Quick links

Web security and malware prevention techniques

Web security and malware prevention techniques

E-commerce and e-government systems security, database security, web applications and web services security;

Professors

Dr. Pavol Zavarsky, Dr. Fehmi Jaafar

Sample research papers

  1. Md Shahrear Iqbal, Fehmi Jaafar, Mohammad Zulkernine, and Yuan Gu. FCFraud : Fighting Click-Fraud from User Side. IEEE High Assurance Systems Engineering Symposium. January 2016, Orlando, Florida, USA.
  2. Mohammad Shahrear Iqbal, Fehmi Jaafar, Mohammad Zulkernine, and Yuan Gu, Protecting internet users from becoming victimized attackers of click-fraud, Journal of Software:Evolution and Process, 20 pages, 2017.
  3. Devanshu Trivedi, Pavol Zavarsky, Sergey Butakov, Enhancing Relational Database Security by Metadata Segregation, 2nd International Workshop on Future Information Security, Privacy and Forensics for Complex systems (FISP-2016), Montreal, Canada, Aug. 15-18, 2016
  4. Monika LNU, Pavol Zavarsky, Dale Lindskog, Experimental Analysis of Ransomware on Windows and Android Platforms, 2nd International Workshop on Future Information Security, Privacy and Forensics for Complex systems (FISP-2016), Montreal, Canada, Aug. 15-18, 2016
  5. Parul Khana, Pavol Zavarsky, Dale Lindskog, Experimental Analysis of Tools Used for Doxing and Proposed New Transforms to Help Organizations Protect against Doxing Attacks, 2nd International Workshop on Future Information Security, Privacy and Forensics for Complex systems (FISP-2016), Montreal, Canada, Aug. 15-18, 2016
  6. Manbrinder Ghumman, Pavol Zavarsky, Ron Ruhl, Assessment of Effectiveness of Black-Box Vulnerability Scanners in Detection of SQL Injection in Web Services Environment, 2016
  7. Muhammad Parvez, Pavol Zavarsky, Nidal Khoury, Analysis of Effectiveness of Black-Box Web Application Scanners in Detection of Stored SQL Injection and Stored XSS Vulnerabilities, The 10th IEEE International Conference for Internet Technology and Secured Transactions (ICITST-2015), London, UK, Dec. 14-16, 2015
  8. Mirza Baig, Pavol Zavarsky, Ron Ruhl, Dale Lindskog, Study of Evasion of Packed PE from Static Detection, Proc. IEEE World Congress on Internet Security WorldCIS 2012, Guelf, Ontario, Canada, June 10 -12, 2012
  9. Muhammad Umair Saeed, Dale Lindskog, Pavol Zavarsky, Ron Ruhl, Two Techniques for Detecting Packed Portable Executable Files, IEEE International Conference on Information Society (i-Society 2013), Toronto, Canada, June 24-26, 2013
  10. Shafi Alassmi, Pavol Zavarsky, Dale Lindskog, Ron Ruhl, An Analysis of the Effectiveness of Black- Box Web Application Scanners in Detection of Stored XSS Vulnerabilities, International Conference on Computing, Communication and informatics Management (ICCCSIM 2012), Dubai, UAE, July 29- 30, 2012
  11. Boyan Chen, Pavol Zavarsky, Ron Ruhl, Dale Lindskog, A Study of the Effectiveness of CSRF Guard, Proceedings of the IEEE Int. Conference on Information Privacy, Security, Risk and Trust (IEEE PASSAT 2011), Massachusetts Institute of Technology, Boston, MA, USA, Oct. 9-11, 2011
  12. Nidal Khoury, Pavol Zavarsky, Dale Lindskog, Ron Ruhl, An Analysis of Black-Box Web Application Security Scanners against Stored SQL Injection, Proceedings of the IEEE International Conference on Information Privacy, Security, Risk and Trust (IEEE PASSAT 2011), MIT, Boston, MA, USA, October 9-11, 2011
  13. Nidal Khoury, Pavol Zavarsky, Dale Lindskog, Ron Ruhl, Testing and Assessing Web Vulnerability Scanners for Persistent SQL Injection Attacks, Proc. 1st Int. Workshop on Security and Privacy in e-Societies (SeceS 2011), Baabda, Lebanon, June 9-10, 2011
  14. Xiaoli Lin, Pavol Zavarsky, Ron Ruhl, and Dale Lindskog, Threat Modeling for CSRF Attacks, Proc. IEEE Int. Conference on Information Privacy, Security, Risk and Trust (IEEE PASSAT) 2009, Session C44 Trust and Security Models, Vancouver, BC, Canada, August 29-31, 2009
  15. Etienne Janot and Pavol Zavarsky, Preventing SQL Injections in Online Applications: Study, Recommendations and Java Solution Prototype based on the SQL DOM, Proc. OWASP Application Security Conference, Ghent, Belgium, May 19-22, 2008