Sami Zhioua's Web Page
Dr.
Sami Zhioua, |
|
Welcome to my webpage. I am assistant professor at King Fahd University of Petroleum and Minerals, Saudi Arabia. Before, I was a post-doctoral research and teaching fellow at McGill University, Canada. I graduated from Laval University (Ph.D. 2008 and M.Sc. 2003). My research interests include Anonymity Protocols, Hacking techniques, Reinforcement Learning and Java virtual machines.
Mailing address:
P.O.Box 958,
King Fahd University of Petroleum and
Minerals,
Dhahran,
31261, Saudi Arabia.
Office: KFUPM, Building 22, room 101.
Tel: 966-03-860-1251
email: zhioua@kfupm.edu.sa
 |
 |
 |
 |
 |
 |
|||||
| Research Interests |
Publications | Teaching | Links | Personal | Resume (CV) |
| Research Interests |  |
- Computer Security: Privacy, Anonymity Protocols, Traffic
Analysis, Hacking Techniques, Software Exploitation, SCADA Security
- Artificial Intelligence: Reinforcement Learning
- Java: Acceleration and Security of Java Virtual Machines.
Conferences and Journals in focus (Updated February 2014)
|
If you are an M.Sc. or Ph.D. student
check this out: |  |
SCADA Security
Industrial Control Systems (ICS) in particular SCADA (Supervisory Control and
Data Acquisition) systems are used to control and monitor physical processes,
examples of which are transmission of electricity, transportation of gas and oil
in pipelines, water distribution, traffic lights, and other systems used as the
basis of modern society. The security of these SCADA systems is important
because compromise or destruction of these systems would impact multiple areas
of society far removed from the original compromise.
Traffic Analysis of Encrypted Communications
Anonymity protocols, in particular Tor, try to protect users against a form of
surveillance called Traffic Analysis. Traffic analysis is the process of
intercepting and examining messages in order to deduce information from patterns
in communication. It can be performed even when the messages are encrypted and
cannot be decrypted.
In this research we try to analyze the encrypted Tor traffic to deduce
information in particular about the identities of communicating entities
(normally anonymized) and the type of the traffic (video streaming, P2P file
sharing, Facebook browsing, etc.).
OS Resilience to Memory Corruption Attacks
Memory corruption attacks, in particular, buffer overflow is the most famous
type of cyber attacks since 1996. Such attack allows an adversary to remotely
and completely compromise a target computer without having the victim to do any
action. Given the significant damage of such attacks, Operating System
developers (Windows, Mac OS, Linux) implemented several layers of protections
during the last 15 years. This includes stack protection, data execution
prevention (DEP), address space layout randomization (ASLR), etc. Despite these
efforts, memory corruption is still a major threat. With the advent of 64-bit
versions of operating systems, the efficiency of protection features against
memory corruption attacks increased significantly. A notable example is the
space of randomization of ASLR which improved from 8 bits to 40 bits. The aim of
this research is to extensively study the memory corruption problem in the
context of 32-bit and 64-bit operating systems and to evaluate the efficiency of
64-bit protection features against such attacks.
Analysis of Anonymity Protocols
Anonymity protocols try to protect the identities of communicating agents in a
network transaction. These protocols generally use randomness to achieve their
security goals. The goal of this research is to assess how secure these
protocols are. Existing approaches use either information theory or hypothesis
testing. However, it has been observed that these approaches are either making
non realistic assumptions, or are not always reliable. The idea I am
investigating is to turn the problem into a purely geometric problem. Indeed, in
information theory each communication channel can be represented as a matrix of
probabilities. Then, if we interpret each row of the matrix as a point in n-dimensional
space, the problem of analyzing a security protocol can be tackled by analyzing
how much these points are scattered in the space. I think that this new point of
view is very promising because it makes it possible to use well established
results from geometry.
Stochastic Systems Divergence through Reinforcement
Learning (Ph.D. Thesis)
My Ph.D. thesis focused on using reinforcement
learning to quantify the divergence between stochastic systems. Reinforcement
Learning is a branch of Artificial Intelligence that is particularly efficient
when a model of the system is not available. Equivalence notions and metrics
between software systems are
fundamental topics in computer science. For instance, in program verification
and testing, it is very important to check whether a system conforms to its pre-established
specification. This is especially important in safety-critical applications,
like aircraft control or banking software. This conformity relation can be
characterized by an equivalence notion. In some situations, however, the
comparison between systems should not be based on equivalences but rather on
metrics measuring how close the systems are. The aim of my Ph.D. thesis was to
establish a theory of equivalence notions and metrics for stochastic systems. In
particular, I introduced a new family of equivalence notions, K-moment
equivalence, which constitutes a good compromise between two standard
equivalence notions : trace equivalence (too weak) and bisimulation (too strong).
