Monther Aldwairi

Fatema Al Mukhaini, Shaikhah Al Abdoulie, Aisha Al Kharuosi et al.

Fake news existed ever since there was news, from rumors to printed media then radio and television. Recently, the information age, with its communications and Internet breakthroughs, exacerbated the spread of fake news. Additionally, aside from e-Commerce, the current Internet economy is dependent on advertisements, views and clicks, which prompted many developers to bait the end users to click links or ads. Consequently, the wild spread of fake news through social media networks has impacted real world issues from elections to 5G adoption and the handling of the Covid- 19 pandemic. Efforts to detect and thwart fake news has been there since the advent of fake news, from fact checkers to artificial intelligence-based detectors. Solutions are still evolving as more sophisticated techniques are employed by fake news propagators. In this paper, R code have been used to study and visualize a modern fake news dataset. We use clustering, classification, correlation and various plots to analyze and present the data. The experiments show high efficiency of classifiers in telling apart real from fake news.

Suhail Paliath, Mohammad Abu Qbeitah, Monther Aldwairi

Phishing emails are the first step for many of today's attacks. They come with a simple hyperlink, request for action or a full replica of an existing service or website. The goal is generally to trick the user to voluntarily give away his sensitive information such as login credentials. Many approaches and applications have been proposed and developed to catch and filter phishing emails. However, the problem still lacks a complete and comprehensive solution. In this paper, we apply knowledge discovery principles from data cleansing, integration, selection, aggregation, data mining to knowledge extraction. We study the feature effectiveness based on Information Gain and contribute two new features to the literature. We compare six machine-learning approaches to detect phishing based on a small number of carefully chosen features. We calculate false positives, false negatives, mean absolute error, recall, precision and F-measure and achieve very low false positive and negative rates. Na{\"ı}ve Bayes has the least true positives rate and overall Neural Networks holds the most promise for accurate phishing detection with accuracy of 99.4\%.

Monther Aldwairi, Suaad Mohammed, Megana Lakshmi Padmanabhan

With the growth of connectivity to smart grids, new applications, and the changing interaction between customer and energy clouds, clouds are more vulnerable to denial-of-service attacks. Efficient detection methods are required to authenticate, detect and control attackers. Completely Automated Public Turing test to tell Computers and Humans Apart, CAPTCHA, is one efficient tool to thwart denial of service attacks. The server presents the user with a client puzzle to solve in order to gain access to the service or website. The puzzle should be hard enough for computers, but easy for humans to solve. Several methods have been suggested including the popular image-based, as well as video-based, and text-based CAPTCHAs. In this paper, we present a new Flash-based gaming CAPTCHA to differentiate bots from humans. We propose a drag and drop client puzzle where the user will play a simple game to answer a visual question. Our method turns out to be convenient, easy for users and challenging for bots. Additionally, it has gaming aspect, which makes it interesting to users of all age groups.

Monther Aldwairi, Yahya Flaifel, Khaldoon Mhaidat

Network intrusion detection systems and antivirus software are essential in detecting malicious network traffic and attacks such as denial-of-service and malwares. Each attack, worm or virus has its own distinctive signature. Signature-based intrusion detection and antivirus systems depend on pattern matching to look for possible attack signatures. Pattern matching is a very complex task, which requires a lot of time, memory and computing resources. Software-based intrusion detection is not fast enough to match high network speeds and the increasing number of attacks. In this paper, we propose special purpose hardware for Wu-Manber pattern matching algorithm. FPGAs form an excellent choice because of their massively parallel structure, reprogrammable logic and memory resources. The hardware is designed in Verilog and implemented using Xilinx ISE. For evaluation, we dope network traffic traces collected using Wireshark with 2500 signatures from the ClamAV virus definitions database. Experimental results show high speed that reaches up to 216 Mbps. In addition, we evaluate time, device usage, and power consumption.

Saeed Ibrahim, Nawwaf Al Herami, Ebrahim Al Naqbi et al.

A drive by download is a download that occurs without users action or knowledge. It usually triggers an exploit of vulnerability in a browser to downloads an unknown file. The malicious program in the downloaded file installs itself on the victims machine. Moreover, the downloaded file can be camouflaged as an installer that would further install malicious software. Drive by downloads is a very good example of the exponential increase in malicious activity over the Internet and how it affects the daily use of the web. In this paper, we try to address the problem caused by drive by downloads from different standpoints. We provide in depth understanding of the difficulties in dealing with drive by downloads and suggest appropriate solutions. We propose machine learning and feature selection solutions to remedy the the drive-by download problem. Experimental results reported 98.2% precision, 98.2% F-Measure and 97.2% ROC area.