Shafiul Alam Khan | University of Dhaka, Bangladesh (original) (raw)

Papers by Shafiul Alam Khan

Research paper thumbnail of Pattern Finder – Efficient Framework for Sequential Pattern Mining

With the proliferation of Internet, discovery and analysis of useful information from the World W... more With the proliferation of Internet, discovery and analysis of useful information from the World Wide Web becomes a practical necessity. Web usage mining has become a fertile field of research for improving designs of web sites, analyzing system performance as well as network Communications, understanding user reaction, motivation and Building adaptive Web sites. An important application of sequential mining techniques is web usage mining, for mining web log accesses, where the sequences of web page accesses made by different web users over a period of time, through a server, are recorded. We propose a framework of sequential patter miningPattern Finder which uses a proposed algorithm r-WAP. WAP-tree algorithm then, mines the frequent sequences from the WAP-tree by recursively re-constructing intermediate trees, starting with suffix sequences and ending with prefix sequences. The proposed algorithm r-WAP can find access patterns from Web logs quite efficiently. We have also added dat...

Research paper thumbnail of Assessment of Factors Contributing to Adoption of Mobile Financial Services: A Perspective of Bangladesh ASSESSMENT OF FACTORS CONTRIBUTING TO ADOPTION OF MOBILE FINANCIAL SERVICES: A PERSPECTIVE OF BANGLADESH

Due to the unimaginable advancement and transformation in the mode of communications, traditional... more Due to the unimaginable advancement and transformation in the mode of communications, traditional payment methods are becoming obsolete and going to be replaced by mobile payment apps as a smart medium of choice for financial transactions among the people. The aim of this study is to assess the impact of drivers and inhibitors of adoption confirmation of mobile financial services (MFS) and its continuance intentions with positive brand attitude. The study was conducted taking of participants from different occupations and divisions of the country using Stratified Sampling method. Moreover, the study also examined the moderating role of income, rural-urban resident status, and use frequency of MFS to observe significant differences of the impacts in adoption confirmation and continuance intentions. Further, the relationship was tested with the mediated moderating effect of perceived risk of MFS. The study results revealed that MFS users' value perception, ease of use and reduced risk of MFS lead to customer satisfaction. However, users' risk perception negatively affects adoption confirmation of MFS. The results also show that the relationships are significantly different among respondent with different income group, rural-urban residence status, and low use frequency of MFS. However, the relationships are nullified with the mediated moderating effect of perceived risk of MFS. Future research can be done considering other dimensions of MFS such as-convenience, knowledge ability, compatibility, etc. alongside the framework under this study.

Research paper thumbnail of Improving security and privacy in current mobile systems

As has been widely discussed, the GSM system only offers unilateral authentication of the mobile ... more As has been widely discussed, the GSM system only offers unilateral authentication of the mobile phone to the network; this limitation permits a range of attacks. While adding support for mutual authentication would be highly beneficial, changing the way GSM serving networks operate is not practical. The 3G and 4G mobile systems rectify the GSM weakness by providing mutual authentication between phone and network, and significantly improve their security properties by comparison with 2G (GSM). However, significant shortcomings remain with respect to user privacy, most notably the decades-old privacy problem of disclosure of the permanent subscriber identity (IMSI), a problem arising in all generations of mobile networks and that makes IMSI catchers a real threat. Although a number of possible modifications to 2G, 3G and 4G protocols have been proposed designed to provide greater user privacy, they all require significant alterations to the existing deployed infrastructures, which ar...

Research paper thumbnail of Do Missing Link Community Smell Affect Developers Productivity: An Empirical Study

Missing link smell occurs when developers contribute to the same source code without communicatin... more Missing link smell occurs when developers contribute to the same source code without communicating with each other. Existing studies have analyzed the relationship of missing link smells with code smell and developer contribution. However, the productivity of developers involved in missing link smell has not been explored yet. This study investigates how productivity differs between smelly and non-smelly developers. For this purpose, the productivity of smelly and non-smelly developers of seven open-source projects are analyzed. The result shows that the developers not involved in missing link smell have more productivity than the developers involved in smells. The observed difference is also found statistically significant.

