Filter by type:

Sort by year:

On-Premises versus Cloud Computing: A Comparative Analysis of Energy Consumption

Conference paper
Rrezearta Thaqi, Mihrije Kadriu, Bujar Krasniqi, Blerim Rexha
2024 International Conference on Renewable Energies and Smart Technologies (REST)
Publication year: 2024

As the digital economy expands, the demand for energy by data centers increases, becoming a critical issue for global energy sustainability. According to the International Energy Agency data centers are now responsible for about 1.5% of global energy consumption, with projections suggesting a substantial increase by 2030. This surge underscores the urgent need for a thorough analysis of energy use in these facilities, particularly given their significant environmental impacts and the operational challenges they pose. In response, our approach involves a review of existing literature and secondary data analysis to evaluate energy consumption patterns and efficiency measures in both environments. The analyses highlight that cloud data centers, despite their scalability and shared infrastructure benefits, still pose considerable energy challenges due to high operational demands and low server utilization rates. Conversely, on-premises data centers exhibit variable energy consumption based on size, architecture, and management practices. Our findings underscore the importance of optimizing both cloud and on-premises infrastructures to enhance energy efficiency. In conclusion, this study provides critical insights into the environmental impacts of different data center configurations, advocating for continued research and development of energy-efficient technologies and strategies.

Machine Learning Boosted Trees Algorithms in Cybersecurity: A Comprehensive Review

Conference paper
Vegim Bytyqi, Blerim Rexha
Advances in Information and Communication. FICC 2024. Lecture Notes in Networks and Systems, vol 920, pp. 158–173.
Publication year: 2024

Abstract

In the ever-evolving landscape of cybersecurity, the integration of machine learning algorithms has become imperative to effectively detect and prevent cyber-attacks. This paper presents a comprehensive comparative study of three powerful boosted tree algorithms: XGBoost, CatBoost, and LightGBM, for network intrusion detection using the CICIDS2017 dataset, pre-processing the data to ensure its reliability, and utilizing the Chi-squared approach for feature selection. Detection model evaluation is performed using precision, recall, and F1-score, shedding light on the performance of each algorithm. Addressing challenges such as explainability and imbalanced data, we explore how these algorithms can enhance the security of digital systems. The literature review highlights the growing interest in the application of boosted trees in cybersecurity. Previous research has showcased the promising results of these algorithms in detecting and mitigating various cyber threats, making them valuable tools for fortifying digital security. XGBoost emerges as the most suitable choice, offering competitive accuracy while being faster in both training and prediction compared to the other algorithms. Additionally, SHAP values help identify key features influencing XGBoost’s predictions, with “Destination Port,” “Init Win bytes backward,” and “Init Win bytes forward” standing out as crucial contributors. The insights gained from this research can aid in developing more robust and transparent intrusion detection systems, by leveraging the power of machine learning algorithms, thus contributing to ongoing efforts in fortifying digital security against a constantly evolving threat landscape.

Keywords

Guarding the Cloud: An Effective Detection of Cloud-Based Cyber Attacks Using Machine Learning Algorithms

Journal paper
Blerim Rexha, Rrezearta Thaqi, Artan Mazrekaj, Kamer Vishi
International Journal of Online and Biomedical Engineering
Publication year: 2023

ABSTRACT

Cloud computing has gained significant popularity due to its reliability and scalability, making it a compelling area of research. However, this technology is not without its challenges, including network connectivity dependencies, downtime, vendor lock-in, limited control, and most importantly, its vulnerability to attacks. Therefore, guarding the cloud is the objective of this paper, which focuses, in a novel approach, on two prevalent cloud attacks: Distributed Denial-of-service (DDoS) attacks and Man-in-the-Cloud (MitC) computing attacks. To tackle the detection of these malicious activities, machine learning algorithms, namely Decision Trees, Support Vector Machine (SVM), Naive Bayes, and K-Nearest Neighbors (KNN), are utilized. Experimental simulations of DDoS and MitC attacks are conducted within a cloud environment, and the resultant data is compiled into a dataset for training and evaluating the machine learning algorithms. The study reveals the effectiveness of these algorithms in accurately identifying and classifying malicious activities, effectively distinguishing them from legitimate network traffic. The finding highlights Decision Trees algorithm with most promising potential of guarding the cloud and mitigating the impact of various cyber threats.

Enhancing Trustworthiness and Interoperability of Electronic Voting Systems through Blockchain Bridges

Journal paper
Blerim Rexha, Vehbi Neziri, Ramadan Dervishi
HighTech and Innovation Journal
Publication year: 2023

Abstract
Decentralized applications leveraging blockchain technology are gaining widespread adoption within the decentralized applications ecosystem. Interoperability, a fundamental concept facilitating seamless data and processing power exchange across diverse blockchain networks, is paramount in this context. The primary objective of this paper is to explore the transformative potential of “blockchain bridges” in facilitating secure and transparent electronic voting processes across multiple blockchain networks. The study employs a comprehensive analysis of various approaches, including atomic exchanges, sidechains, cross-chain bridges, token wrappers, and interledger protocols. The selection of a specific method is guided by the unique requirements and privacy considerations of the electronic voting use case. The application of two distinct blockchains serves as a practical demonstration, illustrating the principles of blockchain bridges in real-world scenarios. The research reveals that blockchain bridges not only streamline the exchange of data between diverse blockchain networks but also establish a dual decentralization paradigm. This paradigm enables the creation of openly maintained, purpose-specific, decentralized ledgers for electronic voting. The integration of blockchain bridges significantly reduces the risk of fraud, instilling greater confidence in the accuracy of election results. Thus, by presenting a comprehensive array of approaches and emphasizing their practical application, this research contributes to advancing the understanding and implementation of blockchain technology in the critical domain of electronic voting.

