Research Interests

# Social Engineering Threats + Web/Mobile Security & Privacy

• XAI and LLM enabled detection of phishing websites/URLs

• XAI and LLM enabled detection of smishing (SMS phishing) and vishing (voice phishing) attacks while ensuring complete user data privacy

• Graph-based visualization and analytics for same-origin campaign identification in phishing/smishing/vishing attacks

• Measurement studies to understand dark patterns and attack tactics inherent in phishing websites/webpages 

• Effects of Deepfakes in Social Engineering attacks, and how to detect Deepfake audio, video, and image effectively.  

• Security analysis of Facial Recognition/Biometric based authentication/authorization mechanisms 

• Investigate effective and robust methods to detect XSS, SQL injection, and other OWASP top 10 vulnerabilities

# Event-themed Cybercrimes and Fraud Campaigns

• Use of XAI and Unsupervised Learning strategies to understand cybercrimes and fraudulent campaigns in web triggered by any new uncertain world events (e.g., natural disaster, humanitarian disasters, epidemic/pandemic)

• Propose defense framework to proactively monitor and defend against event-themed cybercrimes and fraud campaigns

# Decision-Support System for Cybersecurity

• Designing intelligent decision-support system to aid cyber defenders' decision-making for mitigating cyber attacks.   

# Trustworthy AI for Cybersecurity

• Enable trustworthy and explainable AI for building more robust and reasoning-based cyber defense systems.   

• Propose new evaluation metrics and/or make fusion of existing metrics for trustworthy decision making

# Blockchain Security and Security of Blockchain

• Applying decentralized, immutable and unalterable blockchain for ensuring trust and security of threat sharing among entities

• Building robust and attack resilient blockchain 

• Secure and trustworthy consensus algorithm in blockchain

# AR/VR Security and Privacy

• How attackers can bypass security vulnerabilities embedded in current AR/VR devices?

• How AR/VR can breach user privacy and how to ensure safe and privacy-aware AR/VR systems?

• Evaluate the communication security of AR/VR based communication. 

# Human Factors in Security

• Design Phishing detection challenges to understand the current state of user preparedness and evaluate the state-of-the-art user-centric defenses against web-based, email-based, SMS-based social engineering attacks 

# Threat Hunting and Cyber Education

• Develop effective experiential learning approaches for advanced security analytics and threat hunting education

• Develop hands-on modules for teaching and training students on Trustworthy AI for Cybersecurity

• Develop Modules and Training materials for preparedness against AI Based Social Engineering Attacks   

# Mitigating Cyber Social Threats

• NLP and LLMs to detect various Cyber Social Threats such as themed misinformation, cyber bullying, abusive messages in social networking and messaging platforms.  

# Detection of Code Smells (Weaknesses) 

• Automated detection of code smells and mapping CVEs with vulnerable codes to automatically classify vulnerability types

# IoT, CPS, UAV Security

• Detection of Security vulnerabilities within IoT, CPS, and UAVs (e.g., Drones)

• Injection attack-based manipulation of UAV networks (e.g., FANETs)

• AI-enabled security of CPS/IoT

• XAI-enabled intrusion detection systems for IoT and critical infrastructure systems

# Web Security Ontology and Knowledge Graphs

• Building a comprehensive web security attack and defense ontology with knowledge graphs (KG) for defense recommendation against web-based attacks

Publications

Peer-reviewed Conference/Workshop Papers

1. F. H. Bappy, T. S. Zaman, M. S. Islam Sajid, M. M. Ahsan Pritom and T. Islam, "Maximizing Blockchain Performance: Mitigating Conflicting Transactions through Parallelism and Dependency Management," 2024 IEEE International Conference on Blockchain (Blockchain), Copenhagen, Denmark, 2024, pp. 140-147, doi: 10.1109/Blockchain62396.2024.00027.

2. Ashfak Md Shibli, Mir Mehedi A. Pritom and Maanak Gupta, "AbuseGPT: Abuse of Generative AI Chatbots to Create Smishing Campaigns," 2024 IEEE International Symposium of Digital Forensics and Security (ISDFS), San Antonio, TX, USA, 2024. (accepted, printing in-progress)

3. T. Islam, F. H. Bappy, T. Shaila Zaman, M. S. Islam Sajid and Mir Mehedi A. Pritom, "MRL-PoS: A Multi-agent Reinforcement Learning based Proof of Stake Consensus Algorithm for Blockchain," 2024 IEEE 14th Annual Computing and Communication Workshop and Conference (CCWC), Las Vegas, NV, USA, 2024, pp. 0409-0413, doi: 10.1109/CCWC60891.2024.10427777.

4. F. H. Bappy, T. Islam, T. S. Zaman, M. S. I. Sajid and Mir Mehedi A. Pritom, "ConChain: A Scheme for Contention-Free and Attack Resilient BlockChain," 2024 IEEE 21st Consumer Communications & Networking Conference (CCNC), Las Vegas, NV, USA, 2024, pp. 1054-1055, doi: 10.1109/CCNC51664.2024.10454692.

5. Mir Mehedi A. Pritom and S. Xu, "Supporting Law-Enforcement to Cope with Blacklisted Websites: Framework and Case Study," 2022 IEEE Conference on Communications and Network Security (CNS), Austin, TX, USA, 2022, pp. 181-189, doi: 10.1109/CNS56114.2022.9947260. [Paper link]

6. Mir Mehedi A. Pritom, and S. Xu, "Trustworthy and Interpretable Quantification of Domain Misuse for Web Hosting and URL Shortener Services'' [Paper submission in progress].    

