Browsing by Author "El-Khatib, Khalil"
Now showing 1 - 14 of 14
Results Per Page
Sort Options
Item Cluster-based target tracking in vehicular ad hoc networks(2015-01-01) Khakpour, Sanaz; El-Khatib, Khalil; Pazzi, Richard W.Recently Vehicular Ad-hoc Networks (VANETs) have drawn the attention of academic and industry researchers due to their potential applications in enabling Intelligent Transportation System (ITS), including safe driving, entertainment, emergency response, and content sharing. Another potential application for VANET lies in vehicle tracking, where a tracking system is used to visually track a specific vehicle or to monitor a particular area. In this case, and in similar applications such as multimedia content sharing, a large volume of information is required to be transferred between vehicles, which can easily congest the wireless network in a VANET if not designed properly. The development of low-delay, low-overhead, and precise tracking system in VANET is a major challenge requiring novel techniques to guarantee performance and reduce network congestion. Among the several proposed data dissemination and management methods implemented in VANETs, clustering has been used to reduce data propagation traffic and to facilitate network management. However, clustering for target tracking in VANETs is still a challenge. In this thesis, we propose two clustering algorithms for vehicle tracking in VANETs. These algorithms provide a reliable and stable platform for tracking specific vehicles based on their visual features under various conditions. These algorithms have also been tested and evaluated in the context of vehicular tracking under various scenarios. Performance evaluation results demonstrate that the proposed schemes provide a more stable clustering structure with reduced overhead.Item Community-oriented architecture for smart cities(2017-12-01) Jalali, Roozbeh; El-Khatib, Khalil; McGregor, CarolynWith the widespread use of smartphone devices, a surge in mobile sensing, progress in wireless communication and networking techniques, as well as the development of the Internet of Things (IoT) and cloud computing, mobile-based community sensing has turned into a leading paradigm for pervasive sensing. Smartphones with embedded sensors have become ubiquitous devices carried by millions of people. Community sensing empowers individuals to collectively sense, analyze and share local observations and mine data in order to determine and map phenomena relating to real world conditions by using mobile devices across many applications, including transportation and healthcare. While there are currently many tools and frameworks that allow researchers and developers to collect and analyze data at the individual user level, a parallel framework for data collection and analysis at the community level does not yet exist. Such a framework would provide the functionality to create various models for building smart city applications for urban planning, sustainable communities, transportation, public health, and public security. This thesis presents a review of current smart city network architectures, along with their associated technologies, and proposes an architecture for the smart city and its services while considering communities as the main part of the design. Of the different components of the proposed architecture, two are vital for enabling a community structure for the smart city. These two components are community detection and data aggregation. This thesis proposes new methods for community detection and analysis using graphs and clustering algorithms based on the sensor data collected from individuals’ smartphones and IoT sensors. As far as can be ascertained, the proposed method is the first to transform the time series data collected from individuals’ smartphones to correlation networks for community detection. The proposed methods leverage not only the individuals’ groups but effectively discover communities of common interest. Two different case studies were conducted in this thesis in order to show the performance of the proposed methods. In these case studies, the data collected from individuals’ smartphones and vehicles are used and communities of individuals, based on their movement patterns and similarities, are detected. The performance evaluation shows that the proposed methods effectively identify the individuals’ communities with good accuracy.Item Determining optimal flight paths for cellular network connectivity for the transmission of real-time physiological data in support of big data analytics during airborne critical care transport(2017-02-01) Greer, Robert; McGregor, Carolyn; El-Khatib, KhalilThis thesis presents a methodology for determining the optimal flight paths between two geographical points based on distance and cellular reception over the path. This methodology consists of two main concepts: coverage map generation, and path planning. Coverage map generation creates a grid map of the total planning space that contains coverage information for each grid point. Coverage is calculated based on geographical and technical information regarding each cell tower in the planning area. The planning step utilises the coverage map to plan a route based on minimum distance and maximum coverage, which is then smoothed into a feasible route for an aircraft to follow. This methodology is demonstrated in an airborne critical care transport within the Province of Ontario in Canada context. Leveraging available cellular information, this methodology is used to determine optimal paths between various care centres or their closest airport. Evaluation reveals that optimal routes can be found through this methodology.Item DL-based defense against polymorphic network attacks(2024-01-01) Sabeel, Ulya; Heydari, Shahram; El-Khatib, KhalilNetwork security is of vital importance in our world dominated by internet systems. These systems are vulnerable to large-scale rapidly evolving attacks by