Skip to main content

Research Repository

Advanced Search

Browse


Fuzzy pattern tree for edge malware detection and categorization in IoT (2019)
Journal Article
Dovom, E., Azmoodeh, A., Dehghantanha, A., Newton, D., Parizi, R., & Karimipour, H. (2019). Fuzzy pattern tree for edge malware detection and categorization in IoT. Journal of Systems Architecture, 97(Aug 19), 1-7. https://doi.org/10.1016/j.sysarc.2019.01.017

The surging pace of Internet of Things (IoT) development and its applications has resulted in significantly large amounts of data (commonly known as big data) being communicated and processed across IoT networks. While cloud computing has led to seve... Read More about Fuzzy pattern tree for edge malware detection and categorization in IoT.

Classification of advance malware for autonomous vehicles by using stochastic logic (2018)
Presentation / Conference
Alsadat tabatabaei, S., Saraee, M., & Dehghantanha, A. (2018, September). Classification of advance malware for autonomous vehicles by using stochastic logic. Presented at 11th IEEE International Conference on Developments in eSystems Engineering DeSE2018, Cambridge, UK

Connectivity of vehicles allows the seamless power of communication over the internet but is not without its cyber risks. Many IoT communication systems - such as vehicle-to-vehicle or vehicle-to-roadside - may require latencies below a few tens of... Read More about Classification of advance malware for autonomous vehicles by using stochastic logic.

A hierarchical key pre-distribution scheme for fog networks (2018)
Journal Article
Nikkhah Bahrami, P., Javadi, H., Dargahi, T., Dehghantanha, A., & Choo, K. (2019). A hierarchical key pre-distribution scheme for fog networks. Concurrency and Computation: Practice and Experience, 31(22), e4776. https://doi.org/10.1002/cpe.4776

Security in fog computing is multi-faceted, and one particular challenge is establishing a secure communication channel between fog nodes and end devices. This emphasizes the importance of designing efficient and secret key distribution scheme to fac... Read More about A hierarchical key pre-distribution scheme for fog networks.

Deep dive into ransomware threat hunting and intelligence at fog layer (2018)
Journal Article
Homayoun, S., Dehghantanha, A., Ahmadzadeh, M., Hashemi, M., Khayami, R., Choo, K., & Newton, D. (2018). Deep dive into ransomware threat hunting and intelligence at fog layer. Future Generation Computer Systems, 90(Jan 19), 94-104. https://doi.org/10.1016/j.future.2018.07.045

Ransomware, a malware designed to encrypt data for ransom payments, is a potential threat to fog layer nodes as such nodes typically contain considerably amount of sensitive data. The capability to efficiently hunt abnormalities relating to ransomwar... Read More about Deep dive into ransomware threat hunting and intelligence at fog layer.

A cyber kill chain based taxonomy of banking Trojans for evolutionary computational intelligence (2017)
Journal Article
Kiwia, D., Dehghantanha, A., Choo, K., & Slaughter, J. (2017). A cyber kill chain based taxonomy of banking Trojans for evolutionary computational intelligence. Journal of Computational Science, 27, 394-409

Malware such as banking Trojans are popular with financially-motivated cybercriminals. Detection of banking Trojans remains a challenging task, due to the constant evolution of techniques used to obfuscate and circumvent existing detection and securi... Read More about A cyber kill chain based taxonomy of banking Trojans for evolutionary computational intelligence.

Intelligent OS X malware threat detection with code inspection (2017)
Journal Article
HaddadPajouh, H., Dehghantanha, A., Khayami, R., & Choo, R. (2017). Intelligent OS X malware threat detection with code inspection. Journal of Computer Virology and Hacking Techniques, 14(3), 213-223. https://doi.org/10.1007/s11416-017-0307-5

With the increasing market share of Mac OS X operating system, there is a corresponding increase in the number of malicious programs (malware) designed to exploit vulnerabilities on Mac OS X platforms. However, existing manual and heuristic OS X malw... Read More about Intelligent OS X malware threat detection with code inspection.

