Mohammad Al-Fawa'reh - Academia.edu (original) (raw)
Papers by Mohammad Al-Fawa'reh
2021 International Congress of Advanced Technology and Engineering (ICOTEN)
Increasing water scarcity and rising demand throughout the Middle East and North Africa pose a ma... more Increasing water scarcity and rising demand throughout the Middle East and North Africa pose a major problem, and flood forecasting has been an open issue for a long time, attracting significant attention. Jordan seeks to use smart methods to solve the problem. Therefore, a real-world case study was conducted in Wadi al Wala for real-time rainfall forecasting and flood control, using 38 years of daily data from 13 rain gauge stations in the region. Different Machine Learning (ML) models were evaluated with various input information types to provide predictions in an almost real-time schedule. Preliminary tests showed that the decision tree (DT) and random forest (RF) techniques achieved the best generalized flood forecasting. In particular, the model was able to produce forecasts at any time, with the use of a mixture of meteorological parameters (relative humidity, air pressure, wet bulb temperature, and cloudiness), the precipitation at the forecasting point, and precipitation at the appropriate stations as input data, and the advanced ML model to be used with continuous data containing rainy and non-rainy cycles. Experiments showed the dominance of DT forecasts over those produced by the persistent model.
Karbala International Journal of Modern Science, 2021
The exponential rise in the number of malicious threats targeting computer networks and digital s... more The exponential rise in the number of malicious threats targeting computer networks and digital services puts network infrastructure in jeopardy. Domain name protocol attacks are one of the most pervasive network attacks posing a threat to networks, whereby attackers send harmful information to the network; this type of threat is identified as DNS tunneling. The DNS protocol has recently gained increased attention from cyber-attackers, targeting organizations with a web presence or reliance on e-commerce businesses. Cyber-attackers can subtly exploit the contents of encrypted DNS packets that are sent across covert network tunnels, which are difficult for firewalls and blacklist detection methods to detect. Therefore, efficient methods for detecting DNS intrusions in the network are required. Machine learning (ML), deep learning (DL), and computational intelligence models have proved to be increasingly effective in dealing with these cyber-attacks, especially when using an appropriate dataset. This paper proposes an intrusion detection model to detect malicious DNS over HTTPS (DoH) queries among network covert tunnels, using statistical analysis and Bi-directional Recurrent Neural Network (BRNN) techniques, based on the flow level of the network traffic. The proposed approach was tested and evaluated based on a realistic dataset called CIRA-CIC-DoHBrw-2020, provided by the Canadian Institute for Cybersecurity. Experiments have shown that the robustness of the model is strong, with a detection rate of 100%. Furthermore, the proposed model achieved high performance in terms of the accuracy rate in detecting malicious DoH queries, with low false-negative and false-positive rates. Furthermore, the number of features used is fewer than other approaches, making it perform faster in the training and testing phases.
Egyptian Informatics Journal, 2021
SSRN Electronic Journal, 2021
Despite intensive efforts to prevent and control malicious human activities, they still pose grav... more Despite intensive efforts to prevent and control malicious human activities, they still pose grave risks and significant challenges in cyber-space. Malicious human activities are an evolving problem, especially with fast-growing technological advances. Sexual harassment or cyberbullying is considered an online malicious human activity that can easily affect legitimate users, governments, or other targets. The primary goal of this research is to propose an approach that could be utilized towards developing detection systems and enhance the classification of the different types of malicious human activities by using machine learning with different algorithms. Experiments showed that combining Term Frequency Inverse Document Frequency (TF-IDF) with machine learning achieved 81 % accuracy rate.
International Journal of Advanced Trends in Computer Science and Engineering, 2020
International Journal of Computer Applications, 2020
2020 15th International Conference for Internet Technology and Secured Transactions (ICITST), 2020
Distributed Denial of Service (DDoS) Attack poses a rising threat on cloud computing systems in w... more Distributed Denial of Service (DDoS) Attack poses a rising threat on cloud computing systems in which the attacker exploits machines from outside and inside the cloud system to initiate the attack against. To prevent DDoS attack, real-time analysis of the cloud network traffic is fundamental. Machine learning techniques are an effective solution to develop a robust Intrusion detection system in cloud computing systems. This paper proposed a machine learning framework, explores the possibility of utilizing a machine learning classifier to detect the DDoS attack on cloud computing systems; first by the full dimensions of the features, second by reducing these dimensions. Our framework is characterized by a high accurate rate in detecting emerging DDoS attacks, and its lightweight algorithm.
