Professor Zahir Tari

Professor Zahir Tari

RMIT University

H-index: 46

Oceania-Australia

About Professor Zahir Tari

Professor Zahir Tari, With an exceptional h-index of 46 and a recent h-index of 32 (since 2020), a distinguished researcher at RMIT University, specializes in the field of Cybersecurity, Cloud Computing, Internet of Things, Edge Computing, Distributed Systems.

His recent articles reflect a diverse array of research interests and contributions to the field:

A smart contract-based access control framework for smart healthcare systems

Proactive defense mechanism: Enhancing IoT security through diversity-based moving target defense and cyber deception

MuLCOff: A multi-layer consensus and off-chain computation for efficient and privacy-aware blockchain-based peer-to-peer energy trading

Algorithms and Architectures for Parallel Processing: 23rd International Conference, ICA3PP 2023, Tianjin, China, October 20–22, 2023, Proceedings, Part III

Transition waste optimization for coded elastic computing

Behavior‐Based Data Exfiltration Detection Methods

Data Security Threats

AICons: An AI-Enabled Consensus Algorithm Driven by Energy Preservation and Fairness

Professor Zahir Tari Information

University

RMIT University

Position

Research Director RMIT Cyber Security Centre School of Computing Technologies

Citations(all)

9202

Citations(since 2020)

4547

Cited By

7343

hIndex(all)

46

hIndex(since 2020)

32

i10Index(all)

171

i10Index(since 2020)

85

Email

University Profile Page

RMIT University

Professor Zahir Tari Skills & Research Interests

Cybersecurity

Cloud Computing

Internet of Things

Edge Computing

Distributed Systems

Top articles of Professor Zahir Tari

A smart contract-based access control framework for smart healthcare systems

Authors

Amal Abid,Saoussen Cheikhrouhou,Slim Kallel,Zahir Tari,Mohamed Jmaiel

Journal

The Computer Journal

Published Date

2024/2

Security faces huge challenges in Internet of Things (IoT) environments. In particular, conventional access control standards and models tend to be less tailored for IoT due to the constrained nature of smart objects. Usually, a powerful third party is used to handle the access control logic. However, this third party is lacking in transparency and could harm user privacy. Therefore, providing a distributed access control solution, while considering transparency and privacy-preserving awareness in IoT smart systems, is of paramount importance. The described issue can be addressed using the emergent Blockchain technology that provides a promising choice to build a new generation of decentralized and transparent access control solutions. This paper proposes a smart contract-based access control framework for IoT smart healthcare systems, which is based on smart contracts to provide a distributed and …

Proactive defense mechanism: Enhancing IoT security through diversity-based moving target defense and cyber deception

Authors

Zubaida Rehman,Iqbal Gondal,Mengmeng Ge,Hai Dong,Mark Gregory,Zahir Tari

Journal

Computers & Security

Published Date

2024/4/1

The Internet of Things (IoT) has become increasingly prevalent in various aspects of our lives, enabling billions of devices to connect and communicate seamlessly. However, the intricate nature of IoT connections and device vulnerabilities exposes the devices to security threats. To address the security challenges, we propose a proactive defense framework that leverages a model-based approach for security analysis and facilitates the defense strategies. Our proposed approach incorporates proactive defense mechanisms that combine Moving Target Defense techniques with cyber deception. The proposed approach involves the use of a decoy nodes as a deception technique and operating system based diversity as a moving target defense strategy to change the attack surface area of IoT networks. Additionally, we introduce a technique known as Important Measure-based Operating System Diversity to reduce …

MuLCOff: A multi-layer consensus and off-chain computation for efficient and privacy-aware blockchain-based peer-to-peer energy trading

