Professor Al-Shaer has established himself as a renowned expert in cybersecurity analytics and automation, with an outstanding research record spanning over 28 years. During this time, he has made seminal contributions to the field, publishing over 300 research papers in premier venues and supervising more than seventeen Ph.D. students in cybersecurity. His academic career has seen notable advancements, including his promotion to Full Professor at the University of North Carolina at Charlotte (UNC Charlotte) in 2011 and later to Distinguished Career Professor at Carnegie Mellon University in 2021.
Professor Al-Shaer is recognized as one of the early contributors to the field of cybersecurity configuration verification. He was among the first to apply formal methods, including Binary Decision Diagrams (BDD) and Satisfiability Modulo Theories (SMT), to analyze and verify the correctness of network security configurations such as firewalls and IPSec policies. His research helped establish a new direction in formal cybersecurity analysis and has been widely cited, earning best paper awards at leading conferences, including IEEE IM (2003) and INFOCOM (2004). [IM03. INFOCOM04, ….] . These formal models were implemented in various tools for discovering configuration errors and policy weakness and hardening security and resiliency of systems. Examples of these tools include ConfigChecker [ICNP09, JSAC09, TDSC16, JSAC05, INFOCOM04, INFOCOM10], SDNChecker [SafeConfig14], CloudChecker [SCC13-1, SCC13-2], ACDChecker, ActiveSDN, IoTChecker [Comp&Sec17], IOTSAT [CNS16] SensorChecker, and WSNPlanner [CNSM12-2] for cyber systems; And AMIAnalyzer [INFOCOM12] and EMSThreatAnalyzer [ICCPS14,] for smart grids and SCADA systems [TSG13, DSN14]. Professor Al-Shaer’s groundbreaking contributions in this domain have transformed cybersecurity configuration management, ensuring automated, scalable, and provably secure network defenses.
Professor Al-Shaer was the first to propose dynamic adaptation of firewall policies based on real-time traffic statistics. His work introduced techniques for optimizing packet filtering by inserting early-reject rules for unwanted traffic and reordering existing rules to reduce processing overhead for legitimate traffic. This research was published in leading venues, including IEEE INFOCOM (2006, 2009), JSAC (2006), AsiaCCS (2006), and IEEE Communications Magazine (2013) [INFOCOM06, INFOCOM09, JSAC06, AsiaCCS06, CommMag13].
Al-Shaer has contributed foundational research in cyber agility, Moving Target Defense (MTD), and cyber deterrence for both cyber and cyber-physical systems. He pioneered methodologies that enable systems—particularly in smart grids and CPS—to continuously mutate configuration parameters, enhancing resilience and attack deterrence.
Ehab Al-Shaer has made foundational contributions to automated and adaptive cyber deception. He introduced the Attribution-Temptation-Engagement (ATE) model, which supports AI-driven orchestration of deception strategies tailored to the behavior of advanced threats such as APTs and malware. He also developed symbSODA, a hybrid AI and symbolic execution-based system that analyzes real-world malware to extract API-level attack patterns, map them to MITRE ATT&CK techniques, and generate adaptive deception playbooks. Additional systems developed by Al-Shaer include MoveNet, which dynamically migrates virtual networks to evade reconnaissance and DDoS attacks, and FingerDeceiver, a game-theoretic model designed to exhaust attacker resources with minimal impact on legitimate users. His work has played a key role in advancing modern, proactive deception-based cyber defense.
Al-Shaer has made significant contributions to proactive cyber-physical system (CPS) security and resiliency through both formal and data-driven approaches. In collaboration with Duke Energy, he developed tools and techniques to identify misconfigurations, predict unknown attacks, and assess their impact on critical infrastructure components such as Advanced Metering Infrastructure (AMI) and Energy Management Systems (EMS), including Optimal Power Flow, Contingency Analysis, Topology Mapping, and Automatic Generation Control (AGC). His work established formal methods to measure the potential of stealthy coordinated attacks, assess attacker capabilities, quantify both visible and hidden impacts on power systems, and automate threat mitigation planning.