International Conference on Data Science, E-learning and Information Systems 2021
Botnets represent a major threat to Internet security that have continuously developed in scale a... more Botnets represent a major threat to Internet security that have continuously developed in scale and complexity. Command-and-control servers (C&C) send commands to bots that execute and perform these commands, thereby implementing attacks such as distributed denial-of-service (DDoS), spam campaigns, or the scanning of compromised hosts. The detection of volumetric attacks in large and complex networks requires an efficient mechanism. Botnet behavior should be analyzed in order to save the network from attack, and preventive measures should be implemented in time. Anomalous botnet tracking strategies are more efficient than signature-based ones, since botnet detection methods rely on anomalies and do not need pre-constructed botnet signatures, therefore they can detect new or unidentified botnets. We use Netflow and machine learning algorithms in this paper to also improve the detection process for intrusion detection algorithms with a novel dataset. We implemented a number of algorithms in our lightweight model to show that Random Forests get the highest accuracy for the algorithms used.
International Journal of Communication Networks and Information Security (IJCNIS)
Many approaches have been proposed using Electroencephalogram (EEG) to detect epilepsy seizures i... more Many approaches have been proposed using Electroencephalogram (EEG) to detect epilepsy seizures in their early stages. Epilepsy seizure is a severe neurological disease. Practitioners continue to rely on manual testing of EEG signals. Artificial intelligence (AI) and Machine Learning (ML) can effectively deal with this problem. ML can be used to classify EEG signals employing feature extraction techniques. This work focuses on automated detection for epilepsy seizures using ML techniques. Various algorithms are investigated, such as Bagging, Decision Tree (DT), Adaboost, Support vector machine (SVM), K-nearest neighbors(KNN), Artificial neural network(ANN), Naïve Bayes, and Random Forest (RF) to distinguish injected signals from normal ones with high accuracy. In this work, 54 Discrete wavelet transforms (DWTs) are used for feature extraction, and the similarity distance is applied to identify the most powerful features. The features are then selected to form the features matrix. T...
2020 15th International Conference for Internet Technology and Secured Transactions (ICITST)
As Android is one of the most popular and widely used open-source mobile platforms, the security ... more As Android is one of the most popular and widely used open-source mobile platforms, the security and privacy of Android apps are very critical, especially that over 6000 apps are added to the Google Play Store every day. This makes Android a prime target for malware. This paper proposes a modeling technique with experiments conducted using a dataset with about 10,000 benign and 10,000 malicious Android Application Packages (APK), in addition to other experiments that were conducted on the same dataset with a reduction in the number of benign files to be equal to 578 files. These files are analyzed using image classification techniques, where the whole APK file is converted into a grayscale image, and Convolutional Neural Networks (CNNs) with transfer-learning models are applied; to efficiently construct classification models for malware detection. Experiments have shown that the proposed technique has achieved favorable accuracy in the CNN model.