Keywords: Blockchain; Bridge; e-Voting; Trustworthiness; Interoperability.

Enhancing JWT Authentication and Authorization in Web Applications Based on User Behavior History

Journal paper
Ahmet Bucko, Kamer Vishi, Bujar Krasniqi, and Blerim Rexha
Publication year: 2023

Abstract

The rapid growth of the web has transformed our daily lives and the need for secure user authentication and authorization has become a crucial aspect of web-based services. JSON Web Tokens (JWT), based on RFC 7519, are widely used as a standard for user authentication and authorization. However, these tokens do not store information about the user’s behavior history. To address this issue, this paper presents a solution to enhance the trustworthiness of user authentication in web applications based on their behavior history. The solution considers factors such as the number of password attempts, IP address consistency, and user agent type and assigns a weight or percentage to each. These weights are summed up and stored in the user’s account, and updated after each transaction. The proposed approach was implemented using the .NET framework, C# programming language, and PostgreSQL database. The results show that the proposed solution effectively increases the level of trust in user authentication. The paper concludes by highlighting the strengths and limitations of the proposed solution.

CyberNFTs: Conceptualizing a decentralized and reward-driven intrusion detection system with ML

Journal paper
Synim Selimi, Kamer Vishi, Blerim Rexha
International Journal of Information and Computer Security
Publication year: 2023

Abstract: The rapid evolution of the internet, particularly the emergence of Web3, has transformed the ways people interact and share data. Web3, although still not well defined, is thought to be a return to the decentralisation of corporations’ power over user data. Despite the obsolescence of the idea of building systems to detect and prevent cyber intrusions, this is still a topic of interest. This paper proposes a novel conceptual approach for implementing decentralised collaborative intrusion detection networks (CIDN) through a proof-of-concept. The study employs an analytical and comparative methodology, examining the synergy between cutting-edge Web3 technologies and information security. The proposed model incorporates blockchain concepts, cyber non-fungible token (cyberNFT) rewards, machine learning algorithms, and publish/subscribe architectures. Finally, the paper discusses the strengths and limitations of the proposed system, offering insights into the potential of decentralised cybersecurity models.
Keywords: decentralisation; blockchain; Web3; intrusion detection; machine learning; non-fungible token; NFT; cyber security; cyberNFT; publish-subcribe systems.

Transactions privacy on blockchain using web of trust concept

Journal paper
Ramadan Dervishi, Vehbi Neziri & Blerim Rexha
Journal of Applied Security Research, Taylor & Francis
Publication year: 2022

Abstract

Exchange of information through the web took place inside a trusted environment and thus user privacy was assured by default. Nowadays, ensuring user privacy is becoming one of the most desirable features of new technology, and Blockchain is not an exception. The Blockchain is a decentralized technology, open, and public platform where all transactions are stored and viewed
from nodes, an approach known as “Web of Trust.” Although these transactions tend to be anonymous but in the case of the banking sector, user privacy requires special attention. In centralized systems, the implementation of privacy is no longer a challenge, using a hierarchical approach such as Public Key Infrastructure. This paper presents a broad landscape and state of art of user transaction privacy in Blockchain technology using the Web of Trust approach. Furthermore, we present a novel approach using the Public Key Infrastructure for assuring user privacy adding an optionally encrypted field in blocks in transactions. We have used Bithomp, as a free and opensource tool with the Testnet platform, and Ripple as the best known in the implementation of the payment system to implement the proposed approach. The paper concludes with the strengths and limitations of the proposed approach.

 

State of the art in privacy preservation in video data

Article
Slavisa Aleksic (DE), Liane Colonna (SE), Carina Dantas (PT), Anton Fedosov (CH), Francisco Florez-Revuelta (ES), Eduard Fosch-Villaronga (NL), Aleksandar Jevremovic (BA), Hajer Gahbiche Msakniç (TN), Ziddharth Ravi (ES), Blerim Rexha (KV), Aurelia Tamò-Larrieux (CH)
Publication year: 2022

Abstract

Active and Assisted Living (AAL) technologies and services are a possible solution to address the crucial challenges regarding health and social care resulting from demographic changes and current economic conditions. AAL systems aim to improve quality of life and support independent and healthy living of older and frail people. AAL monitoring systems are composed of networks of sensors (worn by the users or embedded in their environment) processing elements and actuators that analyse the environment and its occupants to extract knowledge and to detect events, such as anomalous behaviours, launch alarms to tele-care centres, or support activities of daily living, among others. Therefore, innovation in AAL can address healthcare and social demands while generating economic opportunities.

Recently, there has been far-reaching advancements in the development of video-based devices with improved processing capabilities, heightened quality, wireless data transfer, and increased interoperability with Internet of Things (IoT) devices. Computer vision gives the possibility to monitor an environment and report on visual information, which is commonly the most straightforward and human-like way of describing an event, a person, an object, interactions and actions. Therefore, cameras can offer more intelligent solutions for AAL but they may be considered intrusive by some end users.
The General Data Protection Regulation (GDPR) establishes the obligation for technologies to meet the principles of data protection by design and by default. More specifically, Article 25 of the GDPR requires that organizations must “implement appropriate technical and organizational measures […] which are designed to implement data protection principles […] , in an effective manner and to integrate the necessary safeguards into [data] processing.” Thus, AAL solutions must consider privacy-by-design methodologies in order to protect the fundamental rights of those being monitored.

Different methods have been proposed in the latest years to preserve visual privacy for identity protection. However, in many AAL applications, where mostly only one person would be present (e.g. an older person living alone), user identification might not be an issue; concerns are more related to the disclosure of appearance (e.g. if the person is dressed/naked) and behaviour, what we called bodily privacy. Visual obfuscation techniques, such as image filters, facial de-identification, body abstraction, and gait anonymization, can be employed to protect privacy and agreed upon by the users ensuring they feel comfortable.

