QRST Queens university QRST

Selected Publications - QRST GROUP

  1. M. Elsayed and M, Zulkernine, “Offering Security Diagnosis as a Service for Cloud SaaS Applications,” Journal of Information Security and Applications, vol 44, pp. 32-48, Elsevier, February 2019.

  2. A. Anwar, T. Halabi, and M. Zulkernine, “'Cloud-based Sybil Attack Detection Scheme for Connected Vehicles, Proc. of the 3rd Cyber Security in Networking Conference (CSNet), Quito, Ecuador, October 2019.

  3. K. Lounis and M. Zulkernine, WPA3 Connection Deprivation Attacks", Proc. of the 14th International Conference on Risks and Security of Internet and Systems (CRISIS), Hammamet, Tunisia, November 2019.

  4. K. Lounis and M. Zulkernine, “Bluetooth Low Energy Makes Just Works Not Work,” Proc. of the 3rd Cyber Security in Networking Conference (CSNet), Quito, Ecuador, October 2019.

  5. L. Moukahal and M. Zulkernine, “Security Vulnerability Metrics for Connected Vehicles,” Proc. of the IEEE International Workshop on Automobile Software Security and Safety (A3S), Sofia, Bulgaria, July 2019.

  6. J. Wang, K. Lounis, and M. Zulkernine, “Identifying Security Features for Proximity Identification,” Proc. of the IEEE International Workshop on Security, Trust and Privacy for Software Applications (STPSA), Milwaukee, USA, July 2019.

  7. A. Faisal and M. Zulkernine, “Graphene: A Secure Cloud Communication Architecture,” Proc. of the International Workshop on Cloud Security and Privacy, LNCS, Bogota, Colombia, June 2019.

  8. J. Wang, K. Lounis, and M. Zulkernine, “CSKES: A Context-based Secure Keyless Entry System,” Proc. of the IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC), Milwaukee, USA, July 2019.

  9. T. Halabi and M. Zulkernine, “Reliability-driven Task Assignment in Vehicular Crowdsourcing: A Matching Game,” Proc. of the 5th International Workshop on Safety and Security of Intelligent Vehicles (SSIV), Portland, USA, June 2019.

  10. S. Iqbal, A. Haque, M. Zulkernine, “Towards a Security Architecture for Protecting Connected Vehicles from Malware,” Proc. of the IEEE 89th Vehicular Technology Conference: VTC2019-Spring, Kuala Lampur, Malaysia, May 2019.

  11. T. Halabi and M Zulkernine, “Trust-based Cooperative Game Model for Secure Collaboration in the Internet of Vehicles,” The IEEE International Conference on Communications (ICC, Communication and Information Systems Security Symposium), Shanghai, China, May 2019. (Acceptance rate 39%)

  12. M. Alam, S. Iqbal, M. Zulkernine, and C. Liem, “Securing Vehicle ECU Communications and Protecting ECU Data Using Blockchain,” The IEEE International Conference on Communications (ICC Communication and Information Systems Security Symposium) Shanghai, China, May 2019. (Acceptance rate 39%)

  13. E. AbdAllah, M. Zulkernine, and H. Hassanein, “Preventing Unauthorized Access in Information Centric Networking,” Journal of Security and Privacy, vol. 1, issue 4, pp. 1-13, Willey, July 2018.

  14. E. AbdAllah, M. Zulkernine, and H. Hassanein, “DADI: Defending Against DDoS in ICN Routing and Caching,” Journal of Security and Privacy, vol. 1, issue 2, pp. 1-17, Willey, March 2018.

  15. M. Elsayed, M. Zulkernine, “A Taxonomy of Security as a Service,” Proc. of the 8th International Symposium on Secure Virtual Infrastructures: Cloud & Trusted Computing, LNCS, vol. 11230, pp. 305-312, Malta, October 2018. (Acceptance rate 34%)

  16. K. Lounis, M. Zulkernine, “Connection Dumping Vulnerability Affecting Bluetooth Availability", Proc. of the 13th International Conference on Risks and Security of Internet and Systems (CRISIS), Springer, France, October 2018.

  17. S. Iqbal, M. Zulkernine, “SpyDroid: A Framework for Employing Multiple Real-Time Malware Detectors on Android", Proc. of the IEEE Conference on Malicious & Unwanted Software (MALCON), USA, October 2018.

