Daniel Takabi

Georgia State University | GSU · Department of Computer Science

Fully Homomorphic Encryption (FHE) enables computation on encrypted data and can be used to provide privacy-preserving computation for machine learning models. However, FHE is computationally expensive and requires significant memory. Single instruction multiple data (SIMD) can offset this cost. Batch-packing, an SIMD technique that packs data alon...

Machine learning models are vulnerable to maliciously crafted Adversarial Examples (AEs). Training a machine learning model with AEs improves its robustness and stability against adversarial attacks. It is essential to develop models that produce high-quality AEs. Developing such models has been much slower in natural language processing (NLP) than...

With the increasing frequency and sophistication of network attacks, network administrators are facing tremendous challenges in making fast and optimum decisions during critical situations. The ability to effectively respond to intrusions requires solving a multi-objective decision-making problem. While several research studies have been conducted...

Insider Threat is a significant and potentially dangerous security issue in corporate settings. It is difficult to mitigate because, unlike external threats, insiders have knowledge of an organization's access policies, access hierarchy, access protocols, and access scheduling. Several approaches to reducing insider threat have been proposed in the...

Packing-aware pruning of machine learning models to make their inference procedure under Homomorphic Encryption more efficient.

This design study examines a pilot test that implemented PCI for private AI curriculum in Computer Science (CS) education to identify the strengths and weaknesses of the curricular activities. The results indicated the feedback received from both the instructor and the students was generally positive. However, the study identified several areas of...

Privacy-preserving machine learning (PPML) has been gaining a lot of attention in recent years, and several techniques have been proposed to achieve PPML. Cryptography-based PPML approaches such as Fully Homomorphic Encryption (FHE) and Secure Multiparty Computation (SMC) have been extensively investigated. However, Functional Encryption (FE), whic...

With the advent of functional encryption, new possibilities for computation on encrypted data have arisen. Functional encryption enables data owners to grant third-party access to perform specified computations without disclosing their inputs. It also provides computation results in plaintext, unlike fully homomorphic encryption. The ubiquitousness...

Decades of research have shown machine learning superiority in discovering highly nonlinear patterns embedded in electroencephalography (EEG) records compared with conventional statistical techniques. However, even the most advanced machine learning techniques require relatively large, labeled EEG repositories. EEG data collection and labeling are...

With the advent of functional encryption, new possibilities for computation on encrypted data have arisen. Functional Encryption enables data owners to grant third-party access to perform specified computations without disclosing their inputs. It also provides computation results in plain, unlike Fully Homomorphic Encryption. The ubiquitousness of...

Recent progress has witnessed the excellent success of neural networks in many emerging applications, such as image recognition, text classification, and speech analysis. In order to achieve secure communication, the utilization of neural networks has been realized yet has not raised sufficient research attention. Additionally, the existing neural...

Insider threat is an ever-present challenge to corporate security. The availability of knowledge and privileges to insiders makes it extremely difficult to prevent, detect or deter malicious insider activities. In the literature, several studies have proposed deception-based approaches to mitigate insider threats through different layers of corpora...

Outsourced computation for neural networks allows users access to state-of-the-art models without investing in specialized hardware and know-how. The problem is that the users lose control over potentially privacy-sensitive data. With homomorphic encryption (HE), a third party can perform computation on encrypted data without revealing its content....

Outsourced computation for neural networks allows users access to state of the art models without needing to invest in specialized hardware and know-how. The problem is that the users lose control over potentially privacy sensitive data. With homomorphic encryption (HE) computation can be performed on encrypted data without revealing its content. I...

The demand of sharing video streaming extremely increases due to the proliferation of Internet of Things (IoT) devices in recent years, and the explosive development of artificial intelligent (AI) detection techniques has made visual privacy protection more urgent and difficult than ever before. Although a number of approaches have been proposed, t...

The field of neuroimaging can greatly benefit from building machine learning models to detect and predict diseases, and discover novel biomarkers, but much of the data collected at various organizations and research centers is unable to be shared due to privacy or regulatory concerns (especially for clinical data or rare disorders). In addition, ag...

