@article{SCN2012,
  title = {Feature-based Type Identification of File Fragments,},
  author = {Amirani, M.C. and Toorani, M. and Mihandoost, S.},
  journal = {Journal of Security and Communication Networks},
  publisher = {John Wiley & Sons},
  url = {http://dx.doi.org/10.1002/sec.553},
abstract = {Digital information is packed into files when it is going to be stored on storage media. Each computer file is associated with a type. Type detection of computer data is a building block in different applications of computer forensics and security. Traditional methods were based on file extensions and metadata. The content-based method is a newer approach with the lowest probability of being spoofed and is the only way for type detection of data packets and file fragments. In this paper, a content-based method that deploys principle component analysis and neural networks for an automatic feature extraction is proposed. The extracted features are then applied to a classifier for the type detection. Our experiments show that the proposed method works very well for type detection of computer files when considering the whole content of a file. Its accuracy and speed is also significant for the case of file fragments, where data is captured from random starting points within files, but the accuracy differs according to the lengths of file fragments.}
}

@article{SCN2009,
  title = {A Secure Cryptosystem based on Affine Transformation},
  author = {Toorani, M. and Falahati, A.},
  journal = {Journal of Security and Communication Networks},
  number = 2,
  pages = {207-215},
  publisher = {John Wiley & Sons},
  url = {http://dx.doi.org/10.1002/sec.137},
  volume = 4,
  year = 2011,
  month = {February},
  abstract = {In this paper, it is proved that Lin et al.'s scheme that tried to strengthen the Hill cipher against the known-plaintext attack has several security flaws and is vulnerable to the chosen-ciphertext attack. This paper also introduces a secure and efficient symmetric cryptosystem based on affine transformation. The proposed cryptosystem includes an encryption algorithm that is an improved variant of the Affine Hill cipher, and two cryptographic protocols that are introduced for the proposed cryptosystem.}
}

@article{IJNS2010,
        title = {Cryptanalysis of an Elliptic Curve-based Signcryption Scheme},
        author = {Toorani, M. and Beheshti, A.},
        crossref = {journal/ijns/2010},
        journal = {International Journal of Network Security},
        number = 1,
        pages = {51-56},
        volume = 10,
        year = 2010,
      month = {January},
    abstract = {The signcryption is a relatively new cryptographic technique that is supposed to fulfill the functionalities of encryption and digital signature in a single logical step. Although several signcryption schemes are proposed over the years, some of them are proved to have security problems. In this paper, the security of Han et al.'s signcryption scheme is analyzed, and it is proved that it has many security flaws and shortcomings. Several devastating attacks are also introduced to the mentioned scheme whereby it fails all the desired and essential security attributes of a signcryption scheme.},
    }

@article{jas2009,
        title = {An Elliptic Curve-based Signcryption Scheme with Forward Secrecy},
        author = {Toorani, M. and Beheshti, A.},
        journal = {Journal of Applied Sciences},
        number = 6,
        pages = {1025-1035},
        volume = 9,
        year = 2009,
        abstract = {An elliptic curve-based signcryption scheme is introduced in this paper that effectively combines the functionalities of digital signature and encryption, and decreases the computational costs and communication overheads in comparison with the traditional signature-then-encryption schemes. It simultaneously provides the attributes of message confidentiality, authentication, integrity, unforgeability, non-repudiation, public verifiability, and forward secrecy of message confidentiality. Since it is based on elliptic curves and can use any fast and secure symmetric algorithm for encrypting messages, it has great advantages to be used for security establishments in store-and-forward applications and when dealing with resource-constrained devices.},
    }