Research paper thumbnail of An Approach of Digital Image Copyright Protection by Using Watermarking Technology

Digital watermarking system is a paramount for safeguarding valuable resources and information. D... more Digital watermarking system is a paramount for safeguarding valuable resources and information. Digital watermarks are generally imperceptible to the human eye and ear. Digital watermark can be used in video, audio and digital images for a wide variety of applications such as copy prevention right management, authentication and filtering of internet content. The proposed system is able to protect copyright or owner identification of digital media, such as audio, image, video, or text. The system permutated the watermark and embed the permutated watermark into the wavelet coefficients of the original image by using a key. The key is randomly generated and used to select the locations in the wavelet domain in which to embed the permutated watermark. Finally, the system combines the concept of cryptography and digital watermarking techniques to implement a more secure digital watermarking system.

Research paper thumbnail of Trashing IMSI catchers in mobile networks

Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks

We address the decades-old privacy problem of disclosure of the permanent subscriber identity (IM... more We address the decades-old privacy problem of disclosure of the permanent subscriber identity (IMSI) that makes IMSI catchers a real threat to all generations of mobile networks. A number of possible modifications to existing protocols have been proposed to address the problem; however, most require significant changes to existing deployed infrastructures. We propose a novel authentication approach for 3G and 4G systems that does not affect intermediate entities, notably the serving network and mobile equipment. It prevents disclosure of the subscriber's IMSI by using a dynamic pseudo-IMSI that is only identifiable by the home network for the USIM. A major challenge in using dynamic pseudo-IMSIs is possible loss of identity synchronisation between USIM and home network, an issue that has not been adequately addressed in previous work. We present an approach for identity recovery to be used in the event of pseudo-IMSI desynchronisation. The scheme requires changes to the home network and the USIM, but not to the serving network, mobile phone or other internal network protocols, enabling simple, transparent and evolutionary migration. We provide a detailed analysis of the scheme, and verify its correctness and security properties using ProVerif. CCS CONCEPTS •Security and privacy → Mobile and wireless security;

Research paper thumbnail of Retrofitting Mutual Authentication to GSM Using RAND Hijacking

Lecture Notes in Computer Science, 2016

As has been widely discussed, the GSM mobile telephony system only offers unilateral authenticati... more As has been widely discussed, the GSM mobile telephony system only offers unilateral authentication of the mobile phone to the network; this limitation permits a range of attacks. While adding support for mutual authentication would be highly beneficial, changing the way GSM serving networks operate is not practical. This paper proposes a novel modification to the relationship between a Subscriber Identity Module (SIM) and its home network which allows mutual authentication without changing any of the existing mobile infrastructure, including the phones; the only necessary changes are to the authentication centres and the SIMs. This enhancement, which could be deployed piecemeal in a completely transparent way, not only addresses a number of serious vulnerabilities in GSM but is also the first proposal for enhancing GSM authentication that possesses such transparency properties.

Research paper thumbnail of Generating Unlinkable IPv6 Addresses

Lecture Notes in Computer Science, 2015

A number of approaches to the automatic generation of IPv6 addresses have been proposed with the ... more A number of approaches to the automatic generation of IPv6 addresses have been proposed with the goal of preserving the privacy of IPv6 hosts. However, existing schemes for address autoconfiguration do not adequately consider the full context in which they might be implemented, in particular the impact of low quality random number generation. This can have a fundamental impact on the privacy property of unlinkability, one of the design goals of a number of IPv6 address autoconfiguration schemes. In this paper, the potential shortcomings of previously proposed approaches to address autoconfiguration are analysed in detail, focussing on what happens when the assumption of strong randomness does not hold. Practical improvements are introduced, designed to address the identified issues by making the random generation requirements more explicit, and by incorporating measures into the schemes designed to ensure adequate randomness is used.

Research paper thumbnail of Improving Air Interface User Privacy in Mobile Telephony

Although the security properties of 3G and 4G mobile networks have significantly improved by comp... more Although the security properties of 3G and 4G mobile networks have significantly improved by comparison with 2G (GSM), significant shortcomings remain with respect to user privacy. A number of possible modifications to 2G, 3G and 4G protocols have been proposed designed to provide greater user privacy; however, they all require significant modifications to existing deployed infrastructures, which are almost certainly impractical to achieve in practice. In this article we propose an approach which does not require any changes to the existing deployed network infrastructures or mobile devices, but offers improved user identity protection over the air interface. The proposed scheme makes use of multiple IMSIs for an individual USIM to offer a degree of pseudonymity for a user. The only changes required are to the operation of the authentication centre in the home network and to the USIM, and the scheme could be deployed immediately since it is completely transparent to the existing mob...