Professor Al-Shaer has pioneered ideas and contribution in developing AI-enabled next-generation cyber defense system, and in advancing AI to better fit the need of cyber defense. His contributions in this domain comes in multiple folds as follows:
Professor Al-Shaer has developed innovative AI techniques for extracting cyber threat actions and attack patterns from unstructured sources such as reports, blogs, and threat intelligence feeds, and classifying the extracted actions into MITRE ATT&CK tactics, techniques, and procedures (TTPs) using deep learning and natural language understanding techniques [SMET, TTPDrill]. Professor Al-Shaer have developed a transformer-based framework (V2W‑BERT) for automatically classifying software vulnerabilities (CVEs) into hierarchical Common Weakness Enumeration (CWE) classes leveraging natural language processing, link prediction, and transfer learning that achieves impressive accurate results. This work earned the Best Application Paper Award at IEEE DSAA 2021. These innovative tools aid security practitioners by automating the translation of unstructured attack or vulnerability data into actionable ATT&CK-based insights. Professor Al-Shaer co-authored a pioneering study that introduced the use of large language models (LLMs) to automatically extract, enforce, and validate CIS Critical Security Controls by transforming unstructured security guidelines into measurable controls, validation metrics, and implementation steps, significantly reducing manual effort and improving policy compliance at scale.
Ehab Al-Shaer has contributed to the development of intelligent, autonomous agents for cybersecurity. His work includes the design of DosSink, a multi-layered defense framework that combines variational autoencoders (VAE) for anomaly detection and deep reinforcement learning (DRL) for adaptive mitigation of dynamic DDoS attacks. Key innovations include decoupling detection from decision-making, enabling scalable and rule-free real-time defense with over 98% detection accuracy. He also co-developed CHIMERA, an autonomous deception planner that uses a Partially Observable Markov Decision Process (POMDP) to dynamically counter Advanced Persistent Threats (APTs). CHIMERA integrates intelligent agents into live environments to deploy adaptive deception strategies while anticipating attacker countermeasures.
Using machine and deep learning for adaptive intrusion detecting: Ehab Al-Shaer has developed adaptive techniques for intrusion detection that improve accuracy while minimizing false positives. His work includes an online method for dynamically adjusting thresholds in anomaly-based detectors [TISSEC13], and a resilient multi-layer intrusion detection for smart grids [TISSEC15, CCS13, CNS14]. In addition to spam detection spam bots [AsiaCCS12, ICC09].
[SEMAS25] Qi Duan, Ehab Al-Shaer, David Garlan, “Self-Adaptive Dual-Layer DDoS Mitigation using Autoencoder and Reinforcement Learning”. IEEE/ACM Symposium on Software Engineering for Adaptive and Self-Managing Systems. 2025 [SACMAT24 ] Mohiuddin Ahmed, Jinpeng Wei, Ehab Al-Shaer, “Prompting LLM to Enforce and Validate CIS Critical Security Control”. ACM SACMAT 2024 [TOPS23 ] Md Sajidul Islam Sajid, Jinpeng Wei, Ehab Al-Shaer, Qi Duan, Basel Abdeen, Latifur Khan: symbSODA: Configurable and Verifiable Orchestration Automation for Active Malware Deception. ACM Trans. Priv. Secur. 