UAB - The University of Alabama at Birmingham

Apr 20

2 papers accepted in the IEEE Cloud 2015

Congratulations to Maziar Foutohi, Shams Zawoad, Ragib Hasan, Abhishek Anand, and Anthony Skjellum for having their work accepted in the 8th IEEE International Conference on Cloud Computing.

1. Shams Zawoad, Ragib Hasan, Anthony Skjellum, “OCF: An Open Cloud Forensics Model for Reliable Digital Forensics”, the 8th IEEE International Conference on Cloud Computing, New York, USA, June 2015

Abstract: The rise of cloud computing has changed the way computing services and resources are used. However, existing digital forensics science cannot cope with the black-box nature of clouds nor with multi-tenant cloud models. Because of the fundamental characteristics of clouds, many assumptions of digital forensics are invalidated in clouds. In the digital forensics process involving clouds, the role of cloud service providers (CSP) is utterly important, a role which needs to be considered in the science of cloud forensics. In this paper, we define cloud forensics considering the role of the CSP and propose the Open Cloud Forensics (OCF) model. Based on this OCF model, we propose a cloud computing architecture and validate our proposed model using a case study, which is inspired from an actual civil lawsuit.

2. Maziar Foutohi, Abhishek Anand, Ragib Hasan, “PLAG: Practical Landmark Allocation for Cloud Geolocation”, the 8th IEEE International Conference on Cloud Computing, New York, USA, June 2015.

Abstract: Knowing the physical location of files in a cloud system is of a great importance for any user, as is it can affect the whole service drastically. However, pinpointing the exact coordinates for the location of a server is very challenging. Providers prefer not to share the location of their data centers with public for security reasons, and this fact also adds to the complexity of this concept. Researchers have recently developed delay based schemes for cloud data geolocation, some of which use proprietary landmarks for location verification. Unfortunately, such landmark-based schemes are often impractical due to high cost and latency. In this paper, we have developed a practical scheme for landmark allocation in cloud data geolocation. We augment existing approaches with a new landmark allocation modification to get the same or often better accuracy, while decreasing the cost considerably. Our approach improves the existing state of the art by introducing the concept of publicly distributed landmarks for all delay based geolocation techniques.

Apr 18

2 researchers from SECRETLab receive Sigma Xi Grant-in-Aid of Research

Congratulations to SECRETLab researchers, Shams Zawoad and Rasib Khan, supervised by Ragib Hasan, Ph.D., on receiving their Sigma Xi Grant-in-Aid of Research (GIAR). The GIARs were received by the two SECRETLab researchers two separate projects for funding their research projects. Shams Zawoad, a Ph.D. candidate at SECRETLab, received the fund for his project on forensics enabled cloud framework. Rasib Khan, who is also a Ph.D. candidate at SECRETLab, received the fund for his project on secure PIN-based authentication service. The Sigma Xi GIAR program has a highly competitive application process and only less than 17% of applicants received any level of funding.

Apr 18

2 papers accepted at the 12th IEEE International Conference on Services Computing

Congratulations to Rasib Khan and Ragib Hasan for having 2 papers accepted at the 12th IEEE International Conference on Services Computing (SCC).


1. Rasib Khan, Ragib Hasan, “Fuzzy Authentication using Interaction Provenance in Service Oriented Computing”, the 12th IEEE International Conference on Services Computing (SCC), New York, USA, June 2015.

Abstract: In service oriented computing, authentication factors have their vulnerabilities when considered exclusively. Cross-platform and service composition architectures require a complex integration procedure and limit adoptability of newer authentication models. Authentication is generally based on a binary success or failure and relies on credentials proffered at the present moment without considering how or when the credentials were obtained by the subject. The resulting access control engines suffer from rigid service policies and complexity of management. In contrast, social authentication is based on the nature, quality, and length of previous encounters with each other. We posit that human-to-machine authentication is a similar causal effect of an earlier interaction with the verifying party. We use this notion to propose interaction provenance as the only unified representation model for all authentication factors in service oriented computing. Interaction provenance uses the causal relationship of past events to leverage service composition, cross-platform integration, timeline authentication, and easier adoption of newer methods. We extend our model with fuzzy authentication using past interactions and linguistic policies. The paper presents an interaction provenance recording and authentication protocol and a proof-of-concept implementation with extensive experimental evaluation.



2. Rasib Khan, Ragib Hasan, “MIDEP: Multiparty Identity Establishment Protocol for Decentralized Collaborative Services”, the 12th IEEE International Conference on Services Computing (SCC), New York, USA, June 2015.

