Kashif Saleem

Children Safety: while using Apple devices over the internet
LinkedIn
May 03, 2020

Cybersafety of our children is extremely important. These days due to the pandemic and lockdown in several countries, kids most of the time are with their connected gadgets whether for online classes or playing games. These internet-enabled devices are open to numerous security threats and with a massive usage, the risk of getting affected excels that needs to completely look after by the parents. This article helps the parents in keeping their children safe and secure over the cyberspace.

Performance Evaluation of Recurrent Neural Networks for Short-Term Investment Decision in Stock Market
Springer Nature - International Conference on Advanced Communication and Networking ACN 2019: Applied Soft Computing and Communication Networks
December 18, 2019

This paper proposes the development of a solution to support decision making in the purchase and sale of stocks from the application of machine learning techniques. For this purpose, the performance of a recurrent neural network architecture, also known as long short-term memory (LSTM), was evaluated concerning its efficiency in the short-term prediction. The generated models were evaluated based on the root-mean-square error and mean absolute percentage error metrics. Results show the LSTM algorithm was capable of predicting stock prices with a low error approximately.

A Mobile Health System to Empower Healthcare Services in Remote Regions
IEEE - 2019 IEEE International Conference on E-health Networking, Application & Services (HealthCom)
October 14, 2019

The main objective of this paper is the development and Quality of Experience (QoE) evaluation of a mHealth solution for healthcare professionals in remote areas. The system architecture is based on a Service Oriented Architecture (SOA). Android OS was chosen for developing the application, mainly, due to its open source APIs and the vast diversity of covered mobile devices. The system was evaluated and demonstrated in a real pilot in cooperation with a healthcare institution involving 42 patients and 4 healthcare professionals. A total of 294 patients evaluated the solution. Hardware issues, such as network disconnection and energy issues were reported in 4% of all the cases. This system reduced significantly care costs lessen the need for physical contact between patient and physician.

A Framework to Determine Applications’ Authenticity
Elsevier B.V. Procedia Computer Science - The 16th International Conference on Mobile Systems and Pervasive Computing (MobiSPC 2019)
September 13, 2019

With the advancement in technology, the installation and usage of diverse applications and softwares on various Operating Systems (OS) have become a very common practice. Owing to technical flaws, misconfigurations, hidden vulnerabilities etc, these applications/ softwares are highly susceptible to cyber-attacks. The installation of such applications on critical systems may compromise the security of the systems as well as the resident data. Numerous standards and guidelines already exist that help determine the authenticity of software applications, but they are very specific to an OS or a single point of check. Furthermore, the tools, available in this regard, are used to target a very specific issue while others are not freely available. This research work, after the critical analysis of such frameworks and tools, proposes an integrated framework to check the application’s authenticity before its installation. It covers the aspects of confidentiality, integrity, availability and authentication. This is a general framework for all kinds of organizations, but critical organizations with high security objectives specifically, may use this framework to increase their security. The framework has been applied and validated on data sets of six PDF readers, taken from "CVE Details".

Windows Monitoring and Control for Smart Homes based on Internet of Things
IEEE 2019 4th International Conference on Smart and Sustainable Technologies (SpliTech)
June 18, 2019

This paper introduces a system of automated and sensor-monitored smart windows for smart home scenarios following an IoT-enabled approach. In the proposed solution, windows can be remotely controlled through a mobile app or via Web, or operate automatically according to the environmental data obtained by the sensors and predefined by users. This solution is evaluated, demonstrated, and validated, and it is ready for use.

Smart food security system using iot and big data analytics
Springer Nature - 16th International Conference on Information Technology-New Generations (ITNG 2019)
May 23, 2019

The agriculture sector is facing major challenges to enhance production in a situation of dwindling natural resources. The growing demand for agricultural products, however, also offers opportunities for producers to sustain, improve productivity and reduce waste in the supply chain. Recent advancements in information and communication technologies (ICT) show promise in addressing these challenges. This paper proposes food security architecture for agricultural supply chain efficiency using ICT tools such as Internet of Things and Big Data analytics. To avoid loss in agriculture, a food security architecture is developed through Smart Agribusiness Supply Chain Management System is developed in this paper. This can result in uplifting the livelihoods of the rural poor through the enhancement of agribusiness.

Forensic Analysis of LinkedIn’s Desktop Application on Windows 10 OS
Springer Nature - 16th International Conference on Information Technology-New Generations (ITNG 2019)
May 23, 2019

The convenient and cheap access to mobile phones and laptops have significantly increased the use of interactive applications over the past couple of years. However, this has posed various threats to legitimate users in terms of sensitive data disclosure, if their device gets lost, compromised or stolen. This study focuses on the forensic analysis of Windows AppStore applications with special focus on LinkedIn’s Desktop application; since it is one of the most downloaded applications from Windows AppStore. The paper first provides a systematic literature review of the existing digital forensic analysis techniques and highlights their weaknesses. A comprehensive novel methodology for manual forensic analysis of Windows App Store application on Windows 10 Operating System (OS) has also been proposed. For experimentation purpose, LinkedIn’s desktop application has been targeted. The research considers all kinds of scenarios such as logged in users, logged out users and intentional data deletion etc. It is finally concluded that from the viewpoint of application forensic analysis, the live, storage and registry analysis, all hold equal importance.

