Skip to content

alibabar.m@gmail.com

Design Space for Cyber Security Analytical Systems

Cyber Security infrastructures are increasingly relying on big data technologies for capturing, storing, and analyzing huge amount of security events data. Designing and evolving systems that can effectively and efficiently combine big data technologies and cybersecurity are hugely challenging undertakings. Whilst the knowledge for designing cyber security analytics systems has increasing for sometime, there was no consolidated piece of work on design mechanisms, also called tactics, for architecting big data cyber security analytics systems – very proud to share that our recent effort has attempted to fill that gap by providing a consolidated piece of knowledge about the quality attributes considered important for cyber security analytics systems and architectural tactics can help achieve the desired set of quality attributes – such a consolidated knowledge about any aspect of software  design is called Design Space – ours is a design space for cyber security analytics systems. This work has recently been accepted for publication in one of the top quality journal of software systems, Journal of Systems and Software. We will be happy to provide a copy of the article on request and following is the abstract of the article. Read More »Design Space for Cyber Security Analytical Systems

Adaptive Architectures for Cyber Security Analytics Systems

It is becoming quite hard to imagine software systems that wouldn’t need adaptation as part of their runtime requirements. With the increasing demand for adaptivity by design, the knowledge and skills in this area are lagging far behind. Cyber Analytics systems are a new breed of systems that combine big data technologies and cyber security systems for capturing, manning, and analyzing cyber security events data. Such systems need to be adaptive for supporting real-time analysis of the security events data. Our research has been focused on this important area for sometime and now we have started reporting the results of our work. Recently, one of our articles on this topic has been accepted in a prestigious software architecture conference, International Conference on Software Architecture, which will be held in Hamburg. Following is the abstract of the article and if it interests to you, please feel free to ask for a copy. Read More »Adaptive Architectures for Cyber Security Analytics Systems

A Systematic Horizon Scan of Security Orchestration Approaches and Tools

An increasing number of organisations focusing on security orchestration approaches and solutions to automate the processes of their Security Operation Centre (SOC). There are hundreds of approaches and tools to support security orchestration, hence, practitioners find it hard to access a consolidated material on the available solutions and researchers are unable to figure out the gaps. Our team has tried to address this need by reporting a systematic horizon scan of the security orchestration approaches and tools – the report has been published in one of the most prestigious journal of computing, ACM Computing Survey – the work is led by Chadni Islam, and Data61’s Surya Nepal is the collaborator. The abstracts of the paper is below and interested readers are welcome to contact us for a copy of the paper. Read More »A Systematic Horizon Scan of Security Orchestration Approaches and Tools

Internet of Things Search Engine: Concepts, Classification, and Open Issues

Internet of Things (IoT) enabled infrastructures, products, and services are revolutionising the way businesses and societies engage and operate. Billions of devices, small and large, are predicted to be connected via Internet over the coming years. These devices and the systems built upon them will be generating huge amount of data and information that would be leveraged for providing different products and services. One of the core components of such systems will be Internet of Things Search Engines (IoTSE) because without customised search engines, it is not possible to detect and use devices, sensors and  actuators, that form the IoT systems. Hence, it is important to understand various concepts, technologies, and aspects of IoTSE, which is a complicated and relatively immature research topic. The diversity of IoT systems and the content they generate poses a significant challenge to advance the R&D for IoTSE. To fill this gap, we have produced an article to help easily understand the concepts, classification, and open issues for IoTSE. We are glad to share that this article has been accepted in the ACM Communication magazine, which is one of the top venue for ICT publications. This is the pre-print copy of the article, whose abstract below can provide a brief about the content of the article. Read More »Internet of Things Search Engine: Concepts, Classification, and Open Issues

Architecting for Continuous Delivery and Deployment

Continuous Software Engineering has been gaining signifiant momentum in terms of widespread adoption among large and small Software houses. This paradigm shift is based on the promise of early, frequent delivery and deployment of software features and continuous feedback on the usefulness and adoption of the features. One of the key challenging area of practice for continuous software engineering is architecting – Software development teams are expected to adopt new conceptualisation and designing approaches and design decision making processes – for example, moving from monolithic to micro services. Given the significant challenges of architectural issues in DevOps, it is important to build and share evidence-based body of knowledge about practices and processes for architectural support in Continuous Software Engineering. We have undertaken a significant research program on this topic and one of our comprehensive pieces of of work has just been accepted in a premier Software Engineering journal with the title of, An Empirical Study of Architecting for Continuous Delivery and Deployment, following is the abstract copied from the paper for the readers of this blog. The paper’s pre-print copies will be available soon. Read More »Architecting for Continuous Delivery and Deployment

Our New Work on Self-Adaptive Security for large-scale Open Environments

We are continuously progressing on the plan for strengthening our capabilities in Cyber Security. To achieve this goal, we have been not only building internal capabilities but also forming and leveraging strategic collaborations. Out of one of our recent collaborations, with Giannis and Rami, in the areas of Cyber Security has resulted a high quality piece of work that has been accepted in a highly profile journal, ACM Computing Survey. The abstract of this paper is below and can provide some useful insights to the potential readers of this work. We are hoping that this piece of work will lead to systematic classification and comparison of architectural level Cyber Security Solutions and develop and evaluate new techniques, approaches, and tools for designing and evaluating security centric large scale distributed systems. Below is the abstract from the paper.Read More »Our New Work on Self-Adaptive Security for large-scale Open Environments

Data Exfiltration: External Attack Vectors and Countermeasures

With regards to our work on Cyber Security, we have recently successfully completed a collaborative piece fo work with researchers from Security Lancaster, University of Lancaster, UK. Our collaborative work was focused on identifying and understanding Data Exfiltration: External Vectors and Countermeasures and has been accepted in Journal of Network and Computer Applications with the following title and abstract. The pieces of paper provide an extensive literature review that is expected to be leveraged for understanding the key external attack vectors and the countermeasures and the areas for future research.

“Data Exfiltration: A Review of External Attack Vectors and Countermeasures”Read More »Data Exfiltration: External Attack Vectors and Countermeasures