Mohamed Amine Ferrag

Verified

Mohamed Amine verified their affiliation via an institutional email.

Learn more

Verified

Mohamed Amine verified their affiliation via an institutional email.

Learn more

• (Ph.D. & Hab.; SIEEE) in Cyber Security- Top 2% scientists (2020-2025)
• Associate Professor at University of Guelma

This paper provides a comprehensive review of the future of cybersecurity through Generative AI and Large Language Models (LLMs). We explore LLM applications across various domains, including hardware design security, intrusion detection, software engineering, design verification, cyber threat intelligence, malware detection, and phishing detection...

The deployment of the fifth-generation (5G) wireless networks in Internet of Everything (IoE) applications and future networks (e.g., sixth-generation (6G) networks) has raised a number of operational challenges and limitations, for example in terms of security and privacy. Edge learning is an emerging approach to training models across distributed...

Software vulnerabilities can cause numerous problems, including crashes, data loss, and security breaches. These issues greatly compromise quality and can negatively impact the market adoption of software applications and systems. Traditional bug-fixing methods, such as static analysis, often produce false positives. While bounded model checking, a...

The field of Natural Language Processing (NLP) is currently undergoing a revolutionary transformation driven by the power of pre-trained Large Language Models (LLMs) based on groundbreaking Transformer architectures. As the frequency and diversity of cybersecurity attacks continue to rise, the importance of incident detection has significantly incr...

In this paper, we propose a new comprehensive realistic cyber security dataset of IoT and IIoT applications, called Edge-IIoTset, which can be used by machine learning-based intrusion detection systems in two different modes, namely, centralized and federated learning. Specifically, the dataset has been generated using a purpose-built IoT/IIoT test...

Large language models and autonomous AI agents have evolved rapidly, resulting in a diverse array of evaluation benchmarks, frameworks, and collaboration protocols. However, the landscape remains fragmented and lacks a unified taxonomy or comprehensive survey. Therefore, we present a side-by-side comparison of benchmarks developed between 2019 and...

In response to increasing privacy concerns in data-sensitive environments like IoT systems, this paper introduces a privacy-enhanced federated learning (FL) framework to secure IoT networks while mitigating the performance degradation typically introduced by differential privacy (DP). We propose combining FL with data augmentation using generative...

Recent generative reasoning breakthroughs have transformed how large language models (LLMs) tackle complex problems by dynamically retrieving and refining information while generating coherent, multi-step thought processes. Techniques such as inference-time scaling, reinforcement learning, supervised fine-tuning, and distillation have been successf...

Software testing and verification are critical for ensuring the reliability and security of modern software systems. Traditionally, formal verification techniques, such as model checking and theorem proving, have provided rigorous frameworks for detecting bugs and vulnerabilities. However, these methods often face scalability challenges when applie...

Identifying vulnerabilities in source code is crucial, especially in critical software components. Existing methods such as static analysis, dynamic analysis, formal verification, and recently Large Language Models are widely used to detect security flaws. This paper introduces CASTLE (CWE Automated Security Testing and Low-Level Evaluation), a ben...

Critical National Infrastructures (CNIs)—including energy grids, water systems, transportation networks, and communication frameworks—are essential to modern society yet face escalating cybersecurity threats. This review paper comprehensively analyzes AI-driven approaches for Critical Infrastructure Protection (CIP). We begin by examining the relia...

Integrating Deep Learning (DL) techniques in the Internet of Vehicles (IoV) introduces many security challenges and issues that require thorough examination. This literature review delves into the inherent vulnerabilities and risks associated with DL in IoV systems, shedding light on the multifaceted nature of security threats. Through an extensive...

The rapid advancements in Transformers and Large Language Models (LLMs) have significantly transformed the landscape of cybersecurity, particularly in Intrusion Detection Systems (IDS). These models offer enhanced detection accuracy, scalability, and adaptability, surpassing traditional approaches in identifying and mitigating sophisticated cyber t...

Cyber timeline analysis or forensic timeline analysis is critical in digital forensics and incident response (DFIR) investigations. It involves examining artefacts and events—particularly their timestamps and associated metadata—to detect anomalies, establish correlations, and reconstruct a detailed sequence of the incident. Traditional approaches...

Cyber timeline analysis or Forensic timeline analysis is critical in Digital Forensics and Incident Response (DFIR) investigations. It involves examining artefacts and events—particularly their timestamps and associated metadata—to detect anomalies, establish correlations, and reconstruct a detailed sequence of the incident. Traditional approaches...

Indeed, Unmanned Aerial Vehicles (UAVs) have recently shown great potential in many fields. Applications such as monitoring, smart agriculture, delivery, and data collection showcase how UAVs can be exploited in various scenarios. As a result, UAV-assisted networks emerged as another potential candidate to exploit UAVs. Furthermore, due to the expo...

Windows represents the most common platform found in seized computers due to its widespread presence. This disparity has become worse due to the introduction of Microsoft’s Windows. Post Cyber Incident analysis of Microsoft Windows machines has become increasingly challenging due to the ever-evolving nature of digital threats. Traditional digital f...