Authors

Juhar Ahmed Abdella,Zahir Tari,Nasrin Sohrabi,Redowan Mahmud

Journal

IEEE Network

Published Date

2024/1/19

Blockchain-based peer-to-peer ET (P2P-ET) is expected to be a key element of the next-generation power system due to its decentralized nature, immutable data structure and smart contract capability that allows energy contracts to be made on the blockchain. However, blockchain suffers from performance, scalability and privacy challenges. To address these challenges, we propose MuLCOff, a multi-layer consensus and off-chain computation-based P2P-ET system. MuLCOff’s architecture consists of three network layers, where each layer consists of multiple blockchain network shards that can operate as an independent permissioned blockchain network. The network shards can participate in multiple layers of consensus simultaneously. Unlike previous systems, MuLCOff supports the concurrent processing of transactions across different consensus layers. Each network shard also has an associated off-chain …

Algorithms and Architectures for Parallel Processing: 23rd International Conference, ICA3PP 2023, Tianjin, China, October 20–22, 2023, Proceedings, Part III

Authors

Jesus Carretero,Javier Garcia-Blas,Ryan KL Ko,Peter Mueller,Koji Nakano

Journal

16th International Conference, ICA3PP

Published Date

2016/1/1

Welcome to the workshop proceedings of the 16th International Conference on Algorithms and Architectures for Parallel Processing (ICA3PP 2016), which was organized by the University of Madrid Carlos III and the University of Granada. It was our great pleasure to organize the ICA3PP 2016 conference in Granada, Spain, during December 14–16, 2016. On behalf of the Organizing Committee of the conference, we would like to express our cordial gratitude to all participants who attended the conference.ICA3PP 2016 was the 16th event in the series of conferences started in 1995 that is devoted to algorithms and architectures for parallel processing. ICA3PP is now recognized as the main regular international event that covers many dimensions of parallel algorithms and architectures, encompassing fundamental theoretical approaches, practical experimental projects, and commercial components and systems …

Transition waste optimization for coded elastic computing

Authors

Son Hoang Dau,Ryan Gabrys,Yu-Chih Huang,Chen Feng,Quang-Hung Luu,Eidah J Alzahrani,Zahir Tari

Journal

IEEE Transactions on Information Theory

Published Date

2023/2/22

Distributed computing, in which a resource-intensive task is divided into subtasks and distributed among different machines, plays a key role in solving large-scale problems. Coded computing is a recently emerging paradigm where redundancy for distributed computing is introduced to alleviate the impact of slow machines (stragglers) on the completion time. We investigate coded computing solutions over elastic resources, where the set of available machines may change in the middle of the computation. This is motivated by recently available services in the cloud computing industry (e.g., EC2 Spot, Azure Batch) where low-priority virtual machines are offered at a fraction of the price of the on- demand instances but can be preempted on short notice. Our contributions are three-fold. We first introduce a new concept called transition waste that quantifies the number of tasks existing machines must abandon or take …

Behavior‐Based Data Exfiltration Detection Methods

Authors

Zahir Tari,Nasrin Sohrabi,Yasaman Samadi,Jakapan Suaboot

Published Date

2023

This chapter covers all the details related to the method Sub‐Curve hidden Markov model (HMM) that aims to accurately detect data exfiltration behaviors that occur at any time a process is executing. Sub‐Curve HMM is a feature extraction method based on HMM, which makes use of application programming interface (API) call sequences by extracting the sub‐contained behavior from a long API call sequence. Sub‐Curve HMM is probably one of the early attempts to extract the sub‐contained pattern from a long API call sequence to detect data exfiltration malware. This enables small pieces of malicious activities contained in the long API call sequence to be detected. The limitations of current detection solutions are also considered here, especially in terms of a long API call sequence. Compared to existing methods, Sub‐Curve HMM outperforms baseline methods across several data sets with various average API …

Data Security Threats

Authors

Zahir Tari,Nasrin Sohrabi,Yasaman Samadi,Jakapan Suaboot

Published Date

2023

This chapter looks at existing data security threats that cause a wide range of damages, including the physical destruction of an entire information system facility due to a fire or flood and database integrity security breaches. Security threats can be identified and categorized using a variety of methods and standards. The main recent security threats are Malware, Denial of Service, SQL injection, Emotet (malspam), social engineering and phishing, Man‐in‐the‐Middle, and password attacks. Each of these data security threats has its specific features for stealing the data and compromising any given system. This chapter provides details of these security threats so as to provide readers with a better understanding of the various concepts of cybersecurity threats.

