Maryam Tanha

Carlos Semeho Edorh, Jialu Bi, Hanchen Ye et al.

Virtual Private Networks (VPNs) have become essential privacy tools for mobile users, yet current implementations face significant limitations in shared environments. Mainstream VPN providers impose device limits, while Android's native hotspot functionality lacks support for routing shared traffic through VPN connections. Existing solutions either require root access or lack comprehensive monitoring capabilities. This paper presents ShieldShare, a proxy-based Android application that enables secure VPN-backed hotspot sharing with per-user traffic accounting without requiring root access. Our system employs a modular architecture comprising VPN detection, hotspot management, proxy-based traffic forwarding supporting HTTP, HTTPS, and SOCKS5, and comprehensive traffic metering with quota management. Our evaluation shows that ShieldShare reliably routes client traffic through VPN tunnels while maintaining accurate per-client bandwidth allocation and accounting. This enables affordable, community-controlled secure access in censored or high-surveillance environments, benefiting activists, investigative journalists, and shared household networks. We release ShieldShare as open-source software to support further research and real-world deployment.

Annan Fu, Hao Pei, Maryam Tanha

Android malware detectors built with machine learning often suffer from temporal bias: models are trained and evaluated without respecting apps' actual release times, inflating accuracy and weakening real-world robustness. We address this by constructing a time-stamped dataset of benign and malicious Android apps and introducing a timestamp-verification procedure to ensure temporal accuracy. We then propose a detection framework that uses Bootstrap Your Own Latent (BYOL) for self-supervised pre-training to learn obfuscation-resilient representations, followed by supervised classification. Under time-aware evaluation, the method attains 98% accuracy and 89% F1. We further characterize malware behavior by analyzing true positives and false negatives using VirusTotal and the MITRE ATT&CK framework. To support reproducibility and further innovation, we release our dataset and source code.

Maryam Tanha, Fazirulhisyam Hashima, S. Shamalab et al.

Societies' norms of operation relies on the proper and secure functioning of several critical infrastructures, particularly modern power grid which is also known as smart grid. Smart grid is interwoven with the information and communication technology infrastructure, and thus it is exposed to cyber security threats. Intrusion tolerance proves a promising security approach against malicious attacks and contributes to enhance the resilience and security of the key components of smart grid, mainly SCADA and control centers. Hence, an intrusion tolerant system architecture for smart grid control centers is proposed in this paper. The proposed architecture consists of several modules namely, replication & diversity, compromised/faulty replica detector, reconfiuration, auditing and proxy. Some of distinctive features of the proposed ITS are diversity as well as the combined and fine-grained rejuvenation approach. The security of the proposed architecture is evaluated with regard to availability and mean time to security failure as performance measures. The analysis is conducted using a Discrete Time Semi Markov Model and the acquired results show improvements compared to two established intrusion tolerant architectures. The viability of SLA as another performance metric is also investigated.