Under the needs of processing huge amounts of data, providing high-quality service, and protecting user privacy in Artificial Intelligence of Things (AIoT), federated learning (FL) has been treated as a promising technique to facilitate distributed learning with privacy protection. Although the importance of developing privacy-preserving FL has att...

The development of an attribute-based access control (ABAC) system requires a substantial amount of manual effort to analyze requirements documents and derive a set of appropriate machine-readable rules. In the literature, two primary approaches have been proposed to reduce the development cost, namely bottom-up and automated top-down policy engine...

CryptoNets and subsequent work have demonstrated the capability of homomorphic encryption (HE) in the applications of private artificial intelligence (AI). In convolutional neural networks (CNNs), many computations are linear functions such as the convolution layer which can be homomorphically evaluated. However, there are layers such as the activa...

Even though attribute-based access control (ABAC) has been applied to address authorization in areas such as cloud and internet of things, implementing ABAC policies can become complex due to the high expressiveness of ABAC specifications. In order to semi-automate this process, several policy mining approaches have been proposed that mostly derive...

Artificial neural networks have been successfully used for many different classification tasks including malware detection and distinguishing between malicious and non-malicious programs. Although artificial neural networks perform very well on these tasks, they are also vulnerable to adversarial examples. An adversarial example is a sample that ha...

Abstract The National Institute of Standards and Technology (NIST) has identified natural language policies as the preferred expression of policy and implicitly called for an automated translation of ABAC natural language access control policy (NLACP) to a machine-readable form. To study the automation process, we consider the hierarchical ABAC mod...

Machine Learning as a Service (MLaaS) has become a growing trend in recent years and several such services are currently offered. MLaaS is essentially a set of services that provides machine learning tools and capabilities as part of cloud computing services. In these settings, the cloud has pre-trained models that are deployed and large computing...

Summary Software‐Defined Networking (SDN) has radically changed how we manage our network, increasing flexibility, and enabling network programmability. Providing security for tenants is one of the most significant issues in SDN. In this paper, our goal is to introduce with an educational use case, four types of attack vectors associated with malic...

Artificial neural networks have been successfully used for many different classification tasks including malware detection and distinguishing between malicious and non-malicious programs. Although artificial neural networks perform very well on these tasks, they are also vulnerable to adversarial examples. An adversarial example is a sample that ha...

Due to the recent trend towards attribute-based access control (ABAC), several studies have proposed constraints specification languages for ABAC. These formal languages enable security architects to express constraints in a precise mathematical notation. However, since manually formulating constraints involves analyzing multiple natural language p...

We propose a general framework for computing privacy-preserving distance metrics (PPDM) in the two-party setting in order to improve communication complexity by benefiting from 1-out-of-n oblivious transfers. We implement privacy-preserving Euclidean distance, Cosine similarity and Edit distance protocols while the PPDM framework is easily extendab...

Deep Neural Networks (DNNs) have overtaken classic machine learning algorithms due to their superior performance in big data analysis in a broad range of applications. On the other hand, in recent years Machine Learning as a Service (MLaaS) has become more widespread in which a client uses cloud services for analyzing its data. However, the client'...

Cloud Computing is the most important solution to extend Information Technology's (IT) capabilities. However, Cloud is still vulnerable to a variety of threats and attacks that affects the growth of cloud computing in recent years. Therefore, the security concerns should be considered to improve the assurance of required security for the cloud cust...

Cloud providers offer variety of services with low cost and high reliability to internet users; however they are hesitant to reveal details about their security solutions. As a result, security becomes a primary concern preventing adoption of the cloud. In this chapter we will discuss threats to data and services availability, confidentiality, and...

Cloud computing paradigm is still an evolving paradigm but has recently gained tremendous momentum. Cloud computing enables security controls and functions to be delivered in new ways and by new types of service providers. It also enables enterprises to use security technologies and techniques that are not otherwise cost‐effective. However, securit...

In a unique and systematic way, this book discusses the security and privacy aspects of the cloud, and the relevant cloud forensics.

