Azadeh Tabiban


I work as a tenure-track Assistant Professor at the Computer Science Department of University of Manitoba, and I lead the FOCUS research lab. My research focuses on building scalable and intelligent technologies which increase the transparency and trustworthiness of real-world computing systems, and facilitate the security analysis tasks of human. One of my primary research goals is ensuring the industrial relevance and practicality of my built systems. My research contribution is published in prestigious venues such as NDSS'22 (Big 4 security conference, acceptance ratio 16.2%), IEEE Communications Magazine (impact factor 11.2), best paper candidate CNS'20, etc. Previously, I was an industrial Postdoctoral Fellow at University of Waterloo collaborating with Ericsson Montreal. I completed my PhD at Concordia University (with Prof. Lingyu Wang and Prof. Makan Pourzandi), when I was collaborating with Ericsson on NSERC/Ericsson IRC in SDN/NFV Security Project.

Openings: Funded PhD and MSc positions. The desired experties include system/cloud/network security and machine learning applied to security (students from underrepresented and marginalized groups are specifically encouraged to apply). To apply, fill out this form and then send an email to me (azadeh.tabiban [at] umanitoba [dot] ca). You must fulfill the department admission requirements. Please check the department deadlines and requirements. Due to the large number of emails I receive every day, you will only hear from me if you are shortlisted for the interview. See our research team page here for more information.

For UofM undergrad students: If you are interested in programming and cybersecurity, and are excited about joining us to build practical security solutions, drop me an email.



Curriculum Vitae

News

  • 4/2024: Our paper on hardening smart grid substations against supply chain attacks got accepted by IEEE Transactions on Instrumentation and Measurement (TIM)
  • 3/2024: Delighted and honored to receive NSERC Discovery Grant, "Scalable, Reliable and Robust Provenance in the New Era of Interconnected Intelligent Systems".
  • 2/2024: Invited to serve on the TPC of ACSAC 2024
  • 12/2023: Our paper on signaling storm in O-RAN got accepted at IEEE Communications Magazine (ComMag)
  • 11/2023: Invited to serve on the TPC of EAI SecureComm 2024
  • 10/2023: Very exciting news! National Cybersecurity Consortium (NCC) funded our project on the security of 5G mobile networks. Looking forward to the impactful work with Ericsson Inc., Concordia and Waterloo University!

Academic Experience

  • Assistant Professor
    University of Manitoba, Winnipeg, Canada
  • Postdoctoral Fellow
    University of Waterloo, Waterloo, Canada (Collaborating with Ericsson Montreal)
  • Research Assistant
    NSERC/Ericsson CRD and NSERC/Ericsson IRC projects
    Concordia Institute for Information Systems Engineering, Montreal, Canada

Research Interests

I am interested in a wide range of topics in Security and Privacy. My recent projects are focused on:
  • Provenance analysis
  • Cloud/edge security
  • NFV and network security
  • Machine learning applied to security
  • IoT security

Publications

  • Measuring and Improving the Security Posture of IEC 61850 Substations against Supply Chain Attacks
    Onur Duman, Azadeh Tabiban, Lingyu Wang and Mourad Debbabi
    IEEE Transactions on Instrumentation and Measurement, Accepted, 2024
  • Signaling Storm in O-RAN: Challenges and Research Opportunities
    Azadeh Tabiban, Hyame Assem Alameddine, Mohammad A. Salahuddin and Raouf Boutaba
    IEEE Communication Magazine (ComMag) (impact factor 11.2), 2023 PDF
    O-RAN enables agile network architecture through programmable disaggregated units. However, the complexity and disaggregation of O-RAN may increase the risk of security incidents. Signaling storm is one of such incidents that disrupts network services through excessive control signals. This article conducts the first survey on signaling storm in O-RAN. Specifically, we discuss different threat models and existing signaling storm solutions and their applicability to O-RAN with respect to its properties, and perform a preliminary experiment on the impact of signaling storm on disaggregated RAN. We also provide insights and future reserach directions on leveraging key benefits of O-RAN to address signaling storms.