Research paper thumbnail of An Approach of Digital Image Copyright Protection by Using Watermarking Technology

Digital watermarking system is a paramount for safeguarding valuable resources and information. D... more Digital watermarking system is a paramount for safeguarding valuable resources and information. Digital watermarks are generally imperceptible to the human eye and ear. Digital watermark can be used in video, audio and digital images for a wide variety of ...

Research paper thumbnail of A Reliable Semi-Distributed Load Balancing Architecture Of Heterogeneous Wireless Networks

International journal of Computer Networks & Communications, 2012

Now a day's Heterogeneous wireless network is a promising field of research interest. Various cha... more Now a day's Heterogeneous wireless network is a promising field of research interest. Various challenges exist in this hybrid combination like load balancing, resource management and so on. In this paper we introduce a reliable load balancing architecture for heterogeneous wireless communications to ensure certain level of quality of service. To conquer the problem of centralized and distributed design, a semidistributed load balancing architecture for multiple access networks is introduced. In this grid based design multiple Load and Mobile Agent Management Units is incorporated. To prove the compactness of the design, integrated reliability, signalling overhead and total processing time is calculated. And finally simulation result shows that overall system performance is improved by enhancing reliability, reducing signalling overhead and processing time.

Research paper thumbnail of Another Look at Privacy Threats in 3G Mobile Telephony

Lecture Notes in Computer Science, 2014

Arapinis et al. [1] have recently proposed modifications to the operation of 3G mobile phone secu... more Arapinis et al. [1] have recently proposed modifications to the operation of 3G mobile phone security in order to address newly identified threats to user privacy. In this paper we critically examine these modifications. This analysis reveals that the proposed modifications are impractical in a variety of ways; not only are there security and implementation issues, but the necessary changes to the operation of the system are very significant and much greater than is envisaged. In fact, some of the privacy issues appear almost impossible to address without a complete redesign of the security system. The shortcomings of the proposed 'fixes' exist despite the fact that the modifications have been verified using a logic-based modeling tool, suggesting that such tools need to be used with great care.

Research paper thumbnail of Relevance of Non Major Computer Courses at University of Dhaka

It is important to recognize the differing needs of computer literacy for developed and developin... more It is important to recognize the differing needs of computer literacy for developed and developing countries. Bangladesh, a developing country, is still behind in the use of information technology, but is rapidly catching up in issues such as e-government, e-health, e-commerce, and e-learning. The largest state university in Bangladesh, namely University of Dhaka, has already incorporated basic computer courses in different undergraduate programs. It is unfortunate that these courses are not, apparently, satisfactorily preparing graduates to perform well later on in their careers. The study was conducted to address this issue and to begin finding a solution to it. It has primarily focused on the current curriculum of the computer courses of biological science department of the University of Dhaka. It may be argued that the study can vouch for the entire undergraduate student population of the University of Dhaka. It was found that graduates need curriculum support to learn essential computing skills at the university. Faculty members should accept that their students may not openly admit their eagerness about the job market and industry conditions. However, both groups will benefit if courses on computers are introduced for students with major other than computers.

Research paper thumbnail of Software Development Standard and Software Engineering Practice: A Case Study of Bangladesh

Arxiv preprint arXiv: …, Jan 1, 2010

Improving software process to achieve high quality in a software development organization is the ... more Improving software process to achieve high quality in a software development organization is the key factor to success. Bangladeshi software firms have not experienced much in this particular area in comparison to other countries. The ISO 9001 and CMM standard has become a basic part of software development. The main objectives of our study are: 1) To understand the software development process uses by the software developer firms in Bangladesh 2) To identify the development practices based on established quality standard and 3) To establish a standardized and coherent process for the development of software for a specific project. It is revealed from this research that software industries of Bangladesh are lacking in target set for software process and improvement, involvement of quality control activities, and standardize business expertise practice. This paper investigates the Bangladeshi software industry in the light of the above challenges.