26(4): 51:1-51:36 (2023) [CNS23-1] Ashutosh Dutta, Ehab Al-Shaer, Samrat Chatterjee, Qi Duan, “Autonomous Cyber Defense Against Dynamic Multi-Strategy Infrastructural DDoS Attacks. CNS 2023: 1-9 [CNS23-2] Basel Abdeen, Ehab Al-Shaer, Waseem G. Shadid, “VeriActor: Dynamic Generation of Challenge-Response Questions for Enhanced Email Sender Verification”. CNS 2023: 1-9 [DBSec23] Basel Abdeen, Ehab Al-Shaer, Anoop Singhal, Latifur Khan, Kevin W. Hamlen, “SMET: Semantic Mapping of CVE to ATT&CK and Its Application to Cybersecurity”. IEEE DBSec 2023: 243-260 [BigData22 ] Siddhartha Shankar Das, Mahantesh Halappanavar, Antonino Tumeo, Edoardo Serra, Alex Pothen, Ehab Al-Shaer, VWC-BERT: Scaling Vulnerability-Weakness-Exploit Mapping on Modern AI Accelerators. IEEE Big Data 2022: 1224-1229 [SecureComm22 ] Ehsan Aghaei, Xi Niu, Waseem G. Shadid, Ehab Al-Shaer, SecureBERT: A Domain-Specific Language Model for Cybersecurity. SecureComm 2022: 39-56 [CNS21] Md. Mazharul Islam, Ashutosh Dutta, Md Sajidul Islam Sajid, Ehab Al-Shaer, Jinpeng Wei, Sadegh Farhang, CHIMERA: Autonomous Planning and Orchestration for Malware Deception. CNS 2021: 173-181 [ACSAC21] Md Sajidul Islam Sajid, Jinpeng Wei, Basel Abdeen, Ehab Al-Shaer, Md Mazharul Islam, Walter Diong, Latifur Khan, “SODA: A System for Cyber Deception Orchestration and Automation”, ACM Annual Computer Security Applications Conference (ACSAC 2021), December 2021. [ACSAC17] Ghaith Husari, Ehab Al-Shaer, Mohiuddin Ahmed, Bei-Tseng Chu, Xi Niu, “TTPDrill: Automatic And Accurate Extraction Of Threat Actions From Unstructured Text Of CTI Sources”, Annual Computer Security Applications Conference (ACSAC) 2017. [AICDA21] Ashutosh Dutta, Ehab Al-Shaer, and Samrat Chatterjee, “Constraints Satisfiability Driven Reinforcement Learning for Autonomous Cyber Defense”, International Conference on Autonomous Intelligent Cyber-Defense Agents, March 2021. [ARO15] “Agility-in-Depth”, Funded Proposal 2015-2018 (PI: Ehab Al-Shaer), Sponsor: Army Research Lab [ASIACCS12] Fida Gilani, Ehab Al-Shaer, Sardar Ali and Syed Ali Khayam, Monetizing Spambot Activity and Understanding its Relation with Spambot Traffic Features, ACM ASIA CCS, May 2012. [ASIACCS09] Khalid Elbadawi and Ehab Al-Shaer, TimeVM: A Framework for Online Intrusion Mitigation and Fast Recovery Using Multi-Time-Lag Traffic Replay, ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS'09), Australia, March 2009 [ASIACCS06] Hazem Hamed and Ehab Al-Shaer, “Dynamic Rule-ordering Optimization for High-speed Firewall Filtering”, ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS'06), March 2006 [ATT&CK] MITRE ATT&CK, https://attack.mitre.org/wiki/Main_Page. [BitCoin18] M Ahmed, J Wei, Y Wang, E Al-Shaer, “A Poisoning Attack Against Cryptocurrency Mining Pools”, Data Privacy Management, Cryptocurrencies and Blockchain Technology, 140-154, 2018. [CCS13] Muhammad Qasim Ali and Ehab Al-Shaer, Configuration-based IDS for Advanced Metering Infrastructure, ACM Conference on Computer and Communications Security (CCS), November 2013 [CNS21] Rakeb Mazharul Islam, Md. Sajid , Ehab Al-Shaer, and Jinpeng Wei,“Chimera: Autonomous Planning and Orchestration for Malware Deception”, IEEE Conference on Communications and Network Security (CNS’21), September 2021. [CNS18] Qi Duan, Ehab Al-Shaer, Mazhar Islam and H. Jafarian, “CONCEAL: A Strategy Composition for Resilient Cyber Deception-- Framework, Metrics and Deployment”, IEEE Conference on Communications and Network Security (CNS’18), May 2018 [CNS14] Muhammad Qasim Ali, R. Yousefian, Ehab Al-Shaer, S. Kamalasadan, Quanyan Zhu, Two-tier Data-driven Intrusion Detection for Automatic Generation Control in Smart Grid. IEEE Conference on Communications and Network Security (CNS), October 2014. [CNS14-game] Mohammed Noraden Alsaleh and Ehab Al-Shaer, Security Configuration Analytics Using Video Games, IEEE Conference on Communications and Network Security (CNS), October 2014. [CNSM13] Saeed Al-Haj and Ehab Al-Shaer, A Formal Approach for Virtual Machine Migration Planning, IEEE International Conference on Network and Service Management (CNSM 2013), October 2013 [CNS13-1] Qi Duan, Ehab Al-Shaer and Jafar Haadi Jafarian, Efficient Random Route Mutation