Moreover, it is difficult to ensure a high level of security and privacy during the transmission of video data. If data is transmitted over several network domains using different transmission technologies and protocols, and finally processed at a remote location and stored on a server in a data center, it becomes demanding to implement and guarantee the highest level of protection over the entire transmission and storage system and for the whole lifetime of the data. The development of video technologies, increase in data rates and processing speeds, wide use of the Internet and cloud computing as well as highly efficient video compression methods have made video encryption even more challenging. Consequently, efficient and robust encryption of multimedia data together with using efficient compression methods are important prerequisites in achieving secure and efficient video transmission and storage.

Keywords

Privacy by Design, privacy preservation, visual obfuscation, secure transmision, video data

This report was created within the Working Group 2 on Privacy-by-design in audio and video data of the COST Action 19121 Good Brother funded by the EU COST Action.

Enhancing Burp Suite with Machine Learning Extension for Vulnerability Assessment of Web Applications

Journal paper
Rrezearta Thaqi, Kamer Vishi & Blerim Rexha
Journal of Applied Security Research, Volume 17, Issue 3
Publication year: 2022

Abstract

Today’s web represents the most extensive engineered system ever created by humankind. Web security is critical to web application providers and end-users. Burp Suite is established as a state-of-the-art and fully featured set of tools for web vulnerability scanners. This paper presents a novel approach using state of the art Machine Learning algorithms applied to
the Burp Suite extension. These algorithms were used to scan for: SQL injection, Cross-Site Request Forgery, and XML External Entity vulnerabilities in university web applications. The results show that the best algorithm is Long Short-Term Memory and that the targeted website is safe to use.

Assuring Anonymity and Privacy in Electronic Voting with Distributed Technologies Based on Blockchain

Journal paper
Vehbi Neziri, Isak Shabani, Ramadan Dervishi, Blerim Rexha
Neziri V, Shabani I, Dervishi R, Rexha B. Assuring Anonymity and Privacy in Electronic Voting with Distributed Technologies Based on Blockchain. Applied Sciences. 2022; 12(11):5477. https://doi.org/10.3390/app12115477
Publication year: 2022
Anonymity and privacy in the electoral process are mandatory features found in any democratic society, and many authors consider these fundamental civil liberties and rights. During the election process, every voter must be identified as eligible, but after casting a vote, the voter must stay anonymous, assuring voter and vote unlinkability. Voter anonymity and privacy are the most critical issues and challenges of almost all electronic voting systems. However, vote immutability must be assured as well, which is a problem in many new democracies, and Blockchain as a distributed technology meets this data immutability requirement. Our paper analyzes current solutions in Blockchain and proposes a new approach through the combination of two different Blockchains to achieve privacy and anonymity. The first Blockchain will be used for key management, while the second will store anonymous votes. The encrypted vote is salted with a nonce, hashed, and finally digitally signed with the voter’s private key, and by mixing the timestamp of votes and shuffling the order of cast votes, the chances of linking the vote to the voter will be reduced. Adopting this approach with Blockchain technology will significantly transform the current voting process by guaranteeing anonymity and privacy

Trust establishment between OAuth 2.0 resource servers using claims-based authorization

Journal paper
Edon Gashi, Blerim Rexha, Avni Rexhepi
Electronic Government, an International Journal, 2021 Vol.17 No. 3, pp.339 - 353
Publication year: 2021

Abstract

The OAuth 2.0 authorization framework is one of the most commonly used authorization frameworks. In its specification many implementation details are loosely defined, including the relationship between resource servers and authorization servers. This paper presents an approach for establishing trust between servers by using the authorization server as a broker, and examines an implementation for secure exchange of scholarship information between parties. To specify access rights, claims such as roles and capabilities are assigned to resource servers. These claims are asserted by the authorization server in form of access tokens. Instead of relying on shared databases, the issued access tokens are used to exchange messages between resource servers. This approach is useful in scenarios where applications have no shared infrastructure or are implemented by different parties.

 

Keywords

Authorization, OAuth, Trust, Security

Attack Analysis of Face Recognition Authentication Systems Using Fast Gradient Sign Method

Journal paper
Arbena Musa, Kamer Vishi, Blerim Rexha
International Journal of Applied Artificial Intelligence, Volume 35, Issue 11, pp. 1-15
Publication year: 2021

Biometric authentication methods, representing the ”something you are” scheme, are considered the most secure approach for gaining access to protected resources. Recent attacks using Machine Learning techniques demand a serious systematic reevaluation of biometric authentication. This paper analyzes and presents the Fast Gradient Sign Method (FGSM) attack using face recognition for biometric authentication. Machine Learning techniques have been used to train and test the model, which can classify and identify different people’s faces and which will be used as a target for carrying out the attack. Furthermore, the case study will analyze the implementation of the FGSM and the level of performance reduction that the model will have by applying this method in attacking. The test results were performed with the change of parameters both in terms of training and attacking the model, thus showing the efficiency of applying the FGSM.

Analysing and comparing the digital seal according to eIDAS regulation with and without blockchain technology

Journal paper
Vlera Alimehaj, Arbnor Halili, Ramadan Dervishi, Vehbi Neziri and Blerim Rexha
International Journal of Information and Computer Security (IJICS), Vol. 14, No. 2, , pp.171 – 191, 2021
Publication year: 2021

Abstract

Digitalization of public services has already changed the way how we interact with government. The electronic signature, based on public key cryptography, has strengthened the trust towards this transformation. With the recent appearance of the electronic seal, this digital transformation is complete. The new European Union regulation for electronic Identification, Authentication and trust Services (eIDAS) has repealed the old directive and provides a regulatory environment. In the meantime, a novel technology based in cryptography rose as an alternative to fulfill these objectives – the blockchain. This paper, analyses the properties of the electronic seal, based on eIDAS regulation, with and without blockchain technology. The developed application uses local X.509 digital certificates and the MultiChain platform for the creation and deployment of private blockchains. At the end of the paper an overview of this comparison is provided, using different documents, pointing out the pros and cons of each technology.