Cloud of Things for Healthcare: A Survey from Energy Efficiency Perspective
IEEE 2019 International Conference on Computer and Information Sciences (ICCIS)
April 03, 2019

This paper surveys CoT architectures, platforms and the application of CoT in the context of healthcare. Moreover, the paper mainly emphasizes on investigating and discussing the most relevant energy efficiency proposals. The investigation of such works reveals that further efforts are still required to obtain energy-efficient CoT architectures, particularly in healthcare, in which the tradeoffs between energy efficiency, delay, and quality of service is considered.

A bio-inspired secure IPv6 communication protocol for Internet of Things
IEEE 2017 Eleventh International Conference on Sensing Technology (ICST), Sydney, Australia
December 06, 2017

The Internet of Things (IoT) with a direct internet connectivity for global access is one of the promising technologies for future communication systems. The Internet Protocol version 6 (IPv6) based routing protocols that are currently available for IoT are prone to various vulnerabilities. Hence, the Personally Identifiable Information (PII) stored and/or communicated in IoT can easily be compromised. In this paper, we propose a Bio-inspired Secure IPv6 Communication Protocol (BSCoP) for IoT. We have enhanced the IPv6 Routing Protocol for Low-Power and Lossy Networks (RFC 6550) by incorporating a classification algorithm inspired by the Artificial Immune System (AIS). The AIS-based algorithm works by detecting the routing behavior of the communicating nodes in the local routing tables and classify the misbehaving nodes as non-self. With the help of the classification algorithm, we can detect excessive broadcasts and isolate them to improve power and transmission rates of the transmitted packets in a cluster of IoT nodes. The detailed experimental results show the promising performance of the proposed protocol while offering the security desired in cyberspace in terms of energy consumption and data packet rate.

Empirical Studies of ECG Multiple Fiducial-points Based Binary Sequence Generation (MFBSG) algorithm in E-Health Sensor Platform
IEEE 2016 IEEE 41st Conference on Local Computer Networks Workshops (LCN Workshops)
November 10, 2016

In this paper, the Arduino Uno based e-Health Sensor Platform V2.0 by Libelium is enhanced with the ECG Multiple Fiducial-points based Binary Sequence Generation (MFBSG) algorithm to secure wireless sensors within Wireless Body Area Networks (WBANs). The eHealth kit includes biometric and other medical related functionalities to monitor the human body conditions by utilizing 10 different sensors that includes electrocardiogram (ECG). Therefore, MF-BSG algorithm generates secret keys for encryption, decryption and authentication purposes. Furthermore, we have analyzed the performance of the enhanced version of the toolkit and compared it with the Enhanced Very Fast Decision Tree (EVFDT) mechanism based health care systems in terms attack detection accuracy. The results confirm that the monitored data is transferred to the required destination in a more accurate and secure manner as compared to previous algorithms.

Reliability analysis of healthcare information systems: State of the art and future directions
2015 17th International Conference on E-health Networking, Application & Services (IEEE HealthCom)
April 19, 2016

Testing and verification of healthcare information systems is a challenging and important issue since faults in these critical systems may lead to loss of lives, and in the best cases, loss of money and reputations. However, due to the complexity of these systems, and the increasing demand for new products and new technologies in this domain, there are several methods and technologies being used for testing these systems. In this paper, we review the state of the art on testing and verification of healthcare information systems, and then we identify several open issues and challenges in the area. We divide the exiting methods into three categories: simulation based methods, formal methods, and other techniques such as semi-formal methods. Then, we discuss challenging and open issues in the domain.

On resilience of Wireless Mesh routing protocol against DoS attacks in IoT-based ambient assisted living applications
2015 17th International Conference on E-health Networking, Application & Services (HealthCom)
April 19, 2016

The future of ambient assisted living (AAL) especially eHealthcare almost depends on the smart objects that are part of the Internet of things (IoT). In our AAL scenario, these objects collect and transfer real-time information about the patients to the hospital server with the help of Wireless Mesh Network (WMN). Due to the multi-hop nature of mesh networks, it is possible for an adversary to reroute the network traffic via many denial of service (DoS) attacks, and hence affect the correct functionality of the mesh routing protocol. In this paper, based on a comparative study, we choose the most suitable secure mesh routing protocol for IoT-based AAL applications. Then, we analyze the resilience of this protocol against DoS attacks. Focusing on the hello flooding attack, the protocol is simulated and analyzed in terms of data packet delivery ratio, delay, and throughput. Simulation results show that the chosen protocol is totally resilient against DoS attack and can be one of the best candidates for secure routing in IoT-based AAL applications.

An Intelligent Information Security Mechanism for the Network Layer of WSN: BIOSARP
Springer Berlin/Heidelberg - Computational Intelligence in Security for Information Systems
June 08, 2011

In multihop wireless sensor network (WSN) users or nodes are constantly entering and leaving the network. Classical techniques for network management and control are not conceived to efficiently face such challenges. New mechanisms are required, to work in a self-organized manner. The techniques found in nature promises WSN, to self-adapt the environmental changes and also self-protect itself from the malicious stuff. This paper introduces a biological inspired secure autonomous routing protocol (BIOSARP). The self-optimized routing protocol is enhanced with an Artificial Immune System (AIS) based autonomous security mechanism. It enhances WSN in securing itself from the abnormalities and most common WSN routing attacks. NS2 based simulation analysis and results of BIOSARP are presented. The comparison of proposed intelligent protocol with SAID and SRTLD security mechanisms for WSN is further exhibited, in terms of processing time and energy consumption.