Considering Flow and Network Constraints, IEEE CNS 2013, IEEE, October 2013 [CNS13-2] Mohammad Ashiqur Rahman, Mohammad Hossein Manshaei and Ehab Al-Shaer, A Game-Theoretic Approach for Deceiving Remote Operating System Fingerprinting, IEEE Conference on Communications and Network Security (CNS), Washington DC, USA, October 2013 [CNSM12-1] Fida Gilani, Ehab Al-Shaer, Mostafa Ammar and Mehmet Demirci, Fine-Grain Diagnosis of Overlay Performance Anomalies Using End-Point Network Experiences, 8th International Conference on Network and Service Management, Oct. 2012. [CNSM12-2] Qi Duan, Saeed Al-Haj and Ehab Al-Shaer, Provable Configuration Planning for Wireless Sensor Networks, 8th International Conference on Network and Service Management (CNSM 2012), IEEE, Las Vegas, USA, October 2012 [CNSM16] Mohammed Noraden Alsaleh, Ghaith Husari and Ehab Al-Shaer, “Optimizing the RoI of Cyber Risk Mitigation”, 12th International Conference on Network and Service Management (CNSM’16), November 2016. [COMMAG06] Ehab Al-Shaer and Hazem Hamed, “Taxonomy of Conflicts in Network Security Policies”, IEEE Communications Magazine, Vol. 44, No. 3, March 2006. [CommMag13] Qi Duan and Ehab Al-Shaer, Traffic-Aware Dynamic Firewall Policy Management: Techniques and Applications, IEEE Communications Magazine, Volume: 51, Number: 7, July 2013 [CSEA15] Yasir Khan, Ehab Al-Shaer, "Property-Based Verification of Evolving Petri Nets", International Conference of Software Engineering Advances, 2015. [CyberARM] Ehab Al-Sher and Ashotush Dutta, A Multi-Dimensional Decision-Making System for Optimal Risk Mitigation Planning, CCAA Presentation (the paper is under submission). [DSN14] Mohammad Ashiqur Rahman, Ehab Al-Shaer and Rajesh G. Kavasseri, Security Threat Analytics and Countermeasure Synthesis for Power System State Estimation, The 44th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), June 2014 [ESD15] Usman Rauf, Tim Kernicky, Matthew Whelan, and Ehab Al-Shaer, “Formal Analysis of Critical Infrastructures by Structural Identification using Constraint Programming Paradigm”, Proceedings of the 33rd IMAC: A Conference and Exposition on Structural Dynamics, 2015 [Dexa12] Mohamed Shehab, Saeed Al-Haj, Salil Bhagurkar and Ehab Al-Shaer, Anomaly Discovery and Resolution in MySQL Access Control Policies, 23rd International Conference on Database and Expert Systems Applications - DEXA 2012, Sept. 2012 [DSN09] Yongning Tang and Ehab Al-Shaer, Sharing End-user Negative Symptoms for Improving Overlay Network Dependability, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) 2009, June 2009 [ESORICS13] Jafar Haadi Jafarian, Ehab Al-Shaer and Qi Duan, Formal Approach for Route Agility Against Persistent Attackers, The 18th European Symposium on Research in Computer Security (ESORICS), Springer, September 2013 [GComm13] Mehmet Demirci, Fida Gilani, Mostafa Ammar and Ehab Al-Shaer, Overlay Network Placement for Diagnosability, IEEE GLOBECOM 2013, Atlanta, USA, December 2013 [GLOIBECOM04] Lopamudra Roychoudhuri and Ehab Al-Shaer, "Adaptive Rate Control for Real-time Packet Audio Based on Loss Prediction", IEEE GLOBECOM 2004, November 30-December 2, 2004. [HiPC21] Siddhartha Shankar Das, Mahantesh Halappanavar, Antonino Tumeo, Edoardo Serra, Alex Pothen and Ehab Al-Shaer, “V2W-BERT: Scaling Transformer-Based Software Vulnerability Classification on Multi-GPU Systems”, IEEE International Conference on High Perforamance Computing, Data, & Analytics (HiPC), 2021(BEST PAPER AWARD) [HotSDN12] Jafar Haadi Jafarian, Ehab Al-Shaer and Qi Duan, OpenFlow Random Host Mutation: Transparent Moving Target Defense using Software Defined Networking, ACM SIGCOM Workshop on Hot Topics in Software Defined Networking (HotSDN), ACM, August 2012 [ICCPS13] Mohammad Ashiqur Rahman, Qi Duan and Ehab Al-Shaer, Energy