Publications

Refereed Journals

  1. Abeer AlJarrah, Michael Thomas, Mohamed Shehab, “Praxis and Design for Leveraging Learning Analytics for A Flipped Computer Science Classroom”, in International Journal of Educational Technology in Higher Education, ACCEPTED with Revisions.
  2. Yousra Javed, Mohamed Shehab, “Look Before You Authorize: Using Eye-Tracking To Enforce User Attention Towards Application Permissions”, Proceedings on Privacy Enhancing Technologies. Volume 2017, Issue 2, Pages 23-37, 2017.[doi]
  3. Mohamed Shehab, Hakim Touati, Yousra Javed, “Semi-Supervised Policy Recommendation for Online Social Networks”, Social Network Analysis and Mining (SNAM), Volume 6, Issue 1, 2016. [doi]
  4. Emmanuel Bello-Ogunu, Mohamed Shehab, “Crowdsourcing for Context: Regarding Privacy in Beacon Encounters via Contextual Integrity”. Proceedings on Privacy Enhancing Technologies. Volume 2016, Issue 3, Pages 83–95, May 2016. [doi][PDF]
  5. Mohammad Ashiqur Rahman, Mohammad Hossein Manshaei, Ehab S. Al-Shaer and Mohamed Shehab, “Secure and Private Data Aggregation for Energy Consumption Scheduling in Smart Grids,” in IEEE Transactions on Dependable and Secure Computing, vol.PP, no.99, 2015. [doi][PDF]
  6. Mohammad Ashiqur Rahman, Mohammad Hossein Manshaei, Ehab S. Al-Shaer and Mohamed Shehab, “Secure and Private Data Aggregation for Energy Consumption Scheduling in Smart Grids,” in IEEE Transactions on Dependable and Secure Computing, vol.PP, no.99, 2015. [doi]
  7. Boyd H. Davis, Mohamed Shehab, Dena Shenk and Mary A. Nies, E-mobile pilot for community-based dementia caregivers identifies desire for security, Gerontechnology (International Journal on the Fundamental Aspects of Technology to Serve the Ageing Society), 13(3):332-336, 2015. [doi]
  8. Gorrell Cheek, Mohamed Shehab, Human Effects of Enhanced Privacy Management Models, IEEE Transactions on Dependable and Secure Computing, (vol. 11(2), March-April 2014.[doi][PDF]
  9. Boyd H. Davis, Mary A. Nies, Mohamed Shehab, and Dena Shenk, “Developing a pilot e-mobile app for dementia caregiver support:  Lessons learned”, Online Journal of Nursing Informatics (OJNI), vol. 18(1), 2014. [doi]
  10. Salmin Sultana, Gabriel Ghinita, Elisa Bertino, and Mohamed Shehab, A Lightweight Secure Scheme for Detecting Provenance Forgery and Packet Drop Attacks in Wireless Sensor Networks, IEEE Transactions on Dependable and Secure Computing, PP(99), October 2013.[doi][PDF]
  11. Salmin Sultana, Mohamed Shehab, Elisa Bertino, “Secure Provenance Transmission for Streaming Data”, IEEE Transactions on Knowledge and Data Engineering,  vol.25, no.8, pp.1890,1903, Aug. 2013. (Impact factor: 1.851, 5-Y Impact factor: 2.899) [doi][PDF]
  12. Mohamed Shehab, Anna Squicciarini, Gail-Joon Ahn, Irini Kokkinou, Access Control for Online Social Networks Third Party Applications, Computer & Security, 31(8), November 2012. (Impact factor: 0.889, 5-Y Impact factor: 1.311) [doi][PDF]
  13. Gail-Joon Ahn, Jing Jin, Mohamed Shehab, “Policy-driven Role-Based Access Management for Ad-hoc Collaboration”, Journal of Computer Security, 20(2-3), Pages:223-257, 2012. [doi]
  14. Mohamed Shehab, Said Marouf, “Recommendation Models for Open Authorization”, IEEE Transactions on Dependable and Secure Computing, 9(4), Pages:583-596, July-Aug. 2012. (Impact factor: 1.409, 5-Y Impact factor: 2.096) [doi][PDF]
  15. Mohamed Shehab, Moo Nam Ko, Hakim Touati, “Enabling Cross-Site Interactions in Social Networks”, Social Network Analysis and Mining (SNAM), Springer Wien, 2012. [doi][PDF]
  16. Said Marouf, Mohamed Shehab, Anna Cinzia Squicciarini, and Smitha Sundareswaran, “Adaptive Reordering and Clustering-Based Framework for Efficient XACML Policy Evaluation”, IEEE Transactions on Services Computing (TSC), 4(4), Pages:300-313, Oct.-Dec. 2011.  [doi][PDF]
  17. Moo Nam Ko, Gorrell Cheek, Mohamed Shehab, and Ravi Sandhu, “Social-Networks Connect Services”, IEEE Computer (Cover Feature), 43(8), August 2010. (Impact factor: 2.514, 5-Y Impact factor: 2.467) [doi][PDF]
  18. Anna C. Squicciarini, Mohamed Shehab, and Joshua Wede, “Privacy Policies for Shared Content in Social Network Sites”, The VLDB Journal, Springer Berlin, 19(6), 2010. (Impact factor: 2.198, 5-Y Impact factor: 4.479) [doi][PDF]
  19. Mohamed Shehab, Arif Ghafoor, and Elisa Bertino, “Secure Collaboration in a Mediator-Free Distributed Environment”, IEEE Transactions on Parallel and Distributed Systems (TPDS), 19(10), Page:1338-1351, Oct. 2008.  (Impact factor: 1.575, 5-Y Impact factor: 1.992) [doi][PDF]
  20. Mohamed Shehab, Elisa Bertino, Arif Ghafoor, “Watermarking Relational Databases using Optimization Based Techniques”, IEEE Transactions of Knowledge and Data Engineering (TKDE), 20(1), Pages:116-129, Jan. 2008.  (Impact factor: 1.851, 5-Y Impact factor: 2.899) [doi][PDF]
  21. Mohamed Shehab, Kamal Bhattacharya, and Arif Ghafoor, “Web Services Discovery in Secure Collaboration Environments”, ACM Transactions on Internet Technology (TOIT), 8(1), 2008. (Impact factor: 1.118) [doi][PDF]
  22. Mohamed Shehab, Elisa Bertino, and Arif Ghafoor, “Workflow Authorisation in Mediator-free Environments”, International Journal of Security and Networks, 1(1), 2006. [doi][PDF]
  23. Rafae Bhatti, Basit Shafiq, Mohamed Shehab, and Arif Ghafoor, “Distributed Access Management in Multimedia IDCs”, IEEE Computer, 38(9), September 2005.  (Impact factor: 2.514, 5-Y Impact factor: 2.467) [doi][PDF]

