Research Interests


AbdelRahman Abdou is an Assistant Professor at the School of Computer Science, Carleton University. He is the co-director of Carleton Internet Security Lab (CISL). His research interests include all aspects related to Internet Systems Security and large-scale Internet measurements.

Interest in these fields arises from the continuous evolution of the Internet and its usage. Due to its ever increasing complexities, the Internet's behaviour can no longer be easily anticipated nor analyzed. This is exacerbated by the growing trends of softwarizing physical infrastructure. Such trends did not stop at virtual machines and cloud computing paradigms, they rather extended to the network in the form of software-defined networks (SDNs) and network function virtualizations (NFVs). This evolution is intriguing, as it shifts the Internet to become a holistic body that could be abstracted as a single homogeneous system. In the same time, we continue the habit of attaching more devices to the Internet's edge; our traditional view of the Internet as a network of networks is now changing to a network of things (cf. IoT).

Prof. Abdou's research group deals with how Security similarly morphs, tackling issues related to securing the Internet as it evolves. Areas include the security of next generation networks (e.g., SDN, 5G), Internet-connected embedded and smart systems security (e.g., IoT and autonomous system), the security of cloud computing and content-distribution networks (CDNs), secure delegation of services and operations over the Internet, Internet security architectures (TLS, DNS security), and web security topics.

Security requires deep understanding of how systems work. Internet Measurements is a discipline focusing on methodologies by which we can measure parameters and behaviours in a scientific and reproducible manner. The global spread of vulnerabilities, attack patterns, and content popularity are example phenomena of interest. The discipline became increasingly important as it paves the way for innovations and security improvements. Prof. Abdou's group is also researching actively in this area, developing novel techniques for conducting large-scale sound Internet measurements to understand and solve Internet security problems.



See also my Google Scholar, Microsoft Academic, and Research Gate profiles.

Journal Publications


  1. Comparative Analysis and Framework Evaluating Mimicry-Resistant and Invisible Web Authentication Schemes
    F. Alaca, A. Abdou, P.C. van Oorschot.
    IEEE Transactions on Dependable and Secure Computing (TDSC, to appear; accepted Feb 10, 2019).
    PDF      Cite

  2. Comparative Analysis of Control Plane Security of SDN and Conventional Networks
    A. Abdou, P.C. van Oorschot, T. Wan.
    IEEE Communications Surveys and Tutorials (COMST, Vol.20. Num.4. pp:3542-3559. 2018).
    PDF      Cite

  3. Server Location Verification (SLV) and Server Location Pinning: Augmenting TLS Authentication
    A. Abdou, P.C. van Oorschot.
    ACM Transactions on Privacy and Security (TOPS, Vol.21. Num.1. pp:1:1-1:26. 2018).
    PDF      Cite

  4. Location Verification of Wireless Internet Clients: Evaluation and Improvements
    A. Abdou, A. Matrawy, P.C. van Oorschot.
    IEEE Transactions on Emerging Topics in Computing (TETC, Vol.5. Num.4. pp:563-575. 2017).
    PDF      Cite

  5. CPV: Delay-based Location Verification for the Internet
    A. Abdou, A. Matrawy, P.C. van Oorschot.
    IEEE Transactions on Dependable and Secure Computing (TDSC, Vol.14. Num.2. pp:130-144. 2017); see a 2-page abstract summary below.
    Miscellaneous coverage: The Globe and Mail, Carleton Now, TechVibes, reddit, Slashdot, Schneier's blog,
    TheStack, TechRepublic, HP Enterprise, Hacker News, VPN Service Point.
    PDF      Cite      Demo

  6. Accurate One-Way Delay Estimation with Reduced Client-Trustworthiness
    A. Abdou, A. Matrawy, P.C. van Oorschot.
    IEEE Communications Letters (CL, Vol.19. Num.5. pp:735-738. 2015)
    PDF      Cite

  7. Taxing the Queue: Hindering Middleboxes from Unauthorized Large-Scale Traffic Relaying
    A. Abdou, A. Matrawy, P.C. van Oorschot.
    IEEE Communications Letters (CL, Vol.19. Num.1. pp:42-25. 2015)
    PDF      Cite

  8. A Survey on Forensic Event Reconstruction Systems
    A. Dabir, A. Abdou, A. Matrawy.
    International Journal of Information and Computer Security (IJICS, Vol.9. Num.4. pp:337-360. 2017)
    PDF      Cite

Conference Publications, Refereed Abstracts, and Periodicals


  1. SoK: Delegation and Revocation, the Missing Links in the Web's Chain of Trust
    L. Chuat, A. Abdou, R. Sasse, C. Sprenger, D. Basin, A. Perrig.
    IEEE European Symposium on Security & Privacy (EuroS&P 2020)
    PDF      Cite