Efficient Navigation Management for Hybrid Electric Vehicles on Highways, ACM/IEEE 4th International Conference on Cyber-Physical Systems (ICCPS), April 2013 [ICCPS14] Mohammad Ashiqur Rahman, and Ehab Al-Shaer, Formal Model of the Impact of Stealthy Attacks on Optimal Power Flow in Power Grids, ACM/IEEE 4th International Conference on Cyber-Physical Systems (ICCPS), April 2014. [ICC09] Kyle Smith, Ehab Al-Shaer and Khalid Elbadawi, Information Theoretic Approach for Characterizing Spam Botnets Based on Traffic Properties, ICC 2009 Communication and Information Systems Security Symposium, June 2009 [ICDCS13] Mohammad Ashiqur Rahman and Ehab Al-Shaer, A Formal Framework for Network Security Design Synthesis, 33rd International Conference on Distributed Computing Systems (ICDCS), Philadelphia, Pennsylvania, USA, July 2013 [ICDCS14] Mohammad Ashiqur Rahman, Ehab Al-Shaer and Rajesh G. Kavasseri, Impact Analysis of Topology Poisoning Attacks on Economic Operation of the Smart Power Grid, The 34th IEEE International Conference on Distributed Computing Systems (ICDCS), Number: Madrid, Spain, July 2014. [ICCPS14] Mohammad Rahman, Ehab Al-Shaer and Rajesh Kavasseri, Formal Model of the Impact of Stealthy Attacks on Optimal Power Flow in Power Grids, ACM International Conference on Cyber-Physical Systems (ICCPS), 2014. [ICNP09] Ehab Al-Shaer, Will Marrero, Adel El-Atawy and Khalid Al-Badawi, “Network Security Configuration in A Box: End-to-End Security Configuration Verification “, IEEE International Conference in Network Protocols (ICNP’ 09), October, 2009. [ICNP07] Taghrid Samak, Adel El-Atawy, and Ehab Al-Shaer, "FireCracker: A Framework for Inferring Firewall Policy using Smart Probing", In the Proceedings of the fifteenth IEEE International Conference on Network Protocols, October 2007. [ICNP05] Hazem Hamed, Ehab Al-Shaer and Will Marrero, “Modeling and Verification of IPSec and VPN Security Policies.” In IEEE ICNP'2005, November 2005. [IJARAS11] Lopamudra Roychoudhuri and Ehab Al-Shaer, “Autonomic QoS Optimization of Real-time Internet Audio using Loss Prediction and Stochastic Control”, International Journal of Adaptive, Resilient and Autonomic Systems (IJARAS), Vol 1, Issue 3. To appear in 2010/2011 (check attached acceptance email). [IM13] Mohammad Ashiqur Rahman and Ehab Al-Shaer, A Formal Approach for Network Security Management Based on Qualitative Risk Analysis, IFIP/IEEE International Symposium on Integrated Network Management (IM), May 2013 [IM05] Yongning Tang, Ehab S. Al-Shaer, Raouf Boutaba, “Active Integrated Fault Localization in Communication Networks” IEEE/IFIP Integrated Management (IM'2005), May 2005. (Acceptance rate 23.5%) [IM2003] Ehab Al-Shaer and Hazem Hamed, “Firewall Policy Advisor for Anomaly Detection and Rule Editing”, IEEE/IFIP Integrated Management IM'2003, March 2003 [INFOCOM10] Bin Zhang and Ehab Al-Shaer, Towards Automatic Creation of Usable Security, IEEE INFOCOM 2010 Mini conference, April 2010. [INFOCOM09a] Adel El-Atawy, Ehab Al-Shaer, Tung Tran and Raouf Boutaba, Adaptive Early Packet Filtering for Protecting Firewalls against DoS Attacks, IEEE INFOCOM 2009, Brazil, April 2009 [INFOCOM09b] Adel El-Atawy and Ehab Al-Shaer, Building Covert Channels over the Packet Reordering Phenomenon, IEEE INFOCOM 2009, Brazil, April 2009 [INFOCOM09c] Yongning Tang, Ehab Al-Shaer, “Reasoning about Uncertainty for Overlay Fault Diagnosis Based on End-User Observations”, IEEE INFOCOM 2009 (Miniconference), Brazil, April 2009 [INFOCOM08a] Yongning Tang and Ehab Al-Shaer, “Towards Distributed & Collaborative Overlay Fault Diagnosis Based On User-level Belief Revision”, INFOCOM 2008 MiniConference, April 2008 [INFOCOM08b] Mohamed Salim, Ehab Al-Shaer and Latifur Khan, “A Novel Quantitative Approach For Measuring Network Security”, INFOCOM 2008 