In this paper, we demonstrate how electroencephalograph (EEG) signals can be used to analyze people’s mental states while engaging in cognitive processes during IS decision-making. We design an experiment in which participants are required to complete several cognitive tasks with various cognitive demands and under various stress levels. We collect...

Cloud computing is emerging with growing popularity in workflow scheduling, especially for scientific workflow. Deploying data-intensive workflows in the cloud brings new factors to be considered during specification and scheduling. Failure to establish intermediate data security may cause information leakage or data alteration in the cloud environ...

The National Institute of Standards and Technology (NIST) has identified natural language policies as the preferred expression of policy and implicitly called for an automated translation of ABAC natural language access control policy (NLACP) to a machine-readable form. An essential step towards this automation is to automate the extraction of ABAC...

Machine learning algorithms based on deep Neural Networks (NN) have achieved remarkable results and are being extensively used in different domains. On the other hand, with increasing growth of cloud services, several Machine Learning as a Service (MLaaS) are offered where training and deploying machine learning models are performed on cloud provid...

A fundamental management responsibility is securing information systems. Almost all applications that deal with safety, privacy, or defense include some form of access control. There are a plethora of access control models in the information security realm such as role-based access control and attribute-based access control. However, the initial de...

Suppose Alice holds a DNA sequence and Bob owns a database of DNA sequences. They want to determine whether there is a match for the Alice's input in the Bob's database for any purpose such as diagnosis of Alice's disease. However, Alice does not want to reveal her DNA pattern to Bob, since it would enable him to learn private information about her...

Machine learning algorithms based on deep neural networks have achieved remarkable results and are being extensively used in different domains. However, the machine learning algorithms requires access to raw data which is often privacy sensitive. To address this issue, we develop new techniques to provide solutions for running deep neural networks...

Machine learning algorithms based on deep neural networks (NN) have achieved remarkable results and are being extensively used in different domains. On the other hand, with increasing growth of cloud services, several Machine Learning as a Service (MLaaS) are offered where training and deploying machine learning models are performed on cloud provid...

The insider threat has been subject of extensive study and many approaches from technical perspective to behavioral perspective and psychological perspective have been proposed to detect or mitigate it. However, it still remains one of the most difficult security issues to combat. In this paper, we propose an ongoing effort on developing a systemat...

It has long been recognized that solutions to insider threat are mainly user-centric and several psychological and psychosocial models have been proposed. However, user behavior underlying these malicious acts is still not fully understood, motivating further investigation at the neuro-physiological level. In this work, we conduct a multi-modal stu...

Cloud computing is a dynamic environment that offers variety of on-demand services with low cost. However, customers face new security risks due to shared infrastructure in the cloud. Co-residency of virtual machines on the same physical machine, leads to several threats for cloud tenants. Cloud administrators are often encountered with a more chal...

Access control mechanisms are a necessary and crucial design element to any application’s security. There are a plethora of accepted access control models in the information security realm. However, attribute-based access control (ABAC) has been proposed as a general model that could overcome the limitations of the dominant access control models (i...

Attribute-based access control (ABAC) is a logical access control methodology where authorization to perform a set of operations is based on attributes of the user, the objects being accessed, the environment, and a number of other attribute sources that may be relevant to the current request. Once fully implemented within an enterprise, ABAC promo...

Intrusion response system (IRS) is one of the most important components in the network security solution that selects appropriate countermeasures to handle the intrusion alerts. Recently, many techniques have been proposed in designing an automated IRS. However, one of the big challenges in intrusion response system which is not considered in the l...

Insider threat is a great challenge for most organizations in today’s digital world. It has received substantial research attention as a significant source of information security threat that could cause more financial losses and damages than any other threats. However, designing an effective monitoring and detection framework is a very challenging...

A primary challenge of cloud computing is securing a virtualized environment. Virtual machine migration plays an important role in cloud infrastructure by enabling dynamic resource allocation and optimizing power consumption. However, it may adversely affect the security of the environment by facilitating the malware propagation process. In this pa...

Forecasting future attacks is a big challenge for network administrators because future is generally unknown. Nevertheless, some information about the future can help us make better decisions in present time. Attack graph is the most well-known tool for risk assessment and attack prediction. However, it only provides static information about probab...

