Professional Services

News

Biography

Ehab Al-Shaer is an Associate Professor and the Director of the AssurableNet Research Center (ARC) in the School of Computing, College of Computing and Digital Media at DePaul University. His primary research areas are network security, distributed monitoring, fault diagnosis, and multimedia transport protocols. Prof. Al-Shaer edited/co-edited more than 10 books and book chapters, and published more than 80 refereed journals and conferences papers in his area. He has been a Co-Editor of number of books, Guest Editor for number of journals, invited speaker, tutorial presenter and panelist in many conferences and industrial seminars. Prof. Al-Shaer is the General Chair of ACM Computer and Communication 2009-2010 and NSF Workshop in Assurable and Usable Security Configuration, August 2008. He served as a member in the technical program and organization committees for many IEEE and ACM conferences including INFOCOM, ICNP, IM, NOMS, ICDCS, CCNC, GLOBECOM, ICC, MMNS DSOM, and E2EMON. He was awarded the Best Paper Awards at the IEEE IM 2003 and POLICY 2008, and received a NASA fellowship in 1997. Prof. Al-Shaer also received funding awards from NSF, Cisco, Intel, Sun Microsystems, Aprisma.

Education

Courses I teach

Research

Network Security

  • Btonet Detection
  • Collaborative defense
  • Collaborative defense
  • Covert channels: design and detection
  • Filtering load balancing
  • Filtering optimization
  • Network scanning: theory and detection
  • Security metrics
  • Traffic visualization

Policy Management

  • Configuration optimization
  • Context-aware adaptive security policies
  • Firewall Policy Verfication and Editing
  • High-level security policy languages
  • Policy visualization
  • QoS configuration verification and analysis
  • Security configuration evaluation
  • Verification and management of RBAC systems
  • Verification of Security Access Control
  • VPN policy management

Network Management

  • Bandwidth management
  • Distibuted event correlation
  • End-to-end loss modeling and prediction
  • Fault/problem Diagnosis
  • Large-scale monitoring
  • Quality of service monitoring

Quality of Service

  • Interactive distrance learning
  • On-line audio assessmnet
  • On-line video quality assessment
  • Proactive real-time multimedia protocols
  • Quality of service monitoring

Projects

newConfigChecker: End-to-end Verification of Global Network Security Policies

This project investigates a theoretical and practical study of the impact of policies on network security and performance. One of the biggest difficulties with configuring network security devices is that each device has a local policy, but each device must cooperate with other devices in the network to provide global behavior. This situation cries out for a framework in which end-to-end security properties can be specified and verified. Ideally, such a framework would enable the discovery of policy inconsistencies and of security violations, and assist to correct the problems as well. In the first part of this proposal, we present such a framework, where we propose a unified policy representation (UPR) based on Binary Decision Diagrams (BDD) to model the policies of various network security devices. The individual models are combined to provide an overall model (Global Policy Representation or GPR) of the network as a whole. The GPR is then used to perform a general policy consistency check. In addition, our framework includes a formal language to specify higher level end-to-end properties that the network should satisfy. The global model of the network can then be checked automatically to see if it satisfies the desired properties. If the model fails to satisfy the requirements, a counter-example can be generated that demonstrates the failure.

Sponsor(s): National Science Foundation

Team Members

  • Ehab Al-Shaer (PI)
  • Will Marrero (Co-PI)
  • Adel El-Atawy
  • Khalid Elbadawi
  • Mohammed Ashraf Khan
  • Sk. Kajal Imon

Resources

newAdaptive Firewall Policy Optimization based on Dynamic Traffic Statistics

Existing research on filtering optimization focuses on worst-case algorithmic optimization techniques of the accepted traffic. We are one of the first to explore and advocate filtering optimization based on traffic properties for both accept and reject path. We proposed a novel traffic-aware optimization technique that uses information theory to characterize traffic trends and dynamically change filtering rules structure to achieve minimum matching cost. We explore and evaluate various techniques in this direction based on Rule-ordering, Alphabetic tress, Huffman trees and BDD segments. Our evaluation shows significant performance increase for the average case and improves the robustness of security devices against denial of service attacks.

Sponsor(s): National Science Foundation

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • Will Marrero (Co-PI)
  • Adel El-Atawy
  • Hazem Hamed
  • Taghrid Samak

Resources

newEarly Packet Rejection in Firewall Filtering

The policy representation has a significant impact on the performance of network devices. An increase in the number of policy rules causes a significant increase in filtering overhead as well as in traffic latency, particularly if the majority of incoming traffic is rejected by the last default rule. This project is to investigate and develop real-time policy optimization and adaptation algorithms for firewalls to reject traffic discarded by default-deny rule as early as possible without impacting the performance of the accepted traffic. This is used as a counter-measure for launching DOS attacks on firewalls by targeting default-deny rule with high traffic volume. None of the previous work has addressed this problem.

Sponsor(s): National Science Foundation

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • Adel El-Atawy
  • Hazem Hamed
  • Taghrid Samak

Resources

newFirewall Policy Testing

Firewalls implementation might have bugs causing serious network vulnerability problems. On the other hand, manual or human-driven testing techniques are proven to be insufficient because it provides a limited coverage of the testing space, and it requires long time and high labor overhead. Using a random selection scheme implies exponential growth in number of testing scenarios and extremely long testing period. In this project, we developed a framework for testing security policy enforcement using a “smart” selection of test scenarios (random policy configuration) and test cases (random packet/traffic generation) to conduct an efficient testing for IOS and PIX firewall devices.

Sponsor(s): National Science Foundation, Cisco Systems

Related publications

  • Ehab Al-Shaer, Adel El-Atawy and Taghrid Samak , Automated Pseudo-live Testing of Firewall Configuration Enforcement , IEEE Journal on Selected Areas in Communications, October 2008, To Appear
  • Adel El-Atawy, Taghrid Samak , Ehab Al-Shaer, Zein Wali, Sheng Li, Frank Lin and Christopher Pham, An Automated Framework for Validating Firewall Policy Enforcement, In Proceedings of IEEE Workshop on Policies for Distributed Systems and Networks (POLICY'07), Bologna, Italy, June 2007
  • Adel El-Atawy, Khaled Ibrahim, Hazem Hamed and Ehab Al-Shaer, Policy Segmentation for Intelligent Firewall Testing, 1st Workshop on Secure Network Protocols (NPSec 2005), November 2005

Team Members

  • Ehab Al-Shaer (PI)
  • Adel El-Atawy
  • Bin Zhang
  • Khalid Elbadawi
  • Mohammed Ashraf Khan
  • Taghrid Samak

Resources

newSecurity Metrics and Policy Evaluation

Evaluation of network security is an essential step in securing any network. This evaluation can help security professionals in making optimal decisions about how to design security countermeasures, to choose between alternative security architectures, and to systematically modify security configurations in order to improve security. However, the security of a network depends on a number of dynamically changing factors such as emergence of new vulnerabilities and threats, policy structure and network traffic. Identifying, quantifying and validating these factors using security metrics is a major challenge in this area. In this project, we investigate a comprehensive security metric framework that identifies and quantifies objectively the most significant security risk factors, which include existing and future vulnerabilities based on historical trends, security configuration immunity to attack occurrence and propagation, and traffic trends that characterize the insider and outsider user behavior.