AICons: An AI-Enabled Consensus Algorithm Driven by Energy Preservation and Fairness

Authors

Qi Xiong,Nasrin Sohrabi,Hai Dong,Chenhao Xu,Zahir Tari

Journal

arXiv preprint arXiv:2304.08128

Published Date

2023/4/17

Blockchain has been used in several domains. However, this technology still has major limitations that are largely related to one of its core components, namely the consensus protocol/algorithm. Several solutions have been proposed in literature and some of them are based on the use of Machine Learning (ML) methods. The ML-based consensus algorithms usually waste the work done by the (contributing/participating) nodes, as only winners' ML models are considered/used, resulting in low energy efficiency. To reduce energy waste and improve scalability, this paper proposes an AI-enabled consensus algorithm (named AICons) driven by energy preservation and fairness of rewarding nodes based on their contribution. In particular, the local ML models trained by all nodes are utilised to generate a global ML model for selecting winners, which reduces energy waste. Considering the fairness of the rewards, we innovatively designed a utility function for the Shapley value evaluation equation to evaluate the contribution of each node from three aspects, namely ML model accuracy, energy consumption, and network bandwidth. The three aspects are combined into a single Shapley value to reflect the contribution of each node in a blockchain system. Extensive experiments were carried out to evaluate fairness, scalability, and profitability of the proposed solution. In particular, AICons has an evenly distributed reward-contribution ratio across nodes, handling 38.4 more transactions per second, and allowing nodes to get more profit to support a bigger network than the state-of-the-art schemes.

VU Research Portal

Authors

Jef Vandenberghe,Youbin Sun,Xianyan Wang,Hemmo Abels,Xing Xing Liu

Published Date

2018

After a previous review of the grain-size characteristics of in situ (primary) fine-grained aeolian deposits, reworked (secondary) aeolian deposits, as modified in lacustrine environments and by alluvial and pedogenic processes, are discussed in this paper. As a reference, the grain-size characteristics of primary loess deposits are shortly described. Commonly, pedogenesis and weathering of primary loess may lead to clay neoformation and thus to an enrichment in grain diameters of 4–8 μm, a size which is comparable to the fine background loess. Remarkably, the modal grain-size values of primary loess are preserved after re-deposition in lakes and floodplains. But, secondary lacustrine settings show a very characteristic admixture with a clayey population of 1–2, 5 μm diameter due to the process of settling in standing water. Similarly, alluvial settings show often an addition with coarse-grained sediment supplied by previously eroded sediment. However, floodplain settings show also often the presence of pools and other depressions which behave similarly to lacustrine environments. As a result, alluvial secondary loess sediments are characterized by the poorest grain-size sorting when compared with the other secondary loess and primary loess. Despite the characteristic texture of each of these deposits, grain-size characteristics of the described individual sediment categories are not always fully diagnostic and thus grain-size analysis should be complemented by other information, as sedimentary structures and fauna or flora, to reliably reconstruct the sedimentary processes and environments.

Explainable intrusion detection for cyber defences in the internet of things: Opportunities and solutions

Authors

Nour Moustafa,Nickolaos Koroniotis,Marwa Keshk,Albert Y Zomaya,Zahir Tari

Published Date

2023/5/26

The field of Explainable Artificial Intelligence (XAI) has garnered considerable research attention in recent years, aiming to provide interpretability and confidence to the inner workings of state-of-the-art deep learning models. However, XAI-enhanced cybersecurity measures in the Internet of Things (IoT) and its sub-domains, require further investigation to provide effective discovery of attack surfaces, their corresponding vectors, and interpretable justification of model outputs. Cyber defence involves operations conducted in the cybersecurity field supporting mission objectives to identify and prevent cyberattacks using various tools and techniques, including intrusion detection systems (IDS), threat intelligence and hunting, and intrusion prevention. In cyber defence, especially anomaly-based IDS, the emerging applications of deep learning models require the interpretation of the models’ architecture and the …

