Skip Ribbon Commands
Skip to main content
Sign In

    Previous Projects



    PIs: Dr. Nader Meskin

    Co-PI:Dr. Devrim Unal, Dr. Kash Khorasani

    Duration: January 2018-April 2021

    Funding agency: QNRF

    Collaborating institutes: Concordia University, Emerson Process Management Company, Siemens

    Abstract:

    Recent technological advances in control, computing and communications have generated intense interest in development of new generation of highly interconnected ad sensor rich systems for variety of engineering applications. These complex systems are becoming more distributed and computer networked that have necessitated development of novel monitoring, diagnostics, and distributed control technologies. Due to major breakthroughs in software and cyber engineering technologies, due to major breakthroughs in software and cyber engineering technologies, embedded systems are increasingly being utilized in domains ranging from aerospace and next generation transportation systems, to process and automation systems, to smart grid and smart cities, to healthcare systems and broadly speaking to what is nown as critical cyber physical systems (CPS) infrastructure. On the other hand, the envisaged complex CPS infrastructure do more than ever require development of novel and proactive security technologies, as these systems are continuously being targeted by attacks and intrusions, by intelligent adversaries. The adversaries are capable of attacking core control systems that are employed in all key CPS infrastructures. These scenarios do not exist and are not possible for similar to security challenges that are presenting traditional IT systems. For CPS, security issues survivability and survivable monitoring (which goes well beyond conventional reliability problems that only deal with system induced random failures), attack diagnosis as well as resilient fault tolerance and recovery fault technologies are strongly interrelated to one another (this is justified by considering and treating the intrusion and attacking signals as similar to fault signals). The overall objective is to innovatively address critical aspects of CPS security with special emphasis on developing and implementing novel attack diagnostics and survivable fault tolerance and resilient control recovery strategies. Our proactive design framework will allow one to construct solutions that improve survivability and resiliency of nationally strategic safety critical and vital systems. The envisaged intelligent and smart CPS and ICS systems will drive innovation and computation in number of other related industrial sectors that are indicated above.

    Project Number: QNRF [NPRP10-1203-160008]

    PIs: Dr.Adel Gastli

    Co-PI: Dr.Devrim Unal (KINDI Computing Research Center), Dr.Ridha Hamila , Dr. Serkan Kiranyaz, Dr.Abdrabo Soliman, Dr. Omar Ellabban (IBERDROLA QSTP LLC)

    Consultants: Mr. Majed Al-Shammari- KAHRAMAA

    Duration: 23 Jan 2018 - 08 Apr 2021

    Funding agency: QNRF

    Collaborating institutes: IBERDROLA QSTP LLC

    Abstract:

    In this project, we propose a new Energy Management System (EMS) for greener schools in Qatar. The proposed model architecture aims at providing a new perspective for automatic and intelligent management of electricity distribution networks integrating green energy (e.g. solar energy) and enabling secure and reliable ICT within the future Qatar Smart Grid infrastructure. School buildings are selected because they house current and future generations of citizens who will be educated on green technologies and behaviors. This project provides participating schools with the resources and communications support they need to educate their students and staff community on renewable energy and energy efficiency best practices. The technical part of project tackles both hardware and software approaches for intelligent monitoring, benchmarking and controlling of the energy production and consumption by selected schools. Artificial intelligence is applied for monitoring and displaying, benchmarking and controlling the energy usage. Device-to-device as well as Internet-of-Things (IoT) communication frameworks and protocols will be considered and further developed, enabling better system security, reliability, flexibility, and expandability. Due to their specific occupants, activities and occupancy pattern, schools require special attention on energy monitoring and building energy management system, since, indoor environmental quality (IEQ) are more important than energy efficiency issues. Students' comfort in schools is principally determined by three factors: thermal comfort, visual comfort, and indoor air quality comfort, which are typically controlled through heating, ventilation and air conditioning (HVAC) system and lighting system. However, sustaining high comfortable indoor environment always leads to extreme energy consumption. Moreover, if the school includes local renewable energy generation facility to be more environment friendly, maximizing this renewable energy is an additional objective. In most of multi-objective optimization problems, usually the objectives are in conflict with each other and a set of trade-off solutions representing the best possible compromises among the different objectives can be found. Therefore, an intelligent multi-zone multi-objective school energy management system will be developed with a multi-objective optimization technique. Furthermore, an accurate and fair benchmarking system is developed, which allows the classifications and ranking of different participating schools based on well-defined key performance indicators. Given the heterogeneity of the sensing, controlling and communication components involved in this project, the security framework is based on a lightweight Elliptic Curve Cryptography (ECC) Key Policy Attribute Based Encryption Scheme, which guarantees both the security and the privacy of the data from its early acquisition (secure sensing), throughout the different communication channels (secure communications), to the final phases of processing and acting (secure processing).This is tackled to overcome challenges related to resource-constrained IoT devices that collect sensor data over time. The communication topology is a mesh communication network enabling a flexible self-forming and organizing network of all member IoT devices that are not necessarily within range of the service provider (i.e. the access point). Schools can provide hands-on experience for their students by involving them in responsible use of energy to understand how everyday actions impact on the environment so their attitude to other environmental issues becomes more positive. Despite some research attempting to place children at the central stage, there is a struggle to provide rich and valid quantitative and qualitative understanding of children’s roles in energy behavior in Qatar. Furthermore, this issue of children’s’ knowledge and behavior regarding saving energy is common to Qatar, which has one of the largest energy consumption per capita in the world). The ‘Qatar National Vision 2030’ emphasizes the importance of increasing awareness of protecting the country’s environment. However, psychological research is required to further understand and establish the key cognitive factors influencing children’s barriers to energy behavior. Therefore, part of this project focuses on how to increase energy saving awareness, attitudes and behaviors in Qatari primary and secondary schools. Researching this topic will stimulate a better understanding of Qatari children’s’ and adolescents’ attitudes, knowledge and behavior towards saving energy and environmental issues. Both National utility (KAHRAMAA) and selected world-class multinational utilities (IBERDROLA) are involved to grant the necessary short and long-term interrelations and support. For instance, IBERDROLA and KAHRAMAA agreed to this collaboration, by co-funding (in cash and in kind) this project and supplying experts and engineers to support the researchers during the whole project and beyond.

    Project Number: NPRP10 -0125-170250

    Cycle: 10

    PIs: Dr. Devrim Unal

    Co-PI: Abdullatif Shikfa (KINDI), Ray Jain (WUSTL), Abdulla Al-Ali (QU)

    Duration: Jun 2018 - Dec 2021

    Funding agency: QNRF

    Collaborating institutes: University of Washington, St. Louis (WUSTL)

    Abstract:

    This project aims at designing and implementing a comprehensive framework for hardening the security and privacy of healthcare data acquired by Internet of Things (IoT) devices. This project is the result of an international collaboration involving both academia (Qatar University and Washington University in Saint Louis, USA) and the local industry (Hamad Medical Corporation Ambulance Service, HMCAS). It is believed that IoT would prove to be disruptive for modern healthcare. Indeed, It has the potential of saving crucial minutes in the diagnosis and treatment of critical, hospitalized or ambulance bound patients, which could mean the difference between life and death or severe disability and return to health. Besides wireless devices, IoT in healthcare will increasingly rely on cloud technology for vast storage and analytics. Moreover, with the ubiquitous deployment of healthcare networks driven by IoT, the healthcare professionals can then look forward to improved outcomes, lower costs and increased access to healthcare. Cyber security would be a key issue in the highly connected healthcare. In 2015, healthcare was the most attacked industry with 90% of hospitals reporting being targeted by cyber-criminals in the last two years. As the use of wireless technology grows, so would the risk of malicious intrusions and information thefts. A case in point would be a cyber-extortion scenario. Given Qatari population's propensity to cardiovascular diseases, by introducing malicious code into the devices of seriously ill cardiovascular patients, a cyber-extortionist can threaten to kill them and demand ransom from the concerned hospital. We propose to follow an innovative multi-pronged strategy consisting of physical layer security, cryptographic techniques, and deep learning cyber-security solutions. Both the data at rest and data in motion would be strongly protected. Attack and anomaly detections must consider hundreds of indicators and interaction patterns across thousands of sensors and servers on a continuous basis. This big data is multidimensional and complex with patterns that are not evident with traditional analysis. Despite being potentially revolutionary, the main hindrance in the adoption of IoT innovations in healthcare is related to cyber-security issues. Distributed deep learning on IoT, edge and core clouds coupled with the innovative physical layer security at the devices is a novel effort that would tilt the balance in favor of benefits as against the risks of IoT in healthcare. Finally, this project will initiate a long-term collaboration with HMCAS to transfer cyber-security awareness in the healthcare system of Qatar. HMCAS personnel will have the opportunity to learn and apply cutting-edge cyber-security solutions and best practices significantly reducing the risk of cyber-security attacks to the Qatar healthcare system.