Abstract: Decentralized collaborative architectures are gaining popularity in all application areas, varying from peer-to-peer communication and content management to cloud and ubiquitous services. However, the public identity of the user is still a major concern, in terms of privacy, traceability, verifiability, masquerading, and other attacks in such environments. We demonstrate two new attacks, identity shadowing and the Man-in-the-Loop (MITL) attacks, which are applicable in particular to multiparty collaborative environments. In this paper, we propose MIDEP, a Multiparty IDentity Establishment Protocol for collaborative environments. The proposed protocol allows a client to establish a secure, multiparty, probabilistic, temporal, verifiable, and non-traceable public identity with the collaborating peers in a decentralized architecture. MIDEP allows a client to avoid identity shadowing and protects the service from the resulting threats as well as from colluded information sharing among the collaborating peers. We illustrate how existing collaborative service frameworks can utilize MIDEP to securely establish the public identity prior to beginning the service session. A prototype implementation is utilized to perform extensive experimental analysis. Our results show that MIDEP is highly suitable in terms of overhead to ensure secure identity establishment for underlying decentralized collaborative services.

Apr 05

Our work on litigation hold enabled cloud storage accepted in DFRWS 2015

Congratulations to Shams Zawoad, Ragib Hasan, and John W Grimes for having their work on litigation hold enabled cloud storage accepted in the 15th Annual DFRWS (USA) Conference.

Shams Zawoad, Ragib Hasan, and John W Grimes, “LINCS: Towards Building a Trustworthy Litigation Hold Enabled Cloud Storage System”, the 15th Annual DFRWS (USA) Conference, Philadelphia, PA, August 2015.

Mar 17

Our work on Cloud-based Spam URL Deduplication for Big Datasets Accepted in the International Journal of Cloud Computing (IJCC)

Congratulations to Shams Zawoad, Ragib Hasan, Gary Warner, and Md Munirul Haque for having their work on Cloud-based Spam URL Deduplication for Big Datasets accepted in the International Journal of Cloud Computing (IJCC).

Shams Zawoad, Ragib Hasan, Gary Warner, Md Munirul Haque “Towards a Cloud-based Approach for Spam URL Deduplication for Big Datasets”, International Journal of Cloud Computing (IJCC), 2(3), 2014, pp. 1-14.

Spam emails are often used to advertise phishing websites and lure users to visit such sites. URL blacklisting is a widely used technique for blocking malicious phishing websites. To prepare an effective blacklist, it is necessary to analyze possible threats and include the identified malicious sites in the blacklist. However, the number of URLs acquired from spam emails is quite large. Fetching and analyzing the content of this large number of websites are very expensive tasks given limited computing and storage resources. To solve the problem of massive computing and storage resource requirements, we need a highly distributed and scalable architecture, where we can provision additional resources to fetch and analyze on the fly. Moreover, there is a high degree of redundancy in the URLs extracted from spam emails, where more than one spam emails contain the same URL. Hence, preserving the contents of all the websites causes significant storage waste. Additionally, fetching content from a fixed IP address introduces the possibility of being reversed blacklisted by malicious websites. In this paper, we propose and develop CURLA – a Cloud-based spam URL Analyzer, built on top of Amazon Elastic Computer Cloud (EC2) and Amazon Simple Queue Service (SQS). CURLA allows deduplicating large number of spam-based URLs in parallel, which reduces the cost of establishing equally capable local infrastructure. Our system builds a database of unique spam-based URL and accumulates the content of these unique websites in a central repository. This database and website repository will be a great resource to identify phishing websites and other counterfeit websites. We show the effectiveness of our architecture using real-life, large-scale spam-based URL data.

Jan 15

Three papers accepted in IEEE Mobile Cloud 2015

Congratulations to Ragib Hasan, Shams Zawoad, Rasib Khan, Md. Mahmud Hossain, and Jinfang Xu on having three papers accepted in the 3rd International Conference on Mobile Cloud Computing, Services, and Engineering, San Francisco (IEEE Mobile Cloud), Mar 2015.

Rasib Khan, Ragib Hasan, Jinfang Xu, “SEPIA: Secure-PIN-Authentication-as-a-Service for ATM using Mobile and Wearable Devices”, accepted as full paper in IEEE Mobile Cloud 2015.

Ragib Hasan, Md. Mahmud Hossain, Rasib Khan, “Aura: An IoT based Cloud Infrastructure for Localized Mobile Computation Outsourcing”, accepted as short paper in IEEE Mobile Cloud 2015.

Shams Zawoad and Ragib Hasan, “Towards a Systematic Analysis of Challenges and Issues in Secure Mobile Cloud Forensics”, accepted as poster paper in IEEE Mobile Cloud 2015.

Jan 14

Our work “WORAL” to appear in IEEE Transactions on Emerging Topics in Computing SI on Cyber Security


Congratulations to Ragib Hasan, Rasib Khan, Shams Zawoad, and Munirul Haque for having their work “WORAL: A Witness Oriented Secure Location Provenance Framework for Mobile Devices” accepted for publication in IEEE Transactions on Emerging Topics in Computing.


