Professional Services

Publications

  • A Game Theoretic Model for Capacity Constrained Fair Bandwidth Allocation

News

Biography

The AssurableNet Research Center (ARC) is located in the School of Computing, College of Computing and Digital Media at DePaul University. The primary research areas are network security, distributed monitoring, fault diagnosis, and multimedia transport protocols. The director of the lab is Ehab Al-Shaer, an associate professor with the School of Computing. Prof Al-Shaer edited/co-edited more than 10 books and book chapters, and published about 80 refereed journals and conferences papers in his area. He has been a Co-Editor of number of books, Guest Editor for number of journals, invited speaker, tutorial presenter and panelist in many conferences and industrial seminars. Prof. Al-Shaer is the General Chair of ACM Computer and Communication 2009-2010 and NSF Workshop in Assurable and Usable Security Configuration, August 2008. He served as a member in the technical program and organization committees for many IEEE and ACM conferences including INFOCOM, ICNP, IM, NOMS, ICDCS, CCNC, GLOBECOM, ICC, MMNS DSOM, and E2EMON. He was awarded the Best Paper Awards at the IEEE IM 2003 and POLICY 2008, and received a NASA fellowship in 1997. Prof. Al-Shaer also received funding awards from NSF, Cisco, Intel, Sun Microsystems, Aprisma. Prof. Al-Shaer has been constantly receiving funding from CDM to support at least two PhD students for the SMNLAB lab and then for the ARC center since 1999.

Education

Courses I teach

Research Topics

Network Security

  • Firewall verification
  • Firewall optimization
  • Firewall Testing
  • Firewall security evaluation
  • Automated security configuration synthesis and optimization
  • IDS and firewall load balancing
  • Security metrics
  • Collaborative defense
  • Botnet Detection
  • Covert channels: design and detection
  • Network scanning: theory and detection
  • Traffic visualization

Policy Management

  • High-level (firewall) security policy languages
  • Firewall policy management and editing
  • Firewall policy visualization
  • Context-aware adaptive security policies
  • QoS configuration verification and analysis
  • Verification of Security Access Control
  • VPN policy management

Network Management

  • Configuration management
  • Fault/problem Diagnosis
  • Quality of service monitoring
  • Large-scale distributed event monitoring and correlation
  • End-to-end loss modeling and prediction

Quality of Service

  • Proactive real-time multimedia protocols
  • On-line audio and video quality assessment
  • Interactive distance learning

Projects

newConfigChecker: End-to-end Verification of Global Network Security Policies

This project investigates a theoretical and practical study of the impact of policies on network security and performance. One of the biggest difficulties with configuring network security devices is that each device has a local policy, but each device must cooperate with other devices in the network to provide global behavior. This situation cries out for a framework in which end-to-end security properties can be specified and verified. Ideally, such a framework would enable the discovery of policy inconsistencies and of security violations, and assist to correct the problems as well. In the first part of this proposal, we present such a framework, where we propose a unified policy representation (UPR) based on Binary Decision Diagrams (BDD) to model the policies of various network security devices. The individual models are combined to provide an overall model (Global Policy Representation or GPR) of the network as a whole. The GPR is then used to perform a general policy consistency check. In addition, our framework includes a formal language to specify higher level end-to-end properties that the network should satisfy. The global model of the network can then be checked automatically to see if it satisfies the desired properties. If the model fails to satisfy the requirements, a counter-example can be generated that demonstrates the failure.

Sponsor(s): National Science Foundation

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • Will Marrero (Co-PI)
  • Adel El-Atawy
  • Khalid Elbadawi

Resources

newAdaptive Firewall Policy Optimization based on Dynamic Traffic Statistics

Existing research on filtering optimization focuses on worst-case algorithmic optimization techniques of the accepted traffic. We are one of the first to explore and advocate filtering optimization based on traffic properties for both accept and reject path. We proposed a novel traffic-aware optimization technique that uses information theory to characterize traffic trends and dynamically change filtering rules structure to achieve minimum matching cost. We explore and evaluate various techniques in this direction based on Rule-ordering, Alphabetic tress, Huffman trees and BDD segments. Our evaluation shows significant performance increase for the average case and improves the robustness of security devices against denial of service attacks.

Sponsor(s): National Science Foundation

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • Will Marrero (Co-PI)
  • Adel El-Atawy
  • Hazem Hamed
  • Taghrid Samak

Resources

newEarly Packet Rejection in Firewall Filtering

The policy representation has a significant impact on the performance of network devices. An increase in the number of policy rules causes a significant increase in filtering overhead as well as in traffic latency, particularly if the majority of incoming traffic is rejected by the last default rule. This project is to investigate and develop real-time policy optimization and adaptation algorithms for firewalls to reject traffic discarded by default-deny rule as early as possible without impacting the performance of the accepted traffic. This is used as a counter-measure for launching DOS attacks on firewalls by targeting default-deny rule with high traffic volume. None of the previous work has addressed this problem.

Sponsor(s): National Science Foundation

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • Adel El-Atawy
  • Hazem Hamed
  • Taghrid Samak

Resources

newFirewall Policy Testing

Firewalls implementation might have bugs causing serious network vulnerability problems. On the other hand, manual or human-driven testing techniques are proven to be insufficient because it provides a limited coverage of the testing space, and it requires long time and high labor overhead. Using a random selection scheme implies exponential growth in number of testing scenarios and extremely long testing period. In this project, we developed a framework for testing security policy enforcement using a “smart” selection of test scenarios (random policy configuration) and test cases (random packet/traffic generation) to conduct an efficient testing for IOS and PIX firewall devices.

Sponsor(s): National Science Foundation, Cisco Systems

Related publications

  • Ehab Al-Shaer, Adel El-Atawy and Taghrid Samak , Automated Pseudo-live Testing of Firewall Configuration Enforcement , IEEE Journal on Selected Areas in Communications, October 2008, 2008
  • Adel El-Atawy, Taghrid Samak , Ehab Al-Shaer, Zein Wali, Sheng Li, Frank Lin and Christopher Pham, An Automated Framework for Validating Firewall Policy Enforcement, In Proceedings of IEEE Workshop on Policies for Distributed Systems and Networks (POLICY'07), Bologna, Italy, June 2007
  • Adel El-Atawy, Khaled Ibrahim, Hazem Hamed and Ehab Al-Shaer, Policy Segmentation for Intelligent Firewall Testing, 1st Workshop on Secure Network Protocols (NPSec 2005), November 2005

Team Members

  • Ehab Al-Shaer (PI)
  • Adel El-Atawy
  • Bin Zhang
  • Khalid Elbadawi
  • Mohammed Ashraf Khan
  • Taghrid Samak
  • Zein Wali

Resources

newSecurity Metrics and Policy Evaluation

Evaluation of network security is an essential step in securing any network. This evaluation can help security professionals in making optimal decisions about how to design security countermeasures, to choose between alternative security architectures, and to systematically modify security configurations in order to improve security. However, the security of a network depends on a number of dynamically changing factors such as emergence of new vulnerabilities and threats, policy structure and network traffic. Identifying, quantifying and validating these factors using security metrics is a major challenge in this area. In this project, we investigate a comprehensive security metric framework that identifies and quantifies objectively the most significant security risk factors, which include existing and future vulnerabilities based on historical trends, security configuration immunity to attack occurrence and propagation, and traffic trends that characterize the insider and outsider user behavior.

