Jamel Nebhen

Security threats, countermeasures, and challenges of digital supply chains

By Badis Hammi, Sherali Zeadally, Jamel Nebhen

2023-07-01

In ACM Computing Surveys

Abstract

The rapid growth of Information Communication Technologies (ICT) has impacted many fields. In this context, the supply chain has also quickly evolved toward the digital supply chain where digital and electronic technologies have been integrated into every aspect of its end-to-end process. This evolution provides numerous beneits such as proit maximization, loss reduction, and the optimization of supply chain lead times. However, the use of such technologies has also considerably opened up various security threats and risks which have widened the attack surface on the entire end-to-end supply chain. We present a holistic survey on supply chain security. We discuss the different security issues and attacks that target the diferent supply chain technologies. Then, we discuss various countermeasures and security solutions proposed by academic and industry researchers to mitigate the identiied threats. Finally, we provide some recommendations and best practices that can be adopted to achieve a secure supply chain.

Continue reading

Blockchain-based solution for detecting and preventing fake check scams

Abstract

Fake check scam is one of the most common attacks used to commit fraud against consumers. This fraud is particularly costly for victims because they generally lose thousands of dollars as well as being exposed to judicial proceedings. Currently, there is no existing solution to authenticate checks and detect fake ones instantly. Instead, banks must wait for a period of more than 48 h to detect the scam. In this context, we propose a blockchain-based scheme to authenticate checks and detect fake check scams. Moreover, our approach allows the revocation of used checks. More precisely, our approach helps the banks to share information about provided checks and used ones, without exposing the banks’ customers’ personal data. We demonstrate a proof of concept of our proposed approach using Namecoin and Hyperledger blockchain technologies.

Continue reading

Survey on smart homes: Vulnerabilities, risks, and countermeasures

Abstract

Over the last few years, the explosive growth of Internet of Things (IoT) has revolutionized the way we live and interact with each other as well as with various types of systems and devices which form part of the Information Communication Technology (ICT) infrastructure. IoT is having a significant impact on various application domains including healthcare, smart home, transportation, energy, agriculture, manufacturing, and many others. We focus on the smart home environment which has attracted a lot of attention from both academia and industry recently. The smart home provides a lot of convenience to home users but it also opens up various risks that threaten both the security and privacy of the users. In contrast to previous works on smart home security and privacy, we present an overview of smart homes from both academic and industry perspectives. Next we discuss the security requirements, challenges and threats associated with smart homes. Finally, we discuss countermeasures that can be deployed to mitigate the identified threats.

Continue reading

Is it really easy to detect sybil attacks in c-ITS environments: A position paper

By Badis Hammi, Yacine Mohamed Idir, Sherali Zeadally, Rida Khatoun, Jamel Nebhen

2022-04-01

In IEEE Transactions on Intelligent Transportation Systems

Abstract

In the context of current smart cities, Cooperative Intelligent Transportation Systems (C-ITS) represent one of the main use case scenarios that aim to improve peoples? daily lives. Thus, during the last few years, numerous standards have been adopted to regulate such networks. Within a C-ITS, a large number of messages are exchanged continuously in order to ensure that the different applications operate efficiently. However, these networks can be the target of numerous attacks. The sybil attack is among the most dangerous ones. In a sybil attack, an attacker creates multiple identities and then disguises as several fake stations in order to interfere with the normal operations of the system or profit from provided services. We analyze recently proposed sybil detection approaches regarding their compliance with the current C-ITS standards as well as their evaluation methods. We provide several recommendations such as network and attack models as well as an urban and highway datasets that can be considered in future research in sybil attack detection.

Continue reading