@uokerbala.edu.iq
College of Law
Lecturer
He received the M.Sc. in Computer Science\Networks from La Trobe University, Australia in 2015. He is currently work at University of Kerbala specifically at College of Law as lecturer. His research interests include Cloud Computing Security, Internet of Things techniques, Wireless Sensor Protocols WSN, Network Protocols.
M.Sc. computer science
Computer networks, Cloud computing, Network Security
Scopus Publications
Scholar Citations
Scholar h-index
Wafaa H. Alwan and Sabah M. Alturfi
Deanship of Scientific Research
Sabah M. Alturfi, Dena Kadhim Muhsen, Mohammed A. Mohammed, Israa T. Aziz, and Mustafa Aljshamee
IOP Publishing
Cloud computing provides scalable, on-demand, and highly available computing services over the Internet to both the public and organizations on a pay-per-use basis. It provides a variety of services such as networking, storage space, and applications. The key issue for cloud computing is ensuring the confidentiality and privacy of cloud resources and data. Enticing the user to purchase cloud services requires their trust which cannot be guaranteed unless the infrastructure is effectively protected because attacks at this level will threaten the whole system. To this end, we propose the Integrated Intrusion Prevention and Detection System (IIPDS) to prevent and detect different types of attacks to the infrastructure level of the cloud system. The proposed design uses Trusted Third Party (TTP) services and SSL/TLS protocols as intrusion prevention methods to secure the communication between the cloud provider and the user. It also uses multiple Intrusion Detection Systems (IDS) distributed over multiple cloud regions. The IDS system is capable of detecting known and unknown attacks using anomaly and rule-based (signature) intrusion detection techniques. The simulation results proved the efficiency of the system in detecting a wide range of attacks with low false positive alerts and low computational overhead.
Sabah M. Alturfi, Dena Kadhim Muhsen, and Mohammed A. Mohammed
IOP Publishing
The recent communication technology tends to be wirelessly for the mobility reason. Mobile Ad-hoc Network (MANET) can be established without any infrastructure or centralized controller. It can be constructed quickly in rural areas, military zones, and in emergency cases like earthquake. Three different types of routing protocols were categorized according to their work’s nature, which are Proactive, Reactive and Hybrid routing protocols. Due to the mobility characteristic of MANET nodes, routing protocols play important role in determining the network efficiency where the network topology is changed frequently. Many studies are conducted to analyze network performance and specify the best routing protocol using different simulation tools. In this paper, the performance of network is analyzed and evaluated when heterogeneous nodes are configured with these three types of protocols under heavy traffic load (VOIP). The result of our simulation shows that OLSR protocol has the highest throughput among others while DSR protocol shows the best performance in terms of Network load. Generally, the performance of routing protocol differs depending on the network type and use.
Israa T. Aziz, Ihsan H. Abdulqadder, Sabah M. Alturfi, Rasool M. Imran, and Firas M. F. Flaih
IEEE
Many sectors are in vital requirement to the electric power supply. So, any interval in electric power will affect the operation as well as the ecosystem. Cyber-attacks in power system are focusing on smart grids (SGs) vulnerabilities to cause a partial or total blackout. The main security challenges in the network security of the SG are false data injection (FDI) attacks. The attacker tries to modify the transmitted measurements in FDI attacks via SG objects like smart meters and buses. A well-designed protection scheme for SG authentication is still a daunting task. State estimation (SE) is a significant feature for detecting errors in modern SGs, which provides contributions to both management and control of power grids. A new architecture to solve the problem of FDI attacks is proposed in this study. First, the sensors capture measurements from power grids and encrypt them using an elliptical curve cryptography algorithm. Then, the measurements transmitted to a centralised aggregator, which is responsible for the results of SE. Second, after obtaining the measurements, the aggregator estimates the state using the least-squares weighted SE method with the aid of an improved particle swarm optimisation algorithm. All requests received by the control server are authenticated to ensure that requests are sent from an approved aggregator. The given architecture solves a significant issue of FDI attacks. The proposed architecture conducted on the IEEE 14-bus system. The findings show a positive performance in terms of minimising the estimation error.