    Project Number: NPRP 8-531-1-111

    Cycle: 8

    PIs: Khaled Khan (LPI), Noora Fetais (PI), DongSeung Kim (PI) Co-PI:

    Duration: Jun 2015 - Jun 2018

    Funding agency: QNRF

    Collaborating institutes: University of Canterbury, New Zealand

    Abstract:

    In order to ensure the security of cloud computing, the first step is to assess and understand the effectiveness of existing cloud security controls and architectures. A major issue in the development of resilient and secure cloud computing is the lack of well-established security metrics, attack models, and security risk assessment methodologies which are necessary to determine the effectiveness of security mechanisms and protocols, assess the impact of combined vulnerabilities, and to enhance the security based on these analyses. The overall objective of this research is to address aforementioned challenges by developing novel attack and defense modeling methods, security metrics, and ultimately incorporate these methods, models and metrics together in a security risk assessment framework and tool. The framework and tool will enable security decision makers of organizations to assess the security risk of cloud computing in a scalable and adaptive manner more efficiently and effectively to the existing methods. To achieve the objective of this research, we attempt to develop: (i) a security assessment framework of cloud computing under cyber threats and security controls, via well-defined security models, metrics and measurement, (ii) novel defense mechanisms (e.g., moving target defenses in software defined networks) to dramatically enhance the security of cloud computing to known/unknown cyber threats, and (iii) a user friendly security risk assessment tool to analyze and visualize security posture of cloud computing systems. This tool is expected to aid security decision makers to assess the security risk of cloud computing, and to formulate the best security controls, practices, and guidelines to any organizations using cloud computing.

    Project Number: NPRP 8-1474-2-626

    Cycle: 8

    PIs: Lead-Pi: Dr. Ryan Riley, PI: Dr. Dmitry Ponomatev, PI: Dr. Nael Abu-Ghazaleh Co-PI:

    Duration: Jun 2015 - Jun 2018

    Funding agency: QNRF

    Collaborating institutes: Binghamton University, University of California Riverside

    Abstract:

    Secure operation of computer systems traditionally hinges on the trustworthiness of system software layers, such as operating system kernels and virtual machine monitors. However, recent trends show the growing number of vulnerabilities in these software layers, and the increasing willingness and capabilities of the attackers to exploit these vulnerabilities in order to compromise the system software. This work investigates hardware-software architectures for protecting critical application secrets in the presence of compromised system software layers. Specifically, our investigations will center around two approaches: 1) hardening memory access control mechanisms and decoupling them from the resource management, and 2) supporting isolated execution environments for storing and manipulating secrets.