sophisticated cyber attackers who can have an upper edge over the defensive systems. Artificial Intelligence (AI) based intrusion detection systems provide effective defense mechanisms against cyber attacks. However, these techniques often rely on the same dataset for training and validation as well as evaluation of AI models. Current research [1] also confirms that such trained models can accurately identify known/typical network attacks but perform poorly when faced with continuously evolving atypical/polymorphic cyberattacks. Therefore, it is crucial to develop and train an AI-based Intrusion Detection System (IDS) that proactively learns to resist infiltration by such dynamically changing attacks. For this purpose, in this research work, we propose an AI-based IDS system that can monitor and detect polymorphic network attacks with high confidence levels. We propose a novel hybrid adversarial model that leverages the best characteristics of a Conditional Variational Autoencoder (CVAE) and a Generative Adversarial Network (GAN). Our system generates adversarial polymorphic attacks against the IDS to examine its performance and incrementally retrains it to strengthen its detection of new attacks, specifically for minority attack samples in the input data. The employed attack quality analysis ensures that the adversarial atypical/polymorphic attacks generated through our system resemble realistic network attacks. Our experiments showcase the exceptional performance of the proposed IDS by training it using the CICIDS2017 and CICIoT2023 benchmark datasets and evaluating its performance against several atypical/polymorphic attack flows. The results indicate that the proposed technique, through adaptive training, learns the pattern of dynamically changing atypical/polymorphic attacks and identifies such attacks with high IDS proficiency. Additionally, our IDS surpasses various state-of-the-art anomaly detection and class balancing techniques.Item MAVIDS: an intelligent intrusion detection system for autonomous unmanned aerial vehicles(2021-07-01) Whelan, Jason P.; El-Khatib, KhalilUnmanned Aerial Vehicles (UAVs) face a large threat landscape, being used in numerous industries in hostile environments while relying on wireless communication. As attacks against UAVs increase, an intelligent Intrusion Detection System (IDS) is needed to aid the UAV in identifying attacks. The UAV domain presents unique challenges for intelligent IDS development, primarily the variety of components, communication protocols, and dataset availability. A novelty-based approach to intrusion detection in UAVs is proposed by using one-class classifiers, exploiting the use of flight logs for training. The proposed technique is integrated into a fully developed IDS which operates onboard the UAV, allowing it to detect and mitigate attacks even when communication to the ground control station is lost. The approach shows promising results when faced with a number of common attacks, including macro averaged F1 scores of up to 90.57% and 94.3% for live GPS spoofing and jamming respectively.Item A mixed-method approach to analyze the robustness of natural language processing classifiers(2021-04-01) Laughlin, Brandon; El-Khatib, Khalil; Sankaranarayanan, KarthikNatural language processing algorithms (NLP) have become an essential approach for processing large amounts of textual information with applications such as spam, phishing and content moderation. Malicious actors can craft manipulated inputs to fool NLP classifiers into making incorrect predictions. A large challenge with evaluating these adversarial attacks is the trade-o_ between attack efficiency and text quality. Higher constraints on the attack search space will improve text quality but reduce the attack success rate. In this thesis, I introduce a framework for the evaluation of NLP classifier robustness. Black-box attack algorithms are paired with a threat modelling system to apply a customizable set of constraints to the adversarial generation process. I introduce a mixed-method experimental design approach that combines metrics that compare how many adversarial documents can be made versus the impact the attack has on the text's quality. Measuring the attack efficiency involves combining the computational cost and success rate of the attack. To measure the text quality, an experimental study is run in which human participants report their subjective perception of text manipulation. I present a set of equations to reconcile the trade-offs between these tests to find an optimal balance. This pairing bridges the automated evaluation of the classifier decisions with the semantic insight of human reviewers. The methodology is then extended to evaluate adversarial training as a defence method using the threat modelling system. The framework is also paired with a collection of visualization tools to provide greater interpretability. Domain-agnostic tools for classifier behaviour are first presented, followed by an interactive document viewer that enables exploration of the attack search space and word-level feature importance. The framework proposed in this thesis supports any black-box attack and is model-agnostic, which offers a wide range of applicability. The end objective is a more unified, guided and transparent way to evaluate classifier robustness that is flexible and customizable.Item On the potential of intent-based access control (IBAC) in preventing insider threats(2015-11-01) Almehmadi, Abdulaziz; El-Khatib, KhalilExisting access control mechanisms are based on the concepts of identity enrollment and recognition, and assume that recognized identity is synonymous with ethical actions. However, statistics over the years show that the most severe security breaches have been the results of trusted, authorized, and identified users who turned into malicious insiders. Therefore, demand exists for designing prevention mechanisms. A non-identity-based authentication measure that is