Faculty Profile

Lotfi Ben Othmane

Title
Clinical Associate Professor
Department
Computer Science and Engineering
College
College of Engineering

    

    

      


                          

            
Curriculum Vitae

            

              Click Here to View Faculty CV
            

          

        
                          

            
Education

            



  

  


  
PhD, Western Michigan University, 2010. 
Major: Computer Science
Dissertation Title: Active bundles for protecting con dentiality of sensitive data throughout their lifecycle
MS, University of Sherbrooke, 2000. 
Major: Computer Science
Degree Specialization: Distributed Systems
BS, University of Sfax, 1995. 
Major: Informatics applied to Management





          

        
                

          
Current Scheduled Teaching*


          
CSCE 5565.001, Secure Software Development, Summer 2024 
CSCE 5214.001, Software Development for Artificial Intelligence, Summer 2024 
CSCE 5214.002, Software Development for Artificial Intelligence, Summer 2024 
CSCE 6950.964, Doctoral Dissertation, Spring 2024 
CSCE 5950.864, Master's Thesis, Spring 2024 
CSCE 4565.001, Secure Software Development, Spring 2024 Syllabus
CSCE 5565.001, Secure Software Development, Spring 2024 Syllabus
CSCE 5214.001, Software Development for Artificial Intelligence, Spring 2024 


          
*
  Texas Education Code 51.974 (HB 2504) requires each institution of
  higher education to make available to the public, a syllabus for
  undergraduate lecture courses offered for credit by the institution.
  

        

      

    

  


    

    

      


        


          


            
Previous Scheduled Teaching*


            
                    

                    CSCE 5934.864, Directed Study, Fall 2023 
                    

                    CSCE 6940.862, Individual Research, Fall 2023 
                    

                    CSCE 5950.864, Master's Thesis, Fall 2023 
                    

                    CSCE 4565.002, Secure Software Development, Fall 2023 Syllabus SPOT
                    

                    CSCE 4565.003, Secure Software Development, Fall 2023 Syllabus SPOT
                    

                    CSCE 5565.001, Secure Software Development, Fall 2023 Syllabus SPOT
                    

                    CSCE 5565.003, Secure Software Development, Fall 2023  SPOT
                    

                    CSCE 5214.003, Software Development for Artificial Intelligence, Fall 2023  SPOT
                    

                    CSCE 5214.004, Software Development for Artificial Intelligence, Fall 2023  SPOT
                    

                    CSCE 6940.853, Individual Research, Summer 10W 2023 
                    

                    CSCE 5934.853, Directed Study, Spring 2023 
                    

                    CSCE 4565.001, SECURE SOFTWARE SYSTEM, Spring 2023 Syllabus SPOT
                    

                    CSCE 5565.001, Secure Software Systems, Spring 2023  SPOT
                    

                    CSCE 5214.001, Software Development for Artificial Intelligence, Spring 2023  SPOT
                    

                    CSCE 5214.002, Software Development for Artificial Intelligence, Spring 2023  SPOT
                    

                    CSCE 5934.864, Directed Study, Fall 2022 
                    

                    CSCE 6940.862, Individual Research, Fall 2022 
                    

                    CSCE 4565.001, SECURE SOFTWARE SYSTEM, Fall 2022 Syllabus SPOT
                    

                    CSCE 5565.001, Secure Software Systems, Fall 2022 Syllabus SPOT
                    

                    CSCE 5565.002, Secure Software Systems, Fall 2022 Syllabus SPOT
                    

                    CSCE 5214.003, Software Development for Artificial Intelligence, Fall 2022 Syllabus SPOT
                    

                    CSCE 5214.004, Software Development for Artificial Intelligence, Fall 2022 Syllabus SPOT

          


          
*
  Texas Education Code 51.974 (HB 2504) requires each institution of
  higher education to make available to the public, a syllabus for
  undergraduate lecture courses offered for credit by the institution.
  

