scispace - formally typeset
Search or ask a question
Author

Shahzaib Tahir

Bio: Shahzaib Tahir is an academic researcher from University of the Sciences. The author has contributed to research in topics: Encryption & Cloud computing. The author has an hindex of 6, co-authored 26 publications receiving 130 citations. Previous affiliations of Shahzaib Tahir include National University of Science and Technology & University of London.

Papers
More filters
Journal ArticleDOI
TL;DR: This research presents a lightweight approach for detecting insider attacks and has the capability of detecting anomalies originating from incoming data sensors in resource constrained IoT environments.
Abstract: Internet of Things (IoTs) are set to revolutionize our lives and are widely being adopted nowadays. The IoT devices have a range of applications including smart homes, smart industrial networks and healthcare. Since these devices are responsible for generating and handling large amounts of sensitive data, the security of the IoT devices always poses a challenge. It is observed that a security breach could effect individuals and eventually the world at large. Artificial intelligence (AI), on the other hand, has found many applications and is widely being explored in providing security specifically for IoT devices. Malicious insider attack is the biggest security challenge associated with the IoT devices. Although, most of the research in IoT security has pondered on the means of preventing illegal and unauthorized access to systems and information; unfortunately, the most destructive malicious insider attacks that are usually a consequence of internal exploitation within an IoT network remains unaddressed. Therefore, the focus of this research is to detect malicious insider attacks in the IoT environment using AI. This research presents a lightweight approach for detecting insider attacks and has the capability of detecting anomalies originating from incoming data sensors in resource constrained IoT environments. The results and comparison show that the proposed approach achieves better accuracy as compared to the state of the art in terms of: a) improved attack detection accuracy; b) minimizing false positives; and c) reducing the computational overhead.

55 citations

Journal ArticleDOI
TL;DR: A novel searchable encryption scheme for the client-server architecture that exploits the properties of the modular inverse to generate a probabilistic trapdoor which facilitates the search over the secure inverted index table is presented.
Abstract: Searchable Encryption is an emerging cryptographic technique that enables searching capabilities over encrypted data on the cloud. In this paper, a novel searchable encryption scheme for the client-server architecture has been presented. The scheme exploits the properties of the modular inverse to generate a probabilistic trapdoor which facilitates the search over the secure inverted index table. We propose indistinguishability that is achieved by using the property of a probabilistic trapdoor. We design and implement a proof of concept prototype and test our scheme with a real dataset of files. We analyze the performance of our scheme against our claim of the scheme being light weight. The security analysis yields that our scheme assures a higher level of security as compared to other existing schemes.

35 citations

Proceedings ArticleDOI
16 Jun 2017
TL;DR: The approach advocates a demarcation of responsibilities between the client and server-side components for performing the speech recognition task, which symbolically encodes the audio and encrypts the data before uploading to the server.
Abstract: This paper presents a strategy for enabling speech recognition to be performed in the cloud whilst preserving the privacy of users. The approach advocates a demarcation of responsibilities between the client and server-side components for performing the speech recognition task. On the client-side resides the acoustic model, which symbolically encodes the audio and encrypts the data before uploading to the server. The server-side then employs searchable encryption to enable the phonetic search of the speech content. Some preliminary results for speech encoding and searchable encryption are presented.

30 citations

Proceedings ArticleDOI
01 Jul 2018
TL;DR: A novel privacy - preserving framework to facilitate keyword search over encrypted data stored on the blockchain network i.e., Hyperledger-Fabric is presented, which guarantees prominent security and privacy gains.
Abstract: Enabling keyword search directly over the data stored on the blockchain is a desirable technique that can help in the effective utilization of the data while preserving the privacy. Searchable Encryption (SE) is a well-known technique that allows search queries over the encrypted Cloud data, however, existing solutions are based on the assumption of the Cloud Server being “trusted-but-curious” or “honest-but-curious”. This leads to a compelling case to use permissioned blockchain technology to ensure greater levels of security when the Cloud Server is malicious. The amalgamation of SE and permissioned blockchain empowers a client to place complete trust on the Cloud Server and the services it has to offer. This paper presents a novel privacy - preserving framework to facilitate keyword search over encrypted data stored on the blockchain network. The framework for the first time studies SE over a permissioned blockchain network i.e., Hyperledger-Fabric. The SE scheme is privacy-preserving as it is based on probabilistic trapdoors. As a result the framework guarantees prominent security and privacy gains.

