Principal Investigator (PI)

Vision:

Sir Asad
Dr. Muhammad Asad Arfeen
      Assistant Professor
      Director IT NEDUET
         Personal Page

 

There exists a wide gap between endpoint security researchers and Internet security researchers. Recent security breaches show that this gap has been exploited by malware, ransomware and hackers to carry out their illegitimate activities in a covert manner. In this information age, security is a universal problem and the counter hack technologies should not be developed in a disjoint manner.
The proposed lab/project will develop a unified security framework which will be useful for stakeholders from all the related areas of computing (software, operating systems, network, Internet,databases, mobile, cloud, etc.). The unified security framework will be based on joint research in the
following application domains:

  •  End Point Protection
  •  Internet Security
  •  Digital Forensics
  •  Quantum Technology

Increase in malware and hacking attempts with little and expensive threat protection has resulted in significant reduction of confidentiality, reliability, availability and trust on Internet based systems which, till now, were very efficiently serving online and off-line requirements of national and international cyber connected community. In this regard recent examples are ransomware WannaCry and Stuxnet. The main focus of the proposed lab is to develop defensive framework from malware and other Cyber threats by understanding their development, evolution, proliferation, prediction, damage, forensics and ensuring data security by efficient quantum based cryptographic methods.

The domains or areas where the proposed lab will specifically contribute in science and technology are :

  • Malware Reverse Engineering: This means using a multi-layer approach with reverse engineering; that
    is, instead of fortifying or protecting end point service or application with other services, the components
    which define or implement the service shall be identified, reverse engineered, and secured. These
    components include software modules, web interfaces, user data transport and network traffic, for
    example. Predictive malware defence is also one of the scientific objectives.
  • Internet Traffic Reverse Engineering for Anamoly Detection: Internet operators in Pakistan and
    worldwide are concerned that although they are providing bulk bandwidth and traffic transit services, but
    they really don’t know what is actually happening in their network traffic. Unfortunately Deep Packet
    Inspection (DPI) solutions are very expensive and also violates privacy of users. Therefore it is a
    challenging task to do privacy preserving analysis of Internet traffic. In this regard, this project will focus
    on using statistical analysis of interval and counting data using large deviation theory and long memory
    processes. The scientific target is early DDOS detection and backtrack malware signatures to traffic
    patterns.
  • Digital Forensics: The long term scientific goals of the proposed digital forensics laboratory include the
    creation of expertise and high-quality research in the area of Digital Forensic Analysis of computers
    including Network Servers, Audio & Video Devices, Vehicle Infotainment Systems, Drones, Media
    Storage, Mobile Devices, i-Pads, Tablets, Cell Phones, Smart Phones, Smart Watches, GPS Devices,
    Dash cams, Activity Trackers, IoT Devices and including Medical Devices, that can store digital
    information. Hence, it is a need of time to have such a facility in this region which is very important for
    national security in the modern digital era where contemporary methods and techniques of digital and
    cybercrimes are increasing day by day. The scope such challenges includes Fraud/Wire Fraud, Cyber
    Breaches, Intellectual Property/Trade Secret Theft, etc.
  • Quantum Key Distribution (QKD) Protocols: Designing, analysis and implementation of QKD
    protocols focusing on specific application and industry requirements. As there are a number of QKD
    protocols depending upon the available resources, application and scope. QKD Networks: This area
    focuses on the utilization of QKD technology in a network fashion, same as existing computer
    networks. There are various critical challenges in using QKD technology with classical networks
    because of its technical limitations. Research will be done on establishing scalable and secure QKD
    networks so that large scale implementation could be done.