Mini Conference, April 2008. [INFOCOM06] Hazem Hamed, Adel El-Atawy and Ehab Al-Shaer, “Adaptive Statistical Optimization Techniques for Firewall Packet Filtering.” In IEEE INFOCOM'2006, April 2006. [INFOCOM04] Ehab Al-Shaer and H. Hamed, “Anomaly Discovery in Distributed Firewalls”, IEEE INFOCOM, March 2004 [INFOCOM15-arhm] Yasir Imtiaz Khan, Ehab Al-Shaer and Usman Rauf, Cyber resilience by construction: Modeling, Measuring and Verifying, December 2015 [INFOCOM15-movenet] Fida Gilani, Ehab Al-Shaer, Samantha Lo, Qi Duan, Mostafa Ammar and Ellen W. Zegura, Agile Virtualized Infrastructure to Proactively Defend Against Cyber Attacks, IEEE INFOCOM 2015, April 2015. [INFOCOM12] Ashiq Rahman, Ehab Al-Shaer, Bera Padmalochan, SmartAnalyzer: A Noninvasive Security Threat Analyzer for AMI Smart Grid, IEEE INFOCOM 2012, March 2012. [Comp&Sec2017] Mujahid Mohsin, Zahid Anwar, Farhat Zaman, Ehab Al-Shaer, IoTChecker: A data-driven framework for security analytics of Internet of Things configurations. Computers & Security 70: 199-223, 2017. [CNS16] Mujahid Mohsin, Zahid Anwar, Ghaith Husari, Ehab Al-Shaer, Mohammad Ashiqur Rahman, “IoTSAT: A Formal Framework for Security Analysis of the Internet of Things”, IEEE Conference on Communications and Network Security (CNS’16), 17-19 October 2016, Philadelphia, PA USA. [IWSHM15] Tim Kernicky, Matthew Whelan, Usman Rauf, and Ehab Al-Shaer, “Damage detection in a laboratory model using a nonlinear constraint satisfaction processor for finite element model updating”, Proceedings of the 10th International Workshop on Structural Health Monitoring (IWSHM 2015): System Reliability for Verification and Implementation, 2015. [JCOMCOM01] Ehab Al-Shaer, “Toward Integrating IP Multicasting in Internet Network Management Protocols”, Journal of Computer and Communications, Vol. 24, No. 6, pp. 473-485, April 2001 [JNCA16] Fida Gilani, Ehab Al-Shaer and Basil AsSadhan, Economic Metric To Improve Spam Detectors, Journal of Network and Computer Applications (JNCA), Elsevier, Volume 65 Issue C, Pages 131-143, April 2016. [JNSM11] M. Salim Ahmed, Mohamed Taibah, Ehab Al-Shaer and Latif Khan, Objective Risk Evaluation for Automated Security Management, Journal of Network System Management (JNSM), Volume: 19, Number: 3, Pages: 343-3 [JNSM00] Ehab Al-Shaer, "Active Management Framework for Distributed Multimedia Systems", Journal of Network and Systems Management (JNSM), Vol. 8, No. 1, pp. 49-72, March 2000 [JSAC09] Ehab Al-Shaer, Adel El-Atawy and Taghrid Samak, “Automated Pseudo-live Testing of Firewall Configuration Enforcement”, IEEE Journal on Selected Areas in Communications, Issue: 3, Volume: 27 , April 2009 [JSAC06] Hazem Hamed, Adel El-Atawy and Ehab Al-Shaer, “On Dynamic Optimization of Packet Matching in High Speed Firewalls”, IEEE Journal on Selected Areas in Communications, Vol. 24, October 2006 [JSAC05] Ehab Al-Shaer, Hazem Hamed, Raouf Boutaba and Masum Hasan, "Conflict Classification and Analysis of Distributed Firewall Policies." In IEEE Journal on Selected Areas in Communications, Volume 1-1, September 2005. [ISI18] G Husari, X Niu, B Chu, E. Al-Shaer, “Using Entropy and Mutual Information to Extract Threat Actions from Cyber Threat Intelligence”, IEEE Intelligence and Security Informatics (ISI) 2018. [ISI17] S. Das Bhattacharjee, Ashit Talukder, Ehab Al-Shaer and P. Doshi, "Prioritized active learning for malicious URL detection using weighted text-based features," 2017 IEEE International Conference on Intelligence and Security Informatics (ISI), Beijing, 2017, pp. 107-112. [MalPloy] Mohamed Alsaleh, Jinpeng, and Ehab Al-Shaer, “gExtractor: Towards Automated Extraction of Malware Deception Parameters”, ACSAC Workshop on Program Protection and Reverse Engineering Workshop, December 2018. [MTD14-sg] Mohammad Ashiqur Rahman, Rakesh