Networking, Security, and Cloud Research (NSCR)

NSCRNetworking, Security, and Cloud Research (NSCR) is a part of the School of Computing, Engineering and Mathematics at the Western Sydney University and is led by Dr. Seyed Shahrestani. The team focuses on security, reliability, performance, and quality of service of large-scale networked systems. The team approach is based on a complementary mix of theoretical, conceptual, applied, and experimental research. Our research spans a broad range of topics including

  • ICT and Networking (Wireless and Mobile Networks, Ad hoc Networks, Sensor Networks, Performance Modeling and Analysis, and Application of AI in Networked Systems).
  • Pervasive Computing (Ubiquitous computing and Internet of Things).
  • Security (Traditional Network Security, Reliable Wireless Networks, and Secure Cloud Computing).
  • Grid/Cloud Computing and eResearch (Performance Evaluations, Network-based Education, eHealth, and Workflow Management Systems).

Key People

Research Grants

  • Wireless/Mobile Community Healthcare, $43,934, Western Sydney University.
  • Intelligent Motion Control, $5,000, Western Sydney University
  • Equity through online Education, $5,000, Western Sydney University.
  • Western Sydney University and Cisco Strategic Alliance, $982,500, Cisco Systems.

Some Indicative Research Projects

eVillage for Rural Areas

Supervisory Panel: Dr. Seyed A. Shahrestani and Dr. Chun Ruan

Student: Farnaz Farid (PhD Candidate)

Award: The APA scholarship

Summary: Heterogeneous wireless networks expand the network capacity and coverage by leveraging the network architecture and resources in a dynamic fashion. However, due to the presence of different communication technologies, the Quality of Service (QoS) evaluation, management, and monitoring of these networks are very challenging tasks. Each communication technology has its characteristics while the applications utilising them have their QoS requirements. Most current methods are based on analysing the QoS of each application or access network separately. However, these methods do not combine the performance of all the applications and the radio access networks while reporting the QoS of the overall configuration. Therefore, it is hard to get any aggregate performance results using these methods.
To fill this gap, in this thesis, a methodical approach is adopted for the QoS analysis of these types of networks. At first, the approach uses a simple fixed weight-based method and then moves to a more complex dynamic weight-based method and in the end integrates the concepts of fuzzy logic. The proposed methods consider the significance of QoS-related parameters, the available network-based applications, and the available Radio Access Networks (RANs) to characterise the network performance with a set of three integrated QoS metrics. The first metric denotes the performance of each possible application. The second one represents the performance of each active RAN on the network while the third metric characterises the QoS level of the entire network configuration.

To investigate the efficiency of the designed approach, a diverse range of simulation studies utilising different heterogeneous network-based service models are carried out. OPNET is used as the simulator. The simulation results indicate that the approach in this work facilitates better management and monitoring of heterogeneous network configurations and applications utilising them. The simulation studies also show that using the unified metrics, one can choose the most appropriate network configuration for a particular application or service from a catalogue of available configurations. This is done based on the ranking of all network configurations being investigated for their service suitability. Overall, the outcomes from the simulation results analysis clearly demonstrate that the proposed methods can significantly improve the QoS analysis of the heterogeneous networks.

Privacy of Location Based Services in the Internet of Things

Supervisory Panel: Dr. Seyed A. Shahrestani and Dr. Hon Cheung

Student: Mahmoud Elkhodr (PhD Candidate)

Award: The IPRS scholarship and APA award

Summary: The Internet of Things (IoT) refers to a usually massive interconnection of network applications, computers, and many other physical and virtual objects devices or things. Sensors and actuators are of particular interest in IoT. Diverse communication technologies connect the things together. However, wireless LANs, mobile systems, Bluetooth, ZigBee and similar evolving technologies play dominant roles for that. This paradigm is a major shift from an essentially computer-based network model to a fully distributed network of smart objects. This shift poses serious challenges in terms of architecture, connectivity, efficiency, and provision of services among many others. But perhaps, security concerns, and more specifically privacy related issues top the list of the major challenges. The seamless interconnectivity of things, envisioned in the IoT, highlights the complexity of realizing location privacy in this global infrastructure. To achieve location privacy, objects, specifically those which have access to the personal information of users, should not be allowed to communicate in an uncontrolled manner. Therefore, the key objective of this research is to investigate the extent of privacy related problems for users of location-based services sharing their information with other users or objects in an IoT environment. It will then move to identify ways to address these issues or to alleviate their impacts.