        

      

    

  

  
  	

	

	  

		

		   
Published Publications



  

  
Published Intellectual Contributions


  
Book Chapter
Ben Othmane, L., Brucker, A. D., Dashevskyi, S., Tsalovski, P.  (2017). An Introduction to Data Analytics for Software Security. Empirical Research for Software Security: Foundations and Experience. CRC Press. 
Cruzes, D. S., Ben Othmane, L.  (2017). Threats to Validity in Empirical Software Security Research. Empirical Research for Software Security: Foundations and Experience. CRC Press. 
Ben Othmane, L., Weffers, H., Mohamad, M. M., Wolf, M.  (2015). A Survey of Security and Privacy in Connected Vehicles. Other. 217--247. Springer New York. 
Ben Othmane, L., Weffers, H., Ranchal, R., Angin, P., Bhargava, B., Mohamad, M. M. (2013). A Case for Societal Digital Security Culture. Security and Privacy Protection in Information Processing Systems. 391--404. Springer Berlin Heidelberg. 
Conference Proceeding
Jedh, M. B., Lee, J. K., Ben Othmane, L.  (2023). Evaluation of the Architecture Alternatives for Real-time Intrusion Detection Systems for Connected Vehicles. IEEE International Conference on Software Quality, Reliability, and Security.  NY: IEEE. 
Pecka, N., Ben Othmane, L., Valani, A.  (2022). Privilege Escalation Attack Scenarios on the DevOps Pipeline Within a Kubernetes Environment. Proceedings of the International Conference on Software and System Processes and International Conference on Global Software Engineering. 45--49. 
Ben Othmane, L., Gantenbein, H., Yasar, H., Curzi, S., Valani, A., Prabhakar, A., Cuddy, R.  (2022). Tutorial: Threat Modeling of Cloud-based Solutions. 2022 IEEE Secure Development Conference (SecDev). IEEE. 
Ben Othmane, L., Jamil, A.  (2022). Self-Confidence of Undergraduate Students in Designing Software Architecture. Proc. The Annual Conference The American Society for Engineering Education. 
Ben Othmane, L., Ahmed, N.  (2022). Using Garbled Circuit for Secure Brokering. The 16th International Conference on Risks and Security of Internet and Systems. 
Jamil, A., Othmane, L. b., Valani, A.  (2021). Threat Modeling of Cyber-Physical Systems in Practice. The 16th International Conference on Risks and Security of Internet and Systems. 
Jamil, A., Khan, S., Lee, J. K., Ben Othmane, L.  (2021). Towards Automated Threat Modeling of Cyber-Physical Systems. 7th International Conference on Software Engineering \& Computer Systems (ICSECS). 614--619. 
Jamil, A. M., Ben Othmane, L., Altaz Valani, A., Abdelkhalek, M., Tek, A.  (2020). The Current Practices of Changing Secure Software: An Empirical Study. The 35th ACM/SIGAPP Symposium on Applied Computing. 
Othmane, L. B., Jamil, A., Abdelkhalek, M.  (2019). Identification of the Impacts of Code Changes on the Security of Software. 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC). 2, 569--574. 
Othmane, L. B., Lamm, M.  (2019). Mindset for software architecture students. 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC). 2, 306--311. 
Ben Othmane, L., Alvarez, V., Berner, K., Fuhrmann, M., Fuhrmann, W., Guss, A., Hartsock, T.  (2018). A low-cost fleet monitoring system. 2018 IEEE International Smart Cities Conference (ISC2). 1--2. 
Mohan, V., Ben Othmane, L., Kres, A.  (2018). BP: Security concerns and best practices for the automation of software deployment processes - an industrial case study. IEEE Cybersecurity Development Conference (SecDev). 
Sardesai, S., Ulybyshev, D., Ben Othmane, L., Bhargava, B.  (2018). Impacts of Security Attacks on The Effectiveness of Collaborative Adaptive Cruise Control Mechanism. 2018 IEEE International Smart Cities Conference (ISC2). 1--5. 
Ulybyshev, D., Alsalem, A. O., Bhargava, B., Savvides, S., Mani, G., Othmane, L. B. (2018). Secure data communication in autonomous v2x systems. 2018 IEEE International Congress on Internet of Things (ICIOT). 156--163. 
Pfretzschner, B., Ben Othmane, L.  (2017). Identification of dependency-based attacks on node. js. Proceedings of the 12th International Conference on Availability, Reliability and Security. 1--6. 
Fernando, R., Ranchal, R., An, B., Ben Othmane, L., Bhargava, B.  (2016). Consumer oriented privacy preserving access control for electronic health records in the cloud. IEEE cloud. 
