.img-circle { border-radius: 50%; }

Academic Positions

  • Present 2019

    Assistant Professor

    University of Central Arkansas, Conway, AR, USA
    Department of Computer Science

  • 2019 2018

    Instructor

    University of Central Arkansas, Conway, AR, USA
    Department of Computer Science

  • 2018 2018

    Instructor

    Tennessee Tech. University, Cookeville, TN, USA
    Department of Electrical and Computer Engineering

  • 2018 2016

    Research Assistant

    Tennessee Tech. University, Cookeville, TN, USA
    Department of Electrical and Computer Engineering

  • 2016 2015

    Assistant lecturer

    Benha University, Egypt
    Faculty of Engineering at Shoubra

  • 2015 2010

    Teaching Assistant

    Benha University, Egypt
    Faculty of Engineering at Shoubra

Education & Training

  • Ph.D. 2019

    Ph.D. in Electrical and Computer Engineering

    Tennessee Tech. University, USA

  • M.Sc. 2015

    M.Sc. in Electrical Engineering

    Benha University, Egypt

  • B.Sc.2009

    B.Sc in Electrical Engineering

    Benha University, Egypt

Filter by type:

Sort by year:

Efficient and Privacy-Preserving Ride Sharing Organization for Transferable and Non-Transferable Services

Mahmoud Nabil, Ahmed Sherif, Mohamed Mahmoud, Ahmad Alsharif, and Mohamed Abdallah
Journal IEEE Transactions on Dependable and Secure Computing, 2021 (IF =6.404)

Abstract

Ride-sharing allows multiple persons to share their trips together in one vehicle instead of using multiple vehicles. This can reduce the number of vehicles in the street, which consequently can reduce air pollution, traffic congestion and transportation cost. However, a ride-sharing organization requires passengers to report sensitive location information about their trips to a trip organizing server (TOS) which creates a serious privacy issue. In addition, existing ride-sharing schemes are non-flexible, i.e., they require a driver and a rider to have exactly the same trip to share a ride. Moreover, they are non-scalable, i.e., inefficient if applied to large geographic areas. In this paper, we propose two efficient privacy-preserving ride-sharing organization schemes for Non-transferable Ride-sharing Services (NRS) and Transferable Ride-sharing Services (TRS). In the NRS scheme, a rider can share a ride from its source to destination with only one driver whereas, in TRS scheme, a rider can transfer between multiple drivers while en route until he reaches his destination. In both schemes, the ride-sharing area is divided into a number of small geographic areas, called cells, and each cell has a unique identifier. Each driver/rider should encrypt his trip's data and send an encrypted ride-sharing offer/request to the TOS. In NRS scheme, Bloom filters are used to compactly represent the trip information before encryption. Then, the TOS can measure the similarity between the encrypted trips data to organize shared rides without revealing either the users' identities or the location information. In TRS scheme, drivers report their encrypted routes, an then the TOS builds an encrypted directed graph that is passed to a modified version of Dijkstra's shortest path algorithm to search for an optimal path of rides that can achieve a set of preferences defined by the riders.

A Blockchain-based Medical Data Marketplace with Trustless Fair Exchange and Access Control

Ahmad Alsharif, Mahmoud Nabil
Conference The IEEE Global Communications Conference (GLOBECOM 2020), Taipei, Taiwan

Abstract

The unprecedented growth of decentralized technologies and the abundance of healthcare data creates numerous opportunities for the digital healthcare industry and poses major challenges for data security. In this paper, we propose a novel decentralized blockchain-based medical data marketplace in which medical record sellers can sell their data to interested buyers, e.g., pharmaceutical corporations. Sellers use a smart contract to exchange their records with buyers for a digital currency. In our model, sellers can enforce flexible access control policy on the encrypted records while allowing the buyers to verify the correctness of the encrypted records without revealing any information about the records using the developed zk-SNARK protocol. In addition, sellers acquire a proof-of-delivery to redeem buyers' contingent payments by exchanging a record access key for a buyer signature using the developed trustless zero-knowledge contingent payment protocol. Our security analysis proves that our model is secure against malicious behaviors of both dishonest sellers/buyers. Performance evaluation indicates that the GAS cost on Etherume blockchain and the computational cost of the cryptographic operations are low.

