Bahaa

Verified email at uokufa.edu.iq

ECE department, Faculty of Engineering
Assist. Prof. Bahaa Al-Musawi



                                                           

https://researchid.co/bahaamusawi

RESEARCH INTERESTS

Internet security, routing protocol, anomaly detection, machine learning

13

Scopus Publications

210

Scholar Citations

6

Scholar h-index

3

Scholar i10-index

Scopus Publications

  • A Survey of BGP Anomaly Detection Using Machine Learning Techniques
    Noor Hadi Hammood, Bahaa Al-Musawi, and Ahmed Hazim Alhilali

    Communications in Computer and Information Science, ISSN: 18650929, eISSN: 18650937, Volume: 1554 CCIS, Pages: 109-120, Published: 2022 Springer Singapore

  • Flow-Based Intrusion Detection Systems: A Survey
    Aliaa Al-Bakaa and Bahaa Al-Musawi

    Communications in Computer and Information Science, ISSN: 18650929, eISSN: 18650937, Volume: 1554 CCIS, Pages: 121-137, Published: 2022 Springer Singapore

  • Using BGP Features towards Identifying Type of BGP Anomaly
    Noor Hadi Hammood and Bahaa Al-Musawi

    2021 International Congress of Advanced Technology and Engineering, ICOTEN 2021, Published: 4 July 2021 IEEE
    Unregular events such as large-scale power outages and routing table leaks (RTL) can negatively affect the global routing stability and interrupt Internet services. The Border Gateway Protocol (BGP) is the de-facto Internet routing protocol responsible for managing connectivity between Autonomous Systems (ASes). Detecting BGP anomalies enables network operators to protect their network and helps to improve Internet reliability. This paper suggests using different feature selection algorithms to find out the most effective BGP features then use these features to identify types of anomalies. Out of 55 extracted BGP features, we find out that 9 BGP features indicate identifying RTL and link failure. BGP features related to volumes such as total number of announcements per prefix, number of IPV4 announcements, and implicit withdrawal represent a key to identify RTL. In contrast, BGP features related to Origin change and AS-PATH, such as announcement to the longer path and Edit distance, represent a key to identify link failure.

  • Improving the Performance of Intrusion Detection System through Finding the Most Effective Features
    Aliaa Al-Bakaa and Bahaa Al-Musawi

    2021 International Congress of Advanced Technology and Engineering, ICOTEN 2021, Published: 4 July 2021 IEEE
    In recent years, we witnessed the ensuing surge in massive numbers and types of attacks. The future years will continue these trends but at a faster pace as a result of increasing the number of devices and the development of IoT devices. Thus, it becomes really important to detect different types of threats and hence secure these resources. To that end, previous works examined different feature selection techniques and machine learning algorithms. However, they are either suffer from a low detection accuracy or are not able to detect various types of attacks particularly the low-frequency attacks like worms. In this paper, we use multiple feature selection algorithms to find the subset of the more relevant features regarding each type of attack. Forward Selection Ranking and Backward Elimination Ranking algorithms are used along with decision tree classifier and random forest classifier. The system is evaluated in terms of accuracy, precision, sensitivity, and F-score and shows very high performance in detecting all types of attacks. It can detect all types of attacks with an accuracy rate of 99.9% and 99.96% for binary classification.

  • An advanced classification of cloud computing security techniques: A survey
    Sabah M. Alturfi, Bahaa Al-Musawi, and Haydar Abdulameer Marhoon

    AIP Conference Proceedings, ISSN: 0094243X, eISSN: 15517616, Volume: 2290, Published: 4 December 2020 AIP Publishing
    Cloud computing provides scalable, on-demand, and highly available computing resources via the internet to both the public and private on a pay-per-use basis. It eliminates the requirement of purchasing new hardware and software licenses besides reducing administration efforts. The key issue of cloud computing is the security of its resources and data and need to be protected from different attacks. Different research studies have been proposed various methods for intrusion detection and prevention. Thus, two major threats techniques have been defined and addressed, signature technique and anomaly technique. In this paper, an advanced classification has been identified with describing the advantages and limitations of each method to support the researchers with well-organized roadmap to deal with these attacks.

  • Internet of Things security techniques: A survey
    Sabah M. Alturfi, Haydar Abdulameer Marhoon, and Bahaa Al-Musawi

    AIP Conference Proceedings, ISSN: 0094243X, eISSN: 15517616, Volume: 2290, Published: 4 December 2020 AIP Publishing
    With the rapid growth of Internet technologies, Internet of Things (IoT) devices have become widely required. A huge number of smart devices around the world containing sensors and actuators are collecting data and processing it to perform specific actions. As these services deployed via the Internet, it becomes an easy target to the vulnerabilities. The defenses against these threats need to maximize and ensure high security to maintain the confidentiality, availability, and integrity of IoT resources. Different techniques and approaches have been proposed and established to protect smart devices and data from attacks. This survey uses the five layers architecture to explore different types of threats and vulnerabilities at an individual layer of IoT architecture. It also reviews different types of techniques and, approaches and methods to secure IoT architecture.