based on the intent of the access request might serve that demand. In this thesis, we test the possibility of detecting intention of access using involuntary electroencephalogram (EEG) reactions to visual stimuli. This method takes advantage of the robustness of the Concealed Information Test to detect intentions. Next, we test the possibility of detecting motivation of access, as motivation level corresponds directly to the likelihood of intent execution level. Subsequently, we propose and design Intent-based Access Control (IBAC), a non-identity-based access control system that assesses the risk associated with the detected intentions and motivation levels. We then study the potential of IBAC in denying access to authorized individuals who have malicious plans to commit maleficent acts. Based on the access risk and the accepted threshold established by the asset owners, the system decides whether to grant or deny access requests. We assessed the intent detection component of the IBAC system using experiments on 30 participants and achieved accuracy of 100% using Nearest Neighbor and SVM classifiers. Further, we assessed the motivation detection component of the IBAC system. Results show different levels of motivation between hesitation-based vs. motivation-based intentions. Finally, the potential of IBAC in preventing insider threats by calculating the risk of access using intentions and motivation levels as per the experiments shows access risk that is different between unmotivated and motivated groups. These results demonstrate the potential of IBAC in detecting and preventing malicious insiders.Item Publish-subscribe based middleware for heterogeneous critical infrastructure systems communication.(2014-07-01) Okathe, Titus; Heydari, Shahram; Sood, Vijay; El-Khatib, KhalilCritical Infrastructures (CIs) are physical assets and organizations responsible for the production and distribution of society’s vital goods and services. The increasing interconnection of CIs has resulted in interdependencies which effect the propagation of failure from one infrastructure to another. Therefore a publish-subscribe based communication system for dissimilar CIs is presented. The proposed system improves the manageability of CIs by providing an exchange medium for status information and alerts. It achieves this via a uniform architecture within and across infrastructure boundaries, that maintains data restrictions that reflect real life organizational, administrative, and policy boundaries. Finally the proposed system is modeled using the OMNET++ simulation framework, and a network performance study investigating scalability is presented. Scalability was found to depend on service time per packet, subscription density, and number of clients per router. However, further work in the areas of QoS management, reliability/robustness, security, and network optimization is required.Item Spectrum sensing based on capon power spectral density estimation(2015-04-01) Mohammed, Ola Ashour; El-Khatib, Khalil; Vargas Martin, MiguelCognitive radio (CR) technology has evolved to solve the spectrum scarcity problem and improve spectrum utilization. Spectrum sensing is a CR function that allows secondary users to efficiently utilize the spectrum without interfering with primary users. The performance of this function depends on the efficiency of the used detection method. In this thesis, we propose a spectrum sensing based on the Capon Power Spectral Density (PSD) estimation method. The proposed method estimates the received PSD, and uses it to identify free and busy channels. A cooperative spectrum sensing approach is also introduced. The goal is to solve the common hidden node problem and help devices without CR capability to identify free channels. Experimental results show that the proposed method outperforms the spectrum sensing based on the Periodogram method in detecting both busy and free channels. In addition, simulation results show that the cooperative approach improves the spectrum sensing function.Item Towards measuring privacy(2015-04-01) Kosa, Tracy Ann; El-Khatib, KhalilThe acceptable threshold for privacy is an individual choice, informed by culture, tradition and experience. That it is important, conversely, is self-evident. We use it to moderate personal information disclosure, how we choose to act and dress every day. However, the debate about privacy has struggled because of an incomplete scholarship that often halts with the question ‘what is privacy?’ Similarly, the affirmative statement ‘privacy is dead’ is often made without further explanation of what we have lost. This thesis provides a clarification of privacy by presenting a formal model and tool for precise discussion. It can be implemented, for example, in a mobile application or embedded on a website. The utility of the formal model is supported by survey research of professionals in the field and those with no particular related work experience. The formal model has given us several insights to how privacy behaves enabling progress towards an interdisciplinary understanding of terminology. In particular, it demonstrates and solves for the problem of transitivity in privacy because it can follow each personal information disclosure as it travels beyond the data subject through a network of people, processes and technologies. In addition to the formal model and observations about the behaviour of privacy, a contribution of this thesis is its review of computer science literature specifically for contributions to privacy research, an assessment of current privacy practitioner methods, a study of privacy impact assessment practices at Ontario hospitals, and a detailed exploration of the possibilities of future work.Item UniNet: A mixed reality driving simulator(2019-08-01) Arppe, David F.; Zaman, Loutfouz; Pazzi, Richard W.; El-Khatib, KhalilDriving simulators play an important role in vehicle research. However, existing virtual reality simulators do not give