Biological Inspired Autonomously Secure Mechanism for Wireless Sensor Networks
Auerbach Pub - Biological Inspired Autonomously Secure Mechanism for Wireless Sensor Networks
October 15, 2010

Wireless communication plays an important role in these days in the sector of telecommunication and has huge importance for future research. There has been an exponential growth in wireless communication due to the development of different devices and applications. In addition, there is an explosive increase in integration and convergence of different heterogonous wireless networks to ensure effective and efficient communication. These technologies primarily includes Wireless Wide Area Networks (WWANs), Wireless Local Area Networks (WLANs), Wireless Personal Area Networks (WPANs), and the Internet. The cellular networks can be classified under the WWAN, Bluetooth, and Ultrawide Bands classified as WPANs, and finally the WLANs and High-Performance Radio Local Area Networks (HiperLANs) belongs to the WLAN class.

A Hierarchical Model to Evaluate the Quality of Web-Based E-Learning Systems
MDPI AG - Sustainability Journal
May 15, 2020

This study focused on the identification and prioritization of factors related to the design quality of e-learning systems through a hierarchical quality model. Thus, firstly, an extensive literature review was conducted to identify the factors that most affect the quality of web-based e-learning systems. Secondly, among the identified factors, only those with the most significant effect were considered. To identify the most important quality criteria, a survey was conducted. An instrument was deployed among 157 subjects, including e-learning designers, developers, students, teachers, and educational administrators. Finally, a second instrument was distributed among 51 participants to make a pairwise comparison among the criteria and rank them according to their relative importance. The identified and prioritized factors were classified into four main categories. Among these four factors, content was identified as the most important factor, whereas design was found to be the least important factor.

Computational Learning Approaches for Personalized Pregnancy Care
IEEE Network Journal
April 02, 2020

This study focused on the identification and prioritization of factors related to the design quality of e-learning systems through a hierarchical quality model. Thus, firstly, an extensive literature review was conducted to identify the factors that most affect the quality of web-based e-learning systems. Secondly, among the identified factors, only those with the most significant effect were considered. To identify the most important quality criteria, a survey was conducted. An instrument was deployed among 157 subjects, including e-learning designers, developers, students, teachers, and educational administrators. Finally, a second instrument was distributed among 51 participants to make a pairwise comparison among the criteria and rank them according to their relative importance. The identified and prioritized factors were classified into four main categories. Among these four factors, the content was identified as the most important factor, whereas design was found to be the least important factor.

PSSCC: Provably secure communication framework for crowdsourced industrial Internet of Things environments
Software: Practice and Experience Journal
March 31, 2020

This paper proposes an identity‐based signcryption scheme. In the proposed PSSCC framework, the user does pairing free computation during signcryption, which makes efficient calculation on user‐side. Moreover, PSSCC framework is proved secure under modified bilinear Diffie‐Hellman inversion and modified bilinear strong Diffie‐Hellman problems. The performance analysis of PSSCC with related schemes indicates that the proposed system supports efficient communication along with less computation cost.

A microservice recommendation mechanism based on mobile architecture
Journal of Network and Computer Applications
December 20, 2019

This paper, a recommendation mechanism of mobile social network service based on user trajectory, trust network and collaborative filtering algorithm is proposed. The user trajectory prediction model based on Generative Adversarial Network (GAN) is introduced into the process of service recommendation, and combined with trust degree to constitute the 3D service recommendation model of user-service-trajectory prediction. This method improves the accuracy and reliability of service recommendation and avoids the blindness and randomness of service recommendation. The simulation experiments show that the service recommendation algorithm has higher accuracy than the traditional collaborative filtering algorithm.

Machine learning and decision support system on credit scoring
Springer Nature - Neural Computing and Applications
October 24, 2019

This paper leads an initial study of collateral as a variable in the calculation of the credit scoring. The study concludes that the two models make modelling of uncertainty in the credit scoring process possible. Although more difficult to implement, fuzzy logic is more accurate for modelling the uncertainty. However, the decision tree model is more favourable to the presentation of the problem.

MARC: A Novel Framework for Detecting MITM Attacks in eHealthcare BLE Systems
Journal of Medical Systems
October 16, 2019

This research paper presents a novel framework named MARC to detect, analyze, and mitigate Bluetooth security flaws while focusing upon MITM attack against NiNo devices. For this purpose, a comprehensive solution has been proposed, which can detect MITM signatures based upon four novel anomaly detection metrics: analyzing Malicious scan requests, Advertisement intervals, RSSI levels, and Cloned node addresses. The proposed solution has been evaluated through practical implementation and demonstration of different attack scenarios, which show promising results concerning accurate and efficient detection of MITM attacks.