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • Bin Zhang
  • Latif Khan
  • Mohamed Salim
  • Sk. Kajal Imon
  • Yongning Tang

newSPAM Botnet Detection

Team Members

  • Ehab Al-Shaer (PI)
  • Khalid Elbadawi
  • Kyle Smith

newHigh-level Declarative Languages for Network Access Control Policies

Due to interaction of domains, services and devices in a network, defining firewall rule configuration for enterprise networks is a very complex task. The goal of this project is to provide high level languages to enable administrators to specify high-level security goals that can then be realized and translated into low level device configuration. Our work here is applied on Firewall but the ultimate goal is to extend to all network security devices.

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • Bin Zhang

newPolicyVis: Security Policy Visualization

With large number of network security devices and policy rules, network security policies are complex understand and manage. The purpose of this project is to enable administrator to inspect security policy visually and identify misconfigurations in a a distributed network environment.

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • John McDonald (Co-PI)
  • Raouf Boutaba (Co-PI)
  • Shimeng Feng
  • Tung Tran

newNext-generation Network Scanning & Reconnaissance: Attacks and Counter-measure

We explore new reconnaissance attack techniques to remotely scan security configuration in stealthy manner. Our implemented tool, FireCracker, scans firewall and discovers filtering polices accurately using intelligent and non-intensive probes. Thus the adversary not only discovers more sensitive network information but also navigate the network services silently.

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • Adel El-Atawy
  • Taghrid Samak

newReasoning About the Uncertainty in Fault Diagnosis

Fault diagnosis is a core service in any network management system. Many active and passive fault reasoning techniques were proposed in the literature. However, due to the occurrence of lost and spurious symptoms only integration of both techniques can obtain optimal fault reasoning. In addition, the lack of network level information (symptoms) and knowledge (prior fault probability) like the case in overlay networks and the variation of user observations pose new challenges in fault diagnosis in overlay networks.

In this project, we investigate new models to incorporate optimal action selection into the fault reasoning process to minimize the latency of fault diagnosis. We also investigate new diagnose faults techniques based on users’ belief that does not require any underlying network fault probabilistic quantifications (e.g. prior fault probability).

Related publications

  • Ehab Al-Shaer and Yan Chen , Integrating Fault and Security Management , Information Assurance: Survivability and Security in Networked Systems , ELSEVIER, Inc , Edited by David Tipper, Prashant Krishnamurthy, Yi Qian, James B. D. Joshi, Morgan Kaufmann , October 2008
  • Yongning Tang, Ehab Al-Shaer and Raouf Boutaba, Efficient Fault Diagnosis Using Incremental Alarm Correlation and Active Investigation for Internet and Overlay Networks, IEEE Transactions on Network and Service Management , Volume: 5, Number: 1, Pages: 36--49, March 2008
  • Yongning Tang, Ehab Al-Shaer and Raouf Boutaba, Active Integrated Fault Localization in Communication Networks, The 9th IFIP/IEEE International Symposium on Integrated Network Management (IM 2005), May 2005

Team Members

  • Ehab Al-Shaer (PI)
  • Yongning Tang

newProactive Error and Rate Control for IPTV

In this project, we propose proactive end-to-end quality-centric technique for IPTV multicast. The receivers are divided into a number of multicast groups based on the Last-Mile available bandwidth. Our self-adaptive joint error and rate control mechanism ensures an optimal quality at real-time for each multicast receiver group by taking proactive control actions. The Error Control maintains receiver quality for each multicast group in the short term by providing Unequal Error Protection for FGS Base and Enhancement layers using optimal FEC and retransmission. Similar to audio, the degree and duration of error recovery methods are chosen dynamically using loss prediction and stochastic inventory control. The Rate Control detects changing bandwidth and uses a rate-quality optimization model to proactively deliver optimal Base and FGS Enhancement layer combination.

Team Members

  • Ehab Al-Shaer (PI)
  • Lopamudra Roychoudhuri

Firewall Policy Advisor: Conflicts Analysis, Rule Editing and Translation

Although Firewall is basic network premiers, their policy configuration remains a complex and error-prone task. The existence of large number of rules and firewalls, and the rule-ordering semantic actions makes manual firewall management not only incompressible but also vulnerable to misconfiguration.
In this project, we model the relation between firewall rules using set-theoretic operations and present develop a comprehensive framework to classify and identify conflicts that could exist in a single Firewall device (intra-policy conflicts) or between different Firewall devices (inter-policy conflicts) in enterprise networks. We also developed conflict-free algorithms to edit/modify firewall polices in a distributed network environment. We also show how rules can be aggregated to create a compressed format suitable for translation to high-level description.

Sponsor(s): National Science Foundation, Cisco Systems

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • Hazem Hamed

Resources

IPSec Policy Modeling and Verification

Although IPSec are basic network premiers, their policy configuration remains a complex and error-prone task. The complex semantics in IPSec policies that allows for triggering multiple rule actions increases significantly the potential of policy misconfiguration and insecure communication.
In this project, we present a generic model that captures various filtering policy semantics using Boolean expressions. We use this model to derive a canonical representation for IPSec policies using Ordered Binary Decision Diagrams. Based on this representation, we develop a comprehensive framework to classify and identify conflicts that could exist in a single IPSec device (intra-policy conflicts) or between different IPSec devices (inter-policy conflicts) in enterprise networks. Our testing and evaluation study on different network environments demonstrates the effectiveness and efficiency of our approach.

Sponsor(s): Intel Corperation

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • Will Marrero (Co-PI)
  • Hazem Hamed

Real-Time Audio Quality Assessment

On-line audio quality assessment is important to provide real-time feedback to end-to-end Internet audio transport protocols to increase the reliability and quality of the audio session. In this project, we investigate passive statistical measurement techniques or on-line audio quality assessment, Audio Genome, that can deduce the audio quality of an on-going Internet audio for many different codecs under any network loss condition at real-time. Our approach is easy to deploy and guarantees high computational speed. We first provided an extensive experimental framework with diverse codecs, where we quantified the effect of packet loss on the audio quality objectively by considering a wide range of loss bursts, inter-loss gaps and loss rates. For each codec, we modeled the relationship of audio quality with inter-loss gaps and loss burst sizes using interpolation and multiple polynomial regression. For an ongoing communication, we estimate the partial MOS by aggregating the quality MOS using the inter-loss gaps and bursts seen in the session so far.