  18. M. A. Alswailim, H.S. Hassanein, M. Zulkernine, “A Context-Aware Privacy Scheme for Crisis Situations”, Proc. of The IEEE Global Communications Conference (GLOBECOM), UAE, Dec 2018. (Acceptance rate 38%)

  19. B. Alam, M. Zulkernine, A. Haque, “CREM: A Cloud Reliability Evaluation Model”, Proc. of the IEEE Global Communications Conference (GLOBECOM), UAE, December 2018. (Acceptance rate 38%)

  20. J. Wan, M. Zulkernine, and C. Liem, “A Dynamic App Anti-Debugging Approach on Android ART Runtime”, Proc. of the 3rd Cyber Science and Technology Congress (CyberSciTech2018), pp. 560-567, Athens, Greece, IEEE, August 2018. (Acceptance rate 39%)

  21. E. AbdAllah, M. Zulkernine, and H. S. Hassanein, “A Security Framework for ICN Traffic Management”, Proc. of the 3rd Cyber Science and Technology Congress (CyberSciTech2018), pp. 78-85, Athens, Greece, IEEE, August 2018. (Acceptance rate 30%)

  22. A. Anis, M. Zulkernine, S. Iqbal, C. Liem, and C. Chambers, “Securing web applications with secure coding practices and integrity verification”, Proc. of the Conference on Dependable, Autonomic and Secure Computing (DASC), pp. 618-625, Athens, Greece, IEEE, August 2018. (Acceptance rate 39%)

  23. M. Elsayed and M. Zulkernine, “Integrating Security in Cloud Application Development Cycle”, Proc. of the 4th International Conference on Software Security and Assurance (ICSSA), Seoul, Korea, IEEE, July 2018. (Best Paper Award)

  24. O. Hreirati, S. Iqbal, and M. Zulkernine, “An Adaptive Dataset for the Evaluation of Android Malware Detection Techniques,” Proc. of the 4th International Conference on Software Security and Assurance (ICSSA), IEEE, July 2018.

  25. M. Elsayed and M. Zulkernine, “Towards Security Monitoring for Cloud Analytic Applications,” Proc. of the 4th IEEE International Conference on Big Data Security on Cloud (BigDataSecurity), Omaha, USA, May 2018. (Best Paper Award)

  26. J. Wan, M. Zulkernine, P. Eisen, and C. Liem, "Defending Application Cache Integrity of Android Runtime," Proc. of the 13th International Conference on Information Security Practice and Experience (ISPEC), Melbourne, Australia, December 2017. (Acceptance rate 33%)

  27. B. Alam, M. Zulkernine, and A. Haque, “A Reliability-Based Resource Allocation Approach for Cloud Computing,” Proc. of the IEEE International Symposium on Cloud and Services Computing, pp. 249-252, Kanazawa, Japan, November 2017.

  28. M. Iqbal and M. Zulkernine, “Droid Mood Swing (DMS): Automatic Security Modes Based on the Context,", Proc. of the 20th Information Security Conference (ISC), pp. 329-347, Ho Chi Minh City, Vietnam, November 2017. (Acceptance rate 25.7%).

  29. M. Alswailim, M. Zulkernine, and H. Hassanein, “A Participant Contribution Trust Scheme for Crisis Response Systems,” Proc. of the the IEEE GLOBECOM, Singapore, December 2017.

  30. A. Alvi and M. Zulkernine, "Security Pattern Detection Using Ordered Matrix Matching," Proc. of the IEEE International Conference on Software Security and Assurance (ICSSA), Altoona, Pennsylvania, USA, July 2017.

  31. M. Davari and M. Zulkernine, “An Automatic Software Vulnerability Classification Framework,” Proc. of the IEEE International Conference on Software Security and Assurance (ICSSA), Altoona, Pennsylvania, USA, July 2017.

  32. M. Hasan, T. Dean, F. Imam, F. Garcia, S. Leblanc and M. Zulkernine, “A Constraint-based Intrusion Detection System,” Proc. of the 5th European Conference on the Engineering of Computer Based Systems (ECBS), Cyprus, August 2017.

  33. E. AbdAllah, M. Zulkernine, Y. Gu, and C. Liem, "Towards Defending Connected Vehicles Against Attacks," Proc. of the 5th European Conference on the Engineering of Computer Based Systems (ECBS), Cyprus, August 2017.

  34. S. Shafieian, D. Smith, M. Zulkernine, "Detecting DNS Tunneling Using Ensemble Learning", Proc. of the 11th International Conference on Network and System Security (NSS), Helsinki, Finland, August, 2017. (Acceptance rate 28.9%).

  35. E. AbdAllah, M. Zulkernine, Y. Gu, and C. Liem, "TRUST-CAP: A Trust Model for Cloud-based Applications," Proc. of the 7th IEEE International COMPSAC Workshop on Network Technologies for Security, Administration and Protection (NETSAP), Turin, Italy, July 2017.

  36. M. Iqbal, M. Zulkernine, F. Jaafar, and Y. Gu, "Protecting Internet Users from Becoming Victimized Attackers of Click-fraud", Journal of Software: Evolution and Process, Willey, 2017.

  37. M. Iqbal and M. Zulkernine, “Flamingo: A framework for smartphone security context management", Proc. of the 32nd ACM Symposium on Applied Computing (ACM SAC), pp. 563-568, Morocco, April 2017.

  38. M. Hasan, A. ElShakankiry, T. Dean, and M. Zulkernine, “Intrusion Detection in a Private Network by Satisfying Constraints”, Proc. of the 14th Annual Conference on Privacy, Security and Trust (PST), pp. 623-628, Auckland, New Zealand, IEEE, December 2016.