Book Chapters

  1. Arjmand Samuel, Basit Shafiq, Ammar Masood, Haseeb Amjad, Rafae Bhatti, Mohamed Shehab, and Arif Ghafoor, Secure Collaboration among Distributed Systems and Services, Breakthroughs in Enterprise Computing, IDEAS Group, 2005.

Refereed Conferences, Symposia and Workshops

  1. Yousra Javed, Mohamed Shehab, Emmanuel Bello-Ogunu, “Investigating User Comprehension and Risk Perception of Apple’s Touch ID Technology”.  In Proceedings of the 12th International Conference on Availability, Reliability and Security, Reggio Calabria, Italy, August 29 – September 01, 2017.
  2. Abeer AlJarrah, Mohamed Shehab. “The Demon is in the Configuration: Revisiting Hybrid Mobile Apps Configuration Model”. In Proceedings of the 12th International Conference on Availability, Reliability and Security, Reggio Calabria, Italy, August 29 – September 01, 2017.
  3. Fadi Mohsen, Mohamed Shehab, “The Listening Patterns to System Events by Benign and Malicious Android Apps”, In Proceedings of the 2nd IEEE International Conference on Collaboration and Internet Computing (CIC), Pittsburgh, PA, USA, November 1-3, 2016.
  4. Fadi Mohsen, Mohamed Shehab, “Hardening the OAuth-WebView Implementations in Android Applications by Re-Factoring the Chromium Library”, In Proceedings of the 2nd IEEE International Conference on Collaboration and Internet Computing (CIC), Pittsburgh, PA, USA, November 1-3, 2016.
  5. Yousra Javed, Mohamed Shehab, Investigating the Animation of Application Permission Dialogs: A Case Study of Facebook. In Proceedings of the 11th International Workshop Data Privacy Management and Security Assurance (DPM), Heraklion, Crete, Greece, September 26-27, 2016.
  6. Emanuela Marasco, Mohamed Shehab, Bojan Cukic, A Methodology for Prevention of Biometric Presentation Attacks. In Proceedings of the 6th Latin-American Symposium on Dependable Computing (LADC), Cali, Colombia, October 19-21, 2016
  7. Abeer AlJarrah, Mohamed Shehab, “Maintaining User Interface Integrity on Android”, In Proceedings of the 40th IEEE Computer Society Int’l Conference on Computers Software & Applications (IEEE COMPSAC 2016), Atlanta, GA, June 2016. [PDF]
  8. Jafar Haadi Jafarian, Hassan Takabi, Hakim Touati, Ehsan Hesamifard, Mohamed Shehab, “Towards a General Framework for Optimal Role Mining: A Constraint Satisfaction Approach”, In Proceedings of ACM Symposium of Access Control, Models and Technologies (SACMAT15), Shanghai, China, June 2015.
  9. Boyd H. Davis, Dena Shenk, Mary A. Nies, and Mohamed Shehab, “Learning from a pre-pilot: e-mobile support for community-based dementia caregivers”, International Society for Gerontechnology, 2014, Taipei, 18-21.
  10. Mohamed Shehab, Abeer AlJarrah, Reducing Attack Surface on Cordova-Based Hybrid Mobile Apps, In Proceedings of MobileDeLi’14: 2nd International Workshop on Mobile Development Lifecycle, Portland, OR, USA, October 21 2014 [PDF]
  11. Emmanuel Bello-Ogunu, Mohamed Shehab, PermitMe: Integrating Android Permissioning Support in the IDE, In Proceedings of ETX’14: 2014 Workshop on Eclipse Technology eXchange, Portland, OR, USA, October 21 2014 [PDF]
  12. Mohamed Shehab, Fadi Mohsen, Towards Enhancing the Security of OAuth Implementations In Smart Phones, In Proceedings of the IEEE 3rd International Conference on Mobile Services (IEEE MS 2014), Alaska, USA, June 2014.[PDF][Slides]