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • Lopamudra Roychoudhuri

Proactive Quality Control for Real-Time Internet Audio

In this project, we propose a multi-codec proactive joint rate and error control mechanism for audio distributed over single- and multiple-paths. The contribution of our work is twofold. First, our self-adaptive joint error and rate control mechanism ensures an optimal receiver quality at real-time by taking proactive control actions, based on packet loss prediction (Loss Predictor) and on-line quality assessment (Audio Genome). This is superior to the reactive feedback used in current sender based single-path and multi-path rate control mechanisms. Second, our mechanism is user quality-centric, as opposed to ad-hoc reaction to network packet loss using static FEC. The Error Control recovers individual path loss and maintains receiver quality in the short term using optimal FEC. The FEC degree and duration are chosen dynamically using a Markov Decision Process (MDP) and stochastic inventory control, an effective approach that is novel in the area of multimedia error control. The Rate Control detects changing bandwidth and uses a rate-quality optimization model to proactively diversify optimal codec/bitrate combination over single or multiple paths. The sole purpose of the error control and rate adaptation actions is to optimize receiver quality at real time using objective audio quality assessment.

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • Lopamudra Roychoudhuri

Scalable and Dynamic Monitoring and Correlation

Overlay networks have emerged as a powerful and flexible platform for developing new disruptive network applications. The performance and reliability of overlay applications depend on the capability of overlay networks to dynamically adapt to various factors such as link/node failures, overlay link quality, and overlay node characteristics. This research addresses the following important challenges facing monitoring new emerging technologies such as overlay, sensor, multicast and QoS networks:

 How to create an optimal event monitoring and aggregation infrastructure that minimizes the monitoring latency and event aggregation cost considering the large-scale geographical and network distribution of overlay nodes.
 Can real-time monitoring under bandwidth and time constraints be achieved?
 How monitoring systems can be self-organized and adaptive
 How to provide rich but usable monitoring interfaces

Sponsor(s): Sun Microsystems, Aprisma, DePaul University

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • Bin Zhang
  • Yongning Tang

Multicast Reachability Monitoring & Diagnosis

In this project we developed scalable monitoring techniques and tools to detect and isolate multicast reachability and QoS problems for on-going multicast sessions at real-time. Our solution solution consists of three components: mcastSNMP that extends SNMP to support multicasting, MRMON which is a SNMP-based remote passive multicast monitoring infrastructure, and SMRM which multicast QoS monitoring framework. Our framework combines distributed monitoring and centralized control, which offers scalable, easy-to-use and easy-to-deploy multicast monitoring services.

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • Yongning Tang

Game-theocratic Approach for Resource Management

Game-theocratic Approach for Resource Management in P2P Systems P2P services are widely used today for sharing resources like files. One of the main problems that degrades the overall performance of P2P system is the selfish behavior of a client (i.e., download much more upload) in the P2P community. In this propose, we propose a game theoretic approach to value and rank and clients based on their community services and usage in P2P system. This results in fair distribution of resources between P2P clients and increase in the overall performance.

Related publications

  • Yonghe Yan , Adel El-Atawy and Ehab Al-Shaer, A Game Theoretic Model for Capacity Constrained Fair Bandwidth Allocation, International Journal of Network Management on Mathematical Methods in Network Management (IJNM SI), John Wiley & Sons, Ltd., Volume: 18, Number: 6, Pages: 458-504, August 2008
  • Yonghe Yan , Adel El-Atawy and Ehab Al-Shaer, Ranking-based Optimal Resource Allocation in Peer-to-Peer Networks, In IEEE INFOCOM'2007, (Acceptance rate 17%), May 2007
  • Yonghe Yan , Adel El-Atawy and Ehab Al-Shaer, Fair Bandwidth Allocation Under User Capacity Constraints, 10th IEEE/IFIP Network Operations and Management Symposium (NOMS 2006), April 2006

Team Members

  • Yonghe Yan (PI)
  • Ehab Al-Shaer (Co-PI)
  • Adel El-Atawy

Modeling and Prediction of Internet Packet Loss

The Loss Predictor expresses the probability of loss in the next packet train of a UDP transmission by passively analyzing (1) changes in the available bandwidth, manifested as end-to-end delay and inter-packet gap and variations of in-line stream packets as 'evidences', and (2) near-past history of congestion in terms of observed loss patterns and trends of gap and delay variations. In our approach, we identify the baseline delay and inter-packet gap as the delay and gap under no congestion. In contrast, we identify the delay and gap expansion at the capacity saturation point of a path as loss thresholds, after which packet loss is more likely. We track the short-term and long-term trends as indications of congestion build-up and release, and accordingly derive the likelihood of packet loss by detecting loss thresholds. The Loss Predictor is formalized as a Bayesian probability measure of packet loss in the next projection window based on the 'evidences' of inter-packet gap expansion and delay variation.

Related publications

Team Members

  • Ehab Al-Shaer (PI)
  • Lopamudra Roychoudhuri

Publications

Edited Books

  1. Dominique Gaïti , Ehab Al-Shaer, Ken Calvert , Simon Dobson , Guy Leduc and Olli Martikainen , Autonomic Networking, Springer-Verlag, Volume: 4195, ISBN: 978-3-540-45891-3, October 2008
  2. Ehab Al-Shaer, Jorge Lobo and Lalana Kalger , Policies for Distributed Systems and Networks, IEEE Press, ISBN: 978-0-7695-3133-5, June 2008
  3. Ehab Al-Shaer, Heinz-Gerd Hegering and Alexander Keller , Integrated Network Management: Moving From Bits to Business Values , IEEE Press, May 2007
  4. Ehab Al-Shaer, Aiko Pras and Philippe Owezarski , Monitoring Internet Traffic and Services, IEEE Press, ISBN: 0-7803-9249-3 , May 2005
  5. Ehab Al-Shaer, Monitoring Emerging Network Services, April 2004
  6. Ehab Al-Shaer and Giovanni Pacifici , Management of Multimedia on the Internet , Springer , Lecture Notes in Computer Science , ISBN: 3-540-42786-4 , October 2001

Book Chapters

  1. Ehab Al-Shaer, Reachability Monitoring and Problem Diagnosis in Multicast Networks , Enterprise Systems Integration , Auerbach , October 2008, To Appear
  2. Ehab Al-Shaer and Yan Chen , Integrating Fault and Security Management , Information Assurance: Survivability and Security in Networked Systems , ELSEVIER, Inc , Edited by David Tipper, Prashant Krishnamurthy, Yi Qian, James B. D. Joshi, Morgan Kaufmann , October 2008
  3. Editing/Reviewing, Various Chapters, The Laws of Cyber-Space, the United Nations Institute for Training and Research UNITAR , by Ambassador Ahmad Kamal, the Senior Fellow at the United Nations , ISBN: 92-9182-038-8, October 2005
  4. Ehab Al-Shaer, End-to-End Monitoring Techniques and Services , Management of Multimedia Networks and Services , Springer , Lecture Notes in Computer Science , September 2003