Classification Methods Applied to Credit Scoring With Collateral
IEEE Systems Journal
September 10, 2019

Credit operations are indispensable in the organizational development of financial institutions. However, misconduct in these operations occurs, and this can lead to financial loss. These consequences are caused by incorrectly granting credit or incorrectly assigning customer ratings and can compromise a credit portfolio. The result shows that the support vector machine is the most commonly used classifier for credit scores, and while the system performs well, it does not apply approaches with collateral. The analysis includes 84 studies in this article to propose using the statistical methodology to conduct a meta-analysis to compare the results of classification methods. It shows some cases that consider various probability distributions and also survival data. It also elaborates that collateral is not the first approach for credit scoring. The credit scoring system can then give several starting credit scores according to the classifier the user wants to use.

Improving the Performance of LOADng Routing Protocol in Mobile IoT Scenarios
IEEE Access
August 02, 2019

This paper proposes a novel solution to enhance the performance of LOADng in mobile IoT networks. The improved version, LOADng-IoT-Mob, introduces a mechanism that permits nodes to be aware of the availability of their neighbors through the harnessing of control messages. As a result, these nodes can shorten paths and avoid sending data packets through broken routes due to the movement of the nodes. Additionally, a short periodical control message is introduced, allowing the nodes to update their routing table, even with a low control message frequency. Furthermore, a new routing metric is proposed for creating routes based on the reliability of the link and proximity of the neighboring nodes. Finally, through computational simulations, the performance of the LOADng-IoT-Mob is studied under multiple scenarios varying the network size, the number of mobile devices, and maximum nodes' speed. The results obtained demonstrate the efficiency of the proposed solution in terms of packet delivery ratio, latency, and power and overhead efficiency, with a slight increase in memory consumption.

Security and privacy based access control model for internet of connected vehicles
Elsevier B.V. Journal - Future Generation Computer Systems
August 01, 2019

Propose a novel security and privacy based access control (SPBAC) model for the Internet of connected vehicles (IoCV), which allows security officials to access information in combination with permissions and roles, instead of roles only, for officials traveling in vehicles belonging to the same fleet. Vehicle-to-vehicle communication is performed with the aid of onboard unit sensory devices. The vehicles can also communicate through wireless technology, namely WiFi and cellular communications (4G/5G). The SPBAC model provides communication among security layers in a secure, private, and efficient manner compared to other state-of-the-art algorithms. The SPBAC model is demonstrated here using mathematical modeling along with implementation examples.

Performance evaluation of a Fog-assisted IoT solution for e-Health applications
Elsevier B.V. Journal - Future Generation Computer Systems
August 01, 2019

This work studies the contribution of the Fog Computing paradigm applied to healthcare, highlighting its main benefits regarding latency, network usage, and power consumption. Based on these parameters, a Fog-assisted health monitoring system is proposed and its performance evaluation and demonstration is carried out. The results demonstrates the potential enhancement of this approach to minimise data traffic in the core of the network because data is analysed locally and, also, enhancing security on health information that can be kept locally, enhancing data security and providing better insights of patient’s health status.

A mutual exclusion algorithm for flying Ad Hoc networks
Elsevier B.V. Journal - Computers & Electrical Engineering
June 01, 2019

Mutual exclusion (ME) is a highly researched problem in distributed computing systems. In the mutual exclusion problem, no two nodes can use critical resource simultaneously. Numerous protocols have been proposed for various types of static as well as mobile distributed systems, namely, Mobile Ad Hoc Networks (MANET), Vehicular Ad Hoc Networks (VANET) and cellular networks. The flying ad hoc networks (FANET) is an interesting variant of distributed systems and, to the best of our knowledge, no protocol exists in the literature for mutual exclusion in FANETs. In FANETs, the critical resource is mounted on an unmanned aerial vehicle (UAV) and user nodes are assumed in the transmission range of the UAV. Ours is the first algorithm to ensure ME in FANETs. The algorithm is token-based and we name it Mobile Resource Mutual Exclusion (MRME) algorithm. Unlike other ad hoc networks, due to swift mobility of nodes as well as resource, the FANETs topology is highly dynamic and fault prone. The MRME algorithm handles it successfully. Further, we present the correctness proof, complexity analysis and simulation results. The worst-case complexity of MRME is O(n) and synchronization delay is T, where T is message propagation delay.

Cybersecurity and privacy issues for socially integrated mobile healthcare applications operating in a multi-cloud environment
SAGE Journal - Health Informatics Journal
June 01, 2019

Social media has enabled information-sharing across massively large networks of people without spending much financial resources and time that are otherwise required in the print and electronic media. Mobile-based social media applications have overwhelmingly changed the information-sharing perspective. However, with the advent of such applications at an unprecedented scale, the privacy of the information is compromised to a larger extent if breach mitigation is not adequate. Since healthcare applications are also being developed for mobile devices so that they also benefit from the power of social media, cybersecurity privacy concerns for such sensitive applications have become critical. This article discusses the architecture of a typical mobile healthcare application, in which customized privacy levels are defined for the individuals participating in the system. It then elaborates on how the communication across a social network in a multi-cloud environment can be made more secure and private, especially for healthcare applications.