  39. M. Davari and M. Zulkernine, “Analysing Vulnerability Reproducibility for Firefox Browser”, Proc. of the 14th Annual Conference on Privacy, Security and Trust (PST), pp. 674-681, Auckland, New Zealand, IEEE, December 2016.

  40. M. Alswailim, M. Zulkernine, and H. Hassanein, “A Reputation System to Evaluate Participants for Participatory Sensing,” Proc. of the the IEEE GLOBECOM, Washington DC, USA, December 2016.

  41. M. Iqbal and M. Zulkernine, “'ZoneDroid: Control Your Droid Through Application Zoning," Proc. of the 11th International Conference on Malicious and Unwanted Software (MALCON), pp. 113-120, Puerto Rico, USA, October 2016.

  42. M. Elsayed and M. Zulkernine, “IFCaaS: Information Flow Control as a Service for Cloud Security,” Proc. of the International Conference on Availability, Reliability and Security (AReS), pp. 211-216, IEEE CS, Salzburg, Austria, August 2016.

  43. E. AbdAllah, M. Zulkernine, and H. Hassanein, “DACPI: A Decentralized Access Control Protocol for Information Centric Networking,” Proc. of the IEEE ICC 2016 Communication and Information Systems Security Symposium, pp. 1-6, Kuala Lumpur, Malaysia, May 2016.

  44. M. Iqbal and M. Zulkernine, “SAM: A Secure Anti-Malware Framework for the Smartphone Operating Systems," Proc. of the IEEE Wireless Communications and Networking Conference (WCNC), pp. 1-6, Doha, Qatar, April 2016.

  45. S. Das and M. Zulkernine, “CLOUBEX: A Cloud-based Security Analysis Framework for Browser Extensions," Proc. of the 17th IEEE International Symposium on High Assurance System Engineering (HASE), pp. 268-275, Orlando, Florida, USA, January 2016.

  46. M. Iqbal, M. Zulkernine, F. Jaafar, and Y. Gu "FCFraud: Fighting Click-Fraud from User Side," Proc. of the 17th IEEE International Symposium on High Assurance System Engineering (HASE), pp. 157-164, Orlando, Florida, USA, January 2016.

  47. A. Khademi, M. Zulkernine, and K. Weldemariam, "Empirical Evaluation of Web-based Fingerprinting," Special issue on Security and Privacy on the Web, IEEE Software, vol. 32, no. 4, pp. 46-52, 2015.

  48. M. Elsayed and M. Zulkernine, “A Classification of Intrusion Detection Systems in the Cloud,” IPSJ Journal of Information Processing, vol. 23, no. 4, pp. 392-401, 2015.

  49. E. AbdAllah, H. Hassanein, and M. Zulkernine, "A Survey of Security Attacks in Information-Centric Networking", The IEEE Communications Surveys and Tutorials, vol 17, no. 3, pp. 1441-1454, 2015.

  50. M. Godfrey and M. Zulkernine "Preventing Side-Channel Attacks in a Cloud Environment," The IEEE Transactions on Cloud Computing, vol. 2, issue 4, pp. 395-408, December 2014.

  51. H. Shahriar, K. Weldemariam, M. Zulkernine, and T. Lutellierd, “Effective Detection of Vulnerable and Malicious Browser Extensions” Journal of Computers & Security, vol. 47, pp. 66-84, Elsevier Science, November 2014.

  52. M. Atef and M. Zulkernine, "Software Control Flow Error Detection and Correlation with System Performance Deviation,” Special issue on “Dependable and Secure Computing,” Journal of Computer and System Sciences, vol. 80, issue 5, pp. 953-972, Elsevier Science, August 2014.

  53. S. Shafieian, M. Zulkernine, and A. Haque, “Attacks in Public Clouds: Can They Hinder Rise of the Cloud?” in Z. Mahmood, Cloud Computing, Computer Communications and Networks, Springer, pp. 3-22, October 2014.

  54. E. AbdAllah, M. Zulkernine, and H. Hassanein, “Detection and Prevention of Malicious Requests in ICN Routing and Caching,” Proc. of the 13th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC-2015), Liverpool, UK, October 2015. (Best Paper Award)

  55. S. Shafieian, M. Zulkernine, and A. Haque, “CloudZombie: Launching and Detecting Slow-Read Distributed Denial of Service Attacks from the Cloud,” Proc. of the 13th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC-2015), Liverpool, UK, October 2015.

  56. A. Khademi, M. Zulkernine, and K. Weldemariam, "FPGuard: FPGuard: Detection and Prevention of Browser Fingerprinting," Proc. of the 29th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec), pp. 293-308, Fairfax, VA, USA, July 2015.

  57. H. Hashemi, M. Zulkernine, and K. Weldemariam, "TabsGuard: A Hybrid Approach to Detect and Prevent Tabnabbing Attacks," Proc. of the 9th International Conference on Risks and Security of Internet and Systems (CRiSIS), Trento, Italy, August 2014. (Acceptance rate 29%).

