Papers by Abdullah Almuhaideb
arXiv (Cornell University), Mar 29, 2010
The development of mobile devices (CPU, memory, and storage) and the introduction of mobile netwo... more The development of mobile devices (CPU, memory, and storage) and the introduction of mobile networks (Ad-Hoc, Wi-Fi, WiMAX, and 3.5G) have opened new opportunities for next generation of mobile services. It becomes more convenience and desirable for mobile internet users to be connected everywhere. However, ubiquitous mobile access connectivity faces interoperation issues between wireless network providers and wireless network technologies. Although mobile users would like to get as many services as possible while they travel, there is a lack of technology to identify visited users in current foreign network authentication systems. This challenge lies in the fact that a foreign network provider does not initially have the authentication credentials of a mobile user. Existing approaches use roaming agreement to exchange authentication information between home network and foreign network. This paper proposes a roaming agreement-less approach designed based on our ubiquitous mobile access model. Our approach consist of two tokens, Passport (identification token) and Visa (authorisation token) to provide the mobile user with a flexible authentication method to access foreign network services. The security analysis indicates that our proposal is more suitable for ubiquitous mobile communication especially in roaming agreement-less environment.
Machine learning model for predicting the length of stay in the intensive care unit for Covid-19 patients in the eastern province of Saudi Arabia
Informatics in Medicine Unlocked
The quick spread of the COVID-19 virus worldwide turns it into a global pandemic. Managing resour... more The quick spread of the COVID-19 virus worldwide turns it into a global pandemic. Managing resources is one of the biggest challenges that healthcare providers around the world face during the pandemic. Allocating the Intensive Care Unit (ICU) beds' capacity is important since COVID-19 is a respiratory disease and some patients need to be admitted to the hospital with an urgent need for oxygen support, ventilation, and/or intensive medical care. In the battle against COVID-19, many governments utilized technology, especially Artificial Intelligence (AI), to contain the pandemic and limit its hazardous effects. In this paper, Machine Learning models (ML) were developed to help in detecting the COVID-19 patientsā need for the ICU and the estimated duration of their stay. Four ML algorithms were utilized: Random Forest (RF), Gradient Boosting (GB), Extreme Gradient Boosting (XGBoost), and Ensemble models were trained and validated on a dataset of 895 COVID-19 patients admitted to King Fahad University hospital in the eastern province of Saudi Arabia. The conducted experiments show that the Length of Stay (LoS) in the ICU can be predicted with the highest accuracy by applying the RF model for prediction, as the achieved accuracy was 94.16%. In terms of the contributor factors to the length of stay in the ICU, correlation results showed that age, C-Reactive Protein (CRP), nasal oxygen support days are the top related factors. By searching the literature, there is no published work that used the Saudi Arabia dataset to predict the need for ICU with the number of days needed. This contribution is hoped to pave the path for hospitals and healthcare providers to manage their resources more efficiently and to help in saving lives.
The Security Risks Associated With IMEIs And Security Solutions
2019 2nd International Conference on Computer Applications & Information Security (ICCAIS), 2019
Technological advances in the mobile devices industry have made living more flexible and prospero... more Technological advances in the mobile devices industry have made living more flexible and prosperous. Anything can be done through smartphones that have become part of human life. However, the security risks associated with these devices, such as theft and counterfeit, are increasing, and their detection remains challenging for many reasons. For example, the International Mobile Equipment Identity (IMEI) is often manipulating after the crime to conceal and prevent the traceability of the device. In this paper, we present a comprehensive study of the proposed solutions to detect the fake IMEI number. Also, we describe the IMEI structure and clarify the areas from which it is used. In addition, we discuss the crimes associated with the IMEI change for the stolen devices.
I owe a great deal to Jeanne and Peter King for being my host family in Australia and providing a... more I owe a great deal to Jeanne and Peter King for being my host family in Australia and providing a home away from home. The friendship of Osamah Alshabieb, Waleed Alfehaid, Fehaid Algahtani, and the rest of my friends also helped make life enjoyable during the lonely journey towards a PhD. Last but not least, I wish to express my deepest gratitude to my beloved family; for their endless encouragement through the duration of my studies. I thank my wonderful parents, my father Mohammed and my mother Aljoharah, for their belief, prayers and unconditional support throughout everything. It is vii for them that I owe everything I am. I would like to give a special thank you to my lovely wife Moneerah for her care, patience, understanding and prayers to complete this research work. In addition, I would like to acknowledge my little cute and smart son Mohammed and daughter Aljoharah who brighten my every day. I also thank my brothers and my sisters for their love. Thank you all for letting me follow my dreams.
