[Book Chapter] Cyber Security Deception

Mohammed H. Almeshekah and Eugene H. Spafford In Cyber Deception, S. Jajodia et al. (eds.), Springer International Publishing Switzerland 2016. ABSTRACT: Most data is digitized and stored in organizations’ servers, making them a valuable target. Advanced persistent threats (APT), corporate espionage, and other forms of attacks are continuously increasing. Companies reported …

Read More »

[Paper] ErsatzPasswords – Ending Passwords Cracking and Detecting Password Leakage

Mohammed H. Almeshekah, Chris Gutierrez, Mikhail J. Atallah and Eugene H. Spafford [Paper] Annual Computer Security Applications Conference (ACSAC’15), Los Angeles, CA, USA, December 2015 (Outstanding Paper Award) [Poster] 16th Annual Information Security Symposium, CERIAS, Purdue University, March 2015 (Best Poster Award)    ABSTRACT: In this work we present a …

Read More »

I have successfully defenses my PhD thesis on “Using Deception to Enhance Security: A Taxonomy, Model, and Novel Uses”

I have successfully defended my PhD thesis and ended my journey at Purdue. This would have not been possible without the help and guidance from my advisors Prof. Eugene H. Spafford (aka. Spaf) and Prof. Mikhal J. Atallah (aka. Mike). I was honored to have the opportunity to learn from such renowned scientists and …

Read More »

[Paper] Enhancing Passwords Security using Deceptive Covert Communication

Mohammed H. Almeshekah, Mikhail J. Atallah and Eugene H. Spafford International Conference on ICT Systems Security and Privacy Protection, IFIP SEC’15, May 26-28, 2015, Hamburg, Germany ABSTRACT: The use of deception to enhance security has shown promising results as a defensive technique. In this paper we present an authentication scheme that …

Read More »

A number of media outlets published articles on our Ersatz Password work

A number of media outlets published articles on our Ersatz Password work. These appeared in a number of languages; [English] InfoWorld.com, NetworkWorld.com, PCWorld.com, DataBreaches.net, ComputerWorld.com and CSOonline.com; [Swedish] IDG.se; [Russian] at SecurityLab.ru; and [Danish] at version2.dk. Update: The full details and implementation of the work has been published an available here. Update: Our …

Read More »

[Poster] Modeling Deception In Information Security As A Hypergame — A Primer

Chris Gutierrez, Mohammed H. Almeshekah, Jeff Avery, Saurabh Bagchi and Eugene H. Spafford 16th Annual CERIAS Information Security Symposium: Poster, West Lafayette, IN, USA, March 2015 ABSTRACT: In order to use deception as a viable information security defensive mechanism, one must properly analyze the conflict at hand. There is little work that …

Read More »