Bobba and Ehab Al-Shaer, Moving Target Defense for Hardening the Security of the Power System State Estimation, ACM Workshop on Moving Target Defense (MTD 2014) in conjunction with the 21st ACM CCS, Scottsdale, Arizona, USA, November 2014. [MTD14-storm] Jafar Haadi H. Jafarian, Ehab Al-Shaer, Qi Duan, “Spatio-temporal Address Mutation for Proactive Cyber Agility against Sophisticated Attackers”, ACM CCS Workshop on Moving Target Defense, Nov. 2014. [NDSS13] Mohammad Ashiqur Rahman and Ehab Al-Shaer, ConfigSynth: A Formal Framework for Optimal Network Security Design, 20th Annual Network & Distributed System Security Symposium (NDSS), February 2013, (Short Paper) [NOMS12] Mohamed Amezziane, Ehab Al-Shaer and Muhammad Qasim Ali, On Stochastic Risk Ordering of Network Services for Proactive Security Management, IEEE/IFIP Network Operations and Management Symposium (NOMS 2012), April 2012. [Patent1] Ehab Al-Shaer and Qi Duan, Multiple Detector Methods and Systems for Defeating Low and Slow Denial of Service Attacks”, Provision US Patent, Inventors: Ehab Al-Shaer and Qi Duan, January 2016. [POLICY07] A. El-Atawy, T. Samak, Z. Wali, Ehab Al-Shaer, S. Li, F. Lin, and C. Pham, "An Automated Framework for Validating Firewall Policy Enforcement", In IEEE Workshop on Policies for Distributed Systems and Networks, June, 2007. [POLICY08] Taghrid Samak, Ehab Al-Shaer, and Hong Li, "QoS Policy Modeling and Conflict Analysis", The 9th International Workshop on Policies for Distributed Systems and Networks (Best Paper Award Policy 2008), June 2008. [QoP06] Muhammad Abedin, Syeda Nessa, Ehab Al-Shaer and Latifur Khan "Vulnerability Analysis For Evaluating Quality of Protection of Security Policies ", ACM CCS Workshop on Quality of Protection Workshop (QoP06), Oct. 30, 2006. [SACMAT07] Bin Zhang, Ehab Al-Shaer, Radha Jagadeesan, James Riely, Corin Pitcher, "Specifications of a High-level Conflict-Free Firewall Policy Language for Multi-domain Networks", In Proceedings of 12th ACM Symposium on Access Control Models And Technologies (SACMAT), Sophia Antipolis, France, June, 2007. [SafeConfig12] Mohammad Ashiqur Rahman and Ehab Al-Shaer, A Declarative Logic-based Approach for Threat Analysis of Advanced Metering Infrastructure, 5th Symposium on Configuration Analytics and Automation (SAFECONFIG), Baltimore, Maryland, USA, October 2012. [SafeConfig13] Mohammed Noraden Alsaleh, Saeed Al-Haj and Ehab Al-Shaer, Objective Metrics for Firewall Security: A Holistic View, IEEE Symposium on Security Analytics and Automation (SafeConfig), October 2013. [SCC13-1] Saeed Al-Haj, Ehab Al-Shaer and HariGovind Ramasamy, Security-Aware Resource Allocation in Clouds, IEEE International Conference on Services Computing (SCC 2013), June 2013. [SCC13-2] Qi Duan, Yongge Wang, Fadi Mohsen and Ehab Al-Shaer, Private and Anonymous Data Storage and Distribution in Cloud, IEEE Service Computing (SCC13), IEEE, June 2013. [SecureComm12] Ehab Al-Shaer, Qi Duan and Jafar Haadi Jafarian, Random Host Mutation for Moving Target Defense, 8th International Conference on Security and Privacy in Communication Networks, September 2012. [SEGS-CCS13] Mohammad Ashiqur Rahman, Fadi Mohsen and Ehab Al-Shaer, A Formal Model for Sustainable Vehicle-to-Grid Management, The Smart Energy Grid Security Workshop (SEGS), Co-located with CCS, ACM, November 2013. [SGCOMM13-1] Muhammad Qasim Ali, Ehab Al-Shaer and Qi Duan, Randomizing AMI Configuration for Proactive Defense in Smart Grid, IEEE SmartGridComm, October 2013. [SGCOMM13-2]Muhammad Qasim Ali and Ehab Al-Shaer, Probabilistic Model Checking for AMI Intrusion Detection, IEEE SmartGridComm, October 2013. [TDSC16] 1. Mohammad Ashiqur Rahman, Mohammad Hossein Manshaei, Ehab Al-Shaer, and Mohamed Shehab, Secure and Private Data Aggregation for Energy Consumption Scheduling in