Postpartum depression prediction through pregnancy data analysis for emotion-aware smart systems
Elsevier B.V. Journal - Information Fusion
May 01, 2019

Emotion-aware computing represents an evolution in machine learning enabling systems and devices process to interpret emotional data to recognize human behavior changes. As emotion-aware smart systems evolve, there is an enormous potential for increasing the use of specialized devices that can anticipate life-threatening conditions facilitating an early response model for health complications. At the same time, applications developed for diagnostic and therapy services can support conditions recognition (as depression, for instance). Hence, this paper proposes an improved algorithm for emotion-aware smart systems, capable for predicting the risk of postpartum depression in women suffering from hypertensive disorders during pregnancy through biomedical and sociodemographic data analysis. Results show that ensemble classifiers represent a leading solution concerning predicting psychological disorders related to pregnancy. Merging novel technologies based on IoT, cloud computing, and big data analytics represent a considerable advance in monitoring complex diseases for emotion-aware computing, such as postpartum depression.

Automated electronic approaches for detecting disease vectors mosquitoes through the wing-beat frequency
Elsevier B.V. Journal - Journal of Cleaner Production
April 20, 2019

The knowledge of flying insects wing-beat acoustical properties supported the progress of sensing disease vectors mosquitoes in free flight. The classification of individual flying insects species' through wing-beat frequencies and respective harmonics is the principle of frequency spectrum analysis method both in acoustical and optical sensors approaches for disease vectors mosquitoes. Investigations based on acoustic devices, microphones, amplifiers, and recorders have produced extensive scientific contributions to behavioral and biological insects’ knowledge. Moreover, the researches based on acoustical approach are accountable for the massive available database on flying insects species and gender classification. However, it was the advent of the optical sensing approach for flying insects detection that allowed sensor devices to become smaller, cheaper, faster, self-triggered, and further reliable and energy efficient. These benefits enabled the state of the art on mosquitoes monitoring to move towards smarter devices that automatically process data and have greater autonomy in inaccessible locations. Consequently, it becomes plausible to break geographic, economic and social boundaries for the flying insects sensing, allowing the ubiquitous monitoring of disease-vector mosquito populations. This paper reviews the related literature on automated electronic approaches for disease vectors mosquitoes monitoring and identifies open issues and opportunities for further researches in expanding scenarios considering new data processing and emerging transmission technologies.

M4DN. IoT-A Networks and Devices Management Platform for Internet of Things
IEEE Access
April 04, 2019

Connected objects to the Internet (computers, sensors, smartphones, and smart watches) are the part of daily life and their interconnection performs the Internet of Things (IoT) vision. IoT solutions are used in various domains, such as healthcare, industry, agriculture, and cities. IoT networks are often characterized by resource-constrained devices and sometimes deployed in hard to reach areas. In addition, an IoT network landscape may include a large number of heterogeneous devices. All these factors drive the need for adapted management solutions for IoT devices and networks. In order to guarantee the better use of IoT networks, effective and automatic management is necessary. This paper studies different solutions for IoT networks and devices management identifying their characteristics and technical challenges. Important requirements like security, context-aware, and a standard model for messages exchange have not been completely explored. Thus, these most relevant features are used to propose and deploy a new IoT management platform with a friendly user's interface, called management for devices and networks in IoT (M4DN.IoT). The solution is evaluated, demonstrated, validated, and it is under use.

Misty clouds—A layered cloud platform for online user anonymity in Social Internet of Things
Elsevier B.V. Journal - Future Generation Computer Systems
March 01, 2019

Online services typically collect data that are explicitly provided by users and metadata that are implicitly inferred from users’ activity patterns. The proclaimed goal of metadata collection is to support the quality of service, thus enhancing the Social Internet of Things (SIoT). To most users, it is not obvious that metadata express people’s lives to a large degree. Traditionally, security has focused on protecting communication content rather than the metadata associated with it. This provides a thin layer of privacy protection. Thus, a demand exists for privacy-preserving technologies that prevent metadata collection and aggregation. This paper focuses on a service’s ability to observe communication metadata that can be exploited to learn users’ identities and behavior patterns. Thus, a novel system, Misty Clouds, is proposed as a platform for creating anonymous Internet connections to address both security and performance issues. The performance evaluation shows that the desired level of anonymity can be achieved with tolerable performance overheads. Through a comparison analysis, it is shown that the new algorithm outperforms an existing algorithm, Tor. Additionally, the features that can facilitate the growth of Misty Clouds into a holistic privacy-preserving platform are discussed. Furthermore, a user survey was conducted to study users’ perceptions and attitudes.

LOADng-IoT: an enhanced routing protocol for internet of things applications over low power networks
MDPI - Sensors
January 03, 2019

The Internet of Things (IoT) is an emerging paradigm that proposes the connection of objects to exchange information in order to reach a common objective. In IoT networks, it is expected that the nodes will exchange data between each other and with external Internet services. However, due to deployment costs, not all the network devices are able to communicate with the Internet directly. Thus, other network nodes should use Internet-connected nodes as a gateway to forward messages to Internet services. Considering the fact that main routing protocols for low-power networks are not able to reach suitable performance in the displayed IoT environment, this work presents an enhancement to the Lightweight On-demand Ad hoc Distance-vector Routing Protocol—Next Generation (LOADng) for IoT scenarios. The proposal, named LOADng-IoT, is based on three improvements that will allow the nodes to find Internet-connected nodes autonomously and dynamically, decreasing the control message overhead required for the route construction, and reducing the loss of data messages directed to the Internet. Based on the performed assessment study, which considered several number of nodes in dense, sparse, and mobility scenarios, the proposed approach is able to present significant results in metrics related to quality-of-service, reliability, and energy efficiency.

