Hisham Kholidy, PH.D.

*Assistant Professor (Tenure Track) at Department of Network and Computer Security, College of Engineering, State University of New York (SUNY) Polytechnic Institute, Utica, NY. 13502

*Director of Advanced Cybersecurity Research Lab (ACRL): https://sunypoly.edu/research/centers-programs/acrl.html

hisham.kholidy (at) sunypoly.edu

*       https://scholar.google.com/citations?hl=en&user=IxEh8VkAAAAJ&view_op=list_works&sortby=pubdate

*       https://sunypoly.edu/faculty-and-staff/hisham-kholidy.html

 

 

     SHORT PROFILE

 

Ø  Ph.D. in Computer Science, Univ. of Pisa in Italy (joint Ph.D. program with the Univ. of Arizona (UA)), May 2013. Overall Ph.D. Courses Grade:  97.5 % (First rank in the Ph.D. school).

Ø  15 years of research experience at Univ. of Arizona, Mississippi State Univ., Univ. of Nevada, SUNY Polytechnic Institute, University of Pisa in Italy, and Qatar University in Qatar.

Ø  10 Years teaching experience at SUNY Polytechnic Institute (Assistant Prof.), Fayoum Univ. (Assistant Prof. ), Mississippi State Univ. (Postdoc), Univ. of Nevada (Postdoc), and Univ. of Pisa in Italy (TA).

Ø  6 years of professional IT experience at several software companies such as CISCO and Vodafone, particularly in developing large scale networks and security applications.

Ø  CCNA, MCPD, and ETS certified member.

Ø  Application Accepted for 2019 Visiting Faculty Research Award by the Air Force Research Lab (AFRL), Rome, NY, USA.

Ø  Highly committed to excellence in teaching and quality research.

Ø  PI/Co-PI/Senior Personnel of several research projects.

Ø  30 published papers in high-quality journals and IEEE conferences including the best paper award.

Ø  Two published patents in Information Security and Cryptographic, Published by USPTO (US Patent and Trademark Office), and the other two patents were filed and are still under review.

Ø  PhD-Plus Certificate of Research Business Plans and Funding by Pisa University, Italy.

Ø  IEEE Senior Member.

 

      RESEARCH INTERESTS

Ø  Cybersecurity and Information Assurance.

-      5G Systems Security.

-      High-Performance Systems including Grid and Cloud Computing Systems Security.

-      CPS, Smart Grid, and SCADA Systems Security.

-      Big Data Analytics Security.

Ø  Machine Learning and Autonomic Computing.

Ø  Software Composition for Cloud and Distributed Systems.

 

 

     Research Projects

 

 

1) “An Autonomous Security Framework for Assessing and Mitigating Risks in the Next Generation 5G Mobile Networks”, June 2019. Funded by State University of New York, SUNY Poly Seed Grant Award. Role: PI, fund amount: $25,000.

2) “Cloud Computing Security: An Intrusion Detection System for Cloud Computing Systems”, funded by Galileo Galilei Doctoral School in Italy, Jan 2013. Role: PI, fund amount: 10k Euro.

3) “Enhancing Grid computing Security” Funded by the Center of Excellence in Information Assurance (CoEIA) in King Saud Univ., Saudi Arabia, August 2008. Role: PI, fund amount: $20K.

5) “Assessing and managing ICT security risks of industrial controls systems for oil and natural gas production and transmission”, NPRP9-005-1-002, funded by Qatar National Research Fund (QNRF), June 2016. Fund amount: $600K..

6) “Economic Models for QoS Optimization of Composite Cloud Services”, NPRP No.: 7 - 481 - 1– 088, funded by QNRF from January 2015. Fund amount: $900K.

4) “Fault-Adaptive Performance Management of Enterprise Computing Systems”, NRPR 09-778-2-299, funded by NPRP by QNRF, July 2014. Fund value: $870 K.

 

 

 

Publications                                    

Ø Published Patents:

1) Hisham A. Kholidy, “Accelerating Stream Cipher Operations using Single and Grid Systems, US Patent and Trademark Office (USPTO), April 2012, US 20120089829 A1.