Research paper thumbnail of Pattern Finder – Efficient Framework for Sequential Pattern Mining

With the proliferation of Internet, discovery and analysis of useful information from the World W... more With the proliferation of Internet, discovery and analysis of useful information from the World Wide Web becomes a practical necessity. Web usage mining has become a fertile field of research for improving designs of web sites, analyzing system performance as well as network Communications, understanding user reaction, motivation and Building adaptive Web sites. An important application of sequential mining techniques is web usage mining, for mining web log accesses, where the sequences of web page accesses made by different web users over a period of time, through a server, are recorded. We propose a framework of sequential patter miningPattern Finder which uses a proposed algorithm r-WAP. WAP-tree algorithm then, mines the frequent sequences from the WAP-tree by recursively re-constructing intermediate trees, starting with suffix sequences and ending with prefix sequences. The proposed algorithm r-WAP can find access patterns from Web logs quite efficiently. We have also added dat...

Research paper thumbnail of Assessment of Factors Contributing to Adoption of Mobile Financial Services: A Perspective of Bangladesh ASSESSMENT OF FACTORS CONTRIBUTING TO ADOPTION OF MOBILE FINANCIAL SERVICES: A PERSPECTIVE OF BANGLADESH

Due to the unimaginable advancement and transformation in the mode of communications, traditional... more Due to the unimaginable advancement and transformation in the mode of communications, traditional payment methods are becoming obsolete and going to be replaced by mobile payment apps as a smart medium of choice for financial transactions among the people. The aim of this study is to assess the impact of drivers and inhibitors of adoption confirmation of mobile financial services (MFS) and its continuance intentions with positive brand attitude. The study was conducted taking of participants from different occupations and divisions of the country using Stratified Sampling method. Moreover, the study also examined the moderating role of income, rural-urban resident status, and use frequency of MFS to observe significant differences of the impacts in adoption confirmation and continuance intentions. Further, the relationship was tested with the mediated moderating effect of perceived risk of MFS. The study results revealed that MFS users' value perception, ease of use and reduced risk of MFS lead to customer satisfaction. However, users' risk perception negatively affects adoption confirmation of MFS. The results also show that the relationships are significantly different among respondent with different income group, rural-urban residence status, and low use frequency of MFS. However, the relationships are nullified with the mediated moderating effect of perceived risk of MFS. Future research can be done considering other dimensions of MFS such as-convenience, knowledge ability, compatibility, etc. alongside the framework under this study.

Research paper thumbnail of Improving security and privacy in current mobile systems

As has been widely discussed, the GSM system only offers unilateral authentication of the mobile ... more As has been widely discussed, the GSM system only offers unilateral authentication of the mobile phone to the network; this limitation permits a range of attacks. While adding support for mutual authentication would be highly beneficial, changing the way GSM serving networks operate is not practical. The 3G and 4G mobile systems rectify the GSM weakness by providing mutual authentication between phone and network, and significantly improve their security properties by comparison with 2G (GSM). However, significant shortcomings remain with respect to user privacy, most notably the decades-old privacy problem of disclosure of the permanent subscriber identity (IMSI), a problem arising in all generations of mobile networks and that makes IMSI catchers a real threat. Although a number of possible modifications to 2G, 3G and 4G protocols have been proposed designed to provide greater user privacy, they all require significant alterations to the existing deployed infrastructures, which ar...

Research paper thumbnail of Do Missing Link Community Smell Affect Developers Productivity: An Empirical Study

Missing link smell occurs when developers contribute to the same source code without communicatin... more Missing link smell occurs when developers contribute to the same source code without communicating with each other. Existing studies have analyzed the relationship of missing link smells with code smell and developer contribution. However, the productivity of developers involved in missing link smell has not been explored yet. This study investigates how productivity differs between smelly and non-smelly developers. For this purpose, the productivity of smelly and non-smelly developers of seven open-source projects are analyzed. The result shows that the developers not involved in missing link smell have more productivity than the developers involved in smells. The observed difference is also found statistically significant.