Smart Grids, IEEE Transactions on Dependable and Secure Computing, Volume PP, Issue 99, June 2015. [TIFS14] Muhammad Qasim Ali, Ehab Al-Shaer and Taghrid Samak, Firewall Policy Reconnaissance: Techniques and Analysis, IEEE Transactions on Information Forensics & Security, February 2014. [TIFS16-rhm] Ehab Al-Shaer, Jafar Haadi Jafarian and Qi Duan, An Effective Address Mutation Approach for Disrupting Reconnaissance Attacks, IEEE Transactions on Forensics and Security, 2016. [TISSEC13] Muhammad Qasim Ali, Ehab Al-Shaer, Hassan Khan and Syed Ali Khayam, Automated Anomaly Detector Adaptation using Adaptive Threshold Tuning, ACM Transactions on Information and System Security (TISSEC), Issue: 4, Volume: 15, Number: 17, April 2013. [TISSEC15] Muhammad Qasim Ali, Ehab Al-Shaer, Randomization-Based Intrusion Detection System for Advanced Metering Infrastructure. ACM Transactions on Information and System Security (TISSEC), 18(2): 7 (2015). [TSG13] Mohammad Ashiqur Rahman, Ehab Al-Shaer and Bera Padmalochan, A Noninvasive Security Threat Analyzer for AMI Smart Grid, IEEE Transactions on Smart Grid, March 2013. [TrusComm12] Mohammad Ashiqur Rahman, Libin Bai, Mohamed Shehab and Ehab Al-Shaer, Secure Distributed Solution for Optimal Energy Consumption Scheduling in Smart Grid, 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Liverpool, UK, June 2012. [TNSM08] Yongning Tang, Ehab Al-Shaer and Raouf Boutaba, “Towards Active Integrated Fault Localization for Internet and Overlay Service Networks”, IEEE Transactions on Network and Service Management, 2008. [TNSM04] Ehab Al-Shaer and Hazem Hamed, “Modeling and Management of Firewall Policies", In IEEE Transactions on Network and Service Management, Volume 1-1, April 2004. [SafeConfig14] Mohammed Noraden Alsaleh and Ehab Al-Shaer, Enterprise Risk Assessment Based on Compliance Reports and Vulnerability Scoring Systems, ACM Workshop on Cyber Security Analytics, Intelligence and Automation (SafeConfig), November 2014 [SafeConfig15] Yasi Khan, Ehab Al-Shaer, “Cyber Resilience-by-Construction: Modeling, Measuring & Verifying”, ACM CCS Workshop on Automated Decision Making for Active Cyber Defense, October 2015. [SafeConfig15] Yasir Imtiaz Khan, Ehab Al-Shaer and Usman Rauf, “Cyber resilience by construction: Modeling, Measuring and Verifying”, December 2015. [SafeConfig16] Mohammed Noraden Alsaleh and Ehab Al-Shaer, “Towards Automated Verification of Active Cyber Defense Strategies on Software Defined Networks”, 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense (SafeConfig 2016), October 2016. [SafeConfig17] Amirreza Niakanlahiji, Mir Mehedi, Pritom, Bei-Tseng Chu and Ehab Al-Shaer, “Predicting Zero-day Malicious IP Addresses”, ACM CCS Workshop on Applying the Scientific Method to Active Cyber Defense Research [SECRYPT18] Mohammed Noraden Alsaleh, Ehab Al-Shaer, Qi Duan, “Verifying the Enforcement and Effectiveness of Network Lateral Movement Resistance Techniques”, SECRYPT, July 2018. [SensorChecker] Al-Shaer, Ehab and Duan, Qi and Al-Haj, Saeed and Youssef, Moustafa,” SensorChecker: Reachability Verification in Mission-oriented Sensor Networks”, Proceedings of the 2Nd ACM Annual International Workshop on Mission-oriented Wireless Sensor Networking(MiSeNet '13),2013. [SEMS15] Usman Rauf, U., Kernicky, T., Whelan, M. J. and Ehab Al-Shaer, “Formal analysis of critical Infrastructures by structural identification”, Proceedings of the Society for Experimental Mechanics Series. Springer New York LLC, Vol. 2, p. 255-263, 2015. [SPA] Firewall Policy Advisor, http://www.cyberdna.uncc.edu/projects/FPA/. [TPDC16] Ashiqur Rahman and Ehab Al-Shaer, Automated Synthesis of Distributed Network Access Controls: A Formal Framework with Refinement, IEEE Transactions on Parallel and Distributed Systems (TPDC), Issue 99, June 2017.