  58. E. AbdAllah, M. Zulkernine, and H. Hassanein, “Countermeasures for Mitigating ICN Routing Related DDoS Attacks,” Proc. of the 10th International Conference on Security and Privacy in Communication Networks (SecureComm), Beijing, China, September 2014.

  59. U. Khan and M. Zulkernine, “A Hybrid Monitoring of Software Design-Level Security Specifications,” Proc. of the 14th International Conference on Quality Software (QSIC), pp. 111-116, IEEE CS, Dallas Texas, USA, October 2014.

  60. M. Alswailim, M. Zulkernine, and H. Hassanein, “Classification of Participatory Sensing Privacy Schemes,” The 14th IEEE International Workshop on Wireless Local Networks (WLN), pp. 761-767, Edmonton, Canada, September 2014.

  61. H. Hashemi, M. Zulkernine, and K. Weldemariam, "TabsGuard: A Hybrid Approach to Detect and Prevent Tabnabbing Attacks," Proc. of the 9th International Conference on Risks and Security of Internet and Systems (CRiSIS), pp. 196-212, Trento, Italy, August 2014. (Acceptance rate 29%).
  62. D. Chaudhary, M. Zulkernine, and K. Weldemariam†, “FRanC: A Ranking Framework for the Prioritization of Software Maintenance,” Proc. of the 3rd IEEE Workshop on Information Assurance, pp 31-40, San Francisco, California, USA, July 2014.
  63. J. Marston, K. Weldemariam, M. Zulkernine, “Evaluating and Securing Firefox for Android Browser Extensions,” 1st ACM International Conference on Mobile Software Engineering and Systems (MobileSoft), pp. 27-36, Hyderabad, India, June 2014.
  64. M. Atef and M. Zulkernine, “Runtime Prediction of Failure Modes from System Error Logs," Proc. of the 18th IEEE International Conference on Engineering of Complex Computer Systems (ICECCS), pp. 232-241, Singapore, July 2013. (Acceptance rate 25%).
  65. B. Eshete, A. Villafiorita, K. Weldemariam, and M. Zulkernine, “EINSPECT: Evolution- Guided Analysis and Detection of Malicious Web Pages,” Proc. of the 37th Annual International Computer Software and Applications Conference (COMPSAC), pp. 375-380, Kyoto, Japan, July 2013.
  66. A. Barua, M. Zulkernine, and K. Weldemariam, “Protecting Web Browser Extensions from JavaScript Injection Attacks,” Proc. of the 18th IEEE International Conference on Engineering of Complex Computer Systems (ICECCS), pp. 188-197, Singapore, July 2013. (Acceptance rate 25%).
  67. H. Shahriar, K. Weldemariam, T. Lutellier, and M. Zulkernine, “A Model-Based Detection of Vulnerable and Malicious Browser Extensions,” Proc. of 7th Intl Conference on Software Security and Reliability (SERE), pp. 198-207, Washington, D.C., USA, June 2013. (Acceptance rate 30%).
  68. M. Godfrey and M. Zulkernine, “A Server-Side Solution to Cache-Based Side-Channel Attacks in the Cloud,” Proc.of the IEEE 6th International Conference on Cloud Computing (CLOUD), pp. 163-170, Santa Clara, USA, June 2013. (Acceptance rate 19%).
  69. B. Eshete, K. Weldemariam, A. Villafiorita, and M. Zulkernine, “Confeagle: Automated Analysis of Configuration Vulnerabilities in Web Applications,” Proc. of the 7th Intl Conf on Software Security and Reliability (SERE), pp. 188-197, Washington, D.C., USA, June 2013. (Acceptance rate 30%).
  70. U. Hunny, M. Zulkernine, and K. Weldemariam, "OSDC: Adapting ODC for Developing More Secure Software," Proc. of the 28th Annual ACM Symposium on Applied Computing (SAC): Software Engineering Track, pp. 1131-1136, Coimbra, Portugal, March 2013. (Acceptance rate 24%).
  71. L. Gutiérrez-Madroñal, H. Shahriar, M. Zulkernine, J. Domínguez-Jiménez, and I. Medina-Bulo, "Mutation Testing of Event Processing Queries," Proc. of the 23rd IEEE International Symposium on Software Reliability Engineering (ISSRE), pp. 21-30, Dallas, Texas, USA, November 2012. (Acceptance rate 30%)
  72. H. Shahriar and M. Zulkernine, "Information Theoretic Detection of SQL Injection Attacks," Proc. of the 14th IEEE International Symposium on High Assurance System Engineering (HASE), pp. 40-47, IEEE CS Press, Omaha, USA, October 2012. (Acceptance rate 43%)
  73. A. Alvi and M. Zulkernine, "A Comparative Study of Security Pattern Classifications," Proc. of the 6th International Workshop on Secure Software Engineering (SecSE), pp. 582-589, IEEE CS Press, Prague, Czech Republic, August 2012.
  74. H. Shahriar and M. Zulkernine, “Mitigating Program Security Vulnerabilities: Approaches and Challenges,” ACM Computing Surveys, ACM, Vol. 44, No. 3, Article 11, pp. 1-46, May 2012.