Domain Name System (DNS) is one of the earliest vulnerable network protocols with various securit... more Domain Name System (DNS) is one of the earliest vulnerable network protocols with various security gaps that have been exploited repeatedly over the last decades. DNS abuse is one of the most challenging threats for cybersecurity specialists. However, providing secure DNS is still a big challenging mission as attackers use complicated methodologies to inject malicious code in DNS inquiries. Many researchers have explored different machine learning (ML) techniques to encounter this challenge. However, there are still several challenges and barriers to utilizing ML. This paper introduces a systematic approach for identifying malicious and encrypted DNS queries by examining the network traffic and deriving statistical characteristics. Afterward, implementing several ML methods:
International Journal of Advanced Trends in Computer Science and Engineering
International Journal of Advanced Trends in Computer Science and Engineering
Fog Computing: Security Challenges and Countermeasures, 2020
Innovative technologies such as cloud computing systems provide global cooperative services for e... more Innovative technologies such as cloud computing systems provide global cooperative services for end users and medium-large companies. Fog computing extends cloud computing storage networking and computing capabilities to edge and backbone servers on the cloud for Internet of Things (IoT) devices, to optimize efficiency with low latency, location awareness, and geographical distribution applications. One of the considerable difficulties facing fog computing systems is security and privacy challenges. This survey reviews current fog computing system architectures, their features, security challenges associated with IoT devices, and existing countermeasures, in order to guide researchers to find comprehensive solutions to reduce the security risks related to fog computing systems. General Terms IoT security challenges and Countermeasures
Detecting Stealth-based Attacks in Large Campus Networks, 2020
Detecting and classifying new malicious network traffic is a high priority concern for cybersecur... more Detecting and classifying new malicious network traffic is a high priority concern for cybersecurity practitioners. New stealth or zero-day attack can make companies go out of businesses in the digital transformation era. Despite the plethora of studies that have explored different machine-learning (ML) techniques to address this issue, the most popular used approach remains traditional ML with legacy datasets and small campus network. The difficulty in data collection considers the biggest impediment of using ML. This paper examines the possibility of exposing zero-day malicious network traffic in large campus networks based on cloud environments by presenting a lightweight framework. An experiment was devised for the analysis. However, before that, the characteristics of the network were examined based on the flow level. The framework showed an outperformed accuracy rate of 100% for a specific type of attack and 97.97% as a comprehensive detection mechanism.
Detecting Phishing URLs using Machine Learning & Lexical Feature-ba sed Analysis, 2020
Phishing URLs is one of the greatest threats for cybersecurity professionals and practitioners. T... more Phishing URLs is one of the greatest threats for cybersecurity
professionals and practitioners. This requires hold hands
together, make great efforts, and use current technology to
help identifying Phishing URLs and control the spread of this
threat. Many researchers have investigated various machine
learning techniques to tackle this threat. However, there are
many difficulties and obstacles of using machine learning.
The proposed approach detects Phishing URLs through
analyzing URLs to extract lexical characteristics features.
Afterward, apply machine learning approach based on the
extracted features. The dataset was collected from different
sources, it includes four different attack scenarios:
Defacement, Spam, Phishing, Malware. However, in this
research, the focus was on Phishing URLs. The dataset was
used as an input for various machine learning and statistical
detection models“(RF: Random forest, DT: Decision Tree
Classifier, GNB Gaussian Naive Bayes, KNN: k-nearest
neighbour, Logistic regression, SVC: Support Vector
Classifier, QDA: Quadratic Discriminant Analysis,
Perceptron, SMOTE: Synthetic Minority Oversampling
Technique)”. These models were employed to predict
Phishing URLs based lexical characteristics features. The
result indicates a relatively good accuracy rate. The Random
forest (RF) model has produced the best accuracy (98%)
compared to the other detection models. As well as, the RF
has produced the best precision and recall (98%) respectively
Networks and the Internet are the backbones of the businesses in terms of sending and receiving d... more Networks and the Internet are the backbones of
the businesses in terms of sending and receiving data, as it saves
time, effort and cost. And using traffic analysis performance
issues can be optimized, network Forensics and spam can be
detected, network proofing with penetration Testing can be
done, policies can be formed to accommodate with using habits,
and integrated systems can be made sure they deliver the
data.Traffic analysis can also be used for malicious intents,
it can be used to monitors the contents of the transmitted data
like password, file names and communication parties, this paper
will discuss all of these things how the attacker can obtain the
traffic ,also will discuss some countermeasures to reduce this
risk
in the last few years we have been witnessing a tremendous growth in the new technologies, mobile... more in the last few years we have been witnessing a
tremendous growth in the new technologies, mobile applications, Machines and Tools. All of these technologies are involved
to produce a massive amount of data in short amount of
time. No matter what the infrastructure they use or what the
environment they running, as they will be still able to contact
and grow in fast rates. In this paper, we will focus on the main
concepts of Big Data, characteristics,life cycle, challenges & Big
Data Analysis also well will discuss limitations of old Big Data
Analysis methods and explain the new methods that use some
distributed techniques such as the Hadoop system, to overcome
deferent challenges
2021 International Congress of Advanced Technology and Engineering (ICOTEN)
Increasing water scarcity and rising demand throughout the Middle East and North Africa pose a ma... more Increasing water scarcity and rising demand throughout the Middle East and North Africa pose a major problem, and flood forecasting has been an open issue for a long time, attracting significant attention. Jordan seeks to use smart methods to solve the problem. Therefore, a real-world case study was conducted in Wadi al Wala for real-time rainfall forecasting and flood control, using 38 years of daily data from 13 rain gauge stations in the region. Different Machine Learning (ML) models were evaluated with various input information types to provide predictions in an almost real-time schedule. Preliminary tests showed that the decision tree (DT) and random forest (RF) techniques achieved the best generalized flood forecasting. In particular, the model was able to produce forecasts at any time, with the use of a mixture of meteorological parameters (relative humidity, air pressure, wet bulb temperature, and cloudiness), the precipitation at the forecasting point, and precipitation at the appropriate stations as input data, and the advanced ML model to be used with continuous data containing rainy and non-rainy cycles. Experiments showed the dominance of DT forecasts over those produced by the persistent model.