A Critical Analysis of Mobility Management Related Issues of Wireless Sensor Networks in Cyber Physical Systems
IEEE Access
March 06, 2018

Mobility management has been a long-standing issue in mobile wireless sensor networks and especially in the context of cyber physical systems; its implications are immense. This paper presents a critical analysis of the current approaches to mobility management by evaluating them against a set of criteria which are essentially inherent characteristics of such systems on which these approaches are expected to provide acceptable performance. We summarize these characteristics by using a quadruple set of metrics. Additionally, using this set we classify the various approaches to mobility management that are discussed in this paper. Finally, the paper concludes by reviewing the main findings and providing suggestions that will be helpful to guide future research efforts in the area.

Privacy preservation in e-healthcare environments: State of the art and future directions
IEEE Access
October 30, 2017

e-Healthcare promises to be the next big wave in healthcare. It offers all the advantages and benefits imaginable by both the patient and the user. However, current e-Healthcare systems are not yet fully developed and mature, and thus lack the degree of confidentiality, integrity, privacy, and user trust necessary to be widely implemented. Two primary aspects of any operational healthcare enterprise are the quality of healthcare services and patient trust over the healthcare enterprise. Trust is intertwined with issues like confidentiality, integrity, accountability, authenticity, identity, and data management, to name a few. Privacy remains one of the biggest obstacles to ensuring the success of e-Healthcare solutions in winning patient trust as it indirectly covers most security concerns. Addressing privacy concerns requires addressing security issues like access control, authentication, non-repudiation, and accountability, without which end-to-end privacy cannot be ensured. Achieving privacy from the point of data collection in wireless sensor networks, to incorporating the Internet of Things, to communication links, and to data storage and access, is a huge undertaking and requires extensive work. Privacy requirements are further compounded by the fact that the data handled in an enterprise are of an extremely personal and private nature, and its mismanagement, either intentionally or unintentionally, could seriously hurt both the patient and future prospects of an e-Healthcare enterprise. Research carried out in order to address privacy concerns is not homogenous in nature. It focuses on the failure of certain parts of the e-Healthcare enterprise to fully address all aspects of privacy. In the middle of this ongoing research and implementation, a gradual shift has occurred, moving e-Healthcare enterprise controls away from an organizational level toward the level of patients. This is intended to give patients more control and authority over decision making regarding their protected health information/electronic health record. A lot of works and efforts are necessary in order to better assess the feasibility of this major shift in e-Healthcare enterprises. Existing research can be naturally divided on the basis of techniques used. These include data anonymization/pseudonymization and access control mechanisms primarily for stored data privacy. This, however, results in giving a back seat to certain privacy requirements (accountability, integrity, non-repudiation, and identity management). This paper reviews research carried out in this regard and explores whether this research offers any possible solutions to either patient privacy requirements for e-Healthcare or possibilities for addressing the (technical as well as psychological) privacy concerns of the users.

Secure Sensors Data Acquisition and Communication Protection in eHealthcare: Review on the State of the Art
Elsevier B.V. Journal - Telematics and Informatics
August 17, 2017

Recent advances in hardware technology have led to the development of low cost, power efficient and more feature rich devices that are amongst the most critical parts of communication networks. These devices or sensors can now sense data with more accuracy, process it by themselves, and send it to the neighboring node or the sink node. However, robust and reliable security mechanisms are not yet properly implemented on these sensors due to their limited energy and computation power. Sensors also play a very important role in eHealthcare systems where ubiquitous patient monitoring is performed. As data is generated from the sensor nodes, reliable, secure and attack-resistant data acquisition and transmission is important for an efficient eHealthcare systems. This survey focuses on security issues of sensors data acquisition and transmission protocols, describing their main security features and comparing them in the context of a secure eHealthcare system. A taxonomy of open issues and future challenges is also discussed with respect to specific security metrics described in the paper.

Ideas and challenges for securing wireless implantable medical devices: A review
IEEE Sensors Journal
December 01, 2016

Implantable medical devices (IMDs) are normally used for monitoring and treating various medical conditions. These days, wireless modules have become an intrinsic part of many modern IMDs. So, doctors can use device programmers wirelessly to configure parameters in the IMDs. However, such a wireless technology exposes the IMDs to security attacks. In this paper, we analyze potential threats faced by the IMDs and discuss security solutions proposed in the existing literature to counter these threats. Securing an IMD involves three design tradeoffs that require a careful consideration. The first one is security versus accessibility in an emergency situation. We compare the IMD security schemes in the literature in terms of their merits and disadvantages. The second one is the tradeoff between the security schemes for supporting emergency access and those for supporting normal check-up access to the IMDs. This normal check-up access to the IMDs should avoid extra resource consumptions, which is different from the requirement in the emergency access. The third one is between the requirements of strong security and limited resources. The IMD, as a tiny wireless device used for medical purposes, has very limited resources when compared with a generic wireless sensor device/node. We analyze various schemes that aim to conserve the underlying resources of an IMD and also counter battery denial of service attacks from different perspectives. Based on the literature review, we analyze general concerns in the IMD security design from the system engineering point of view, and discuss possible future research directions.