  75. H. Shahriar and M. Zulkernine, “Trustworthiness Testing of Phishing Websites: A Behavior Model-Based Approach,” , Special issue on “Trusting Software Behavior,” Journal of Future Generation of Computer Systems, Vol. 28, Issue 8, October 2012, pp. 1258-1271.
  76. M. Atef and M. Zulkernine, “A Control Flow Representation for Component-Based Software Reliability Analysis,” Proc. of the 6th IEEE International Conference on Software Security and Reliability (SERE), pp. 1-10, Washington DC, USA, June 2012. (Acceptance rate 30%)
  77. A. Mohsina and M. Zulkernine, “DESERVE: A Framework for Detecting Program Security Vulnerability Exploitations,” Proc. of the 6th IEEE International Conference on Software Security and Reliability (SERE), pp. 98-107, Washington DC, USA, June 2012. (Acceptance rate 30%)
  78. A Barua, H. Shahriar, and M. Zulkernine, “Server Side Detection of Content Sniffing Attacks,” Proc. of the 22nd IEEE International Symposium on Software Reliability Engineering (ISSRE), pp. 20-29, Hiroshima, Japan, November 2011. (Acceptance rate 25%)
  79. H. Shahriar and M. Zulkernine, “A Fuzzy Logic-based Buffer Overflow Vulnerability Auditor,” Proc. of the 9th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC2011), pp. 137-144, Sydney, Australia, December 2011. (Acceptance rate 35%, Best Paper Award)
  80. H. Shahriar and M. Zulkernine, “S2XS2: A Server Side Approach to Automatically Detect XSS Attacks,” Proc. of the 9th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC2011), pp. 7-14, Sydney, Australia, December 2011. (Acceptance rate 35%)
  81. M. Atef and M. Zulkernine, “A Connection-Based Signature Approach for Control Flow Error Detection,” Proc. of the 9th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC2011), pp. 129-136, Sydney, Australia, December 2011. (Acceptance rate 35%)
  82. A. Alvi and M. Zulkernine, “A Natural Classification Scheme for Software Security Patterns,” Proc. of the 9th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC2011), pp. 113-119, Sydney, Australia, December 2011. (Acceptance rate 35%)
  83. X. Young and M. Zulkernine, “Security Monitoring of Components Using Aspects and Contracts in Wrappers,” Proc. of the 35th Annual International Computer Software and Applications Conference (COMPSAC), pp. 566-575, IEEE CS, Munich, Germany, July 2011. (Acceptance rate 20%)
  84. H. Shahriar and M. Zulkernine, “Information Source-based Classification of Automatic Phishing Website Detectors,” Proc. of the 11th IEEE/IPSJ International Symposium on Applications and the Internet (SAINT), pp. 190-195, IEEE CS, Munich, Germany, July 2011.
  85. H. Shahriar and M. Zulkernine, “Injecting Comments to Detect JavaScript Code Injection Attacks,” Proc. of the 6th IEEE International Workshop on Security, Trust, and Privacy for Software Applications (STPSA), pp. 104-109,  IEEE CS, Munich, Germany, July 2011.
  86. U. Khan and M. Zulkernine, "Building Components with Embedded Security Monitors," Proceedings of the 2nd ACM SigSoft International Symposium on Architecting Critical Systems (ISARCS), Boulder, Colorado, USA, ACM Press, pp. 133-142, June 2011.
  87. I. Chowdhury and M. Zulkernine, “Using Complexity, Coupling, and Cohesion Metrics as Early Indicators of Vulnerabilities," Special Issue on "Security and Dependability Assurance of Software Architectures," Journal of Systems Architecture, vol. 57, issue 3, pp. 294-313, Elsevier Science, March 2011.
  88. H. Shahriar and M. Zulkernine, “Taxonomy and Classification of Automatic Monitoring of Program Security Vulnerability Exploitations,” Journal of Systems and Software, vol.84, issue 2, pp. 250-269, Elsevier Science, February 2011.
  89. H. Shahriar and M. Zulkernine, “Client-Side Detection of Cross-Site Request Forgery Attacks,” Proc. of the 21st IEEE International Symposium on Software Reliability Engineering (ISSRE), pp. 358-367, San Jose, CA, USA, November 2010. (Acceptance rate 32%)
  90. H. Shahriar and M. Zulkernine, “Monitoring Buffer Overflow Attacks: A Perennial Task,” International Journal of Secure Software Engineering (IJSSE), IGI Global, Vol. 1, Issue 3, pp. 18-40, July-September 2010.
  91. M. Atef and M. Zulkernine, “The Level of Decomposition Impact on Component Fault Tolerance,” Proc. of the Fifth Workshop on Quality Oriented Reuse of Software (QUROS), pp. 57-62, EEE CS Press, Seoul, Korea, July 2010.
