Sami Zhioua's Web Page

  

Dr. Sami Zhioua,
Assistant Professor,
Information and Computer Science Department (ICS),
King Fahd University of Petroleum and Minerals (KFUPM).

2009- ...
2007- 2009
2001-2007
2003-2004
1996-2000

Welcome to my webpage. I am assistant professor at King Fahd University of Petroleum and Minerals, Saudi Arabia. Before, I was a post-doctoral research and teaching fellow at McGill University, Canada. I graduated from Laval University (Ph.D. 2008 and M.Sc. 2003). My research interests include Anonymity Protocols, Hacking techniques, Reinforcement Learning and Java virtual machines.

Mailing address:
P.O.Box 958,
King Fahd University of Petroleum and Minerals,
Dhahran, 31261, Saudi Arabia.
Office: KFUPM, Building 22, room 101.
Tel: 966-03-860-1251
email: zhioua@kfupm.edu.sa

                              
Research
Interests
      Publications       Teaching       Links       Personal       Resume
(CV)

Research Interests      

- Computer Security: Privacy, Anonymity Protocols, Traffic Analysis, Hacking Techniques, Software Exploitation, SCADA Security
- Artificial Intelligence: Reinforcement Learning
- Java: Acceleration and Security of Java Virtual Machines.

Conferences and Journals in focus (Updated February 2014)

If you are an M.Sc. or Ph.D. student  check this out:      

SCADA Security
Industrial Control Systems (ICS) in particular SCADA (Supervisory Control and Data Acquisition) systems are used to control and monitor physical processes, examples of which are transmission of electricity, transportation of gas and oil in pipelines, water distribution, traffic lights, and other systems used as the basis of modern society. The security of these SCADA systems is important because compromise or destruction of these systems would impact multiple areas of society far removed from the original compromise.

Traffic Analysis of Encrypted Communications
Anonymity protocols, in particular Tor, try to protect users against a form of surveillance called Traffic Analysis. Traffic analysis is the process of intercepting and examining messages in order to deduce information from patterns in communication. It can be performed even when the messages are encrypted and cannot be decrypted.
In this research we try to analyze the encrypted Tor traffic to deduce information in particular about the identities of communicating entities (normally anonymized) and the type of the traffic (video streaming, P2P file sharing, Facebook browsing, etc.).

OS Resilience to Memory Corruption Attacks
Memory corruption attacks, in particular, buffer overflow is the most famous type of cyber attacks since 1996. Such attack allows an adversary to remotely and completely compromise a target computer without having the victim to do any action. Given the significant damage of such attacks, Operating System developers (Windows, Mac OS, Linux) implemented several layers of protections during the last 15 years. This includes stack protection, data execution prevention (DEP), address space layout randomization (ASLR), etc. Despite these efforts, memory corruption is still a major threat. With the advent of 64-bit versions of operating systems, the efficiency of protection features against memory corruption attacks increased significantly. A notable example is the space of randomization of ASLR which improved from 8 bits to 40 bits. The aim of this research is to extensively study the memory corruption problem in the context of 32-bit and 64-bit operating systems and to evaluate the efficiency of 64-bit protection features against such attacks.

Analysis of Anonymity Protocols
Anonymity protocols try to protect the identities of communicating agents in a network transaction. These protocols generally use randomness to achieve their security goals. The goal of this research is to assess how secure these protocols are. Existing approaches use either information theory or hypothesis testing. However, it has been observed that these approaches are either making non realistic assumptions, or are not always reliable. The idea I am investigating is to turn the problem into a purely geometric problem. Indeed, in information theory each communication channel can be represented as a matrix of probabilities. Then, if we interpret each row of the matrix as a point in n-dimensional space, the problem of analyzing a security protocol can be tackled by analyzing how much these points are scattered in the space. I think that this new point of view is very promising because it makes it possible to use well established results from geometry.