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • Bin Zhang
  • Latif Khan
  • Mohamed Salim
  • Sk. Kajal Imon
  • Yongning Tang

newSPAM Botnet Detection

Team Members

  • Ehab Al-Shaer (PI)
  • Khalid Elbadawi
  • Kyle Smith

newHigh-level Declarative Languages for Network Access Control Policies

Due to interaction of domains, services and devices in a network, defining firewall rule configuration for enterprise networks is a very complex task. The goal of this project is to provide high level languages to enable administrators to specify high-level security goals that can then be realized and translated into low level device configuration. Our work here is applied on Firewall but the ultimate goal is to extend to all network security devices.

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • Bin Zhang

newPolicyVis: Security Policy Visualization

With large number of network security devices and policy rules, network security policies are complex understand and manage. The purpose of this project is to enable administrator to inspect security policy visually and identify misconfigurations in a a distributed network environment.

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • John McDonald (Co-PI)
  • Raouf Boutaba (Co-PI)
  • Shimeng Feng
  • Tung Tran

newNext-generation Network Scanning & Reconnaissance: Attacks and Counter-measure

We explore new reconnaissance attack techniques to remotely scan security configuration in stealthy manner. Our implemented tool, FireCracker, scans firewall and discovers filtering polices accurately using intelligent and non-intensive probes. Thus the adversary not only discovers more sensitive network information but also navigate the network services silently.

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • Adel El-Atawy
  • Taghrid Samak

newReasoning About the Uncertainty in Fault Diagnosis

Fault diagnosis is a core service in any network management system. Many active and passive fault reasoning techniques were proposed in the literature. However, due to the occurrence of lost and spurious symptoms only integration of both techniques can obtain optimal fault reasoning. In addition, the lack of network level information (symptoms) and knowledge (prior fault probability) like the case in overlay networks and the variation of user observations pose new challenges in fault diagnosis in overlay networks.

In this project, we investigate new models to incorporate optimal action selection into the fault reasoning process to minimize the latency of fault diagnosis. We also investigate new diagnose faults techniques based on users’ belief that does not require any underlying network fault probabilistic quantifications (e.g. prior fault probability).

Related publications

  • Ehab Al-Shaer and Yan Chen , Integrating Fault and Security Management , Information Assurance: Survivability and Security in Networked Systems , ELSEVIER, Inc , Edited by David Tipper, Prashant Krishnamurthy, Yi Qian, James B. D. Joshi, Morgan Kaufmann , October 2008
  • Yongning Tang, Ehab Al-Shaer and Raouf Boutaba, Efficient Fault Diagnosis Using Incremental Alarm Correlation and Active Investigation for Internet and Overlay Networks, IEEE Transactions on Network and Service Management , June 2008
  • Yongning Tang, Ehab Al-Shaer and Raouf Boutaba, Active Integrated Fault Localization in Communication Networks, IEEE/IFIP Integrated Network Management (IM'2005), May 2005

Team Members

  • Ehab Al-Shaer (PI)
  • Yongning Tang

newProactive Error and Rate Control for IPTV

Team Members

  • Ehab Al-Shaer (PI)
  • Lopamudra Roychoudhuri

Firewall Policy Advisor: Conflicts Analysis, Rule Editing and Translation

Although Firewall is basic network premiers, their policy configuration remains a complex and error-prone task. The existence of large number of rules and firewalls, and the rule-ordering semantic actions makes manual firewall management not only incompressible but also vulnerable to misconfiguration.
In this project, we model the relation between firewall rules using set-theoretic operations and present develop a comprehensive framework to classify and identify conflicts that could exist in a single Firewall device (intra-policy conflicts) or between different Firewall devices (inter-policy conflicts) in enterprise networks. We also developed conflict-free algorithms to edit/modify firewall polices in a distributed network environment. We also show how rules can be aggregated to create a compressed format suitable for translation to high-level description.

Sponsor(s): National Science Foundation, Cisco Systems

Related publications

  • Korosh Golnabi, Richard Min, Latif Khan and Ehab Al-Shaer, Analysis of Firewall Policy Rule Using Data Mining Techniques, 10th IEEE/IFIP Network Operations and Management Symposium (NOMS 2006), April 2006
  • Ehab Al-Shaer and Hazem Hamed, Taxonomy of Conflicts in Network Security Policies, IEEE Communications Magazine , Issue: 3 , Volume: 44 , Pages: 134 - 141 , March 2006
  • Hazem Hamed, Ehab Al-Shaer and Will Marrero, Modeling and Verification of IPSec and VPN Security Policies, IEEE ICNP'2005, November 2005, (Acceptance rate 17%)
  • Ehab Al-Shaer, Hazem Hamed, Raouf Boutaba and Masum Hasan, Conflict Classification and Analysis of Distributed Firewall Policies, IEEE Journal on Selected Areas in Communications, Issue: 10, Volume: 23, Pages: 2069 - 2084, October 2005
  • Ehab Al-Shaer and Hazem Hamed, Modeling and Management of Firewall Policies, IEEE Transactions on Network and Service Management, Volume: 1-1, April 2004
  • Ehab Al-Shaer and Hazem Hamed, Management and Translation of Filtering Security Polices, IEEE ICC’03, May 2003
  • Ehab Al-Shaer and Hazem Hamed, Firewall Policy Advisor for Anomaly Detection and Rule Editing, IEEE/IFIP Integrated Network Management IM'2003, March 2003, BEST PAPER AWARD (acceptance rate 24%)

Team Members

  • Ehab Al-Shaer (PI)
  • Hazem Hamed

Resources

IPSec Policy Modeling and Verification

Although IPSec are basic network premiers, their policy configuration remains a complex and error-prone task. The complex semantics in IPSec policies that allows for triggering multiple rule actions increases significantly the potential of policy misconfiguration and insecure communication.
In this project, we present a generic model that captures various filtering policy semantics using Boolean expressions. We use this model to derive a canonical representation for IPSec policies using Ordered Binary Decision Diagrams. Based on this representation, we develop a comprehensive framework to classify and identify conflicts that could exist in a single IPSec device (intra-policy conflicts) or between different IPSec devices (inter-policy conflicts) in enterprise networks. Our testing and evaluation study on different network environments demonstrates the effectiveness and efficiency of our approach.