 

Keywords

Digital signature, electronic seal, eIDAS, blockchain, cryptography

Decreasing probability of 51% attack using grouping and random numbers based on overview on consensus models in blockchain technologies

Conference paper
Ramadan Dervishi, Vehbi Neziri and Blerim Rexha
DLT Banking Virtual Conference: New Challenges in the Banking System: The Role of Distributed Ledger Technology, 16-18 December 2020
Publication year: 2020

Abstract

Blockchain as an innovative technology has increased application usage of distributed and decentralized systems in different fields. With the rapid growth of applications using blockchain technology, there is a need to develop consensus models that ensure data and system integrity. In decentralized systems, the integrity of data cannot be realized without proper and secured consensus models of protocols. In the blockchain era, many applications use different consensus protocols, each of them has its advantages and disadvantages. The decision to apply a specific protocol to any application depends on many factors. Selecting a proper consensus protocol it is a difficult task for the system analyst, the selection must be based on all pros and cons of different protocols compared to the selected protocol and application purpose.

In this paper, we present an overview of consensus protocols, especially focused on POW (Proof-of-Work), POS (Proof of Stake) and LBFTas most used protocols in cryptocurrencies such as Bitcoin, Etherum, etc. We reviewed the Bitcoin protocol POW, Etherum protocol POS, Libra Protocol LBFT and finally we summarized the open challenges and suggest future research on the known phenomenon 51% attack.

Keywords: Protocol, Bitcoin, Etherum, Cryptocurrency, synchronization, decentralized, distributed, integrity, probability

Applying Efficient Crowdsourcing Techniques for Increasing Quality and Transparency of Election Processes

Journal paper
Blerim Rexha, Ilir Murturi
Electronic Government, an International Journal, Vol.15 No.1, pp.107 – 128
Publication year: 2019

Abstract

Recently crowdsourcing is being established as the new platform for capturing ideas from multiple users, i.e., the crowd. Many companies have already shifted their approach towards utilising the power of the crowd. Transparency and quality of election process is the main factor for acknowledging the general election results. Voters, crowd feedback can be utilised to maintain a desired election process transparency and quality. This paper presents an efficient solution using crowdsourcing techniques for increasing transparency and the quality of election processes through a simple feedback web form in polling stations. These polling stations are securely connected to central election commission monitoring room, where the overall transparency and quality in national scale can be monitored. The survey conducted with more than 600 respondents shows that this approach will be acceptable from citizens and will increase the overall transparency, quality, and acceptance of election results.

 

Keywords

crowdsourcing, crowd voting, privacy, security

Using Record Level Encryption for Securing Information in Classified Information Systems

Journal paper
Blerim Rexha, Halil Sadiku, Bujar Krasniqi
Journal of Natural and Engineering Sciences (NESciences), Volume 3, No 2, pp. 207-224
Publication year: 2018

Abstract

Information technology (IT) systems have great potential to improve the efficiency and methods of operation in each government organization, providing added convenience and flexibility. Currently, most of government law enforcement agencies have digitized their methods of work by advancing their user services. With this new approach, have come new threats, therefore, it is necessary to develop and implement standard policies to enhance information security and privacy on all classified information systems. In this paper a novel solution is presented for protection of information up to the record level encryption by applying the Advanced Encryption Standard (AES) algorithm using derived symmetric master key. The master key is unique per each record and is calculated in the client application. The uniqueness of the derived master key is assured by applying the exclusive or operation of the key of each record and the unique key of the client. Furthermore, this paper includes a critical approach on existing cryptographic methods and proposes additional methods to protect information, such us authentication, access control, and audit.

 

Keywords

Information security, Privacy, Encryption, Decryption, Access control, Audit

Using efficient TRNGs for PSEUDO profile in national eID card

Journal paper
Blerim Rexha, Dren Imeraj, Isak Shabani
International Journal of Recent Contributions from Engineering, Science & IT (iJES). eISSN: 2197-8581, Vol 6, No 1 pp. 57-73, 2018
Publication year: 2018

Abstract

Applications that requires true random number generator (TRNG), which uses raw analog data generated from any noise source in nature, must convert the source normal distribution to uniform distribution. Many up to date implementations convert the raw analog data into digital data by employing a comparator or a Schmitt trigger. This method wastes a large amount of random input data, lowering the throughput of the TRNG. In new national electronic identity card (eID) beyond the true identity of his bearer and to address the increasing concern of user privacy while doing business in Internet an additional pseudo profile is set. This pseudo profile uses 20-byte random value generated by database server, using a script during personalization process. In this paper, we present a novel algorithm that enables efficient distribution conversion in low power devices. The low memory requirements and efficient processing make it suitable for implementation low power cryptographic devices but also in complex personalization systems. Furthermore, we compare the random data generated by our efficient TRNG vs. those generated by database server.

 

Keywords

eID, privacy, security, random, TRNG

 

The teachers’ impact on policy making for the improvement of the school performance (the case of Kosovo)

Journal paper
Jehona Ferizi-Miftari, Blerim Rexha
International Journal of Education Economics and Development, Vol. 9 No. 1, pp.80-104
Publication year: 2018

Abstract

Teachers’ contribution in the process of improving the contemporary school performance is manifold and permanent. This study elaborates the contribution of the Kosovan teachers towards the improvement of the  quality of work in primary and lower secondary school. Data were collected from 1080 teachers working in schools located in different areas in Kosovo. The data processing was done through the descriptive statistics method with the aim of extracting the characteristics of the data (average  standard deviation) and the inferential statistics method in the function of the validity scale of assumptions that result from the data. The research results indicate that today, the Kosovan teachers enjoy more opportunities to influence the policies for the functionalisation and improvement of the work at school, whereas teachers with a higher level of education are more sceptical concerning the issues of influencing the policies of functionalisation and improvement of the work at school.