Stochastic Systems Divergence through Reinforcement Learning (Ph.D. Thesis)
My Ph.D. thesis focused on using reinforcement learning to quantify the divergence between stochastic systems. Reinforcement Learning is a branch of Artificial Intelligence that is particularly efficient when a model of the system is not available. Equivalence notions and metrics between software systems are
fundamental topics in computer science. For instance, in program verification and testing, it is very important to check whether a system conforms to its pre-established specification. This is especially important in safety-critical applications, like aircraft control or banking software. This conformity relation can be characterized by an equivalence notion. In some situations, however, the comparison between systems should not be based on equivalences but rather on metrics measuring how close the systems are. The aim of my Ph.D. thesis was to establish a theory of equivalence notions and metrics for stochastic systems. In particular, I introduced a new family of equivalence notions, K-moment equivalence, which constitutes a good compromise between two standard equivalence notions : trace equivalence (too weak) and bisimulation (too strong). I designed a novel approach to compute the divergence between pairs of stochastic systems based on reinforcement learning. This research was carried out under the supervision of Dr. Josée Desharnais and Dr. François Laviolette at Laval University, Quebec, Canada. RL-Div: Graphical Demo of the algorithm.

Ph.D. Thesis : Stochastic systems divergence through Reinforcement Learning.

Defense : January 31st, 2008.

Chair : Mario Marchand, Ph.D. (Université Laval)
Comity : Josée Desharnais, Ph.D., supervisor (Université Laval)
  François Laviolette, Ph.D., co-supervisor (Université Laval)
  Marta Kwiatkowska, Ph.D. (Oxford University)
  Doina Precup, Ph.D. (McGill University)
  Danny Dubé, Ph.D. (Université Laval)

Acceleration and Security of Java Virtual Machines
I am interested also in the acceleration and security of Java in the context of embedded systems (PDAs, Cell-Phones, Pagers, Set-Top boxes, etc.). During my M.Sc. and the beginning of my Ph.D. I worked under the supervision of Dr. Mourad Debbabi and Dr. Nadia Tawbi on improving the performance and the security of the Java virtual machine (mostly J2ME/CLDC) intended to such devices. We developed a dynamic compiler for J2ME virtual machine called E-Bunny and  we carried out an extensive security study of the same platform (see publications).

M.sc. thesis : A Dynamic Compiler in an Embedded Java Virtual Machine

Publications     

Books
S. Zhioua. Stochastic Systems Divergence through Reinforcement Learning: How to use artificial intelligence to validate stochastic systems, 164 pages, Paperback, First Edition, ISBN: 3847339710 , February 2012, LAP Lambert.
S. Zhioua. A Dynamic Compiler for an Embedded Java Virtual Machine, 96 pages, Paperback, First Edition, ISBN: 3639095065 , October 2008, VDM Verlag.
M. Debbabi, M. Saleh, C. Talhi, S. Zhioua. Embedded Java Security: Security for Mobile Devices, 270 pages, 38 illus., Hardcover, First Edition, ISBN: 978-1-84628-590-5 , November 2006, Springer Verlag.

Refereed Journal Publications

S. Zhioua. Analyzing anonymity attacks through noisy channels, Information and Computation Journal, Volume 244, October 2015, Pages 76–112, Elsevier.

S. Zhioua. The web browser factor in traffic analysis attacks. Security and Communication Networks. Volume 8, Issue 18, Pages 4227-4241, John Wiley and Sons, 2015.

J. Desharnais, F. Laviolette, and S. Zhioua. Testing Probabilistic Equivalence through Reinforcement Learning. Information and Computation, Volume 227, Pages 21-57, Elsevier, June 2013.

S. Zhioua. Tor Traffic Analysis using Hidden Markov Models. Security and Communication Networks Journal, John Wiley and Sons, October 2012.

H. Yahyaoui, S. Zhioua. Bootstrapping trust of Web services based on trust patterns and Hidden Markov Models. Journal of Knowledge and Information Systems. Springer. September 2012.

M. Debbabi, M. Saleh, C. Talhi, and S. Zhioua. Security Evaluation of J2ME CLDC Embedded Java Platform. Journal of Object Technology, Vol 5, Nb 2, Pages 125-154, March-April 2006.

M. Debbabi, A. Gherbi, L. Ketari, C. Talhi, N. Tawbi, H. Yahyaoui, and S. Zhioua. E-Bunny: A Dynamic Compiler for Embedded Java Virtual Machines. Journal of Object Technology, Vol 4, Nb 1, Pages 83-108, January-February 2005.

Refereed Conference Publications

A. Amro, S. Almuhammadi, and S. Zhioua. NetInfoMiner: High-level Information Extraction From Network Traffic, IEEE International Conference on Big Data and Smart Computing (IEEE BigComp 2017) Jeju, Korea (February 13-16, 2017).