  92. H. Shahriar and M. Zulkernine, “PhishTester: Automatic Testing of Phishing Attacks,” Proc. of the 4th IEEE International Conference on Secure System Integration and Reliability Improvement (SSIRI), pp. 198-207, IEEE CS Press, Singapore, June 2010. (Acceptance rate 33%)
  93. M. Atef and M. Zulkernine, “Architectural Design Decisions for Achieving Reliable Software Systems,” Proc. of the International Symposium on Architecting Critical Systems (ISARCS), Lecture Notes in Computer Science, vol. 6150, pp. 19-32, Prague, Czech Republic, June 2010.
  94. M. Atef and M. Zulkernine, “Failure Type-Aware Reliability Assessment with Component Failure Dependency,” Proc. of the 4th IEEE International Conference on Secure System Integration and Reliability Improvement (SSIRI), pp. 98-105, IEEE CS Press, Singapore, June 2010. (Acceptance rate 33%)
  95. H. Shahriar and M. Zulkernine, “Classification of Static Analysis-Based Buffer Overflow Detectors,” Proc. of the 1st International Workshop on Modeling Secure and Reliable Systems, pp. 94-101, IEEE CS Press, Singapore, June 2010.
  96. M. Atef and M. Zulkernine, “A Taxonomy of Software Architecture-Based Reliability Efforts,” Proc. of the Fifth ICSE Workshop on SHAring and Reusing architectural Knowledge (SHARK), pp. 44-51, ACM, Cape Town, South Africa, May 2010. (Acceptance rate 53%)
  97. I. Chowdhury and M. Zulkernine, “Can Complexity, Coupling, and Cohesion Metrics be Used as Early Indicators of Vulnerabilities?” Proc. of the 25th Annual ACM Symposium on Applied Computing (SAC): Computer Security Track, pp. 1963-1969, Sierre, Switzerland, March 2010.(Acceptance rate 15%)
  98. H. Shahriar and M. Zulkernine, “Classification of Automatic Monitors for Buffer Overflow Vulnerabilities,” Proc. of the 4th International Workshop on Secure Software Engineering (SecSE), pp. 519-524, IEEE CS Press, Krakow, Poland, February 2010.
  99.  H. Shahriar and M. Zulkernine, “Assessing Test Suites for Buffer Overflow Vulnerabilities,” International Journal of Software Engineering and Knowledge Engineering (IJSEKE), Special Issue on Security Engineering Practices & Methodology based on Software & Knowledge Engineering, vol. 20, issue 1, pp. 73-101, World Scientific. February, 2010.
  100. M. Zulkernine, M. Raihan, and M. Uddin, “Towards Model-Based Automatic Testing of Attack Scenarios,” Proc. of the 28th International Conference on Computer Safety, Reliability and Security (SAFECOMP), Lecture Notes in Computer Science, vol. 5775, pp. 229-242, Springer, Hamburg, Germany, September 2009. (Acceptance rate 34%)
  101. M. Atef and M. Zulkernine, “Quantifying Safety in Software Architectural Designs,” Proc. of the International Workshop on Design of Dependable Critical Systems (DDCS), pp. 68-75, Hamburg, Germany, September 2009.
  102. M. Uddin and M. Zulkernine, “A Trust Monitoring Architecture for Service-Based Software,” in J. Dong, R. Paul, and L. Zhang (editors), High Assurance Service Computing, pp. 45-64, Springer, 2009.
  103. U. Khan and M. Zulkernine, “Activity and Artifact Views of a Secure Software Development Process,” Proc. of the International Workshop on Software Security Process (SSP), pp. 399-404, IEEE, Vancouver, Canada, August 2009.
  104. X. Yang and M. Zulkernine, “Secure Method Calls by Instrumenting Bytecode with Aspects,” Proc. of the 23rd Annual IFIP WG Working Conference on Data and Applications Security, (DBSec ’09), Lecture Notes in Computer Science, vol. 5645, pp. 126-141, Springer, Montreal, Canada, July 2009. (Acceptance rate 26%)
  105. H. Shahriar and M. Zulkernine, “Automatic Testing of Program Security Vulnerabilities," Proc. of the 1st IEEE International Workshop on Test Automation, pp. 550-555, IEEE CS Press, Seattle, USA, July 2009.
  106. U. Khan and M. Zulkernine, “On Selecting Appropriate Development Processes and Requirements Engineering Methods for Secure Software,” Proc. of the 4th IEEE International Workshop on Privacy, Security, and Trust for Software Applications, pp. 353-358, IEEE CS Press, Seattle, USA, July 2009.
  107. H. Shahriar and M. Zulkernine, “MUTEC: Mutation-based Testing of Cross Site Scripting,” Proc. of the Fifth ICSE International Workshop on Software Engineering for Secure Systems (SESS), pp. 47-53, IEEE, Vancouver, Canada, May 2009. (Acceptance ratio 10/23)