Insider threat is one of the greatest concerns for the information security system that could cause greater financial losses and damages than any other attacks. Recently many studies have been proposed to monitor and detect the insider attacks. However, implementing an effective detection system is a very challenging task. In this paper, we investi...

A challenging problem in managing large networks is the complexity of security administration. Role Based Access Control (RBAC) is the most well-known access control model in diverse enterprises of all sizes because of its ease of administration as well as economic benefits it provides. Deploying such system requires identifying a complete set of r...

Role Based Access Control (RBAC) is the most widely used model for access control due to the ease of administration as well as economic benefits it provides. In order to deploy an RBAC system, one requires to first identify a complete set of roles. This process, known as role engineering, has been identified as one of the costliest tasks in migrati...

Role Based Access Control (RBAC) is the most widely used advanced access control model deployed in a variety of organizations. To deploy an RBAC system, one needs to first identify a complete set of roles, including permission role assignments and role user assignments. This process, known as role engineering, has been identified as one of the cost...

Computing aggregate statistics about user data is required for a variety of applications, however; this practice seriously ignores the privacy of users. Differential privacy has proved to be an effective tool to perturb queries over a database. The previous deployment of differential privacy techniques are subjected to several limitations: they mos...

Existing anti-malware products usually use signature-based techniques as their main detection engine. Although these methods are very fast, they are unable to provide effective protection against newly discovered malware or mutated variant of old malware. Heuristic approaches are the next generation of detection techniques to mitigate the problem....

Mobile cloud computing has grown out of two hot technology trends, mobility and cloud. The emergence of cloud computing and its extension into the mobile domain creates the potential for a global, interconnected mobile cloud computing environment that will allow the entire mobile ecosystem to enrich their services across multiple networks. We can u...

Location-Based Social Networks (LBSNs), such as Foursquare, Yelp and Facebook Place, have attracted many people, including business owners who use LBSNs to promote their businesses. A physical location is called a venue or a place of interest in an LBSN. Associated with each venue are several attributes, such as its latitude and longitude values, a...

In a social network system, a friendship relation between two users is usually represented by an undirected link and it is visible in both users' friend lists. Such a dual visibility of a friendship link may raise privacy threats. This is because both the users of a friendship link can separately control its visibility to other users and their pref...

In cloud computing environments, data protection is usually limited to access control policies that are enforced by cloud service providers (CSPs). However, there are many cases where the CSPs are not trusted and pose a risk to their users' privacy. Several approaches have been proposed to prevent CSPs from accessing the data where the cryptographi...

Mobile cloud computing has grown out of two hot technology trends, mobility and cloud. The emergence of cloud computing and its extension into the mobile domain creates the potential for a global, interconnected mobile cloud computing environment that will allow the entire mobile ecosystem to enrich their services across multiple networks. We can u...

Cloud computing paradigm has recently gained tremendous momentum. It has been found very promising for significant cost reduction and the increased operating efficiencies in computing. However, security and privacy issues pose as the key roadblock to its rapid adoption. In this chapter, the authors present the security and privacy challenges in Clo...

Cloud computing paradigm is still an evolving paradigm but has recently gained tremendous momentum due to its potential for significant cost reduction and increased operating efficiencies in computing. However, its unique aspects exacerbate security and privacy challenges that pose as the key roadblock to its fast adoption. Cloud computing has alre...

Security issues are delaying fast adoption of cloud computing and security mechanisms to ensure its secure adoption has become a crucial immediate need. On the other hand, cloud computing can help enable security controls to be delivered in new ways by service providers. To this end, we need frameworks for efficient delivery of cloud-based security...

Cloud computing environments do not allow use of a single access control mechanism, single policy language or single policy management tool for various cloud services. Currently, users must use diverse access control solutions available for each cloud service provider to secure their data. Access control policies may be composed in incompatible way...

Cloud computing paradigm is still an evolving paradigm but has recently gained tremendous momentum due to its potential for significant cost reduction and increased operating efficiencies in computing. However, its unique aspects exacerbate security and privacy challenges that pose as the key roadblock to its fast adoption. Cloud computing has alre...