    Project Number: NPRP8-2158-1-423

    Cycle: 8

    PIs: Yongge Wang (LPI), Yvo Desmedt (PI), and Yuliang Zheng (PI) Co-PI: Qutaibah Malluhi

    Duration: Jun 2015 - Jun 2018

    Funding agency: QNRF

    Collaborating institutes: UT Dallas (USA) and UNC Charlotte (USA)

    Abstract:

    Cloud data storage systems have different architectures than traditional storage systems for computing devices. The reliability of traditional computing storage systems focuses on reducing the number of permanent disk and storage system failures (or APR - annual replacement rate, which is normally between (2% to 4%). On the other hand,the most critical operations for improving cloud file system performance are: recovery from correlated burst failures and degraded reads to temporarily unavailable data. When data is temporarily unavailable, data reads become degraded because unavailable data needs to be reconstructed from available data using erasure codes. To improve the performance of degraded reads, it is important to lower I/O costs in erasure-coded systems (i.e., to reduce the number of disks that one has to read in order to recover the unavailable data).This is equivalent to reducing the nonzero elements in the parity check matrix (equivalently, the generator matrix) of the underlying erasure codes. In order to address the challenge of recovery from correlated burst failures, it is necessary to use erasure codes that tolerate more faults. The first innovation of this project will focus on the innovative coding techniques that will lead to significant efficiencies and reliability in current distributed cloud storage systems. These techniques address the challenges in cloud storage systems by improving the performance of degraded reads (via reducing I/O costs in erasure-coded systems) and by improving the capability of recovery from correlated burst failures (via tolerating more errors in erasure-coded systems). Due to the distributed architecture of cloud storage systems, federal governments, business users, and individual users feel strongly uncomfortable for storing their data (such as tax records or business critical data) in cloud servers since the actual server could be located in other countries such as India. Thus government agencies and corporate users start to require that their data must remain within their geographic control. The second innovation of this project is to develop fundamentally new schemes for privacy preserving XaaS (anything as a Service) for cloud computing environments. The proposed technologies will give a complete solution to address cloud computing privacy challenges and at the same time, to take the advantage and benefits that one could achieve by moving data to cloud platforms. Specifically, secret sharing based schemes and random linear codes based solutions will be developed for cloud data storage so that users could store their encrypted data in distributed cloud storage systems and remotely perform privacy preserving computations on their encrypted data in cloud without privacy concerns.

    Project Number: NPRP -EP- MRFA-NPRP X - 063 - 1 - 014

    Cycle: 0

    PIs: Qutaibah Malluhi (Lead at Qatar University), A. Erbad, K.Khan, R. Riley (Qatar University), M. Atallah and C. Clifton (Purdue University)

    Co-PI:

    Duration: Mar 2016 - Mar 2018

    Funding agency: Qatar National Research Fund

    Collaborating institutes: Purdue University

    Abstract:

    This project aims to develop a new secure computer model called the Garbled Computer (GC). An adversary observing the computations of a GC learns nothing about what it is doing, what data it is operating on (whether inputs or intermediate values), and the outputs it is producing. The GC achieves, using a single general approach, the multiple goals of software obfuscation, tamper proofing, data confidentiality and data integrity. The GC enables execution, on untrusted platforms, of trusted and confidential code whose inputs and outputs are sensitive. For example, it can enable the utilization of Amazon cloud services without revealing to Amazon the nature of the computation or the data, and without requiring Amazon to change the operation of its cloud services (i.e., use standard off-the-shelf services).

    Project Number: NPRP 09 - 256- 1-046

    Cycle: 3

    PIs: Dr. Chris Clifton

    Co-PI: Prof. Qutaibah Malluhi

    Duration: Nov 2010 - Oct 2013

    Funding agency: QNRF

    Collaborating institutes: Purdue University

    Abstract:

    Cloud computing, and in particular outsourcing of data management, is of growing interest. The benefits of sharing computing resources, and co-locating computing resources and energy sources, include reduced personnel cost, sharing cost of peak load provisioning, etc. Outsourcing data management can also enable intellectual value added to clients from analysis of their data. Significant knowledge can be gained from aggregation and analysis of data from a variety of sources. Unfortunately, this also increases potential for misuse of data, raising privacy and security concerns. Privacy regulations on trans-border transport of data can prevent such outsourcing. This project will develop techniques and a proof-of-concept prototype for managing data in the cloud that encrypts the link between identifying information and sensitive values, ensuring that individually identifiable sensitive information is only known to the client. As most privacy laws apply only to individually identifiable information, this leaves the cloud datacenter free of privacy regulations and prevents misuse of the data to harm the individual. This could significantly expand the trans-border market for cloud datacenters. Key technical challenges to be addressed include parameterizing anonymity metrics to meet legal standards, query processing techniques supporting partially encrypted data, analysis techniques for data partially encrypted to meet privacy rules, and distributed and parallel processing.

