Doctoral Theses and Dissertations

Permanent URI for this collectionhttps://hdl.handle.net/10294/2900

Browse

Browsing Doctoral Theses and Dissertations by Author "Al-Anbagi, Irfan"

Filter results by typing the first few letters
Now showing 1 - 4 of 4
  • Thumbnail Image
    ItemOpen Access
    A security risk assessment framework for IoT systems
    (Faculty of Graduate Studies and Research, University of Regina, 2024-12) Waqdan, Mofareh Abdullah S; Mouhoub, Malek; Louafi, Habib; Shahriar, Nashid; Hepting, Daryl; Uddin, Md. Sami; Al-Anbagi, Irfan; Amamra, Abdelfattah
    The emergence and growth of the Internet of Things (IoT) have changed how we live and interact with technology. The seamless integration of connected devices, from household to industrial equipment, has brought about a new era of interconnectedness. However, this rapid expansion of the IoT also introduces new security concerns that need to be assessed. Assessing the security risks associated with deploying and using this technology is crucial. Consequently, organizations need a risk assessment framework that helps identify, evaluate, and manage the risks of IoT, including data privacy and confidentiality, system integrity, availability, and performance. The stateof- the-art has been given significant attention to security risk assessment in traditional cybersecurity with powerful computer systems, but the challenges of deploying IoT devices and their associated vulnerabilities have been overlooked. In this thesis, we first present a novel IoT security risk assessment framework for the healthcare environment, in which we have improved upon existing methodologies. The proposed framework dynamically calculates the risk score for different device profiles, considering their population and other parameters, such as network protocols, device heterogeneity, device security updates, device physical security status, device history status, layer history status, and device criticality. Second, we present a customizable framework for assessing the security risk of deploying and utilizing IoT devices in various environments. We dynamically calculate risk scores for different devices, considering their importance to the system and their vulnerabilities, among other parameters. The customizable framework considers the important parameters of the devices, their vulnerabilities, and how they impact the overall risk assessment. The importance of these devices and the severity of vulnerabilities are incorporated in the framework using the well-known Multi-Attribute Decision Making (MADM) methods, namely, Simple Additive Weighting (SAW) and Weighting Product (WP). Finally, the risk is assessed on a setup comprised of IoT devices widely deployed in healthcare systems, such as emergency rooms.
  • Thumbnail Image
    ItemOpen Access
    Adaptive systems for DDoS attacks detection and mitigation in IoT networks
    (Faculty of Graduate Studies and Research, University of Regina, 2025-01) Saiyed, Makhdumabanu Farukali; Al-Anbagi, Irfan; Bais, Abdul; Laforge, Paul; Louafi, Habib; Karimipour, Hadis
    The rapid growth of IoT devices has revolutionized industries while exposing IoT networks to cybersecurity threats, particularly DDoS attacks, which compromise network stability. Traditional detection methods struggle to address the constraints of resource-limited environments, scalability, and the need for lightweight, optimized, and reliable systems. This thesis addresses these challenges through five objectives aimed at adaptive DDoS detection and mitigation systems for IoT networks, balancing accuracy, resource efficiency, and adaptability. The first objective focuses on developing a Flow and Unified Information-based DDoS detection system (FLUID) for small-scale IoT networks, enabling DDoS detection with minimal computational overhead. The FLUID system uses flow metrics and unified information measures, to detects both high and low-volume attacks while optimizing resource use. The second objective introduces a system with novel hybrid feature selection to enhance detection accuracy in medium-scale IoT networks. By combining Genetic Algorithm and t-test for DDoS Attack Detection (GADAD), this system improves feature selection efficiency and supporting binary and multiclass classification. For large-scale networks, the third objective is the design of a Deep Ensemble Learning with Pruning (DEEPShield) system that integrates CNN and LSTM architectures, optimized through post-training pruning and a novel preprocessing method. This system achieves high detection accuracy with low resource demand, suitable for resource-constrained IoT environments. The fourth objective focuses on optimizing deep learning-based detection systems to enhance resource efficiency and explainability using the OMEGA, ADEPT, and SHIELD systems. The Optimized Ensemble Learning with Pruning (OMEGA) and Interactive and Explainable Optimized Learning (ADEPT) systems apply techniques like genetic algorithms and differential evolution for resource efficiency. The SHAP-Based Explanation and Lightweight DDoS Attack Detection (SHIELD) system uses SHapley Additive exPlanations (SHAP) for interpretability of individual predictions. The final objective addresses adaptive mitigation through a Game-Theoretic DDoS Defense Strategy Model (GT-DDSM) that dynamically adjusts defense strategies based on attack intensity. These systems are evaluated on metrics such as accuracy, precision, recall, F1-score, and scalability, while optimization efficiency is assessed by preprocessing time, inference speed, memory usage, and model size. Explainability is assessed through SHAP and priority assessment values, while mitigation effectiveness is measured by gradients, cumulative payoff, mitigation time, resource utilization, and network QoS parameters.
  • Thumbnail Image
    ItemOpen Access
    Machine learning-based models for failure prediction and propagation in smart grid systems
    (Faculty of Graduate Studies and Research, University of Regina, 2024-09) Salehpour, Ali; Al-Anbagi, Irfan; Bais, Abdul; Wang, Zhanle (Gerald); Yow, Kin-Choong; Louafi, Habib; Ameli, Amir