Journal Papers

  1. Ehab Al-Shaer, Adel El-Atawy and Taghrid Samak , Automated Pseudo-live Testing of Firewall Configuration Enforcement , IEEE Journal on Selected Areas in Communications, To appear, 2008
  2. Yonghe Yan , Adel El-Atawy and Ehab Al-Shaer, A Game Theoretic Model for Capacity Constrained Fair Bandwidth Allocation, International Journal of Network Management on Mathematical Methods in Network Management (IJNM SI), John Wiley & Sons, Ltd., Volume: 18, Number: 6, Pages: 458-504, August 2008
  3. Yongning Tang, Ehab Al-Shaer and Raouf Boutaba, Efficient Fault Diagnosis Using Incremental Alarm Correlation and Active Investigation for Internet and Overlay Networks, IEEE Transactions on Network and Service Management , Volume: 5, Number: 1, Pages: 36--49, March 2008
  4. Hazem Hamed, Adel El-Atawy and Ehab Al-Shaer, On Dynamic Optimization of Packet Matching in High Speed Firewalls , IEEE Journal on Selected Areas in Communications, Pages: 1817 - 1830, October 2006
  5. Hazem Hamed and Ehab Al-Shaer, On Autonomic Optimization of Firewall Policy Configuration , Journal of High Speed Networks, Special issue on Security Policy Management , Issue: 3, Volume: 13, Pages: 209 - 227 , August 2006
  6. Lopamudra Roychoudhuri , Ehab Al-Shaer and Gregory B. Brewster, On the Impact of Loss and Delay Variation on Internet Packet Audio Transmission , Journal of Computer Communications , Pages: 1578-1589. , June 2006
  7. Ehab Al-Shaer and Hazem Hamed, Taxonomy of Conflicts in Network Security Policies, IEEE Communications Magazine , Issue: 3 , Volume: 44 , Pages: 134 - 141 , March 2006
  8. Lopamudra Roychoudhuri and Ehab Al-Shaer, Real-Time Packet Loss Prediction based on End-to-end Delay Variation, IEEE Transactions on Network and Service Management (TNSM), Volume: 2, Number: 1, November 2005
  9. Ehab Al-Shaer, Hazem Hamed, Raouf Boutaba and Masum Hasan, Conflict Classification and Analysis of Distributed Firewall Policies, IEEE Journal on Selected Areas in Communications, Issue: 10, Volume: 23, Pages: 2069 - 2084, October 2005
  10. Ehab Al-Shaer and Hazem Hamed, Modeling and Management of Firewall Policies, IEEE Transactions on Network and Service Management, Volume: 1-1, April 2004
  11. Ehab Al-Shaer, QoS Path Monitoring for Multicast Networks, Journal of Network and System Management (JNSM), Volume: 10, Number: 3, Pages: 357-381, September 2002
  12. Ehab Al-Shaer, An Adaptive Multicast Management Framework for Distributed Event Correlation, Journal of Networking and Information Systems, Volume: 3, Number: 2, Pages: 317-333, April 2001
  13. Ehab Al-Shaer, Toward Integrating IP Multicasting in Internet Network Management Protocols, Journal of Computer and Communications, Volume: 24, Number: 6, Pages: 473-485, April 2001
  14. Ehab Al-Shaer, Active Management Framework for Distributed Multimedia Systems, Journal of Network and Systems Management (JNSM), Volume: 8, Number: 1, Pages: 49-72, March 2000
  15. Ehab Al-Shaer, Mohamed Fayad, Hussein Abdel-Wahab and Kurt Maly, Adaptive Object-Oriented Filtering Framework for Event Management Applications, ACM Computing Surveys, Volume: 32, Number: 1, Pages: Article No. 37, March 2000
  16. Ehab Al-Shaer, Hussein Abdel-Wahab and Kurt Maly, Dynamic Monitoring Approach for Multi-point Multimedia Systems, Journal of Networking and Information Systems, Pages: 75-88, June 1999
  17. Kurt Maly, Hussein Abdel-Wahab , C. M. Overstreet, C. Wild, A. Gupta, A. Youssef, E. Stoica and Ehab Al-Shaer, Interactive Distance Learning over Intranets, IEEE Internet Computing, Volume: 1, Number: 1, Pages: 60-71, February 1997