SiMple: A Unified Single and Multi-Path Routing Algorithm for Wireless Sensor Networks with Source Location Privacy

Meisam Kamarei, Ahmad Patooghy, Ahmad Alsharif, Vesal Hakami
Journal IEEE Access, 2020 (IF =4.098)

Abstract

Wireless Sensor Networks (WSNs) experience two different patterns of traffic with different requirements: 1) Event-driven traffic from sensor nodes to the base-station (BS) in the form of single-path uni-cast packets, and 2) Query-driven traffic from BS to sensors that better matches multi-casting and generates multi-path traffic. In this paper, we propose SiMple, a unified algorithm to jointly route single- and multi-path packets in WSNs. SiMple establishes a square destination area to control the degree of path multiplicity as well as the number of intermediate nodes between the source and destination nodes. When performing single-path routing, SiMple considers the direct line connecting source and destination nodes to select the closest sensor node to the line as the next carrier of the packet. Otherwise, SiMple directs packets towards the destination node(s) by exploiting multiple disjoint routes where the number of disjoint routes is controlled by the source node. In addition, SiMple introduces virtual source nodes to hide the location of the real source node, which is needed in asset monitoring applications. The conducted extensive NS-2 simulation experiments for mixed single- and multi-path packets confirm that SiMple results in a higher performance level and consumes lower energy when compared to the case of using two separate algorithms to individually route event and query packets.

MDMS: Efficient and Privacy-Preserving Multi-dimension and Multi-subset Data Collection for AMI Networks

Ahmad Alsharif, Mahmoud Nabil, Ahmed Sherif, Mohamed Mahmoud, and Min Song
Journal IEEE Internet of Things Journal (IEEE IoT), 2019 (IF =9.515)

Abstract

Advanced Metering Infrastructure (AMI) networks allow utility companies to collect fine-grained power consumption data of electricity consumers for load monitoring and energy management. This brings serious privacy concerns since the fine-grained power consumption data can expose consumers’ activities. Privacy-preserving data aggregation techniques have been used to preserve consumers’ privacy while allowing the utility to obtain only the consumers total consumption. However, most of the existing schemes do not consider the multi-dimensional nature of power consumption in which electricity consumption can be categorized based on the consumption type. They also do not consider multi-subset data collection in which the utility should be able to obtain the number of consumers whose consumption lies within a specific consumption range, and the overall consumption of each set of consumers. In this paper, we propose an efficient and privacy-preserving multi-dimensional and multi-subset data collection scheme, named “MDMS”. In MDMS, the utility can obtain the total power consumption as well as the number of consumers of each subset in each dimension. In addition, for better scalability, MDMS allows the utility to delegate bill computation to the AMI networks’ gateways using the encrypted readings and following dynamic prices in which electricity prices are different based on both the time and the consumption type. Moreover, MDMS uses lightweight operations in encryption, aggregation, and decryption resulting in low computation and communication overheads as given in our experimental results. Our security analysis demonstrates that MDMS is secure and can resist collusion attacks that aim to reveal the consumers’ readings.

A Multi-Authority Attribute-Based Signcryption Scheme with Efficient Revocation for Smart Grid Downlink Communication

Ahmad Alsharif, Ahmed Shafee, Mahmoud Nabil, Mohamed Mahmoud, and Waleed Alasmary
Conference The 2019 IEEE International Conference on Internet of Things (iThings 2019), Atlanta, USA

Abstract

In this paper, we propose a multi-authority attribute-based signcryption scheme with efficient revocation for smart grid downlink communications. The proposed scheme allows grid operators and electricity vendors to securely send multicast messages to different groups of consumers. Such secure multicast communication is required in several applications such as firmware update distribution, sending direct load control messages, and sending energy trading requests. Our scheme can ensure the confidentiality and the integrity of the multicasted messages, allows consumers to authenticate the senders of the multicasted messages, achieves non-repudiation property, and allows prompt attribute revocation, simultaneously which are the security requirements of the smart grid downlink communications. Our security analysis demonstrates that the proposed scheme is secure and can thwart various security threats to the smart grid. Our experiments conducted on an advanced metering infrastructure (AMI) testbed confirm that the proposed scheme has low computational overhead.