  108. Z. Zhu and M. Zulkernine, “A Model-Based Aspect-Oriented Framework for Building Intrusion-Aware Software Systems,” Special Issue on Model Based Development for Secure Information Systems, Information and Software Technology Journal, vol. 51, issue 5, pp. 865-875, Elsevier Science, May 2009.
  109. M. Uddin and M. Zulkernine, “ATM: An Automatic Trust Monitoring Algorithm for Service Software,” Proc. of the 24th Annual ACM Symposium on Applied Computing (SAC): Dependable and Adaptive Distributed Systems, pp. 1040-1044, Hawaii, USA, March 2009. (Acceptance rate 29%)
  110. M. Uddin, M. Zulkernine, and S. Ahamed, “Collaboration Through Computation: Incorporating Trust Model into Service-Based Software Systems,” Service Computing and Applications Journal, vol. 3, no. 1, pp. 47-63, Springer, March 2009.
  111. M. Atef and M. Zulkernine “At What Level of Granularity Should We be Componentizing for Software Reliability?” Proc. of the 11th IEEE International Symposium on High Assurance System Engineering (HASE), pp. 273-282, IEEE CS Press, Nanjing, China, December 2008. (Acceptance rate 20%)
  112. H. Shahriar and M. Zulkernine, “Mutation-Based Testing of Format String Bugs,” Proc. of the 11th IEEE International Symposium on High Assurance System Engineering (HASE), pp. 229-238, IEEE CS Press, Nanjing, China, December 2008. (Acceptance rate 20%)
  113. J. Zhang, M. Zulkernine, and A. Haque, “Random Forest-Based Network Intrusion Detection Systems,” IEEE Transactions on Systems, Man, and Cybernetics – Part C: Applications and Reviews, vol. 38, no. 5, pp. 648-658, September 2008.
  114. H. Shahriar and M. Zulkernine, “MUSIC: Mutation-based SQL Injection Vulnerability Checking,” Proc. of the 8th International Conference on Quality Software (QSIC), pp. 77-86, IEEE CS Press, Oxford, UK, August 2008. (Acceptance. rate 30%)
  115. M. Atef and M. Zulkernine, “On Failure Propagation in Component-Based Software Systems,” Proc. of the 8th International Conference on Quality Software (QSIC), pp. 402-411, IEEE CS Press, Oxford, UK, August 2008. (Acceptance rate 30%)
  116. U. Khan and M. Zulkernine, “Quantifying Security Vulnerabilities in Secure Software Development,” Proc. of the Second IEEE International Workshop on Security in Software Engineering, pp. 955-960, IEEE CS Press, Turku, Finland, July 2008.
  117. H. Shahriar and M. Zulkernine, “Mutation-Based Testing of Buffer Overflow Vulnerabilities,” Proc. of the Second IEEE International Workshop on Security in Software Engineering, pp. 979-984, IEEE CS Press, Turku, Finland, July 2008.
  118.  I. Chowdhury, B. Chan, and M. Zulkernine, “Security Metrics for Source Code Structures,” Proc. of the Fourth ICSE International Workshop on Software Engineering for Secure Systems (SESS), ACM, pp. 57-64, Leipzig, Germany, May 2008.
  119.  M. Uddin and M. Zulkernine, “UMLtrust: Towards Developing Trust-Aware Software,” Proc. of the 23rd Annual ACM Symposium on Applied Computing (SAC), pp. 831-836, Fortaleza Brazil, March 2008. (Acceptance rate 29%)
  120.  M. Uddin, M. Zulkernine, and S. Ahamed*, “CAT: A Context-Aware Trust Model for Open and Dynamic Systems,” Proc. of the 23rd Annual ACM Symposium on Applied Computing (SAC), pp. 2024-2029, Fortaleza, Brazil, March 2008. (Acceptance rate 29%)
  121.  L. Kuang and M. Zulkernine, “An Anomaly Intrusion Detection Method Using the CSI-KNN Algorithm,” Proc. of the 23rd Annual ACM Symposium on Applied Computing (SAC), pp. 921-926, Fortaleza, Brazil, March 2008. (Acceptance rate 29%)
  122.  Y. You, M. Zulkernine, and A. Haque, “A Distributed Defense Framework for Flooding-Based DDoS Attacks,” Proc. of the International Conference on Availability, Reliability and Security (AReS), pp. 245-252, IEEE CS Press, Barcelona, Spain, March 2008. (Acceptance rate 22%)
  123.  L. Kuang and M. Zulkernine, “An Intrusion-Tolerant Mechanism for Intrusion Detection Systems,” Proc. of the International Conference on Availability, Reliability and Security (AReS), pp. 921-926, IEEE CS Press, Barcelona, Spain, March 2008. (Acceptance rate 22%)
  124. M. Atef and M. Zulkernine, “Improving Reliability and Safety by Trading Off Software Failure Criticalities,” Proc. of the 10th IEEE International Symposium on High Assurance System Engineering (HASE), pp. 267-274, Dallas, Texas, USA, November 2007. (Acceptance rate 30%)
  125. P. Kannadiga, M. Zulkernine, and A. Haque, “E-NIPS: An Event-Based Network Intrusion Prediction System,” Proc. of the 10th Information Security Conference (ISC), Lecture Notes in Computer Science, vol. 4779, pp.37-52, Springer Verlag, Chile, October 2007. (Acceptance rate 25%)