I designed a novel approach to compute the divergence between pairs of
stochastic systems based on reinforcement learning. This research was carried
out under the supervision of Dr. Josée Desharnais and Dr. François Laviolette at
Laval University, Quebec, Canada.
RL-Div: Graphical Demo of the
algorithm.
Ph.D. Thesis : Stochastic systems divergence through Reinforcement Learning.
Defense : January 31st, 2008.
| Chair : | Mario Marchand, Ph.D. (Université Laval) |
| Comity : | Josée Desharnais, Ph.D., supervisor (Université Laval) |
| François Laviolette, Ph.D., co-supervisor (Université Laval) | |
| Marta Kwiatkowska, Ph.D. (Oxford University) | |
| Doina Precup, Ph.D. (McGill University) | |
| Danny Dubé, Ph.D. (Université Laval) |
Acceleration and Security of Java Virtual Machines
I am interested also in the acceleration and
security of Java in the context of embedded systems (PDAs, Cell-Phones,
Pagers, Set-Top boxes, etc.). During my M.Sc. and the beginning of my Ph.D. I
worked under the supervision of Dr.
Mourad Debbabi and Dr.
Nadia Tawbi on improving the performance and the security
of the Java virtual machine (mostly
J2ME/CLDC) intended to such devices.
We developed a dynamic compiler for J2ME virtual machine called E-Bunny and
we carried out an extensive security study of the same platform (see
publications).
M.sc. thesis : A Dynamic Compiler in an Embedded Java Virtual Machine
| Publications |  |
Books
 | S. Zhioua. Stochastic Systems Divergence through Reinforcement Learning: How to use artificial intelligence to validate stochastic systems, 164 pages, Paperback, First Edition, ISBN: 3847339710 , February 2012, LAP Lambert. |
 | S. Zhioua. A Dynamic Compiler for an Embedded Java Virtual Machine, 96 pages, Paperback, First Edition, ISBN: 3639095065 , October 2008, VDM Verlag. |
 | M. Debbabi, M. Saleh, C. Talhi, S. Zhioua. Embedded Java Security: Security for Mobile Devices, 270 pages, 38 illus., Hardcover, First Edition, ISBN: 978-1-84628-590-5 , November 2006, Springer Verlag. |
Refereed Journal Publications
S. Zhioua. Analyzing anonymity attacks through noisy channels, Information and Computation Journal, Volume 244, October 2015, Pages 76–112, Elsevier.
S. Zhioua. The web browser factor in traffic analysis attacks. Security and Communication Networks. Volume 8, Issue 18, Pages 4227-4241, John Wiley and Sons, 2015.
J. Desharnais, F. Laviolette, and S. Zhioua.
Testing Probabilistic Equivalence through Reinforcement Learning. Information and Computation,
Volume 227, Pages 21-57, Elsevier, June 2013.
S. Zhioua.
Tor Traffic Analysis using Hidden Markov Models. Security and
Communication Networks Journal, John Wiley and Sons, October 2012.
H. Yahyaoui, S. Zhioua.
Bootstrapping trust of Web services based on trust
patterns and Hidden Markov Models. Journal of Knowledge and Information Systems.
Springer. September 2012.
M. Debbabi, M. Saleh, C. Talhi, and S. Zhioua.
Security Evaluation of J2ME CLDC Embedded Java Platform.
Journal of Object Technology, Vol 5, Nb 2, Pages 125-154,
March-April 2006.
M. Debbabi, A. Gherbi, L. Ketari, C. Talhi, N. Tawbi, H. Yahyaoui, and S. Zhioua.
E-Bunny: A Dynamic Compiler for Embedded Java Virtual Machines.
Journal of Object Technology, Vol 4, Nb 1, Pages 83-108, January-February 2005.
Refereed Conference Publications
A. Amro, S. Almuhammadi, and S. Zhioua. NetInfoMiner: High-level Information Extraction From Network Traffic, IEEE International Conference on Big Data and Smart Computing (IEEE BigComp 2017) Jeju, Korea (February 13-16, 2017).