Karbala International Journal of Modern Science, 2021
The exponential rise in the number of malicious threats targeting computer networks and digital s... more The exponential rise in the number of malicious threats targeting computer networks and digital services puts network infrastructure in jeopardy. Domain name protocol attacks are one of the most pervasive network attacks posing a threat to networks, whereby attackers send harmful information to the network; this type of threat is identified as DNS tunneling. The DNS protocol has recently gained increased attention from cyber-attackers, targeting organizations with a web presence or reliance on e-commerce businesses. Cyber-attackers can subtly exploit the contents of encrypted DNS packets that are sent across covert network tunnels, which are difficult for firewalls and blacklist detection methods to detect. Therefore, efficient methods for detecting DNS intrusions in the network are required. Machine learning (ML), deep learning (DL), and computational intelligence models have proved to be increasingly effective in dealing with these cyber-attacks, especially when using an appropriate dataset. This paper proposes an intrusion detection model to detect malicious DNS over HTTPS (DoH) queries among network covert tunnels, using statistical analysis and Bi-directional Recurrent Neural Network (BRNN) techniques, based on the flow level of the network traffic. The proposed approach was tested and evaluated based on a realistic dataset called CIRA-CIC-DoHBrw-2020, provided by the Canadian Institute for Cybersecurity. Experiments have shown that the robustness of the model is strong, with a detection rate of 100%. Furthermore, the proposed model achieved high performance in terms of the accuracy rate in detecting malicious DoH queries, with low false-negative and false-positive rates. Furthermore, the number of features used is fewer than other approaches, making it perform faster in the training and testing phases.
Egyptian Informatics Journal, 2021
SSRN Electronic Journal, 2021
Despite intensive efforts to prevent and control malicious human activities, they still pose grav... more Despite intensive efforts to prevent and control malicious human activities, they still pose grave risks and significant challenges in cyber-space. Malicious human activities are an evolving problem, especially with fast-growing technological advances. Sexual harassment or cyberbullying is considered an online malicious human activity that can easily affect legitimate users, governments, or other targets. The primary goal of this research is to propose an approach that could be utilized towards developing detection systems and enhance the classification of the different types of malicious human activities by using machine learning with different algorithms. Experiments showed that combining Term Frequency Inverse Document Frequency (TF-IDF) with machine learning achieved 81 % accuracy rate.
International Journal of Advanced Trends in Computer Science and Engineering, 2020
International Journal of Computer Applications, 2020
2020 15th International Conference for Internet Technology and Secured Transactions (ICITST), 2020
Distributed Denial of Service (DDoS) Attack poses a rising threat on cloud computing systems in w... more Distributed Denial of Service (DDoS) Attack poses a rising threat on cloud computing systems in which the attacker exploits machines from outside and inside the cloud system to initiate the attack against. To prevent DDoS attack, real-time analysis of the cloud network traffic is fundamental. Machine learning techniques are an effective solution to develop a robust Intrusion detection system in cloud computing systems. This paper proposed a machine learning framework, explores the possibility of utilizing a machine learning classifier to detect the DDoS attack on cloud computing systems; first by the full dimensions of the features, second by reducing these dimensions. Our framework is characterized by a high accurate rate in detecting emerging DDoS attacks, and its lightweight algorithm.