  • ProvTalk: Towards Interpretable Multi-level Provenance Analysis in Networking Functions Virtualization (NFV)
    Azadeh Tabiban, Heyang Zhao, Yosr Jarraya, Makan Pourzandi, Mengyuan Zhang and Lingyu Wang
    Proc. the Network and Distributed System Security Symposium (NDSS 2022) (Acceptance ratio 16.2%) PDF Slides Talk

    How can we effectively analyze the events across different levels of NFV (e.g., events affecting a virtual IDS or its underlying virtual machine) while reducing our reliance on human expertise? In a nutshell, ProvTalk increases the interpretability of provenance graphs by leveraging the already existing dependencies between different visualizations of the same components (e.g., underlying VMs visualized as a virtual IDS at the top) to assign high-level semantics to low-level events. Next, it discards irrelevant events and aggregates nodes with the same semantics to decrease the size of analyses.

  • VinciDecoder: Automatically Interpreting Provenance Graphs into Textual Forensic Reports with Application to OpenStack
    Azadeh Tabiban, Heyang Zhao, Yosr Jarraya, Makan Pourzandi and Lingyu Wang
    Proc. the 27th Nordic Conference on Secure IT Systems (NordSec 2022) (Acceptance ratio 20/89≈22.47%) PDF Slides
    • US Provisional Patent Application
    VinciDecoder leverages a novel combination of provenance analysis, natural language translation, and machine-learning techniques to automatically generate forensic reports. By reducing the reliance on human analysts to interpret and document provenance graphs, we avoid the limitations, human error, and delay that are natural to such manual efforts, and allow for more timely incident-response.

  • Catching Falling Dominoes: Cloud Management-Level Provenance Analysis with Application to OpenStack
    Azadeh Tabiban, Yosr Jarraya, Mengyuan Zhang, Makan Pourzandi, Lingyu Wang and Mourad Debbabi
    Proc. the 8th IEEE Conference on Communications and Network Security (CNS 2020) PDF Slides
    Selected as a best paper candidate

  • PERMON: An OpenStack Middleware for Runtime Security Policy Enforcement in Clouds
    Azadeh Tabiban, Suryadipta Majumdar, Lingyu Wang and Mourad Debbabi
    Proc. the 4th IEEE Workshop on Security and Privacy in the Cloud (SPC 2018) PDF Demo

  • Proactivizer: Transforming Existing Verification Tools into Efficient Solutions for Runtime Security Enforcement
    Suryadipta Majumdar, Azadeh Tabiban, Meisam Mohammady, Alaa Oqaily, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi
    Proc. the 24th European Symposium on Research in Computer Security (ESORICS 2019) PDF

  • Learning Probabilistic Dependencies among Events for Proactive Security Auditing in Clouds
    Suryadipta Majumdar, Azadeh Tabiban, Yosr Jarraya, Momen Oqaily, Amir Alimohammadifar, Makan Pourzandi, Lingyu Wang and Mourad Debbabi
    Journal of Computer Security (JCS), Vol. 27, No. 2, March 2019, pages 165-202 PDF

  • Multi-Level Proactive Security Auditing for Cloud
    Suryadipta Majumdar, Azadeh Tabiban, Meisam Mohammady, Alaa Oqaily, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi
    Proc. the IEEE Conference on Dependable and Secure Computing (DSC 2019), Hangzhou, China, November 18-20, 2019

  • Cloud Security Auditing (Book)
    Suryadipta Majumdar, Taous Madi, Yushun Wang, Azadeh Tabiban, Momen Oqaily, Amir Alimohammadifar, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi
    Springer, 2019, ISBN 978-3-030-23127-9