Sponsor(s): Intel Corperation

Related publications

  • Hazem Hamed, Ehab Al-Shaer and Will Marrero, Modeling and Verification of IPSec and VPN Security Policies, IEEE ICNP'2005, November 2005, (Acceptance rate 17%)

Team Members

  • Ehab Al-Shaer (PI)
  • Will Marrero (Co-PI)
  • Hazem Hamed

Real-Time Audio Quality Assessment

Related publications

  • Lopamudra Roychoudhuri and Ehab Al-Shaer, Statistical Measurement Approach for On-line Audio Quality Assessment, Passive and Active Measurement (PAM’06), March 2006, (Acceptance rate 23%)
  • Lopamudra Roychoudhuri and Ehab Al-Shaer, Real-time Audio Quality Evaluation for Adaptive Multimedia Protocols, Proceedings of Multimedia Networks and Services (MMNS 2005), October 2005

Team Members

  • Ehab Al-Shaer (PI)
  • Lopamudra Roychoudhuri

Proactive Quality Control for Real-Time Internet Audio

Related publications

  • Lopamudra Roychoudhuri and Ehab Al-Shaer, Autonomic QoS Optimization of Real-time Internet Audio using Loss Prediction and Stochastic Control, Accepted in the 11th IEEE/IFIP Network Operations and Management Symposium (NOMS 2008) , April 2008, (Acceptance rate 27%)
  • Lopamudra Roychoudhuri and Ehab Al-Shaer, Adaptive Rate Control for Real-time Packet Audio Based on Loss Prediction, IEEE GLOBECOM’04, December 2004, (acceptance rate 33%)
  • Lopamudra Roychoudhuri and Ehab Al-Shaer, On Packet Loss Prediction for Real-time Packet Audio , IEEE/IFIP Management of Multimedia Networks and Services (MMNS’04), October 2004, (BEST PAPER AWARD)
  • Lopamudra Roychoudhuri , Ehab Al-Shaer, Hazem Hamed and Gregory B. Brewster, Audio Transmission over the Internet: Experiments and Observations, IEEE ICC’03, Symposium on the Next Generation Internet, May 2003
  • Lopamudra Roychoudhuri , Ehab Al-Shaer, Hazem Hamed and Gregory B. Brewster, On Studying the Impact of the Internet Delays on Audio Transmission, IEEE Workshop on IP Operations and Management (IPOM’02), October 2002

Team Members

  • Ehab Al-Shaer (PI)
  • Lopamudra Roychoudhuri

Scalable and Dynamic Monitoring and Correlation

Overlay networks have emerged as a powerful and flexible platform for developing new disruptive network applications. The performance and reliability of overlay applications depend on the capability of overlay networks to dynamically adapt to various factors such as link/node failures, overlay link quality, and overlay node characteristics. This research addresses the following important challenges facing monitoring new emerging technologies such as overlay, sensor, multicast and QoS networks:

 How to create an optimal event monitoring and aggregation infrastructure that minimizes the monitoring latency and event aggregation cost considering the large-scale geographical and network distribution of overlay nodes.
 Can real-time monitoring under bandwidth and time constraints be achieved?
 How monitoring systems can be self-organized and adaptive
 How to provide rich but usable monitoring interfaces

Sponsor(s): Sun Microsystems, Aprisma, DePaul University

Related publications

  • Ehab Al-Shaer, Reachability Monitoring and Problem Diagnosis in Multicast Networks , Enterprise Systems Integration , Auerbach , October 2008, To Appear
  • Yongning Tang and Ehab Al-Shaer, Towards Distributed & Collaborative Overlay Fault Diagnosis Based On User-level Belief Revision, INFOCOM 2008 MiniConference, April 2008
  • Bin Zhang and Ehab Al-Shaer, Self-Organizing Monitoring Agents for Hierarchical Monitoring Architecture, In the 18th IFIP/IEEE Distributed Systems: Operations and Management (DSOM 2007), October 2007
  • Yongning Tang, Ehab Al-Shaer and Bin Zhang, Toward Globally Optimal Event Monitoring & Aggregation For Large-scale Overlay Networks, IEEE Integrated Network Management 2007 (IM 2007), Pages: pp. 236-245, May 2007
  • Ehab Al-Shaer and Bin Zhang, HiFi+: A Monitoring Virtual Machine for Autonomic Distributed Management , 15th IFIP/IEEE Distributed Systems: Operations and Management (DSOM 2004), November 2004, (Acceptance rate 28%)
  • Ehab Al-Shaer, Monitoring Emerging Network Services, April 2004
  • Mohamed Younis, Poonam Munshi and Ehab Al-Shaer, Architecture for Efficient Monitoring and Management of Sensor Networks, Workshop on End-to-End Monitoring Techniques and Services, September 2003
  • Ehab Al-Shaer, The Role of Group Communication in Supporting Efficient Distributed Event Correlation”, Networking 2000, Multimedia Miniconference, Paris, France, May 2000
  • Ehab Al-Shaer, Active Management Framework for Distributed Multimedia Systems, Journal of Network and Systems Management (JNSM), Volume: 8, Number: 1, Pages: 49-72, March 2000
  • Ehab Al-Shaer, Hussein Abdel-Wahab and Kurt Maly, HiFi: A New Monitoring Architecture for Distributed Systems Management, IEEE 19th International Conference on Distributed Computing Systems (ICDCS'99), pp. 171-178, Austin, Texas, (Acceptance rate 18%), May 1999
  • Ehab Al-Shaer, Dynamic Monitoring Approach for Multi-point Multimedia Systems, IFIP/IEEE International Conference on Management of Multimedia Networks and Services, Versailles, France , November 1998
  • Ehab Al-Shaer, Hussein Abdel-Wahab and Kurt Maly, Hierarchical Filtering-based Monitoring Architecture for Large-scale Distributed Systems, International Conference on Parallel and Distributed Computing Systems, New Orleans, LA, October 1997

Team Members

  • Ehab Al-Shaer (PI)
  • Bin Zhang
  • Yongning Tang

Multicast Reachability Monitoring & Diagnosis

In this project we developed scalable monitoring techniques and tools to detect and isolate multicast reachability and QoS problems for on-going multicast sessions at real-time. Our solution solution consists of three components: mcastSNMP that extends SNMP to support multicasting, MRMON which is a SNMP-based remote passive multicast monitoring infrastructure, and SMRM which multicast QoS monitoring framework. Our framework combines distributed monitoring and centralized control, which offers scalable, easy-to-use and easy-to-deploy multicast monitoring services.