EPDA: Efficient and Privacy-Preserving Data Collection and Access Control Scheme for Multi-Recipient AMI Networks

Ahmad Alsharif, Mahmoud Nabil, Mohamed Mahmoud, and Mohamed Abdallah
Journal IEEE Access, 2019 (IF =4.098)

Abstract

Advanced metering infrastructure (AMI) networks allow the data collection of consumers’ fine-grained power consumption data (PCD) to perform real-time monitoring and energy management. However, PCD can leak sensitive information about consumers’ activities. Various privacy-preserving data collection schemes have been proposed for AMI networks to allow the collection of an aggregated PCD to preserve consumers’ privacy. However, most of these schemes are designed for single-recipient AMI networks and cannot be used efficiently for multi-recipient AMI networks in which several entities should have access to the aggregated PCD of different sets of users for legitimate uses. In this paper, we propose an efficient and privacy-preserving data collection and access control scheme for multi-recipient AMI networks named EPDA. We developed a novel proxy re-encryption scheme that allows data aggregation before reencryption and can allow either full or partial access to the aggregated data after re-encryption as needed. The proposed scheme can be used for fine-grained access control for multi-recipient AMI networks in which each recipient can access only the data intended to it. The EPDA uses lightweight operations in encryption, aggregation, and decryption which result in low computation and communication overheads. Our security analysis demonstrates that the EPDA is secure, can resist collusion attacks and hide customers’ distribution which is needed for a fair electricity trade market. Our experimental results confirm that the EPDA has improved performance for the computational cost at each entity in the AMI network and low communication overhead.

EPIC: Efficient Privacy-Preserving Scheme with EtoE Data Integrity and Authenticity for AMI Networks

Ahmad Alsharif, Mahmoud Nabil, Samet Tonyali, Hawzhin Mohammed, Mohamed Mahmoud, and Kemal Akkaya
Journal IEEE Internet of Things Journal (IEEE IoT), 2019 (IF =9.515)

Abstract

In this paper, we propose EPIC, an efficient and privacy-preserving data collection scheme with EtoE data integrity verification for AMI networks. Using efficient cryptographic operations, each meter should send a masked reading to the utility such that all the masks are canceled after aggregating all meters’ masked readings, and thus the utility can only obtain an aggregated reading to preserve consumers’ privacy. The utility can verify the aggregated reading integrity without accessing the individual readings to preserve privacy. It can also identify the attackers and compute electricity bills efficiently by using the fine-grained readings without violating privacy. Furthermore, EPIC can resist collusion attacks in which the utility colludes with a relay node to extract the meters’ readings. A formal proof, probabilistic analysis are used to evaluate the security of EPIC, and ns-3 is used to implement EPIC and evaluate the network performance. In addition, we compare EPIC to existing data collection schemes in terms of overhead and security/privacy features.

Secure and Privacy-Preserving Physical-Layer-Assisted Scheme for EV Dynamic Charging System

Marbin Pazos-Revilla, Ahmad Alsharif, Surya Gunukula, Terry N. Guo, Mohamed Mahmoud, and Xuemin (Sherman) Shen
Journal IEEE Transactions on Vehicular Technology (IEEE TVT), 2018 (IF =5.339)