2) Hisham A. Kholidy, Fabrizio Baiardi,  A. Azab, "A Data-Driven Semi-Global Alignment Technique For Masquerade Detection in Stand-Alone and Cloud Computing Systems", granted on January 2019, US 20170019419 A1.

 

  Published Manuscripts:  

1)    Hisham A. Kholidy, “ Detecting impersonation attacks in cloud computing environments using a centric user profiling approach”, Future Generation Computer Systems Journal, December 5, 2020. V.117, P 299-320, https://doi.org/10.1016/j.future.2020.12.009 (IF: 6.125).  

2)    Hisham A. Kholidy, “Autonomous Assessment and Mitigation of Cyber Risks in Cyber-Physical Systems”, Future Generation Computer Systems Journal, September 5, 2020. V.115, P 171-187, https://doi.org/10.1016/j.future.2020.09.002 (IF: 6.125).  

3)    Hisham  A.  Kholidy, “Correlation  Based  Sequence  Alignment  Models  For  Detecting Masquerades in Cloud  Computing”, IET Information Security Journal,  DOI: 10.1049/iet-ifs.2019.0409, Sept. 2019 (ISI Impact Factor(IF): 1.51) https://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2019.0409

4)    Hisham A. Kholidy, An Intelligent Swarm based Prediction Approach for Predicting Cloud Computing User Resource Needs”, the Computer Communications Journal, December 19 (ISI IF: 2.766). https://authors.elsevier.com/tracking/article/details.do?aid=6085&jid=COMCOM&surname=Kholidy

5)    Hisham A. Kholidy, Abdelkarim Erradi, VHDRA: A Vertical and Horizontal Dataset Reduction Approach for Cyber-Physical Power-Aware Intrusion Detection Systems”, SECURITY AND COMMUNICATION NETWORKS Journal (ISI IF: 1.376), March 7, 2019. vol. 2019, Article ID 6816943, 15 pages. https://doi.org/10.1155/2019/6816943

6)    Hisham A. Kholidy, Abdelkarim Erradi, Sherif Abdelwahed, Fabrizio Baiardi, "A risk mitigation approach for autonomous cloud intrusion response system", Computing Journal, Springer,   DOI: 10.1007/s00607-016-0495-8, June 2016. (Impact factor: 2.063).

7)    Hisham  A.  Kholidy, Fabrizio Baiardi, Salim  Hariri, DDSGA:  A  Data-Driven  Semi-Global Alignment Approach for Detecting Masquerade Attacks, in IEEE Transactions on Dependable and Secure Computing, DOI 10.1109/TDSC.2014.2327966, May 2014.the (Impact factor: 6.404)

8)    Hisham A. Kholidy, Hala Hassan, Amany Sarhan, Abdelkarim Erradi, Sherif Abdelwahed, "QoS Optimization for Cloud Service Composition Based on Economic Model", Book Chapter in the Internet of Things. User-Centric IoT, Volume 150 of the series Lecture Notes of the Institute for Computer Sciences,  Social  Informatics and  Telecommunications  Engineering pp  355-366,  June  2015. Publisher: Springer International Publishing. (Indexed by Google Scholar, ProQuest Science Journals, Scopus, and Scribd)

9)    Hisham A. Kholidy, Fabrizio Baiardi, Salim Hariri, Esraa M. ElHariri, Ahmed M. Youssouf, and Sahar A. Shehata, “A Hierarchical Cloud Intrusion Detection System: Design and Evaluation”, in International Journal on Cloud Computing: Services and Architecture (IJCCSA), November 2012. (Indexed by Google Scholar, ProQuest Science Journals, ProQuest Wilson Databases, Scopus, Pubzone, and Scribd)

10)    Hisham A. Kholidy, Alghathbar Khaled s., Adapting and accelerating the Stream Cipher Algorithm RC4 using Ultra Gridsec and HIMAN and use it to secure HIMAN Data”, Journal of Information Assurance and Security (JIAS), vol. 4 (2009)/ issue 4, pp 274-283, 2009. (Indexed by INSPEC, Scopus, Pubzone, Computer Information System Abstracts, MathSci).