Intelligent Personal Assistants Based on Internet of Things Approaches
IEEE Systems Journal
May 19, 2016

The Internet has emerged as a key network to make information accessible quickly and easily, revolutionizing how people communicate and interact with the world. The information available on the Internet about a given subject may be extensive, allowing the development of new solutions to solve people's day-to-day problems. One such solution is the proposal of intelligent personal assistants (IPAs), which are software agents that can assist people in many of their daily activities. IPAs are capable of accessing information from databases to guide people through different tasks, deploying a learning mechanism to acquire new information on user performance. IPAs can improve the assistance they offer to users by collecting information autonomously from objects that are available in the surrounding environment. To make this idea feasible, IPAs could be integrated into ubiquitous computing environments in an Internet of Things (IoT) context. Therefore, it is necessary to integrate wireless sensor networks with the Internet properly, considering many different factors, such as the heterogeneity of objects and the diversity of communication protocols and enabling technologies. This approach fulfills the IoT vision. This paper surveys the current state of the art of IoT protocols, IPAs in general, and IPAs based on IoTs.

Cloud-assisted IoT-based SCADA systems security: A review of the state of the art and future challenges
IEEE Access
March 31, 2016

Industrial systems always prefer to reduce their operational expenses. To support such reductions, they need solutions that are capable of providing stability, fault tolerance, and flexibility. One such solution for industrial systems is cyber physical system (CPS) integration with the Internet of Things (IoT) utilizing cloud computing services. These CPSs can be considered as smart industrial systems, with their most prevalent applications in smart transportation, smart grids, smart medical and eHealthcare systems, and many more. These industrial CPSs mostly utilize supervisory control and data acquisition (SCADA) systems to control and monitor their critical infrastructure (CI). For example, WebSCADA is an application used for smart medical technologies, making improved patient monitoring and more timely decisions possible. The focus of the study presented in this paper is to highlight the security challenges that the industrial SCADA systems face in an IoT-cloud environment. Classical SCADA systems are already lacking in proper security measures; however, with the integration of complex new architectures for the future Internet based on the concepts of IoT, cloud computing, mobile wireless sensor networks, and so on, there are large issues at stakes in the security and deployment of these classical systems. Therefore, the integration of these future Internet concepts needs more research effort. This paper, along with highlighting the security challenges of these CI's, also provides the existing best practices and recommendations for improving and maintaining security. Finally, this paper briefly describes future research directions to secure these critical CPSs and help the research community in identifying the research gaps in this regard.

An IoT-based mobile gateway for intelligent personal assistants on mobile health environments
Journal of Network and Computer Applications
March 24, 2016

The evolution of mobile devices has triggered the appearance of intelligent personal assistants (IPAs). IPAs are software agents used to support users to fulfill several daily actions. They are supposed to be intelligent in such a way that allows them to give their owners advices about many different subjects. To do so, IPAs must learn about their user behavior and routines. With the current state of the art technologies, scenarios of ubiquitous communication can be created. One of the potential enablers for those scenarios is the Internet of Things (IoT) paradigm where machines with decision support systems interact and communicate among them. In an IoT environment, IPAs can interact with other smart objects in order to gain new knowledge and awareness about their users. This paper proposes a novel IoT-based mobile gateway solution for mobile health (m-Health) scenarios. This gateway autonomously collects information about the user/patient location, heart rate, and possible fall detection. Moreover, it forwards the collected information to a caretaker IPA, in real time, that will manage a set of actions and alarms appropriately. The algorithms used for each mobile gateway service, and the scenarios where the mobile gateway acts as a communication channel or a smart object are also addressed on this paper.

Multiple ECG Fiducial Points based Random Binary Sequence Generation for Securing Wireless Body Area Networks
IEEE Journal of Biomedical and Health Informatics
March 24, 2016

Generating random binary sequences (BSes) is a fundamental requirement in cryptography. A BS is a sequence of $N$ bits, and each bit has a value of 0 or 1. For securing sensors within wireless body area networks (WBANs), electrocardiogram (ECG)-based BS generation methods have been widely investigated in which interpulse intervals (IPIs) from each heartbeat cycle are processed to produce BSes. Using these IPI-based methods to generate a 128-bit BS in real time normally takes around half a minute. In order to improve the time efficiency of such methods, this paper presents an ECG multiple fiducial-points based binary sequence generation (MFBSG) algorithm. The technique of discrete wavelet transforms is employed to detect arrival time of these fiducial points, such as P, Q, R, S, and T peaks. Time intervals between them, including RR, RQ, RS, RP, and RT intervals, are then calculated based on this arrival time, and are used as ECG features to generate random BSes with low latency. According to our analysis on real ECG data, these ECG feature values exhibit the property of randomness and, thus, can be utilized to generate random BSes. Compared with the schemes that solely rely on IPIs to generate BSes, this MFBSG algorithm uses five feature values from one heart beat cycle, and can be up to five times faster than the solely IPI-based methods. So, it achieves a design goal of low latency. According to our analysis, the complexity of the algorithm is comparable to that of fast Fourier transforms. These randomly generated ECG BSes can be used as security keys for encryption or authentication in a WBAN system.

Securing Digitization in an Era of Unprecedented Cyber Threats
King Saud University
November 12, 2019

Center of Excellence in Information Assurance (CoEIA) King Saud University Professor, Dr. Kashif Saleem, participated as a Panelist Speaker for a panel discussion session titled "Securing Digitization in an Era of Unprecedented Cyber Threats” at Government DX Summit held on November 5-6, 2019 at Intercontinental Hotel in Riyadh, Kingdom of Saudi Arabia.

