PhD Statement

PhD Thesis Title: A Security Framework To Combat The Attacks On Sip-Based VoIP Networks

Despite that, numerous research work has been carried out to secure VoIP networks, and official reports by IBM, Cisco, and FCC (Federal Communication Commission) put the picture that this does not discourage hackers from conducting malicious activities on private and public networks. Flood-based Denials of Service (DoS) cyberattacks are been treated as a major threat to the VoIP environment.  They are been executed by hackers from a remote location using an immense volume of fake traffic to occupy the resources to forbid legitimate traffic to pass through.  Mostly, the attackers’ target devices are the server and vulnerable clients in private networks, forcing them to consume all of their resources (processor, memory, and bandwidth). The situation is worst in case a network has a DDoS attack, which normally occurs when multiple attackers flood the resources of the targeted server/clients. Equipped with free numerous tools, attackers carry out DDoS attacks to exploit vulnerabilities in the network. . The malformed message attack is another threat that is been addressed in the study.  As mentioned by Federal Communication Commission, this form of attack consists of sending malformed messages (messages with overflow or underflow).  These messages are been sent to the server and hence, degrading its performance resulting in its failure to process normal messages, setup, and tear down calls.  The last problem considered was the registration hijacking attack where an attacker may alter the registration messages of the victim to redirect any messages to his/her destination, hence, devoid the victim from receiving calls.  In all cases, it could be very expensive for an organization. 

The principal significance of my PhD study was on the protection of people and data against cyberattacks on VoIP systems. Moreover, this study is valuable to the academic community since we have attempted to open the box by providing insights into many connecting areas like Artificial Intelligence, Machine Learning, Legal Issues, Cybercrime, etc. Finally, the study intends to guide the current businesses how to evaluate their existing security systems using a devised metrics system and showing manufacturers techniques to improve their Intrusion Detection System (IDS) or  Intrusion Detection & Prevention System (IDPS).

The outcome of my PhD study are:

• Firstly, I developed a new model DADMV (Depiction, Architecture, Detection, Mitigation & Validation) using a quantitative metrics mechanism to effectively analyse and evaluate VoIP defense systems. The model can help both the research community and industry to identify which VoIP system is most appropriate for implementation in the industry.  The model is useful in developing countries, where companies are actively migrating to SIP-based systems. Based on the model, it is concluded that to improve the efficiency (e.g. speed) and complexity of the prevention blocks, the objected-oriented paradigm could be used instead of the event-driven or normal functional and structural paradigm.  Moreover, the outcome of this model also conclude that, efficiency increases when designing prevention systems that cater to composite attacks.  

• Secondly, I developed several defense Intrusion Detection and Prevention Systems (IDPS) by using machine learning and deep learning concepts to mitigate the three concerned attacks DoS (Denial of Service)  & DDoS (distributed Denial of Service) flood attacks; Registration Hijacking attack and Malformed Message attack. Three important IDPSs which gave the outstanding results in terms of 9 KPIs: memory usage, processing time, accuracy, sensitivity, specificity, precision, F-measure,  false alarm and detection rate were based on Genetic algorithmic approach, bottom-up tracing mechanism and closest neighboring intrusion detection approach. 

• Finally, a Security VoIP Defence System (security framework) comprised of technical guidance with a focus on the legal aspects was developed to prevent SIP-based VoIP systems against the three concerned attacks DoS (Denial of Service)  & DDoS (distributed Denial of Service) flood attacks; Registration Hijacking attack and Malformed Message attack.  

My PhD Thesis quote: “Restrictions may evoke frustration, frustrations may evoke impulsion, impulsion may evoke aggression and aggression may lead to CRIME. Crime can be stopped by nurturing restrictions in the mind of the people by a well-defined criminal law.”

Scholarship: Tertiary Education Commission (TEC), Mauritius.

Supervisor: Professor (Dr) Nawaz Mohamudally, University of Technology, Mauritius

Examiners (Thesis & Viva): 

1. Professor Qusay H Mahmoud, University of Ontario Institute of Technology, Canada

2. Professor Kerry-Lynn Thomsun, Nelson Mandela University, South Africa

Patent, Licence & Certifications

1. INTERNATIONAL PATENT: South African Patent for inventing a method/system for Intrusion Detection and Prevention System, registered at the South African Patent Office, Republic of South Africa.

INVENTOR: Associate Professor (Dr.) Sheeba Armoogum

Valid period: March 2022 to March 2042

2. Certification of Completion for the Training programme on "ISMS based on ISO/IEC 27001:2022 and ISO/IEC 17021-1:2015 / ISO/IEC 27006-1:2024 and Related Requirements" organised by the National Accreditation Board for Certification Bodies (NABCB).