A. Ghaleb, S. Zhioua, A.
Almulhem. SCADA-SST: A SCADA Security Testbed. World Congress on Industrial
Control Systems Security (WCICSS-2016). December 12-14, 2016, London, UK.
H. Wardak, S. Zhioua, A. Almulhem. PLC Access Control: A Security Analysis.
World Congress on Industrial Control Systems Security (WCICSS-2016). December
12-14, 2016, London, UK.
Zhioua, S., Jabeur, A. B., Langar, M., & Ilahi, W. Detecting Malicious Sessions Through Traffic Fingerprinting Using Hidden Markov Models. In Proceedings of SecureComm 2014. Volume 152 of the series Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering pp 623-631.
S. Zhioua, M. Langar: Traffic Analysis of Web Browsers. FMS @ Petri Nets 2014: 20-33
M. B. Salman, S. Zhioua, Md. R. Hassan. Fingerprinting Tor Protocol Through Wavelet Packet Decomposition. First IEEE International Conference on Anti-Cybercrimes (ICACC-2015).
S. Zhioua. The Middle East under Malware Attack: Dissecting Cyber Weapons. IEEE ICDCS Workshop on Network Forensics, Security and Privacy (NFSP 2013). Philadelphia, USA, July 8, 2013.
M. Sulaiman, S. Zhioua.
Attacking Tor through Unpopular Ports.
IEEE ICDCS Workshop on Network Forensics, Security and Privacy (NFSP 2013).
Philadelphia, USA, July 8, 2013.
S. Zhioua. Anonymity Attacks on Mix Systems: A Formal
Analysis. Lecture Notes in Computer Science. 13th Information Hiding Conference,
Prague, Czech Republic. 2011.
H. Yahyaoui and S. Zhioua. Bootstrapping Trust of Web Services through Behavior Observation. In Proceedings of the 11th International Conference on Web Engineering (ICWE 2011), LNCS 6757, Pages 319-330, Paphos, Cyprus, June 2011.
S. Zhioua.
A New
Information Leakage Measure for Anonymity Protocols. Lecture Notes of the
Institute for Computer Sciences, Social Informatics and Telecommunications
Engineering. Volume 50 (Security and Privacy in Communication Networks), Part 8,
pages 398-414. Springer, 2010.
S. Zhioua.
A
Geometric View of Mutual Information: Application to Anonymity Protocols. In
proceedings of the International Symposium on Information Theory and its
Applications (ISITA). Pages 60-65. October, 2010.
S. Zhioua, J. Desharnais, F. Laviolette, and D. Precup.
Learning the Difference between Partially Observable Dynamical Systems.
In Lecture Notes in Artificial Intelligence (Proceedings of the
20th European Conference on Machine Learning and Principles and Practice of Knowledge Discovery in Databases (ECML-PKDD), 2009.
J. Desharnais, F. Laviolette, and S. Zhioua.
Testing Probabilistic Equivalence through Reinforcement Learning.
In Lecture Notes in Computer Science (Proceedings of the
26th Conference on Foundations of Software Technology and
Theoretical Computer Science), Vol 4337, Pages 236-247, Springer,
2006.
J. Desharnais, F. Laviolette, K. Darsini Moturu,
and S. Zhioua.
Trace Equivalence Characterization through
Reinforcement Learning. In Advances in Artificial
Intelligence (Proceedings of the 19th Canadian Conference on
Artificial Intelligence), Vol 4013, Pages 371-382, Springer, 2006.
M. Debbabi, M. Saleh, C. Talhi, and S. Zhioua.
Security Analysis
of Mobile Java. In Proceedings of the 16th International
Conference on Database and Expert Systems Applications (DEXA
2005), Pages 231-235, IEEE Computer Society, 2005.
M. Debbabi, M. Saleh, C. Talhi, and S. Zhioua.
Java
for Mobile Devices: A Security Study. In Proceedings of the
21st Annual Computer Security Applications Conference (ACSAC
2005), Pages 235-244, IEEE Computer Society, 2005.
M. Debbabi, A Gherbi, L. Ketari, C. Talhi, H. Yahyaoui, and S.
Zhioua.
