Papers by Abdeslam El Fergougui
A comprehensive security and performance assessment of UAV authentication schemes
SECURITY AND PRIVACY
In the past few years, unmanned aerial vehicles (UAVs) have significantly gained attention and po... more In the past few years, unmanned aerial vehicles (UAVs) have significantly gained attention and popularity from industry, government, and academia. With their rapid development and deployment into the civilian airspace, UAVs play an important role in different applications, including goods delivery, search‐and‐rescue, and traffic monitoring. Therefore, providing secure communication through authentication models for UAVs is necessary for a successful and reliable flight mission. To satisfy such requirements, numerous authentication mechanisms have been proposed in the literature. However, the literature lacks a comprehensive study evaluating the security and performance of these solutions. In this article, we analyze the security and performance of 27 recent UAV authentication works by considering ten different key metrics. First, in the performance analysis, we show that the majority of UAV authentication schemes are lightweight in their communication cost. However, the storage over...
The Intelligent Transportation Systems (ITS) are the subject of a world economic competition. The... more The Intelligent Transportation Systems (ITS) are the subject of a world economic competition. They are the application of new information and communication technologies in the transport sector, to make the infrastructures more efficient, more reliable and more ecological. License Plates Recognition (LPR) is the key module of these systems, in which the License Plate Localization (LPL) is the most important stage, because it determines the speed and robustness of this module. Thus, during this step the algorithm must process the image and overcome several constraints as climatic and lighting conditions, sensors and angles variety, LPs’ no-standardization, and the real time processing. This paper presents a classification and comparison of License Plates Localization (LPL) algorithms and describes the advantages, disadvantages and improvements made by each of them.
Moving Vehicle Detection Using Haar-like, LBP and a Machine Learning Adaboost Algorithm
2018 IEEE International Conference on Image Processing, Applications and Systems (IPAS), 2018
Object detection and classification is one of the core functions of Intelligence Transport System... more Object detection and classification is one of the core functions of Intelligence Transport Systems (ITS). It is typically based on extracted features and learning algorithms. Different approaches seem to be appropriate. Researchers should compare and evaluate existing approaches to apply the most efficient. In this paper, we propose a moving vehicle-detection vision system. Two solutions are examined in terms of performance and energy-efficient. The first is a classical Adaboost approach based on the Haar-like in feature extraction whereas the second handles a Local Binary Pattern descriptor that will undergo extraction with Adaboost classifier. Comparison results are illustrated based on the GTI vehicle image dataset. The most pertinent is the Haar-like +Adaboost, leading a DR of 90.1% instead of 87.9% for the LBP+Adaboost. However, LBP+Adaboost shows a low energy consumption, which is very important in any embedded systems.
Signal & Image Processing : An International Journal, 2021
The Intelligent Transportation Systems (ITS) are the subject of a world economic competition. The... more The Intelligent Transportation Systems (ITS) are the subject of a world economic competition. They are the application of new information and communication technologies in the transport sector, to make the infrastructures more efficient, more reliable and more ecological. License Plates Recognition (LPR) is the key module of these systems, in which the License Plate Localization (LPL) is the most important stage, because it determines the speed and robustness of this module. Thus, during this step the algorithm must process the image and overcome several constraints as climatic and lighting conditions, sensors and angles variety, LPs’ no-standardization, and the real time processing. This paper presents a classification and comparison of License Plates Localization (LPL) algorithms and describes the advantages, disadvantages and improvements made by each of them.
A smart scanning-based authentication framework for critical mobile cloud computing applications and services
International Journal of Wireless and Mobile Computing, 2016
In this paper we address the authentication process in the cloud environment for mobile devices, ... more In this paper we address the authentication process in the cloud environment for mobile devices, which appears to be a major field of study since it is the main entrance door to the offered services. Hence, we introduce a novel approach which is based on a smart Scan Decision-Maker algorithm that we have developed and is built on top of a context-aware authentication system and relies on a cloud-based malware scanning system CloudAV. Our algorithm will form, in conjunction with the two adopted systems, a collaborative framework aiming, on the one hand, to provide an additional security layer so as to thwart advanced malware-based attacks that might bypass the authentication system and, on the other hand, to reduce the risk of online frauds and mitigate breaches of confidentiality in crucial business operations and critical services. As a part of proof-of-concept implementation, we have tested our algorithm in different scenarios.
MATEC Web of Conferences, 2016
Road traffic management has become a worldwide concern. Several traffic simulators have been deve... more Road traffic management has become a worldwide concern. Several traffic simulators have been developed in order to contribute to solving traffic congestion problems. Comparative studies of simulators in this field of activity are concerned with the comparison of the simulation results with the results of the real situation; others are interested in the ability of certain platforms to simulate public transport systems. Our study aims purports to cover carryout of existing simulators in the sense that, on the one hand, poised in eleven major reviews of simulation platforms (commercial and open-source) the most used, given that the existing comparative studies do not cover all simulators we compared. On the other hand, our comparative study takes into consideration new criteria such as use wireless sensors and the ability of simulators to support GIS (Geographic Information System).