3. Research Ethics by TRREE (Training and Resources in Research Ethics Evaluation)

4. Research Ethics Evaluation by TRREE (Training and Resources in Research Ethics Evaluation)

5. Blockchain Developer Mastery Award by IBM

Funded Projects

1. Enhancing Assessment in ICT and Engineering Programmes through the Integration of AI-Driven Rubric Generation. (ongoing) 

2. Integrating Marine Ecology, Citizen Science and Artificial Intelligence in Studies on Crown-of-Thorns Starfish: Implications for Innovative Detection of potential outbreaks and management approaches around Mauritius, University of Mauritius in collaboration with Accenture Services (Mauritius) Ltd. (ongoing) 

3. “Morisia 2.0: Translation of Kreol Repiblik Moris to English and English to Kreol Repiblik Moris using Natural Language Processing and Deep Neural Machine Translation Techniques”, funded under the Higher Education Commission (HEC) Interdisciplinary /Inter-Institutional Team-Based Research Scheme, July 2023 (Completed).

4. Creole to English and English to Creole Machine Translation using Natural Language Processing Techniques and Deep Learning Neural Networks (Completed Mar 2020) | Tertiary Education Commission (TEC) Funded.

5. Faculty Flagship Innovative Project for Setting up of a Robotics Lab funded under the RFS-H: RH006 (Completed Jan 2021).

Research Groups

1. Group Lead for the Cyber Security & Forensics Research Group (CSFRG) : Click on CSFRG link for more details. 

Selected Publications

• “Breast Cancer Prediction Using Transfer Learning-Based Classification Model”, Emerging Science Journal (Q1), September 2024. 

• “A Machine Translation System for English to Kreol Repiblik Moris”, International Journal of Artificial Intelligence (Q2), 2024.

• “Clustering the Unlabelled Data Using a Modified Cat Swarm Optimization”,  Journal of Applied Data Sciences (Q2 Journal), September 2024.

• “Breast Cancer Prediction Using Metrics-Based Classification”,  Journal of Applied Data Sciences (Q2 Journal), September 2024.

• “Unveiling Criminal Activity: A Social Media Mining Approach to Crime Prediction”, Journal of Applied Data Sciences (Q2), September 2024.

• “Fraud Detection Using Enhanced Secure Machine Learning Algorithm for Wireless Communication”, Second  IEEE International Conference on Networks, Multimedia, and Information Technology (NMITCON-2024) , August 2024.

• “An Intrusion Detection in IoT Using Bidirectional Gated Recurrent Unit with Self Attention Network”, Second  IEEE International Conference on Networks, Multimedia, and Information Technology (NMITCON-2024), August 2024.

• “Effective Wind Turbine Fault Detection Using Multi-Objective Evolutionary Algorithm with Gated Recurrent Unit Classifier”, Second  IEEE International Conference on Networks, Multimedia, and Information Technology (NMITCON-2024) , August 2024.

• Keynote presentation “The Impact of Generative Artificial Intelligence on Digital Forensics”, 8th Global Webinar 2023 on Forensic Science, July 2023. (Authors: Sheeba Armoogum, Vinaye Armoogum)

• Keynote presentation “Cyber Resilience Approach Towards Financial Firms”, Economic Crime Prevention Conference 2023, July 2023.

• Innovative Teaching and Learning Methods at the University of Mauritius, ICT and Innovation in Teaching Learning Methods in Higher Education (Innovations in Higher Education Teaching and Learning, Vol. 45), Emerald Publishing Limited, Bingley, pp. 31-49, August 2022, ISBN: 978-1-80043-265-9.

• 1001 Business Tips from 101™ Cyber Security IT Experts, The Belmont Business Enterprise Centre Inc (BBEC), Western Australia, WA Inc. May 2022.

• A Study of Security Impacts and Cryptographic Techniques in Cloud-based e-Learning Technologies, International Journal of Advanced Computer Science and Applications IJACSA, Vol.13, Issue 1, pp: 58-66.

• Technology - A Cyber-Knife, University of Technology, Mauritius Magazine

• Issues and Challenges for Network Virtualisation, International Journal of Communication Networks and Information Security IJCNIS, Vol.13, Issue 2, pp: 206-214.

• A Comprehensive Review of Intrusion Detection and Prevention Systems against Single Flood Attacks in SIP-Based Systems, International Journal of Computer Networks and Information Security IJCNIS, Vol.13, Issue 6, pp:13-25.