Cyber timeline analysis or Forensic timeline analysis is critical in Digital Forensics and Incident Response (DFIR) investigations. It involves examining artefacts and events—particularly their timestamps and associated metadata—to detect anomalies, establish correlations, and reconstruct a detailed sequence of the incident. Traditional approaches...

This study compares state-of-the-art Large Language Models (LLMs) on their tendency to generate vulnerabilities when writing C programs using a neutral zero-shot prompt. Tihanyi et al. introduced the FormAI dataset at PROMISE ’23, featuring 112,000 C programs generated by GPT-3.5-turbo, with over 51.24% identified as vulnerable. We extended that re...

Network-based Intrusion Detection Systems (NIDS) are essential for securing modern cyber environments, but their effectiveness is often limited by a shortage of labeled data and the complexity of distributed network environments, where data is typically heterogeneous and non-IID (non-Independent and Identically Distributed). Traditional detection m...

As machine intelligence evolves, the need to test and compare the problem-solving abilities of different AI models grows. However, current benchmarks are often overly simplistic, allowing models to perform uniformly well, making it difficult to distinguish their capabilities. Additionally, benchmarks typically rely on static question-answer pairs,...

The integration of Large Language Models (LLMs) and Edge Intelligence (EI) introduces a groundbreaking paradigm for intelligent edge devices. With their capacity for human-like language processing and generation, LLMs empower edge computing with a powerful set of tools, paving the way for a new era of decentralized intelligence. Yet, a notable rese...

Distributed Denial of Service (DDoS) attacks disrupt service availability, leading to significant financial setbacks for individuals and businesses. This paper introduces Eye-Net, a deep learning-based system optimized for DDoS attack detection that combines feature selection, balancing methods, Multilayer Perceptron (MLP), and quantization-aware t...

Integrating Deep Learning (DL) techniques in the Internet of Vehicles (IoV) introduces many security challenges and issues that require thorough examination. This literature review delves into the inherent vulnerabilities and risks associated with DL in IoV systems, shedding light on the multifaceted nature of security threats. Through an extensive...

The fusion of satellite technologies with the Internet of Things (IoT) has propelled the evolution of mobile computing, ushering in novel communication paradigms and data management strategies. Within this landscape, the efficient management of computationally intensive tasks in satellite-enabled mist computing environments emerges as a critical ch...

Recently, Metaverse is gaining prominence within the field of radiology due to its potential to revolutionize image visualization. Radiologists can harness its capabilities to access dynamic, highly detailed results, thereby enhancing diagnostic precision. Digital twins, at the core of the Metaverse, are digital replicas of real-world objects and e...

This study provides a comparative analysis of state-of-the-art large language models (LLMs), analyzing how likely they generate vulnerabilities when writing simple C programs using a neutral zero-shot prompt. We address a significant gap in the literature concerning the security properties of code produced by these models without specific directive...

The fusion of satellite technologies with the Internet of Things (IoT) has propelled the evolution of mobile computing, ushering in novel communication paradigms and data management strategies. Within this landscape, the efficient management of computationally intensive tasks in satellite-enabled mist computing environments emerges as a critical ch...

The Internet of Things (IoT) and massive IoT systems are key to sixth-generation (6G) networks due to dense connectivity, ultra-reliability, low latency, and high throughput. Artificial intelligence, including deep learning and machine learning, offers solutions for optimizing and deploying cutting-edge technologies for future radio communications....

In response to escalating cyber threats and privacy issues within the Industrial Internet of Things (IIoT), this research presents FedGenID, an advanced Federated Generative Intrusion Detection System, to safeguard IIoT networks. Our approach introduces a three-model framework: 1) a federated generative model, incorporating a Conditional Generative...

Large Language Models (LLMs) excel across various domains, from computer vision to medical diagnostics. However, understanding the diverse landscape of cybersecurity, encompassing cryptography, reverse engineering, and managerial facets like risk assessment, presents a challenge, even for human experts. In this paper, we introduce CyberMetric, a be...

Critical infrastructure (CI) typically refers to the essential physical and virtual systems, assets, and services that are vital for the functioning and well-being of a society, economy, or nation. However, the rapid proliferation and dynamism of today’s cyber threats in digital environments may disrupt CI functionalities, which would have a debili...

The Internet of Things (IoT) and massive IoT systems are key to sixth-generation (6G) networks due to dense connectivity, ultra-reliability, low latency, and high throughput. Artificial intelligence, including deep learning and machine learning, offers solutions for optimizing and deploying cutting-edge technologies for future radio communications....

Despite providing unparalleled connectivity and convenience, the exponential growth of the Internet of Things (IoT) ecosystem has triggered significant cybersecurity concerns. These concerns stem from various factors, including the heterogeneity of IoT devices, widespread deployment, and inherent computational limitations. Integrating emerging tech...

Solar insecticidal lamps (SIL) can effectively control pests and reduce the use of pesticides. Combining SIL and Internet of Things (IoT) has formed a new type of agricultural IoT, known as SIL-IoT, which can improve the effectiveness of migratory phototropic pest control. However, since the SIL is connected to the Internet, it is vulnerable to var...

