http://foaad.net/index.php/ en http://foaad.net/index.php/academic-reference/pidiot-probabilistic-intrusion-detection-internet-things <span class="field field--name-title field--type-string field--label-hidden">PIDIoT: Probabilistic Intrusion Detection for the Internet-Of-Things</span> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>foaad</span></span> <span class="field field--name-created field--type-created field--label-hidden">Sun, 08/14/2022 - 12:58</span> <div class="field field--name-field-authorship field--type-string field--label-inline clearfix"> <div class="field__label">Authorship</div> <div class="field__item">Max Zinkus, Bruce DeBruhl and Foaad Khosmood</div> </div> <div class="field field--name-field-publication field--type-string field--label-inline clearfix"> <div class="field__label">Publication</div> <div class="field__item">IEEE Globecom</div> </div> <div class="field field--name-field-publication-type field--type-list-string field--label-hidden field__item">Conference</div> <div class="field field--name-field-location field--type-string field--label-inline clearfix"> <div class="field__label">Location</div> <div class="field__item">Waikoloa, Hawaii</div> </div> <div class="field field--name-field-date field--type-datetime field--label-hidden field__item"><time datetime="2019-12-01T12:00:00Z" class="datetime">Sunday, December 1, 2019 - 12:00</time> </div> <div class="field field--name-field-tags field--type-entity-reference field--label-inline clearfix"> <h3 class="field__label inline">Tags</h3> <ul class="links field__items"> <li><a href="/tags/security" hreflang="en">Security</a></li> <li><a href="/tags/systems" hreflang="en">Systems</a></li> </ul> </div> <div class="field field--name-field-download field--type-link field--label-hidden field__items"> <div class="field__item"><a href="https://seclab-jhu.github.io/sec-read/files/IoT_IDS_for_GlobeComm.pdf">Github</a></div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-above"> <div class="field__label">Abstract</div> <div class="field__item"><p>The Internet-of-things promises sweeping change through increased connectivity and ubiquitous integration of technology into our lives. However, as we create economies of scale for data aggregation and processing, we also create attractive targets for various adversaries. In this work we design a lightweight, probabilistic intrusion detection system, or PIDIoT. We design PIDIoT to use operational measurements from IoT devices, with lightweight hash functions and Bloom filters to perform fuzzy anomaly detection.</p></div> </div> Sun, 14 Aug 2022 19:58:11 +0000 foaad 148 at http://foaad.net http://foaad.net/index.php/ref/understanding-botnet-driven-blog-spam-motivations-and-methods <span class="field field--name-title field--type-string field--label-hidden">Understanding Botnet-driven Blog Spam: Motivations and Methods</span> <div class="field field--name-field-research-image field--type-image field--label-hidden field__item"> <a href="/sites/default/files/IMG_20170810_131728.jpg"><img loading="lazy" src="/sites/default/files/styles/mid_size/public/IMG_20170810_131728.jpg?itok=YNkg3WHG" width="300" height="200" alt="" class="image-style-mid-size" /> </a> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>foaad</span></span> <span class="field field--name-created field--type-created field--label-hidden">Mon, 09/11/2017 - 23:43</span> <div class="field field--name-field-authorship field--type-string field--label-inline clearfix"> <div class="field__label">Authorship</div> <div class="field__item">Brandon Bevans, Bruce DeBruhl, Foaad Khosmood</div> </div> <div class="field field--name-field-publication field--type-string field--label-inline clearfix"> <div class="field__label">Publication</div> <div class="field__item">Digital Humanities 2017</div> </div> <div class="field field--name-field-publication-type field--type-list-string field--label-hidden field__item">Conference</div> <div class="field field--name-field-location field--type-string field--label-inline clearfix"> <div class="field__label">Location</div> <div class="field__item">Montreal, Canada</div> </div> <div class="field field--name-field-date field--type-datetime field--label-hidden field__item"><time datetime="2017-08-01T12:00:00Z" class="datetime">Tuesday, August 1, 2017 - 12:00</time> </div> <div class="field field--name-field-tags field--type-entity-reference field--label-inline clearfix"> <h3 class="field__label inline">Tags</h3> <ul class="links field__items"> <li><a href="/tags/security" hreflang="en">Security</a></li> </ul> </div> <div class="field field--name-field-download field--type-link field--label-hidden field__items"> <div class="field__item"><a href="https://dh2017.adho.org/abstracts/329/329.pdf">DH2017 Proceedings</a></div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-above"> <div class="field__label">Abstract</div> <div class="field__item"><p>Spam, or unsolicited commercial communication, has evolved from telemarketing schemes to a highly sophisticated and profitable black-market business. Although many users are aware that email spam is prominent, they are less aware of blog spam (Thomason, 2007). Blog spam, also known as forum spam, is spam that is posted to a public or outward facing website. Blog spam can be to accomplish many tasks that email spam is used for like posting links to a malicious executable.</p></div> </div> Tue, 12 Sep 2017 06:43:34 +0000 foaad 106 at http://foaad.net http://foaad.net/index.php/ref/user-identification-through-command-history-analysis <span class="field field--name-title field--type-string field--label-hidden">User identification through command history analysis</span> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>foaad</span></span> <span class="field field--name-created field--type-created field--label-hidden">Tue, 12/23/2014 - 22:51</span> <div class="field field--name-field-authorship field--type-string field--label-inline clearfix"> <div class="field__label">Authorship</div> <div class="field__item">Foaad Khosmood, Phillip L. Nico, Jon Woolery</div> </div> <div class="field field--name-field-publication field--type-string field--label-inline clearfix"> <div class="field__label">Publication</div> <div class="field__item">IEEE Computational Intelligence in Cyber Security</div> </div> <div class="field field--name-field-publication-type field--type-list-string field--label-hidden field__item">Conference</div> <div class="field field--name-field-location field--type-string field--label-inline clearfix"> <div class="field__label">Location</div> <div class="field__item">Orlando, Florida</div> </div> <div class="field field--name-field-date field--type-datetime field--label-hidden field__item"><time datetime="2014-12-01T12:00:00Z" class="datetime">Monday, December 1, 2014 - 12:00</time> </div> <div class="field field--name-field-tags field--type-entity-reference field--label-inline clearfix"> <h3 class="field__label inline">Tags</h3> <ul class="links field__items"> <li><a href="/tags/security" hreflang="en">Security</a></li> <li><a href="/tags/nlp" hreflang="en">NLP</a></li> </ul> </div> <div class="field field--name-field-download field--type-link field--label-hidden field__items"> <div class="field__item"><a href="http://ieeexplore.ieee.org/xpl/login.jsp?tp=&amp;arnumber=7013363&amp;url=http%3A//ieeexplore.ieee.org/xpls/abs_all.jsp%3Farnumber%3D7013363">IEEE Xplore Digital Library</a></div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-above"> <div class="field__label">Abstract</div> <div class="field__item"><p>As any veteran of the editor wars can attest, Unix users can be fiercely and irrationally attached to the commands they use and the manner in which they use them. In this work, we investigate the problem of identifying users out of a large set of candidates (25-97) through their command-line histories. Using standard algorithms and feature sets inspired by natural language authorship attribution literature, we demonstrate conclusively that individual users can be identified with a high degree of accuracy through their command-line behavior.</div> </div> <div class="field field--name-field-attachment field--type-file field--label-hidden field__items"> <div class="field__item"> <span class="file file--mime-application-pdf file--application-pdf"> <a href="/sites/default/files/attachments/userID.pdf" type="application/pdf">userID.pdf</a></span> </div> </div> Wed, 24 Dec 2014 06:51:40 +0000 foaad 54 at http://foaad.net