Sabah M. Alturfi, Bahaa Al-Musawi, and Haydar Abdulameer Marhoon
AIP Publishing
Cloud computing provides scalable, on-demand, and highly available computing resources via the internet to both the public and private on a pay-per-use basis. It eliminates the requirement of purchasing new hardware and software licenses besides reducing administration efforts. The key issue of cloud computing is the security of its resources and data and need to be protected from different attacks. Different research studies have been proposed various methods for intrusion detection and prevention. Thus, two major threats techniques have been defined and addressed, signature technique and anomaly technique. In this paper, an advanced classification has been identified with describing the advantages and limitations of each method to support the researchers with well-organized roadmap to deal with these attacks.
Sabah M. Alturfi, Haydar Abdulameer Marhoon, and Bahaa Al-Musawi
AIP Publishing
With the rapid growth of Internet technologies, Internet of Things (IoT) devices have become widely required. A huge number of smart devices around the world containing sensors and actuators are collecting data and processing it to perform specific actions. As these services deployed via the Internet, it becomes an easy target to the vulnerabilities. The defenses against these threats need to maximize and ensure high security to maintain the confidentiality, availability, and integrity of IoT resources. Different techniques and approaches have been proposed and established to protect smart devices and data from attacks. This survey uses the five layers architecture to explore different types of threats and vulnerabilities at an individual layer of IoT architecture. It also reviews different types of techniques and, approaches and methods to secure IoT architecture.
Bahaa Al-Musawi, Mohammed Hassan, and Sabah Alturfi
Telecommunications Association Inc.
Anomalous events such as link failure, misconfiguration, and Denial of Service attacks can affect the Internet inter-domain routing protocol. This effect can range from small to large-scale impact. While large-scale events can be detected using one or multiple global monitoring points, small-scale events need monitoring at the Autonomous System (AS) level. This paper presents a Real-time Detection Tool for Internet routing protocol Disruptions (RDTD) at AS-level. RDTD is a black-box statistical approach that detects disruptions based on observing changes in the underlying behaviour of a series of inter-domain routing updates rather than information contained in inter-domain routing updates. The RDTD can be connected to a designated AS to detect disruptions at that AS or to one of the collectors at public vantage points to detect the Internet routing disruptions from the public vantage-point’s view. The evaluation of the detection tool has been made through replaying route traffic related to one of the most well-known events within a controlled testbed. Our evaluation shows the ability of the detection tool to detect route leak in near real-time without requiring a long history of data. RDTD can also detect hidden anomalous behaviour in the underlying traffic that may pass without detection.
Israa T. Aziz, Hai Jin, Ihsan H. Abdulqadder, Sabah M. Alturfi, Wisam H. Alobaidi, and Firas M.F. Flaih
MDPI AG
False data injection (FDI) attacks are a major security threat to smart grid (SG) communication systems. In FDI attacks, the attacker has the ability of modifying the measurements transmitted by smart grid entities such as smart meters, buses, etc. Many solutions have been proposed to mitigate FDI attacks in the SG. However, most of these solutions rely on centralized state estimation (SE), which is computationally expensive. To engulf this problem in FDI attack detection and to improve security of SGs, this paper proposes novel two-tier secure smart grid (T2S2G) architecture with distributed SE. In T2S2G, measurement collection and SE are involved in first tier while compromised meter detection is involved in second tier. Initially the overall SG system is divided into four sections by the weighted quad tree (WQT) method. Each section is provided with an aggregator, which is responsible to perform SE. Measurements from power grids are collected by remote terminal units (RTUs) and encrypted using a parallel enhanced elliptic curve cryptography (PEECC) algorithm. Then the measurements are transmitted to the corresponding aggregator. Upon collected measurements, aggregator estimates state using the amended particle swarm optimization (APSO) algorithm in a distributed manner. To verify authenticity of aggregators, each aggregator is authenticated by a logical schedule based authentication (LSA) scheme at the control server (CS). In the CS, fuzzy with a neural network (FNN) algorithm is employed for measurements classification. Our proposed T2S2G shows promising results in the following performance metrics: Estimation error, number of protected measurements, detection probability, successful detection rate, and detection delay.