I am an assistant professor in the Department of Computer Science and Engineering and director of Active Cyber and Infrastructure Defense (ACID) lab at University of Colorado Denver. I received my Ph.D. from University of North Carolina Charlotte in 2017. My research interest lies in a spectrum of topics in security and privacy, including but not limited to active cyber defense (ACD), security analytics and automation, big data analytics for security and privacy, and securing critical infrastructures including cyber-physical systems, and Internet-of-Things.
My primary research interests include:
Active Cyber Defense for Emerging Threats on Networks, Applications and Infrastructures
Big Data Analytics for Cyber Threat Intelligence
Security for Cyber-Physical Systems & Critical Infrastructures
Security for Internet-of-Things
Security Analytics and Automation
Word Cloud of Publications
Improved Deterministic Broadcasting for Multiple Access Channels, Bader A. Aldawsari, J. Haadi Jafarian, Science and Information Conference, 2020.
HoneyBug: Personalized Cyber Deception for Web Applications, Amirreza Niakanlahiji, J. Haadi Jafarian, Bei-Tseng Chu, Ehab Al-Shaer, Hawaii International Conference on System Sciences, 2020.
A Deception Planning Framework for Cyber Defense, J. Haadi Jafarian, Amirreza Niakanlahiji, Hawaii International Conference on System Sciences, 2020.
Deliverying Honeypots as a Service, Amirreza Niakanlahiji, J. Haadi Jafarian, Hawaii International Conference on System Sciences, 2020.
An Accurate and Scalable Role Mining Algorithm based on Graph Embedding and Unsupervised Feature Learning, Masoumeh Abolfathi, Zohreh Raghebi, J. Haadi Jafarian, Farnoush Banaei-Kashani, Hawaii International Conference on System Sciences, 2020.
A Novel Permutational Sampling Technique for Cooperative Network Scanning, J. Haadi Jafarian, Kuntal Das, 17th International Conference on Privacy, Security and Trust (PST), 2019.
Raising the Bar Really High: An MTD Approach to Protect Data in Embedded Browsers, Fadi Mohsen, J. Haadi Jafarian, IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC), 2019.
Defeating cross-site scripting attacks using moving target defense, Amirreza Niakanlahiji, J. Haadi Jafarian, Security and Communication Networks, 2019.
Conceal: A strategy composition for resilient cyber deception-framework, metrics and deployment, Qi Duan, Ehab Al-Shaer, Mazharul Islam, J. Haadi Jafarian, IEEE Conference on Communications and Network Security (CNS), 2018.
WebMTD: Defeating Web Code Injection Attacks using Web Element Attribute Mutation, Amirreza Niakanlahiji, J. Haadi Jafarian, 2017 ACM Workshop on Moving Target Defense, ACM CCS, 2017.
Insider Threat Mitigation Using Moving Target Defense and Deception, Hassan Takabi, J. Haadi Jafarian, 2017 International Workshop on Managing Insider Security Threats, ACM CCS, 2017.
Multi-dimensional Host Identity Anonymization for Defeating Skilled Attackers, J. Haadi Jafarian, A. Niakanlahiji, E. Al-Shaer, and Qi Duan, 2016 ACM Workshop on Moving Target Defense, ACM CCS, 2016.
An Effective Address Mutation Approach for Disrupting Reconnaissance Attacks, J. Haadi Jafarian, E. Al-Shaer, and Qi Duan, IEEE Transactions on Information Forensics and Security, Vol. 10, No. 12, 2015.
Adversary-aware IP Address Randomization for Proactive Agility against Sophisticated Attackers, J. Haadi Jafarian, E. Al-Shaer, and Qi Duan, IEEE INFOCOM, 2015.
Spatiotemporal Address Mutation for Proactive Cyber Agility against Sophisticated Attackers, J. Haadi Jafarian, E. Al-Shaer, and Qi Duan, First ACM Workshop on Moving Target Defense (MTD'14), ACM CCS, 2014.
Efficient Random Route Mutation Considering Flow and Network Constraints, Qi Duan, E. Al-Shaer, and J. Haadi Jafarian, IEEE Conference on Communications and Network Security (CNS), 2013.
Formal Approach for Route Agility Against Persistent Attackers, J. Haadi Jafarian, E. Al-Shaer, and Qi Duan, 18th European Symposium on Research in Computer Security (ESORICS), 2013.
OpenFlow Random Host Mutation: Transparent Moving Target Defense using Software Defined Networking, J. Haadi Jafarian, E. Al-Shaer, and Qi Duan, ACM SIGCOM Workshop on Hot Topics in Software Defined Networking (HotSDN), 2012.
Random Host Mutation for Moving Target Defense, E. Al-Shaer, Qi Duan, and J. Haadi Jafarian 8th International Conference on Security and Privacy in Communication Networks, 2012.
Towards a General Framework for Optimal Role Mining: A Constraint Satisfaction Approach, J. Haadi Jafarian, Hassan Takabi, Hakim Touati, Ehsan Hesamifard, and Mohamed Shehab, 20th ACM Symposium on Access Control Models and Technologies (SACMAT), 2015.
A Vagueness-based Obfuscation Technique for Protecting Location Privacy, J. Haadi Jafarian, Second IEEE International Conference on Information Privacy, Security, Risk and Trust (PASSAT2010), 2010.
Protecting Location Privacy through a Graph-based Location Representation and a Robust Obfuscation Technique, J. Haadi Jafarian, A. Noorollahi, Morteza Amini, Rasool Jalili, 11th International Conference on Information Security and Cryptology (ICISC 2008), 2008.
GTHBAC: A Generalized Temporal History-Based Access Control Model, A. Noorollahi, J. Haadi Jafarian , Morteza Amini , Rasool Jalili, Telecommunication Systems, Volume 45, Issue 2-3, 2010.
CAMAC: A Context-Aware Mandatory Access Control Model, J. Haadi Jafarian, Morteza Amini, ISC International Journal of Information Security (ISeCure), Vol.1, No. 1, 2009.
GTHBAC: A Generalized Temporal History-Based Access Control Model, J. Haadi Jafarian, Morteza Amini, Rasool Jalili, 27th international conference on Computer Safety, Reliability, and Security (SafeComp 2008), 2008.
A History-Based Semantic Aware Access Control Model Using Logical Time Approach, A. Noorollahi, Morteza Amini , Rasool Jalili, J. Haadi Jafarian, 3rd IEEE International Workshop on Internet and Distributed Computing Systems (IDCS 2008), 2008.
A Gray-Box DPDA-Based Intrusion Detection Technique Using System-Call Monitoring, J. Haadi Jafarian, Ali Abbasi, 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference (CEAS 2011), 2011.
This crosslisted course presents analytical study of state-of-the-art attack and defense paradigms in cyber systems and infrastructures. Analysis will focus on: theoretical foundations of cybersecurity, practical development of novel technical defense techniques and analysis of alternatives.
This hands-on course introduces the fundamentals of developing full-stack Web applications, using NodeJS, MongoDB, and front-end technologies including AngularJS and ViewJS. At the end of this course, students will be able to build their own browser-based applications for e-commerce and other applications that require Web access to server-based resources.