    Project Number: NPRP 4- 1454 - 1- 233

    Cycle: 4

    PIs: Prof. Qutaibah Malluhi Co-PI: Dr. Umit Catalyurek

    Duration: Apr 2012 - Mar 2015

    Funding agency: QNRF

    Collaborating institutes: Nile University and Ohio State University

    Abstract:

    In recent years, two revolutionary paradigms have emerged: one in life science and one in computer science. In life science, the newly available Next Generation Sequencing (NGS) technology is providing low-cost high throughput methods for determining the nucleotide sequence of whole genomes. In computer science, the cloud computing paradigm is providing means by which computational resources needed for compute intensive jobs can be acquired on-demand on pay-per-use basis. However, current cloud systems can effectively support neither management and process of large datasets nor parallel applications that require high-bandwidth/low-latency networks or emerging accelerator architectures. In this project, we tackle this problem, and design and develop necessary cloud broker infrastructure, as well as efficient high performance parallelized algorithms for analysis of emerging NGS datasets to develop a complete solution for on-demand genome sequence analytics

    Project Number: NPRP 04- 1534- 1- 247

    Cycle: 4

    PIs: Prof. Qutaibah Malluhi

    Co-PI: Dr. Walid Aref

    Duration: Apr 2012 - Mar 2015

    Funding agency: QNRF

    Collaborating institutes: Purdue University

    Abstract:

    Dealing with large data is no longer the exclusive domain of big labs. Recent technological innovations have greatly increased the rate at which scientific data is collected, and have made scientific data easily accessible to small teams of scientists. However, the cost of storing, analyzing, and sharing data, as well as maintaining the needed infrastructure are too high for small labs to bear. Cloud computing comes handy as it reliefs small labs from the software and hardware maintenance as well as provides massive computing and storage capabilities as needed without the associated overheads. We propose to develop and deploy a cloud-enabled administration-free scientific data manager and collaboration environment. This will offer scientific data management and analysis tools via easy-to-use cloud-based data and analysis workspaces that will enable scientists to tackle large scientific problems with the least IT overhead. The proposed system innovatively tackles key requirements of managing scientific data including provenance and annotation management, supporting dependencies involving user actions, and similarity-based query processing. This system will facilitate collaborations among scientists while guaranteeing the right levels of security and privacy of the scientists' data.

    Project Number: NPRP 09- 622-1-090

    Cycle: 3

    PIs: Prof. Qutaibah Malluhi

    Co-PI:

    Duration: Nov 2010 - Oct 2013

    Funding agency: QNRF

    Collaborating institutes: Purdue University

    Abstract:

    Cloud computing has grown to be one of the fastest growing segments of the IT industry. In such open distributed computing environments, security is of paramount concern. This project aims at developing techniques and tools for private and reliable outsourcing of compute-intensive tasks on cloud computing infrastructures. The project enables clients with limited processing capabilities to use the dynamic, costeffective and powerful cloud computing resources, while having guarantees that their confidential data, and the results of their computations, will not be compromised by untrusted cloud service providers. Moreover, the proposed methods enable carrying out cloud computations in a cheating-resilient manner, where the client can detect incorrect cloud computation answers with high probability. In the proposed techniques, the client would only do work which is linear in the size of its inputs, and the cloud bears all of the super-linear computational burden. Moreover, the cloud computational burden would have the same time complexity as the best known solution to the problem being outsourced. This prevents achieving secure outsourcing by placing a huge additional overhead on the cloud servers. These proposed techniques are even useful with trusted cloud servers, providing a "defense in depth" where any damage resulting from the compromise of a remote server is confined to that server's data and does not extend to the clients that use it.