 

Keywords

reform; Kosovo; teacher commitment; school performance; school improvement; decision-making.

The process of school adaptation and restructuring towards supporting social, economic and political developments in post-war Kosovo - critical review

Conference paper
Jehona Ferizi-Miftari & Blerim Rexha
International conference, Kosovo Academy of Sciences and Arts, Prishtina, October 26 - 27 2018, pp. 229-246
Publication year: 2018

Abstract

Everything that happens in a society is transmitted and reflected indirectly in its schools. The education system in post-war Kosovo underwent radical changes, and the reform and adaptation movements affected all the links of the education system. The political, social and economic status of post-war Kosovo, as well as insufficient staffing capabilities for implementing educational reform, represent a serious challenge in the process of practical implementation of educational reform. In such transitions there are drives to transfer the experiences of the most advanced educational systems of western countries. The application of these reforms brought much disappointments, objections and dilemmas. This paper, apart from the chronological critical review of the changes the education system in Kosovo went through, compares the positive experiences of neighboring countries such as Albania, Macedonia, Serbia and Croatia, and German-speaking countries such as Germany and Austria, i.e. practices that these countries have followed to overcome the challenges that arise in education reforms. In the Kosovo context, based on the steps taken at each stage of the process, we conclude that the initiation of changes in the Kosovo education system started in disregard of the context in which these schools operate. In conclusion, the paper provides recommendations for stakeholders in the education system in order to meet the increasing demands of the society.

 

Keywords

Kosovo, school, reform, transition, development.

 

Increasing trustworthiness of face authentication in mobile devices by modeling gesture behavior and location using neural networks

Journal paper
Blerim Rexha, Gresa Shala, Valon Xhafa
International Journal of Future Internet, Volume 10, Issue 2,
Publication year: 2018

Abstract

Personal mobile devices currently have access to a significant portion of their user’s private sensitive data and are increasingly used for processing mobile payments. Consequently, securing access to these mobile devices is a requirement for securing access to the sensitive data and potentially costly services. Face authentication is one of the promising biometrics-based user authentication mechanisms that has been widely available in this era of mobile computing. With a built-in camera capability on smartphones, tablets, and laptops, face authentication provides an attractive alternative of legacy passwords for its memory-less authentication process, which is so sophisticated that it can unlock the device faster than a fingerprint. Nevertheless, face authentication in the context of smartphones has proven to be vulnerable to attacks. In most current implementations, a sufficiently high-resolution face image displayed on another mobile device will be enough to circumvent security measures and bypass the authentication process. In order to prevent such bypass attacks, gesture recognition together with location is proposed to be additionally modeled. Gestures provide a faster and more convenient method of authentication compared to a complex password. The focus of this paper is to build a secure authentication system with face, location and gesture recognition as components. User gestures and location data are a sequence of time series; therefore, in this paper we propose to use unsupervised learning in the long short-term memory recurrent neural network to actively learn to recognize, group and discriminate user gestures and location. Moreover, a clustering-based technique is also implemented for recognizing gestures and location.

 

Keywords

authentication; face; smartphones; gestures; location; LSTM; neural network

Impact of Electronic Competence Based Teaching in Higher Education

Journal paper
Isak Shabani, Fatos Halilaj, Blerim Rexha
Journal of Natural and Engineering Sciences, 2018, Volume 3, No: 3, pp. 233-247
Publication year: 2018

Abstract

In the beginning of Bologna’s process and creation of European Higher Education Area (EHEA), great importance has been to the transparency, increase of quality and concurrency between institutions of higher education. Nowadays, hot topic in higher education institutions in Europe are real-time learning outcomes, they are analyzed, projected and are evaluated today in all Europe and abroad. Traditional models and methods of success expression in learning and the degree of qualification is substituted with modern online systems. This paper proposes best practices for competence based teaching in higher education by using eCompetence software. The way these competences are organized, activities which are related to these competences and course contents which will help us to continuously evaluate students and prepare them for the labor market. Our results suggest that by implementing competence based teaching system in university evaluation and competence gaining would be more productive and would better prepare students for labor market. Consequently, this paper draws attention on provision of implementation of such a system in higher education by providing competence matrix, a competence software, and evaluation process.

 

Keywords

Competence, E-learning, Evaluation, Competence Management System

Energy Efficiency Optimization by Spectral Efficiency Maximization in 5G Networks

Journal paper
Bujar Krasniqi, Blerim Rexha, Betim Maloku
International Journal of Electronics and Telecommunications, 2018, Vol. 64, pp. 497–503
Publication year: 2018

Abstract

Energy and spectral efficiency are the main challenges in 5th generation of mobile cellular networks. In this paper, we propose an optimization algorithm
to optimize the energy efficiency by maximizing the spectral efficiency. Our simulation results show a significant increase in terms of spectral efficiency as well as energy efficiency whenever the mobile user is connected to a low power indoor base station. By applying the proposed algorithm, we show the network performance improvements up to 9 bit/s/Hz in spectral efficiency and 20 Gbit/Joule increase in energy efficiency for the mobile user served by the indoor base station rather than by the outdoor base station.