Referred Conference Publications

  1. Taghrid Samak , Adel El-Atawy and Ehab Al-Shaer, Towards network Security Policy Generation for Configuration Analysis and Testing, ACM Workshop on Assurable & Usable Security Configuration (SafeConfig'09), in conjunction with CCS'09, Chicago, IL, November 2009
  2. Ehab Al-Shaer, Will Marrero, Adel El-Atawy and Khalid Elbadawi, Network Configuration in A Box: Towards End-to-End Verification of Network Reachability and Security, In the 17th IEEE International Conference on Network Protocols (ICNP'09), Princeton, New Jersey, USA, October 2009
  3. Alan Jeffrey and Taghrid Samak , Model Checking Firewall Policy Configurations, IEEE International Symposium on Policies for Distributed Systems and Networks (Policy 2009), London, UK, July 2009
  4. Kyle Smith , Ehab Al-Shaer and Khalid Elbadawi, Information Theoretic Approach for Characterizing Spam Botnets Based on Traffic Properties, ICC 2009 Communication and Information Systems Security Symposium, June 2009
  5. Bin Zhang and Ehab Al-Shaer, On Optimizing Event Correlation Structure of Event Services Considering Time and Capacity Constrains, The 11th IFIP/IEEE International Symposium on Integrated Network Management (IM 2009), NY, June 2009
  6. Adel El-Atawy, Ehab Al-Shaer, Tung Tran and Raouf Boutaba, Adaptive Early Packet Filtering for Protecting Firewalls against DoS Attacks, IEEE INFOCOM 2009, Brazil, April 2009
  7. Adel El-Atawy and Ehab Al-Shaer, Building Covert Channels over the Packet Reordering Phenomenon, IEEE INFOCOM 2009, Brazil, April 2009
  8. Khalid Elbadawi and Ehab Al-Shaer, TimeVM: A Framework for Online Intrusion Mitigation and Fast Recovery Using Multi-Time-Lag Traffic Replay, ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS'09), Australia , March 2009
  9. Anh Le, Ehab Al-Shaer and Raouf Boutaba, Correlation-based Load Balancing for Network Intrusion Detection and Prevention Systems, ACM International Conference on Security and Privacy in Communication Networks (ACM SecureComm 2008), September 2008
  10. Taghrid Samak , Ehab Al-Shaer and Hong Li, QoS Policy Modeling and Conflict Analysis, The 9th International Workshop on Policies for Distributed Systems and Networks (POLICY 2008 Best Paper Award), Palisades, NY, USA, June 2008
  11. Ehab Al-Shaer, Latif Khan and M. Salim Ahmed, A Comprehensive Objective Network Security Metric Framework for Proactive Security Configuration, ACM Cyber Security and Information Intelligence Research Workshop, Oak Ridge, Tennessee, USA, May 2008
  12. Anh Le, Ehab Al-Shaer and Raouf Boutaba, On Optimizing Load balancing of Intrusion Detection and Prevention Systems, Proceedings of the IEEE INFOCOM Computer Communications Workshops 2008, Mission-Critical Networking (MCN) Workshop, April 2008
  13. Khalid Alsubhi, Ehab Al-Shaer and Raouf Boutaba, Alert prioritization in Intrusion Detection Systems , Accepted in the 11th IEEE/IFIP Network Operations and Management Symposium (NOMS 2008), April 2008, (Acceptance rate 27%)
  14. Lopamudra Roychoudhuri and Ehab Al-Shaer, Autonomic QoS Optimization of Real-time Internet Audio using Loss Prediction and Stochastic Control, Accepted in the 11th IEEE/IFIP Network Operations and Management Symposium (NOMS 2008) , April 2008, (Acceptance rate 27%)
  15. Yongning Tang and Ehab Al-Shaer, Towards Distributed & Collaborative Overlay Fault Diagnosis Based On User-level Belief Revision, INFOCOM 2008 MiniConference, April 2008
  16. Mohamed Salim, Ehab Al-Shaer and Latif Khan, A Novel Quantitative Approach For Measuring Network Security, INFOCOM 2008 Mini Conference, April 2008
  17. Mohamed Salim, Ehab Al-Shaer, Mohamed Taibah, Mohamed Arshad and Latif Khan, Towards Autonomic Risk-aware Security Configuration, Accepted in the 11th IEEE/IFIP Network Operations and Management Symposium (NOMS 2008), April 2008
  18. Taghrid Samak , Sahar Ghanem and Mohamed A. Ismail, On the Efficiency of using Space-Filling Curves in Network Traffic Representation, In the 11th IEEE Global Internet Symposium 2008 (in conjunction with IEEE Infocom 2008), Phoneix, AZ, USA, April 2008
  19. Tung Tran, Ehab Al-Shaer and Raouf Boutaba, PolicyVis: Firewall Security Policy Visualization and Inspection, USENIX LISA, Dallas, Texas, November 2007
  20. Jerome Francois, Adel El-Atawy, Ehab Al-Shaer and Raouf Boutaba, A Collaborative Approach for Proactive Detection of Distributed Denial of Service Attacks, In the Workshop on Monitoring, Attack Detection and Mitigation (MonAM 2007), Toulouse, France, November 2007
  21. Bin Zhang and Ehab Al-Shaer, Self-Organizing Monitoring Agents for Hierarchical Monitoring Architecture, In the 18th IFIP/IEEE Distributed Systems: Operations and Management (DSOM 2007), October 2007
  22. Taghrid Samak , Adel El-Atawy and Ehab Al-Shaer, FireCracker: A Framework for Inferring Firewall Policy using Smart Probing, In the Proceedings of the fifteenth IEEE International Conference on Network Protocols (ICNP'07), Beijing, China, October 2007, (Acceptance rate 14%)
  23. Adel El-Atawy, Taghrid Samak , Ehab Al-Shaer, Zein Wali, Sheng Li, Frank Lin and Christopher Pham, An Automated Framework for Validating Firewall Policy Enforcement, In Proceedings of IEEE Workshop on Policies for Distributed Systems and Networks (POLICY'07), Bologna, Italy, June 2007
  24. Bin Zhang, Ehab Al-Shaer, Radha Jagadeesan, James Riely and Corin Pitcher, Specifications of a High-level Conflict-Free Firewall Policy Language for Multi-domain Networks, In Proceedings of 12th ACM Symposium on Access Control Models And Technologies (SACMAT), Sophia Antipolis, France, June 2007, (Acceptance rate 23%)
  25. Yongning Tang, Ehab Al-Shaer and Bin Zhang, Toward Globally Optimal Event Monitoring & Aggregation For Large-scale Overlay Networks, The 10th IFIP/IEEE International Symposium on Integrated Network Management (IM 2007), Pages: pp. 236-245, May 2007
  26. Taghrid Samak , Adel El-Atawy, Ehab Al-Shaer and Mohamed A. Ismail, A Novel Visualization Approach for Efficient Network-wide Traffic Monitoring, In the 5th IEEE Workshop on End-to-End Monitoring Techniques and Services (E2EMON'07, In conjunction with IM 2007), Munich, Germany, May 2007
  27. Adel El-Atawy, Taghrid Samak , Ehab Al-Shaer and Hong Li, On Using Online Traffic Statistical Matching for Optimizing Packet Filtering Performance, In IEEE INFOCOM'2007, May 2007, (Acceptance rate 17%)
  28. Yonghe Yan , Adel El-Atawy and Ehab Al-Shaer, Ranking-based Optimal Resource Allocation in Peer-to-Peer Networks, In IEEE INFOCOM'2007, (Acceptance rate 17%), May 2007
  29. Taghrid Samak , Adel El-Atawy, Ehab Al-Shaer and Hong Li, Firewall Policy Reconstruction by Active Probing An Attacker's View, The 2nd Workshop on Secure Network Protocols (NPSec 2006), (Acceptance rate 30%), November 2006
  30. Muhammad Abedin, Syeda Nessa, Ehab Al-Shaer and Latif Khan, Vulnerability Analysis For Evaluating Quality of Protection of Security Policies, ACM CCS Workshop on Quality of Protection Workshop (QoP 06), October 2006, (Acceptance rate 20%)
  31. Mohamed Taibah, Ehab Al-Shaer and Raouf Boutaba, An Architecture for an Email Worm Prevention System, The Second IEEE/Create-Net International Conference on Security and Privacy in Communication Networks (SecureComm 2006), Baltimore, MD, August 2006, (Acceptance rate 23%)
  32. Mohammad Masud, Latif Khan and Ehab Al-Shaer, Email Worm Detection Using Naïve Bayes and Support Vector Machine, Proc. of Intelligence and Security Informatics (ISI 2006), Springer, San Diego, May 2006