users a true sense of presence. UniNet is our driving simulator, designed to allow users to interact with and visualize simulated traffic in mixed reality. It is powered by SUMO and Unity. UniNet's modular architecture allows us to investigate interdisciplinary research topics such as vehicular ad-hoc networks, human-computer interaction, and traffic management. We accomplish this by giving users the ability to observe and interact with simulated traffic in a high fidelity driving simulator. We present a user study that subjectively measures user's sense of presence in UniNet. Our findings suggest that our novel mixed reality system does increase this sensation.Item An unmanned aerial vehicle-based assessment method for quantifying computer vision models(2019-04-01) Hills, Zachary; El-Khatib, Khalil; Pazzi, Richard; Almehmadi, AbdulazizComputer vision is a growing field in computer science. Since the advancement of Machine learning, Computer vision solutions have been trending. As a result of the growing number of solutions and performance increases in Machine learning, machine learning solutions are now being utilized in the field of robotics. A problem propagates when the evaluation methods that were used previously are used for robotic vision solutions. The accuracy metric although valuable from a data driven perspective lends no benefit to the use in robotics. The accuracy calculated by the performance of the Convolutional neural network on the evaluation dataset is only a relevant metric to the evaluation dataset. The accuracy metric does not define the distance at which the accuracy of the Convolutional Neural Network (CNN) begins to decrease below the required threshold. The accuracy metric does not depict the strengths and weaknesses of the CNN in terms of orientation of the object. The accuracy metric does not show the accuracy of the CNN given a specific orientation and distance. Orientation and distance are factors when considering a computer vision solution for the use in robotics. A popular example is Tesla. Tesla incorporates a multitude of systems in order to produce their self-driving capabilities. One of the systems used is camera feed that utilizes Machine learning to depict the context of the image. Tesla needs their system to perform in a multitude of distance and orientation of objects [9]. Simply using a single accuracy metric will not be enough to define the limitations of the system. What this thesis proposes is an evaluative method capable of defining the spatial limitations of a CNN for 3D objects. This approach utilizes Unmanned aerial vehicle (UAV) mobile sensors in order to generate the desired distances and orientation from the object being evaluated. Multiple flight sequences are conducted to provide information that is able to define the exact point in which the accuracy starts to decrease and the orientations that are the most weak. This approach was tested using a two class CNN that depicted if a Ford Ranger was in the image or if it was not. The experimental results using an Unmanned Aerial Vehicle (UAV) was able to depict the CNN's dependencies such as: the distance from the object, the altitude, the orientation of the object and the impact these dependencies have on accuracy. An UAV was used due to their innate capability as mobile sensors capable of producing any perspective and distance required.Item Using detection in depth to counter SCADA-specific advanced persistent threats(2014-04-01) Hayes, Garrett; El-Khatib, KhalilA heavy focus has recently been placed on the current state of each country’s critical infrastructure security. Unfortunately, widely deployed supervisory control and data acquisition (SCADA) protocols provide little to no inherent security controls while traditional security mechanisms prove largely ineffective in industrial control environments. Moreover, the recent advent of advanced persistent threats (APTs) has highlighted the relative ineffectiveness of existing SCADA-centric security solutions. In this thesis I will identify various algorithmic strategies for detecting and mitigating common APT attack vectors impacting SCADA environments. Primarily, the integration of flow-based intrusion detection systems, passive device fingerprinting, low- interaction honeypots, and traditional signature- based intrusion detection technologies provides a highly effective capacity for detecting common attack vectors used by APTs. Finally I will show how the integration of these technologies into a single security solution has provided a verifiably robust and effective solution for the problem at hand.Item Vehicular infotainment forensics: collecting data and putting it into perspective(2017-01-01) Lacroix, Jesse; El-Khatib, KhalilIn today’s transportation system, countless numbers of vehicles are on the road and later generations have become mobile computers. Vehicles now have embedded infotainment systems that enable user-friendliness and practicability with functions such as a built-in global positioning system, media playback device and application interface. Smartphones and laptops can connect to them through Bluetooth and WiFi for all sorts of utilities. This enables data flow between a user’s device and the infotainment system and because of this interaction, data remnants are kept on these embedded devices. It is important to determine what type of data is stored long term since this information reflects a user’s activity and potential personal information. In terms of forensics, this data could be used to solve criminal activities if a vehicle was suspected of being an accessory to a crime; raising general awareness about this topic is important due to the potential sensitive information circulated. This main objective of this thesis is to demonstrate what types of information are stored on infotainment systems, how it can be acquired and the implications and contributions of the collected data in relation to the overall field of digital forensics.