Ihab Darwish

Ihab Darwish
Fairleigh Dickinson University

PhD - Electrical Engineering
Director of the Cybersecurity Program - FDU Florham Campus

About

11
Publications
21,549
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
187
Citations
Introduction
Skills and Expertise
Cloud Computing
Virtualization
Computer Networking
Network Security
Security
Network Architecture
Computer Networks Security
Network Administration
Network Management
Wireless Networks
Additional affiliations
January 2017 - February 2017
City College of New York
City College of New York
  • Department of Electrical Engineering
  • New York City, United States
Position
  • Lecturer
October 2011 - present
DeVry University
DeVry University
  • College of Engineering and Information Sciences
  • Chicago, United States
Position
  • Professor

Publications

Publications (11)
Blockchain for Securing Custom/User-Defined Protocols in P4 Programmable Switches
Conference Paper
Full-text available
  • Oct 2023
P4 (Programming Protocol-Independent Packet Processors) represents a paradigm shift in network programmability by providing a high-level language to define packet processing behavior in network switches/devices. The importance of P4 lies in its ability to overcome the limitations of OpenFlow, the previous de facto standard for software-defined netw...
View
Fig. 1. Detection and Mitigation Strategy 
Fig. 3. RTTD Experimental Model 
Fig. 4. Detection and Mitigation Algorithm 
Attack Detection and Mitigation Techniques in Industrial Control System -Smart Grid DNP3
Conference Paper
Full-text available
  • May 2018
Detection and mitigation strategies using statistical Bayesian approach is performed to analyze attacks on Distributed Network Protocol 3 (DNP3) environment related to Industrial Control Systems (ICS) and the smart power grid. Our novel approach in this research paper is to create an attack detection model based on the Round Trip Time Delay (RTTD)...
View
DNP3 packet capture in .pcap format and Extracted Dataset in .csv
Data
  • Jun 2017
This holds the wireshark packet capture (in .pcap format) used for our paper and its extracted dataset in .csv: Paper: Deterministic Dendritic Cell Algorithm Application to Smart Grid Cyber-Attack Detection ----->> USING THIS PCAP/CSV FILE REQUIRES THAT YOU CITE THE ABOVE PAPER
View
Fig. 1. The proposed dDCA-based detection technique. 
Fig. 2. An architecture of a DNP3 network running the proposed...
Fig. 3. Danger and safe signals before averaging and multiplication...
Fig. 4. Danger and safe signals after averaging and multiplication...
Fig. 5. ROC curve for different multiplier values. The TPR-axis have...
Deterministic Dendritic Cell Algorithm Application to Smart Grid Cyber-Attack Detection
Conference Paper
Full-text available
  • Jun 2017
The Distributed Network Protocol v3.0 (DNP3) is one of the most widely used protocols for smart grid communications. Security challenges which could cause great scale of damages to critical infrastructure like the smart grid have emerged in recent years. This paper investigates the attacks that target smart grids which utilize the DNP3 protocol, an...
View
Smart Grid Vulnerability Assessment Using National Testbed Networks
Chapter
Full-text available
  • Jun 2017
Security is an essential way to promote safety, protection, and data privacy. Security in critical infrastructure is about making data available only to authorized and authenticated users and ensuring the reliability of a system’s operation with confidentiality and integrity. It is a balance between having the right mix of policies, strategies, and...
View
Vulnerability Assessment and Experimentation of Smart Grid DNP3
Article
Full-text available
  • Jun 2016
Smart-grids security is becoming a challenging research area that has emerged in recent years facing the energy sector. Threats are arising every day that could cause great scale of damages in critical infrastructure. Our paper will assess vulnerabilities pertaining to internal security threats associated with the smart grid.We will perform penetra...
View
Fig. 1. Rule table as seen in each network intrusion detection system. 
Fig. 2. Topology showing interconnected distributed network intrusion...
Fig. 3. Information gain of all forty-one features of the dataset.