  33. Yonghe Yan , Adel El-Atawy and Ehab Al-Shaer, Fair Bandwidth Allocation Under User Capacity Constraints, 10th IEEE/IFIP Network Operations and Management Symposium (NOMS 2006), April 2006
  34. Korosh Golnabi, Richard Min, Latif Khan and Ehab Al-Shaer, Analysis of Firewall Policy Rule Using Data Mining Techniques, 10th IEEE/IFIP Network Operations and Management Symposium (NOMS 2006), April 2006
  35. Hazem Hamed, Adel El-Atawy and Ehab Al-Shaer, Adaptive Statistical Optimization Techniques for Firewall Packet Filtering, IEEE INFOCOM'2006, April 2006, (Acceptance rate 16%)
  36. Lopamudra Roychoudhuri and Ehab Al-Shaer, Statistical Measurement Approach for On-line Audio Quality Assessment, Passive and Active Measurement (PAM’06), March 2006, (Acceptance rate 23%)
  37. Hazem Hamed and Ehab Al-Shaer, Dynamic Rule-ordering Optimization for High-speed Firewall Filtering, ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS'06), March 2006, (Acceptance rate 16%)
  38. Hazem Hamed, Ehab Al-Shaer and Will Marrero, Modeling and Verification of IPSec and VPN Security Policies, IEEE ICNP'2005, November 2005, (Acceptance rate 17%)
  39. Adel El-Atawy, Khaled Ibrahim, Hazem Hamed and Ehab Al-Shaer, Policy Segmentation for Intelligent Firewall Testing, 1st Workshop on Secure Network Protocols (NPSec 2005), November 2005
  40. Lopamudra Roychoudhuri and Ehab Al-Shaer, Real-time Audio Quality Evaluation for Adaptive Multimedia Protocols, Proceedings of Multimedia Networks and Services (MMNS 2005), October 2005
  41. Yongning Tang, Ehab Al-Shaer and Raouf Boutaba, Active Integrated Fault Localization in Communication Networks, The 9th IFIP/IEEE International Symposium on Integrated Network Management (IM 2005), May 2005
  42. Lopamudra Roychoudhuri and Ehab Al-Shaer, On Packet Loss Prediction, IEEE INFOCOM 05, January 2005, Poster paper
  43. Lopamudra Roychoudhuri and Ehab Al-Shaer, Adaptive Rate Control for Real-time Packet Audio Based on Loss Prediction, IEEE GLOBECOM’04, December 2004, (acceptance rate 33%)
  44. Ehab Al-Shaer and Bin Zhang, HiFi+: A Monitoring Virtual Machine for Autonomic Distributed Management , 15th IFIP/IEEE Distributed Systems: Operations and Management (DSOM 2004), November 2004, (Acceptance rate 28%)
  45. Lopamudra Roychoudhuri and Ehab Al-Shaer, On Packet Loss Prediction for Real-time Packet Audio , IEEE/IFIP Management of Multimedia Networks and Services (MMNS’04), October 2004, (BEST PAPER AWARD)
  46. Ehab Al-Shaer and Yongning Tang, MRMON: Multicast Remote Monitoring , IEEE/IFIP Network Operations and Management Symposium (NOMS’2004), Seoul, South Korea, April 2004
  47. Hazem Hamed and Ehab Al-Shaer, Anomaly Discovery in Distributed Firewalls, IEEE INFOCOM'04, March 2004
  48. Mohamed Younis, Poonam Munshi and Ehab Al-Shaer, Architecture for Efficient Monitoring and Management of Sensor Networks, Workshop on End-to-End Monitoring Techniques and Services, September 2003
  49. Ehab Al-Shaer, A Light-weight Encrypting Real Time Video Transmission, CTI Symposium, School of Computer Science, Telecommunications and Information Systems, DePaul University, September 2003
  50. Ehab Al-Shaer and Hazem Hamed, Management and Translation of Filtering Security Polices, IEEE ICC’03, May 2003
  51. Lopamudra Roychoudhuri , Ehab Al-Shaer, Hazem Hamed and Gregory B. Brewster, Audio Transmission over the Internet: Experiments and Observations, IEEE ICC’03, Symposium on the Next Generation Internet, May 2003
  52. Ehab Al-Shaer and Hazem Hamed, Firewall Policy Advisor for Anomaly Detection and Rule Editing, The 8th IFIP/IEEE International Symposium on Integrated Network Management (IM 2003), March 2003, BEST PAPER AWARD (acceptance rate 24%)
  53. Lopamudra Roychoudhuri , Ehab Al-Shaer, Hazem Hamed and Gregory B. Brewster, On Studying the Impact of the Internet Delays on Audio Transmission, IEEE Workshop on IP Operations and Management (IPOM’02), October 2002
  54. Gregory B. Brewster and Ehab Al-Shaer, Graduate Level Curriculum and Laboratory Courses for Computer Networking, ACM SIGCOMM Workshop on Computer Networking: Curriculum Designs and Educational Challenges, Pittsburgh, PA, August 2002
  55. Ehab Al-Shaer and Yongning Tang, SMRM: SNMP-based Multicast Reachability Monitoring, IEEE/IFIP Network Operations and Management Symposium NOMS’2002, (acceptance rate 30%), April 2002
  56. Hazem Hamed and Ehab Al-Shaer, Experiments on Packet Forwarding, CTI Symposium, School of Computer Science, Telecommunications and Information Systems, DePaul University, September 2001
  57. Ehab Al-Shaer, A Dynamic Group Management for Large-scale Distributed Event Monitoring, The 7th IFIP/IEEE International Symposium on Integrated Network Management(IM 2001), (acceptance rate 30%), May 2001
  58. Ehab Al-Shaer and Yongning Tang, Integrating IP Multicast in SNMPv1, IFIP/IEEE International Conference on Managing Multimedia Networks and Services, Fortalza, Brazil, September 2000
  59. Ehab Al-Shaer, The Role of Group Communication in Supporting Efficient Distributed Event Correlation”, Networking 2000, Multimedia Miniconference, Paris, France, May 2000
  60. Ehab Al-Shaer, Programmable Agents for Active Distributed Monitoring, IFIP/IEEE 10th International Workshop on Distributed Systems: Operation & Management (DSOM'99), Lecture Notes in Computer Science, page 19-33, Zurich, Switzerland, October 1999
  61. Ehab Al-Shaer, Hussein Abdel-Wahab and Kurt Maly, HiFi: A New Monitoring Architecture for Distributed Systems Management, IEEE 19th International Conference on Distributed Computing Systems (ICDCS'99), pp. 171-178, Austin, Texas, (Acceptance rate 18%), May 1999
  62. Ehab Al-Shaer, Dynamic Monitoring Approach for Multi-point Multimedia Systems, IFIP/IEEE International Conference on Management of Multimedia Networks and Services, Versailles, France , November 1998
  63. Ehab Al-Shaer, Hussein Abdel-Wahab and Kurt Maly, Hierarchical Filtering-based Monitoring Architecture for Large-scale Distributed Systems, International Conference on Parallel and Distributed Computing Systems, New Orleans, LA, October 1997
  64. Ehab Al-Shaer, Hussein Abdel-Wahab and Kurt Maly, Application-Layer Group Communication Server for Extending Reliable Multicast Protocols Services, IEEE International Conference on Network Protocols, Atlanta, GA, (Acceptance rate 20%), October 1997
  65. Ehab Al-Shaer, Event Filtering Framework: Key Criteria and Design Trade-offs, The 21st IEEE International Conference on Computer Software and Applications, pages 88-93, Washington, D.C., August 1997
  66. Ehab Al-Shaer, Hussein Abdel-Wahab and Kurt Maly, A Scalable Monitoring Architecture for Managing Distributed Multimedia Systems,, IFIP/IEEE International Conference on Management of Multimedia Networks and Services, Montreal, CA, July 1997
  67. Ehab Al-Shaer, A. Youssef, Hussein Abdel-Wahab , Kurt Maly and C. M. Overstreet, Reliability, Scalability and Robustness Issues in IRI,, WETICE'97: IEEE 6th Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, June 1997
  68. Ehab Al-Shaer, Hussein Abdel-Wahab and Kurt Maly, High-performance Monitoring Architecture for Large-scale Distributed Systems Using Event Filtering,, international Conference on Computer Science & Information, Volume: 3, Pages: 42-46, March 1996
  69. D. Schmidt , Tim Harrison and Ehab Al-Shaer, Object-Oriented Components for High-speed Network Programming , Proceedings of Conference on Object-Oriented Technologies, USENIX, Monterey, CA, June 1995

