Malek Al-Zewairi

Risk adaptive hybrid RFID access control system

Dynamic environments pose a challenge for traditional access control models where permissions are granted or revoked merely based on predefined and static access policies making them incapable of dynamically adapting to changing conditions. Risk adaptive access control models have been gaining more attention in the research community as an alternative approach to overcome the limitations of traditional access control models. Radio Frequency Identification RFID is an emerging technology widely utilized in both physical and logical access control systems because of its contactless nature, low cost, high read/write speed and long distance operation. Serverless RFID system architecture offers better availability assurance and lower implementation cost, while access rights management is easier in server-based architecture. In this study, we continue to build on our previous research on the privacy and security of RFID access control systems without a backend database in order to overcome its limitations. We propose a hybrid design for a risk adaptive RFID access control system; that is, dynamically alternating between two access control modes, online server-based and offline serverless, to adapt to the level of risk depending on rule-based risk scenarios and current risk value. The proposed design combines features of both serverless and risk adaptive access control systems. Copyright

Privacy and security for RFID Access Control Systems: RFID Access Control Systems without back-end database

Radio Frequency Identification (RFID) is one of the most popular Automatic Identification and Data Capture (AIDC) technologies that facilitate objects identification and information exchange over relatively small and widely separated entities. In this paper, the main aim is to address the privacy and security challenges that RFID Access Control Systems face and solve these challenges without relying on back-end database but only the RF subsystem.

Spotting the Islamist Radical within: Religious Extremists Profiling in the United State

Abstract The war on terrorism, radicalism and violent extremism is no longer confined to the battlefield; it has become omnipresent in the recent years with militant, terrorists and insurgent groups actively recruiting new technologies as platform to impel their ideologies worldwide. Nonetheless, one thing remains constant in the fight against radicalism equation, that is, the information about radical individuals, whether personal, demographical, social or economic information. The ability to identify, classify and profile potential radicals based on such information has an appealing trait for security agencies around the world. The Intelligence and Security Informatics research field emphasizes the importance of engaging multidiscipline technologies to provide security-related applications that serve as aiding tools in combating terrorism and other forms of violent extremism. In this paper, the authors focus on radical Islamism and hypothesize that Islamist radicals have identifiable information and behavioral traits that could be utilized to identify their ideological motive uniquely amongst other radicals. Four different supervised machine learning algorithms are applied to validate this hypothesis using the “profiles of individual radicalization in the United States” dataset and their performance is compared and discussed. The evaluation results support the authors’ hypothesis and show that profiling religious extremists can be achieved with high recall and precision using machine learning models.

An Empirical Evaluation of Intelligent Machine Learning Algorithms under Big Data Processing Systems

Abstract The rapid increase in the magnitude of data produced by industries that need to be processed using Machine Learning algorithms to generate business intelligence has created a dilemma for data scientists. This is due to the fact that traditional machine learning platforms such as Weka and R are not designed to handle data with such Volume, Velocity and Variety. Several machine learning algorithms and associated toolkits have been built specifically to work with big data; however, their performance is yet to be evaluated to allow researchers to get the most of these platforms. In this paper, the authors intend to provide an empirical evaluation of two emerging machine learning platforms under big data processing systems namely, H2O and Sparkling Water, by performing an experimental comparison between the two platforms in terms of performance over several generalization error metrics and model training time using the Santander Bank Dataset. Up to the authors’ knowledge, this is the first time such a study is conducted. The evaluation results showed that the H2O platform has significantly outperformed the Sparkling Water platform in terms of model training time almost by fifty percent, while achieving convergent results.

Using IPython for Teaching Web Scraping

Web scraping constitutes an indispensable part of information gathering and data intelligence. IPython has been the de facto project for data science since 2001. In this chapter, IPython is employed to support educators in teaching the fundamentals of web scraping. The authors identify providing detailed labs as free online resources together with model answers as the main contribution of this chapter.

An experimental Software Defined Security controller for Software Defined Network

Software Defined Networking is an emerging technology that permits computer network infrastructure to be scaled dynamically as needed while enhancing the manageability of the various network devices in heterogeneous environment as opposed to classical networking. These capabilities emerge from the separation of the data plane from the control plane; thus, allowing the network devices to be programmatically managed and controlled. Similarly, the concept of Software Defined Security allows security solutions such as Firewalls and Intrusion Detection Systems to be dynamically implemented, controlled and managed using programmable interfaces. In this research, the authors propose an experimental software defined security controller based on the Open vSwitch Controller to detect and prevent IP and MAC spoofing attacks on the network. The proposed controller is simulated using Mininet. The simulation results confirm that the proposed controller is capable to detect and prevent the aforementioned attacks with high precision.

Multilevel Fuzzy Inference System for Risk Adaptive Hybrid RFID Access Control System

Traditional access control systems lack the ability to cope with dynamic environments where several factors can affect the decision-making process. On the contrary, Risk-based access control systems offer a preeminent alternative where multiple risk factors sway the access control decision. Nonetheless, risk is often measured qualitatively, and is subject to uncertainty, thus, making it susceptible to underestimating or overestimating its value. Conversely, Fuzzy Inference System has been proven effective in solving problems where uncertainty has a dominant influence over the outcomes, making it an excellent candidate to solve the aforementioned issue. This study improves on the authors previous work in which risk adaptive hybrid RFID access control system is proposed. In this study, a multilevel fuzzy inference system is designed as a supplementary risk assessment model where risk is estimated using fuzzy logic controller. The results showed that the proposed design has significantly improved the overall risk calculation process.