 

 Published Conferences Papers:       

1)     Hisham A. Kholidy, “Towards A Scalable Symmetric Key Cryptographic Scheme: Performance Evaluation and Security Analysis”, IEEE International Conference on Computer Applications & Information Security (ICCAIS), Riyadh, Saudi Arabia, May 1-3, 2019. (Best Paper Award) https://ieeexplore.ieee.org/document/8769482

2)    Samar SH. Haytamy, Hisham A. Kholidy, Fatma A. Omara, “ICSD: Integrated Cloud Services Dataset”, Springer, Lecture Note in Computer Science, ISBN 978-3-319-94471-5, https://doi.org/10.1007/978-3-319-94472-2. 14th World Congress on Services, pp18-30. Held as Part of the Services Conference Federation, SCF 2018, Seattle, WA, USA.

3)    Hisham A. Kholidy, Ali Tekeoglu, Stefano Iannucci, Shamik Sengupta, Qian Chen, Sherif Abdelwahed, John Hamilton, “Attacks Detection in SCADA Systems Using an Improved Non-Nested Generalized Exemplars Algorithm", the 12th IEEE International Conference on Computer Engineering and Systems (ICCES 2017), December 19-20, 2017.

4)    Stefano Iannucci, Hisham A. Kholidy Amrita Dhakar Ghimire, Rui Jia, Sherif Abdelwahed, Ioana Banicescu, “A Comparison of Graph-Based Synthetic Data Generators for Benchmarking Next-Generation Intrusion Detection Systems”, IEEE Cluster 2017, Sept 5 2017, Hawaii, USA. Conference Publisher: IEEE.

5)    Qian Chen, Hisham A. Kholidy, Sherif Abdelwahed, John Hamilton, "Towards Realizing a Distributed Event and Intrusion Detection System", the International Conference on Future Network Systems and Security (FNSS 2017), Gainesville, Florida, USA, 31 August 2017. Conference Publisher: Springer.

6)    Hisham A. Kholidy,  Abdelkarim  Erradi,  A  Cost-Aware  Model for  Risk Mitigation in Cloud Computing Systems”, accepted in 12th ACS/IEEE International Conference on Computer Systems and Applications (AICCSA), Marrakech, Morocco, November 2015.

7)    Hisham A. Kholidy, Abdelkarim Erradi, Sherif Abdelwahed, “Attack Prediction Models for Cloud Intrusion Detection Systems, in the International Conference on Artificial Intelligence, Modelling and Simulation (AIMS2014), Madrid, Spain, November 2014. Publisher: IEEE.

8)   Hisham  A.  Kholidy,  Ahmed  M.  Yousouf,  Abdelkarim  Erradi,    Hisham  A.  Ali,  Sherif Abdelwahed, "A Finite Context Intrusion Prediction Model for Cloud Systems with a Probabilistic Suffix Tree", in the 8th European Modelling Symposium on Mathematical Modelling and Computer Simulation, Pisa, Italy, October 2014. Conference Publisher: IEEE

9)   Hisham  A.  Kholidy,  Abdelkarim  Erradi,  Sherif  Abdelwahed,  “Online  Risk Assessment and Prediction  Models  For  Autonomic  Cloud  Intrusion  Prevention  Systems”,  in the  “11th  ACS/IEEE International Conference on Computer Systems and Applications  (AICCSA),  Doha,  Qatar, November 2014. Conference Publisher: IEEE.

10) Hisham A. Kholidy, Abdelkarim Erradi, Sherif Abdelwahed, Abdulrahman Azab, “A Finite State Hidden Markov Model for Predicting Multistage Attacks in Cloud Systems", in the 12th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC), Dalian, China, August 2014. Conference Publisher: IEEE.

 

11) Hisham A. Kholidy, Abdelkarim Erradi, Sherif Abdelwahed, Fabrizio Baiardi, “A Hierarchical, Autonomous, and Forecasting Cloud IDS, the 5th IEEE International Conference on Modeling, Identification and Control (ICMIC2013), Cairo, Aug31-Sept 1-2, 2013.

12) Hisham A. Kholidy, Abdelkarim Erradi, Sherif Abdelwahed, Fabrizio Baiardi, “HA-CIDS: A Hierarchical and Autonomous IDS for Cloud Environments”, Fifth International Conference on Computational Intelligence, Communication Systems and Networks (CICSyN) Madrid, Spain, June 2013. Conference Publisher: IEEE.