Pfretzschner, B., Ben Othmane, L.  (2016). Dependency-based Attacks on Node. js. 2016 IEEE Cybersecurity Development (SecDev). 66--66. 
Mohan, V., Othmane, L. B. (2016). Secdevops: Is it a marketing buzzword?-mapping research on security in devops. 2016 11th international conference on availability, reliability and security (ARES). 542--547. 
Othmane, L. B., Ali, A.  (2016). Towards effective security assurance for incremental software development the case of zen cart application. 2016 11th International Conference on Availability, Reliability and Security (ARES). 564--571. 
Othmane, L. b., Chehrazi, G., Bodden, E., Tsalovski, P., Brucker, A. D., Miseldine, P.  (2015). Factors impacting the effort required to fix security vulnerabilities. International Conference on Information Security. 102--119. 
Lilien, L. T., Othmane, L. b., Angin, P., Bhargava, B., Salih, R. M., DeCarlo, A.  (2015). Impact of Initial Target Position on Performance of UAV Surveillance Using Opportunistic Resource Utilization Networks. Proc. 33rd IEEE International Symposium on Reliable Distributed Systems Workshops (SRDSW). 
Al-Hadhrami, N., Aziz, B., Sardesai, S., Othmane, L. b. (2015). Incremental Development of RBAC-controlled E-marking System Using the B Method. Proc. the 10th International Conference on Availability, Reliability and Security (ARES 2015). 
Oueslati, H., Rahman, M. M., Ben Othmane, L.  (2015). Literature Review of the Challenges of Developing Secure Software Using the Agile Approach. Proc. of the 10th International Conference on Availability, Reliability and Security. 
Ben Othmane, L., Cerqueus, T., Thiery, A., Salehie, M., Noel, N., Labaere, A., Domingues, R\'emi,, Cordier, A., Ventresque, A., Pasquale, L., others,  (2015). Response to Emergency Situations in a Traffic Management System. Proc. International Conference on Computer Information Systems. 
Renaud, K., Flowerday, S., Ben Othmane, L., Volkamer, M.  (2015). “I Am Because We Are”: Developing and Nurturing an African Digital Security Culture. African Cyber Citizenship Conference 2015. 
Othmane, L. b., Angin, P., Bhargava, B.  (2014). Using Assurance Cases to Develop Iteratively Security Features Using Scrum. The First International Workshop on Software Assurance (SAW 2014 )--Proc. the 9th International Conference on Availability, Reliability and Security (ARES). 
Ben Othmane, L., Bhuse, V., Lilien, L. T. (2013). Incorporating lab experience into computer security courses. 2013 World Congress on Computer and Information Technology (WCCIT). 1--4. 
Bhargava, B., Ranchal, R., Othmane, L. B. (2013). Secure Information Sharing in Digital Supply Chains. Proceedings of IEEE IACC. 
Lilien, L., Elbes, M., Othmane, L. b., Salih, R.  (2013). Simulation of Emergency Response Operations for a Static Chemical Spill within a Building using an Opportunistic Resource Utilization Network. The 13th annual IEEE Conference on Technologies for Homeland Security (HST ’13). 
Ben Othmane, L., Al-Fuqaha, A., ben Hamida, E., van den Brand, M.  (2013). Towards Extended Safety in Connected Vehicles. 16th International IEEE Conference on Intelligent Transportation Systems-(ITSC), 2013. 652--657. 
Ben Othmane, L., Weffers, H., Klabbers, M.  (2013). Using attacker capabilities and motivations in estimating security risk. Workshop on Risk Perception in IT Security and Privacy. Newcastle, UK. 
Azarmi, M., Bhargava, B., Angin, P., Ranchal, R., Ahmed, N., Sinclair, A., Linderman, M., Othmane, L. b. (2012). An End-to-End Security Auditing Approach for Service Oriented Architectures. 31st IEEE International Symposium on Reliable Distributed Systems (SRDS 2012). 
Salih, R. M., Lilien, L., Othmane, L. b. (2012). Protecting Patients’ Electronic Health Records Using Enhanced Active Bundles. 6th International Conference on Pervasive Computing Technologies for Healthcare. 
M. Salih, R., Ben Othmane, L., Lilien, L.  (2011). Privacy Protection in Pervasive Healthcare Monitoring Systems with Active Bundles. Parallel and Distributed Processing with Applications Workshops (ISPAW), 2011 Ninth IEEE International Symposium on. 311--315. 
Angin, P., Bhargava, B., Ranchal, R., Singh, N., Linderman, M., Ben Othmane, L., Lilien, L.  (2010). An Entity-centric Approach for Privacy and Identity Management in Cloud Computing. Reliable Distributed Systems, 2010 29th IEEE Symposium on. 177--183. 