Research paper thumbnail of An Approach of Digital Image Copyright Protection by Using Watermarking Technology

Digital watermarking system is a paramount for safeguarding valuable resources and information. D... more Digital watermarking system is a paramount for safeguarding valuable resources and information. Digital watermarks are generally imperceptible to the human eye and ear. Digital watermark can be used in video, audio and digital images for a wide variety of applications such as copy prevention right management, authentication and filtering of internet content. The proposed system is able to protect copyright or owner identification of digital media, such as audio, image, video, or text. The system permutated the watermark and embed the permutated watermark into the wavelet coefficients of the original image by using a key. The key is randomly generated and used to select the locations in the wavelet domain in which to embed the permutated watermark. Finally, the system combines the concept of cryptography and digital watermarking techniques to implement a more secure digital watermarking system.

Research paper thumbnail of Trashing IMSI catchers in mobile networks

Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks

We address the decades-old privacy problem of disclosure of the permanent subscriber identity (IM... more We address the decades-old privacy problem of disclosure of the permanent subscriber identity (IMSI) that makes IMSI catchers a real threat to all generations of mobile networks. A number of possible modifications to existing protocols have been proposed to address the problem; however, most require significant changes to existing deployed infrastructures. We propose a novel authentication approach for 3G and 4G systems that does not affect intermediate entities, notably the serving network and mobile equipment. It prevents disclosure of the subscriber's IMSI by using a dynamic pseudo-IMSI that is only identifiable by the home network for the USIM. A major challenge in using dynamic pseudo-IMSIs is possible loss of identity synchronisation between USIM and home network, an issue that has not been adequately addressed in previous work. We present an approach for identity recovery to be used in the event of pseudo-IMSI desynchronisation. The scheme requires changes to the home network and the USIM, but not to the serving network, mobile phone or other internal network protocols, enabling simple, transparent and evolutionary migration. We provide a detailed analysis of the scheme, and verify its correctness and security properties using ProVerif. CCS CONCEPTS •Security and privacy → Mobile and wireless security;

Research paper thumbnail of Retrofitting Mutual Authentication to GSM Using RAND Hijacking

Lecture Notes in Computer Science, 2016

As has been widely discussed, the GSM mobile telephony system only offers unilateral authenticati... more As has been widely discussed, the GSM mobile telephony system only offers unilateral authentication of the mobile phone to the network; this limitation permits a range of attacks. While adding support for mutual authentication would be highly beneficial, changing the way GSM serving networks operate is not practical. This paper proposes a novel modification to the relationship between a Subscriber Identity Module (SIM) and its home network which allows mutual authentication without changing any of the existing mobile infrastructure, including the phones; the only necessary changes are to the authentication centres and the SIMs. This enhancement, which could be deployed piecemeal in a completely transparent way, not only addresses a number of serious vulnerabilities in GSM but is also the first proposal for enhancing GSM authentication that possesses such transparency properties.

Research paper thumbnail of Generating Unlinkable IPv6 Addresses

Lecture Notes in Computer Science, 2015

A number of approaches to the automatic generation of IPv6 addresses have been proposed with the ... more A number of approaches to the automatic generation of IPv6 addresses have been proposed with the goal of preserving the privacy of IPv6 hosts. However, existing schemes for address autoconfiguration do not adequately consider the full context in which they might be implemented, in particular the impact of low quality random number generation. This can have a fundamental impact on the privacy property of unlinkability, one of the design goals of a number of IPv6 address autoconfiguration schemes. In this paper, the potential shortcomings of previously proposed approaches to address autoconfiguration are analysed in detail, focussing on what happens when the assumption of strong randomness does not hold. Practical improvements are introduced, designed to address the identified issues by making the random generation requirements more explicit, and by incorporating measures into the schemes designed to ensure adequate randomness is used.

Research paper thumbnail of Improving Air Interface User Privacy in Mobile Telephony

Although the security properties of 3G and 4G mobile networks have significantly improved by comp... more Although the security properties of 3G and 4G mobile networks have significantly improved by comparison with 2G (GSM), significant shortcomings remain with respect to user privacy. A number of possible modifications to 2G, 3G and 4G protocols have been proposed designed to provide greater user privacy; however, they all require significant modifications to existing deployed infrastructures, which are almost certainly impractical to achieve in practice. In this article we propose an approach which does not require any changes to the existing deployed network infrastructures or mobile devices, but offers improved user identity protection over the air interface. The proposed scheme makes use of multiple IMSIs for an individual USIM to offer a degree of pseudonymity for a user. The only changes required are to the operation of the authentication centre in the home network and to the USIM, and the scheme could be deployed immediately since it is completely transparent to the existing mob...

