Narmeen Z Bawany | National University of Computer and Emerging Sciences (original) (raw)

Papers by Narmeen Z Bawany

Research paper thumbnail of Network intrusion detection using oversampling technique and machine learning algorithms

PeerJ Computer Science, 2022

The expeditious growth of the World Wide Web and the rampant flow of network traffic have resulte... more The expeditious growth of the World Wide Web and the rampant flow of network traffic have resulted in a continuous increase of network security threats. Cyber attackers seek to exploit vulnerabilities in network architecture to steal valuable information or disrupt computer resources. Network Intrusion Detection System (NIDS) is used to effectively detect various attacks, thus providing timely protection to network resources from these attacks. To implement NIDS, a stream of supervised and unsupervised machine learning approaches is applied to detect irregularities in network traffic and to address network security issues. Such NIDSs are trained using various datasets that include attack traces. However, due to the advancement in modern-day attacks, these systems are unable to detect the emerging threats. Therefore, NIDS needs to be trained and developed with a modern comprehensive dataset which contains contemporary common and attack activities. This paper presents a framework in w...

Research paper thumbnail of A Comprehensive Course on Big Data for Undergraduate Students

2018 IEEE International Parallel and Distributed Processing Symposium Workshops (IPDPSW), 2018

Research paper thumbnail of Application Layer DDoS Attack Defense Framework for Smart City using SDN

Smart city brings enormous opportunities and exciting challenges. In a smart city, operations and... more Smart city brings enormous opportunities and exciting challenges. In a smart city, operations and services such as traffic, transport, electric power, and water distribution are monitored, operated, and controlled through ICT based infrastructure, smartly. This allows efficient management of resources and facilitates smooth access to services. However, it also induces stringent requirements and challenges for uninterrupted operation and execution of ICT-based monitoring and controlled infrastructure. Cybersecurity is one of the foremost challenges in a smart city network. That is, protecting the smart city application services from cyber-attacks and ensuring continuity of services is utmost desirable. As smart city services typically comprised of web based applications, application level distributed denial of service (AL-DDoS) attack is a major cybersecurity threat that can have catastrophic impact on an extremely critical smart city network. This paper presents an efficient framewo...

Research paper thumbnail of A Comparison of Machine Learning Techniques for Android Malware Detection Using Apache Spark

Wide-scale popularity of Android devices has necessitated the need of having effective means for ... more Wide-scale popularity of Android devices has necessitated the need of having effective means for detection of malicious applications. Machine learning based classification of android applications require training and testing on a large dataset. Motivated by these needs, we provide extensive evaluation of Android applications for classification to either benign or malware applications. Using a 17-node Apache Spark cluster, we utilized seven different machine learning classifiers and applied them on the SherLock dataset one of the largest available dataset for malware detection of Android applications. From the dataset of 83 attributes, we identified 29 suitable features of applications which are related in identifying a malware. Our analysis revealed that gradient boosted trees classification mechanism provides highest precision and accuracy and lowest false positive rate in detection of malware applications. We also applied our model to develop a real-time cloud based malware detect...

Research paper thumbnail of SEAL: SDN based secure and agile framework for protecting smart city applications from DDoS attacks

Journal of Network and Computer Applications, 2019

Research paper thumbnail of DDoS Attack Detection and Mitigation Using SDN: Methods, Practices, and Solutions

Arabian Journal for Science and Engineering, 2017

Research paper thumbnail of Smart City Architecture: Vision and Challenges

International Journal of Advanced Computer Science and Applications, 2015

Research paper thumbnail of Role of Agents in Providing Better Communication

Student Conference On Engineering, Sciences and Technology

Strong growth of both Internet and mobile communication leads to new promising mass-market end-us... more Strong growth of both Internet and mobile communication leads to new promising mass-market end-user applications. Telecommunications and computing industries are not only merging their main concepts, but working towards a similar goal, namely to have fully co-operative communication systems that help automate various everyday tasks or chores. Software agent technology provides benefit to both the network Manager and the end

Research paper thumbnail of Recent Trends in Green Computing

Innovations in Smart Cities Applications Volume 4, 2021

Research paper thumbnail of Common Biometric Authentication Techniques: Comparative Analysis, Usability and Possible Issues Evaluation

Common Biometric Authentication Techniques: Comparative Analysis, Usability and Possible Issues Evaluation, 2013