 

Keywords

Energy efficiency, 5G, radio resources, power allocation, optimization convexity

Challenges of quality assurance in Higher Education in Kosovo

Conference paper
Furtuna Mehmeti & Blerim Rexha
International conference, Kosovo Academy of Sciences and Arts, Prishtina, October 26 - 27 2018, pp. 132-152
Publication year: 2018

Abstract

 The liberalization of the higher education market and the growth of higher education service providers in the last two decades has demanded from such providers to demonstrate the quality of their activities. Research shows that universities were used to seeing excellence as a self-evident key indicator of quality in higher education, but now this self-evident indicator has been transformed into a control mechanism. In Kosovo, the concept of quality assurance through the Kosovo Accreditation Agency is relatively new, but this concept is becoming increasingly integral and important part of each higher education institution. Mechanisms for external and internal quality assurance have been established in the formal sense, the legal basis on which the quality assurance system is organized, i.e. the quality assurance requirements and standards, is well defined and applicable. This paper presents the challenges of quality assurance (external and internal), by comparing the fulfillment of these criteria over the years, then by comparing with the European quality assurance standards and guidelines as well as the good practices of some developed countries. The paper presents the conclusions, lessons learned during these years, and finally recommendations for higher education system actors to overcome these challenges.

 

Keywords

Higher education, quality assurance, accreditation, challenges, Kosovo.

Analyzing and comparing the performance of national biometric eID card in heavy cryptographic applications

Journal paper
Gazmend Krasniqi, Petrit Rama, Blerim Rexha
Journal of Applied System Innovation. Volume 37, Issue 1
Publication year: 2018

Abstract

Today, we are witnessing increased demand for more speed and capacity in the Internet, and more processing power and storage in every end user device. Demand for greater performance is present in every system. Electronic devices and their hosted applications need to be fast, but not to lose their main security features. Authentication and encryption are the main processes in the security aspect, and are required for a secure communication. These processes can be executed in different devices, among them PCs, microprocessors, microcontrollers, biometric cards or mobile devices. Biometric identity cards are becoming increasingly popular, challenging traditional PC devices. This paper compares two processing systems, the efficiency of encryption and signatures on the data executed in national identity biometric card versus PC, known also as the match-on-card versus the match-off-card. It considers how different parameters impact the process and the role they play on the overall process. The results, executed with a predefined set of test vectors, determine which processing system to use in a certain situation. Final conclusions and recommendations are given taking into consideration the efficiency and security of the data.

 

Keywords

cryptography; digital signature; match-on-card; match-off-card; eID biometric card

Analysis of Macro-Femto Cellular Performance in LTE under Various Transmission Power and Scheduling Schemes

Journal paper
Bujar Krasniqi, Blerim Rexha
Journal of Communications, 2018, Vol. 13, no. 3, pp. 119-123
Publication year: 2018

Abstract

The mobile networks use femtocells as low power nodes to improve indoor coverage and thus achieve a high network capacity. In this paper, we focus on a combination of macrocells and femtocells in Long Term Evolution (LTE) networks. To achieve a high LTE network performance, we investigate the influence of power allocated to Evolved NodeB (eNodeBs) and Home Evolved NodeB (HeNodeBs) respectively. Using the Round Robin scheduling, while decreasing the eNodeBs transmit power and increasing the HeNodeBs transmit power, improve the user’s throughput significantly. We further demonstrate, by simulations, that applying other scheduling algorithms under the low eNodeBs transmit power and high eNodeBs, results in a significantly increased performance of LTE network.

 

Keywords

Scheduling, transmit power, HetNet, LTE, resource block

Using collaborative based algorithm for efficient management of limited resources on social networks

Conference paper
Valon Xhafa, Korab Rrmoku, Blerim Rexha
IEEE 2016 Third International Conference on Mathematics and Computers in Sciences and in Industry (MCSI), pp. 289-295
Publication year: 2016

Abstract

With all features and resources, such as: social actors, social relations, content, communication, and ratings that todays’ social networks like Facebook, LinkedIn, Twitter, Google+, etc. offer to users, it still appears that at given point we have to refine and optimize our own accounts within the limits of a certain social network. In line with this trend, in this paper we present a model for efficient management of friends list in Facebook, as one of the limited resource in this social network. In order to get users data from Facebook, a web scraping technique combined with reverse image search has been adopted to ensure users authenticity. The activity between nodes (friends) on a social network is calculated based on their interactions in terms of likes, comments, shares and posts between each other. This approach led us into designing and implementing an algorithm based in these collaborative metrics, named “weight of relationship”. This algorithm calculates weights between friends on a network, and the results are evaluated by comparing these weights with respondent answers, conducted through personalized questionnaire. Consequently, this methodology brings feasible results, with an average accuracy of 71% on recommending which friends should be removed, thus releasing the space for incoming new friends. An app named RateMyFriends is developed based on presented approach.

 

Keywords

Social networks; algorithm; efficiency; Web scraping; application

Improving Quality of Election Process Using Crowdsourcing Techniques

Journal paper
Blerim Rexha, Ilir Murturi, Isak Shabani, Avni Rexhepi
International Journal of Applied Mathematics, Electronics and Computers, ISSN: 2147-82282147-6799, Volume 4 (4), pp.107-112
Publication year: 2016

Abstract

Quality of election process is a main factor for acknowledging the general election results. In this sense a feedback from voters is critical to maintain a desired process quality. Crowdsourcing is establishing as standard platform to capture feedback and new ideas from the participating stakeholders. This paper presents an efficient solution using crowdsourcing techniques for improving the quality of election processes through a simple feedback web form in polling stations. These polling stations are securely connected to Central Election Commission monitoring room, where the overall quality in national scale can be monitored. The survey conducted with more 600 respondents shows that this approach will be acceptable from citizens and will improve the total quality and acceptance of election results.

