Ali Hadi

A Preliminary Analysis of Drive-by Email Attacks in Educational Institutes

In this study we investigate malicious spam emails in the context of educational institutes. The goal of the study is two folds, first, is to explore spam types of attacks and what their malicious contents may include and secondly, to analyze if these attacks exhibit discriminative characteristics. This study offers an empirical analysis of spam emails dataset and provides a rich set of features that exist in the dataset. The features could then be used by researchers to build new intelligent systems that are capable of classifying and blocking spam emails.

Using IPython for Teaching Web Scraping

Web scraping constitutes an indispensable part of information gathering and data intelligence. IPython has been the de facto project for data science since 2001. In this chapter, IPython is employed to support educators in teaching the fundamentals of web scraping. The authors identify providing detailed labs as free online resources together with model answers as the main contribution of this chapter.

Covert Communication Using Port Knocking

Data theft and espionage attacks, which is evolved rapidly, impose the need to develop new and stealthy communication techniques to protect sensitive data that is transferred over the Internet. These new techniques should be built in different way than traditional and known communication techniques, in order to eschew detection and monitoring tools. This paper proposes a new covert channel for stealthy communication. The communication channel uses Least Significant Bit steganography and Tariq port knocking to hide data, besides that GnuPG encryption is applied before hiding the data to add another layer of protection. The communication efficiency has been evaluated using Peak Signal to Noise Ratio, and the result indicates better image quality compared with other techniques. Also, the maximum capacity and transfer rate of the channel have been evaluated, the channel is capable to achieve 152 bps as a maximum transmission rate in its current implementation.

MLDED: Multi-layer Data Exfiltration Detection System

Due to the growing advancement of crime ware services, the computer and network security becomes a crucial issue. Detecting sensitive data exfiltration is a principal component of each information protection strategy. In this research, a Multi-Level Data Exfiltration Detection (MLDED) system that can handle different types of insider data leakage threats with staircase difficulty levels and their implications for the organization environment has been proposed, implemented and tested. The proposed system detects exfiltration of data outside an organization information system, where the main goal is to use the detection results of a MLDED system for digital forensic purposes. MLDED system consists of three major levels Hashing, Keywords Extraction and Labeling. However, it is considered only for certain type of documents such as plain ASCII text and PDF files. In response to the challenging issue of identifying insider threats, a forensic readiness data exfiltration system is designed that is capable of detecting and identifying sensitive information leaks. The results show that the proposed system has an overall detection accuracy of 98.93%.