scispace - formally typeset
Search or ask a question
Author

Muhammad Ali Fauzi

Bio: Muhammad Ali Fauzi is an academic researcher from Norwegian University of Science and Technology. The author has contributed to research in topics: Password & Support vector machine. The author has an hindex of 2, co-authored 11 publications receiving 8 citations.

Papers
More filters
Proceedings ArticleDOI
29 Apr 2020
TL;DR: Several machine learning classifiers including Naive Bayes, Support Vector Machine, Neural Network, Logistic Regression, Random Forest, K-Nearest Neighbors, and Decision Tree with Bag of Words features are investigated to improve the classification task.
Abstract: Cyber grooming is a compelling problem worldwide nowadays and many reports strongly suggested that it becomes very urgent to tackle this problem to protect the children from sexual exploitation. In this study, we propose an effective method for sexual predator identification in online chats based on two-stage classification. The purpose of the first stage is to distinguish predatory conversations from the normal ones while the second stage aims to tell apart between the predator user and the victim within a single predatory conversation. Finally, some unique predators are derived from the second stage result. We investigate several machine learning classifiers including Naive Bayes, Support Vector Machine, Neural Network, Logistic Regression, Random Forest, K-Nearest Neighbors, and Decision Tree with Bag of Words features using several different term weighting methods for this task. We also proposed two ensemble techniques to improve the classification task. The experiment results on PAN12 dataset show that our best method using soft voting based ensemble for first stage and Naive Bayes based method for the second stage obtained an F 0.5 -score of 0.9348, which would place as number one in the PAN12 competition ranking.

16 citations

Proceedings ArticleDOI
17 Aug 2021
TL;DR: In this paper, the authors examined the link between stress level and cybersecurity practices among hospital employees in Indonesia by surveying 99 hospital workers and found that hospital worker's higher stress levels correlate significantly with riskier cybersecurity practices.
Abstract: Since healthcare information systems have many important data that can attract many adversaries, it is important to take the right steps to prevent data breaches. Recent studies suggested that 85% of breaches involved a human element and the frequent patterns used are social engineerings. Therefore, many studies focus on making a better understanding of human behavior in cybersecurity and the factors that affect cybersecurity practices. However, there are only a few peer-reviewed studies that focus on the link between stress level and cybersecurity practices. In this study, we examined the link between stress level and cybersecurity practices among hospital employees in Indonesia by surveying 99 hospital workers. Perceived Stress Scale (PSS) was used to measure the employees’ stress level and a new scale to measure hospital staff’s risky cybersecurity practices was proposed. This study showed that both PSS and proposed cybersecurity practices scales are reliable with Cronbach’s α value of more than 0.7. The survey results also revealed that hospital worker’s higher stress levels correlate significantly with riskier cybersecurity practices (rs = 0.305, p

11 citations

Proceedings ArticleDOI
25 May 2020
TL;DR: A game between the attacker and the defender is simulated in this work to assess their possible strategies in a honeyword system where all of the original passwords are machine-generated is simulated and the hybrid PassGAN-based techniques can be considered as the best honeywords generations strategy for the defender.
Abstract: A game between the attacker and the defender is simulated in this work to assess their possible strategies in a honeyword system where all of the original passwords are machine-generated is simulated Five PassGAN-based honeywords generation strategies are used by the defender while three guessing strategies are employed by the attacker including TopPW attack and two PassGAN-based methods The experiment results show that both the PassGAN-based attack obtained a higher success rate than the Top-PW attack that consider the most popular password as the correct password Meanwhile, from the defender’s point of view, the hybrid PassGAN-based techniques can be considered as the best honeywords generations strategy for the defender due to its ability to combine the benefit provided by the PassGAN trained on leaked password dataset and the PassGAN trained on the random password dataset

6 citations

Proceedings ArticleDOI
01 Jul 2020
TL;DR: This work empirically examine the flatness of the proposed honeywords generation strategy against Top Password (Top-PW) attack using real-world datasets, instead of only providing heuristic security arguments.
Abstract: The legacy-UI honeywords generation approach is more favored due to its high usability compared to the modified-UI approach that sometimes becomes unusable in practice. However, several prior arts on legacy-UI based honeywords generation methods often fail to obtain the security standard, especially the flatness criterion. In this work, we propose two legacy-UI honeywords generation strategies based on two password guessing methods: PassGAN and Probabilistic Context-Free Grammar (PCFG). Besides, we also introduce two hybrid strategies by combining PassGAN, PCFG, and random-based methods. We empirically examine the flatness of the proposed honeywords generation strategy against Top Password (Top-PW) attack using real-world datasets, instead of only providing heuristic security arguments. The experiment results show that three of the proposed methods (the PassGAN-based and the two hybrid methods) have lower flatness value than all previous legacy-UI methods and able to meet the "perfectly flat" criterion.