13) Hisham  A.  Kholidy,  Fabrizio  Baiardi,  "CIDD:  A Cloud  Intrusion  Detection Dataset for Cloud Computing and Masquerade Attacks", the 9th IEEE International Conference on Information Technology: New Generations (ITNG), Las Vegas, Nevada, USA, 2012.

14) Hisham A. Kholidy, Fabrizio Baiardi, "CIDS: A framework for Intrusion Detection in Cloud Systems", The 9th International Conf. on Information Technology: New Generations (ITNG), Las Vegas, Nevada, USA, 2012. Conference Publisher: IEEE.

15) Hisham A. Kholidy, Chatterjee N., "Towards Developing an Arabic Word Alignment Annotation Tool with Some Arabic Alignment Guidelines", the 2010 10th International Conference on Intelligent Systems  Design and Applications  (ISDA),  pp  778-783,  Cairo,  Egypt,  vol.  IEEE  Catalog Number: CFP10394-CDR, 2010. Conference Publisher: IEEE

16) Hisham  A.  Kholidy"A Study for  Access  Control Flow  Analysis With a Proposed  Job  Analyzer Component based on Stack Inspection Methodology", the 2010 10th International Conference on Intelligent Systems Design and Applications (ISDA), pp 1442-1447, Cairo, Egypt, vol. IEEE Catalog Number: CFP10394-CDR, 2010. Conference Publisher: IEEE

17) Hisham A. Kholidy, "HIMAN-GP: A Grid Engine Portal for controlling access to HIMAN Grid Middleware with performance evaluation using processes algebra", The 2nd IEEE International Conference on Computer Technology and Development ICCTD, pp 163-168, Cairo, 2010.

18) Hisham A. Kholidy, Khaled S. Algathber, "A New Accelerated RC4 Scheme using "Ultra Gridsec" and "HIMAN", 5th Int. Conference on Information Assurance and Security, Aug 2009, China. Conference Publisher: IEEE

19) Hisham A Kholidy, A. Azab, S. Deif, "Enhanced ULTRA GRIDSEC: Enhancing High-Performance Symmetric Key Cryptography Schema Using Pure Peer-to-Peer Computational Grid Middleware (HIMAN)", IEEE-ICPCA (the 3rd Int. Conf. on Pervasive Computing and Applications, 06-08 Oct 2008.

20) A. Azab, Hisham A Kholidy, "An Adaptive Decentralized Scheduling Mechanism for Peer-to-Peer Desktop Grids", International Conference on Computer Engineering & Systems Nov 2008.

21) Mostafa-Sami M., Safia H D., Hisham A Kholidy, "ULTRAGRIDSEC: Peer-to-Peer Computational Grid Middleware Security Using High-Performance Symmetric Key Cryptography" in IEEE-ITNG (5th Int. Conf. On Information Technology-New Generations), LasVegas, Nevada, USA, 7-9 April 2008.

v Published Posters:

1)     Djodan Maviaki, Debarshee Ghosh, Sanita Hadziahmetovic, and Hisham Kholidy, “5G Network Slicing Utilizing Blockchain Technology”, SUNY Poly Showcase event, won the Best Poster Award and an honorable mention in the computer science category of the showcase, May 2019.

2)     Bruce steel, Hisham Kholidy, “Modeling Attack Warfare in Cyber-physical Systems Using a Competitive Markov Model”, SUNY SURP Poster Sessions, August 2019.

3)     M. Arshad, P. Tirth, Hisham Kholidy, “Deception Technology: A Method to Reduce the Attack Exposure Time of a SCADA System”, https://dspace.sunyconnect.suny.edu/handle/1951/70148

4)     Akshay Bhoite, Diwash Basnet, Hisham Kholidy, “Risk Evaluation for Campus Area Network”, https://dspace.sunyconnect.suny.edu/handle/1951/70162

      Conferences, Journals, and Seminars that I Organized, Chaired, Led, or Reviewed

1)     Guest Editor of a special issue with title “Cyber Security in Big Data Era” in the Big Data and Cognitive Computing Journal, CFP deadline is March 2021. (attached the call for paper).

2)    Reviewer for the information security track, Cluster Computing Journal, August 2020.

3)    Reviewer for the information security track, the Future Generation Computer Systems, February 2020.