 

Keywords

Crowdsourcing; crowd voting; privacy; security;

Enhancing Network Security in PPPoE protocol during the logical Local Loop Unbundling

Conference paper
Kushtrim Kelmendi, Blerim Rexha
ICINS '16 Proceedings of the 4th International Conference on Information and Network Security, pp.45-49
Publication year: 2016

Abstract

Local Loop Unbundling (LLU) is a process which allows the competitive Network Service Providers (NSPs) to use the telecom’s incumbent infrastructure to provide the services to their subscribers. In logical LLU, as the traffic passes through the incumbent network infrastructure, security and privacy of the NSP subscribers is of a serious concern. In this paper, we have presented a novel approach to address these concerns, by implementing the encryption on the Point to Point Protocol over Ethernet (PPPoE), in the broadband network, between the NSP Customer Premises Equipment (CPE) and Broadband Network Gateway (BNG) router. First, encryption algorithm is negotiated using the existing protocol Encryption Control Protocol (ECP), during the PPP establishment phase, and after that the PPP packet payload is encrypted using the Advanced Encryption Standard AES, 128 bit version. The encryption key is derived using the first 128 bits of the SHA256 hash of sum of the three key variables: PPPoE SESSION_ID, CPE MAC Address, and CPE serial number, which makes this encryption key unique. The proposed solution is compared to existing protocols.

 

Keywords

AES, BNG, ECP, PPPoE, SHA256

Impact of secure programming on web application vulnerabilities

Conference paper
Blerim Rexha, Arbnor Halili, Korab Rrmoku, Dren Imeraj
2015 IEEE International Conference on Computer Graphics, Vision and Information Security (CGVIS), pp. 61-66
Publication year: 2015

Abstract

Nowadays all organizations tend to shift their daily business processes into web. This shifting requires from web developer’s detailed knowledge about security techniques, such as Structured Query Language (SQL) injection and Cross Site Scripting Attack (XSS), otherwise the data managed and protected by web application could be exposed to not authorized parties. This paper aims to link and measure the impact of security techniques used by web developers for avoiding the vulnerabilities in web applications. We conducted a survey about the level of applicability of security techniques during web development and conducted a penetration testing for more than 110 local web sites. We discovered many vulnerabilities in these web sites and we linked the results with survey outcome.

 

Keywords

Web security, security scanners, Web vulnerabilities, SQL injection, XSS attack

Efficient distribution conversion algorithm in low power TRNGs for embedded security applications

Conference paper
Blerim Rexha, Dren Imeraj, Ehat Qerimi and Arbnor Halili
19th International Conference on Circuits, Systems, Communications and Computers (CSCC 2015) Technical sponsor for CSCC: IEEE Egypt Chapter, Greece, July 16-20, 2015
Publication year: 2015

Abstract

The raw analog data generated from almost any noise source in nature has a normal distribution of values. Cryptography applications usually require true random number generators (TRNGs) to output random data streams that have a uniform distribution of values. Since TRNGs use a noise source to generate the random data, and that source usually has a normal distribution, the TRNG has to convert the distribution. If the TRNG is implemented in a low power device such as a microcontroller, the algorithm for distribution conversion needs to be lightweight and efficient in terms of using as much of the raw data as possible. Current market implementations convert the analog data into digital data by employing a comparator or a Schmitt trigger. This method wastes a large amount of random input data, lowering the throughput of the TRNG. This paper presents a novel algorithm that enables distribution conversion in low power devices. The low memory requirements and efficient processing make it suitable for implementation in microcontrollers or other low power cryptographic devices. The algorithm is also flexible, allowing for any size of noise samples.

 

Keywords

Algorithm, distribution, random, security, TRNG

Increasing SMS privacy using AES encryption algorithm in Android application

Conference paper
Blerim Rexha, Lavdërim Shala, Ehat Qerimi
The International Conference 'Recent Trends and Applications in Computer Science and Information Technology' Tirana, Albania, December 12-13, 2014
Publication year: 2014

Abstract

Short Message Service (SMS) is the oldest application for exchanging messages between communicating parties in cellular network used by mobile phones. These messages are encrypted over-the-air with A5/1 algorithm and stored as clear text at network operator. Recent developments have shown that this algorithm is not secure any more. Compromising an access to network operator registers gains access to SMS also. For assuring privacy the SMS application must provide end-to-end encryption. In this paper we present an efficient solution for encrypting SMS between communicating parties using Advanced Encryption Standard (AES) algorithm in Android environment. Furthermore we compare the proposed solution we existing ones in market listing strengthens and limitations.

 

Keywords

Encryption, Privacy, SMS, AES, and Android.

Kosovo’s websites vulnerabilities and its economic impact

Conference paper
Arbnor Halili, Korab Rrmoku, Blerim Rexha
The International Conference 'Information Systems and Technology Innovation: toward a digital Economy' Tirana, Albania, June 15-16, 2013
Publication year: 2013

Abstract

We all are witnessing the exponential growth of website sophisticated attacks in different areas and from various sources. This paper presents a research on the vulnerabilities of different web sites that are operational today in Kosovo. It focuses in the process of testing the web sites for different attack possibilities and their weakness in respect to possible “cybernetics” attackers. An advanced software tool, called “Acunetix”, is the main apparatus in this whole process of researching and fact gathering. It is worth mentioning that the whole “inspection” is made only for research purposes. First part of this paper presents definitions and approach used for this research. Second part contains the facts and results regarding vulnerabilities and weak points that are gathered. A conclusion about the vulnerabilities that are found on this research, accompanied with statistical records, is presented at the end of the paper.

Improving authentication and transparency of e-Voting system – Kosovo case

Journal paper
Blerim Rexha, Vehbi Neziri and Ramadan Dervishi
International Journal on Computers and Communications, Issue 1, Volume 6, pp.84-91
Publication year: 2012

Abstract

Authentication and privacy are central issues for acceptance of any e-Voting system in particular and growth of e-Services in general. This paper aims to: (i) to analyze the appropriate architecture and propose new efficient architecture of electronic voting system in Kosovo, and (ii) to analyze the threat vectors and their avoidance in such system. The novelty of implemented solution is based on using dynamic queue list generated based on voters arrivals and identification at the polling station. The proposed architecture enables citizens to cast their vote in any polling station, in opposite to paper form voting where citizen is linked to his predefined polling station. The national election commission configures the smart card, as part of electronic voting infrastructure, to allow decryption of number of records that matches the number of voters in final country wide voting list. The communication between polling stations and central server is encrypted with server’s public key stored in digital certificate and every casted vote is digitally signed by ballot box private key. The developed model is used to compare the costs and efficiency of e-Voting against the traditional paper based voting system in Kosovo.

