Belal Amro

Belal Amro, Ahmed Abu Sabha, Ammar Qunaibi et al.

Security and privacy have been considered a corner stone in all electronic transactions nowadays. People are becoming very cautious when conducting electronic transactions over internet. One of the major issues that frightens them is identity theft. Identity theft might be conducted using phishing techniques that aims to trick the user to provide his credentials in a well-organized tactic. Efforts have been done towards fighting against phishing attacks and hence identify theft. However, most of these efforts are either computationally exhaustive to the electronic device or depend on a third party to perform the task. In this paper, we propose a plugin called Personalized Anti-Phishing Guard - PAPG that is managed personally on the device and is used to guard the user against phishing attacks. The plugin maintains data locally and may not need to synchronize with a third party. Besides, PAPG depends on the user's feedback to build the local knowledge base that is used to support the decision. The user might also store his profile and reuse it with other devices and from different locations without having to configure it again

Belal Amro

The rapid evolution in mobile devices and communication technology has increased the number of mobile device users dramatically. The mobile device has replaced many other devices and is used to perform many tasks ranging from establishing a phone call to performing critical and sensitive tasks like money payments. Since the mobile device is accompanying a person most of his time, it is highly probably that it includes personal and sensitive data for that person. The increased use of mobile devices in daily life made mobile systems an excellent target for attacks. One of the most important attacks is phishing attack in which an attacker tries to get the credential of the victim and impersonate him. In this paper, analysis of different types of phishing attacks on mobile devices is provided. Mitigation techniques - anti-phishing techniques - are also analyzed. Assessment of each technique and a summary of its advantages and disadvantages is provided. At the end, important steps to guard against phishing attacks are provided. The aim of the work is to put phishing attacks on mobile systems in light, and to make people aware of these attacks and how to avoid them

Belal Amro

Mobile malware has increased rapidly last 10 years. This rapid increase is due to the rapid enhancement of mobile technology and their power to do most work for their users. Since mobile devices are personal devices, then a special action must be taken towards preserving privacy and security of the mobile data. Malware refers to all types of software applications with malicious behavior. In this paper, we propose a malware detection technique called Personal Mobile Malware Guard ? PMMG- that classifies malwares based on the mobile user feedback. PMMG controls permissions of different applications and their behavior according to the user needs. These preferences are built incrementally on a personal basis according to the feedback of the user. Performance analysis showed that it is theoretically feasible to build PMMG tool and use it on mobile devices.

Belal Amro

Vehicular ad hoc networks VANETs use pseudonyms to communicate among them and with road side units, these pseudonyms are used to authenticate these vehicles and to hide real identities behind these pseudonyms, to better enhance privacy, these pseudonyms are changed frequently so that it will not be that easy to link these pseudonyms together and hence reveal real identities. However, changing pseudonyms will not be that useful if previous and current pseudonyms are easily linked together. Therefore different techniques have been proposed to hide the pseudonym changes and make it difficult to link pseudonyms together. Most of these techniques do not fully quarantine privacy when changing a pseudonym under some situations such as low traffic. In this paper, we provide a technique for changing pseudonyms that has the same privacy level under all traffic conditions. The technique relies on fixed mix zones that are planted and distributed over the roads. By this technique, a vehicle guarantees a high level of security when changing its pseudonym at that mix zone which will make it very difficult for an adversary to link particular pseudonyms together and hence reveal real identity. Performance analysis showed that our model works efficiently with very few computational costs

Belal Amro

Mobile agent technology offers a dramatically evolving computing paradigm in which a program, in the form of a software agent, can suspend its execution on a host computer, transfers itself to another agent-enabled host on the network, and resumes execution on the new host. It is 1960's since mobile code has been used in the form of remote job entry systems. Today's mobile agents can be characterized in a number of ways ranging from simple distributed objects to highly organized intelligent softwares. As a result of this rapid evolvement of mobile agents, plenty of critical security issues has risen and plenty of work is being done to address these problems. The aim is to provide trusted mobile agent systems that can be easily deployed and widely adopted. In this paper, we provide an overview of the most recent threats facing the designers of agent platforms and the developers of agent-based applications. The paper also identifies security objectives, and measures for countering the identified threats and fulfilling those security objectives.