The Rise of ICS Malware: A Comparative Analysis
Computer Security. ESORICS 2021 International Workshops
The QoS routing generates a significant number of control messages (overhead), which are necessar... more The QoS routing generates a significant number of control messages (overhead), which are necessary for the discovery and maintenance of routes. Indeed, the nodes must establish a mechanism to store and update the link-state in a mobile environment. This mobility in ad-hoc environment makes maintaining the linkstate very difficult and costly. In addition to node mobility, lack of energy can cause breaks in the established paths, the protocol must be able to react quickly to such event by recalculating valid routes. In this paper we propose a management approach of routing based on one of the largest existing reactive routing protocols which is AODV, and able to minimize routing messages (overhead) in contexts with strong constraints. This approach takes into account a metric based on energy consumption during the route discovery, in order to increase the lifetime of the network, and also allows such applications to consider, when resources are lacking, the maintenance of QoS connecti...
ArXiv, 2021
Deep Convolutional Neural Networks (CNN) models are one of the most popular networks in deep lear... more Deep Convolutional Neural Networks (CNN) models are one of the most popular networks in deep learning. With their large fields of application in different areas, they are extensively used in both academia and industry. CNN-based models include several exciting implementations such as early breast cancer detection or detecting developmental delays in children (e.g., autism, speech disorders, etc.). However, previous studies demonstrate that these models are subject to various adversarial attacks. Interestingly, some adversarial examples could potentially still be effective against different unknown models. This particular property is known as adversarial transferability, and prior works slightly analyzed this characteristic in a very limited application domain. In this paper, we aim to demystify the transferability threats in computer networks by studying the possibility of transferring adversarial examples. In particular, we provide the first comprehensive study which assesses the r...
A Grid Based Joint Localization and Packet Routing Algorithm in Wireless Sensor Networks
2019 International Conference on Systems of Collaboration Big Data, Internet of Things & Security (SysCoBIoTS), 2019
Localization plays a key role in the field of wireless sensor networks (WSNs) that provide servic... more Localization plays a key role in the field of wireless sensor networks (WSNs) that provide services for data collection. The localization accuracy often depends on the accuracy of distance estimation because of the constraints in size, power, cost and memory of sensor nodes. This paper proposes a novel grid based joint localization and packet routing algorithm in WSN based on beacon nodes to improve the precision in location estimation. Firstly, system model of Grid based WSN node localization is constructed. Then localization algorithm of WSN is proposed by using Hybrid Algorithm called Particle Swarm Optimization and Type-2 Fuzzy Logic Filter. Next, form dynamic clusters using node energy. In third step, perform packet routing using Enriched Ant Colony Optimization Algorithm (E-ACO). A shortest and reliable path identified based on node residual energy, degree and distance between nodes. Finally, malicious node detected during data transmission using RSA Digital Signature Algorith...
ArXiv, 2021
In the 21st century, the industry of drones, also known as Unmanned Aerial Vehicles (UAVs), has w... more In the 21st century, the industry of drones, also known as Unmanned Aerial Vehicles (UAVs), has witnessed a rapid increase with its large number of airspace users. The tremendous benefits of this technology in civilian applications such as hostage rescue and parcel delivery will integrate smart cities in the future. Nowadays, the affordability of commercial drones expands its usage at a large scale. However, the development of drone technology is associated with vulnerabilities and threats due to the lack of efficient security implementations. Moreover, the complexity of UAVs in software and hardware triggers potential security and privacy issues. Thus, posing significant challenges for the industry, academia, and governments. In this paper, we extensively survey the security and privacy issues of UAVs by providing a systematic classification at four levels: Hardware-level, Software-level, Communication-level, and Sensor-level. In particular, for each level, we thoroughly investigat...
A Verifiable Secret Sharing Approach for Secure MultiCloud Storage
Cloud computing is a model to access shared pool of configurable computing resources which compri... more Cloud computing is a model to access shared pool of configurable computing resources which comprise servers, applications, services and network components. The fact that this model can provide both computation and storage at low tax makes it popular among corporations. This also makes it a very captivating proposition for the future. But in spite of its promise and potential, security in the cloud proves to be a cause for concerns to the business sector. This is due to the outsourcing of data onto third party managed cloud platform. These security concerns also make the use of cloud services not so much flexible. The main issues associated with data storage management are confidentiality and integrity. However, a novel approach of “multi-cloud” or “cloud of clouds” has emerged currently using Shamir’s Secret Sharing algorithm to address both confidentiality and integrity concerns. The implementation of Shamir’s Secret Sharing algorithm is performed to authenticate a unique user and ...