4)    Technical Program Committee (TPC) member, Int. Workshop on Self-Protecting Systems, April 2019

5)    Organizer and Co-Chair of the Cybersecurity Track at the ICCMIT conference in VIENNA, AUSTRIA March 26-28, 2019.

6)    Reviewer for the IEEE Transactions on Information Forensics and Security(IF 5.8) Jan 2019.

7)    Reviewer for Computer and Security Journal, (Impact factor:  2.65) January 2019.

8)    Lead Guest Editor of a special issue in the Security and Communication Networks Journal (Impact factor: 1.376), July 2018.

9)    Reviewer for the information security track, Cluster Computing Journal, 2017.

10)  Reviewer for the distributed system track, Journal of Supercomputing, 2016.

11)  Reviewer for the IEEE Transactions on Cloud Computing (IF:  7.92), March 2016.

12)  Publication Chair for the ACS/IEEE International Conference on Computer Systems and Applications (AICCSA), 2014.

13)  TPC member for the 12th Int. Conf. on Service-Oriented Computing (ICSOC), July 2014.

14)  Track chair for the Security and Privacy track in the ACS/IEEE International Conference on Computer Systems and Applications (AICCSA), 2014.

15)  TPC member for the Security, Privacy, Confidentiality, and Cloud Networking Track in the 3rd IEEE International Conference on Cloud Networking (IEEE CloudNet), 2014.

16)  Founder of the Egyptian winter school in Grid and Cloud Computing (EGWSGC), 2012.

17)  Track chair for the Information & Communication track in the 2nd International Conference on Computer Technology and Development (ICCTD), 2010.

18)  The organizer of a Cloud Computing seminar at Fayoum University in Egypt, July 2014.

 

      Achievements and Awards Recognitions (ordered by date)

 

1)     SUNY Poly Seed Grant Award, June 2019. Funded by the State University of New York. Role: PI, fund amount: $25,000.

2)     Best Poster Award about 5G Systems Security, it won an honorable mention in the computer science category of the showcase, May 2019.

3)     Best Paper Award. Paper details: Hisham A. Kholidy, “Towards a Scalable Symmetric Key Cryptographic Scheme: Performance Evaluation and Security Analysis”, IEEE International Conference on Computer Applications &Information Security (ICCAIS), Riyadh, Saudi Arabia, May 1-3, 2019.

4)     Visiting Faculty Research Award by the Air Force Research Lab (AFRL) in NY. May 2019.

5)     One accepted short research proposal for SUNY Poly Undergraduate Research Program (SURP), April 2019.

6)     A patent with the title "A Data-Driven Semi-Global Alignment Technique for Masquerade Detection in Stand-Alone and Cloud Computing Systems" was published by USPTO. Nov. 2018.

7)     Two accepted short research proposals for SUNY Poly Undergraduate Research Program (SURP) at State University of New York Polytechnic Institute, April 2018.

8)     A postdoctoral offer from the University of Nevada, Reno, August 2017.

9)     A postdoctoral offer from the Distributed Analytics and Security Institute (DASI)-Mississippi State University, June 2016.

10)  Certificate of Distinguished Research Quality, Fayoum University in Egypt. Nov. 2016.

11)  Best Lecturer Award, Fayoum University in Egypt. Nov. 2016.

12)  Certificate of Excellence in Teaching and Research, Fayoum Univ. in Egypt, Nov. 2014.

13)  A scholarship to study at Univ. of Arizona, College of Electrical and Computer Engineering as a part of my Ph.D. program to collaborate with their research team. Jan 2012.

14)  February 2012, I founded the 1st Egyptian Winter School in Grid and Cloud Computing “EGWSGC2012”. I trained a group of master and Ph.D. researchers on practical Cloud and Grid computing tools to be used in their researches.

15)  PhD-Plus certificate of Research Business Plan and Entrepreneurs, Pisa Univ., Italy, 2011.

16)   July 2010, a short scholarship by the Science Center of Ulm University in Günzburg in Germany to attend XtreemOS Summer School for Grid and Cloud systems.

17)  February 2010, a short scholarship by the National e-Science Centre of Edinburgh Univ. in the UK to attend the International Winter School in Grid Computing (IWSGC).