Professional Services

Journal Editor

  1. Journal of Network and System Management, a special issue on “Security Configuration Management”, March 2008 (with Charles R Kalmanek AT&T Research and Felix Wu UC Davis)
  2. Journal of High Speed Networks, a special issue on “Management of Security Polices”, August 2005 (with Cliff Nueman USC, Denish Verma IBM, Hong Li Intel and Anthony Chung DePaul University)
  3. Journal of Computer Communications, a special issue on “Network Monitoring and Measurements”, March 2005 (with Raouf Boutaba, University of Waterloo and Kevin Almeroth, UCSB )
  4. Journal of High Speed Networks, a special issue on “QoS for Multimedia”, April 2001 (with Anthony Chung, DePaul University)

Conference/Workshop Chair

  1. General Chair of ACM Computer and Communications Security (CCS 2009)
  2. Technical Program Chair of NSF Workshop on Assurable and Usable Security Configuration
  3. Technical Program Co-Chair of the 9th IEEE Workshop on Policies for Distributed Systems and Networks (POLICY 08), NY, June, 2008
  4. Technical Program Co-Chair of the 1st IEEE Automated Network Management (ANM 2008), (Collocated with INFOCOM 2008) , Phoenix, Arizona, April 2008
  5. Technical Program Co-Chair of 10th International IFIP/IEEE Symposium on Integrated Network Management (IM 2007) , Munich, Germany, May, 2007
  6. Workshop Chair of the 1st Midwest Security Workshop ( program), (consortium of leading research universities in the Midwest), Chicago 200
  7. Technical Program Co-Chair of IFIP Autonomic Management & Services 2006 (INTELLCOM’06), France
  8. Technical Program Co-Chair of IEEE End-to-End Monitoring (E2EMON) Workshop, 2004-2006
  9. Technical Program Co-Chair of the IEEE/IFIP International Conference of Management of Multimedia Networks and Services (MMNS'01), October, 2001

Member of Organization Committee

  1. Workshops Co-Chair of IEEE INFOCOM 2008 , April 2008, Phoenix, Arizona
  2. Workshops Co-Chair of IEEE NOMS 2006, April 2006, Vancouver, Canada
  3. Poster Chair of Consumer Communications and Network (CCNC 2005)

Current Technical Program Committee Membership

  1. IEEE INFOCOM 2006-current
  2. IEEE International Conference on Network Protocols, 2005-current
  3. IEEE International Symposium Conference on Integrated Network Management (IM) 2002- current
  4. IEEE/IFIP Network Operations and Management Symposium (NOMS), 2002- current
  5. IEEE International Workshop on Distributed Systems: Operations & Management (DSOM), 2002- current
  6. IEEE ICC Security Symposium 2008

Previous Technical Program Committee Membership

  1. IEEE Mission-Critical Networking Workshop (MCN) 2008
  2. ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2007
  3. IEEE E2EMON 2005-2007
  4. ACM SIGCOMM Internet Network Management (INM) Workshop, 2007
  5. IEEE Global Internet 2005, 2006
  6. IEEE International Conference on Management of Multimedia Networks and Services (MMNS), 1999 – 2006
  7. IEEE Consumer Communications and Network (CCNC 2005)
  8. IEEE Local Area Network 2005
  9. IEEE Autonomic Grid Management 2005
  10. IEEE Computer Communication Workshop, ICCW, 2003
  11. IEEE Internet Protocol Operations and Management (IPOM) 2002
  12. Parallel and Distributed Computing and Systems (PDCS’2000, 2002)
  13. International Conference on Parallel and Distributed Computing Systems, 1998- 2001
  14. IEEE International Conference on Distributed Computing Systems (ICDCS'99)

Talks

Invited Talks

  1. “GENI Security Configuration In a Box”, NSF GENI Workshop, University of California Davis, January 2009
  2. "Assurable and Usable Security Configuration: Looking Forward", NSF Workshop on Assurable and Usable Security , George Mason Univrsity, VA, August 2008
  3.  “Network Security Auto-configurations: Top-down and Bottom-up Approaches”, BBN, Boston, MA, July 2008
  4. "Toward Assurable and Robust Network Security Configurations", Computer Science Dept., Boston University, Boston, MA, July 2008
  5. "Toward On-line Network Configuration Debugging", Yale University, New Haven, CT, July 2008
  6. “A Composable and Verifiable Modeling for Network Security Configurations“, Configuration Workshop at USINEX LISA, Dallas, Texas, November 2007
  7. "Toward Assurable and Robust Network Security Configurations", University of Iowa, Iowa, November 2007
  8. "The 5 Challenges Towards Automated Security Management ", NSF Safe Computing Workshop, Sandia National Labs, December 2006
  9. "Future Direction in Security & Forensic Management Research", NSF Cyber Trust Future Direction Workshop, (invited as Lead Researcher in this area), , October 2006
  10. “Toward Autonomic Security Policy Management”, , Purdue University, August 2006
  11. “Toward Next-Generation Security Policy”, , Intel Research, March 2006
  12. “Statistical Filtering for Firewall Policy Optimization”, , Northwestern University, March 2006
  13. “Network Security Policy Verification and Optimization ”, , Georgia Institute of Technology, October 2005
  14. “Management of Network Security Policies Between Crises and Fantasies ”, , University of Illinois at Urbana-Champaign (UIUC), September 2005
  15. “Policy-based Enterprise Security Solutions”, Cisco Security Team, San Jose, October 2004
  16. “Next-generation Firewall”, Cisco Workshop on Network Security, San Jose, November 2003
  17. Tightening Your Firewall Security”, CTI Security Seminar, DePaul University, October 2003
  18. “The Role of Multicasting in Supporting Event Correlation”, Networking 2000, Paris, May 2000
  19. “Emerging Technologies for A Networked Society”, IT Puerto Rico Government Summit, , March 2000

