Muhammad Taibah

Graduate student
taibah [at] computer [dot] org

Currently I am a Master's student at the College of Computer and Information Science in Northeastern University. I enjoy Science, and I appreciate Art. I believe that Computer Science is a mixture of  both. It provides the beauty of art in a scientific flavor.
In Computer Science world, we are not Mathematicians who work in an abstract level without being able to apply ideas from such a high level in practice. Yet, we are not Engineers who apply science to only solve practical problems within given boundaries. We get the best of both worlds, having the strength of Mathematicians to describe knowledge in a robust way, and the ability to apply the knowledge to solve practical problems as engineers. In addition, it is a "Science" so we have the means to explore the surrounding universe and discover new knowledge.
Computer Science serves as the scientific vehicle that is behind advancing a lot of other scientific, and art fields in the modern world. Computer Science serves humanity in various ways, and for that I am a computer science student :)

The picture above shows me beside a Scanning Tunneling Microscope

Currently I am a member of Information Assurance Capstone Research Team (I), working on a research related to data confidentiality, and data leakage control, in Information Technology infrastructures. This type of threats caused by Multi-vector attacks is considered relatively new with respect to the way in how it is "operated" by adversaries comparing to other well known attacks used to exploit Information Technology Infrastructures. As far as this moment in our research, we did not experience any new "technical" methodologies used by this type of attacks. The main goal of the research project is to look into the current security models inability to defeat such attacks, and to find the main specifications that would lead to a security model that can be used to protect Information Technology Infrastructures against such type of threats caused by these attacks.

Unfortunately, as far as this moment (Feb, 12, 2012 | 03:47 AM), and up to our team knowledge there is no standard well known scientific definition of such threats. In the media, and among computer security professionals in the industry, these threats are referred to as - the so called - Advanced Persistent Threats (APTs). Our team suggested a new term more specific to define this type of attacks, to help distinguishing it from different types of attacks 

Some of the famous SDE attacks the group considered as part of the analysis phase are:

   - Operation Aurora
   - RSA
   - Operation Shady Rat
 

Scientific interests

Computer security is the art of quality, and the science of perfection. In general, my scientific interests are related to Computer Security & Information Assurance.
Currently, my interests revolve around studying different scalable techniques for monitoring various security behaviors within computer software systems, by analyzing data generated by these systems. 

This section lists a selection of coursework, and extracurricular related projects, and reports during graduate and undergraduate studies.


* Hadoop cluster structure affects on overall job performance in a single machine virtual cluster environment project report, completing a graduate level Parallel Data Processing in MapReduce course requirements [ | ].

* Most accurate Classification model on the eBird Reference Dataset project, completing a graduate level Data Mining Techniques course requirements (Competition winner) [].

* Coauthored a study (System Logs Auditing) discussing advance systems log auditing techniques and the rule they play in the overall security of IT infrastructures, completing a graduate level course in Computer Systems Security [].

* Coauthored a white paper (The Web Browser and its Insecurities) discussing different attack vectors, and defense techniques, completing a graduate level course in Network Security Practices [].

* Critical Infrastructure Protection Plan Proposal, completing Decision Making for Critical Infrastructure Protection graduate course requirements [].

* Medical Information & Privacy, legal constraints governing medical privacy concerns when there is an interest of accessing private medical/health record in the US before and after HIPAA, completing a graduate level CyberLaw course requirements [].

* Empirical research to study the accuracy of an anomaly detection algorithm used in Multi-Tier Architectures.

* Research in intrusion detection systems applying anomaly detection strategy on MySQL query logs.

* Designed and developed VanTai an anomaly detection system used to detect anomalous behavior in general query logs.

* Designed and developed "Computer Science Student Support (CSSS)" Website.

* Co-developed and enhanced, the design of "ECC Risk Management Tracking System" (Saudi Aramco, summer training).

* Practiced intensively "Networks designing and subnetting" implementing network security zoning concepts.

* Technical Research within Data Centers Administration Course "Intrusion prevention systems positioning effects on the network performance." presented in the seventeenth Saudi National Information Security forum, in the attendance of His Majesty Prince Abdul Aziz Bin Majid Al Saud 2005.

* Developed "Design and implementation of on-line web based brokering system using Java Servlets & Oracle DBMS" fulfilling graduation project requirements.

* Designed, and managed the development team of Naqaba Madinah Branch System for Rotational Transportation.
 

© Muhammad Taibah