Ragib Hasan, Rasib Khan, Shams Zawoad, Md Haque, “WORAL: A Witness Oriented Secure Location Provenance Framework for Mobile Devices”, to appear in IEEE Transactions on Emerging Topics in Computing (TETC) SI on Cyber Security, 2015



Location based services allow mobile device users to access various services based on the users’ current physical location information. Path-critical applications, such as supply chain verification, require a chronological ordering of location proofs. It is a significant challenge in distributed and user-centric architectures for users to prove their presence and the path of travel in a privacy-protected and secure manner. So far, proposed schemes for secure location proofs are mostly subject to tampering, not resistant to collusion attacks, do not offer preservation of the provenance, and are not flexible enough for users to prove their provenance of location proofs. In this paper, we present WORAL, a complete ready-to-deploy framework for generating and validating witness oriented asserted location provenance records. The WORAL framework is based on the Asserted Location Proof protocol [1] and the OTIT model [2] for generating secure location provenance on the mobile devices. WORAL allows user-centric, collusion resistant, tamper-evident, privacy protected, verifiable, and provenance preserving location proofs for mobile devices. The paper presents the schematic development, feasibility of usage, comparative advantage over similar protocols, and implementation of WORAL for Android device users including a Google Glass based client for enhanced usability.


Look at our videos online

1. Ragib Hasan, 2013 DHS S&T PI Meeting, VA, USA
2. WORAL Project Promo Video



[1] Rasib Khan, Shams Zawoad, Md Munirul Haque and Ragib Hasan, “Who, When, and Where? Location Proof Assertion for Mobile Devices“, DBSEC 2014 Vienna, Austria, July 14-16, 2014. [pdf]

[2] Rasib Khan, Shams Zawoad, Md. Haque, and Ragib Hasan, “OTIT: Towards Secure Provenance Modeling for Location Proofs“, in Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS), Kyoto, Japan, June 2014.  [pdf]

Dec 15

Our Work ‘CellCloud’ Accepted in the International Journal of Cloud Computing (IJCC)

Congratulations to Shahid Al Noor, Ragib Hasan and Md Haque for having their work on CellCloud accepted in the International Journal of Cloud Computing (IJCC).

Shahid Al Noor, Ragib Hasan, and Md Haque “CellCloud: Towards A Cost Effective Formation of Mobile Cloud Based on Bidding Incentives“, To appear at the International Journal of Cloud Computing (IJCC), 2015.


In recent years, cloud computing has become the dominant computing paradigm. Researchers have explored the possibility of building clouds out of loosely associated mobile computing devices. However, most such efforts failed due to the lack of a proper incentive model for the mobile device owners. In this paper, we propose CellCloud – a practical mobile cloud architecture which can be easily deployed on existing cellular phone network infrastructure. CellCloud is based on a novel reputation-based economic incentive model in order to compensate the phone owners for the use of their phones as cloud computing nodes. CellCloud offers a practical model for performing cloud operations, with lower costs compared to a traditional cloud. We provide an elaborate analysis of the model with security and economic incentives as major focus. Along with a cost equation model, we perform extensive simulations to evaluate the performance and analyze the feasibility of our proposed model. Our simulation results show that CellCloud creates a win-win scenario for all three stakeholders (client, cloud provider, and mobile device owners) to ensure the formation of a successful mobile cloud architecture.

Nov 23

Paper Accepted in 11th Annual IFIP WG 11.9 International Conference on Digital Forensics

Our recent work on a forensics-enabled cloud architecture was accepted in 11th Annual IFIP WG 11.9 International Conference on Digital Forensics

Shams Zawoad and Ragib Hasan, “FECloud: A Trustworthy Forensics-Enabled Cloud Architecture”, 11th Annual IFIP WG 11.9 International Conference on Digital Forensics, Orlando, Florida, Janurary 2015.


The rapid migration from traditional computing and storage model to the cloud model creates the necessity of supporting reliable forensics in the cloud. However, today’s cloud computing architectures often lack support for forensic investigations because many of the assumptions that are taken for granted in traditional digital forensics do not apply to clouds. Hence, the existing digital forensics tools cannot handle the dynamic and black-box natures of clouds. Moreover, trustworthiness of evidence can be questionable because of the possibility of collusion between dishonest cloud providers, malicious users, and investigators. Since reliability and accuracy of evidence are very important factors while evaluating evidence during a criminal investigation and prosecution, we need to preserve the integrity of evidence before and after collecting from clouds. In this paper, we first identify the required properties to support trustworthy forensics in clouds. Based on the requirements, we propose a forensics-enabled cloud architecture (FECloud) to preserve and provide required evidence while protecting the privacy and integrity of the evidence. FECloud is designed on top of Openstack – a popular open source cloud computing platform. Incorporating architectures like FECloud may impose significant business impacts on Cloud Service Providers (CSP) as well as customers. CSPs can attract more customers with the assurance of providing proper forensics support. Likewise, customers do not require extreme investment on establishing their own forensics friendly infrastructures.

Oct 09

Demo/Poster paper accepted at BDCloud 2014

Our recent work on Cloud based URL deduplication as a service was accepted at IEEE BDCloud 2014.

Shams Zawoad, Ragib Hasan, Gary Warner, and Anthony Skjellum, UDaaS: A Cloud-based URL-Deduplication-as-a-Service for Big Datasets, in Proceedings of the 4th IEEE International Conference on Big Data and Cloud Computing (BDCloud 2014), Sydney, Australia, December 2014.

Older posts «

» Newer posts