Energy efficient resource controller for Apache Storm

Authors

MohammadReza HoseinyFarahabady,Javid Taheri,Albert Y Zomaya,Zahir Tari

Journal

Concurrency and Computation: Practice and Experience

Published Date

2023/8/1

Apache Storm is a distributed processing engine that can reliably process unbounded streams of data for real‐time applications. While recent research activities mostly focused on devising a resource allocation and task scheduling algorithm to satisfy high performance or low latency requirements of Storm applications across a distributed and multi‐core system, finding a solution that can optimize the energy consumption of running applications remains an important research question to be further explored. In this article, we present a controlling strategy for CPU throttling that continuously optimize the level of consumed energy of a Storm platform by adjusting the voltage and frequency of the CPU cores while running the assigned tasks under latency constraints defined by the end‐users. The experimental results running over a Storm cluster with 4 physical nodes (total 24 cores) validates the effectiveness of …

Blockchain-based federated learning for securing internet of things: A comprehensive survey

Authors

Wael Issa,Nour Moustafa,Benjamin Turnbull,Nasrin Sohrabi,Zahir Tari

Published Date

2023/1/13

The Internet of Things (IoT) ecosystem connects physical devices to the internet, offering significant advantages in agility, responsiveness, and potential environmental benefits. The number and variety of IoT devices are sharply increasing, and as they do, they generate significant data sources. Deep learning (DL) algorithms are increasingly integrated into IoT applications to learn and infer patterns and make intelligent decisions. However, current IoT paradigms rely on centralized storage and computing to operate the DL algorithms. This key central component can potentially cause issues in scalability, security threats, and privacy breaches. Federated learning (FL) has emerged as a new paradigm for DL algorithms to preserve data privacy. Although FL helps reduce privacy leakage by avoiding transferring client data, it still has many challenges related to models’ vulnerabilities and attacks. With the emergence of …

Temporal‐Based Data Exfiltration Detection Methods

Authors

Zahir Tari,Nasrin Sohrabi,Yasaman Samadi,Jakapan Suaboot

Published Date

2023

This chapter deals with one of the long discovered sophisticated data exfiltration threats, temporal data exfiltration; yet, not many research works have proposed solution to this problem. This chapter describes TMBoW – Temporary Memory Bag‐of Words – to capture time‐delay data exfiltration activities. The design of TMBoW is based on Bag‐of‐Words (BoW) and sparse distributed representation (SDR) to represent textual sensitive documents. TMBoW allows many sensitive documents to be added to the detection model. This is because the SDR and BoW shrink unique words that appear in the sensitive database to only one‐bit‐per‐word frequency. The sensitive data matching process is performed via multiple bit‐wise operations. Its design enables parallel programming to be done on a modern system with a multicore processor. As a result, TMBoW can more quickly match sensitive data that appear in the …

RADAR: Reactive Concept Drift Management with Robust Variational Inference for Evolving IoT Data Streams

Authors

Abdullah Alsaedi,Nasrin Sohrabi,Redowan Mahmud,Zahir Tari

Published Date

2023/4/3

The accuracy and performance of Machine Learning (ML) models can gradually or even suddenly degrade when the underlying statistical distribution of data streams changes over time; this is known as concept drift. This phenomenon could adversely affect the IoT data management and analysis landscape that relies intensely on data-driven cognitive technologies. Therefore, concept drift should be detected immediately, which is challenging due to the increasing number of dimensional features and lack of ground truth. Its adaptive countermeasures also become difficult to design when data streams are being generated frequently and require latency-sensitive responses. The uncertainty and time dependencies characteristics of IoT data streams further intensify the complexity of concept drift management. This work proposes a reactive drift management framework named RADAR for streaming IoT applications that …

