Academic Positions

  • Present 2017

    Data Science Assistant

    University Putra Malaysia, Faculty of Computer Science and IT , Big Data Analytics Course ‎

  • 2016 2013

    Rsearch Assistant

    University Putra Malaysia, Faculty of Computer Science and IT

  • 2014 2014

    Teaching Assistant

    University Putra Malaysia, Faculty of Computer Science and IT, Data Mining Course ‎

  • 2009 2007

    Teaching Assistant‎

    Azad University (IAU)-Tehran, Faculty of Management, HRM Course

Education & Training

  • Ph.D. ‎2017‎

    Ph.D. in Intelligence Computing‎

    University Putra Malaysia‎

  • M.Sc.2012

    Master of Information Technology

    Multimedia University Malaysia‎

  • B.A.2007

    Bachelor of Management

    Azad University-Central, Tehran

Honors, Awards and Grants

  • 2012-2016
    Fundamental Research Grant Scheme (FRGS) under the Ministry of Higher Education, Malaysia
    image

    • Project: Text Mining-based Payload IDS‎

    • Project Leader: Assoc. Prof. Dr. Norwati Mustapha‎

    • Project Number: 08-01-14-1481FR‎

    • Grand Total Price: RM 115’900‎

  • 2017-2019
    I am looking out for a challenging postdoctoral position
    image

    I am Mohsen Kakavand, Ph.D candidate (4th year) and research assistant majoring in Intelligent ‎Computing at the University Putra Malaysia (UPM). I am looking for obtaining Post-doc Position‎ ‎in Machine Learning/Data Mining and Natural language processing (NLP) Methods. ‎

  • 2020 - 2022
    My Future Research Grants!
    image

    Let's see future!

Laboratory Personel

Sepideh Foroozan

Research Assistant

+ Follow

Chan Kai Fung

Big Data Analytic Lab

+ Follow

Mohammed Ammir

Big Data Analytic Lab

+ Follow

Chai Lee Ying

Big Data Analytic Lab

+ Follow

Great lab Personel!

My name is Mohsen and I am a data science assistant in Big Data Analytic course. My primary interests ‎lie within the realm of data science with python and specifically on Intrusion Detection Systems. This ‎lab has allowed us to explore various fascinating realms of big data and pre-processing steps and also ‎to build my research skills and understanding of data science concepts. ‎

Research Projects

  • image

    Text Mining-based Payload Anomaly Intrusion Detection‎

    Very short description of the project.

    --Text Mining and Machine learning algorithms for packet payload anomaly intrusion.

    --Identify essential methods, solutions, the gaps, limitations and challenges ‎in IDS.

    --Illustrative ‎a novel framework, called “Text Mining-Based Anomaly Detection”(TMAD)

    --Propose an effective Dimensionality Reduction (DR) and Feature Selection Engine(FSE)

    --Propose an IDS called the Online Adaptive Deep-Packet Inspector(O-‎ADPI)‎

  • image

    REST Dataset IDS 2015

    Very short description of the project.

    REST Dataset IDS 2015 contains thousands of web requests automatically generate. It can be ‎used for the testing of web attack protection systems. It is developing at the University Putra ‎Malaysia. A current problem in web service attack detection is the lack of publicly available data ‎ sets to test WAFs (Web Application Firewalls). The DARPA data set has been widely used for ‎anomaly detection. However, it has been criticized by the IDS community. Regarding web ‎service traffic, some of the problems of the DARPA data set are that it is out of date and also ‎that it does not include many of the actual attacks. Because of that, it is not appropriate for web ‎service attack detection. ‎

    The problem of data privacy is also a concern in the generation of publicly available data sets and ‎is probably one of the reasons why most of the available web service data sets do not target real ‎web applications. Because of these reasons, we decided to generate our own REST Dataset IDS ‎‎2015.

  • image

    Cyberspace and National Security(Iran Study)

    Very short description of the project.

    A major aspect of Mohsen Kakavand’s scientific career is his interesting in a multidisciplinary ‎study such as Cyberspace Policies, Programs and Security; where cyber attacks can propagate ‎immediately and where the identity or location of an enemy may not be known, people and ‎ organization are increasingly vulnerable to network based intrusions that disrupt productivity, ‎privacy, and threaten national security. From the beginning of his career as Ph.D. Candidate, he ‎put a major emphasis on multidisciplinary research. Mohsen’s future research focuses future ‎cyber threats and national security.‎

Filter by type:

Sort by year:

A Text Mining-Based Anomaly Detection Model in Network Security‎‎

Mohsen Kakavand, Norwati Mustapha, Aida Mustapha, Mohd Taufik Abdullah
Journal Paper Global Journal of Computer Science and Technology (GJCST), Volume 14, Issue 5, February 2014, Pages ‎23-31

Abstract

Anomaly detection systems are extensively used ‎security tools to detect cyber-threats and attack ‎activities in computer systems and networks. In this ‎paper, we present Text Mining-Based Anomaly ‎Detection (TMAD) model. We discuss n-gram text ‎categorization and focus our attention on a main ‎contribution of method TF-IDF (Term Frequency, ‎Inverse Document Frequency), which enhance the ‎performance commonly term weighting schemes are ‎used, where the weights reflect the importance of a ‎word in a specific document of the considered ‎collection. Mahalanobis Distances Map (MDM) and ‎Support Vector Machine (SVM) are used to discover ‎hidden correlations between the features and ‎among the packet payloads. Experiments have been ‎accomplished to estimate the performance of TMAD ‎against ISCX dataset 2012 intrusion detection ‎evaluation dataset. The results show TMAD has ‎good accuracy.‎

Towards a Defense Mechanism against ‎REST-based Web Service Attacks‎

Mohsen Kakavand,Norwati Mustapha, Aida Mustapha, Mohd Taufik Abdullah, Behjat Ahmadi‎
Conference PapersADVANCED SCIENCE LETTERS, Volume 22, Issue 10, October 2016, Pages 2827-2831

Abstract

Representational State Transfer (REST) web services has gained popular acceptance over the world-wide-web as a straightforward choice to the traditional or SOAP-based services. However, at present the REST-based service implementation does not have pre-defined security protection methods. In this paper, we present a defense mechanism against REST-based web service attacks called the REST-IDS, for a defense-in-depth network security in web service layer. REST-IDS is an intelligent mechanism that employs statistical approach to the state-of-the-art Text Mining-Based Anomaly Detection (TMAD) model to detect unknown novel vulnerabilities, which is sensitive to payload attacks.