During discussion, Dr. Saleem highlighted major factors of cybersecurity awareness as well as Artificial Intelligence (AI) in Cybersecurity and stated, “AI is a huge topic and a kind of umbrella that contains numerous algorithms, some of them are nature-inspired and other are ideology based. These algorithms are developed to resolve specific problems and a number of such algorithms are combined together as a complete system. The system can handle cyber security, if it contains the algorithms that are meant to detect vulnerabilities and tackle cyber attacks.” In this regard, Dr. Saleem further said, “multi-million dollar funded research projects are in the drawers of the Kingdom's universities such as King Saud University, where the local market can heavily benefit from them by collaborating with the project investigators, who are ready to cooperate and collaborate”.

At the Intersection of Cybersecurity and the Internet of Things (IoT) in the GCC: is a secure IoT achievable?
Chatham House with Internet Society Middle East Bureau.
May 02, 2019

Kashif Saleem, Associate Professor, Center of Excellence in Information Assurance (CoEIA), King Saud University
Session 2
• Focus of presentation: The research and development challenges in IoT security from the perspective of Saudi Arabia.
• Presentation synopsis: Near future, we will be heavily surrounded by the internet of things (IoT). Daily jobs whether home or office becomes almost impossible without IoT assistance. At this moment, smart phone stores or share the information that we intend to, but IoT devices gathers and transfers in an autonomous manner. However, the intelligence to leverage the IoT capabilities without analysing security and privacy is extremely dangerous. In Saudi Arabia and other parts of gulf, the people are attracted and is massively deploying IoT devices to enable control and real time information at the fingertips. This open use without taking security precautions can cause severe damages at the individual and as well as at group level.

Session 4:IoT security initiatives in Saudi Arabia and the work of the CoEIA in combatting IoT security challenges

Cybersecurity R&D challenges in the Kingdom
King Saud University - Workshop on ‘Cybersecurity R&D Grand Challenges in the Kingdom’, 25, February 2019, King Saud University (KSU), Riyadh, Saudi A
February 28, 2019

A panel discussion session, in which prominent scientists from academia and industry discussed various cybersecurity R&D challenges to build solutions for securing the Kingdom’s cyberspace. The panel discussion was moderated by Dr.Kashif Saleem (CoEIA, KSU) and the panelists, Prof.Joel Rodrigues (Inatel, Brazil), Prof.Muhammad Khurram Khan (CoEIA, KSU), Dr. Loai Alomari (Innovative Solutions, KSA), and Dr. Ma Qiang (MIS KSU) enlightened the audience with their thoughts, experience and opinions from academia and as well as from industry side.

E-health, IoT and Cloud: standards, challenges and opportunities
IEEE Healthcom 2014
October 16, 2014

A patient may require the services of various healthcare providers (hospitals/clinics, physicians, dentists, optometrists, radiologists, cardiologists, pharmacists, insurance, etc.). Many different electronic systems might be used, such as modalities (MRI machines, etc.), information systems (such as hospital, radiology, lab, etc.) and disparate (communications) protocols and messaging formats (such as DICOM, HL7, etc. and various forms/interfaces of them) used by the devices and IS. How do we effectively and efficiently provide comprehensive and consolidated electronic health/medical/patient records (EHR) in the presence of such disparateness? What are the relevant standards at the core of e-health?
The domain of e-health is further expanded with telemedicine for long distance patient care over MAN/WAN and with personally wearable or mobile IoT (Internet of Things) devices for home-based or on-the-go (mobile) monitoring of vital data. Telemedicine and IoT require new generations of communication protocols, provisions for the service layer (e.g., as discussed by ITU-T Focus Group on M2M service layer) and interoperability guidelines (e.g., Recommendation ITU-T H.810 “Interoperability design guidelines for personal health systems”). In addition, they also add to distribution of EHR components. How do we address relevant issues?
The use of Cloud has become almost ubiquitous in everyday life. Many day-to-day activities of end users or enterprises and services related to those activities are served from somewhere in the Cloud over the network, public or private, Internet or intranet. The effectiveness of healthcare services can be greatly improved if e-health services are deployed in Clouds. While there are advantages and opportunities, there are also many Cloud related challenges that may add to challenges discussed above. It is also exacerbated by the lack of Cloud related standards at various layers of Cloud infrastructure and services. In addition, there should be some level of confluence of e-health and Cloud related standards. How do we address this?
Privacy and security are increasingly important concerns as well. The secure processing of personal data in the Cloud represents a huge challenge. Adoption of privacy-enhancing technologies to support such activities will depend upon the existence of uniform ways of handling personal data and on technical standards which can help to ensure compliance with legal and regulatory frameworks. How do we safeguard security and privacy for highly sensitive personal information, such as medical data, in a Cloud-based environment?

5G Communication Security for IoT Applications: Current Trends and Future Challenges​
Saudi Council of Engineers (SCE) - International Engineering Conference and Exhibition IECE in (Riyadh, Saudi Arabia) 2-5 March, 2020.
March 05, 2019

Share my viewpoint and research work on 5G Communication Security for IoT Applications
Presentation slides -> bit.ly/3gUbZvQ