A Synergy between Efficient Interpretation and Fast
Selective Dynamic Compilation for the Acceleration of Embedded
Java Virtual Machines. In Proceedings of the 3rd
International Conference on the Principles and Practice of
Programming in Java (ACM PPPJ'04), Pages 100-107, ACM Press, 2004.
M. Debbabi, A. Gherbi, L. Ketari, C. Talhi, N.
Tawbi, H. Yahyaoui, and S. Zhioua.
E-Bunny: A Dynamic Compiler for
Embedded Java Virtual Machines. In Proceedings of the 3rd
International Conference on the Principles and Practice of
Programming in Java (ACM PPPJ'04), Pages 108-115, ACM Press, 2004.
M. Debbabi, M. Erhioui, L. Ketari, N. Tawbi, H.
Yahyaoui, and S. Zhioua.
Method Call Acceleration in Java Virtual
Machines. In Lecture Notes in Computer Science (Proceedings
of the International Conference on Computational Science 2003),
Vol 2659, Pages 750-759, Springer, 2003.
Refereed Workshop Publications
F. Laviolette, S. Zhioua. Testing Stochastic Processes through Reinforcement Learning. In NIPS'06 Workshop on Testing of Deployable Learning and Decision Systems, Kiri Wagstaff, Chris Drummond and Dragos Margineantu (Eds), 8 pages, 2006.
Patent
M. Debbabi, N. Tawbi, S. Zhioua, M. Erhioui, L.
Ketari, H. Yahyaoui.
Method Call Acceleration in Java
Virtual Machines.
Patent disclosure filed at:
- US Patent Office: US20020405266P 20020822.
- European Patent Office: EP1394675.
- Japan Patent Office: JP2004086869.
- Chinese Patent Office: CN1251076.
| Teaching |  |
| Hands-On Penetration Testing |
|
| Malware Analysis |
|
| Web Hacking and Security |
|
| Exploit Reverse Engineering |
|
Office Hours (Second Semester 2014-2015): UTR 8-9am.
Reference Bookmark for SEC595 Malware Analysis
Security Material (for course ICS 444)
Java Material
(for courses ICS 102 and ICS 201)
ICS-102 : Introduction to Computing I
(KFUPM, Fall 2009)
ICS-201 : Introduction to Computing II (KFUPM, Fall 2009)
ICS-102 : Introduction to Computing I (KFUPM, Spring 2010)
ICS-201 : Introduction to Computing II (KFUPM, Spring 2010)
ICS-202 : Data Structures (KFUPM, Spring 2011)
ICS-202 : Data Structures (KFUPM, Fall 2011)
ICS-444 : Computer and Network Security (KFUPM, Spring 2012)
ICS-202 : Data Structures (KFUPM, Fall 2012)
ICS-343 : Fundamentals of Computer Networks (KFUPM, Fall 2012)
ICS-444 : Computer and Network Security (KFUPM, Spring 2013)
ICS-102 : Introduction to Computing I (KFUPM, Spring 2013)
ICS-202 : Data Structures (KFUPM, Fall 2013)
ICS-444 : Computer and Network Security (KFUPM, Spring 2016)
SEC-511 : (Graduate) Introduction to Information Assurance and Security (KFUPM, Fall 2013)
SEC-595 : (Graduate) Malware Analysis (KFUPM, Spring 2015)
SEC-511 : (Graduate) Web Application Security (KFUPM, Spring 2016)
GLO-3004
: Formal Specification and Software Verification (Laval University, Summer 2009)
Comp-322 : Introduction to C++ (McGill University, Winter 2009)
GLO-21941
: Formal Specification and Software Verification (Laval University, Fall 2006)
| Links |  |
PHD Comics (a must see web site for any Ph.D. candidate)
My native city (Menzel Temime)
Oussama Mellouli (La torpille tunisienne)
Javier Sotomayor (by sami zhioua)
| Personal |  |
Birth date : February 1st, 1978
Citizenship : Tunisia, Canada
Residence : Dhahran, Saudi Arabia
Short biography
Hobbies : Sport (with capital S), reading history, coding under Linux, ..
Tribute (Hommage) by my Ph.D. professors : Dr.
Josée Desharnais and Dr. François Laviolette.
| Photos |  |
| Videos |  |
 |
 |
 |
||
| The first 5 minutes of the defense | Thesis Acknowledgement | In the Lab-oratoire public 2006 |
Last updated
March 10, 2017