    The smart grid connects components of power systems and communication networks in an interdependent two-way system that supplies or receives electricity to or from prosumers and collects data that enables it to react to usage levels and interference from threats, such as cyber-attacks. Cascading failures resulting from cyberattacks are one of the main concerns in smart grid systems. The use of artificial intelligence (AI)-based algorithms has become more relevant in identifying and forecasting such cascading failures. However, existing models that study the propagation of cascading failures either omit the impact of the communication network or power characteristics on the propagation process. To address this gap, in this thesis, we propose a set of novel cyber-attack failure propagation models in smart grids. First, our realistic failure propagation (RFProp) model addresses the system’s heterogeneity by assigning different roles to its components. We define rules and interdependencies for failure propagation and propose a new model for studying cascading failures. In addition, the RFProp graph-based model identifies the most vulnerable nodes and implements power flow analysis to guarantee that all transmission lines work below capacity and remove lines exceeding capacity. Our results establish that by considering both power and communication characteristics and interdependencies, cascading failures are modeled more accurately. In the second step, we propose a novel earlystage failure prediction (ESFP) model based on supervised machine learning (ML) algorithms. We use the RFProp model to generate a dataset for training these algorithms and predicting the state of a system’s components after a failure propagates in that system. Using the ESFP model, we predict failures of all of a system’s elements in the early stages of failure propagation. We use the XGBoost algorithm and consider the features of both the power and communication networks that provide high accuracy in the prediction process for failures. We also identify the location of the initial failures, as this allows for further protection plans and decisions. In the third step, we use the real-time digital simulator (RTDS) to develop a real-time early-stage failure prediction (RESP) model that simulates the power system in real time and makes it more realistic. We evaluate the RESP model’s effectiveness using the IEEE 14-bus system, which results in the XGBoost algorithm achieving a high accuracy in predicting attacks and with a lower testing time. Finally, we introduce a real-time attack prediction (RTAP) model based on a real-time testbed designed to examine the impact of cyber-attacks on smart grid systems. We utilize real-time simulators, including RTDS and network simulator 3 (NS3) to emulate the behavior of power and communication networks. Using this model, we employ various ML algorithms to detect cyber-attacks. We evaluate the effectiveness of the proposed model using an IEEE 14-bus test case, demonstrating high accuracy and efficient testing time.
  • Thumbnail Image
    ItemOpen Access
    Secure and scalable blockchain mechanisms for IoT applications
    (Faculty of Graduate Studies and Research, University of Regina, 2025-01) Pathak, Aditya Kalpesh; Al-Anbagi, Irfan; Laforge, Paul; Paranjape, Raman; Hamilton, Howard; Stakhanova, Natalia
    Integrating blockchain with IoT ensures secure, transparent data exchange through immutability and consensus mechanisms, preventing data tampering. However, the increasing number of IoT devices raises risks like unauthorized access and network attacks. Blockchain scalability issues also affect throughput and latency, challenging real-time IoT applications. This thesis addresses these challenges through four contributions that aim to improve the security, scalability, and efficiency of blockchainbased IoT networks, balancing security with performance needs. Our first contribution is to develop an end-to-end security mechanism for IoT networks, called the trust-based ABAC mechanism for IoT networks (TABI). TABI integrates edge computing and blockchain technology to mitigate risks from malicious devices and offload computational tasks to edge layers. It operates on Hyperledger Fabric (HLF), a permissioned blockchain that enhances throughput and latency through its executeorder- validate architecture. Our second objective is to provide scalability within blockchain-based IoT networks using a sidechain-based trust and access control system, named sidechain-based trust and access control mechanism for IoT networks (SATI). By distributing trust evaluation and access control operations across a separate blockchain or sidechain, SATI improves the scalability of IoT networks. We implement a cross-chain transfer mechanism to ensure communication between the sidechain and the mainchain, thus overcoming a fundamental limitation of traditional blockchain architectures. Our third contribution is to improve the security of the IoT network by introducing a Zero-Knowledge Proof-based Mutual Authentication (ZPMA) mechanism, a privacy-preserving mutual authentication mechanism. Utilizing Zero-Knowledge Proofs (ZKP) based on the quadratic residue technique, Z-PMA ensures secure and private mutual authentication between edge devices and IoT devices. We also implement an incentive mechanism to select additional authenticators from the base station layer to reduce authentication latency and support the demands of low-latency IoT networks. Our fourth contribution is to detect and resolve conflicting transactions in HLF-based IoT networks at an early stage, known as the early-stage conflict transaction resolution (ECR) mechanism. ECR identifies and resolves conflicting transactions at an early stage using a local cache at the endorsement phase of the HLF transaction processing. Additionally, ECR uses dependency model and an efficient reordering process to distribute transactions in a way that minimizes conflicts. This mechanism enhances the performance of HLF-based IoT networks by reducing the impact of conflicting transactions, ultimately improving throughput and latency.