Although the usage of biometric devices has tremendously increased but still the traditional auth... more Although the usage of biometric devices has tremendously increased but still the traditional authentication techniques are still used by majority of average users. The concept behind biometric authentication technique is that users will not have to remember intricate passwords. Even if the people use biometric authentication mechanisms in their personal devices, they are still expected to remember the passwords and they are asked to input their passwords every now and then. This paper presents different biometric authentication techniques with reference to the past research work and focuses on common authentication techniques (fingerprint recognition, face recognition, pattern recognition, hand pointing device gesture recognition and passwords and personal identification numbers) that people use in their everyday life especially in their personal devices for instance laptops and cell phones. Furthermore, it presents the issues face by the users and what can be done to minimize the issues and increase the usability of biometric authentication techniques. The methods used to determine usability and security issues include experiments, questionnaires and interviews. Experiment session presents comparative analysis on how much time users from different age groups spend on enrolling biometrics and then authenticating with the provided sample. Body language of users and common errors are discussed. Survey session determines users' perceptions, preferences and evaluates authentication mechanisms using usability heuristics. The most important interview session with users determines users' expectations and needs as well as problems that they have faced using different authentication techniques under evaluation. In the end, authors conclude with feasible solutions of the problems discussed.

Research paper thumbnail of Mitigating Malware for Effective Utilization of Network Resources at ISPs

The effect of network-based malware can be massive on Internet Service Providers (ISPs). Maliciou... more The effect of network-based malware can be massive on Internet Service Providers (ISPs). Malicious users, that are among the ISP customers, can consume large amount of network bandwidth. This behavior could be overwhelmingly damaging as legitimate ISP users may experience performance degradation or complete denial of service. Subsequently, as network-based malware spreads out, number of malicious users increase, causing distributed denial of service (DDoS) attack. This paper proposes a novel idea of mitigating network-based malwares at ISP level. The proposed solution-ISPMonitor, monitors various traffic patterns to detect the timely onset of malware attack. It detects the attack and applies a mitigation mechanism to protect the ISP network. The ISPMonitor, is a DNS based solution that monitors the rate of DNS lookup requests. An anomaly based approach is used to detect malware. The proposed mechanism was investigated on a live wireless ISP with 80,000 customers spanned across three major cities of Pakistan. Results reveal that this approach was not only highly effective in detecting and mitigating the malicious traffic but also has improved network bandwidth utilization considerably.

Research paper thumbnail of Determination of Risk During Requirement Engineering Process

Software developments is an investment activity that depends on how each phase in SDLC performs i... more Software developments is an investment activity that depends on how each phase in SDLC performs its job. Each phase has some unseen defects that should be acknowledged and removed earlier with the intention that other phases are saved from their awful consequences. These defects are caused by ignorance of risks which are related to each phase. These risks are handle by Risk management that is considered during design phase. In this phase counter measurements are complex. Research illustrate that the cost of errors fixing increases 50 times as to fixing errors in requirement analysis phase. This paper suggests a framework in which risk management is executed within Requirement Engineering (RE) process. Three models of risk management are considered, these models identify risky functional requirements. These models are compared on the basis of risk identification methodologies. A new model is derived which is based on UML oriented approach for modeling and reasoning about risk during the requirements analysis process.

Research paper thumbnail of DDoS Attack Detection and Mitigation Using SDN: Methods, Practices, and Solutions

Arabian Journal for Science and Engineering - Springer, 2017

Distributed denial-of-service (DDoS) attacks have become a weapon of choice for hackers, cyber ex... more Distributed denial-of-service (DDoS) attacks have become a weapon of choice for hackers, cyber extor-tionists, and cyber terrorists. These attacks can swiftly incapacitate a victim, causing huge revenue losses. Despite the large number of traditional mitigation solutions that exists today, DDoS attacks continue to grow in frequency, volume , and severity. This calls for a new network paradigm to address the requirements of today's challenging security threats. Software-defined networking (SDN) is an emerging network paradigm which has gained significant traction by many researchers to address the requirement of today's data centers. Inspired by the capabilities of SDN, we present a comprehensive survey of existing SDN-based DDoS attack detection and mitigation solutions. We classify solutions based on DDoS attack detection techniques and identify requirements of an effective solution. Based on our findings, we propose a novel framework for detection and mitigation of DDoS attacks in a large-scale network which comprises a smart city built on SDN infrastructure. Our proposed framework is capable of meeting application-specific DDoS attack detection and mitigation requirements. The primary contribution of this paper is twofold. First, we provide an in-depth survey and discussion of SDN-based DDoS attack detection and mitigation mechanisms, and we classify them with respect to the detection techniques. Second, leveraging the characteristics of SDN for network security, we propose and present an SDN-based proactive DDoS Defense Framework (ProDefense). We show how this framework can be utilized to secure applications built for smart cities. Moreover, the paper highlights open research challenges, future research directions , and recommendations related to SDN-based DDoS detection and mitigation.