  • Design and implementation of fast floating point units for FPGAs
    Mohammed Falih Hassan, Karime Farhood Hussein, and Bahaa Al-Musawi

    Indonesian Journal of Electrical Engineering and Computer Science, ISSN: 25024752, eISSN: 25024760, Pages: 1480-1489, Published: September 2020 Institute of Advanced Engineering and Science
    <p>Due to growth in demand for high-performance applications that require high numerical stability and accuracy, the need for floating-point FPGA has been increased. In this work, an open-source and efficient floating-point unit is implemented on a standard Xilinx Sparton-6 FPGA platform. The proposed design is described in a hierarchal way starting from functional block descriptions toward modules level design. Our implementation used minimal resources available on the targeting FPGA board, tested on Sparton-6 FPGA platform and verified on ModelSim. The open-source framework can be embedded or customized for low-cost FPGA devices that do not offer floating-point units.</p>

  • RDTD: A tool for detecting internet routing disruptions at AS-level
    Bahaa Al-Musawi, Mohammed Hassan, and Sabah Alturfi

    Journal of Telecommunications and the Digital Economy, ISSN: 22031693, Pages: 18-30, Published: June 2020 Telecommunications Association Inc.
    Anomalous events such as link failure, misconfiguration, and Denial of Service attacks can affect the Internet inter-domain routing protocol. This effect can range from small to large-scale impact. While large-scale events can be detected using one or multiple global monitoring points, small-scale events need monitoring at the Autonomous System (AS) level. This paper presents a Real-time Detection Tool for Internet routing protocol Disruptions (RDTD) at AS-level. RDTD is a black-box statistical approach that detects disruptions based on observing changes in the underlying behaviour of a series of inter-domain routing updates rather than information contained in inter-domain routing updates. The RDTD can be connected to a designated AS to detect disruptions at that AS or to one of the collectors at public vantage points to detect the Internet routing disruptions from the public vantage-point’s view. The evaluation of the detection tool has been made through replaying route traffic related to one of the most well-known events within a controlled testbed. Our evaluation shows the ability of the detection tool to detect route leak in near real-time without requiring a long history of data. RDTD can also detect hidden anomalous behaviour in the underlying traffic that may pass without detection.

  • Energy-Balanced and Distributed Clustering Protocol for IoT Wireless Sensors
    Mohammed Falih Hassan, Shiva Raj Pokhrel, and Bahaa Al-Musawi

    2020 IEEE Wireless Communications and Networking Conference Workshops, WCNCW 2020 - Proceedings, Published: April 2020 IEEE
    With the ensuing massive communication demands required for IoT Wireless Sensor Networks (WSNs), conventional routing protocols in wireless networks are not applicable to the massive IoT sensors networking. Consequently, a new type of protocols called energy-aware routing protocols have been proposed. Major design goals of such protocols are to uniformly distribute energy consumption among the IoT nodes and minimize the energy dissipation optimally. In this paper, we develop a novel Energy Balanced Distributed Clustering protocol (EBDC) to minimize the energy consumption among sensor nodes uniformly. Moreover, the proposed EBDC is based on an adaptive clustering and re-clustering process. We evaluate the proposed protocol on different energy-based WSNs protocols. Our evaluation shows EBDC achieves a notable enhancement in terms of balanced energy consumption and extended network lifetime compared to the other existing protocols. Besides, we propose a new metric for the evaluation of protocols.

  • Identifying OSPF LSA falsification attacks through non-linear analysis
    Bahaa Al-Musawi, Philip Branch, Mohammed Falih Hassan, and Shiva Raj Pokhrel

    Computer Networks, ISSN: 13891286, Volume: 167, Published: 11 February 2020 Elsevier BV

  • Recurrence behaviour of BGP traffic
    Bahaa Al-Musawi, Philip Branch, and Grenville Armitage

    2017 27th International Telecommunication Networks and Applications Conference, ITNAC 2017, Volume: 2017-January, Pages: 1-7, Published: 15 December 2017 IEEE
    The Border Gateway Protocol (BGP) is an Internet routing protocol responsible for exchanging network reachability information between Autonomous Systems (ASes). Monitoring and mining BGP traffic are important aspects to understand and improve the stability of the Internet. However, identifying the characteristics of BGP traffic is much harder than it seems at a first glance where BGP traffic has been identified as complex, voluminous, and noisy. In this paper, we show that BGP traffic can be understood as an aggregation of oscillations of different frequencies from different ASes. Using linear and nonlinear statistical analysis, we show that BGP traffic shows recurrent behaviour. The source of this behaviour is unsynchronised periodic behaviour from a set of ASes.