Related publications

  • Ehab Al-Shaer, Reachability Monitoring and Problem Diagnosis in Multicast Networks , Enterprise Systems Integration , Auerbach , October 2008, To Appear
  • Ehab Al-Shaer and Yongning Tang, MRMON: Multicast Remote Monitoring , IEEE/IFIP Network Operations and Management Symposium (NOMS’2004), Seoul, South Korea, April 2004
  • Ehab Al-Shaer and Yongning Tang, SMRM: SNMP-based Multicast Reachability Monitoring, IEEE/IFIP Network Operations and Management Symposium NOMS’2002, (acceptance rate 30%), April 2002
  • Ehab Al-Shaer, An Adaptive Multicast Management Framework for Distributed Event Correlation, Journal of Networking and Information Systems, Volume: 3, Number: 2, Pages: 317-333, April 2001
  • Ehab Al-Shaer, Toward Integrating IP Multicasting in Internet Network Management Protocols, Journal of Computer and Communications, Volume: 24, Number: 6, Pages: 473-485, April 2001
  • Ehab Al-Shaer and Yongning Tang, Integrating IP Multicast in SNMPv1, IFIP/IEEE International Conference on Managing Multimedia Networks and Services, Fortalza, Brazil, September 2000

Team Members

  • Ehab Al-Shaer (PI)
  • Yongning Tang

Game-theocratic Approach for Resource Management

Game-theocratic Approach for Resource Management in P2P Systems P2P services are widely used today for sharing resources like files. One of the main problems that degrades the overall performance of P2P system is the selfish behavior of a client (i.e., download much more upload) in the P2P community. In this propose, we propose a game theoretic approach to value and rank and clients based on their community services and usage in P2P system. This results in fair distribution of resources between P2P clients and increase in the overall performance.

Related publications

Team Members

  • Yonghe Yan (PI)
  • Ehab Al-Shaer (Co-PI)
  • Adel El-Atawy

Modeling and Prediction of Interent Packet Loss

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • Lopamudra Roychoudhuri

Publications

Edited Books

  1. Dominique Gaïti , Ehab Al-Shaer, Ken Calvert , Simon Dobson , Guy Leduc and Olli Martikainen , Autonomic Networking, Springer-Verlag, Volume: 4195, ISBN: 978-3-540-45891-3, October 2008
  2. Ehab Al-Shaer, Jorge Lobo and Lalana Kalger , Policy-based Security Management for Wireless Networks, IEEE Press, June 2008, To Appear
  3. Ehab Al-Shaer, Heinz-Gerd Hegering and Alexander Keller , Integrated Network Management: Moving From Bits to Business Values , IEEE Press, May 2007
  4. Ehab Al-Shaer, Aiko Pras and Philippe Owezarski , Monitoring Internet Traffic and Services, IEEE Press, ISBN: 0-7803-9249-3 , May 2005
  5. Ehab Al-Shaer, Monitoring Emerging Network Services, April 2004
  6. Ehab Al-Shaer and Giovanni Pacifici , Management of Multimedia on the Internet , Springer , Lecture Notes in Computer Science , ISBN: 3-540-42786-4 , October 2001

Book Chapters

  1. Ehab Al-Shaer, Reachability Monitoring and Problem Diagnosis in Multicast Networks , Enterprise Systems Integration , Auerbach , October 2008, To Appear
  2. Ehab Al-Shaer and Yan Chen , Integrating Fault and Security Management , Information Assurance: Survivability and Security in Networked Systems , ELSEVIER, Inc , Edited by David Tipper, Prashant Krishnamurthy, Yi Qian, James B. D. Joshi, Morgan Kaufmann , October 2008
  3. Editing/Reviewing, Various Chapters, in , the United Nations Institute for Training and Research UNITAR , by Ambassador Ahmad Kamal, the Senior Fellow at the United Nations , ISBN: 92-9182-038-8, October 2005
  4. Ehab Al-Shaer, End-to-End Monitoring Techniques and Services , Management of Multimedia Networks and Services , Springer , Lecture Notes in Computer Science , September 2003

Journal Papers

  1. Ehab Al-Shaer, Adel El-Atawy and Taghrid Samak , Automated Pseudo-live Testing of Firewall Configuration Enforcement , IEEE Journal on Selected Areas in Communications, October 2008, To Appear
  2. Yonghe Yan , Adel El-Atawy and Ehab Al-Shaer, A Game Theoretic Model for Capacity Constrained Fair Bandwidth Allocation , Internation Journal of Network Management , October 2008, To Appear
  3. Yongning Tang, Ehab Al-Shaer and Raouf Boutaba, Efficient Fault Diagnosis Using Incremental Alarm Correlation and Active Investigation for Internet and Overlay Networks, IEEE Transactions on Network and Service Management , June 2008
  4. Hazem Hamed, Adel El-Atawy and Ehab Al-Shaer, On Dynamic Optimization of Packet Matching in High Speed Firewalls , IEEE Journal on Selected Areas in Communications, Pages: 1817 - 1830, October 2006
  5. Hazem Hamed and Ehab Al-Shaer, On Autonomic Optimization of Firewall Policy Configuration , Journal of High Speed Networks, Special issue on Security Policy Management , Issue: 3, Volume: 13, Pages: 209 - 227 , August 2006
  6. Lopamudra Roychoudhuri , Ehab Al-Shaer and Gregory B. Brewster, On the Impact of Loss and Delay Variation on Internet Packet Audio Transmission , Journal of Computer Communications , Pages: 1578-1589. , June 2006
  7. Ehab Al-Shaer and Hazem Hamed, Taxonomy of Conflicts in Network Security Policies, IEEE Communications Magazine , Issue: 3 , Volume: 44 , Pages: 134 - 141 , March 2006
  8. Lopamudra Roychoudhuri and Ehab Al-Shaer, Real-Time Packet Loss Prediction based on End-to-end Delay Variation, IEEE Transactions on Network and Service Management (TNSM), Volume: 2, Number: 1, November 2005
  9. Ehab Al-Shaer, Hazem Hamed, Raouf Boutaba and Masum Hasan, Conflict Classification and Analysis of Distributed Firewall Policies, IEEE Journal on Selected Areas in Communications, Issue: 10, Volume: 23, Pages: 2069 - 2084, October 2005
  10. Ehab Al-Shaer and Hazem Hamed, Modeling and Management of Firewall Policies, IEEE Transactions on Network and Service Management, Volume: 1-1, April 2004
  11. Ehab Al-Shaer, QoS Path Monitoring for Multicast Networks, Journal of Network and System Management (JNSM), Volume: 10, Number: 3, Pages: 357-381, September 2002
  12. Ehab Al-Shaer, An Adaptive Multicast Management Framework for Distributed Event Correlation, Journal of Networking and Information Systems, Volume: 3, Number: 2, Pages: 317-333, April 2001
  13. Ehab Al-Shaer, Toward Integrating IP Multicasting in Internet Network Management Protocols, Journal of Computer and Communications, Volume: 24, Number: 6, Pages: 473-485, April 2001
  14. Ehab Al-Shaer, Active Management Framework for Distributed Multimedia Systems, Journal of Network and Systems Management (JNSM), Volume: 8, Number: 1, Pages: 49-72, March 2000
  15. Ehab Al-Shaer, Mohamed Fayad, Hussein Abdel-Wahab and Kurt Maly, Adaptive Object-Oriented Filtering Framework for Event Management Applications, ACM Computing Surveys, Volume: 32, Number: 1, Pages: Article No. 37, March 2000
  16. Ehab Al-Shaer, Hussein Abdel-Wahab and Kurt Maly, Dynamic Monitoring Approach for Multi-point Multimedia Systems, Journal of Networking and Information Systems, Pages: 75-88, June 1999
  17. Kurt Maly, Hussein Abdel-Wahab , C. M. Overstreet, C. Wild, A. Gupta, A. Youssef, E. Stoica and Ehab Al-Shaer, Interactive Distance Learning over Intranets, IEEE Internet Computing, Volume: 1, Number: 1, Pages: 60-71, February 1997