Abstract

Dynamic charging system will enable moving electrical vehicles (EVs) to charge their batteries through magnetic induction by charging pads (CPs) placed on a portion of the roadbed. To realize such a system, the EVs need to communicate with the various parts of the system that include a bank, a charging service provider (CSP), road side units (RSUs), and CPs. In this paper, we propose a secure and privacy-preserving physical-layer-assisted scheme for dynamic charging systems to secure payment and authentication and also preserve the drivers' location privacy. We develop an efficient hierarchical authentication scheme that considers the scalability nature of the system. Efficient cryptosystems are used to authenticate the EVs to the bank, CSP, and RSUs, but our evaluations indicate that the contact time of fast moving EVs and the CPs is too short to exchange multiple messages and execute time consuming operations. Therefore, we develop an efficient physical-layer-based authorization scheme that utilizes autocorrelation demodulation and hypothesis testing to enable the CPs to identify and charge the authorized EVs. Through extensive analysis, simulation, and practical experiments, we demonstrate that the proposed scheme is secure against the considered attacks and can achieve fast authentication and high authorization rate. Moreover, the proposed scheme can achieve full anonymity where no entity or even colluding entities can know the drivers' locations.

Privacy-Preserving Collection of Power Consumption Data for Enhanced AMI Networks

Ahmad Alsharif, Mahmoud Nabil, Mohamed Mahmoud, and Mohamed Abdallah
Conference The 25th International Conference on Telecommunications (ICT2018), Saint-Malo, France

Abstract

In this paper, we propose a privacy-preserving data collection scheme for enhanced AMI networks. The idea is that each cluster of meters is divided into members and heads. A cluster member should send encrypted subreadings with lifetime values to a number of cluster heads where the lifetime permits the cluster heads to reuse the received subreading for future reporting cycles. Then cluster heads should aggregate all the received/stored subreadings and send the result to a local aggregator which performs a further aggregation process and then send an aggregated reading for the cluster to the utility. If the reading of a cluster member does not change, it should run a countermeasure to traffic analysis to determine whether it needs to send a subreading to one of the cluster heads or not, whereas if the power reading changes or the lifetime of a subreading expires, the cluster member needs to update only one subreading to make the summation of all its subreadings gives the correct reading. In addition, the proposed scheme is more resistive to collusion attacks than existing schemes. Our analysis demonstrates that the proposed scheme can preserve consumers privacy and resist collusion attacks. Our measurements confirm that the proposed scheme can reduce the communication bandwidth by 30%.

Efficient Privacy-Preserving Aggregation Scheme for Data Sets

Ahmed Sherif, Ahmad Alsharif, Mohamed Mahmoud, Mohamed Abdallah and Min Song
Conference The 25th International Conference on Telecommunications (ICT2018), Saint-Malo, France

Abstract

Many applications depend on privacy-preserving data aggregation schemes to preserve users' privacy. The main idea is that no entity should be able to access users' individual data to preserve privacy, but the aggregated data should be known for the application functionality. In these schemes, each user should encrypt a message and send it to an aggregator to compute and send the ciphertext of the aggregated messages to the decryptor without learning the individual messages. The decryptor should decrypt the ciphertext to obtain the aggregated message. However, the existing schemes are designed to aggregate one type/size of data and it is inefficient to modify them to aggregate messages that have data sets of different data types and sizes. In this paper, we propose an efficient privacy-preserving aggregation scheme for data sets. Unlike the existing schemes that do multibit number addition, the proposed scheme aggregates individual bits. Moreover, comparing to the existing schemes, our scheme has two new features. First, in some applications (such as those that need reporting location information), the aggregator can verify the encrypted messages to detect data pollution attacks without accessing the messages to preserve privacy. Second, our scheme has two types of decryptions; called full and partial. In full decryption, the decryptor can decrypt the whole data set, while in partial decryption, the decryptor can enable some entities to decrypt some data in the set. Our analysis demonstrates that the proposed scheme is secure and can preserve users' privacy. Extensive experimental results demonstrate that our scheme is more efficient than the existing schemes.