Non-reciprocity compensation combined with turbo codes for secret key generation in vehicular ad hoc social IoT networks (2017)
Journal Article
Epiphaniou, G., Karadimas, P., Dhouha Kbaier Ben, I., Al-Khateeb, H., Dehghantanha, A., & Choo, K. (2018). Non-reciprocity compensation combined with turbo codes for secret key generation in vehicular ad hoc social IoT networks. IEEE Internet of Things, 5(4), 2496-2505. https://doi.org/10.1109/JIOT.2017.2764384

The physical attributes of the dynamic vehicle-to-vehicle (V2V) propagation channel can be utilised for the generation of highly random and symmetric cryptographic keys. However, in a physical-layer key agreement scheme, non-reciprocity due to inhere... Read More about Non-reciprocity compensation combined with turbo codes for secret key generation in vehicular ad hoc social IoT networks.

Know abnormal, find evil : frequent pattern mining for ransomware threat hunting and intelligence (2017)
Journal Article
Homayoun, S., Dehghantanha, A., Ahmadzadeh, M., Hashemi, S., & Khayami, R. (2020). Know abnormal, find evil : frequent pattern mining for ransomware threat hunting and intelligence. IEEE Transactions on Emerging Topics in Computing, 8(2), 341-351. https://doi.org/10.1109/TETC.2017.2756908

Emergence of crypto-ransomware has significantly changed the cyber threat landscape. A crypto ransomware removes data custodian access by encrypting valuable data on victims’ computers and requests a ransom payment to reinstantiate custodian acces... Read More about Know abnormal, find evil : frequent pattern mining for ransomware threat hunting and intelligence.

Detecting crypto-ransomware in IoT networks based on energy consumption footprint (2017)
Journal Article
energy consumption footprint. Journal of Ambient Intelligence and Humanized Computing, 9(4), 1141-1152. https://doi.org/10.1007/s12652-017-0558-5

An Internet of Things (IoT) architecture generally consists of a wide range of Internet-connected devices or things such as Android devices, and devices that have more computational capabilities (e.g., storage capacities) are likely to be targeted by... Read More about Detecting crypto-ransomware in IoT networks based on energy consumption footprint.

CloudMe forensics : a case of big-data investigation (2017)
Journal Article
Teing, Y., Dehghantanha, A., & Raymond Choo, K. (2017). CloudMe forensics : a case of big-data investigation. Concurrency and Computation: Practice and Experience, 30(5), https://doi.org/10.1002/cpe.4277

The significant increase in the volume, variety and velocity of data complicates cloud forensic efforts, as such big data will, at some point, become computationally expensive to be fully extracted and analyzed in a timely manner. Thus, it is importa... Read More about CloudMe forensics : a case of big-data investigation.

Greening cloud-enabled big data storage forensics : Syncany as a case study (2017)
Journal Article
Teing, Y., Dehghantanha, A., Raymond Choo, K., Abdullah, M., & Muda, Z. (2019). Greening cloud-enabled big data storage forensics : Syncany as a case study. IEEE Transactions on Sustainable Computing, 4(2), 204-216. https://doi.org/10.1109/TSUSC.2017.2687103

The pervasive nature of cloud-enabled big data storage solutions introduces new challenges in the identification, collection, analysis, preservation and archiving of digital evidences. Investigation of such complex platforms to locate and recover tra... Read More about Greening cloud-enabled big data storage forensics : Syncany as a case study.

Machine learning aided android malware classification (2017)
Journal Article
Nikola, M., Dehghantanha, A., & Kim-Kwang Raymond, C. (2017). Machine learning aided android malware classification. Computers and Electrical Engineering, 61, 266-274. https://doi.org/10.1016/j.compeleceng.2017.02.013

The widespread adoption of Android devices and their capability to store access significant private and confidential information have resulted in these devices being targeted by malware developers. Existing Android malware analysis techniques can be... Read More about Machine learning aided android malware classification.

Investigating the antecedents to the adoption of SCRM technologies by start-up companies (2016)
Journal Article
Hasani, T., Jamil, B., & Dehghantanha, A. (2016). Investigating the antecedents to the adoption of SCRM technologies by start-up companies. Telematics and Informatics, 34(5), 655-675. https://doi.org/10.1016/j.tele.2016.12.004

Despite their fairly recent emergence, start-up companies now play an important role in the economic development of countries around the globe. These companies have fewer tangible assets and capital, and therefore, the efficient delivery of services... Read More about Investigating the antecedents to the adoption of SCRM technologies by start-up companies.