7. Mir Mehedi A. Pritom, K. M. Schweitzer, R. M. Bateman, M. Xu, and S. Xu, "Data-Driven Characterization and Detection of COVID-19 Themed Malicious Websites," 2020 IEEE International Conference on Intelligence and Security Informatics (ISI), Arlington, VA, 2020, pp. 1-6, doi: 10.1109/ISI49825.2020.9280522. [Paper link]

8. Mir Mehedi A. Pritom, K. M. Schweitzer, R. M. Bateman, M. Xu, and S. Xu, "Characterizing the Landscape of COVID-19 Themed Cyberattacks and Defenses," 2020 IEEE International Conference on Intelligence and Security Informatics (ISI), Arlington, VA, 2020, pp. 1-6, doi: 10.1109/ISI49825.2020.9280539. [Paper link]

9. A. Niakanlahiji, Mir Mehedi A. Pritom, B. Chu and E. Al-Shaer, "Predicting Zero-day Malicious IP Addresses'', In Proceedings of the 2017 Workshop on Automated Decision Making for Active Cyber Defense (SafeConfig '17). Association for Computing Machinery, New York, NY, USA, 1–6. doi:10.1145/3140368.3140369. [Paper link]   

10. Mir Mehedi A. Pritom, C. Li, B. Chu, X. Niu, "A Study on Log Analysis Approaches Using Sandia Dataset'', 26th International Conference on Computer Communication and Networks (ICCCN), Vancouver, BC, 2017, pp. 1-6, doi: 10.1109/ICCCN.2017.8038522. [Paper link]

11. M. N. Sakib Miazi, Mir Mehedi A. Pritom, M. Shehab, B. Chu, J. Wei, "The Design of Cyber Threat Hunting Games: A Case Study'', 26th International Conference on Computer Communication and Networks (ICCCN), Vancouver, BC, 2017, pp. 1-6, doi: 10.1109/ICCCN.2017.8038527. [Paper link]

Peer-reviewed Journal Articles

1. Songlin He, Eric Ficke, Mir Mehedi A. Pritom, Huashan Chen, Qiang Tang, Qian Chen, Marcus Pendleton, Laurent Njilla, Shouhuai Xu, "Blockchain-based automated and robust cyber security management", Journal of Parallel and Distributed Computing, Vol 163, 2022, Pages 62-82, ISSN 0743-7315, https://doi.org/10.1016/j.jpdc.2022.01.002. (Impact factor: 3.734) [Paper link]

2. Mir Mehedi A. Pritom, Sujan Sarker, Md. Abdur Razzaque, M. Mehedi Hassan, M. Anwar Hossain, and Abdulhameed Alelaiwi, "A Multiconstrained QoS Aware MAC Protocol for Cluster-based Cognitive Radio Sensor Networks", International Journal of Distributed Sensor Networks (IJDSN), Article ID 262871, Dec 2014. SCIE. (Impact factor: 1.787) [Used as part of B.Sc. thesis work] [Paper link]

Patensts

1. Shouhuai Xu, Songlin HE, Eric Ficke, Mir Mehedi Ahsan Pritom, Huashan CHEN, Qiang Tang, Qian Chen, Marcus Pendleton, Laurent Njilla, "Method and system for blockchain-based cyber security management", Publication of US patent #US20230042816A1, February 2023. [Patent link]

Pre-Prints/Project Reports

1. Mir Mehedi A. Pritom, Rosana Montanez Rodriguez, Asad Ali Khan, Sebastian A. Nugroho, Esra'a Alrashydah, Beatrice N. Ruiz, and Anthony Rios, "Case Study on Detecting COVID-19 Health-Related Misinformation in Social Media.'', arXiv preprint 2021, https://arxiv.org/abs/2106.06811 [Paper link]

2. Mir Mehedi A. Pritom, M. N. Sakib Miazi, and Zahid Anwar "Reputation Analysis of Public Threat Data Feeds" (PDF for the report)

Posters

1. Mir Mehedi A. Pritom, A. Niakanlahiji, B. Chu, “POSTER: Proactive Connection Blocking Based on Cyber Threat Intelligence (CTI)”, 17th Annual Graduate Research Symposium at UNC Charlotte, March 2017. 

Relevant Machine Learning/Data Mining/NLP/AI Conference Venues for academia:

• ICML [CORE A*]

• AAAI Conference on AI [CORE A*]

• ACM KDD [CORE A*]

• NeurIPS [CORE A*]

• IEEE ICDM [CORE A*]

• ECML-PKDD  [CORE A]

• IJCAI [CORE A*]

• IEEE BigData  [CORE B]

• EMNLP [CORE A*]

• ECAI [CORE A]

• NAACL [CORE A]

• ACL [CORE A*]

• IEEE ICMLA [CORE C]

• WSDM [CORE A]

Security Conference/Journal Venue Reputation Analysis Resources:

• https://tippenhauer.de/post/googles-security-conferencejournal-ranking-2023/ 

• https://secprivmeta.net/#/secPriveMeta 

• http://jianying.space/conference-ranking.html 

• https://people.engr.tamu.edu/guofei/sec_conf_stat.htm 

• https://portal.core.edu.au/conf-ranks/