloud forensics, discusses existing techniques to support reliable forensics, and explores the open problems in this area.

Hot Zone Identification: Analyzing Effects of Data Sampling on Spam Clustering
Authors: Rasib Khan, Mainul Mizan, Ragib Hasan, and Alan Sprague,
Journal of Digital Forensics, Security and Law (JDFSL), 9(1): 67-82, 2014

This paper was selected as one of the best papers from ADFSL Conference on Digital Forensics, Security and Law for publication in Journal of Digital Forensics (JDFSL).

Abstract: Email is the most common and comparatively the most efficient means of exchanging information in today’s world. However, given the widespread use of emails in all sectors, they have been the target of spammers since the beginning. Filtering spam emails has now led to critical actions such as forensic activities based on mining spam email. The data mine for spam emails at the University of Alabama at Birmingham is considered to be one of the most prominent resources for mining and identifying spam sources. It is a widely researched repository used by researchers from different global organizations. The usual process of mining the spam data involves going through every email in the data mine and clustering them based on their different attributes. However, given the size of the data mine, it takes an exceptionally long time to execute the clustering mechanism each time. In this paper, we have illustrated sampling as an efficient tool for data reduction, while preserving the information within the clusters, which would thus allow the spam forensic experts to quickly and effectively identify the ‘hot zone’ from the spam campaigns. We have provided detailed comparative analysis of the quality of the clusters after sampling, the overall distribution of clusters on the spam data, and timing measurements for our sampling approach. Additionally, we present different strategies which allowed us to optimize the sampling process using data-preprocessing and using the database engine’s computational resources, and thus improving the performance of the clustering process.