Effective Dimensionality Reduction of Payload-‎Based Anomaly Detection in TMAD Model for ‎‎HTTP Payload

Mohsen Kakavand, Norwati Mustapha, Aida Mustapha, Mohd Taufik Abdullah
Journal Paper KSII Transactions on Internet and Information Systems, Volume 10, Issue 8, August 2016, Pages 3884-3910

Abstract

Intrusion Detection System (IDS) in general considers a big amount of data that are highly redundant and irrelevant. This trait causes slow instruction, assessment procedures, high resource consumption and poor detection rate. Due to their expensive computational requirements during both training and detection, IDSs are mostly ineffective for real-time anomaly detection. This paper proposes a dimensionality reduction technique that is able to enhance the performance of IDSs up to constant time O(1) based on the Principle Component Analysis (PCA). Furthermore, the present study offers a feature selection approach for identifying major components in real time. The PCA algorithm transforms high-dimensional feature vectors into a low-dimensional feature space, which is used to determine the optimum volume of factors. The proposed approach was assessed using HTTP packet payload of ISCX 2012 IDS and DARPA 1999 dataset. The experimental outcome demonstrated that our proposed anomaly detection achieved promising results with 97% detection rate with 1.2% false positive rate for ISCX 2012 dataset and 100% detection rate with 0.06% false positive rate for DARPA 1999 dataset. Our proposed anomaly detection also achieved comparable performance in terms of computational complexity when compared to three state-of-the-art anomaly detection systems.

A Survey of Anomaly Detection Using Data Mining Methods for Hypertext Transfer Protocol Web Services

Mohsen Kakavand, Norwati Mustapha, Aida Mustapha, Mohd Taufik Abdullah, Hamed Riahi
Journal Paper Journal of Computer Science, Volume 11, Issue 1, Novermber 2015, Pages 89-97

Abstract

In contrast to traditional Intrusion Detection Systems (IDSs), data mining anomaly detection methods/techniques has been widely used in the domain of network traffic data for intrusion detection and cyber threat. Data mining is widely recognized as popular and important intelligent and automatic tools to assist humans in big data security analysis and anomaly detection over IDSs. In this study we discuss our review in data mining anomaly detection methods for HTTP web services. Today, many online careers and actions including online shopping and banking are running through web-services. Consequently, the role of Hypertext Transfer Protocol (HTTP) in web services is crucial, since it is the standard facilitator for communication protocol. Hence, among the intruders that bound attacks, HTTP is being considered as a vital middle objective. In the recent years, an effective system that has attracted the attention of the researchers is the anomaly detection which is based on data mining methods. We provided an overview on four general data mining techniques such as classification, clustering, semi-supervised and association rule mining. These data mining anomaly detection methods can be used to computing intelligent HTTP request data, which are necessary in describing user behavior. To meet the challenges of data mining techniques, we provide challenges and issues section for intrusion detection systems in HTTP web services.

Issues and Challenges in Anomaly Intrusion Detection for HTTP Web Services‎‎

Mohsen Kakavand, Norwati Mustapha, Aida Mustapha, Mohd Taufik Abdullah, Hamed Riahi
Journal Paper Journal of Computer Science, Volume 11, Issue 11, December 2015, Pages ‎1041-1053‎

Abstract

In recent years, the development of Web-based applications has made possible novel online activities, such as banking and electronic shopping. This implies significant use of the Hypertext Transfer Protocol (HTTP) as the standard communication protocol enabler for Web services. Due to this role, HTTP has become an essential middle target of bound attacks for intruders. This paper is set to address various problems in anomaly-based intrusion detection for HTTP Web services. We seek to identify common essential methods and solutions, as well as the gaps, limitations and challenges in anomaly intrusion detection in terms of used experimental datasets, features and techniques.

Currrent Teaching

  • Present 2017

    Big Data Analytics Course

    Teaching has been his passion and Big Data Technology and Data Analytics are his strength. He is on my ‎way to create courses which should help any beginner to step by step learn and be able to become a ‎Big data expert.‎

Teaching History

  • Present 2017

    Big Data Analytics Course

    University Putra Malaysia, Faculty of Computer Science and IT , Big Data Analytics Course ‎

  • 2014 2014

    Data Mining Course

    University Putra Malaysia, Data Mining Techniques and Algorithms, WEKA data mining

  • 2009 2007

    Management Science

    Azad University (IAU)-Tehran, Faculty of Management, HRM Course

At My Office

You can find me at my office located at Faculty of Computer Science and Information Technology, University Putra Malaysia.

I am at my office every day from 9:00 AM until 5:00 PM, but you may consider a call to fix an appointment.

At My Work

You can find me at my Work located at at Faculty of Computer Science and Information Technology, University Putra Malaysia.

I am at my office every day from 9:00 AM until 5:00 PM, but you may consider a call to fix an appointment.