  126. S. Ahamed, M. Zulkernine, and S. Wolfe, “A Software-Based Trust Management System for Distributed Industrial Management Systems,” Journal of Systems and Software, vol. 80, issue 10, pp. 1621-1630, Elsevier Science, October 2007.
  127. M. Zulkernine, M. Graves, and U. Khan, “Integrating Software Specifications into Intrusion Detection,” International Journal of Information Security (IJIS), pp. 345-357, Springer, September, 2007.
  128. M. Hussein, M. Raihan, and M. Zulkernine, “Classification and Extension of Software Specification and Attack Description Languages,” in D. Khadraoui and F. Herrmann (editors), Advances in Enterprise IT Security, pp. 285-301, Idea Group, 2007.
  129. M. Uddin, H. Shahriar, and M. Zulkernine, “ACIR: An Aspect-Connector for Intrusion Response,” Proc. of the First IEEE International Workshop on Security in Software Engineering, pp. 249-254, IEEE CS Press, Beijing, China, July 2007.
  130. M. Al-Subaie and M. Zulkernine, “The Power of Recurrent Neural Networks in Anomaly Intrusion Detection,” Proc. of the IEEE Symposium on Computer and Communications Network Security – ICC '07, pp. 1391-1398, Glasgow, Scotland, June 2007. (Acceptance rate 39%)
  131. Y. You, M. Zulkernine, and A. Haque, “Detecting Flooding-Based DDoS Attacks,” Proc. of the IEEE Symposium on Computer and Communications Network Security – ICC '07, pp. 1239-1234, Glasgow, Scotland, June 2007. (Acceptance rate 39%)
  132. M. Hussein and M. Zulkernine, “Intrusion Detection Aware Component-Based Systems: A Specification-Based Approach,” Journal of Systems and Software, vol. 80, issue 5, pp. 700-710, Elsevier Science, May 2007.
  133. M. Raihan and M. Zulkernine, “AsmLSec: An Extension of Abstract State Machine Language for Attack Scenario Specification,” Proc. of the IEEE International Conference on Availability, Reliability and Security (AReS), IEEE CS Press, pp. 775-782, Vienna, Austria, April 2007.(Acceptance rate 28%)
  134. M. Graves and M. Zulkernine, “Bridging the Gap: Software Specification Meets Intrusion Detector,” Proc. of the Fourth Annual Conference on Privacy, Security and Trust (PST), pp. 265-274, Toronto, Canada, McGraw Hill Press, October 2006.
  135. M. Al-Subaie and M. Zulkernine, “Efficacy of Hidden Markov Models Over Neural Networks in Anomaly Intrusion Detection,” Proc. of the 30th Annual International Computer Software and Applications Conference (COMPSAC), pp. 325-332, IEEE CS Press, Chicago, USA, September 2006. (Acceptance rate 29%)
  136. J. Zhang and M. Zulkernine, “Anomaly Based Network Intrusion Detection with Unsupervised Outlier Detection,” Symposium on Network Security and Information Assurance – Proc. of the IEEE International Conference on Communications (ICC), pp. 2388-2393, Istanbul, Turkey, June 2006. (Acceptance rate 39%)
  137. J. Zhang and M. Zulkernine, “A Hybrid Network Intrusion Detection Technique Using Random Forests,” Proc. of the International Conference on Availability, Reliability and Security (AReS), IEEE CS Press, pp. 262-269, Vienna, Austria, April 2006. (Acceptance rate 36%)
  138.  M. Hussein and M. Zulkernine, “UMLintr: A UML Profile for Specifying Intrusions,” Proc. of the 13th Annual IEEE International Conference and Workshop on the Engineering of Computer Based Systems (ECBS), pp. 279-286, IEEE CS Press, Potsdam, Germany, March 2006.
  139. J. Zhang and M. Zulkernine, “Network Intrusion Detection Using Random Forests,” Proc. of the third Annual Conference on Privacy, Security and Trust (PST), pp. 53-61, St. Andrews, New Brunswick, Canada, October 2005. (Acceptance rate 38%)
  140. M. Raihan and M. Zulkernine, “Detecting Intrusions Specified in a Software Specification Language,” Proc. of the 29th Annual International Computer Software and Applications Conference (COMPSAC), pp. 143-148, IEEE CS Press, Edinburgh, Scotland, July 2005. (Acceptance rate 25%)
  141. P. Kannadiga and M. Zulkernine, “DIDMA: A Distributed Intrusion Detection System Using Mobile Agents,” Proc. of the ACIS 6th International Conference on Software Engineering, Networking and Parallel/Distributed Computing (SNPD), pp. 238-245, IEEE CS Press, Maryland, USA, May 2005.
QRST | School of Computing | Queen's University, Kingston, Ontario, Canada. K7L 3N6 | Tel: (613) 533 6000 ext. 75103 & 74671