Visible to the public Biblio

Filters: Author is Hasan, Kamrul  [Clear All Filters]
2023-02-17
Rahman, Anichur, Hasan, Kamrul, Jeong, Seong–Ho.  2022.  An Enhanced Security Architecture for Industry 4.0 Applications based on Software-Defined Networking. 2022 13th International Conference on Information and Communication Technology Convergence (ICTC). :2127–2130.
Software-Defined Networking (SDN) can be a good option to support Industry 4.0 (4IR) and 5G wireless networks. SDN can also be a secure networking solution that improves the security, capability, and programmability in the networks. In this paper, we present and analyze an SDN-based security architecture for 4IR with 5G. SDN is used for increasing the level of security and reliability of the network by suitably dividing the whole network into data, control, and applications planes. The SDN control layer plays a beneficial role in 4IR with 5G scenarios by managing the data flow properly. We also evaluate the performance of the proposed architecture in terms of key parameters such as data transmission rate and response time.
ISSN: 2162-1241
Islam, Tariqul, Hasan, Kamrul, Singh, Saheb, Park, Joon S..  2022.  A Secure and Decentralized Auditing Scheme for Cloud Ensuring Data Integrity and Fairness in Auditing. 2022 IEEE 9th International Conference on Cyber Security and Cloud Computing (CSCloud)/2022 IEEE 8th International Conference on Edge Computing and Scalable Cloud (EdgeCom). :74–79.
With the advent of cloud storage services many users tend to store their data in the cloud to save storage cost. However, this has lead to many security concerns, and one of the most important ones is ensuring data integrity. Public verification schemes are able to employ a third party auditor to perform data auditing on behalf of the user. But most public verification schemes are vulnerable to procrastinating auditors who may not perform auditing on time. These schemes do not have fair arbitration also, i.e. they lack a way to punish the malicious Cloud Service Provider (CSP) and compensate user whose data has been corrupted. On the other hand, CSP might be storing redundant data that could increase the storage cost for the CSP and computational cost of data auditing for the user. In this paper, we propose a Blockchain-based public auditing and deduplication scheme with a fair arbitration system against procrastinating auditors. The key idea requires auditors to record each verification using smart contract and store the result into a Blockchain as a transaction. Our scheme can detect and punish the procrastinating auditors and compensate users in the case of any data loss. Additionally, our scheme can detect and delete duplicate data that improve storage utilization and reduce the computational cost of data verification. Experimental evaluation demonstrates that our scheme is provably secure and does not incur overhead compared to the existing public auditing techniques while offering an additional feature of verifying the auditor’s performance.
ISSN: 2693-8928
2022-03-15
Ashik, Mahmudul Hassan, Islam, Tariqul, Hasan, Kamrul, Lim, Kiho.  2021.  A Blockchain-Based Secure Fog-Cloud Architecture for Internet of Things. 2021 8th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/2021 7th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom). :1—3.

Fog Computing was envisioned to solve problems like high latency, mobility, bandwidth, etc. that were introduced by Cloud Computing. Fog Computing has enabled remotely connected IoT devices and sensors to be managed efficiently. Nonetheless, the Fog-Cloud paradigm suffers from various security and privacy related problems. Blockchain ensures security in a trustless way and therefore its applications in various fields are increasing rapidly. In this work, we propose a Fog-Cloud architecture that enables Blockchain to ensure security, scalability, and privacy of remotely connected IoT devices. Furthermore, our proposed architecture also efficiently manages common problems like ever-increasing latency and energy consumption that comes with the integration of Blockchain in Fog-Cloud architecture.

2020-08-07
Hasan, Kamrul, Shetty, Sachin, Ullah, Sharif.  2019.  Artificial Intelligence Empowered Cyber Threat Detection and Protection for Power Utilities. 2019 IEEE 5th International Conference on Collaboration and Internet Computing (CIC). :354—359.
Cyber threats have increased extensively during the last decade, especially in smart grids. Cybercriminals have become more sophisticated. Current security controls are not enough to defend networks from the number of highly skilled cybercriminals. Cybercriminals have learned how to evade the most sophisticated tools, such as Intrusion Detection and Prevention Systems (IDPS), and Advanced Persistent Threat (APT) is almost invisible to current tools. Fortunately, the application of Artificial Intelligence (AI) may increase the detection rate of IDPS systems, and Machine Learning (ML) techniques can mine data to detect different attack stages of APT. However, the implementation of AI may bring other risks, and cybersecurity experts need to find a balance between risk and benefits.
2020-07-06
Hasan, Kamrul, Shetty, Sachin, Hassanzadeh, Amin, Ullah, Sharif.  2019.  Towards Optimal Cyber Defense Remediation in Cyber Physical Systems by Balancing Operational Resilience and Strategic Risk. MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM). :1–8.

A prioritized cyber defense remediation plan is critical for effective risk management in cyber-physical systems (CPS). The increased integration of Information Technology (IT)/Operational Technology (OT) in CPS has to lead to the need to identify the critical assets which, when affected, will impact resilience and safety. In this work, we propose a methodology for prioritized cyber risk remediation plan that balances operational resilience and economic loss (safety impacts) in CPS. We present a platform for modeling and analysis of the effect of cyber threats and random system faults on the safety of CPS that could lead to catastrophic damages. We propose to develop a data-driven attack graph and fault graph-based model to characterize the exploitability and impact of threats in CPS. We develop an operational impact assessment to quantify the damages. Finally, we propose the development of a strategic response decision capability that proposes optimal mitigation actions and policies that balances the trade-off between operational resilience (Tactical Risk) and Strategic Risk.