Ranchal, R., Bhargava, B., Othmane, L. B., Lilien, L., Kim, A., Kang, M., Linderman, M.  (2010). Protection of Identity Information in Cloud Computing without Trusted Third Party. Reliable Distributed Systems, 2010 29th IEEE Symposium on. 368--372. 
Lilien, L., Al-Alawneh, A., Ben Othmane, L.  (2010). The pervasive trust foundation for security in next generation networks. Proceedings of the 2010 New Security Paradigms Workshop. 129--142. 
Ben Othmane, L., Lilien, L.  (2009). Protecting Privacy of Sensitive Data Dissemination Using Active Bundles. Privacy, Security, Trust and the Management of e-Business, 2009. CONGRESS'09. World Congress on. 202--213. 
Ben-Othmane, L., Lilien, L.  (2008). Protecting Sensitive Data throughout Its Life Cycle. Proc. Graduate Student Symposium, the 6th Annual Conference on Privacy, Security and Trust (PST2008). 12--13. 
Journal Article
Jedh, M., Othmane, L. b., Ahmed, N., Bhargava, B.  (2021). Detection of Message Injection Attacks onto the CAN Bus using Similarities of Successive Messages-Sequence Graphs. Other. 16, 4133--4146. 
Ben Othmane, L., Dhulipala, L., Multari, N., Govindarasu, M.  (2020). On the Performance of Detecting Injection of Fabricated Messages into the CAN Bus. IEEE Transactions on Dependable and Secure Computing. 19(1), 468 - 481. IEEE. 
Ranchal, R., Bhargava, B., Angin, P., Ben Othmane, L.  (2018). Epics: A framework for enforcing security policies in composite web services. IEEE Transactions on Services Computing. IEEE. 
Othmane, L. B., Chehrazi, G., Bodden, E., Tsalovski, P., Brucker, A. D. (2017). Time for Addressing Software Security Issues: Prediction Models and Impacting Factors. Other. 2(2), 107--124. Springer. 
Al-Hadhrami, N., Aziz, B., Ben Othmane, L.  (2016). An Incremental B-Model for RBAC-Controlled Electronic Marking System. Other. 7(2), 37--64. IGI Global. 
Oueslati, H., Rahman, M. M., Ben Othmane, L., Ghani, I., Arbain, A. F. (2016). Evaluation of the challenges of developing secure software using the agile approach. Other. 7(1), 17--37. IGI Global. 
Ben Othmane, L., Ranchal, R., Fernando, R., Bhargava, B., Bodden, E.  (2015). Incorporating attacker capabilities in risk estimation and mitigation. Other. 51, 41--61. Elsevier. 
Son, J., Bhuse, V., Othmane, L. B., Lilien, L.  (2015). Incorporating lab experience into computer security courses: three case studies. Other. 7(2), 69--80. 
Lilien, L. T., Ben Othmane, L., Angin, P., DeCarlo, A., Salih, R. M., Bhargava, B.  (2014). A Simulation Study of Ad Hoc Networking of UAVs with Opportunistic Resource Utilization Networks. Journal of Network and Computer Applications. Academic Press. 
Ben Othmane, L., Angin, P., Weffers, H., Bhargava, B.  (2014). Extending the Agile Development Process to Develop Acceptably Secure Software. IEEE Transactions on Dependable and Secure Computing. 11(6), 497--509. IEEE. 
Othmane, L. b., Fernando, R., Ranchal, R., Bhargava, B., Bodden, E.  (2014). Likelihood of Threats to Connected Vehicles. International Journal of Next-Generation Computing. 5(3), 290--303. 
Ben Othmane, L., Weffers, H., Angin, P., Bhargava, B.  (2013). A Time-Evolution Model for the Privacy Degree of Information Disseminated in Online Social Networks. Other. Inderscience Publishers. 
Other
Kallel, S., Cuppens, Frederic,, Boulahia Cuppens, N., Hadj Kacem, A., Ben Othmane, L.  (2021). Special issue on risk and security of smart systems. 61, . Elsevier. https://dl.acm.org/doi/abs/10.1016/j.jisa.2021.102925
Ben Othmane, L., Dhulipala, L.  (2020). Injection of RPM and speed reading messages onto the CAN bus of a moving vehicle. Other. (https://dx.doi.org/10.21227/s1jy-h433), . 
Ben Othmane, L., Jaatun, M. G., Weippl, E.  (2017). Empirical research for software security: foundations and experience. CRC Press. 
Baluda, M., Fuchs, A., Holzinger, P., Nguyen, L., Ben Othmane, L., Poller, A., Repp, J\"urgen,, Sp\"ath, Johannes,, Steffan, J., Triller, S., others,  (2015). Security Analysis of TrueCrypt. Other. 
Ph.D. Thesis
Ben Othmane, L.  (2010). Active Bundles for Protecting Confidentiality of Sensitive Data Throughout Their Lifecycle. Western Michigan University. 
ben Othman, L.  (2000). D\'eveloppement d'un syst\`eme de gestion de workflows distribu\'e. Universit\'e de Sherbrooke. 