  • Under Review
    • DominoBlocker: Preventing Recurring Security Incidents in Clouds via Management-level Provenance Analysis
      Azadeh Tabiban, Mohammad Ekramul Kabir, Makan Pourzandi, Yosr Jarraya, Mengyuan Zhang, Lingyu Wang and Mourad Debbabi
      Submitted to the IEEE Transactions on Dependable and Secure Computing (TDSC)

Students

  • PhD students
    • Sareh Mohammadi (PhD student at Concordia University co-advised with Dr. Lingyu Wang)
  • MSc students
    • Magdy Nasr (BSc at Cairo University → MSc at UofM): Fall 2024 - Present
    • Yousef Adham (BSc at Cairo University → MSc at UofM): Starting Winter 2025
  • Undergrad students
    • Hrutil Patel (Undergrad at UofM) Spring 2024 - Present
  • Former students
    • Hayley Kirkup (Undergrad at UofM) Fall 2024

Teaching

  • Assistant Professor
    • Undergrad course: Computer Security (COMP 4580), Winter 2025
    • Grad/undergrad course: Cyber Threat Intelligence and Response (COMP 7860/4062), Fall 2024 Tentative course outline
    • Grad course: Computer Security (COMP 7860), Winter 2024 Tentative course outline
  • Guest lecturer
    • Cloud Computing Security and Privacy (INSE 6620), Summer 2023, 2022, 2021, 2020
    • Operating System Security (INSE 6130), Fall 2022
  • Teaching Assistant (Programmer on duty, lab demonstrator, tutor and marker)
    • Operating System Security (INSE 6130), Fall 2021, Fall 2020, Winter 2020, Fall 2018
    • Malware Defenses and Application Security (INSE 6140), Winter 2022, Winter 2021
    • Cloud Computing Security (INSE 6620), Summer 2020

Service

  • Conference and workshop organization
    • Organizer: Workshop on (Intent-based Networking), 2024 (in Conjunction with DRCN 2024)
    • Publicity Chair: Workshop on Privacy in the Electronic Society (WPES 2022) in conjunction with ACM CCS
  • Technical Program Committee
    • The Annual Computer Security Applications Conference (ACSAC 2024)
    • The 20th EAI International Conference on Security and Privacy in Communication Networks (EAI SecureComm 2024)
    • The 26th International Conference on Information and Communications Security (ICICS 2024)
    • Workshop on Privacy in the Electronic Society (WPES 2023)
    • International Conference on Security and Privacy (ICSP 2024)
    • EAI International Conference on Security and Privacy in Communication Networks (EAI SecureComm 2023)
  • Journal reviewer
    • IEEE Transactions on Network and Service Management (TNSM)
    • ACM Computing Surveys
    • Cluster Computing Springer Nature
    • IET Information Security
    • IEEE Transactions on Dependable and Secure Computing (TDSC)
    • Annals of Telecommunications (ANTE)
    • IEEE Access
    • Journal of Information Security and Applications
  • Conference reviewer and external reviewer
    • 2024: The Network and Distributed System Security Symposium (NDSS 2025)
    • 2024: The Annual Computer Security Applications Conference (ACSAC)
    • 2024: ACM Conference on Computer and Communications Security (CCS)
    • 2023: The Web Conference - Security, Privacy, and Trust track (WWW)
    • 2018-2022: European Symposium on Research in Computer Security (ESORICS)
    • 2020-2022: Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec)
    • 2020: IEEE Conference on Communications and Network Security (CNS)
    • 2020: International Conference on Applied Cryptography and Network Security (ACNS)
    • 2019: International Conference on Information and Communications Security (ICICS)
    • 2019: IFIP TC-11 SEC 2019 International Information Security and Privacy Conference (SEC)

Contact

Email: azadeh.tabiban [at] umanitoba [dot] ca / azadeh.tabiban [at] gmail [dot] com
Office: E2-574 EITC
Phone: 204-474-8456
Mailing Address: 75 Chancellors Cir, Winnipeg, Manitoba, Canada, R3T 5V6

web counter