18)  August 2009, a full scholarship by the computer science department committee of Pisa University in Italy to study in a four-year Ph.D. program.

19)   July 2009, a patent was published by the United States Patent and Trademark Office (USPTO) with the title "Accelerating Stream Cipher Operations Using Single and Grid Systems", ref. KSU.0136PTUS, under number 12924978.

20)   In June 2009, awarded a research project by the Center of Excellence in Information Assurance (CoEIA) at King Saud Univ. in Saudi Arabia for Enhancing Grid computing Security. 

21)  May 2008, a scholarship by MALAYSIAN TECHNICAL COOPERATION PROGRAMME to study some practical parts during my master's degree.

22)  April 2005, the first Rank in the National ITI (Information Technology Institute) competition for Programming, database, and web developing.

23)  September 2003, ETS certification (Educational Testing Services) from ETS American Dept.

 

      Example of Software Projects That I Developed

1-     An Attack Classification Technique for the Cyber-Physical Power Systems using an Improved NON-NESTED GENERALIZED EXEMPLARS Algorithm.

https://sunypoly.edu/research/centers-programs/acrl/research.html.html

2-     A Security Framework for Countering Cyber-Adversary in Critical Infrastructures.

https://sunypoly.edu/research/centers-programs/acrl/research.html/span>.html

3-     A Cloud Intrusion Detection System (CIDS) to detect attacks in SaaS, PaaS, and IaaS. http://www.di.unipi.it/~hkholidy/projects/cids/index.html

4-     A cloud Intrusion detection dataset (CIDD).

http://www.di.unipi.it/~hkholidy/projects/cidd/index.html

5-     An intelligent prediction framework for forecasting Cloud consumer resource needs.

6-     An Intelligent biometric fingerprint and smart card reader Software for King Saud University.

7-     A Grid Resource Allocator System for Our Computational Grid Computing System (HIMAN).  

8-     Authentication, Authorization, and Encryption schemes to secure the data passing through "HIMAN".

9-     An E-learning web site for a community college at King Saud University.

10-  Several Examination software.

Training and Certifications

 

1-     NSF CAREER Workshop, “Proposal Writing Lectures Series”, Albany, NY.

2-     GIAC Certified Incident Handler (GCIH) by SANS Institute.

3-     DegreeWorks Workshop that explains how to academically advise students online. Suny Polytechnic Institute, Utica, NY.

4-     Blackboard Webinars in May 2019 at Suny Polytechnic Institute, Utica, NY.

5-     Research Writing Skills, University of Nevada, Reno.

6-     Professional English for research writing, Pisa University in Italy.

7-     Effective Classroom Management Strategies and Ideas for Teachers, by Erasmus IFOM- Teacher training courses and Vocational placement, Italy.

8-     Use of Technology in Teaching, University Code of Ethics, Competing of Research Funds, Research Ethics, Effective Presentation Skills. Faculty and Leadership Development Center (FLDC) at Fayoum University, Egypt.

9-     Cisco Certified Network Associate (CCNA) by Cisco Academy. 

10-  Network and Information Security, an internship granted by the Malaysian Technical Cooperation Program (MTCP) at Multimedia University in Melaka, Malaysia.

11-  MCPD (Microsoft Certified Professional Developer).

a. C#       b. SQL    c. ASP d. XML and Web Services.

12-  Advanced Network Security, an IBM Training Center, Egypt.

13-  Web Service Composition and Services Oriented Computing, Qatar University.

14-  Cloud Computing and High-Performance Systems, Pisa University.

     Programming Languages and Tools

Mastered the following programs and tools:

A- High-Performance Systems: (1) Cloud Computing frameworks: (Microsoft Private Cloud, Proxmox, Condor Cloud version, and Open Stack Cloud). (2) Grid Computing. (Condor, Globus, Unicore, and SETI@HOME).

 

B- Security Tools: SNORT, OSSEC, OSSIM, Metasploit, and several open-source security packages.

C- Programming Languages: Visual Studio Dot net, Java and Java Script, Paython, and C++.

D- Intelligent Languages: Prolog Language.

E- Database Tools: SQL, MySQL.

F- Operating Systems: Windows 2012 Server, UNIX Solaris, Linux Systems, and Mac.