Applied Sciences, 2022
The Internet of Things (IoT) is an emerging field consisting of Internet-based globally connected... more The Internet of Things (IoT) is an emerging field consisting of Internet-based globally connected network architecture. A subset of IoT is the Internet of Healthcare Things (IoHT) that consists of smart healthcare devices having significant importance in monitoring, processing, storing, and transmitting sensitive information. It is experiencing novel challenges regarding data privacy protection. This article discusses different components of IoHT and categorizes various healthcare devices based on their functionality and deployment. This article highlights the possible points and reasons for data leakage, such as conflicts in laws, the use of sub-standard devices, lack of awareness, and the non-availability of dedicated local law enforcement agencies. This article draws attention to the escalating demand for a suitable regulatory framework and analyzes compliance problems of IoHT devices concerning healthcare data privacy and protection regulations. Furthermore, the article provides...
A strong smartphone authentication model to control cellular network access using blockchain
Wireless Networks, 2021
In an era that requests facilitating access to most services by providing the online platforms, t... more In an era that requests facilitating access to most services by providing the online platforms, the need to own a small electronic device is increasing. The smartphone is the ideal choice for most people due to its multifunctionality. On the other hand, the rate of physical crimes on these devices raised, especially theft and counterfeiting. As a solution to mitigate these crimes, stolen or counterfeit devices are prevented from connecting to the cellular network, but is this solution effective in mitigating the problem? To answer this question, this paper conducts a comprehensive survey on the current solutions tackled the smartphone theft or counterfeit issues, and it provides a taxonomy classify the current solutions into three categories: manufacturers solutions, cellular service provider solutions, and third-party solutions. The proposed smartphone authentication model for cellular network authentication utilizes the permissioned Blockchain network and consists of three protocols, which are smartphone registration protocol, ownership transfer protocol, and cellular network authentication protocol. In order to overcome the two serious physical crimes (theft and counterfeiting), the paper identifies five main requirements that must be met in any cellular network authentication approach, namely ability to detect counterfeit IMEI, ability to identify the device owner, ability to block the service on the stolen/lost devices, less processing time, and acceptable performance. The comparisons with related solutions showed that the proposed work meets all the requirements to mitigate smartphone theft and counterfeiting crimes.
Dynamic Interpretation Approaches for Information Security Risk Assessment
2019 International Conference on Computer and Information Sciences (ICCIS), 2019
Despite the benefits and convenience that are brought by technology, risks are also engulfed in t... more Despite the benefits and convenience that are brought by technology, risks are also engulfed in the use of technology. To foresee the probable risks, and come up with the appropriate countermeasures, a comprehensive examination of the mechanism of risk assessment we currently have is necessary. Therefore, in this paper, we present a comprehensive study of the current approaches for information security risk assessment. In addition, we discuss the three categories of the risk assessment approaches which are: qualitative, quantitative and hybrid. We also illustrate the advantages and limitations of each risk assessment category.
Computers, Materials & Continua, 2021
The Internet of Things (IoT) is where almost anything can be controlled and managed remotely by m... more The Internet of Things (IoT) is where almost anything can be controlled and managed remotely by means of sensors. Although the IoT evolution led to quality of life enhancement, many of its devices are insecure. The lack of robust key management systems, efficient identity authentication, low fault tolerance, and many other issues lead to IoT devices being easily targeted by attackers. In this paper we propose a new authentication protocol called Authenblue that improve the authentication process of IoT devices and Coordinators of Personal Area Network (CPANs) in an Industrial IoT (IIoT) environment. This study proposed Authenblue protocol as a new Blockchainbased authentication protocol. To enhance the authentication process and make it more secure, Authenblue modified the way of generating IIoT identifiers and the shared secret keys used by the IIoT devices to raise the efficiency of the authentication protocol. Authenblue enhance the authentication protocol that other models rely on by enhancing the approach used to generate the User Identifier (UI). The UI values changed from being static values, sensors MAC addresses, to be generated values in the inception phase. This approach makes the process of renewing the sensor keys more secure by renewing their UI values instead of changing the secret key. In this study, Authenblue has been simulated in the Network Simulator 3 (NS3). Simulation results show an improved performance compared to the related work.