International Conference on Data Science, E-learning and Information Systems 2021
Botnets represent a major threat to Internet security that have continuously developed in scale a... more Botnets represent a major threat to Internet security that have continuously developed in scale and complexity. Command-and-control servers (C&C) send commands to bots that execute and perform these commands, thereby implementing attacks such as distributed denial-of-service (DDoS), spam campaigns, or the scanning of compromised hosts. The detection of volumetric attacks in large and complex networks requires an efficient mechanism. Botnet behavior should be analyzed in order to save the network from attack, and preventive measures should be implemented in time. Anomalous botnet tracking strategies are more efficient than signature-based ones, since botnet detection methods rely on anomalies and do not need pre-constructed botnet signatures, therefore they can detect new or unidentified botnets. We use Netflow and machine learning algorithms in this paper to also improve the detection process for intrusion detection algorithms with a novel dataset. We implemented a number of algorithms in our lightweight model to show that Random Forests get the highest accuracy for the algorithms used.
International Journal of Communication Networks and Information Security (IJCNIS)
Many approaches have been proposed using Electroencephalogram (EEG) to detect epilepsy seizures i... more Many approaches have been proposed using Electroencephalogram (EEG) to detect epilepsy seizures in their early stages. Epilepsy seizure is a severe neurological disease. Practitioners continue to rely on manual testing of EEG signals. Artificial intelligence (AI) and Machine Learning (ML) can effectively deal with this problem. ML can be used to classify EEG signals employing feature extraction techniques. This work focuses on automated detection for epilepsy seizures using ML techniques. Various algorithms are investigated, such as Bagging, Decision Tree (DT), Adaboost, Support vector machine (SVM), K-nearest neighbors(KNN), Artificial neural network(ANN), Naïve Bayes, and Random Forest (RF) to distinguish injected signals from normal ones with high accuracy. In this work, 54 Discrete wavelet transforms (DWTs) are used for feature extraction, and the similarity distance is applied to identify the most powerful features. The features are then selected to form the features matrix. T...
2020 15th International Conference for Internet Technology and Secured Transactions (ICITST)
As Android is one of the most popular and widely used open-source mobile platforms, the security ... more As Android is one of the most popular and widely used open-source mobile platforms, the security and privacy of Android apps are very critical, especially that over 6000 apps are added to the Google Play Store every day. This makes Android a prime target for malware. This paper proposes a modeling technique with experiments conducted using a dataset with about 10,000 benign and 10,000 malicious Android Application Packages (APK), in addition to other experiments that were conducted on the same dataset with a reduction in the number of benign files to be equal to 578 files. These files are analyzed using image classification techniques, where the whole APK file is converted into a grayscale image, and Convolutional Neural Networks (CNNs) with transfer-learning models are applied; to efficiently construct classification models for malware detection. Experiments have shown that the proposed technique has achieved favorable accuracy in the CNN model.