Referred Conference Publications

  1. Anh Le, Ehab Al-Shaer and Raouf Boutaba, Correlation-based Load Balancing for Network Intrusion Detection and Prevention Systems, ACM International Conference on Security and Privacy in Communication Networks (ACM SecureComm 2008), September 2008
  2. Taghrid Samak , Ehab Al-Shaer and Hong Li, QoS Policy Modeling and Conflict Analysis, The 9th International Workshop on Policies for Distributed Systems and Networks (POLICY 2008 Best Paper Award), Palisades, NY, USA, June 2008
  3. Ehab Al-Shaer, Latif Khan and M. Salim Ahmed, A Comprehensive Objective Network Security Metric Framework for Proactive Security Configuration, ACM Cyber Security and Information Intelligence Research Workshop, Oak Ridge, Tennessee, USA, May 2008
  4. Khalid Alsubhi, Ehab Al-Shaer and Raouf Boutaba, Alert prioritization in Intrusion Detection Systems , Accepted in the 11th IEEE/IFIP Network Operations and Management Symposium (NOMS 2008), April 2008, (Acceptance rate 27%)
  5. Lopamudra Roychoudhuri and Ehab Al-Shaer, Autonomic QoS Optimization of Real-time Internet Audio using Loss Prediction and Stochastic Control, Accepted in the 11th IEEE/IFIP Network Operations and Management Symposium (NOMS 2008) , April 2008, (Acceptance rate 27%)
  6. Yongning Tang and Ehab Al-Shaer, Towards Distributed & Collaborative Overlay Fault Diagnosis Based On User-level Belief Revision, INFOCOM 2008 MiniConference, April 2008
  7. Mohamed Salim, Ehab Al-Shaer and Latif Khan, A Novel Quantitative Approach For Measuring Network Security, INFOCOM 2008 Mini Conference, April 2008
  8. Mohamed Salim, Ehab Al-Shaer, Mohamed Taibah, Mohamed Arshad and Latif Khan, Towards Autonomic Risk-aware Security Configuration, Accepted in the 11th IEEE/IFIP Network Operations and Management Symposium (NOMS 2008), April 2008
  9. Tung Tran, Ehab Al-Shaer and Raouf Boutaba, PolicyVis: Firewall Security Policy Visualization and Inspection, USENIX LISA, Dallas, Texas, November 2007
  10. Jerome Francois, Adel El-Atawy, Ehab Al-Shaer and Raouf Boutaba, A Collaborative Approach for Proactive Detection of Distributed Denial of Service Attacks, In the Workshop on Monitoring, Attack Detection and Mitigation (MonAM 2007), Toulouse, France, November 2007
  11. Bin Zhang and Ehab Al-Shaer, Self-Organizing Monitoring Agents for Hierarchical Monitoring Architecture, In the 18th IFIP/IEEE Distributed Systems: Operations and Management (DSOM 2007), October 2007
  12. Taghrid Samak , Adel El-Atawy and Ehab Al-Shaer, FireCracker: A Framework for Inferring Firewall Policy using Smart Probing, In the Proceedings of the fifteenth IEEE International Conference on Network Protocols (ICNP'07), Beijing, China, October 2007, (Acceptance rate 14%)
  13. Adel El-Atawy, Taghrid Samak , Ehab Al-Shaer, Zein Wali, Sheng Li, Frank Lin and Christopher Pham, An Automated Framework for Validating Firewall Policy Enforcement, In Proceedings of IEEE Workshop on Policies for Distributed Systems and Networks (POLICY'07), Bologna, Italy, June 2007
  14. Bin Zhang, Ehab Al-Shaer, Radha Jagadeesan, James Riely and Corin Pitcher, Specifications of a High-level Conflict-Free Firewall Policy Language for Multi-domain Networks, In Proceedings of 12th ACM Symposium on Access Control Models And Technologies (SACMAT), Sophia Antipolis, France, June 2007, (Acceptance rate 23%)
  15. Yongning Tang, Ehab Al-Shaer and Bin Zhang, Toward Globally Optimal Event Monitoring & Aggregation For Large-scale Overlay Networks, IEEE Integrated Network Management 2007 (IM 2007), Pages: pp. 236-245, May 2007
  16. Taghrid Samak , Adel El-Atawy, Ehab Al-Shaer and Mohamed A. Ismail, A Novel Visualization Approach for Efficient Network-wide Traffic Monitoring, In the 5th IEEE Workshop on End-to-End Monitoring Techniques and Services (E2EMON'07, In conjunction with IM 2007), Munich, Germany, May 2007
  17. Adel El-Atawy, Taghrid Samak , Ehab Al-Shaer and Hong Li, On Using Online Traffic Statistical Matching for Optimizing Packet Filtering Performance, In IEEE INFOCOM'2007, May 2007, (Acceptance rate 17%)
  18. Yonghe Yan, Adel El-Atawy and Ehab Al-Shaer, Ranking-based Optimal Resource Allocation in Peer-to-Peer Networks, In IEEE INFOCOM'2007, (Acceptance rate 17%), May 2007
  19. Taghrid Samak , Adel El-Atawy, Ehab Al-Shaer and Hong Li, Firewall Policy Reconstruction by Active Probing An Attacker's View, The 2nd Workshop on Secure Network Protocols (NPSec 2006), (Acceptance rate 30%), November 2006
  20. Muhammad Abedin, Syeda Nessa, Ehab Al-Shaer and Latif Khan, Vulnerability Analysis For Evaluating Quality of Protection of Security Policies, ACM CCS Workshop on Quality of Protection Workshop (QoP 06), October 2006, (Acceptance rate 20%)
  21. Mohamed Taibah, Ehab Al-Shaer and Raouf Boutaba, An Architecture for an Email Worm Prevention System, The Second IEEE/Create-Net International Conference on Security and Privacy in Communication Networks (SecureComm 2006), Baltimore, MD, August 2006, (Acceptance rate 23%)
  22. Yonghe Yan , Adel El-Atawy and Ehab Al-Shaer, Fair Bandwidth Allocation Under User Capacity Constraints, 10th IEEE/IFIP Network Operations and Management Symposium (NOMS 2006), April 2006
  23. Korosh Golnabi, Richard Min, Latif Khan and Ehab Al-Shaer, Analysis of Firewall Policy Rule Using Data Mining Techniques, 10th IEEE/IFIP Network Operations and Management Symposium (NOMS 2006), April 2006
  24. Hazem Hamed, Adel El-Atawy and Ehab Al-Shaer, Adaptive Statistical Optimization Techniques for Firewall Packet Filtering, IEEE INFOCOM'2006, April 2006, (Acceptance rate 16%)
  25. Lopamudra Roychoudhuri and Ehab Al-Shaer, Statistical Measurement Approach for On-line Audio Quality Assessment, Passive and Active Measurement (PAM’06), March 2006, (Acceptance rate 23%)
  26. Hazem Hamed and Ehab Al-Shaer, Dynamic Rule-ordering Optimization for High-speed Firewall Filtering, ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS'06), March 2006, (Acceptance rate 16%)
  27. Hazem Hamed, Ehab Al-Shaer and Will Marrero, Modeling and Verification of IPSec and VPN Security Policies, IEEE ICNP'2005, November 2005, (Acceptance rate 17%)