Tutorials

  1. “Security Policy Testing and Evaluation”, IEEE Network Operations and Management Symbosium (NOMS 2008), Brazil, December 2008
  2. Intrusion Detection and Prevention Systems: Configuration, Tuning and Evaluation”, KFUPM , , December 2007
  3. “Firewall and Security Policy Management”, KFUPM, , December 2006
  4. “Security Policy Verification, Optimization”, IEEE NOMS 2006, , April 2006
  5. “Managing Network Security Policies: Firewall and IPSec/VPN”, IEEE IM 2005, , May 2005
  6. “Managing Firewall and Network-Edge Security Policies”, IEEE NOMS 2004, , April 2004

Panels

  1. “Can Management Systems be Trusted?”, IEEE Symposium of Integrated Network Management 2007, Germany, January 2007
  2. "Toward Next-generation Monitoring System for Security", IEEE E2EMON (with Keith Ross Polytechnic University, James Hong POSTEC, and Masum Hasan Cisco systems), , October 2004
  3. "verlay Networks and Management: A Real Solution or New Hype", IEEE Integrated Network Management (IM’03), Colorado, March 2003
  4. "Is the Internet Ready for Multimedia", IEEE MMNS, California, October 2002

Professional Awards

  • Received the BEST PAPER AWARD in IEEE POLICY 2008, paper title:``Modeling and Conflcit Analysis of QoS Policies”
  • Designated as "Researcher Lead” during NSF Cyber Trust Future Direction Workshop, November 2006
  • Received a Service Appreciation Award, IEEE Communication Society, 2003, and 2005
  • Received the Featured ODU Alumni Award, 2004
  • Received the BEST STUDENT PAPER AWARD in IEEE Management of Multimedia Networks and Services, MMNS’04, paper title “Packet Loss Prediction for Real-time Packet Audio”
  • Received the BEST PAPER AWARD in IEEE Symposium on Integrated Network Management 2003, paper title:” Policy Advisor for Anomaly Detection and Rule Editing”
  • Received NASA Fellowship from NASA Langley Research Center, May 1996-1998
  • Awarded USENIX Student Fellowship, June 1994

Grants

  • NSF Workshop on Assurable and Usable Security Configuration
    PI: Ehab Al-Shaer (collaboration with Sushil Jajodia, GMU)
    Sponsor Name(s): National Science Foundation
    Start Date: 09/01/2008
    End Date: 03/23/2009

  • ConfVeal: Automated Testing of Security Configuration Enforcement in Distributed Networks
    PI: Ehab Al-Shaer
    Sponsor Name(s): National Science Foundation
    Start Date: 01/09/2008
    End Date: 01/09/2011

  • Global Verification and Dynamic Optimization of Network Security Polices
    PI: Ehab Al-Shaer, Co-PI: Will Merraro
    Sponsor Name(s): National Science Foundation
    Start Date: 01/09/2007
    End Date: 01/09/2010

  • INPSEC: A Framework for Testing Security Policy Enforcement Devices
    PI: Ehab Al-Shaer
    Sponsor Name(s): Cisco Systems
    Start Date: 11/01/2005
    End Date: 11/01/2007

  • Autonomic Security Configuration
    PI: Ehab Al-Shaer
    Sponsor Name(s): Intel
    Start Date: 03/15/2005
    End Date: 03/15/2007

  • High-performance Security Policy Inspection
    PI: Ehab Al-Shaer
    Sponsor Name(s): ARAMCO
    Start Date: 01/01/2004
    End Date: 12/31/2008

  • Analysis and Verification of Filtering Rules in Security Polices
    PI: Ehab Al-Shaer
    Sponsor Name(s): National Science Foundation
    Start Date: 09/01/2003
    End Date: 09/01/2004

  • Anomaly Detection in Firewall Policies
    PI: Ehab Al-Shaer
    Sponsor Name(s): Cisco Systems
    Start Date: 07/01/2003
    End Date: 07/01/2004

Students

Current Students

  • Bin Zhang PhD Candidate, Thesis: On Optimizing Policy Configuration and Information Correlation for Network Security
  • Adel El-Atawy PhD Candidate, Thesis: Modeling and Analysis of Security Attacks and Counter-measures based on Network Behavior
  • Mohamed Taibah PhD Student, Modeling and Defense of Sanning Worm
  • Taghrid Samak PhD Candidate, Thesis: "Modeling, Discovery and Analysis of Network Access Control Policies"
  • Khalid Elbadawi PhD Student

Previous Students

  • Hazem Hamed PhD (Cisco System), Thesis: “Verification and Optimization of Firewall Policies”, 2005
  • Shimeng Feng MS Studnet , Project: "Security Policy Visualization"
  • Tung Tran MSc (U Waterloo), Thesis: “Security Policy Visualization and Debugging”, 2008
  • Khalid Alsubhi MSc (U Waterloo), Thesis: “Automatic Alert Prioritization in Intrusion Detection Systems”, 2006-current
  • Kyle Smith MS Studnet , Thesis: Spam Botnet Detection
  • Anh Le MSc (U Waterloo), Thesis: “Load Balancing in Distributed Intrusion Detection/Prevention Systems”, 2008
  • Mohammed Ashraf Khan PhD Student (PhD Student at UNCC)
  • Sk. Kajal Imon PhD Student
  • Walter Goulet MSc (Motorola) , Thesis: “IPSecRMS: Automatic Generation of IPSec Security Policies Considering Mission Objectives and Risk Analysis”, Oct 2007
  • Shridhar Sheth MSc, Thesis: “Firewall Query Engine”, Nov 2006
  • Kerilyn O'Donnell MSc (Motorola) , Thesis: “Implementation of Network Simulator Interfaces for LAN and WAN”, March 2004
  • Luis G Rodriguez MSc (Motorola) , Master Project: “Implementation Network Simulator Interfaces for Wireless, DiffServ and Multicast Services and Trace Analyzer”, Jan 2004
  • Erez Har Tal MSc, Project: “Adaptive Error Control for Real-time H.264+ Vide Streams”, May 2003
  • Dongxian Yao MSc, Project: “Adaptive Multimedia Streaming Server for Distance Learning”, Nov 2002
  • Daniel Gavenda MSc, Project: “Study and Evaluation of Audio Quality Assessment Techniques”, May 2002
  • Farouq Hasan MSc, Project: “Implementing YUV-RGB/RGB-UYV Converter and H.263 for Solaris ”, May 2002
  • Lopamudra Roychoudhuri PhD, Thesis: Proactive Rate and Error Control for Packet Multimedia Transmission Based on Loss Prediction”, 2007
  • Peter Nyberg MSc, Thesis: “Interoperability Architectures for Reliable Multicasting Protocols”, Jan 2000
  • Walid Ibrahim BSc, Project: “Implementing H.263 Video Encoder for Windows”, 2000
  • Yongning Tang PhD (Assis. Prof. Illinois State University)
  • Michael Saccotelli BSc, Project: “Implementing H.263 Video Decoder for Windows”, 1999