Domain Name System (DNS) is one of the earliest vulnerable network protocols with various securit... more Domain Name System (DNS) is one of the earliest vulnerable network protocols with various security gaps that have been exploited repeatedly over the last decades. DNS abuse is one of the most challenging threats for cybersecurity specialists. However, providing secure DNS is still a big challenging mission as attackers use complicated methodologies to inject malicious code in DNS inquiries. Many researchers have explored different machine learning (ML) techniques to encounter this challenge. However, there are still several challenges and barriers to utilizing ML. This paper introduces a systematic approach for identifying malicious and encrypted DNS queries by examining the network traffic and deriving statistical characteristics. Afterward, implementing several ML methods:
International Journal of Advanced Trends in Computer Science and Engineering
International Journal of Advanced Trends in Computer Science and Engineering
Fog Computing: Security Challenges and Countermeasures, 2020
Innovative technologies such as cloud computing systems provide global cooperative services for e... more Innovative technologies such as cloud computing systems provide global cooperative services for end users and medium-large companies. Fog computing extends cloud computing storage networking and computing capabilities to edge and backbone servers on the cloud for Internet of Things (IoT) devices, to optimize efficiency with low latency, location awareness, and geographical distribution applications. One of the considerable difficulties facing fog computing systems is security and privacy challenges. This survey reviews current fog computing system architectures, their features, security challenges associated with IoT devices, and existing countermeasures, in order to guide researchers to find comprehensive solutions to reduce the security risks related to fog computing systems. General Terms IoT security challenges and Countermeasures
Detecting Stealth-based Attacks in Large Campus Networks, 2020
Detecting and classifying new malicious network traffic is a high priority concern for cybersecur... more Detecting and classifying new malicious network traffic is a high priority concern for cybersecurity practitioners. New stealth or zero-day attack can make companies go out of businesses in the digital transformation era. Despite the plethora of studies that have explored different machine-learning (ML) techniques to address this issue, the most popular used approach remains traditional ML with legacy datasets and small campus network. The difficulty in data collection considers the biggest impediment of using ML. This paper examines the possibility of exposing zero-day malicious network traffic in large campus networks based on cloud environments by presenting a lightweight framework. An experiment was devised for the analysis. However, before that, the characteristics of the network were examined based on the flow level. The framework showed an outperformed accuracy rate of 100% for a specific type of attack and 97.97% as a comprehensive detection mechanism.
Detecting Phishing URLs using Machine Learning & Lexical Feature-ba sed Analysis, 2020
Phishing URLs is one of the greatest threats for cybersecurity professionals and practitioners. T... more Phishing URLs is one of the greatest threats for cybersecurity
professionals and practitioners. This requires hold hands
together, make great efforts, and use current technology to
help identifying Phishing URLs and control the spread of this
threat. Many researchers have investigated various machine
learning techniques to tackle this threat. However, there are
many difficulties and obstacles of using machine learning.
The proposed approach detects Phishing URLs through
analyzing URLs to extract lexical characteristics features.
Afterward, apply machine learning approach based on the
extracted features. The dataset was collected from different
sources, it includes four different attack scenarios:
Defacement, Spam, Phishing, Malware. However, in this
research, the focus was on Phishing URLs. The dataset was
used as an input for various machine learning and statistical
detection models“(RF: Random forest, DT: Decision Tree
Classifier, GNB Gaussian Naive Bayes, KNN: k-nearest
neighbour, Logistic regression, SVC: Support Vector
Classifier, QDA: Quadratic Discriminant Analysis,
Perceptron, SMOTE: Synthetic Minority Oversampling
Technique)”. These models were employed to predict
Phishing URLs based lexical characteristics features. The
result indicates a relatively good accuracy rate. The Random
forest (RF) model has produced the best accuracy (98%)
compared to the other detection models. As well as, the RF
has produced the best precision and recall (98%) respectively
Networks and the Internet are the backbones of the businesses in terms of sending and receiving d... more Networks and the Internet are the backbones of
the businesses in terms of sending and receiving data, as it saves
time, effort and cost. And using traffic analysis performance
issues can be optimized, network Forensics and spam can be
detected, network proofing with penetration Testing can be
done, policies can be formed to accommodate with using habits,
and integrated systems can be made sure they deliver the
data.Traffic analysis can also be used for malicious intents,
it can be used to monitors the contents of the transmitted data
like password, file names and communication parties, this paper
will discuss all of these things how the attacker can obtain the
traffic ,also will discuss some countermeasures to reduce this
risk
in the last few years we have been witnessing a tremendous growth in the new technologies, mobile... more in the last few years we have been witnessing a
tremendous growth in the new technologies, mobile applications, Machines and Tools. All of these technologies are involved
to produce a massive amount of data in short amount of
time. No matter what the infrastructure they use or what the
environment they running, as they will be still able to contact
and grow in fast rates. In this paper, we will focus on the main
concepts of Big Data, characteristics,life cycle, challenges & Big
Data Analysis also well will discuss limitations of old Big Data
Analysis methods and explain the new methods that use some
distributed techniques such as the Hadoop system, to overcome
deferent challenges