Memory‐Based Data Exfiltration Detection Methods

Authors

Zahir Tari,Nasrin Sohrabi,Yasaman Samadi,Jakapan Suaboot

Published Date

2023

This chapter looks at efficient methods that monitor sensitive data in the random access memory (RAM). The method described in this chapter is called Fast lookup Bag‐of‐Words (FBoW), and it is an approximate multipattern matching method for text documents. FBoW addresses several aspects in matching the RAM's textual sensitive data, such as scalability (i.e. when the database of sensitive data contains many documents) and noise (i.e. the noise from decoding the nontextual elements in the memory to extra characters or reordering the content as per memory paging). FBoW can be summarized as follows: (i) an innovative pattern‐matching algorithm for multiple long text corpus that is memory and run‐time efficient and (ii) a customizable approximate search algorithm that allows a user to fine‐tune a trade‐off between scalability (i.e. memory footprint and processing time) and the detection accuracy.

Serverless vehicular edge computing for the internet of vehicles

Authors

Faisal Alam,Adel N Toosi,Muhammad Aamir Cheema,Claudio Cicconetti,Pablo Serrano,Alexandru Iosup,Zahir Tari,A Sarvi

Journal

IEEE Internet Computing

Published Date

2023/5/1

Rapid growth in the popularity of smart vehicles and increasing demand for vehicle autonomy brings new opportunities for vehicular edge computing (VEC). VEC aims at offloading the time-sensitive computational load of connected vehicles to edge devices, e.g., roadside units. However, VEC offloading raises complex resource management challenges and, thus, remains largely inaccessible to automotive companies. Recently, serverless computing emerged as a convenient approach to the execution of functions without the hassle of infrastructure management. In this work, we propose the idea of serverless VEC as the execution paradigm for Internet of Vehicles applications. Further, we analyze its benefits and drawbacks as well as identify technology gaps. We also propose emulation as a design, evaluation, and experimentation methodology for serverless VEC solutions. Using our emulation toolkit, we validate …

Data Exfiltration Threats and Prevention Techniques: Machine Learning and Memory-based Data Security

Authors

Zahir Tari,Nasrin Sohrabi,Yasaman Samadi,Jakapan Suaboot

Published Date

2023/5/22

DATA EXFILTRATION THREATS AND PREVENTION TECHNIQUES Comprehensive resource covering threat prevention techniques for data exfiltration and applying machine learning applications to aid in identification and prevention Data Exfiltration Threats and Prevention Techniques provides readers the knowledge needed to prevent and protect from malware attacks by introducing existing and recently developed methods in malware protection using AI, memory forensic, and pattern matching, presenting various data exfiltration attack vectors and advanced memory-based data leakage detection, and discussing ways in which machine learning methods have a positive impact on malware detection. Providing detailed descriptions of the recent advances in data exfiltration detection methods and technologies, the authors also discuss details of data breach countermeasures and attack scenarios to show how the reader may identify a potential cyber attack in the real world. Composed of eight chapters, this book presents a better understanding of the core issues related to the cyber-attacks as well as the recent methods that have been developed in the field. In Data Exfiltration Threats and Prevention Techniques, readers can expect to find detailed information on: Sensitive data classification, covering text pre-processing, supervised text classification, automated text clustering, and other sensitive text detection approaches Supervised machine learning technologies for intrusion detection systems, covering taxonomy and benchmarking of supervised machine learning techniques Behavior-based malware detection using API-call sequences …

Survey on Building Block Technologies

Authors

Zahir Tari,Nasrin Sohrabi,Yasaman Samadi,Jakapan Suaboot

Published Date

2023

This chapter provides an extensive survey of various supervised machine learning (ML) methods needed to understand the existing intrusion detection and data leakage prevention methods. This review focuses on specific applications, namely critical infrastructures (i.e. industrial control systems such as electrical/power/water systems), as these need to be protected from major disruptions. The study conducted in this chapter illustrates the development of such systems from industry perspectives and provides a comprehensive study of supervised‐ML methods for Supervisory Control and Data Acquisition‐based IDS systems using specific criteria and properties. A framework is described to categorize various supervised‐ML methods and made qualitative and quantitative comparisons of various state‐of‐the‐art research methods to identify the directions of research that target different data auditing sources and …