Nowadays, many websites allow or require users to use their e-mail addresses either as identity or for other purposes. Although username-based identity problems resulting from users' behaviours have been a research focus for quite some time, the serious issues of using e-mail address as identity and the associated online behaviours of users have no...

As users store and share more digital content at home, effective access control becomes increasingly important. One promising mechanism for helping non-expert users create accurate access policies is reactive policy creation, in which users can update their policy dynamically in response to access requests that cannot otherwise succeed. An earlier...

Online social networks (OSNs) are becoming increasingly popular and Identity Clone Attacks (ICAs) that aim at creating fake identities for malicious purposes on OSNs are becoming a significantly growing concern. Such attacks severely affect the trust relationships a victim has built with other users if no active protection is applied. In this paper...

With the growing popularity of cloud computing, the exploitation of possible vulnerabilities grows at the same pace; the distributed nature of the cloud makes it an attractive target for potential intruders. Despite security issues delaying its adoption, cloud computing has already become an unstoppable force; thus, security mechanisms to ensure it...

The cloud computing paradigm is still evolving, but has recently gained tremendous momentum. However, security and privacy issues pose as the key roadblock to its fast adoption. In this article, the authors present security and privacy challenges that are exacerbated by the unique aspects of clouds and show how they're related to various delivery a...

Recent advances in distributed computing, grid computing, virtualization mechanisms, and utility computing led into Cloud Computing as one of the industry buzz words of our decade. As the popularity of the services provided in the cloud environment grows exponentially, the exploitation of possible vulnerabilities grows with the same pace. Intrusion...

More and more websites are allowing or requiring users to input their e-mail addresses to be used either as identities or for other purposes. Although username-based identity and password problems resulting from user behaviors have been a research focus for quite some time, the serious issues related to using e-mail address as an identity and the a...

Cloud computing has recently gained tremendous momentum but still is in its infancy. It has the potential for significant cost reduction and the increased operating efficiencies in computing. Although security issues are delaying its fast adoption, cloud computing is an unstoppable force and we need to provide security mechanisms to ensure its secu...

Recently, there is a growing trend of organizations migrating to RBAC because of the economic benefits that RBAC provides, and the ease of administration. In order to deploy an RBAC system, one requires to first identify a complete set of roles. This process, known as role engineering, has been identified as one of the costliest tasks in migrating...

The Semantic Web is an extension of the World Wide Web that has been growing in recent years. One important issue in the Semantic Web environment is access control. Integrating Role-Based Access Control (RBAC) models, which have been accepted as a powerful approach to security management, with the Semantic Web helps to reduce the complexity of Web...

Considering the growth of wireless communication and mobile positioning technologies, location-based services (LBSs) have been generating increasing research interest in recent years. One of the critical issues for the deployment of LBS applications is how to reconcile their quality of service with privacy concerns. Location privacy based on k-anon...

Role-based access control (RBAC) models are a powerful tool for describing and managing authorization, particularly, in large organizations. The benefits of using formal methods to describe RBAC models in a clear, consistent and rigorous manner have been recognized. Notable exemplars, that have been formulated in the formal specification notation Z...

Role-Based Access Control (RBAC) model is naturally suitable to organizations where users are assigned organizational roles with well-defined privileges. However, due to the large number of users in nowadays online services of organizations and enterprises, assigning users to roles is a tiresome task and maintaining user-role assignment up- to-date...

As a security principle, separation of duty (SoD) is widely considered in computer security. In the role-based access control(RBAC) model, separation of duty constraints enforce conflict of interest policies. There are two main types of separation of duty policies in RBAC, Static SoD (SSoD) and Dynamic SoD (DSoD). In RBAC, Statically Mutually Exclu...

Role based access control (RBAC) model is naturally suitable to organizations where users are assigned organizational roles with well-defined privileges. Nowadays, many organizations and enterprises such as banks, insurance industry and utility companies, provide online services to their very large number of users. This shows that assigning users t...