Secure Cloud Computing

Supervisory Panel: Dr. Seyed A. Shahrestani and Prof. Athula Gingie

Student: Farhad Ahmad (PhD Candidate)

Summary: Providing consistent security and privacy solutions for cloud computing environments is an essential requirement for their wide spread acceptance. Securing the cloud infrastructure operations for the purpose of achieving an end to end confidentiality, privacy, and trust, at both ends of the communication, comes with many challenges. Due to the conceptual development of the cloud architecture and its multi-tenancy system, new security vulnerabilities are on the rise. Therefore, the main aim of this research is to investigate sustainable solutions for cloud computing in order to maintain an adequate level of trust between the cloud service provider and its clients.

QoS-based Resource Allocation for Cognitive Radio Networks

Supervisory Panel: Dr. Seyed A. Shahrestani and Dr. Hon Cheung

Student: Nabil Giweli (PhD Candidate)

Award: The dean medal in the SCEM


The rapidly growing number of devices using wireless communication technologies has led to Radio Spectrum (RF) scarcities concerns. The Cognitive Radio (CR) technology offers promising solutions for efficient utilization of the available RF. As such, the CR is considered as one of the key technologies for future networks, including 5G and IoT. Essentially the CR is based on determining the un-occupied spectrums, the spectrum white spaces or holes and accessing them when practical. The holes are the frequencies that remain unused by the licensed user, or the Primary User (PU). A device with CR capability, a Secondary User (SU), senses the surrounding spectrum periodically to detect the appearance of the PU in the currently used channel to determine the available spectrum holes. The operation of CR device requires the execution of mainly four functions.

  • Spectrum sensing: sense the surrounding RF to determine spectrum holes and to detect the presence of the relevant PU.
  • Spectrum decision: analyze and decide which spectrum hole is the most suitable one, meeting the running application requirements.
  • Spectrum sharing: share the available spectrum holes with other SUs as fairly as possible.
  • Spectrum mobility: seamlessly switch to another suitable spectrum hole to avoid interference with a detected PU that may wish to start using its licensed frequencies.

One of the primary challenges in adoption of CR solutions is how to reduce the QoS degradation caused by the CR functions. The main aim of this study is identifying methodical ways to evaluate and improve the overall QoS levels in CR networks. After classifying spectrum sensing methods and assessing their effects and impacts on QoS levels, a scheme for optimizing the resource allocations will be proposed. This scheme will be based on Fuzzy logic and Game theory. The main outcome of this study is a systematic selection of the sensing methods leading to a better cross-layer CR design for optimum performance, taking into account both the required QoS levels and efficient RF utilization.

Secure Access Control Framework for Big Data

Supervisory Panel: Dr Seyed Shahrestani and Dr Chun Ruan

Student: Mohammed Al-Zobbi (PhD Candidate)Summary: An obvious need for management of the Big Data and its related concepts is the development of a comprehensive access control model. This research investigates the security concerns in the rapidly growing area of the Big Data. Managing the access to a large size of data with multi-domain users brings about many difficult challenges. Data may be analyzed to reveal patterns and association. Securing data access over the cloud is an essential task, given the Big Data ubiquitous use and intensive access potentials. Role-Based Access Control Model (RBAC) is inefficient in Big Data access management, due to its implementation complexity and security weaknesses. Attribute-Based Access Control Model (ABAC) is still under development as an active area of research. The research goal is to develop a proper framework to account for the complexity of Big Data access control processes and mitigate the potential security breaches in such environments.

Enhancing the Security of Software Defined Networks

Supervisory Panel: Dr Seyed Shahrestani and Dr Chun Ruan

Student: Ahmed  Dawoud (PhD Candidate)

Software defined networks (SDNs) introduce a novel paradigm for data communications. SDN architecture separates the control and forward planes. This architecture presents new characteristics in terms of the centralization and network programmability. In this paradigm, 'Controller' is the main entity that administers the entire network operations and processes. As such, it should be considered as an attractive target for attackers and intruders. To alleviate the security concerns, separation of the control and the data planes may be considered. However, such a separation results in increases in latency and decreases in the network throughput. Clearly, pointing to the usual trade-off between the security and performance levels.

This work aims to develop a framework for SDN intrusion detection, focusing on the protection of the controller. The research starts with threat analyses to identify the controller threat list to be considered. It also defines the performance requirements for the overall SDN. Extensive simulation studies will be used to evaluate the proposed framework in terms of both security enhancements and meeting the performance metrics.