17 citations

Journal ArticleDOI
TL;DR: This paper presents a novel ranked searchable encryption scheme that addresses this issue by supporting fuzzy keywords and satisfies strong security guarantees and is also quiet lightweight, by analyzing its performance over the speech corpus.

14 citations


Cited by
More filters
Journal ArticleDOI
TL;DR: This paper makes a comprehensive review of the literatures on data security and privacy issues, data encryption technology, and applicable countermeasures in cloud storage system, and gives an overview of cloud storage, including definition, classification, architecture and applications.
Abstract: The new development trends including Internet of Things (IoT), smart city, enterprises digital transformation and world's digital economy are at the top of the tide. The continuous growth of data storage pressure drives the rapid development of the entire storage market on account of massive data generated. By providing data storage and management, cloud storage system becomes an indispensable part of the new era. Currently, the governments, enterprises and individual users are actively migrating their data to the cloud. Such a huge amount of data can create magnanimous wealth. However, this increases the possible risk, for instance, unauthorized access, data leakage, sensitive information disclosure and privacy disclosure. Although there are some studies on data security and privacy protection, there is still a lack of systematic surveys on the subject in cloud storage system. In this paper, we make a comprehensive review of the literatures on data security and privacy issues, data encryption technology, and applicable countermeasures in cloud storage system. Specifically, we first make an overview of cloud storage, including definition, classification, architecture and applications. Secondly, we give a detailed analysis on challenges and requirements of data security and privacy protection in cloud storage system. Thirdly, data encryption technologies and protection methods are summarized. Finally, we discuss several open research topics of data security for cloud storage.

164 citations

Journal ArticleDOI
01 Jun 2021
TL;DR: This extensive literature survey on the most recent publications in IoT security identified a few key research trends that will drive future research in this field.
Abstract: With the continuous expansion and evolution of IoT applications, attacks on those IoT applications continue to grow rapidly. In this systematic literature review (SLR) paper, our goal is to provide a research asset to researchers on recent research trends in IoT security. As the main driver of our SLR paper, we proposed six research questions related to IoT security and machine learning. This extensive literature survey on the most recent publications in IoT security identified a few key research trends that will drive future research in this field. With the rapid growth of large scale IoT attacks, it is important to develop models that can integrate state of the art techniques and technologies from big data and machine learning. Accuracy and efficiency are key quality factors in finding the best algorithms and models to detect IoT attacks in real or near real-time

109 citations

Journal ArticleDOI
TL;DR: The requirements for effective privacy preservation are established, generic cryptography-based solutions are reviewed, followed by specific techniques that are applicable to speaker characterisation and speech characterisation (biometrics and non-biometric applications), and common, empirical evaluation metrics for the assessment of privacy-preserving technologies for speech data are outlined.

91 citations

Journal ArticleDOI
TL;DR: In this article, the authors thoroughly review and systematize all cryptographic concepts which are already used in blockchain and give a list of cryptographic concepts that have not yet been applied but have big potentials to improve the current blockchain solutions.
Abstract: The underlying fundaments of blockchain are cryptography and cryptographic concepts that provide reliable and secure decentralized solutions. Although many recent papers study the use-cases of blockchain in different industrial areas, such as finance, health care, legal relations, IoT, information security, and consensus building systems, only few studies scrutinize the cryptographic concepts used in blockchain. To the best of our knowledge, there is no Systematization of Knowledge (SoK) that gives a complete picture of the existing cryptographic concepts which have been deployed or have the potential to be deployed in blockchain. In this paper, we thoroughly review and systematize all cryptographic concepts which are already used in blockchain. Additionally, we give a list of cryptographic concepts which have not yet been applied but have big potentials to improve the current blockchain solutions. We also include possible instantiations of these cryptographic concepts in the blockchain domain. Last but not least, we explicitly postulate 21 challenging problems that cryptographers interested in blockchain can work on.

80 citations

Journal ArticleDOI
TL;DR: The security requirements of 5G business applications, network architecture, the air interface, and user privacy are analyzed, with a focus on endogenous defense architecture, which represents a new trend in 5G security development.
Abstract: The 5th-generation mobile communication system (5G) has higher security requirements than previous systems. Accordingly, international standard organizations, operators, and equipment manufacturers are focusing extensively on 5G security technology. This paper analyzes the security requirements of 5G business applications, network architecture, the air interface, and user privacy. The development trends of 5G security architecture are summarized, with a focus on endogenous defense architecture, which represents a new trend in 5G security development. Several incremental 5G security technologies are reviewed, including physical layer security, lightweight encryption, network slice security, user privacy protection, and block chain technology applied to 5G.

75 citations