Efficient Multi-Keyword Ranked Search over Encrypted Data for Multi-Data-Owner Settings

Mahmoud Nabil, Ahmad Alsharif, Ahmed Sherif, Mohamed Mahmoud, and Mohamed Younis
Conference The IEEE International Conference on Communications (ICC2018), Kansas City, USA

Abstract

The availability of high-performance computing platforms, large storage devices, and high- speed communications have boosted the popularity of cloud computing. Users exploit these capabilities by using the cloud as a repository for their data and sharing these data with others. However, since the cloud is usually owned and operated by private companies, storing sensitive data in the cloud servers raises privacy concerns. To address these concerns, privacy-preserving keyword search schemes have been developed. Nevertheless, most of the existing schemes are either inefficient for multi-data- owner settings or designed for single-data-owner settings, and becomes insecure and inefficient when used for multi-data-owner. This paper proposes an efficient multi-keyword ranked search scheme over encrypted data for multi-data-owner settings. The proposed scheme allows each data owner and each user to have a distinct key, and allows the server to efficiently search the files of different data owners using one encrypted query sent by the user. Our privacy analysis demonstrates that the proposed scheme can preserve the privacy of the data owners and users. In addition, our extensive performance evaluations demonstrate that our scheme is much more efficient than existing approaches in the literature.

Privacy-Preserving Autonomous Cab Service Management Scheme

Ahmed Sherif, Ahmad Alsharif, Mohamed Mahmoud, and Jacob Moran
Conference The 3rd Africa and Middle East Conference on Software Engineering (AMECSE'17)

Abstract

In the autonomous vehicles era, vehicles will be an on-demand service rather than an owned product, i.e., many passengers will rely on Autonomous Cabs (ACs) in their transportation. In order to guarantee the high quality of the AC service, the AC company needs to learn the geographic distribution of the potential service requests. The best way to obtain this information is by requesting the passengers to frequently report their locations, e.g., by using their smart-phones. However, learning the passengers' locations causes a serious location privacy issue. In this paper, we propose a privacy-preserving scheme for reporting location information for AC management. Data aggregation approach is used to preserve location privacy by providing the AC company with the total number of requests in each geographic area, while hiding the individual reports of the passengers. Unlike the existing aggregation schemes that do binary data addition, the used aggregation scheme does individual bits addition. Our analysis and experimental results demonstrate that the proposed scheme is efficient and can preserve location privacy.

Privacy-Preserving Intra-MME Group Handover via MRN in LTE-A Networks for Repeated Trips

Zaher Haddad, Ahmad Alsharif, Ahmed Sherif, and Mohamed Mahmoud
Conference The 86th Vehicular Technology Conference (VTC-Fall), Toronto, Canada

Abstract

In Long Term Evolution-Advanced (LTE-A) networks, Mobile Relay Nodes (MRNs) are installed in fast moving buses and trains to connect the passengers' devices to evolved Node B (eNB). However, since the MRNs and eNBs are installed in open environment, they can be compromised to launch security and privacy attacks. In this paper, we propose a privacy preserving intra Mobility Management Entity (MME) group handover scheme in LTE-A networks for repeated trips. Comparing to the existing schemes, the proposed scheme is devised to achieve the following requirements. First, the MRNs should be able to authenticate the received messages so that the messages sent from external attackers can be dropped by the MRNs rather than forwarding them to the core network. Second, the proposed scheme also aims to reduce the computational and signaling overhead and establish secure session keys. Third, the scheme aims to prevent MRNs and eNBs from tracking passengers' locations especially if they take same trip regularly. Our analysis demonstrates that the proposed scheme can achieve our security and privacy objectives. Our performance evaluations demonstrate that the proposed scheme requires a few number of messages and low computation overhead.

