1967 Pal Curt Email: abdulrahman.hijazi@gmail.cm San Jse, CA, 95131, USA Webpage: http://www.scs.carletn.ca/~ahijazi/ Cell: (703) 501-4109, Tel/Fax: (408) 259-1957 Citizenship: Canadian PROFILE SUMMARY Over 10 years f prfessinal IT wrk experience in Internet develpment, netwrk and infrmatin security PhD (expected May 2011) in Cmputer Science frm Carletn University, Ottawa, Canada Masters in Cmputer Science with hnrs frm Jhns Hpkins University, Maryland, USA Bachelrs in Cmputer Engineering frm KFUPM, Dhahran, SA with highest hnrs Canadian Citizen AREA OF INTEREST Infrmatin assurance, cmputer security and Internet develpment: sftware and applicatin security, netwrk and Internet security, wireless and mbile security, traffic shaping, clud cmputing, Internet enterprise cmputing, scial netwrks, security and usability, and authenticatin. EDUCATION Dctr f Philsphy (PhD) in Cmputer Science Carletn University, Ottawa, ON, Canada, Thesis defense expected in May 2011. Advisr: Anil Smayaji Research title: Using (p,n)-grams t Understand Netwrk Traffic Masters f Science (MS) in Cmputer Science (with highest hnrs) Jhns Hpkins University, Baltimre, MD, USA, May 2003. Advisr: Anthny Waters and Harld Pdell Research title: Web Services Security fr the Enterprise Bachelr f Science (BS) in Cmputer Engineering (with highest hnrs) King Fahd University, Dhahran, SA, January 1996. CURRENT JOB Oct 2010 present Security Cnsultant Cigital Inc. Vulnerability Scanning, Penetratin Testing, and Cde Review: San Jse, Califrnia, USA Scan surce cde (Millins LOC) fr varius sftware/internet applicatins at majr sftware develpment cmpanies, using Frtify SCA; triage findings; create custmized filters and custm rules; and ffer plans fr vulnerabilities remediatin. Perfrm penetratin testing fr nline applicatins using manual and autmatic tls (e.g. AppScan, Burp, httpheader, etc.). Frtify Integratin, upgrade and DB migratin: Perfrm installatin, custmizatin, and rllut f Frtify SCA acrss several sftware applicatins with different prgramming languages and technlgies, and prvide users training. Upgrade frtify server frm 2.1 t 2.6.5, and migrate its database frm MySQL t Oracle 11g.
PhD THESIS ABSTRACT My PhD thesis is primarily cncerned with the prblem f characterizing netwrk traffic fr netwrk security management and mnitring purpses. I develped a framewrk f efficient yet simple cntent-based traffic characterizatin applicatins, namely: prtcl fingerprinting, traffic clustering, and traffic mnitring. My methdlgy examines the byte representatin f netwrk packets and discvers cmmn shrt sequence structural patterns using frequency distributin analysis. I call these shrt patterns (p,n)-grams, and describe each as an n-byte string, starting at an ffset p within the packet. I use these cmmn (p,n)-grams patterns and their characteristic distributins in netwrk packets t autmatically fingerprint netwrk prtcls and traffic types. I further extend the fingerprinting functinality t develp and implement a traffic clustering applicatin allwing traffic t be classified int equivalence classes that clsely apprximate standard measures f netwrk traffic. I als intrduce a traffic mnitring applicatin that allws traffic t be mnitred fr tempral changes in the running netwrk prtcls and applicatins. This framewrk augments existing slutins with an efficient methdlgy t analyze the cmplex netwrk traffic frm a high-level perspective, in a real-time fashin, and withut assuming a priri understanding f the invlved packet structures. PAST WORK EXPERIENCE Sep 2005 Sep 2010 Instructr, Teaching Assistant and Research Assistant Carletn University Research Prjects: Ottawa, Ontari, Canada Develp a new methdlgy t efficiently fingerprint netwrk traffic using (p,n)-grams. This methdlgy uses frequency and ffset distributins f (p,n)-grams in netwrk traffic t autmatically fingerprint prtcl types in the inspected traffic. The fingerprinting