	
		
		
	  

	

	

  
    
	

	

	  

		

		   
Awarded Grants



  
  
  	  
          
Contracts, Grants and Sponsored Research  

 	 
	 	 
  
Fellowship   
Ben Othmane, L., "Secure function evaluation for time-sensitive data," Sponsored by Air Force Research Lab, Summer Faculty Visit, Federal, $14832 Funded. (20212021).
Ben Othmane, L., "Controlled data dissemination in suspicious environments," Sponsored by Air Force Research Lab, Summer Faculty Visit, Federal, $11700 Funded. (20202020).
Grant - Research   
Ben Othmane, L. (Principal), "SBIR Phase I: Using Brainwaves in Virtual Reality Applications," Sponsored by National Science Foundation, Federal, $276000 Funded. (April 1, 2022May 30, 2023).
Sponsored Research   
Ben Othmane, L., "Measurement of the reaction of the brain to transcranial magnetic stimulation: a new way to monitor brain reactions," Sponsored by Iowa State University, College of Engineering, State, $16993 Funded. (20212022).
Ben Othmane, L., "Detection of cyber-attack on cars - proof of concept," Sponsored by Regents Innovation Fund, Iowa State University, State, $10000 Funded. (20202020).



	
		
		
	  

	

	

	
	

  
  
  

  	

		

		,  
			
				

					
					Overall
Summative Rating		
					Challenge and
Engagement Index		
					Response Rate
					
				

			
			
				

					
					
out of 5		
					
out of 7		
					%
 of 
students responded		
					
					
				

			
		


		
    
			
  • Overall Summative Rating (median):
    
			This rating represents the combined responses of students to the four global summative items and is presented to provide an overall index of the class’s quality. Overall summative statements include the following (response options include a Likert scale ranging from 5 = Excellent, 3 = Good, and 1= Very poor):
				
      
					
    • The course as a whole was
      • 
					
    • The course content was
      • 
					
    • The instructor’s contribution to the course was
      • 
					
    • The instructor’s effectiveness in teaching the subject matter was
      • 
				
    
			
    • 
			
  • Challenge and Engagement Index:
    
			This rating combines student responses to several SPOT items relating to how academically challenging students found the course to be and how engaged they were. Challenge and Engagement Index items include the following (response options include a Likert scale ranging from 7 = Much higher, 4 = Average, and 1 = Much lower):
				
      
					
    • Do you expect your grade in this course to be
      • 
					
    • The intellectual challenge presented was
      • 
					
    • The amount of effort you put into this course was
      • 
					
    • The amount of effort to succeed in this course was
      • 
					
    • Your involvement in course (doing assignments, attending classes, etc.) was
      • 
				
    
			
    • 
		

		CLOSE