IEEE Access, 2020
In the medical fields, wearable body area sensors network (WBAN) is playing a major role in maint... more In the medical fields, wearable body area sensors network (WBAN) is playing a major role in maintaining user health by providing convenience service for the patient and doctors. However, sensor data transmission in an insecure communication channel enables the attacker from tampering the sensor data, disguising as a legitimate user, or intercepting the forwarded packets from its unprotected sources. A wide variety of secure authentication schemes were proposed to improve the communicated channels' reliability in protecting the user data. Moreover, those schemes are lacking the guarding of nodes anonymity, key management, and size. Thence, we propose a lightweight WBAN authentication with two protocols P-I for authentication and P-II for re-authentication to protect the nodes anonymity and increase the efficiency. Furthermore, our scheme employed better key management with high randomness of the security parameters to provide higher protection as a trade-off between security and efficiency. The scheme formal proof for the key agreement and mutual authentication is conducted through (Burrows Abadi Nadeem) BAN logic.
Sensors, 2020
Wireless Healthcare Sensor Network (WHSN) is a benchmarking technology deployed to levitate the q... more Wireless Healthcare Sensor Network (WHSN) is a benchmarking technology deployed to levitate the quality of lives for the patients and doctors. WHSN systems must fit IEEE 802.15.6 standard for specific application criteria, unlike some standard criteria that are difficult to meet. Therefore, many security models were suggested to enhance the security of the WHSN and promote system performance. Yu and Park proposed a three-factor authentication scheme based on the smart card, biometric, and password, and their scheme can be easily employed in three-tier WHSN architecture. Furthermore, they claimed that their scheme can withstand guessing attack and provide anonymity, although, after cryptanalysis, we found that their scheme lacks both. Accordingly, we suggested a three-factor authentication scheme with better system confusion due to multiplex parametric features, hash function, and higher key size to increase the security and achieve anonymity for the connected nodes. Moreover, the sc...
Sustainability, 2020
Education is an important enabler for economic uplift of a society and academic institutions need... more Education is an important enabler for economic uplift of a society and academic institutions need to deliver quality education to equip students with required skills to excel in their professional careers. Due to international initiatives such as Washington and Seoul accords, outcome-based education has gained significant interest from industry, academia, governments, accreditation bodies and students. Outcome-based education is a paradigm shift form conventional education approach and its successful adoption requires sustainable quality practices by higher education institutions. Fostering quality assurance processes for outcome-based education requires careful planning and active collaboration among stakeholders. However, due to the sparse body of knowledge about quality processes in outcome-based education, many academic institutions rely on ad hoc practices, resulting in a trial and error approach. In this paper, we present set of guidelines which can help academic institutions ...
Journal of King Saud University - Computer and Information Sciences, 2020
This is a PDF file of an article that has undergone enhancements after acceptance, such as the ad... more This is a PDF file of an article that has undergone enhancements after acceptance, such as the addition of a cover page and metadata, and formatting for readability, but it is not yet the definitive version of record. This version will undergo additional copyediting, typesetting and review before it is published in its final form, but we are providing this version to give early visibility of the article. Please note that, during the production process, errors may be discovered which could affect the content, and all legal disclaimers that apply to the journal pertain.
International Journal of Information Security and Privacy, 2015
Mobile authentication is an essential service to ensure the security of engaging parties in a ubi... more Mobile authentication is an essential service to ensure the security of engaging parties in a ubiquitous wireless network environment. Several solutions have been proposed mainly based on both centralised and distributed authentication models to allow ubiquitous mobile access authentication; however, limitations still exist in these approaches, namely flexibility, security and performance issues and vulnerabilities. These shortcomings are influenced by the resource limitations of both wireless networks and the mobile devices together with inter-technology and inter-provider challenges. In this paper, the authors reviewed the major techniques in the field of ubiquitous mobile access authentication, which has attracted many researchers in the past decade. After investigating existing mobile authentication models and approaches, the common challenges are summarised to serve as the solution key requirements. The identified key solution requirements allow analysing and evaluating mobile ...
A Hybrid Mobile Authentication Model for Ubiquitous Networking
2015 IEEE Trustcom/BigDataSE/ISPA, 2015
The development in mobile devices and wireless technologies (e.g Cellular, Wi-Fi) has facilitated... more The development in mobile devices and wireless technologies (e.g Cellular, Wi-Fi) has facilitated a growth in mobile services. As mobile users are usually moving, roaming services are deployed to allow users to access foreign network services without being limited to the geographical coverage of their home networks. Several solutions have been proposed to allow ubiquitous mobile access authentication; however, limitations still exist in these approaches, such as performance issues and security vulnerabilities. In this paper a novel hybrid mobile authentication model is proposed, with its realisation through suitable protocols that combine the advantages of both distributed and centralised models. The proposed Passport and Visa tokens assist a foreign network in authenticating and authorising visiting mobile users. These tokens also offer a unique solution to achieving secure and efficient key management. Most importantly, the proposed solution provides an efficient technique, using recency evidence (a Passport Stamp), to tackle the problem of a user revocation status check. The security and performance analysis demonstrates that the proposed protocols efficiently ensure secure roaming, greatly enhance computation speed, and reduce communication costs.
Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, 2012
Ubiquitous connectivity faces interoperation issues between wireless network providers when authe... more Ubiquitous connectivity faces interoperation issues between wireless network providers when authenticating visiting users. This challenge lies in the fact that a foreign network provider does not initially have the authentication credentials of the mobile users. The existing approaches are based on roaming agreement to exchange authentication information between the home network and a foreign network. This paper proposes Passport/Visa approach that consists of two tokens: Passport (authentication token) and Visa (authorisation token), to provide a flexible authentication method for foreign networks to authenticate mobile users. Our approach can be used when there is no roaming agreement between foreign networks and the mobile user's home network. The security analysis indicates that our protocol is resistant to well-known attacks, ant it efficiently ensures the security for both mobile users and network providers. The performance analysis also demonstrated that the proposed protocol will greatly enhance computation, and communication cost.
A Novel Security Approach for Critical Information Systems: Preventing Flooding in the Non-authenticated Client Area Using a New Service from Local Network Service Providers
2010 11th ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing, 2010
Mohammed Alhabeeb, Saad Alsunbul, Abdullah Almuhaideb, Phu Dung Le and Bala Srinivasan School of ... more Mohammed Alhabeeb, Saad Alsunbul, Abdullah Almuhaideb, Phu Dung Le and Bala Srinivasan School of Information Technology, Monash University 900 Dandenong Road, Caulfield East, Victoria 3145, AUSTRALIA {maal11, sals7} @student.monash.edu.au { ...
Analysis of mobile authentication protocols by SVO logic
Proceedings of the First International Conference on Security of Internet of Things - SecurIT '12, 2012
ABSTRACT The next generation of mobile services makes it desirable for mobile users to be connect... more ABSTRACT The next generation of mobile services makes it desirable for mobile users to be connected everywhere. Since these users usually in the move, roaming services are deployed to allow mobile users to access foreign network services without being limited to the geographical coverage of their home networks. Several solutions have been proposed based on either two-party or three-party roaming structure to allow ubiquities mobile access authentication, however, limitations such as performance issues and security vulnerabilities still exist in these approaches. In this paper, we implemented a methodology for verifying authentication protocols based on SVO logic, which shows that our Passport/Visa protocols meet the desired authentication objectives and prove the protocols correctness. Moreover, we show that our proposal addresses existing limitations when compared to the other approaches.
A New Holistic Security Approach for Government Critical Systems: Flooding Prevention
Communications in Computer and Information Science, 2010
Flooding attack is a threat to services in the Internet. They can cause significant financial los... more Flooding attack is a threat to services in the Internet. They can cause significant financial losses. This paper presents a new holistic security approach which prevents flooding in the government critical systems. A new corporation with local service providers has been ...
2010 24th IEEE International Conference on Advanced Information Networking and Applications, 2010
The inherent limitations of mobile devices (MD) increase the gap between security and performance... more The inherent limitations of mobile devices (MD) increase the gap between security and performance, and this gap increases with the growing heterogeneity of computing environments. As we are moving to the 4G network and Mobile Internet, there will be a need to deliver an intelligence tradeoff between security and performance. The main aim of this paper is to identify challenges in MD research and to propose practical solution to maintain the balance between efficiency and protection to secure mobile communication. We propose a Dynamic Key Size (DKS) architecture which can be integrated into security protocols to provide an efficient and secure mobile communication. Applications are provided with an interface for selectively securing information at different levels of protection. Our architecture makes use of both the information sensitivity and MD capabilities performance levels classifications in making a decision for suitable algorithm key length. As a possible application, we outline the integration of DKS over SSL protocol to demonstrate the flexibility features that improves the protocol security performance.
Lecture Notes in Computer Science, 2010
Rapid developments in wireless technologies in terms of speed, quality and coverage are great mot... more Rapid developments in wireless technologies in terms of speed, quality and coverage are great motivations that lead to an increase in the use of mobile devices such as laptops and smart phones. These developments facilitate exchanging information anywhere any time. However, some concerns have been raised especially when the mobile users want to access services that provided by foreign networks. These issues can be classified as security and performance matters. This paper proposes a fast and secure authentication protocol. The new feature about this protocol is that the foreign network (FN) can authenticate the mobile user (MU) without checking with the home network (HN). This feature can effectively enhance the network performance as just two messages are required to authenticate the MU. Moreover, we will demonstrate the strengths of this protocol against the common security attacks and we will compare the protocol performance with the previous protocols to ensure efficiency.
Uploads
Papers by Abdullah Almuhaideb