Khaled Ahmed
Doctor of Philosophy in Electrical and Computer Engineering (PhD)
Research Topic
Protecting Mobile Phone Users Against Malware
G+PS regularly provides virtual sessions that focus on admission requirements and procedures and tips how to improve your application.
These videos contain some general advice from faculty across UBC on finding and reaching out to a potential thesis supervisor.
Dissertations completed in 2010 or later are listed below. Please note that there is a 6-12 month delay to add the latest dissertations.
As market expectations of software products continues to become more sophisticated and the competitive landscape for software products grows in intensity, the difference between successful and unsuccessful software products is rapidly becoming less a function of software development methods and more one of how deeply and collectively cross-functional software product development teams achieve a tacit understanding of the product domain, thus creating a context for the team to understand the product requirements and a valid context for the implicit and explicit decision-making that occurs throughout the product development life cycle. Although deep domain understanding cannot be obtained through prevailing requirements engineering methods the way they are usually practiced, many software product development teams do manage to achieve varying degrees of collective grokking of the product domain. However, little is known about what factors support or impede these teams in collectively achieving this deep understanding. Looking to identify factors that would explain why some teams collectively grok the product domain more deeply than others, I used the Constructivist Grounded Theory research method over a period of three years to study individuals and teams across seven software companies that create products for a diverse range of markets. I found that certain factors of the corporate organisational structure and the product planning process play a significant role in product development teams’ potential to collectively develop deep domain understanding. These factors also impact individual and development team dynamics. I identify two essential metaphorical dynamics of broadening the lens and blurring boundaries that successful cross-functional product teams employ to fully embrace product ownership, visioning, and planning toward achieving this rich context for understanding product requirements. This study concludes also that the highly specialised nature of many organisational models and development processes is contraindicated for cross-functional product development teams in achieving this deep collective understanding and calls for a revisiting of the mechanistic organisational and product planning practices for software product development. Further, it calls for a shift of emphasis in requirements engineering towards a greater focus on the human factors in requirements engineering, specifically the collective and tacit understanding of requirements and their context.
View record
The growth in the popularity of smart contracts has been accompanied by a rise in security attacks targeting vulnerabilities in smart contracts, which led to financial losses of millions of dollars and erosion of trust. To enable developers find vulnerabilities in the code of smart contracts, researchers and industry practitioners have proposed several static analysis tools. However, vulnerabilities abound in smart contracts, and the effectiveness of the state-of-the-art analysis tools in detecting vulnerabilities has not been studied.To understand the effectiveness of the state-of-the-art static analysis tools in detecting vulnerabilities in smart contracts, we propose a systematic approach for evaluating smart contract static analysis tools using security bug injection. We use our proposed approach to evaluate the effectiveness of well-known static analysis tools. The evaluation results show that analysis tools fail to detect significant vulnerabilities and report a high number of false alarms. To improve the state of static analysis for finding vulnerabilities, we expand the space of vulnerability detection and propose static analysis approaches for detecting two-broad categories of vulnerabilities in smart contracts, namely, gas-related vulnerabilities and access control vulnerabilities. Our proposed solutions rely on identifying security properties in the code of smart contracts and then analyzing the dependency of the contract code on user inputs that lead to violating the identified security properties. The results show that our proposed vulnerability detection approaches achieve a significant improvement in the effectiveness of detecting vulnerabilities compared to the prior work.
View record
Theses completed in 2010 or later are listed below. Please note that there is a 6-12 month delay to add the latest theses.
The full abstract for this thesis is available in the body of the thesis, and will be available when the embargo expires.
View record
Machine Learning (ML) has been widely applied in different aspects of our lives due to its accuracy and scalability. However, the vulnerability to adversarial examples, which are intentionally designed by attackers to confuse the models, impedes the adoption of them in life- and safety-critical applications. To address this problem, the area of adversarial robustness investigates the mechanisms behind adversarial attacks and defenses against these attacks. Literature in this area exhibits an arm-race trend where defense techniques proposed to address existing attacks were "broken" by newly proposed attacks. A line of research has been conducted in response to such a trend, investigating the reasons for adversarial vulnerabilities, some of them focusing on the inherent limitations of data. Existing surveys on adversarial robustness focus on collecting state-of-the-art attacks and defense techniques, and few of them discuss how the model and/or data explain the adversarial vulnerability observed. In this thesis, we review literature that focuses on the effects of data used to train a model on the model’s adversarial robustness. We systematically identified 57 relevant papers from top publication venues, and categorized them based on the properties of the data discussed. This thesis summarizes the impact of data across eight categories of data properties. Seven of these are general to all applications, and one is specific to a particular application domain. Additionally, we discuss gaps in knowledge and promising future research directions to further improve our understanding of adversarial robustness.