Research paper thumbnail of Smart City Architecture: Vision and Challenges

—The concept of smart city was born to provide improved quality of life to citizens. The key idea... more —The concept of smart city was born to provide improved quality of life to citizens. The key idea is to integrate information system services of each domain, such as health, education, transportation, power grid etc., of the city to provide public services to citizens efficiently and ubiquitously. These expectations induce massive challenges and requirements. This research is aimed to highlight key ICT (Information and Communication Technology) challenges related to adaptation of smart city. Realizing the significance of effective data collection, storage, retrieval, and efficient network resource provisioning, the research proposes a high level architecture for smart city. The proposed framework is based on a hierarchical model of data storage and defines how different stakeholders will be communicating and offering services to citizens. The architecture facilitates step by step implementation towards a smart city, integrating services, as they are developed in a timely manner.

Research paper thumbnail of Application Layer DDoS Attack Defense Framework for Smart City using SDN

Smart city brings enormous opportunities and exciting challenges. In a smart city, operations and... more Smart city brings enormous opportunities and exciting challenges. In a smart city, operations and services such as traffic, transport, electric power, and water distribution are monitored, operated, and controlled through ICT based infrastructure, smartly. This allows efficient management of resources and facilitates smooth access to services. However, it also induces stringent requirements and challenges for uninterrupted operation and execution of ICT-based monitoring and controlled infrastructure. Cybersecurity is one of the foremost challenges in a smart city network. That is, protecting the smart city application services from cyber-attacks and ensuring continuity of services is utmost desirable. As smart city services typically comprised of web based applications, application level distributed denial of service (AL-DDoS) attack is a major cybersecurity threat that can have catastrophic impact on an extremely critical smart city network. This paper presents an efficient framework for AL-DDoS attack detection and mitigation for a smart city network. The proposed framework utilizes Software Defined Networking (SDN) paradigm to implement resilient design that ensures continuity of smart city application services. The framework integrates a sound mechanism that distinguishes AL-DDoS attack from legitimate flash crowd. This is a novel framework that addresses the flash crowd attack detection and mitigation in a smart city environment using SDN.

Research paper thumbnail of Network intrusion detection using oversampling technique and machine learning algorithms

PeerJ Computer Science, 2022

The expeditious growth of the World Wide Web and the rampant flow of network traffic have resulte... more The expeditious growth of the World Wide Web and the rampant flow of network traffic have resulted in a continuous increase of network security threats. Cyber attackers seek to exploit vulnerabilities in network architecture to steal valuable information or disrupt computer resources. Network Intrusion Detection System (NIDS) is used to effectively detect various attacks, thus providing timely protection to network resources from these attacks. To implement NIDS, a stream of supervised and unsupervised machine learning approaches is applied to detect irregularities in network traffic and to address network security issues. Such NIDSs are trained using various datasets that include attack traces. However, due to the advancement in modern-day attacks, these systems are unable to detect the emerging threats. Therefore, NIDS needs to be trained and developed with a modern comprehensive dataset which contains contemporary common and attack activities. This paper presents a framework in w...

Research paper thumbnail of A Comprehensive Course on Big Data for Undergraduate Students

2018 IEEE International Parallel and Distributed Processing Symposium Workshops (IPDPSW), 2018

Research paper thumbnail of Application Layer DDoS Attack Defense Framework for Smart City using SDN

Smart city brings enormous opportunities and exciting challenges. In a smart city, operations and... more Smart city brings enormous opportunities and exciting challenges. In a smart city, operations and services such as traffic, transport, electric power, and water distribution are monitored, operated, and controlled through ICT based infrastructure, smartly. This allows efficient management of resources and facilitates smooth access to services. However, it also induces stringent requirements and challenges for uninterrupted operation and execution of ICT-based monitoring and controlled infrastructure. Cybersecurity is one of the foremost challenges in a smart city network. That is, protecting the smart city application services from cyber-attacks and ensuring continuity of services is utmost desirable. As smart city services typically comprised of web based applications, application level distributed denial of service (AL-DDoS) attack is a major cybersecurity threat that can have catastrophic impact on an extremely critical smart city network. This paper presents an efficient framewo...