@inproceedings{ISCC2009a,
        title = {A Directly Public Verifiable Signcryption Scheme based on Elliptic Curves},
        author = {Toorani, M. and Beheshti, A.},
        booktitle = {Proceedings of the 14th IEEE Symposium on Computers and Communications (ISCC'09)},
        pages = {713-716},
        publisher = {IEEE ComSoc},
        year = 2009,  
      month = {July},
    abstract = {A directly public verifiable signcryption scheme is introduced in this paper that provides the security attributes of message confidentiality, authentication, integrity, non-repudiation, unforgeability, and forward secrecy of message confidentiality. It provides the attribute of direct public verifiability so anyone can verify the signcryption without any need for any secret information from the corresponding participants. The proposed scheme is based on elliptic curve cryptography and is so suitable for environments with resource constraints.},
    }

@inproceedings{IEEEICCS2008,
        title = {LPKI - A Lightweight Public Key Infrastructure for the Mobile Environments},
        author = {Toorani, M. and Beheshti, A.},
        booktitle = {Proceedings of the 11th IEEE International Conference on Communication Systems (IEEE ICCS '08)},
        howpublished = {IEEEXplore},
        pages = {162-166},
        publisher = {IEEE},
        year = 2008,
      month = {November},
    description = {LPKI - A Lightweight Public Key Infrastructure for the Mobile Environments},
	abstract = {The non-repudiation as an essential requirement of many applications can be provided by the asymmetric key model. With the evolution of new applications such as mobile commerce, it is essential to provide secure and efficient solutions for the mobile environments. The traditional public key cryptography involves huge computational costs and is not so suitable for the resource-constrained platforms. The elliptic curve-based approaches as the newer solutions require certain considerations that are not taken into account in the traditional public key infrastructures. The main contribution of this paper is to introduce a Lightweight Public Key Infrastructure (LPKI) for the constrained platforms such as mobile phones. It takes advantages of elliptic curve cryptography and signcryption to decrease the computational costs and communication overheads, and adapting to the constraints. All the computational costs of required validations can be eliminated from end-entities by introduction of a validation authority to the introduced infrastructure and delegating validations to such a component. LPKI is so suitable for mobile environments and for applications such as mobile commerce where the security is the great concern. },
    }

@inproceedings{iccee2008,
        title = {Cryptanalysis of an Efficient Signcryption Scheme with Forward Secrecy Based on Elliptic Curve},
        author = {Toorani, M. and Beheshti, A.},
        booktitle = {Proceedings of 2008 International Conference on Computer and Electrical Engineering (ICCEE'08)},
        howpublished = {IEEEXplore},
        pages = {428-432},
        publisher = {IEEE Computer Society},
        year = 2008,
        day = {20-22},       
      month = {December},
    description = {Cryptanalysis of an Efficient Signcryption Scheme with Forward Secrecy Based on Elliptic Curve},
	abstract = {The signcryption is a relatively new cryptographic technique that is supposed to fulfill the functionalities of encryption and digital signature in a single logical step. Several signcryption schemes are proposed throughout the years, each of them having its own problems and limitations. In this paper, the security of a recent signcryption scheme, i.e. Hwang et al.'s scheme is analyzed, and it is proved that it involves several security flaws and shortcomings. Several devastating attacks are also introduced to the mentioned scheme whereby it fails all the desired and essential security attributes of a signcryption scheme. },
    }

@inproceedings{iscc2008b,
        title = {A new approach to content-based file type detection},
        author = {Mehdi Chehel Amirani and Toorani, M. and Beheshti, A.},
        booktitle = {Proceedings of the 13th IEEE Symposium on Computers and Communications (ISCC'08)},
        pages = {1103-1108},
        publisher = {IEEE ComSoc},
        year = 2008,       
      month = {July},
    description = {A new approach to content-based file type detection},
	abstract = {File type identification and file type clustering may be difficult tasks that have an increasingly importance in the field of computer and network security. Classical methods of file type detection including considering file extensions and magic bytes can be easily spoofed. Content-based file type detection is a newer way that is taken into account recently. In this paper, a new content-based method for the purpose of file type detection and file type clustering is proposed that is based on the PCA and neural networks. The proposed method has a good accuracy and is fast enough.},
    }