RPDP: An Efficient Data Placement based on Residual Performance for P2P Storage Systems

Authors

Fitrio Pakana,Nasrin Sohrabi,Chenhao Xu,Zahir Tari,Hai Dong

Journal

arXiv preprint arXiv:2304.08692

Published Date

2023/4/18

Storage systems using Peer-to-Peer (P2P) architecture are an alternative to the traditional client-server systems. They offer better scalability and fault tolerance while at the same time eliminate the single point of failure. The nature of P2P storage systems (which consist of heterogeneous nodes) introduce however data placement challenges that create implementation trade-offs (e.g., between performance and scalability). Existing Kademlia-based DHT data placement method stores data at closest node, where the distance is measured by bit-wise XOR operation between data and a given node. This approach is highly scalable because it does not require global knowledge for placing data nor for the data retrieval. It does not however consider the heterogeneous performance of the nodes, which can result in imbalanced resource usage affecting the overall latency of the system. Other works implement criteria-based selection that addresses heterogeneity of nodes, however often cause subsequent data retrieval to require global knowledge of where the data stored. This paper introduces Residual Performance-based Data Placement (RPDP), a novel data placement method based on dynamic temporal residual performance of data nodes. RPDP places data to most appropriate selected nodes based on their throughput and latency with the aim to achieve lower overall latency by balancing data distribution with respect to the individual performance of nodes. RPDP relies on Kademlia-based DHT with modified data structure to allow data subsequently retrieved without the need of global knowledge. The experimental results indicate that RPDP …

Responsible graph neural networks

Authors

Mohamed Abdel-Basset,Nour Moustafa,Hossam Hawash,Zahir Tari

Published Date

2023/6/5

More frequent and complex cyber threats require robust, automated, and rapid responses from cyber-security specialists. This book offers a complete study in the area of graph learning in cyber, emphasizing graph neural networks (GNNs) and their cyber-security applications. Three parts examine the basics, methods and practices, and advanced topics. The first part presents a grounding in graph data structures and graph embedding and gives a taxonomic view of GNNs and cyber-security applications. The second part explains three different categories of graph learning, including deterministic, generative, and reinforcement learning and how they can be used for developing cyber defense models. The discussion of each category covers the applicability of simple and complex graphs, scalability, representative algorithms, and technical details. Undergraduate students, graduate students, researchers, cyber …

See List of Professors in Professor Zahir Tari University(RMIT University)

Professor Zahir Tari FAQs

What is Professor Zahir Tari's h-index at RMIT University?

The h-index of Professor Zahir Tari has been 32 since 2020 and 46 in total.

What are Professor Zahir Tari's top articles?

The articles with the titles of

A smart contract-based access control framework for smart healthcare systems

Proactive defense mechanism: Enhancing IoT security through diversity-based moving target defense and cyber deception

MuLCOff: A multi-layer consensus and off-chain computation for efficient and privacy-aware blockchain-based peer-to-peer energy trading

Algorithms and Architectures for Parallel Processing: 23rd International Conference, ICA3PP 2023, Tianjin, China, October 20–22, 2023, Proceedings, Part III

Transition waste optimization for coded elastic computing

Behavior‐Based Data Exfiltration Detection Methods

Data Security Threats

AICons: An AI-Enabled Consensus Algorithm Driven by Energy Preservation and Fairness

...

are the top articles of Professor Zahir Tari at RMIT University.

What are Professor Zahir Tari's research interests?

The research interests of Professor Zahir Tari are: Cybersecurity, Cloud Computing, Internet of Things, Edge Computing, Distributed Systems

What is Professor Zahir Tari's total number of citations?

Professor Zahir Tari has 9,202 citations in total.

    academic-engine

    Useful Links