• Resource Allocation in 4G and 5G Networks: A Review, International Journal of Communication Networks and Information Security IJCNIS.

• Morisia: A Neural Machine Translation System to Translate between Kreol Morisien and English, inTRAlinea: Online Translation Journal.

• Optimisation and Design Analysis of Yagi Antennas for Digital Television Broadcasting Services, International Journal of Advancements in Electronics and Electrical Engineering– IJAEEE, Volume 4 : Issue 1, pp:34 – 37.

• Towards Quantitative Metrics for Evaluation of VolP Security Systems, International Journal of Advances in Computer Networks and Its Security– IJCNS, Volume 5: Issue 1, pp:31 – 35.

• Analysis and Deployment of virtual honeypots to tract down intrusions, Journal of Telecommunications (JOT) Vol.11, Issue 2, pp.16-22.

• The Development of a LAN for DVB-T Transmission and DVB-S Reception with Designed QAM modulators and COFDM in the Island of Mauritius, International Journal of Wireless & Mobile Networks (IJWMN) Vol.3, No 6, pp. 71-90.

• A Novel Prevention Technique Using Deep Analysis Intruder Tracing with a Bottom-Up Approach Against Flood Attacks in VoIP Systems, Proceedings of the International Conference on Intelligent Computing & Optimization ICO 2021, Published in Springer series "Lecture Notes in Networks and Systems", Vol.371, ISBN 978-3-030-93247-3.

• An Analytical Review of Load Balancing in Heterogeneous Networks, Proceedings of the Future Technologies Conference (FTC), Published in Springer series "Lecture Notes in Networks and Systems", Vol.3, ISBN 978-3-030-89911-0.

• Challenges in Caching Strategies for Mobile Edge Computing, International Conference on Electrical, Computer, Communications and Mechatronics Engineering (ICECCME),Published in IEEE Xplore Digital Library, ISBN:978-1-6654-2943-6.

• The Impact of Internet of Things on the Domain Name System, Proceedings of 5th International Conference on Intelligent Computing and Control Systems (ICICCS), Published in IEEE Xplore Digital Library, ISBN:978-1-6654-1272-8.

•  A Comprehensive Review on Congestion Control Techniques in Networking, Proceedings of 5th International Conference on Computing Methodologies and Communication (ICCMC), Published in IEEE Xplore digital library, ISBN:978-1-6654-0360-3.

•  A Review of Mobile Ad hoc NETwork (MANET) Protocols and their Applications, Proceedings of 5th International Conference on Intelligent Computing and Control Systems (ICICCS), Published in IEEE Xplore digital library ISBN:978-1-6654-1272-8.

• Sorted Galloping Prevention Mechanisms against Denial of Service Attacks in SIP-based Systems, Proceedings of the 5th International Conference on Advanced Computing and Intelligent Engineering. Springer Nature (ISSN: 2194-5357), Indexed by ISI Proceedings & Elsevier Scopus.

• An Extended Genetic Algorithm based Prevention System against DoS/DDoS Flood attacks in VoIP Systems, Proceedings of the 5th International Conference on Advanced Computing and Intelligent Engineering. Springer Nature (ISSN: 2194-5357), Indexed by ISI Proceedings & Elsevier Scopus.

• Prevention of fraudulent activities against SIP-based flooding attacks using extended sorted quadratic algorithms, Proceedings of the 2nd International Conference on Intelligent and Innovative Computing Applications. Association for Computing Machinery (ACM), Article 25, 1–7. Indexed by Elsevier Scopus.

• Closest Adjacent Neighbour: A novel deep learning intruder detection technique in VoIP networks, Proceedings of the 2nd International Conference on Intelligent and Innovative Computing Applications. Association for Computing Machinery (ACM), Article 41, 1–7. Indexed by Elsevier Scopus.

• Software Defined Networks: Issues and Challenges, Proceedings of International Conference on Next Generation Computing Applications (NextComp), IEEE Xplore Digital Library. ISBN 978-1-7281-1460-6.

• Towards Smart Tourism: An individual appreciation of Porlwi-By-Light festival, Proceedings of IEEE International Conference on Emerging Technologies and Innovative Business Practices for the Transformation of Societies (EmergiTech),  IEEE Xplore Digital Library. ISBN 978-1-5090-0706-6.

• Survey of Practical Security Frameworks for Defending SIP Based VoIP Systems against DoS/DDoS Attacks, Proceedings of IST-Africa 2014 International Conference, IEEE Xplore Digital Library. ISBN 978-1-905824-43-4.