Research paper thumbnail of An Approach of Digital Image Copyright Protection by Using Watermarking Technology

Digital watermarking system is a paramount for safeguarding valuable resources and information. D... more Digital watermarking system is a paramount for safeguarding valuable resources and information. Digital watermarks are generally imperceptible to the human eye and ear. Digital watermark can be used in video, audio and digital images for a wide variety of ...

Research paper thumbnail of A Reliable Semi-Distributed Load Balancing Architecture Of Heterogeneous Wireless Networks

International journal of Computer Networks & Communications, 2012

Now a day's Heterogeneous wireless network is a promising field of research interest. Various cha... more Now a day's Heterogeneous wireless network is a promising field of research interest. Various challenges exist in this hybrid combination like load balancing, resource management and so on. In this paper we introduce a reliable load balancing architecture for heterogeneous wireless communications to ensure certain level of quality of service. To conquer the problem of centralized and distributed design, a semidistributed load balancing architecture for multiple access networks is introduced. In this grid based design multiple Load and Mobile Agent Management Units is incorporated. To prove the compactness of the design, integrated reliability, signalling overhead and total processing time is calculated. And finally simulation result shows that overall system performance is improved by enhancing reliability, reducing signalling overhead and processing time.

Research paper thumbnail of Another Look at Privacy Threats in 3G Mobile Telephony

Lecture Notes in Computer Science, 2014

Arapinis et al. [1] have recently proposed modifications to the operation of 3G mobile phone secu... more Arapinis et al. [1] have recently proposed modifications to the operation of 3G mobile phone security in order to address newly identified threats to user privacy. In this paper we critically examine these modifications. This analysis reveals that the proposed modifications are impractical in a variety of ways; not only are there security and implementation issues, but the necessary changes to the operation of the system are very significant and much greater than is envisaged. In fact, some of the privacy issues appear almost impossible to address without a complete redesign of the security system. The shortcomings of the proposed 'fixes' exist despite the fact that the modifications have been verified using a logic-based modeling tool, suggesting that such tools need to be used with great care.

Research paper thumbnail of Relevance of Non Major Computer Courses at University of Dhaka

It is important to recognize the differing needs of computer literacy for developed and developin... more It is important to recognize the differing needs of computer literacy for developed and developing countries. Bangladesh, a developing country, is still behind in the use of information technology, but is rapidly catching up in issues such as e-government, e-health, e-commerce, and e-learning. The largest state university in Bangladesh, namely University of Dhaka, has already incorporated basic computer courses in different undergraduate programs. It is unfortunate that these courses are not, apparently, satisfactorily preparing graduates to perform well later on in their careers. The study was conducted to address this issue and to begin finding a solution to it. It has primarily focused on the current curriculum of the computer courses of biological science department of the University of Dhaka. It may be argued that the study can vouch for the entire undergraduate student population of the University of Dhaka. It was found that graduates need curriculum support to learn essential computing skills at the university. Faculty members should accept that their students may not openly admit their eagerness about the job market and industry conditions. However, both groups will benefit if courses on computers are introduced for students with major other than computers.

Research paper thumbnail of Software Development Standard and Software Engineering Practice: A Case Study of Bangladesh

Arxiv preprint arXiv: …, Jan 1, 2010

Improving software process to achieve high quality in a software development organization is the ... more Improving software process to achieve high quality in a software development organization is the key factor to success. Bangladeshi software firms have not experienced much in this particular area in comparison to other countries. The ISO 9001 and CMM standard has become a basic part of software development. The main objectives of our study are: 1) To understand the software development process uses by the software developer firms in Bangladesh 2) To identify the development practices based on established quality standard and 3) To establish a standardized and coherent process for the development of software for a specific project. It is revealed from this research that software industries of Bangladesh are lacking in target set for software process and improvement, involvement of quality control activities, and standardize business expertise practice. This paper investigates the Bangladeshi software industry in the light of the above challenges.