prcess is dne withut assuming a priri understanding f the netwrk traffic. Develp a wrld-class new traffic shaping management system (ADHIC). ADHIC uses C t autmatically characterize, and cluster netwrk traffic based n cntent similarity. With n prir knwledge r knwn signatures, ADHIC wrks n a wire speed t characterize and cluster the different traffic s prtcl types including: P2P traffic, bfuscated preparatry prtcls, and abnrmal behavirs. ADHIC s implementatin is available fr dwnlad and is licensed under the GNU license. It is best used t cmplement ther applicatins in the netwrk security, Quality f Service, and netwrk administratin dmains. Develp a new technique t prfile netwrk prtcls and identify unknwn traffic. The technique uses frequency distributin f the packets shrt substrings in rder t prfile different prtcls. Unknwn netwrk traces are classified thrugh measuring their distances frm the stred prfiles. Teaching Assignment: Taught an in-class third-year Cmputer Netwrking curse t ver 20 students (Fall 2008). Received an average evaluatin f 4.3/5.00. TA Teaching Assignments: curses include: Object Oriented Prgramming, Internet Applicatin Prgramming, Cmputer Netwrks, Netwrk Security, Applied Cryptgraphy, Prgramming with Java, Data Structures, Cmputer Organizatin and Architecture, Cmputer Algrithms, and Advanced Cmputer Algrithms.
Sep 2004 Aug 2005 Research and Teaching Assistant Queens Universities Kingstn, Ontari, Canada Develped a new UDP-based reliable netwrk prtcl that simulates the 3-way reliable handshaking functin f TCP. The new prtcl implementatin is built using Java and scket prgramming and serves applicatins where bth TCP and UDP prtcl features are in need. Instructr: Taught nline first-year Intrductin t Cmputer Science curses using the Blackbard e- learning sftware. 2002 2004 Lab Manager James Madisn University Harrisnburg, Virginia, USA Wrked as a team leader t design and develp three wrld-class dynamic website and database prjects (CISC, VASCAN, and IIIA). Prjects included develping multi-tier applicatins accessing centralized Oracle databases in a hetergeneus envirnment. Prjects used Oracle 9i as a backend database server; Java (J2SE & J2EE) fr the business lgic part; Perl scripting fr CGI prgramming; Oracle 9iAS & Bea Weblgic as applicatin servers; and Apache as a Web server. Managed research labs and develped netwrk experiments in supprt fr netwrk security research prjects. Research labs include: cyber-range, high cnfidence, and netwrk security labs. 1999 2001 Senir Analyst/Prgrammer Integrated Cmputers Electrnics Cllege Park, Maryland, USA Develped web-centric and multi-tier java applicatins alng augmented with secure lgin interfaces. Perfrmed vulnerability assessment, analysis f infrmatin security requirements, and dcumentatin f security plicies and prcedures. Managed the highest standard f netwrk and system security. This included searching fr and applying security best practices t all systems and applicatins. Trainer: Taught sme prfessinal prgramming curses including: Object riented prgramming using Java fr prfessinals seeking prgramming certificatins. Perfrmed all systems administratin tasks under AIX 4.0 and Infrmix DB. Wrte Unix shell scripts and SQL queries t autmate updating dynamic database tables. 1996 1999 Analyst/Prgrammer Vinnell Crpratin Riyadh, SA Define high-level strategy fr secure netwrk architecture and create trust znes t simplify design and implementatin f security cntrls. Perfrmed all systems administratin tasks under AIX 4.0 and Infrmix DB. Tasks included file management, system backup and recvery, maintaining user prfiles, supprting printers, installing new sftware and lading perating systems. Managed a cmplex TCP/IP based intranet with Cisc ruters Mnitred verall netwrk perfrmance thrugh IBM Tivli Netview. Offer prfessinal training fr new emplyees n the cmpany s database, payrll, and imaging systems.
