Research Interests


AbdelRahman Abdou is an Assistant Professor at the School of Computer Science, Carleton University. He is the co-director of Carleton Internet Security Lab (CISL). His research interests include all aspects related to Internet Systems Security and large-scale Internet measurements.

Interest in these fields arises from the continuous evolution of the Internet and its usage. Due to its ever increasing complexities, the Internet's behaviour can no longer be easily anticipated nor analyzed. This is exacerbated by the growing trends of softwarizing physical infrastructure. Such trends did not stop at virtual machines and cloud computing paradigms, they rather extended to the network in the form of software-defined networks (SDNs) and network function virtualizations (NFVs). This evolution is intriguing, as it shifts the Internet to become a holistic body that could be abstracted as a single homogeneous system. In the same time, we continue the habit of attaching more devices to the Internet's edge; our traditional view of the Internet as a network of networks is now changing to a network of things (cf. IoT).

Prof. Abdou's research group deals with how Security similarly morphs, tackling issues related to securing the Internet as it evolves. Areas include the security of next generation networks (e.g., SDN, 5G), Internet-connected embedded and smart systems security (e.g., IoT and autonomous system), the security of cloud computing and content-distribution networks (CDNs), secure delegation of services and operations over the Internet, Internet security architectures (TLS, DNS security), and web security topics.

Security requires deep understanding of how systems work. Internet Measurements is a discipline focusing on methodologies by which we can measure parameters and behaviours in a scientific and reproducible manner. The global spread of vulnerabilities, attack patterns, and content popularity are example phenomena of interest. The discipline became increasingly important as it paves the way for innovations and security improvements. Prof. Abdou's group is also researching actively in this area, developing novel techniques for conducting large-scale sound Internet measurements to understand and solve Internet security problems. For a collection of measurement tools and datasets available online, check out this page.



See also my Google Scholar and Research Gate profiles.

Journal Publications


  1. Comparative Analysis and Framework Evaluating Mimicry-Resistant and Invisible Web Authentication Schemes
    F. Alaca, A. Abdou, P.C. van Oorschot.
    IEEE Transactions on Dependable and Secure Computing (TDSC, Vol.18. Num.2. pp:534-549. 2021).
    PDF      Cite

  2. Comparative Analysis of Control Plane Security of SDN and Conventional Networks
    A. Abdou, P.C. van Oorschot, T. Wan.
    IEEE Communications Surveys and Tutorials (COMST, Vol.20. Num.4. pp:3542-3559. 2018).
    PDF      Cite

  3. Server Location Verification (SLV) and Server Location Pinning: Augmenting TLS Authentication
    A. Abdou, P.C. van Oorschot.
    ACM Transactions on Privacy and Security (TOPS, Vol.21. Num.1. pp:1:1-1:26. 2018).
    PDF      Cite

  4. Location Verification of Wireless Internet Clients: Evaluation and Improvements
    A. Abdou, A. Matrawy, P.C. van Oorschot.
    IEEE Transactions on Emerging Topics in Computing (TETC, Vol.5. Num.4. pp:563-575. 2017).
    PDF      Cite

  5. CPV: Delay-based Location Verification for the Internet
    A. Abdou, A. Matrawy, P.C. van Oorschot.
    IEEE Transactions on Dependable and Secure Computing (TDSC, Vol.14. Num.2. pp:130-144. 2017); see a 2-page abstract summary below.
    Miscellaneous coverage: The Globe and Mail, Carleton Now, TechVibes, reddit, Slashdot, Schneier's blog,
    TheStack, TechRepublic, HP Enterprise, Hacker News, VPN Service Point.
    PDF      Cite

  6. Accurate One-Way Delay Estimation with Reduced Client-Trustworthiness
    A. Abdou, A. Matrawy, P.C. van Oorschot.
    IEEE Communications Letters (CL, Vol.19. Num.5. pp:735-738. 2015)
    PDF      Cite

  7. Taxing the Queue: Hindering Middleboxes from Unauthorized Large-Scale Traffic Relaying
    A. Abdou, A. Matrawy, P.C. van Oorschot.
    IEEE Communications Letters (CL, Vol.19. Num.1. pp:42-25. 2015)
    PDF      Cite

  8. A Survey on Forensic Event Reconstruction Systems
    A. Dabir, A. Abdou, A. Matrawy.
    International Journal of Information and Computer Security (IJICS, Vol.9. Num.4. pp:337-360. 2017)
    PDF      Cite

Conference and Workshop Publications, Refereed Abstracts, and Periodicals


  1. Why do Internet Devices Remain Vulnerable? A Survey with System Administrators
    T. Bondar, H. Assal, A. Abdou.
    NDSS Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb 2023)
    PDF      Cite      Presentation

  2. Applying Accessibility Metrics to Measure the Threat Landscape for Users with Disabilities
    J. Breton, A. Abdou.
    NDSS Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb 2023)
    PDF      Cite     

  3. Certificate Root Stores---An Area of Unity or Disparity?
    J. Purushothaman, E. Thompson, A. Abdou.
    Workshop on Cyber Security Experimentation and Test (CSET 2022)
    PDF      Cite      Kudos      Presentation

  4. Characterizing the Adoption of Security.txt Files and their Applications to Vulnerability Notification
    W. Findlay, A. Abdou.
    NDSS Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb 2022)
    PDF      Cite      Presentation

  5. Is Real-time Phishing Eliminated with FIDO? Social Engineering Downgrade Attacks against FIDO Protocols
    E. Ulqinaku, H. Assal, A. Abdou, S. Chiasson, S. Čapkun.
    USENIX Security Symposium (USENIX Sec. 2021)
    Miscellaneous coverage: see online Twitter thread.
    PDF      Cite