  28. Adel El-Atawy, Khaled Ibrahim, Hazem Hamed and Ehab Al-Shaer, Policy Segmentation for Intelligent Firewall Testing, 1st Workshop on Secure Network Protocols (NPSec 2005), November 2005
  29. Lopamudra Roychoudhuri and Ehab Al-Shaer, Real-time Audio Quality Evaluation for Adaptive Multimedia Protocols, Proceedings of Multimedia Networks and Services (MMNS 2005), October 2005
  30. Yongning Tang, Ehab Al-Shaer and Raouf Boutaba, Active Integrated Fault Localization in Communication Networks, IEEE/IFIP Integrated Network Management (IM'2005), May 2005
  31. Lopamudra Roychoudhuri and Ehab Al-Shaer, On Packet Loss Prediction, IEEE INFOCOM 05, January 2005, Poster paper
  32. Lopamudra Roychoudhuri and Ehab Al-Shaer, Adaptive Rate Control for Real-time Packet Audio Based on Loss Prediction, IEEE GLOBECOM’04, December 2004, (acceptance rate 33%)
  33. Ehab Al-Shaer and Bin Zhang, HiFi+: A Monitoring Virtual Machine for Autonomic Distributed Management , 15th IFIP/IEEE Distributed Systems: Operations and Management (DSOM 2004), November 2004, (Acceptance rate 28%)
  34. Lopamudra Roychoudhuri and Ehab Al-Shaer, On Packet Loss Prediction for Real-time Packet Audio , IEEE/IFIP Management of Multimedia Networks and Services (MMNS’04), October 2004, (BEST PAPER AWARD)
  35. Ehab Al-Shaer and Yongning Tang, MRMON: Multicast Remote Monitoring , IEEE/IFIP Network Operations and Management Symposium (NOMS’2004), Seoul, South Korea, April 2004
  36. Mohamed Younis, Poonam Munshi and Ehab Al-Shaer, Architecture for Efficient Monitoring and Management of Sensor Networks, Workshop on End-to-End Monitoring Techniques and Services, September 2003
  37. Ehab Al-Shaer, A Light-weight Encrypting Real Time Video Transmission, CTI Symposium, School of Computer Science, Telecommunications and Information Systems, DePaul University, September 2003
  38. Ehab Al-Shaer and Hazem Hamed, Management and Translation of Filtering Security Polices, IEEE ICC’03, May 2003
  39. Lopamudra Roychoudhuri , Ehab Al-Shaer, Hazem Hamed and Gregory B. Brewster, Audio Transmission over the Internet: Experiments and Observations, IEEE ICC’03, Symposium on the Next Generation Internet, May 2003
  40. Ehab Al-Shaer and Hazem Hamed, Firewall Policy Advisor for Anomaly Detection and Rule Editing, IEEE/IFIP Integrated Network Management IM'2003, March 2003, BEST PAPER AWARD (acceptance rate 24%)
  41. Lopamudra Roychoudhuri , Ehab Al-Shaer, Hazem Hamed and Gregory B. Brewster, On Studying the Impact of the Internet Delays on Audio Transmission, IEEE Workshop on IP Operations and Management (IPOM’02), October 2002
  42. Gregory B. Brewster and Ehab Al-Shaer, Graduate Level Curriculum and Laboratory Courses for Computer Networking, ACM SIGCOMM Workshop on Computer Networking: Curriculum Designs and Educational Challenges, Pittsburgh, PA, August 2002
  43. Ehab Al-Shaer and Yongning Tang, SMRM: SNMP-based Multicast Reachability Monitoring, IEEE/IFIP Network Operations and Management Symposium NOMS’2002, (acceptance rate 30%), April 2002
  44. Hazem Hamed and Ehab Al-Shaer, Experiments on Packet Forwarding, CTI Symposium, School of Computer Science, Telecommunications and Information Systems, DePaul University, September 2001
  45. Ehab Al-Shaer, A Dynamic Group Management for Large-scale Distributed Event Monitoring, IEEE/IFIP Integrated Network Management IM'2001, (acceptance rate 30%), May 2001
  46. Ehab Al-Shaer and Yongning Tang, Integrating IP Multicast in SNMPv1, IFIP/IEEE International Conference on Managing Multimedia Networks and Services, Fortalza, Brazil, September 2000
  47. Ehab Al-Shaer, The Role of Group Communication in Supporting Efficient Distributed Event Correlation”, Networking 2000, Multimedia Miniconference, Paris, France, May 2000
  48. Ehab Al-Shaer, Programmable Agents for Active Distributed Monitoring, IFIP/IEEE 10th International Workshop on Distributed Systems: Operation & Management (DSOM'99), Lecture Notes in Computer Science, page 19-33, Zurich, Switzerland, October 1999
  49. Ehab Al-Shaer, Hussein Abdel-Wahab and Kurt Maly, HiFi: A New Monitoring Architecture for Distributed Systems Management, IEEE 19th International Conference on Distributed Computing Systems (ICDCS'99), pp. 171-178, Austin, Texas, (Acceptance rate 18%), May 1999
  50. Ehab Al-Shaer, Dynamic Monitoring Approach for Multi-point Multimedia Systems, IFIP/IEEE International Conference on Management of Multimedia Networks and Services, Versailles, France , November 1998
  51. Ehab Al-Shaer, Hussein Abdel-Wahab and Kurt Maly, Hierarchical Filtering-based Monitoring Architecture for Large-scale Distributed Systems, International Conference on Parallel and Distributed Computing Systems, New Orleans, LA, October 1997
  52. Ehab Al-Shaer, Hussein Abdel-Wahab and Kurt Maly, Application-Layer Group Communication Server for Extending Reliable Multicast Protocols Services, IEEE International Conference on Network Protocols, Atlanta, GA, (Acceptance rate 20%), October 1997
  53. Ehab Al-Shaer, Event Filtering Framework: Key Criteria and Design Trade-offs, The 21st IEEE International Conference on Computer Software and Applications, pages 88-93, Washington, D.C., August 1997
  54. Ehab Al-Shaer, Hussein Abdel-Wahab and Kurt Maly, A Scalable Monitoring Architecture for Managing Distributed Multimedia Systems,", IFIP/IEEE International Conference on Management of Multimedia Networks and Services, Montreal, CA, July 1997
  55. Ehab Al-Shaer, A. Youssef, Hussein Abdel-Wahab , Kurt Maly and C. M. Overstreet, Reliability, Scalability and Robustness Issues in IRI,", WETICE'97: IEEE 6th Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, June 1997
  56. Ehab Al-Shaer, Hussein Abdel-Wahab and Kurt Maly, High-performance Monitoring Architecture for Large-scale Distributed Systems Using Event Filtering,", international Conference on Computer Science & Information, Volume: 3, Pages: 42-46, March 1996
  57. D. Schmidt , Tim Harrison and Ehab Al-Shaer, Object-Oriented Components for High-speed Network Programming , Proceedings of Conference on Object-Oriented Technologies, USENIX, Monterey, CA, June 1995