 

Keywords

Digital Signature, Privacy, Security, Smart Cards, e-Voting, X.509 Digital Certificates

Enhancement of String Matching Queries on Albanian Names for Kosovo Civil Registry

Conference paper
Blerim Rexha, Valon Raca, Agni Dika
International Conference on Recent Advances in Computers, Communications, Applied Social Science and Mathematics, Barcelona, Spain, September 15-17, 2011
Publication year: 2011

Abstract

Civil Registry Information System serves as an essential data source for all e-government services. Searching for a citizen’s data in Civil Registry Database is usually done by providing unique keywords such as name. Due to the similar pronunciation of some Albanian language consonants, for example gj [ɟ] and xh [d͡ ʒ], problems arise in finding citizens data, names of which are similarly pronounced, despite different spelling. This paper presents a novel approach for string matching algorithm based on Albanian names. For this paper Levenshtein distance, American Soundex and modified Soundex results are compared on a database of 271.000 citizens of Prishtina municipality. The modified Soundex algorithm accommodates basic rules of pronunciation in Albanian language and its accuracy and efficiency is better than Levenshtein distance and American
Soundex.

 

Keywords

String matching, Levenshtein, Soundex, Civil Registry

Implementing data security in student lifecycle management system at the university of Prishtina

Journal paper
Blerim Rexha, Haxhi Lajqi, Myzafere Limani
Transactions on Information Science and Applications, Volume 7 Issue 7, July 2010 Pages 965-974
Publication year: 2010

Abstract

In this paper is presented a novel approach for fulfilling the data security criteria in a Student Lifecycle Management System at the University of Prishtina. The four main criteria of data security such as: privacy, authentication, integrity and non-repudiation are fulfilled through carefully selected security policies. Student data privacy is achieved using the Secure Socket Layer protocol for web communication with web server. Each user, being student, academic or administrative staff is provided with unique user name and initial password in the Student Lifecycle Management System. Data integrity and non-repudiation are fulfilled using digital signatures. The novelty of implemented solution is based on extending the subject name in X.509 digital certificates and using this certificate for securing student grades, which is in full compliance with the Kosovo Law on Information Society. Public Key Infrastructure and X.509 digital certificates have been established as the most trustworthy methods for assuring data security criteria in modern software applications. Security policy enforces that digital certificate and its associated private key shall be stored in a smart card. Access to private key stored in a smart card is protected by Personal Identification Number, known only by smart card holder. This implementation was installed at the Faculty of Electrical and Computer Engineering and has successfully passed a six semester testing period and students were, for the first time in the history of the University of Prishtina, able to apply online to take an exam.

 

Keywords

Digital Signature, Privacy, Security, Smart Cards, X.509 Digital Certificates

Increasing User Privacy in Online Transactions with X.509 v3 Certificate Private Extensions and Smartcards

Conference paper
Blerim Rexha
7th International IEEE Conference on E-Commerce Technology 2005, Munich, Germany, July 2005
Publication year: 2005

Abstract

Security and privacy are central issues for the acceptance of online payment methods in particular and growth of the Internet market in general. Public Key Infrastructure and X.509 certificates have been established as the most trustworthy methods for assuring security in online transactions. In this work is a new approach proposed for increasing security by avoiding privacy violation using X.509 version 3 certificate private extensions and storing the certi cate and its corresponding private key in the smartcard. The private key never leaves the smartcard and it can be used for encryption/decryption only after successful personal identi cation number presentation.

 

Keywords

X.50g v3 identity and. attribute certificates, privacy, security encryption, digital signature, non-repudiation, online transaction, smartcards, SET.

 

 

 

Securing Web Services in a User-to-Application Model Based on Certificate Extensions and Smartcard Technology

PhD dissertation
Blerim Rexha
PhD thesis, Vienna University of Technology, Vienna, April 2004
Publication year: 2004

Abstract

Web Services represents a new way of invoking remote functions over standard Internet protocols. They are basic building blocks of the distributed computing over the Internet. Security and privacy are central issues for the acceptance of Web Services in particular and the growth of the Internet market in general. Public Key Infrastructure and X.509 Certificates have been established as the most trustworthy methods for assuring online security. In this thesis are compared the existing approaches for securing Web Services and proposed new approaches for increasing security by avoiding privacy violation using X.509 certificate private extensions and storing these certificates in smartcards. Adopting the Internet for every possible transaction has lead to a situation where a user has to enter extra information for completing his real profile. The aim of the thesis is to increase user privacy in online transactions. This is achieved through extending certificates with private extensions. Each extension holds encrypted data for user properties, such as: credit card number, insurance number, address, etc., and thus each online participant understands the general (public) data on the certificate and one relevant encrypted private extension.

Method for transmitting protected information to a plurality of recipients

Patent
Blerim Rexha, Albert Treytl
US Patent App. 10/567,972
Publication year: 2003

Description

The invention relates to first information which is determined for a first receiver. Said first information is transmitted together with secondary information, which is determined for a second receiver in a common information unit to the first receiver. The first information can be encrypted according to specifications of the first receiver. The secondary information, which can be made of several components, is encrypted according to the specifications of the second receiver, for example, with an open key, a so-called public key. Said public key encryption methods have various embodiments and security steps. Said methods ensure that the first receiver, upon receipt of the complete information, can not encrypt pieces of information therefor not intended therefor.

 

Patent applied in online transaction