Research

CVEs

Some of my 0days before the “cyber” security hype.

2012

• CVE-2012-6554 - Remote Code Injection

2006

• CVE-2006-6886 - Sensitive Information Leakage
• CVE-2006-2519 - Local File Inclusion (LFI)
• CVE-2006-2700 - Authentication Bypass via SQL Injection
• CVE-2006-2698 - Sensitive Path Disclosure
• CVE-2006-2737 - Privilege Escalation
• CVE-2006-0357 - Denial of Service (DoS)

2005

• CVE-2005-0863 - Multiple Persistent Cross-Site Scripting (XSS)
• CVE-2005-0475 - Multiple Error Base SQL Injection
• CVE-2005-0305 - Multiple Reflected Cross-Site Scripting (XSS)

Academic Papers

Machine learning, neural networks, spam detection, digital forensics, and cyber security.

2013 - Machine learning

• Elloumi, Mourad & Hayati, Pedram & Iliopoulos, Costas & Mirza, Jalil & Pissis, Solon & Shah, Arfaat. (2013). Comparison for the detection of Virus and spam using pattern matching tools. Technological Advances in Electrical, Electronics and Computer Engineering (TAEECE). 304-311. 10.1109/TAEECE.2013.6557291.

2012 - Cyber security, Machine learning

• P. Hayati, V. Potdar. “Spam 2.0 State of the Art”. International Journal of Digital Crime and Forensics (IJDCF). DOI: 10.4018/jdcf.2012010102, ISSN: 1941-6210, EISSN: 1941-6229. 2012.
• P. Hayati, N. Firoozeh, V. Potdar, K. Chai. “How much money do spammers make from your website?”. CUBE ‘12 Proceedings of the CUBE International Information Technology Conference. ISBN: 978-1-4503-1185-4. Pune, India. September 03 - 06, 2012. pp. 732-739.
• S. Zorn, P. Hayati. “CAPTCHA Conflict – a Consumer’s Choice Between Security and Convenience”. 2012 AMS Annual Conference Program. New Orleans May 16-19 May, 2012.
• A. G. West, P. Hayati, V. Potdar, I, Lee. “Spamming for Science: Active Measurement in Web 2.0 Abuse Research”. The Sixteenth Conference on Financial Cryptography and Data Security (FC'12), 3rd Workshop on Ethics in Computer Security Research (WECSR2012). Divi Flamingo Beach Resort, Bonaire. 2 March, 2012.

2011 - Neural Networks

• P. Hayati, V. Potdar, A. Talevski, K. Chai. “Characterisation of Web Spambots using Self Organising Maps”. International Journal of Computer Systems Science and Engineering, 2011, vol. 1, pp.69-78.
• K. Chai, C. Wu, V. Potdar, P. Hayati. “Automatically Measuring the Quality of User Generated Content in Forums, " in Lecture Notes in Artificial Intelligence (LNAI) at The 24th Australasian Joint Conference on Artificial Intelligence (AI2011). Western Australia, AU, 5-8 December, 2011.

2010 - Machine learning

• P. Hayati, V. Potdar, A. Talevski, W. F. Smyth. “Rule-Based On-the-fly Web Spambot Detection Using Action Strings”. Collaboration, Electronic messaging, Anti-Abuse and Spam Conference (CEAS 2010). July 13-14, Redmond, Washington, US, 2010.
• P. Hayati, K. Chai, V. Potdar, A. Talevski. “Behaviour-Based Web Spambot Detection by Utilising Action Time and Action” The 2010 International Conference on Computational Science and Applications (ICCSA 2010). Fukuoka, Japan. March 23-26. Lecture Notes in Computer Science (LNCS), Springer, 2010, pp. 351-360.
• V. Potdar, F. Ridzuan, P. Hayati, A. Talevski, E. A. Yeganeh, S. Sarenche, N. Firoozeh. “Spam 2.0: The Problem Ahead”. Computational Science and Its Applications (ICCSA). Fukuoka, Japan. March 23-26. Lecture Notes in Computer Science (LNCS), Springer, 2010, pp. 400-411.
• P. Hayati, V. Potdar, A. Talevski, N. Firoozeh, S. Sarenche, E. A. Yeganeh. “Definition of Spam 2.0: New Spamming Boom”. IEEE Digital Ecosystem and Technologies (DEST), Dubai, UAE, 12-15 April 2010.
• P. Hayati, V. Potdar, K. Chai, A. Talevski. “Web Spambot Detection Based on Web Navigation Behaviour”. IEEE Advanced Information Networking and Applications (AINA), Perth, Australia, April 20-23. 2010.
• K. Chai, P. Hayati, V. Potdar, A. Talevski. “Assessing Post Usage for Measuring the Quality of Forum Posts”. IEEE Digital Ecosystem and Technologies (DEST), Dubai, UAE, 12-15 April 2010.

2009 - Web spam

• P. Hayati, K. Chai, V. Potdar, A. Talevski. “HoneySpam 2.0: Profiling Web Spambot Behaviour”. Lecture Notes in Computer Science (LNCS), Principles of Practice in Multi-Agent Systems (PRIMA) , 13-16 Dec 2009. Nagoya, Japan.
• P. Hayati, V. Potdar. “Spammer and Hacker, Two Old Friends”. 3rd IEEE International Conference on Digital Ecosystems and Technologies (DEST 2009). 1-3 June 2009. Istanbul, Turkey.
• P. Hayati, V. Potdar “Toward Spam 2.0: An Evaluation of Web 2.0 Anti-Spam Methods”. 7th IEEE International Conference on Industrial Informatics (INDIN 2009) 24-26th June 2009, Cardiff, Wales

2008 - Secure Software Design

• P. Hayati, V. Potdar. “Evaluation of Spam Detection and Prevention Frameworks for Email and Image Spam - A State of Art.” Proceedings of the 10th International Conference on Information Integration and Web-based Applications & Services, November 24–26, 2008, Linz, Austria.
• P. Hayati, N. Jafari, V. Potdar, S. Mohammadrezaie, S. Sarenche. “Modeling Input validation in UML.” 19th Australian Software Engineering Conference (ASWEC2008), Perth, Western Australia, 26-28 March 2008.

2007 - RFID, Steganography

• P. Hayati, V. Potdar, E. Chang. “A Survey of Steganographic and Steganalytic Tools for the Digital Forensic Investigator.” Workshop of Information Hiding and Digital Watermarking to be held in conjunction with IFIPTM, Moncton, New Brunswick, Canada. July 2007.
• V. Potdar, P. Hayati, M. Mohan, E. Chang. “Assuring Data Integrity on RFID tags using Information Hiding Approach.” Workshop of Information Hiding and Digital Watermarking to be held in conjunction with IFIPTM, Moncton, New Brunswick, Canada. July 2007.
• V. Potdar, P. Hayati, E. Chang. “Improving RFID Read Rate Reliability by a Systematic Error Detection Approach.” RFID Eurasia Conference 2007, Istanbul, Turkey, September 2007.