Professional Services

Journal Editor

  1. Journal of Network and System Management, a special issue on “Security Configuration Management”, March2008 (with Charles R Kalmanek AT&T Research and Felix Wu UC Davis)
  2. Journal of High Speed Networks, a special issue on “Management of Security Polices”, August 2005 (with Cliff Nueman USC, Denish Verma IBM, Hong Li Intel and Anthony Chung DePaul University)
  3. Journal of Computer Communications, a special issue on “Network Monitoring and Measurements”, March 2005 (with Raouf Boutaba, University of Waterloo and Kevin Almeroth, UCSB )
  4. Journal of High Speed Networks, a special issue on “QoS for Multimedia”, April 2001 (with Anthony Chung, DePaul University)

Conference/Workshop Chair

  1. General Chair of ACM Computer and Communications Security (CCS 2009)
  2. Technical Program Chair NSF Worskhop on Assurable and Usable Security Configuration
  3. Technical Program Co-Chair of the 9th IEEE Workshop on Policies for Distributed Systems and Networks (POLICY 08), NY, June, 2008
  4. Technical Program Co-Chair of the 1st IEEE Automated Network Management (ANM 2008), (Collocated with INFOCOM 2008), Phoenix, Arizona, April 2008
  5. Technical Program Co-Chair of 10th International IFIP/IEEE Symposium on Integrated Network Management (IM 2007), Munich, Germany, May, 2007
  6. Workshop Chair (and founder) of the 1st Midwest Security Workshop, (consortium of leading research universities in the Midwest), Chicago 2006
  7. Technical Program Co-Chair of IFIP Autonomic Management & Services 2006 (INTELLCOM’06), France
  8. Technical Program Co-Chair of IEEE End-to-End Monitoring (E2EMON) Workshop, 2004-2006
  9. Technical Program Co-Chair of the IEEE/IFIP International Conference of Management of Multimedia Networks and Services (MMNS), October, 2001

Technical Program Committee Membership

Member of Organization Committee

  1. Workshops Co-Chair of IEEE INFOCOM 2008, April 2008, Phoenix, Arizona
  2. Workshops Co-Chair of IEEE NOMS 2006, April 2006, Vancouver, Canada
  3. Poster Chair of Consumer Communications and Network (CCNC 2005)

Current Technical Program Committee Membership

  1. IEEE INFOCOM 2006-current
  2. IEEE International Conference on Network Protocols, 2005-current
  3. IEEE International Symposium Conference on Integrated Network Management (IM) 2002- current
  4. IEEE/IFIP Network Operations and Management Symposium (NOMS), 2002- current
  5. IEEE International Workshop on Distributed Systems: Operations & Management (DSOM), 2002- current
  6. IEEE ICC Security Symposium 2008

Previous Technical Program Committee Membership

  1. IEEE Mission-Critical Networking Workshop (MCN) 2008
  2. ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2007
  3. IEEE E2EMON 2005-2007
  4. ACM SIGCOMM Internet Network Management (INM) Workshop, 2007
  5. IEEE Global Internet 2005, 2006
  6. IEEE International Conference on Management of Multimedia Networks and Services (MMNS), 1999 – 2006
  7. IEEE Consumer Communications and Network (CCNC 2005)
  8. IEEE Local Area Network 2005
  9. IEEE Autonomic Grid Management 2005
  10. IEEE Computer Communication Workshop, ICCW, 2003
  11. IEEE Internet Protocol Operations and Management (IPOM) 2002
  12. Parallel and Distributed Computing and Systems (PDCS’2000, 2002)
  13. International Conference on Parallel and Distributed Computing Systems, 1998- 2001
  14. IEEE International Conference on Distributed Computing Systems (ICDCS'99)