A. Ghaleb, S. Zhioua, A. Almulhem. SCADA-SST: A SCADA Security Testbed. World Congress on Industrial Control Systems Security (WCICSS-2016). December 12-14, 2016, London, UK.

H. Wardak, S. Zhioua, A. Almulhem. PLC Access Control: A Security Analysis. World Congress on Industrial Control Systems Security (WCICSS-2016). December 12-14, 2016, London, UK.

Zhioua, S., Jabeur, A. B., Langar, M., & Ilahi, W. Detecting Malicious Sessions Through Traffic Fingerprinting Using Hidden Markov Models. In Proceedings of SecureComm 2014. Volume 152 of the series Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering pp 623-631.

S. Zhioua, M. Langar: Traffic Analysis of Web Browsers. FMS @ Petri Nets 2014: 20-33

M. B. Salman, S. Zhioua, Md. R. Hassan. Fingerprinting Tor Protocol Through Wavelet Packet Decomposition. First IEEE International Conference on Anti-Cybercrimes (ICACC-2015).

S. Zhioua. The Middle East under Malware Attack: Dissecting Cyber Weapons. IEEE ICDCS Workshop on Network Forensics, Security and Privacy (NFSP 2013). Philadelphia, USA, July 8, 2013.

M. Sulaiman, S. Zhioua. Attacking Tor through Unpopular Ports. IEEE ICDCS Workshop on Network Forensics, Security and Privacy (NFSP 2013). Philadelphia, USA, July 8, 2013.

S. Zhioua. Anonymity Attacks on Mix Systems: A Formal Analysis. Lecture Notes in Computer Science. 13th Information Hiding Conference, Prague, Czech Republic. 2011.

H. Yahyaoui and S. Zhioua. Bootstrapping Trust of Web Services through Behavior Observation. In Proceedings of the 11th International Conference on Web Engineering (ICWE 2011), LNCS 6757, Pages 319-330, Paphos, Cyprus, June 2011.

S. Zhioua. A New Information Leakage Measure for Anonymity Protocols. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering. Volume 50 (Security and Privacy in Communication Networks), Part 8, pages 398-414. Springer, 2010.

S. Zhioua. A Geometric View of Mutual Information: Application to Anonymity Protocols. In proceedings of the International Symposium on Information Theory and its Applications (ISITA). Pages 60-65. October, 2010.

S. Zhioua, J. Desharnais, F. Laviolette, and D. Precup. Learning the Difference between Partially Observable Dynamical Systems. In Lecture Notes in Artificial Intelligence (Proceedings of the 20th European Conference on Machine Learning and Principles and Practice of Knowledge Discovery in Databases (ECML-PKDD), 2009.

J. Desharnais, F. Laviolette, and S. Zhioua. Testing Probabilistic Equivalence through Reinforcement Learning. In Lecture Notes in Computer Science (Proceedings of the 26th Conference on Foundations of Software Technology and Theoretical Computer Science), Vol 4337, Pages 236-247, Springer, 2006.

J. Desharnais, F. Laviolette, K. Darsini Moturu, and S. Zhioua. Trace Equivalence Characterization through Reinforcement Learning. In Advances in Artificial Intelligence (Proceedings of the 19th Canadian Conference on Artificial Intelligence), Vol 4013, Pages 371-382, Springer, 2006.

M. Debbabi, M. Saleh, C. Talhi, and S. Zhioua. Security Analysis of Mobile Java. In Proceedings of the 16th International Conference on Database and Expert Systems Applications (DEXA 2005), Pages 231-235, IEEE Computer Society, 2005.

M. Debbabi, M. Saleh, C. Talhi, and S. Zhioua. Java for Mobile Devices: A Security Study. In Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC 2005), Pages 235-244, IEEE Computer Society, 2005.

M. Debbabi, A Gherbi, L. Ketari, C. Talhi, H. Yahyaoui, and S. Zhioua. A Synergy between Efficient Interpretation and Fast Selective Dynamic Compilation for the Acceleration of Embedded Java Virtual Machines. In Proceedings of the 3rd International Conference on the Principles and Practice of Programming in Java (ACM PPPJ'04), Pages 100-107, ACM Press, 2004.

M. Debbabi, A. Gherbi, L. Ketari, C. Talhi, N. Tawbi, H. Yahyaoui, and S. Zhioua. E-Bunny: A Dynamic Compiler for Embedded Java Virtual Machines. In Proceedings of the 3rd International Conference on the Principles and Practice of Programming in Java (ACM PPPJ'04), Pages 108-115, ACM Press, 2004.