Research paper thumbnail of A Comparison of Machine Learning Techniques for Android Malware Detection Using Apache Spark

Wide-scale popularity of Android devices has necessitated the need of having effective means for ... more Wide-scale popularity of Android devices has necessitated the need of having effective means for detection of malicious applications. Machine learning based classification of android applications require training and testing on a large dataset. Motivated by these needs, we provide extensive evaluation of Android applications for classification to either benign or malware applications. Using a 17-node Apache Spark cluster, we utilized seven different machine learning classifiers and applied them on the SherLock dataset one of the largest available dataset for malware detection of Android applications. From the dataset of 83 attributes, we identified 29 suitable features of applications which are related in identifying a malware. Our analysis revealed that gradient boosted trees classification mechanism provides highest precision and accuracy and lowest false positive rate in detection of malware applications. We also applied our model to develop a real-time cloud based malware detect...

Research paper thumbnail of SEAL: SDN based secure and agile framework for protecting smart city applications from DDoS attacks

Journal of Network and Computer Applications, 2019

Research paper thumbnail of DDoS Attack Detection and Mitigation Using SDN: Methods, Practices, and Solutions

Arabian Journal for Science and Engineering, 2017

Research paper thumbnail of Smart City Architecture: Vision and Challenges

International Journal of Advanced Computer Science and Applications, 2015

Research paper thumbnail of Role of Agents in Providing Better Communication

Student Conference On Engineering, Sciences and Technology

Strong growth of both Internet and mobile communication leads to new promising mass-market end-us... more Strong growth of both Internet and mobile communication leads to new promising mass-market end-user applications. Telecommunications and computing industries are not only merging their main concepts, but working towards a similar goal, namely to have fully co-operative communication systems that help automate various everyday tasks or chores. Software agent technology provides benefit to both the network Manager and the end

Research paper thumbnail of Recent Trends in Green Computing

Innovations in Smart Cities Applications Volume 4, 2021

Research paper thumbnail of Common Biometric Authentication Techniques: Comparative Analysis, Usability and Possible Issues Evaluation

Common Biometric Authentication Techniques: Comparative Analysis, Usability and Possible Issues Evaluation, 2013

Although the usage of biometric devices has tremendously increased but still the traditional auth... more Although the usage of biometric devices has tremendously increased but still the traditional authentication techniques are still used by majority of average users. The concept behind biometric authentication technique is that users will not have to remember intricate passwords. Even if the people use biometric authentication mechanisms in their personal devices, they are still expected to remember the passwords and they are asked to input their passwords every now and then. This paper presents different biometric authentication techniques with reference to the past research work and focuses on common authentication techniques (fingerprint recognition, face recognition, pattern recognition, hand pointing device gesture recognition and passwords and personal identification numbers) that people use in their everyday life especially in their personal devices for instance laptops and cell phones. Furthermore, it presents the issues face by the users and what can be done to minimize the issues and increase the usability of biometric authentication techniques. The methods used to determine usability and security issues include experiments, questionnaires and interviews. Experiment session presents comparative analysis on how much time users from different age groups spend on enrolling biometrics and then authenticating with the provided sample. Body language of users and common errors are discussed. Survey session determines users' perceptions, preferences and evaluates authentication mechanisms using usability heuristics. The most important interview session with users determines users' expectations and needs as well as problems that they have faced using different authentication techniques under evaluation. In the end, authors conclude with feasible solutions of the problems discussed.

Research paper thumbnail of Mitigating Malware for Effective Utilization of Network Resources at ISPs

The effect of network-based malware can be massive on Internet Service Providers (ISPs). Maliciou... more The effect of network-based malware can be massive on Internet Service Providers (ISPs). Malicious users, that are among the ISP customers, can consume large amount of network bandwidth. This behavior could be overwhelmingly damaging as legitimate ISP users may experience performance degradation or complete denial of service. Subsequently, as network-based malware spreads out, number of malicious users increase, causing distributed denial of service (DDoS) attack. This paper proposes a novel idea of mitigating network-based malwares at ISP level. The proposed solution-ISPMonitor, monitors various traffic patterns to detect the timely onset of malware attack. It detects the attack and applies a mitigation mechanism to protect the ISP network. The ISPMonitor, is a DNS based solution that monitors the rate of DNS lookup requests. An anomaly based approach is used to detect malware. The proposed mechanism was investigated on a live wireless ISP with 80,000 customers spanned across three major cities of Pakistan. Results reveal that this approach was not only highly effective in detecting and mitigating the malicious traffic but also has improved network bandwidth utilization considerably.