ESLC-WSN: A Novel Energy Efficient Security Aware Localization and Clustering in Wireless Sensor Networks
2020 1st International Conference on Innovative Research in Applied Science, Engineering and Technology (IRASET)
Localization is one of the most essential challenges in wireless sensor networks because the loca... more Localization is one of the most essential challenges in wireless sensor networks because the location information is usually used in domains such as routing, target tracking, deployment and coverage. There be existent some localization algorithms that facilitate the sensor nodes to locate itself using the anchor/beacon nodes position. Some crucial efforts have been made in the past for optimizing the anchor node trajectory with good accuracy. This paper presents a novel algorithm for localization in wireless sensor networks. To predict unknown nodes location, we select top-3 anchor nodes using hybrid technique namely CSO-ANFIS (Chicken Swarm Optimization and Adaptive Neuro-Fuzzy System). For decision making, fusion center is used which rejects the reported location information if the distance between unknown node and anchor node beyond a threshold. On the other hand, energy consumption is a serious threat in WSN. In order to reduce the energy consumption, we proposed secure cluster based routing for data transmission by authenticating each node to sink node. Firstly, clustering is formed using Residual Energy, Node degree, and Distance between adjacent nodes. To improve the data transmission, we proposed hybrid encryption algorithms namely AES (Advanced Encryption Standard) with ECC (Elliptic Curve Cryptography) and to forward data from source to the destination, Monarch Butterfly Optimization (MBO) is presented. Finally, nodes location is verified in Sink node by its pseudo random numbers. The performance of the proposed scheme is evaluated through a series of simulations.
DePass: A secure hash-based authentication scheme
Username/Password combination is currently the most commonly deployed authentication method for a... more Username/Password combination is currently the most commonly deployed authentication method for a large number of applications. The databases of stored credentials are a high-profile target for malicious attackers who are performing advanced attacks to break into servers for stealing and cracking password hashes. Consequently, relying on the classical authentication scheme may not be usually an effective way to protect users' accounts in the event of a security breach. In this article, we propose a novel secure authentication scheme named DePass to thwart dictionary, brute force and rainbow-table attacks that aim at inverting password hashes. Our scheme provides a novel way of hashing by segmenting and mixing a SHA-2 password hash with a random SHA-2 hash to produce a single apparent hash with delimiters. The apparent hash is stored in the server while the delimiters are sent to the user upon a registration phase. DePass authentication scheme is well-tailored to both user comfor...
A threat model method for ICS malware: the TRISIS case
Cyber-physical attacks against plants and Critical Infrastructures (CIs) are among the most signi... more Cyber-physical attacks against plants and Critical Infrastructures (CIs) are among the most significant concerns in the 21st century and can lead to devastating consequences. In particular, with the convergence between the Operational Technology (OT) network and the traditional IT network, malware threats for Industrial Control Systems (ICSs) are gradually increasing. In these scenarios, we need to identify potential cyber threats by developing innovative modeling techniques. However, existing malware-based cyber threats modeling techniques are not fully designed for industrial environment. In this paper, we present a threat modeling framework for Industrial Control Systems malware across two different levels: the Extraction Level and the Modeling Level. We evaluate the effectiveness of our model by analyzing the TRISIS cyber attack as a use case. A complex malware developed to cause operational disruption to industrial plants. Our solution outperforms existing malware threat modeli...
Signal & Image Processing : An International Journal is an Open Access peer-reviewed journal inte... more Signal & Image Processing : An International Journal is an Open Access peer-reviewed journal intended for researchers from academia and industry, who are active in the multidisciplinary field of signal & image processing. The scope of the journal covers all theoretical and practical aspects of the Digital Signal Processing & Image processing, from basic research to development of application. Authors are solicited to contribute to the journal by submitting articles that illustrate research results, projects, surveying works and industrial experiences that describe significant advances in the areas of Signal & Image processing.
International Journal of Advanced Computer Science and Applications, 2016
The Purpose of homomorphic encryption is to ensure privacy of data in communication, storage or i... more The Purpose of homomorphic encryption is to ensure privacy of data in communication, storage or in use by processes with mechanisms similar to conventional cryptography, but with added capabilities of computing over encrypted data, searching an encrypted data, etc. Homomorphism is a property by which a problem in one algebraic system can be converted to a problem in another algebraic system, be solved and the solution later can also be translated back effectively. Thus, homomorphism makes secure delegation of computation to a third party possible. Many conventional encryption schemes possess either multiplicative or additive homomorphic property and are currently in use for respective applications. Yet, a Fully Homomorphic Encryption (FHE) scheme which could perform any arbitrary computation over encrypted data appeared in 2009 as Gentry's work. In this paper, we propose a multi-cloud architecture of N distributed servers to repartition the data and to nearly allow achieving an FHE.
Analysis of TCP flow control for high speed networks: Case of two nodes in tandem
… and Systems, 2009. …, 2009
... A. Jamali and N. Naja INPT, Av. Allal El Fassi Department of computer science Rabat, Morocco ... more ... A. Jamali and N. Naja INPT, Av. Allal El Fassi Department of computer science Rabat, Morocco {jamali ; naja}@inpt.ac.ma ... The window size for a TCP connection is the maximum number of unacknowledged packets allowed for this connection at a given time. ...
A Context-Aware Authentication System for Mobile Cloud Computing
Procedia Computer Science
Software-defined networking (SDN): a survey
Security and Communication Networks, 2017
Uploads
Papers by Abdeslam El Fergougui