Privacy-Preserving Ride Sharing Organization Scheme for Autonomous Vehicles in Large Cities

Ahmed Sherif, Ahmad Alsharif, Jacob Moran, and Mohamed Mahmoud
Conference The 86th Vehicular Technology Conference (VTC-Fall), Toronto, Canada

Abstract

The autonomous vehicles will make ride sharing popular, and necessary. However, ride sharing organization requires the passengers to reveal sensitive information about their trips, which causes a serious privacy issue. In this paper, we propose a privacy-preserving ride sharing organization scheme using the kNN encryption scheme, Bloom filter, and group signature. Each user encrypts his trip's data and sends an encrypted ride-sharing request to a server that measures the similarity between users trips' to organize shared rides without revealing sensitive information. Comparing to our proposal in [1], this paper has three improvements. The proposed scheme is much more efficient because the trip data is much shorter. It is also more secure because each user has his own encryption key instead of using one shared key for all users. It can prevent linking the encryptions of the trip's data sent at different times because users frequently update their keys efficiently. Our privacy analysis demonstrates that the proposed scheme can preserve users' location privacy and trips' data privacy. Our experimental results on a real map demonstrate that the proposed scheme is much more efficient than the existing schemes, especially for large cities.

Performance analysis of certificate renewal scheme for AMI networks

Ahmad Alsharif, Samet Tonyali, Mohamed Mahmoud, Kemal Akkaya, Muhammad Ismail Muhammad, and Erchin Serpedin
Conference The 7th International Workshop on Computer Science and Engineering (WCSE 2017)

Abstract

Public-key cryptography is indispensable for securing the communications in Advanced Metering Infrastructure (AMI) networks. However, few works have studied the efficient use of public key cryptography certificates in such a network and most of them focus on certificates' revocation. In this paper, we extensively investigate the performance our previous proposal on an efficient certificate renewal scheme that we proposed for AMI networks. First, quantitative analysis is carried out to compare our scheme against signature-based certificate renewal schemes. Then, all schemes are implemented in a realistic network model using NS-3 to evaluate their performance. Simulation results demonstrate the improved performance of our scheme in computational cost, communication overhead, end-to-end delay, packet delivery ratio, and required bandwidth compared with the signature-based certificate renewal scheme.

Priority-Based and Privacy-Preserving Electric Vehicle Dynamic Charging System With Divisible E-Payment

Mahmoud Nabil, Muhammad Bima, Ahmad Alsharif, Willaim Johnson, Surya Gunukula, Mohamed Mahmoud, and Mohamed Abdallah
Book Chapter Chapter 12 in Smart Cities Cybersecurity and Privacy, 2019

Abstract

Dynamic charging systems enable moving electric vehicles (EVs) to charge using magnetic induction from charging pads (CPs) installed on roads. For the system to function, the EVs need to communicate with the various entities of the system, which include a bank, a charging service provider (CSP), roadside units (RSUs), and CPs. This communication should not reveal sensitive location information about the EV drivers, and security should also be thoroughly investigated to ensure proper operation of the system. In this chapter, we present a scheme that provides integrated, secure, and privacy-preserving authentication, prioritization, and payment for dynamic charging. In order to make payment, the EV should first purchase divisible e-coins from the bank and use them when it needs to charge. The payment scheme should be efficient and flexible in that the value of the e-coins can be adjusted based on the amount paid for charging. Charge prioritization is needed when the energy supply is less than the charging demand because the CSP cannot serve all incoming charge requests. In our scheme, a priority policy is determined by each charging station, and a multiauthority, attribute-based encryption scheme is used to ensure the security and privacy of the policy. In order to address the scalability of the system due to the large number of EVs and CPs and the limited resources of the CPs, an efficient hierarchical authentication scheme that is based on symmetric-key cryptography is proposed. The idea is that after an EV authenticates successfully to the CSP, it receives secret keys, called tokens, that are shared with the RSUs. After using these tokens to authenticate to the RSUs, the EV receives secret tokens that are shared with a number of CPs under each RSU control. These tokens are used to enable the CPs to identify and charge only authorized EVs. Our security analysis demonstrates that the proposed scheme is secure and can preserve the privacy of the EV drivers by making identifying the drivers and tracing them infeasible. In addition, performance evaluations confirm that the computational and communication overhead of the scheme is acceptable.