  • BGP Anomaly Detection Techniques: A Survey
    Bahaa Al-Musawi, Philip Branch, and Grenville Armitage

    IEEE Communications Surveys and Tutorials, eISSN: 1553877X, Pages: 377-396, Published: First Quarter 2017 Institute of Electrical and Electronics Engineers (IEEE)
    The border gateway protocol (BGP) is the Internet’s default inter-domain routing protocol that manages connectivity among autonomous systems (ASes). Over the past two decades many anomalies of BGP have been identified that threaten its stability and reliability. This survey discusses and classifies these anomalies and discusses the 20 most significant techniques used to identify them. Our classification is based on the broad category of approach, BGP features used to identify the anomaly, effectiveness in identifying the anomaly and effectiveness in identifying which AS was the location of the event that caused the anomaly. We also discuss a number of key requirements for the next generation of BGP anomaly detection techniques.

  • Detecting BGP instability using Recurrence Quantification Analysis (RQA)
    Bahaa Al-Musawi, Philip Branch, and Grenville Armitage

    2015 IEEE 34th International Performance Computing and Communications Conference, IPCCC 2015, Published: 17 February 2016 IEEE
    The Border Gateway Protocol (BGP) is the default Internet routing protocol that manages connectivity among Autonomous Systems (ASes). Although BGP disruptions are rare, when they occur the consequences can be very damaging. Consequently there has been considerable effort aimed at understanding what is normal and abnormal BGP traffic and, in so doing, enable potentially disruptive anomalous traffic to be identified quickly. In this paper, we make two contributions. We show that over time BGP messages from BGP speakers have deterministic, recurrence and non-linear properties, then build on this insight to introduce the idea of using Recurrence Quantification Analysis (RQA) to detect BGP instability. RQA can be used to provide rapid identification of traffic anomalies that can lead to BGP instability. Furthermore, RQA is able to detect abnormal behaviours that may pass without observation.

RECENT SCHOLAR PUBLICATIONS

  • Flow-Based Intrusion Detection Systems: A Survey
    A Al-Bakaa, B Al-Musawi
    International Conference on Applications and Techniques in Information 2021

  • A Survey of BGP Anomaly Detection Using Machine Learning Techniques
    NH Hammood, B Al-Musawi, AH Alhilali
    International Conference on Applications and Techniques in Information 2021

  • Using BGP features towards identifying type of BGP anomaly
    NH Hammood, B Al-Musawi
    2021 International Congress of Advanced Technology and Engineering (ICOTEN 2021

  • Improving the performance of intrusion detection system through finding the most effective features
    A Al-Bakaa, B Al-Musawi
    2021 International Congress of Advanced Technology and Engineering (ICOTEN), 1-9 2021

  • Internet of Things security techniques: A survey
    SM Alturfi, HA Marhoon, B Al-Musawi
    AIP Conference Proceedings 2290 (1), 040016 2020

  • An advanced classification of cloud computing security techniques: A survey
    SM Alturfi, B Al-Musawi, HA Marhoon
    AIP Conference Proceedings 2290 (1), 040017 2020

  • Design and implementation of fast floating point units for FPGAs
    MF Hassan, KF Hussein, B Al-Musawi
    Indonesian Journal of Electrical Engineering and Computer Science 19 (3 2020

  • RDTD: A tool for detecting internet routing disruptions at AS-level
    B Al-Musawi, MF Hassan, SM Alturfi
    Journal of Telecommunications and the Digital Economy 8 (2), 18-30 2020

  • Energy-Balanced and Distributed Clustering Protocol for IoT Wireless Sensors
    MF Hassan, SR Pokhrel, B Al-Musawi
    2020 IEEE Wireless Communications and Networking Conference Workshops (WCNCW 2020

  • Identifying OSPF LSA falsification attacks through non-linear analysis
    B Al-Musawi, P Branch, MF Hassan, SR Pokhrel
    Computer Networks 167, 107031 2020

  • Identifying Recurrence Behaviour in the Underlying BGP Traffic
    B Al-Musawi, P Branch
    International Journal of Information, Communication Technology and 2018

  • Identifying OSPF anomalies using recurrence quantification analysis
    B Al-Musawi, P Branch
    arXiv preprint arXiv:1805.08087 2018