M. Debbabi, M. Erhioui, L. Ketari, N. Tawbi, H. Yahyaoui, and S. Zhioua. Method Call Acceleration in Java Virtual Machines. In Lecture Notes in Computer Science (Proceedings of the International Conference on Computational Science 2003), Vol 2659, Pages 750-759, Springer, 2003.

Refereed Workshop Publications

F. Laviolette, S. Zhioua. Testing Stochastic Processes through Reinforcement Learning. In NIPS'06 Workshop on Testing of Deployable Learning and Decision Systems, Kiri Wagstaff, Chris Drummond and Dragos Margineantu (Eds), 8 pages, 2006.

Patent
M. Debbabi, N. Tawbi, S. Zhioua, M. Erhioui, L. Ketari, H. Yahyaoui. Method Call Acceleration in Java Virtual Machines.
Patent disclosure filed at:
- US Patent Office: US20020405266P 20020822.
- European Patent Office: EP1394675.
- Japan Patent Office: JP2004086869.
- Chinese Patent Office: CN1251076.

Teaching      
Hands-On Penetration Testing      

Malware Analysis      

Web Hacking and Security      

Exploit Reverse Engineering      

Office Hours (Second Semester 2014-2015): UTR 8-9am.

Reference Bookmark for SEC595 Malware Analysis

Security Material (for course ICS 444)

Java Material (for courses ICS 102 and ICS 201)
 

ICS-102 : Introduction to Computing I (KFUPM, Fall 2009)
ICS-201 : Introduction to Computing II (KFUPM, Fall 2009)
ICS-102 : Introduction to Computing I (KFUPM, Spring 2010)
ICS-201 : Introduction to Computing II (KFUPM, Spring 2010)
ICS-202 : Data Structures (KFUPM, Spring 2011)
ICS-202 : Data Structures (KFUPM, Fall 2011)
ICS-444 : Computer and Network Security (KFUPM, Spring 2012)
ICS-202 : Data Structures (KFUPM, Fall 2012)
ICS-343 : Fundamentals of Computer Networks (KFUPM, Fall 2012)
ICS-444 : Computer and Network Security (KFUPM, Spring 2013)
ICS-102 : Introduction to Computing I (KFUPM, Spring 2013)
ICS-202 : Data Structures (KFUPM, Fall 2013)
ICS-444 : Computer and Network Security (KFUPM, Spring 2016)
SEC-511 : (Graduate) Introduction to Information Assurance and Security (KFUPM, Fall 2013)
SEC-595 : (Graduate) Malware Analysis (KFUPM, Spring 2015)
SEC-511 : (Graduate) Web Application Security (KFUPM, Spring 2016)


GLO-3004 : Formal Specification and Software Verification (Laval University, Summer 2009)
Comp-322 : Introduction to C++ (McGill University, Winter 2009) 
GLO-21941 : Formal Specification and Software Verification (Laval University, Fall 2006)

Links      
A research paper generator !
PHD Comics (a must see web site for any Ph.D. candidate)
My native city (Menzel Temime)
Oussama Mellouli (La torpille tunisienne)
Javier Sotomayor (by sami zhioua)

Personal      

Birth date : February 1st, 1978
Citizenship : Tunisia, Canada
Residence : Dhahran, Saudi Arabia
Short biography
Hobbies : Sport (with capital S), reading history, coding under Linux, ..
Tribute (Hommage) by my Ph.D. professors : Dr. Josée Desharnais and Dr. François Laviolette.

Photos      
           
Mourad & Nadia       Lab-Oratoire public       Josée & François
         
            
Paris       Ph.D. Comity       Kolkata (India)
         
           
Twin       Mohamed       Everybody
         
 

     
Mohamed  

Hajer

      Mohamed & Hajer
         
 

     
Hacking Seminar  

Hacking Seminar

      Hacking Seminar
 

     
Hackathon (2016)  

Hackathon (2016)

      Capture The Flag (2016)
 

     
Seminar at Saudi Aramco (2017)  

Seminar at Saudi Aramco (2017)

      Seminar at Saudi Aramco (2017)

 

Videos      

     

                                
The first 5 minutes of the defense       Thesis Acknowledgement       In the Lab-oratoire public 2006

 


Last updated March 10, 2017