  2. UWB-ED: Distance Enlargement Attack Detection in Ultra-Wideband
    M. Singh, P. Leu, A. Abdou, S. Capkun.
    USENIX Security Symposium (USENIX Sec. 2019)
    PDF      Cite

  3. Secure Client and Server Geolocation Over the Internet
    A. Abdou, Paul C. van Oorschot.
    USENIX ;login: magazine, Spring 2018 issue.
    Miscellaneous coverage: covered in the APNIC Internet Registry blogs: blog 1, blog 2, blog 3.
    PDF      Cite

  4. Accurate Manipulation of Delay-based Internet Geolocation Distinguished Paper Award
    A. Abdou, A. Matrawy, P.C. van Oorschot.
    ACM Asia Conference on Computer and Communications Security (AsiaCCS 2017)
    PDF      Cite      Slides

  5. Verifying Geographic Location Presence of Internet Clients
    A. Abdou, A. Matrawy, Paul C. van Oorschot.
    Two page refereed Abstract, and a Poster in the 37th IEEE Symposium on Security and Privacy. San Jose, CA, USA. 2016.
    Abstract      Poster

  6. What lies beneath? Analyzing automated SSH bruteforce attacks
    A. Abdou, D. Barrera, P.C. van Oorschot.
    Springer LNCS, Vol. 9551. (Passwords 2015)
    PDF      Cite

  7. Location Verification on the Internet: Towards Enforcing Location-aware Access Policies Over Internet Clients Nominated for Best Paper Award
    A. Abdou, A. Matrawy, P.C. van Oorschot.
    IEEE Conference on Communications and Network Security (CNS 2014)
    Miscellaneous coverage: featured in the quarterly cybersecurity knowledge digest of SERENE-RISC Smart Security Network.
    PDF      Cite

  8. Rump session summary of the 21st USENIX Security Symposium
    A. Abdou, S. Neti.
    USENIX ;login: magazine, December 2012 issue.
    Conference Reports

  9. Internet Geolocation: An Adversarial Perspective
    A. Abdou, Ashraf Matrawy, Paul C. van Oorschot.
    One page refereed Abstract, and a Poster in the 4th annual ISSNet Workshop. Kingston, ON, Canada. 2012.
    Poster

  10. A Novel Forwarding/Dropping Decision Engine for Wireless Multi-hop Ad-hoc Networks
    A. Abdou, M. Abou El-Nasr, O. Ismail.
    International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom 2009)
    PDF      Cite

Technical Reports


  1. Is Real-time Phishing Eliminated with FIDO? Social Engineering Downgrade Attacks against FIDO Protocols
    E. Ulqinaku, H. Assal, A. Abdou, S. Chiasson, S. ńĆapkun.
    Cryptology ePrint Archive, Report 2020/1298, Oct 2020.
    PDF      Cite

  2. Proxy Certificates: The Missing Link in the Web's Chain of Trust
    L. Chuat, A. Abdou, R. Sasse, C. Sprenger, D. Basin, A. Perrig.
    Cornell University arXiv, arXiv:1906.10775, Jun 2019.
    PDF      Cite

  3. Comparative Analysis and Framework Evaluating Mimicry-Resistant and Invisible Web Authentication Schemes
    F. Alaca, A. Abdou, P.C. van Oorschot.
    Cornell University arXiv, arXiv:1708.01706, Aug 2017.
    PDF      Cite

  4. A Framework and Comparative Analysis of Control Plane Security of SDN and Conventional Networks
    A. Abdou, P.C. van Oorschot, T. Wan.
    Cornell University arXiv, arXiv:1703.06992, March 2017.
    PDF      Cite

  5. Server Location Verification and Server Location Pinning: Augmenting TLS Authentication
    A. Abdou, P.C. van Oorschot.
    Cornell University arXiv, arXiv:1608.03939, August 2016.
    PDF      Cite

  6. On the Evasion of Delay-Based IP Geolocation
    A. Abdou, A. Matrawy, P.C. van Oorschot.
    Carleton University Technical Report, #TR-14-03, June 2014.
    PDF      Cite

Theses


  1. Internet Location Verification: Challenges and Solutions
    PhD in Systems and Computer Engineering
    Carleton University, Ottawa, ON, Canada. 2015.
    PDF      Cite      Carleton CURVE      Collections Canada     

  2. Decision Engines for Multi-hop Ad-hoc Networks
    M.Sc. in Computer Engineering
    Arab Academy for Science and Technology (AAST), Egypt. 2010.