A two-layer dimension reduction and two-tier classification model for anomaly-based intrusion detection in IoT backbone networks (2016)
Journal Article
Haddad Pajouh, H., Javadian, R., Khayami, R., Dehghantanha, A., & Choo, R. (2019). A two-layer dimension reduction and two-tier classification model for anomaly-based intrusion detection in IoT backbone networks. IEEE Transactions on Emerging Topics in Computing, 7(2), 314-323. https://doi.org/10.1109/TETC.2016.2633228

With increasing reliance on Internet of Things (IoT) devices and services, the capability to detect intrusions and malicious activities within IoT networks is critical for resilience of the network infrastructure. In this paper, we present a novel mo... Read More about A two-layer dimension reduction and two-tier classification model for anomaly-based intrusion detection in IoT backbone networks.

Forensic investigation of cooperative storage cloud service : Symform as a case study (2016)
Journal Article
Yee Yang, T., Dehghantanha, A., Choo, R., Conti, M., & Dargahi, T. (2016). Forensic investigation of cooperative storage cloud service : Symform as a case study. Journal of Forensic Sciences, 62(3), 641-654. https://doi.org/10.1111/1556-4029.13271

Researchers envisioned the Storage as a Service (StaaS) as an effective solution to the distributed management of digital data, since it provides an inexpensive and reliable online storage which is accessible by different types of computer devices... Read More about Forensic investigation of cooperative storage cloud service : Symform as a case study.

A closer look at Syncany Windows and Ubuntu clients’ residual artefacts (2016)
Book Chapter
Yee Yang, T., Dehghantanha, A., Choo, R., Muda, Z., Taufik, A., & Wee-Chait, C. (2016). A closer look at Syncany Windows and Ubuntu clients’ residual artefacts. In Security, Privacy and Anonymity in Computation, Communication and Storage (342-357). SpaCCS. https://doi.org/10.1007/978-3-319-49145-5_34

In this paper, we seek to determine the residual artefacts of forensic value on Windows and Ubuntu client machines of using Syncany private cloud storage service. We demonstrate the types and the locations of the artefacts that can be forensically re... Read More about A closer look at Syncany Windows and Ubuntu clients’ residual artefacts.

Forensic investigation of social media and instant messaging services in Firefox OS : Facebook, Twitter, Google+, Telegram, OpenWapp, and Line as case studies (2016)
Book Chapter
Najvadi, Y., & Dehghantanha, A. (2016). Forensic investigation of social media and instant messaging services in Firefox OS : Facebook, Twitter, Google+, Telegram, OpenWapp, and Line as case studies. In Contemporary Digital Forensic Investigations Of Cloud And Mobile Applications. Elsevier. https://doi.org/10.1016/B978-0-12-805303-4.00004-6

Investigating America Online instant messaging application : data remnants on Windows 8.1 client machine (2016)
Book Chapter
(2016). Investigating America Online instant messaging application : data remnants on Windows 8.1 client machine. In T. Yee Yang, & A. Dehghantanha (Eds.), Contemporary Digital Forensic Investigations Of Cloud And Mobile Applications. Elsevier. https://doi.org/10.1016/B978-0-12-805303-4.00003-4

Instant messaging applications (apps) are one potential source of evidence in a criminal investigation or a civil litigation. To ensure the most effective collection of evidence, it is vital for forensic practitioners to possess up-to-date knowledge... Read More about Investigating America Online instant messaging application : data remnants on Windows 8.1 client machine.

Network traffic forensics on Firefox Mobile OS : Facebook, Twitter and Telegram as case studies (2016)
Book Chapter
Mohd Najwadi, Y., & Dehghantanha, A. (2016). Network traffic forensics on Firefox Mobile OS : Facebook, Twitter and Telegram as case studies. In Contemporary Digital Forensic Investigations Of Cloud And Mobile Applications. Elsevier. https://doi.org/10.1016/B978-0-12-805303-4.00005-8

The development of a mobile web-centric OS such as Firefox OS (FxOS) has created new challenges and opportunities for digital investigators. Network traffic forensics plays an important role in cybercrime investigation to detect subject(s) and object... Read More about Network traffic forensics on Firefox Mobile OS : Facebook, Twitter and Telegram as case studies.