Research paper thumbnail of Determination of Risk During Requirement Engineering Process

Software developments is an investment activity that depends on how each phase in SDLC performs i... more Software developments is an investment activity that depends on how each phase in SDLC performs its job. Each phase has some unseen defects that should be acknowledged and removed earlier with the intention that other phases are saved from their awful consequences. These defects are caused by ignorance of risks which are related to each phase. These risks are handle by Risk management that is considered during design phase. In this phase counter measurements are complex. Research illustrate that the cost of errors fixing increases 50 times as to fixing errors in requirement analysis phase. This paper suggests a framework in which risk management is executed within Requirement Engineering (RE) process. Three models of risk management are considered, these models identify risky functional requirements. These models are compared on the basis of risk identification methodologies. A new model is derived which is based on UML oriented approach for modeling and reasoning about risk during the requirements analysis process.

Research paper thumbnail of DDoS Attack Detection and Mitigation Using SDN: Methods, Practices, and Solutions

Arabian Journal for Science and Engineering - Springer, 2017

Distributed denial-of-service (DDoS) attacks have become a weapon of choice for hackers, cyber ex... more Distributed denial-of-service (DDoS) attacks have become a weapon of choice for hackers, cyber extor-tionists, and cyber terrorists. These attacks can swiftly incapacitate a victim, causing huge revenue losses. Despite the large number of traditional mitigation solutions that exists today, DDoS attacks continue to grow in frequency, volume , and severity. This calls for a new network paradigm to address the requirements of today's challenging security threats. Software-defined networking (SDN) is an emerging network paradigm which has gained significant traction by many researchers to address the requirement of today's data centers. Inspired by the capabilities of SDN, we present a comprehensive survey of existing SDN-based DDoS attack detection and mitigation solutions. We classify solutions based on DDoS attack detection techniques and identify requirements of an effective solution. Based on our findings, we propose a novel framework for detection and mitigation of DDoS attacks in a large-scale network which comprises a smart city built on SDN infrastructure. Our proposed framework is capable of meeting application-specific DDoS attack detection and mitigation requirements. The primary contribution of this paper is twofold. First, we provide an in-depth survey and discussion of SDN-based DDoS attack detection and mitigation mechanisms, and we classify them with respect to the detection techniques. Second, leveraging the characteristics of SDN for network security, we propose and present an SDN-based proactive DDoS Defense Framework (ProDefense). We show how this framework can be utilized to secure applications built for smart cities. Moreover, the paper highlights open research challenges, future research directions , and recommendations related to SDN-based DDoS detection and mitigation.

Research paper thumbnail of Smart City Architecture: Vision and Challenges

—The concept of smart city was born to provide improved quality of life to citizens. The key idea... more —The concept of smart city was born to provide improved quality of life to citizens. The key idea is to integrate information system services of each domain, such as health, education, transportation, power grid etc., of the city to provide public services to citizens efficiently and ubiquitously. These expectations induce massive challenges and requirements. This research is aimed to highlight key ICT (Information and Communication Technology) challenges related to adaptation of smart city. Realizing the significance of effective data collection, storage, retrieval, and efficient network resource provisioning, the research proposes a high level architecture for smart city. The proposed framework is based on a hierarchical model of data storage and defines how different stakeholders will be communicating and offering services to citizens. The architecture facilitates step by step implementation towards a smart city, integrating services, as they are developed in a timely manner.

Research paper thumbnail of Application Layer DDoS Attack Defense Framework for Smart City using SDN

Smart city brings enormous opportunities and exciting challenges. In a smart city, operations and... more Smart city brings enormous opportunities and exciting challenges. In a smart city, operations and services such as traffic, transport, electric power, and water distribution are monitored, operated, and controlled through ICT based infrastructure, smartly. This allows efficient management of resources and facilitates smooth access to services. However, it also induces stringent requirements and challenges for uninterrupted operation and execution of ICT-based monitoring and controlled infrastructure. Cybersecurity is one of the foremost challenges in a smart city network. That is, protecting the smart city application services from cyber-attacks and ensuring continuity of services is utmost desirable. As smart city services typically comprised of web based applications, application level distributed denial of service (AL-DDoS) attack is a major cybersecurity threat that can have catastrophic impact on an extremely critical smart city network. This paper presents an efficient framework for AL-DDoS attack detection and mitigation for a smart city network. The proposed framework utilizes Software Defined Networking (SDN) paradigm to implement resilient design that ensures continuity of smart city application services. The framework integrates a sound mechanism that distinguishes AL-DDoS attack from legitimate flash crowd. This is a novel framework that addresses the flash crowd attack detection and mitigation in a smart city environment using SDN.