  6. Comparative Analysis of DoT and HTTPS Certificate Ecosystems
    A. Jahromi, A. Abdou.
    NDSS Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb 2021)
    PDF      Cite      Presentation

  7. Empirical Scanning Analysis of Censys and Shodan
    C. Bennett, A. Abdou, P.C. van Oorschot.
    NDSS Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb 2021)
    PDF      Cite      Presentation

  8. SoK: Delegation and Revocation, the Missing Links in the Web's Chain of Trust
    L. Chuat, A. Abdou, R. Sasse, C. Sprenger, D. Basin, A. Perrig.
    IEEE European Symposium on Security & Privacy (EuroS&P 2020)
    PDF      Cite

  9. UWB-ED: Distance Enlargement Attack Detection in Ultra-Wideband
    M. Singh, P. Leu, A. Abdou, S. Čapkun.
    USENIX Security Symposium (USENIX Sec. 2019)
    PDF      Cite

  10. Secure Client and Server Geolocation Over the Internet
    A. Abdou, P.C. van Oorschot.
    USENIX ;login: magazine, Spring 2018 issue.
    Miscellaneous coverage: covered in the APNIC Internet Registry blogs: blog 1, blog 2, blog 3.
    PDF      Cite

  11. Accurate Manipulation of Delay-based Internet Geolocation Distinguished Paper Award
    A. Abdou, A. Matrawy, P.C. van Oorschot.
    ACM Asia Conference on Computer and Communications Security (AsiaCCS 2017)
    PDF      Cite      Slides

  12. Verifying Geographic Location Presence of Internet Clients
    A. Abdou, A. Matrawy, P.C. van Oorschot.
    Two page refereed Abstract, and a Poster in the 37th IEEE Symposium on Security and Privacy. San Jose, CA, USA. 2016.
    Abstract      Poster

  13. What lies beneath? Analyzing automated SSH bruteforce attacks
    A. Abdou, D. Barrera, P.C. van Oorschot.
    Springer LNCS, Vol. 9551. (Passwords 2015)
    PDF      Cite

  14. Location Verification on the Internet: Towards Enforcing Location-aware Access Policies Over Internet Clients Nominated for Best Paper Award
    A. Abdou, A. Matrawy, P.C. van Oorschot.
    IEEE Conference on Communications and Network Security (CNS 2014)
    Miscellaneous coverage: featured in the quarterly cybersecurity knowledge digest of SERENE-RISC Smart Security Network.
    PDF      Cite

  15. Rump session summary of the 21st USENIX Security Symposium
    A. Abdou, S. Neti.
    USENIX ;login: magazine, December 2012 issue.
    Conference Reports

  16. Internet Geolocation: An Adversarial Perspective
    A. Abdou, Ashraf Matrawy, Paul C. van Oorschot.
    One page refereed Abstract, and a Poster in the 4th annual ISSNet Workshop. Kingston, ON, Canada. 2012.
    Poster

  17. A Novel Forwarding/Dropping Decision Engine for Wireless Multi-hop Ad-hoc Networks
    A. Abdou, M. Abou El-Nasr, O. Ismail.
    International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom 2009)
    PDF      Cite

Technical Reports


  1. Work in progress: Identifying Two-Factor Authentication Support in Banking Sites
    S.G. Morkonda, A. Abdou.
    Cornell University arXiv, arXiv:2202.06459, Feb 2022.
    PDF      Cite

  2. Certificate Root Stores: An Area of Unity or Disparity?
    J. Purushothaman, A. Abdou.
    Cornell University arXiv, arXiv:2110.11488, Oct 2021.
    PDF      Cite

  3. Is Real-time Phishing Eliminated with FIDO? Social Engineering Downgrade Attacks against FIDO Protocols
    E. Ulqinaku, H. Assal, A. Abdou, S. Chiasson, S. Čapkun.
    Cryptology ePrint Archive, Report 2020/1298, Oct 2020.
    PDF      Cite

  4. Proxy Certificates: The Missing Link in the Web's Chain of Trust
    L. Chuat, A. Abdou, R. Sasse, C. Sprenger, D. Basin, A. Perrig.
    Cornell University arXiv, arXiv:1906.10775, Jun 2019.
    PDF      Cite

  5. Comparative Analysis and Framework Evaluating Mimicry-Resistant and Invisible Web Authentication Schemes
    F. Alaca, A. Abdou, P.C. van Oorschot.
    Cornell University arXiv, arXiv:1708.01706, Aug 2017.
    PDF      Cite

  6. A Framework and Comparative Analysis of Control Plane Security of SDN and Conventional Networks
    A. Abdou, P.C. van Oorschot, T. Wan.
    Cornell University arXiv, arXiv:1703.06992, March 2017.
    PDF      Cite

  7. Server Location Verification and Server Location Pinning: Augmenting TLS Authentication
    A. Abdou, P.C. van Oorschot.
    Cornell University arXiv, arXiv:1608.03939, August 2016.
    PDF      Cite

  8. On the Evasion of Delay-Based IP Geolocation
    A. Abdou, A. Matrawy, P.C. van Oorschot.
    Carleton University Technical Report, #TR-14-03, June 2014.
    PDF      Cite

Theses


  1. Internet Location Verification: Challenges and Solutions
    PhD in Systems and Computer Engineering
    Carleton University, Ottawa, ON, Canada. 2015.
    PDF      Cite      Carleton CURVE      Collections Canada     

  2. Decision Engines for Multi-hop Ad-hoc Networks
    M.Sc. in Computer Engineering
    Arab Academy for Science and Technology (AAST), Egypt. 2010.