4 citations

Journal ArticleDOI
TL;DR: The security practices of health care staff can be effectively analyzed using a two-class approach to detect malicious and nonmalicious security practices using real access logs to define appropriate incentives for improving conscious care security practice.
Abstract: Background Blocklisting malicious activities in health care is challenging in relation to access control in health care security practices due to the fear of preventing legitimate access for therapeutic reasons. Inadvertent prevention of legitimate access can contravene the availability trait of the confidentiality, integrity, and availability triad, and may result in worsening health conditions, leading to serious consequences, including deaths. Therefore, health care staff are often provided with a wide range of access such as a “breaking-the-glass” or “self-authorization” mechanism for emergency access. However, this broad access can undermine the confidentiality and integrity of sensitive health care data because breaking-the-glass can lead to vast unauthorized access, which could be problematic when determining illegitimate access in security practices. Objective A review was performed to pinpoint appropriate artificial intelligence (AI) methods and data sources that can be used for effective modeling and analysis of health care staff security practices. Based on knowledge obtained from the review, a framework was developed and implemented with simulated data to provide a comprehensive approach toward effective modeling and analyzing security practices of health care staff in real access logs. Methods The flow of our approach was a mapping review to provide AI methods, data sources and their attributes, along with other categories as input for framework development. To assess implementation of the framework, electronic health record (EHR) log data were simulated and analyzed, and the performance of various approaches in the framework was compared. Results Among the total 130 articles initially identified, 18 met the inclusion and exclusion criteria. A thorough assessment and analysis of the included articles revealed that K-nearest neighbor, Bayesian network, and decision tree (C4.5) algorithms were predominantly applied to EHR and network logs with varying input features of health care staff security practices. Based on the review results, a framework was developed and implemented with simulated logs. The decision tree obtained the best precision of 0.655, whereas the best recall was achieved by the support vector machine (SVM) algorithm at 0.977. However, the best F1-score was obtained by random forest at 0.775. In brief, three classifiers (random forest, decision tree, and SVM) in the two-class approach achieved the best precision of 0.998. Conclusions The security practices of health care staff can be effectively analyzed using a two-class approach to detect malicious and nonmalicious security practices. Based on our comparative study, the algorithms that can effectively be used in related studies include random forest, decision tree, and SVM. Deviations of security practices from required health care staff’s security behavior in the big data context can be analyzed with real access logs to define appropriate incentives for improving conscious care security practice.

3 citations


Cited by
More filters
Journal ArticleDOI
TL;DR: The results obtained on the test set have proved that by integrating the vocabulary and emotion-based attributes, the performance of the system is significantly enhanced, and the proposed approach has outperformed top existing methods.

13 citations

Proceedings ArticleDOI
24 May 2021
TL;DR: In this article, the authors propose HoneyGen, a practical and highly robust HGT that produces realistic looking honeywords by leveraging representation learning techniques to learn useful and explanatory representations from a massive collection of unstructured data, i.e., each operator's password database.
Abstract: Honeywords are false passwords injected in a database for detecting password leakage. Generating honeywords is a challenging problem due to the various assumptions about the adversary's knowledge as well as users' password-selection behaviour. The success of a Honeywords Generation Technique (HGT) lies on the resulting honeywords; the method fails if an adversary can easily distinguish the real password. In this paper, we propose HoneyGen, a practical and highly robust HGT that produces realistic looking honeywords. We do this by leveraging representation learning techniques to learn useful and explanatory representations from a massive collection of unstructured data, i.e., each operator's password database. We perform both a quantitative and qualitative evaluation of our framework using the state-of-the-art metrics. Our results suggest that HoneyGen generates high-quality honeywords that cause sophisticated attackers to achieve low distinguishing success rates.

12 citations

Proceedings ArticleDOI
01 Sep 2021
TL;DR: In this article, a hybrid sampling and class re-distribution approach was proposed to deal with the heavy class imbalance in a large-scale dataset of abusive conversations, which achieved an improvement of 3% over the best state-of-the-art approach.
Abstract: Securing the safety of the children on online platforms is critical to avoid the mishaps of them being abused for sexual favors, which usually happens through predatory conversations. A number of approaches have been proposed to analyze the content of the messages to identify predatory conversations. However, due to the non-availability of large-scale predatory data, the state-of-the-art works employ a standard dataset that has less than 10% predatory conversations. Dealing with such heavy class imbalance is a challenge to devise reliable predatory detection approaches. We present a new approach for dealing with class imbalance using a hybrid sampling and class re-distribution to obtain an augmented dataset. To further improve the diversity of classifiers and features in the ensembles, we also propose to perturb the data along with augmentation in an iterative manner. Through a set of experiments, we demonstrate an improvement of 3% over the best state-of-the-art approach and results in an F 1 -score of 0.99 and an F β of 0.94 from the proposed approach.

6 citations

Journal ArticleDOI
TL;DR: Wang et al. as discussed by the authors proposed a method to protect the hashed passwords by using topological graphic sequences, which works effectively even if the password file is leaked by using graphic labeling.

6 citations

Journal Article
01 Jan 2013-Midwives

4 citations