  13. Fadi Mohsen, Mohamed Shehab, Android KeyLogging Threat, In Proceedings of the 8th International Workshop on Trusted Collaboration (TrustCol 2013), Austin, Texas, USA, October 2013.[PDF]
  14. Yousra Javed, Mohamed Shehab, “Access Control Policy Misconfiguration Detection on Social Networks”, ASE/IEEE International Conference on Social Computing (SocialCom’13), Washington D.C., September 2013.[PDF]
  15. Gorrell Cheek and Mohamed Shehab, Usable Object Management Approaches for Online Social Networks. In Proceedings of the IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM 2013). Niagara Falls, Canada, August 2013. [PDF]
  16. Hasan Mohammad, Mohamed Shehab and Ali Noorollahiravari, Game Theoretic Approach for User Migration in Distributed Social Networks. In Proceedings of the IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM 2013). Niagara Falls, Canada, August 2013. [PDF]
  17. Said Marouf, Mohamed Shehab, Towards Improving Browser Extension Permission Management and User Awareness, In Proceedings of the 7th IEEE International Workshop on Trusted Collaboration (TrustCol 2012), Pittsburg, Pennsylvania, USA, 14 October, 2012. (Best Paper Award). [PDF]
  18. Mohamed Shehab, Hakim Touati, Semi-Supervised Policy Recommendation for Online Social Networks, IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM  2012), Istanbul, Turkey, August, 2012. [PDF]
  19. Yousra Javed, Mohamed Shehab, How do Facebookers use Friendlists, IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM  2012), Istanbul, Turkey, August, 2012. [PDF]
  20. Mohamed Shehab, Saeed Al-Haj, Salil Bhagurkar, Ehab Al-Shaer, Anomaly Discovery and Resolution in MySQL Access Control Policies, in Proceedings of 23rd International Conference on Database and Expert Systems Applications (DEXA’2012), Vienna, Austria, Sept, 2012. [PDF]
  21. Mohammad Ashiqur Rahman, Libin Bai, Mohamed Shehab, Ehab Al-Shaer, Secure Distributed Solution for Optimal Energy Consumption Scheduling in Smart Grid, In Proceedings of the 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom-2012), Liverpool, UK, 25-27 June, 2012. (acceptance rate 28%).[PDF]
  22. Gorrell Cheek, Mohamed Shehab, Policy-by-Example for Online Social Networks, in Proceedings of ACM Symposium of Access Control, Models and Technologies (SACMAT’12), Newark, NJ, USA, June 2012. [PDF]
  23. Mohamed Shehab, Moo Nam Ko, and Hakim Touati, Social Networks Profile Mapping Using Games, in Proceedings of USENIX Conference on Web Application Development (WebApps’12), Boston, MA, USA, June, 2012. [PDF]
  24. Gorrell Cheek, Mohamed Shehab, Privacy Management for Online Social Networks, International World Wide Web Conference (WWW’12), April, 2012. (Poster).
  25. Said Marouf, Mohamed Shehab, SEGrapher: Visualization-based SELinux Policy Analysis, 4th Symposium on Configuration Analytics and Automation (SafeConfig 2011), Arlington, VA, USA, Nov 2011. [PDF]
  26. Mohamed Shehab, Said Marouf, Christopher Hudel, ROAuth: Recommendation Based Open Authorization, Proceedings of the 7th Symposium on Usable Privacy and Security (SOUPS), Pittsburgh, PA, July, 2011. [PDF]
  27. Gorrell Cheek, Mohamed Shehab, Truong Ung, and Ebonie Williams, iLayer: Toward an Application Access Control Framework for Content Management Systems, Policy’11: IEEE International Symposium on Policies for Distributed Systems and Networks, Pisa, Italy, June 6-8, 2011. [Slides][PDF]