Talks

Invited Talks

  1. “A Composable and Verifiable Modeling for Network Security Configurations“, Configuration Workshop at USINEX LISA, , Dallas, Texas, November 2007
  2. "Toward Assurable and Robust Network Security Configurations ", , University of Iowa, November 2007
  3. "The 5 Challenges Towards Automated Security Management ", NSF Safe Computing Workshop, Sandia National Labs, December 2006
  4. "Future Direction in Security & Forensic Management Research", NSF Cyber Trust Future Direction Workshop, (invited as Lead Researcher in this area), , October 2006
  5. “Toward Autonomic Security Policy Management”, , Purdue University, August 2006
  6. “Toward Next-Generation Security Policy”, , Intel Research, March 2006
  7. “Statistical Filtering for Firewall Policy Optimization”, , Northwestern University, March 2006
  8. “Network Security Policy Verification and Optimization ”, , Georgia Institute of Technology, October 2005
  9. “Management of Network Security Policies Between Crises and Fantasies ”, , University of Illinois at Urbana-Champaign (UIUC), September 2005
  10. “Policy-based Enterprise Security Solutions”, Cisco Security Team, San Jose, October 2004
  11. “Next-generation Firewall”, Cisco Workshop on Network Security, San Jose, November 2003
  12. Tightening Your Firewall Security”, CTI Security Seminar, DePaul University, October 2003
  13. “The Role of Multicasting in Supporting Event Correlation”, Networking 2000, Paris, May 2000
  14. “Emerging Technologies for A Networked Society”, IT Puerto Rico Government Summit, , March 2000

Tutorials

  1. “Security Policy Testing and Evaluation”, IEEE Network Operations and Management Symbosium (NOMS 2008), Brazil, December 2008
  2. Intrusion Detection and Prevention Systems: Configuration, Tuning and Evaluation”, KFUPM , , December 2007
  3. “Firewall and Security Policy Management”, KFUPM, , December 2006
  4. “Security Policy Verification, Optimization”, IEEE NOMS 2006, , April 2006
  5. “Managing Network Security Policies: Firewall and IPSec/VPN”, IEEE IM 2005, , May 2005
  6. “Managing Firewall and Network-Edge Security Policies”, IEEE NOMS 2004, , April 2004

Panels

  1. “Can Management Systems be Trusted?”, IEEE Symposium of Integrated Network Management 2007, Germany, January 2007
  2. "Toward Next-generation Monitoring System for Security", IEEE E2EMON (with Keith Ross Polytechnic University, James Hong POSTEC, and Masum Hasan Cisco systems), , October 2004
  3. "verlay Networks and Management: A Real Solution or New Hype", IEEE Integrated Network Management (IM’03), Colorado, March 2003
  4. "Is the Internet Ready for Multimedia", IEEE MMNS, California, October 2002

Professional Awards

  • Received a Service Appreciation Award, IEEE Communication Society, 2003, and 2005
  • Received the BEST PAPER AWARD in IEEE POLICY 2008, paper title:``Modeling and Conflcit Analysis of QoS Policies”
  • Designated as "Researcher Lead” during NSF Cyber Trust Future Direction Workshop, November 2006
  • Received the Featured ODU Alumni Award, 2004
  • Received the BEST STUDENT PAPER AWARD in IEEE Management of Multimedia Networks and Services, MMNS’04, paper title “Packet Loss Prediction for Real-time Packet Audio”
  • Received the BEST PAPER AWARD in IEEE Symposium on Integrated Network Management 2003, paper title:” Policy Advisor for Anomaly Detection and Rule Editing”
  • Received NASA Fellowship from NASA Langley Research Center, May 1996-1998
  • Awarded USENIX Student Fellowship, June 1994

Grants

  • ConfVeal: Automated Testing of Security Configuration Enforcement in Distributed Networks
    PI: Ehab Al-Shaer
    Sponsor Name(s): National Science Foundation
    Start Date: 01/09/2008
    End Date: 01/09/2011
  • Global Verification and Dynamic Optimization of Network Security Polices
    PI: Ehab Al-Shaer, Co-PI: Will Merraro
    Sponsor Name(s): National Science Foundation
    Start Date: 01/09/2007
    End Date: 01/09/2010
  • NSF Workshop on Assurable and Usable Security Configuration
    PI: Ehab Al-Shaer (collaboration with Sushil Jajodia, GMU)
    Sponsor Name(s): National Science Foundation
    Start Date: 01/01/2007
    End Date: 03/23/2009
  • High-performance Security Policy Inspection
    PI: Ehab Al-Shaer
    Sponsor Name(s): ARAMCO
    Start Date: 01/01/2004
    End Date: 01/01/2009
  • INPSEC: A Framework for Testing Security Policy Enforcement Devices
    PI: Ehab Al-Shaer
    Sponsor Name(s): Cisco Systems
    Start Date: 11/01/2005
    End Date: 11/01/2007
  • Autonomic Security Configuration
    PI: Ehab Al-Shaer
    Sponsor Name(s): Intel
    Start Date: 03/15/2005
    End Date: 03/15/2007
  • Analysis and Verification of Filtering Rules in Security Polices
    PI: Ehab Al-Shaer
    Sponsor Name(s): National Science Foundation
    Start Date: 09/01/2003
    End Date: 09/01/2004
  • Anomaly Detection in Firewall Policies
    PI: Ehab Al-Shaer
    Sponsor Name(s): Cisco Systems
    Start Date: 07/01/2003
    End Date: 07/01/2004

Students

Current Students

  • Lopamudra Roychoudhuri PhD candidate, Thesis: "Proactive Rate and Error Control for Packet Multimedia Transmission Based on Loss Prediction"
  • Yongning Tang PhD Candidate, Thesis: "Distributed Monitoring and Fault Reasoning for Large-scale Networks"
  • Bin Zhang PhD Candidate, Thesis: "On Optimization of Event Correlation and Configuration for Network Security"
  • Adel El-Atawy PhD Candidate, Thesis: "Network behavior-based Modeling and Analysis of Security Attacks and Counter-measures"
  • Taghrid Samak PhD Student, Thesis: "Modeling, Discovery and Analysis of Network Access Control Policies"
  • Mohamed Taibah PhD Student, Modeling and Defense of Sanning Worm
  • Khalid Elbadawi PhD Student, Thesis: Exploring the space
  • Sk. Kajal Imon PhD Student, Thesis: exploring the space
  • Mohammed Ashraf Khan PhD Student, Thesis: exploring the space
  • Kyle Smith MS Studnet , Thesis: Spam Botnet Detection
  • Shimeng Feng MS Studnet , Project: "Security Policy Visualization"

Previous Students

  • Hazem Hamed PhD (Cisco System), Thesis: "Verification and Optimization of Firewall Policies", 2005