View record
The microservice-based architecture – a SOA-inspired principle of dividing back-end systems into independently deployed components that communicate with each other using language-agnostic APIs – has gained increased popularity in industry. Realistic microservice-based applications contain hundreds of services deployed on a cloud. As cloud providers typically offer a variety of virtual machine (VM) types, each with its own hardware specification and cost, picking a proper cloud configuration for deploying all microservices in a way that satisfies performance targets while minimizing the deployment costs becomes challenging. Existing work focuses on identifying the best VM types for recurrent (mostly high-performance computing) jobs economically. Yet, identifying the best VM type for the myriad of all possible service combinations and further identifying the optimal subset of combinations that minimizes deployment cost is an intractable problem for applications with a large number of services. To address this problem, we propose an approach, called KUBER, which utilizes a set of strategies to efficiently sample the necessary subset of service combinations and VM types to explore. Comparing KUBER with baseline approaches shows that KUBER is able to find the best deployment with the lowest search cost.
View record
This thesis provides a detailed in-depth analysis of Android malware samples that bypassed detection by the Google Play app store and penetrated the official Android market between January 2016 and July 2021. By systematically extracting and analyzing samples from 107 malware families, we identify malicious payloads they execute, conditions guarding execution of the payloads, and other implementation level properties relevant for malware detection. As most samples in our dataset contain multiple payloads, each triggered via its own complex activationlogic, we also contribute a graph-based representation showing multiple activation paths and payloads for each sample in form of a control- and data-flow graph. We discuss the capabilities of existing malware detection tools, put them in context of the properties observed in the analyzed samples, and identify possible gaps and future research directions. We believe that our detailed analysis of the recent, evasive malware families will be of interest to researchers and practitioners and will help further improve malware detection tools. We make our annotated dataset of 1238 samples from 134 malware families available for future studies.
View record
Numerous static taint analysis techniques have recently been proposed for identifying information flows in mobile applications. These techniques are often optimized and evaluated on a set of synthetic benchmarks, which makes the comparison results difficult to generalize. Moreover, the techniques are commonly compared under different configuration setups, rendering the comparisons inaccurate. In this paper, we provide a large, controlled, and independent comparison of the three most prominent static taint analysis tools: FlowDroid, Amandroid, and DroidSafe. We align the configuration setup for the tools and evaluate them on both a set of common benchmarks and on real applications from the Google Play app store. We compare the results of our analysis to the results reported in previous studies, identify main reasons for inaccuracy in existing tools, and provide suggestions for future research.
View record
This thesis proposes a solution for automated goal-driven exploration of Android applications – a scenario in which a user, e.g., security auditor, needs to dynamically trigger the functionality of interest in an application, e.g., to check whether user-sensitive info is only sent to recognized third-party servers. As the auditor might need to check hundreds or even thousands of apps, manually exploring each app to trigger the desired behavior is too time-consuming to be feasible. Existing automated application exploration and testing techniques are of limited help in this scenario as well, as their goal is mostly to identify faults by systematically exploring different app paths, rather than swiftly navigating to the target functionality.The goal-driven application exploration approach proposed in this thesis, called GoalExplorer, automatically generates an executable test script that directly triggers the functionality of interest. The core idea behind GoalExplorer is to first statically model the application UI screens and transitions between these screens, producing a Screen Transition Graph (STG). Then, GoalExplorer uses the STG to guide the dynamic exploration of the application to the particular target of interest: an Android activity, API call, or a program statement. The results of our empirical evaluation on 93 benchmark applications and 95 most popular GooglePlay applications show that the STG is substantially more accurate than other Android UI models and that GoalExplorer is able to trigger a target functionality much faster than existing application exploration.
View record
Microservice-based architecture is a principle inspired by service-oriented approaches for building complex systems as a composition of small, loosely coupled components that communicate with each other using language-agnostic APIs. This architectural principle is now becoming increasingly popular in industry due to its advantages, such as greater software development agility and improved scalability of deployed applications. In this thesis, we report on a broad interview study we conducted, which involved practitioners developing microservice-based applications for commercial use for at least two years. By deliberately excluding “newcomers” and focusing the study on “mature” teams, our goal was to collect best practices, lessons learned, and technical challenges practitioners face. Our study helps inform researchers of challenges in developing microservice-based applications, which can inspire novel software engineering methods and techniques. The study also benefits practitioners who are interested to learn from each other, to borrow successful ideas, and to avoid common mistakes.
View record
If this is your researcher profile you can log in to the Faculty & Staff portal to update your details and provide recruitment preferences.