Fig. 4. Summary of the detection result on the KDDTrain+20% dataset.
Distributed Network Intrusion Detection System: An Artificial Immune System Approach
Conference Paper
Full-text available
  • Jun 2016
Intrusion detection is the identification of unauthorized use, misuse, and abuse of computer system infrastructures by both system insiders and external intruders. Detecting intrusion in distributed network from outside network segment as well as from inside is a difficult problem. Network based Intrusion Detection System (NIDS) must analyze a larg...
View
Figure 1 DNP3 Protocol Stack. 
Figure 2 DNP3 Packet Blocks. 
Figure 3 MITM Attack State Diagram 1. 
Figure 4 A cyber-attack model. 
+14 Figure 5 Packets received from the outstation as seen at the master...
Vulnerability Assessment and Experimentation of Smart Grid DNP3
Article
Full-text available
  • Jan 2016
Smart-grids security is becoming a challenging research area that has emerged in recent years facing the energy sector. Threats are arising every day that could cause great scale of damages in critical infrastructure. Our paper will assess vulnerabilities pertaining to internal security threats associated with the smart grid. We will perform penetr...
View
Fig. 3. A cyber-attack scenario 1 – DNP3 Unsolicited Message Attack 
Fig. 4. Virtual Environment Network 
Fig. 5. DETER Lab Testbed Network 
Fig. 6. Unsolicited Messages Attack Flowchart " Fig. 7 " , below shows...
+1 Fig. 7. DNP3 Modified Message Request Packet 
Smart Grid DNP3 Vulnerability Analysis and Experimentation
Conference Paper
Full-text available
  • Nov 2015
This paper highlights different security threats and vulnerabilities that is being challenged in smart-grid utilizing Distributed Network Protocol (DNP3) as a real time communication protocol. Experimentally, we will demonstrate two scenarios of attacks; unsolicited message attack and data set injection. The experiments were run on a computer virtu...
View
Fig. 1. A cyber-attack Model 
Fig. 2. MITM Attack State Diagram 1 
Experimental and theoretical modeling of DNP3 attacks in smart grids
Conference Paper
Full-text available
  • Sep 2015
Security challenges have emerged in recent years facing smart-grids in the energy sector. Threats are arising every day that could cause great scale of damages in critical infrastructure. Our paper will address internal security threats associated with smart grid in a simulated virtual environment involving DNP3 protocol. We will analyze vulnerabil...
View
Fig. 1. Na and Nc are contending to talk to N b . 
Fig. 2. (a) Traffic Sent (packets/second) by a node when following the...
Fig. 3. Comparison (throughput vs. the number of nodes present in the...
Fig. 8. Traffic Sent (packets/second) using DSSS for 10 nodes in chain...
Combating Insider Attacks in IEEE 802.11 Wireless Networks with Broadcast Encryption
Conference Paper
Full-text available
  • May 2014
The IEEE 802.11 protocols are used by millions of smartphone and tablet devices to access the Internet via Wi-Fi wireless networks or communicate with one another directly in a peer-to-peer mode. Insider attacks are those originating from a trusted node that had initially passed all the authentication steps to access the network and then got compro...
View

Questions

Questions (2)
Availability of Tested C++ Open Source Code for Modbus TCP/IP on Linux?
Question
  • Jan 2018
Dear All--
In order to implement Modbus in my research related to power grid and smart grid environment as part of the energy sector, I am looking for a complete C++ open source code on Linux for Modbus TCP/IP version with full capability involving master and slave operation. I have tried so many sources but implementation was extremely difficult with lack of documentation. Awaiting to receive your feedback and help!
View
I am looking for SCADA based large data set related to DNP3 protocol?
Question
  • Aug 2016
For the purpose of attack analysis in smart grid network, I am trying to locate a traffic capture or PCAP data set with various attack types. Data set should be related to smart grid implementation in the power industry using DNP3 protocol. The environment could be real or it could be a large testbed setup.
Thanks,,
View

Network

Cited
View All
Cited By
View All