CERTIFIED TRAINING SANS Security Essentials and the CISSP 10 Dmains, SANS, 2003. Oracle 9i: Database Administratin, Learning Tree, 2002. Oracle 9iAS: Web Applicatin Develpment, Learning Tree, 2002. Java: Prgrammer and Develper, Sun Micrsystems, 1999. Windws NT: Administratin, Micrsft, 1998. AIX 4.x: UNIX Administratin, IBM Crp., 1997. Netware: Administratin, Nvell, 1996. MORE TECHNICAL SKILLS Operating Systems: Unix/Linux (IBM AIX, Sun Slaris, Debian, Obuntu, and thers), MS Windws, Mac OS. Languages: C, Java (J2SE and J2EE), Perl, Ruby, Unix shell script, SQL, HTML, JavaScript. Netwrk Tls & Appliances: Wireshark, Snrt, NetADHICT, and CISCO ruters, switches and ruters. Sftware Security Tls: Frtify SCA, AppScan, Burp Suite, and thers. Databases: Oracle, MySQL. REFEREED PUBLICATIONS 1. Carsn Brwn, Alex Cwperthwaite, Abdulrahman Hijazi, Anil Smayaji, Analysis f the 1999 DARPA/Lincln Labratry IDS Evaluatin Data with NetADHICT, Prceedings f the IEEE Secnd Sympsium n Cmputatinal Intelligence fr Security and Defense Applicatins (CISDA 09), Ottawa, Canada, July 2009. 2. Abdulrahman Hijazi, Hajime Inue, Ashraf Matrawy, P.C. van Orscht, Anil Smayaji, Lightweight Hierarchical Clustering f Netwrk Packets Using (p,n)-grams, Submitted t ACM/IEEE Transactins n Netwrking, Nvember 2008. 3. Abdulrahman Hijazi, Hajime Inue, Ashraf Matrawy, P.C. van Orscht, Anil Smayaji, Discvering Packet Structure thrugh Lightweight Hierarchical Clustering, Prceedings f the IEEE Internatinal Cnference n Cmmunicatins (ICC 08), Beijing, China, May 2008. 4. Abdulrahman Hijazi, Hajime Inue, Anil Smayaji, Lightweight Unsupervised Hierarchical Netwrk Traffic Clustering, NIPS: Wrkshp n Machine Learning in Adversarial Envirnments fr Cmputer Security (NIPS 07), Whistler, BC, Canada, December 2007. 5. Hajime Inue, Dana Jansens, Abdulrahman Hijazi, Anil Smayaji, NetADHICT: A Tl fr Understanding Netwrk Traffic, USENIX: 21st Large Installatin System Administratin Cnference (LISA 07), Dallas, TX, USA, Nvember 2007. 6. Abdulrahman Hijazi and Nidal Nasser, Using Mbile Agents fr Intrusin Detectin in Wireless Ad Hc Netwrks, Secnd IEEE and IFIP Internatinal Cnference n Wireless and Optical Cmmunicatins Netwrks (WOCN 05), Dubai, UAE, March 2005. 7. Abdulrahman Hijazi, Analyzing Web Services Security against FEA TRM Enterprise Security Criteria, Glbal Infrmatin Assurance Certificatin (GIAC), February 2004. SELECTED COURSES AND TERMPAPERS 1. Applied Cryptgraphy: Characterizing and Identifying Encrypted Traffic, Carletn University, 2007. 2. Intrusin Detectin Systems: Wrm Detectin Appraches: A Survey, Carletn University, 2006.
3. Authenticatin and Sftware Security: Phishing: HCI and Cmputer Security, Carletn University, 2005. 4. Advanced Cmputer Algrithms: Cryptgraphic Hash Functins, Carletn University, 2005. 5. Infrmatin and Netwrk Security: Web Applicatins: Security Threats and Cuntermeasures, Jhns Hpkins University, 2003. 6. Sftware Reliability: Intrusin Detectin in Wireless Ad Hc Netwrks, Queen s University, 2004. 7. Embedded Cmputer Systems: Security in Embedded Cmputer Systems, Jhns Hpkins University, 2002. OTHER PROFESSIONAL ACTIVITIES Give regular research presentatins at the (CCSL) Carletn Cmputer Security Lab s weekly meetings. Review cnference and jurnal papers n Netwrking and Netwrk Security (including the IEEE Cnference n Lcal Cmputer Netwrks LCN, and thers). Develp a new privacy plicy fr the lab t gvern the prcess f traffic capturing fr research purpses.