  28. Salmin Sultana, Elisa Bertino, Mohamed Shehab: A Provenance Based Mechanism to Identify Malicious Packet Dropping Adversaries in Sensor Networks. ICDCS Workshops 2011: 332-338. [PDF]
  29. Mohamed Shehab, Gorrell Cheek, Hakim Touati, Anna C. Squicciarini and Pau-Chen Cheng, User Centric Policy Management in Online Social Networks, Policy’10: IEEE International Symposium on Policies for Distributed Systems and Networks, Fairfax, VA, USA, July 2010. [PDF]
  30. Said Marouf, Doan Minh Phuong, Mohamed Shehab, A Learning-Based Approach for SELinux Policy Optimization with Type Mining, Cyber Security and Information Intelligence Research Workshop (CSIIRW’10), Oak Ridge, TN, April 2010.[PDF]
  31. Said Marouf, Mohamed Shehab, Anna C. Squicciarini, Smitha Sundareswaran, Statistics & Clustering Based Framework for Efficient XACML Policy Evaluation, IEEE International Symposium on Policies for Distributed Systems and Networks (Policy’09), London, UK, July 2009. [PDF]
  32. Anna C. Squicciarini, Mohamed Shehab, and Federica Paci, Collective Privacy Management in Social Networks, WWW 2009: 18th International World Wide Web Conference, Madrid, Spain, April, 2009. Acceptance rate: 11.8% (104/879). [PDF]
  33. Andrew Besmer, Heather Lipford, Mohamed Shehab, and Gorrell Cheek, Social Applications: Towards A Secure Framework. Proceedings of the 5th Symposium on Usable Privacy and Security (SOUPS), Mountain View, CA, 2009. [PDF]
  34. Mohamed Shehab, Anna C. Squicciarini and Gail-Joon Ahn, Beyond User-to-User Access Control for Online Social Networks, ICICS 2008: 10th International Conference on Information and Communications Security, Birmingham, UK, October, 2008. [PDF]
  35. Mohamed Shehab, Elisa Bertino and Arif Ghafoor, Proactive Role Discovery in Mediator-Free Environments, IEEE P2P’08: Eighth International Conference on Peer-to-Peer Computing, RWTH Aachen, Germany, September 8-11, 2008. [PDF]
  36. Gail-J. Ahn, Moonam Ko and Mohamed Shehab, Portable User-Centric Identity Management, Proc. of 23rd IFIP International Information Security Conference (SEC 2008), Milan, Italy – September 8 – 10, 2008. [PDF]
  37. Wenjuan Xu, Mohamed Shehab, Gail-Joon Ahn, Visualization Based Policy Analysis: Case Study in SELinux, in Proceedings of ACM Symposium of Access Control, Models and Technologies (SACMAT’08), Estes Park, CO, USA, June 2008. [PDF]
  38. Jing, Jin, Gail-Joon Ahn, Mohamed Shehab, Hongxin Hu, Towards Trust-aware Access Management for Ad-hoc Collaborations, IEEE International Workshop on Trusted Collaboration (TrustCol’07), White Plains, New York, November, 2007. [PDF]
  39. Mohamed Shehab, Elisa Bertino, Arif Ghafoor, Secure Collaboration in Mediator-Free Environments, in Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS), Alexandria, Virginia, November 2005. Acceptance rate: 15% (38/249). [PDF]
  40. Mohamed Shehab, Elisa Bertino, Arif Ghafoor, Efficient Hierarchical Key Generation and Key Diffusion for Sensor Networks, in Proceedings of the Second Annual IEEE Communications Society Conference on Sensor and AdHoc Communications and Networks (SECON), Santa Clara, California, USA, September 2005. [PDF]
  41. Mohamed Shehab, Elisa Bertino and Arif Ghafoor, SERAT : SEcure Role mApping Technique for Decentralized Secure Interoperability, in Proceedings of the ACM Symposium on Access Control, Models and Technologies (SACMAT’05), Stockholm, Sweden, June 2005, Acceptance rate: 21% (19/90). [PDF]