  • Detecting BGP anomalies using recurrence quantification analysis
    B Al-Musawi
    Ph. D. dissertation 2018

  • Real-Time BGP Anomaly Detection Tool (RTBADT) v0.
    B Al-Musawi, P Branch, G Armitage
    2018

  • Recurrence behaviour of BGP traffic
    B Al-Musawi, P Branch, G Armitage
    2017 27th International Telecommunication Networks and Applications 2017

  • BGP Replay Tool (BRT) v0.2
    B Al-Musawi, R Al-Saadi, P Branch, G Armitage
    http://i4t.swin.edu.au/reports/I4TRL-TR-170606A.pdf 2017

  • RTBADT-Real-Time BGP Anomaly Detection Tool V0. 1
    B Al-Musawi
    December 2017

  • Rapid detection of BGP anomalies
    B Al-Musawi
    2017

  • BGP anomaly detection techniques: A survey
    B Al-Musawi, P Branch, G Armitage
    IEEE Communications Surveys & Tutorials 19 (1), 377-396 2016

  • Detecting BGP instability using recurrence quantification analysis (RQA)
    B Al-Musawi, P Branch, G Armitage
    2015 IEEE 34th International Performance Computing and Communications 2015

MOST CITED SCHOLAR PUBLICATIONS

  • BGP anomaly detection techniques: A survey
    B Al-Musawi, P Branch, G Armitage
    IEEE Communications Surveys & Tutorials 19 (1), 377-396 2016
    Citations: 108

  • Mitigating DoS/DDoS attacks using iptables
    BQM AL-Musawi
    International Journal of Engineering & Technology 12 (3), 101-111 2012
    Citations: 34

  • Detecting BGP instability using recurrence quantification analysis (RQA)
    B Al-Musawi, P Branch, G Armitage
    2015 IEEE 34th International Performance Computing and Communications 2015
    Citations: 27

  • Recurrence behaviour of BGP traffic
    B Al-Musawi, P Branch, G Armitage
    2017 27th International Telecommunication Networks and Applications 2017
    Citations: 8

  • BGP Replay Tool (BRT) v0.2
    B Al-Musawi, R Al-Saadi, P Branch, G Armitage
    http://i4t.swin.edu.au/reports/I4TRL-TR-170606A.pdf 2017
    Citations: 7

  • Detecting BGP anomalies using recurrence quantification analysis
    B Al-Musawi
    Ph. D. dissertation 2018
    Citations: 6

  • Identifying OSPF LSA falsification attacks through non-linear analysis
    B Al-Musawi, P Branch, MF Hassan, SR Pokhrel
    Computer Networks 167, 107031 2020
    Citations: 5

  • Preventing brute force attack through the analyzing log
    BQM AL-Musawi
    Iraqi Journal of Science 53 (3), 663-667 2012
    Citations: 4

  • Internet of Things security techniques: A survey
    SM Alturfi, HA Marhoon, B Al-Musawi
    AIP Conference Proceedings 2290 (1), 040016 2020
    Citations: 2

  • RTBADT-Real-Time BGP Anomaly Detection Tool V0. 1
    B Al-Musawi
    December 2017
    Citations: 2

  • Using BGP features towards identifying type of BGP anomaly
    NH Hammood, B Al-Musawi
    2021 International Congress of Advanced Technology and Engineering (ICOTEN 2021
    Citations: 1

  • Improving the performance of intrusion detection system through finding the most effective features
    A Al-Bakaa, B Al-Musawi
    2021 International Congress of Advanced Technology and Engineering (ICOTEN), 1-9 2021
    Citations: 1

  • An advanced classification of cloud computing security techniques: A survey
    SM Alturfi, B Al-Musawi, HA Marhoon
    AIP Conference Proceedings 2290 (1), 040017 2020
    Citations: 1

  • RDTD: A tool for detecting internet routing disruptions at AS-level
    B Al-Musawi, MF Hassan, SM Alturfi
    Journal of Telecommunications and the Digital Economy 8 (2), 18-30 2020
    Citations: 1

  • Energy-Balanced and Distributed Clustering Protocol for IoT Wireless Sensors
    MF Hassan, SR Pokhrel, B Al-Musawi
    2020 IEEE Wireless Communications and Networking Conference Workshops (WCNCW 2020
    Citations: 1

  • Identifying OSPF anomalies using recurrence quantification analysis
    B Al-Musawi, P Branch
    arXiv preprint arXiv:1805.08087 2018
    Citations: 1

  • Low Cost VoIP Architecture Using Open Source Software Component in Tertiary Institutions
    EN AlShemmary, BQ Al-Musawi
    INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY 3 (1a), 11-14 2012
    Citations: 1