@inproceedings{iscc2008a,
        title = {SSMS - A Secure SMS Messaging Protocol for the M-payment Systems},
        author = {Toorani, M. and Beheshti, A.},
        booktitle = {Proceedings of the 13th IEEE Symposium on Computers and Communications (ISCC'08)},
        howpublished = {IEEEXplore},
        pages = {700-705},
        publisher = {IEEE ComSoc},
        year = 2008,
      month = {July},
    abstract = {The GSM network with the greatest worldwide number of users, succumbs to several security vulnerabilities. The short message service (SMS) is one of its superior and well-tried services with a global availability in the GSM networks. The main contribution of this paper is to introduce a new secure application layer protocol, called SSMS, to efficiently embed the desired security attributes in the SMS messages to be used as a secure bearer in the m-payment systems. SSMS efficiently embeds the confidentiality, integrity, authentication, and non-repudiation in the SMS messages. It provides an elliptic curve-based public key solution that uses public keys for the secret key establishment of a symmetric encryption. It also provides the attributes of public verification and forward secrecy. It efficiently makes the SMS messaging suitable for the m-payment applications where the security is the great concern. },
    }

@inproceedings{ngmast2008,
        title = {Solutions to the GSM Security Weaknesses},
        author = {Toorani, M. and Beheshti, A.},
        booktitle = {Proceedings of the Second International Conference on Next Generation Mobile Applications, Services, and Technologies (NGMAST'08)},
        howpublished = {IEEEXplore},
        pages = {576-581},
        publisher = {IEEE Computer Society},
        year = 2008,
      month = {September},
    description = {Solutions to the GSM Security Weaknesses},
	abstract = {Recently, the mobile industry has experienced an extreme increment in number of its users. The GSM network with the greatest worldwide number of users succumbs to several security vulnerabilities. Although some of its security problems are addressed in its upper generations, there are still many operators using 2G systems. This paper briefly presents the most important security flaws of the GSM network and its transport channels. It also provides some practical solutions to improve the security of currently available 2G systems. },
    }

@inproceedings{iscc2009b,
        title = {A Secure Variant of the Hill Cipher},
        author = {Toorani, M. and Falahati, A.},
        booktitle = {Proceedings of the 14th IEEE Symposium on Computers and Communications (ISCC'09)},
        pages = {313-316},
        publisher = {IEEE ComSoc},
        year = 2009,
      month = {July},
    abstract = {The Hill cipher is a classical symmetric encryption algorithm that succumbs to the know-plaintext attack. Although its vulnerability to cryptanalysis has rendered it unusable in practice, it still serves an important pedagogical role in cryptology and linear algebra. In this paper, a variant of the Hill cipher is introduced that makes the Hill cipher secure while it retains the efficiency. The proposed scheme includes a ciphering core for which a cryptographic protocol is introduced.},
    }

@inproceedings{atnac2008,
        title = {SMEmail - A New Protocol for the Secure E-mail in Mobile Environments},
        author = {Toorani, M.},
        booktitle = {Proceedings of the Australian Telecommunications Networks and Applications Conference (ATNAC'08)},
        howpublished = {IEEEXplore},
        pages = {39-44},
        publisher = {IEEE},
        year = 2008,
      month = {December},
    abstract = {The electronic mail plays an unavoidable role in the humankind communications. With the great interest for the connection via mobile platforms, and the growing number of vulnerabilities and attacks, it is essential to provide suitable security solutions regarding the limitations of resource restricted platforms. Although some solutions such as PGP and S/MIME are currently available for the secure e-mail over the Internet, they are based on traditional public key cryptography that involves huge computational costs. In this paper, a new secure application-layer protocol, called SMEmail, is introduced that provides several security attributes such as confidentiality, integrity, authentication, non-repudiation, and forward secrecy of message confidentiality for the electronic mails. SMEmail offers an elliptic curve-based public key solution that uses public keys for the secure key establishment of a symmetric encryption, and is so suitable for the resource restricted platforms such as mobile phones.},
    }