Technical Reports

  1. Yousra Javed, Mohamed Shehab, and Emmanuel Bello Ogunu, Investigating User Comprehension and Risk Perception of Apple’s Touch ID Technology, Technical Report SIS-TC-01-2016, November 6, 2016. [SIS-TC-01-2016 PDF]
  2. Mohamed Shehab, Moo Nam Ko. Survey of sharing practices in online social networks. Technical Report SIS-TC-01-06-2011., June 2011. [SIS-TC-01-06-2011 PDF]

Posters

  1. Fadi Mohsen, Mohamed Shehab, Emmanuel Bello-Ogunu, and Abeer Al Jarrah. 2014. POSTER: Android System Broadcast Actions Broadcasts Your Privacy. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS ’14). ACM, New York, NY, USA, 1484-1486. [doi]
  2. Mohamed Shehab, Fadi Mohsen, Securing OAuth Implementations In Smart Phones, Fourth ACM Conference on Data and Application Security and Privacy (CodaSpy 2014),  San Antonio, TX, USA, March 2014.
  3. Gorrell Cheek, Mohamed Shehab, Privacy Management for Online Social Networks, International World Wide Web Conference (WWW12), April, 2012. [doi]
  4. Said Marouf, Mohamed Shehab, SEGrapher: Visualization-based SELinux Policy Analysis, 4th Symposium on Configuration Analytics and Automation (SafeConfig 2011), Arlington, VA, USA, Nov 2011.
  5. Mohamed Shehab, Gorrell Cheek, Hakim Touati, Anna C. Squicciarini, Pau-Chen Cheng, Learning Based Access Control in Online Social Networks, WWW 2010: 19th International World Wide Web Conference, Raleigh, NC, April, 2010. (Poster)
  6. Mohamed Shehab, and Ebonie Williams, Web Application Diffusion in Online Social Networks. IEEE Symposium on Security & Privacy, Oakland, CA, May 2009. (Poster)
  7. Mohamed Shehab, Elisa Bertino and Arif Ghafoor, Secure Role Routing Protocol, 8th Annual Information Security Symposium, March 2007. (Poster)
  8. Mohamed Shehab, Ashish Kamra, Ozan Mindek, Secure Group Management in Peer-to-Peer, Work in Progress, 21st Annual Computer Security Applications Conference (ACSAC), Tuscan, Arizona, December 2005. (WIP)
  9. Mohamed Shehab, Elisa Bertino and Arif Ghafoor, SERAT : SEcure Role mApping Technique for Decentralized Secure Interoperability, five minutes poster at the 2005 IEEE Symposium on Security and Privacy, Oakland, California. (WIP)
  10. Mohamed Shehab, Elisa Bertino and Arif Ghafoor, Decentralized Secure Interoperability, Midwest DB Research Symposium, April 2005. (Poster)
  11. Mohamed Shehab, Elisa Bertino and Arif Ghafoor, SERAT : SEcure Role mApping Technique for Decentralized Secure Interoperability, 6th Annual Information Security Symposium, March 2005. (Poster)