Fifth-generation and Beyond (5GB) networks are transformational technologies to revolutionize future wireless communications in terms of massive connectivity, higher capacity, lower latency, and ultra-high reliability. To this end, 5GB networks are designed as a coalescence of various schemes and enabling technologies such as unmanned aerial vehicl...

Due to the complexity and diversity of Industrial Internet of Things (IIoT) systems, which include heterogeneous devices, legacy and new connectivity protocols and systems, and distributed networks, sophisticated attacks like ransomware will likely target these systems in the near future. Researchers have focused on studying and addressing ransomwa...

Organizations constantly exposed to cyber threats are compelled to comply with cyber security standards and policies for protecting their digital assets. Vulnerability assessment (VA) and penetration testing (PT) are widely adopted methods for security compliance (SC) to identify security gaps and anticipate security breaches. However, these method...

The main goal of a Data Service Composition is combining multiple data services to provide for a user’s query a new service which uses data from multiple service providers that are incorporated in the composition. In this situation, the data privacy and especially of the service providers can be breached when their critical data can be seen by anot...

With the dramatic growth of available Android applications in today’s digital era, Android malware has grown accordingly in both quantity and sophistication, becoming a serious threat to network security and user privacy. In addition, with a large-scale Android system deployment and the raising of privacy concerns, data heterogeneity, availability,...

Electricity theft, known as "Non-Technical Loss" (NTL) is certainly one of the priorities of power distribution utilities. Indeed, NTL could lead to serious damage ranging from massive financial losses to loss of reputation resulting from poor power quality. With advances in metering infrastructure technologies, the availability of user data has fu...

The Internet of Drones (IoD) has lately acquired popularity because to its flexibility to a broad variety of difficult situations. Unmanned Aerial Vehicles (UAVs) can be utilised efficiently in surveillance, agriculture, search-and-rescue operations, and mission-critical services. Drones have a lot of technological and practical benefits, including...

The Internet of Things (IoT) has revolutionized modern tech with interconnected smart devices. While these innovations offer unprecedented opportunities, they also introduce complex security challenges. Cybersecurity is a pivotal concern for intrusion detection systems (IDS). Deep Learning has shown promise in effectively detecting and preventing c...

Edge computing (EC) serves as a promising complement to cloud computing, yet the challenge of task offloading decision-making persists. While task offloading can extend device lifespan, it may introduce delays that surpass acceptable application thresholds. To address this challenge, we propose a machine learning (ML) technique that leverages key f...

Nowadays, to ensure people’s and property’s safety, cities have dozens of cameras installed on almost every corner. However, the haphazard deployment of these cameras often results in overlapping fields of view, leading to redundant processing of the same events by multiple cameras. This situation requires more power, huge bandwidth, and more stora...

Cyberattacks, particularly those targeting systems that store or handle sensitive data, have become more sophisticated in recent years. To face increasing threats, continuous capacity building and digital skill competence are needed. Cybersecurity hands-on training is essential to upskill cybersecurity professionals. However, the cost of developing...

Software vulnerabilities leading to various detriments such as crashes, data loss, and security breaches, significantly hinder the quality, affecting the market adoption of software applications and systems. Although traditional methods such as automated software testing, fault localization, and repair have been intensively studied, static analysis...

Despite the rapid development of technology, computer systems still rely heavily on passwords for security, which can be problematic. Although multi-factor authentication has been introduced, it is not completely effective against more advanced attacks. To address this, this study proposes a new two-factor authentication method that uses honeytoken...

This paper presents the FormAI dataset, a large collection of 112,000 AI-generated compilable and independent C programs with vulnerability classification. We introduce a dynamic zero-shot prompting technique, constructed to spawn a diverse set of programs utilizing Large Language Models (LLMs). The dataset is generated by GPT-3.5-turbo and compris...

Natural Language Processing (NLP) domain is experiencing a revolution due to the capabilities of Pre-trained Large Language Models ( LLMs), fueled by ground-breaking Transformers architecture, resulting into unprecedented advancements. Their exceptional aptitude for assessing probability distributions of text sequences is the primary catalyst for o...

The ongoing deployment of the fifth generation (5G) wireless networks constantly reveals limitations concerning its original concept as a key driver of Internet of Everything (IoE) applications. These 5G challenges are behind worldwide efforts to enable future networks, such as sixth generation (6G) networks, to efficiently support sophisticated ap...

In real-time object tracking systems, it is essential to assign a unique identifier or label to each tracked object to distinguish it from other objects to reduce the number of ID switching (ID-Sw) and improve tracking quality. To perform the object labeling process, massive metadata must be researched to determine the appropriate label. Despite th...

Internet of Things (IoT) systems include many smart devices that continuously generate massive spatio-temporal data, which can be difficult to process. These continuous data streams need to be stored smartly so that query searches are efficient. In this work, we propose an efficient method, in the fog-cloud computing architecture, to index continuo...

In this article, we are trying to bridge the gap between cybersecurity and the reliability of Critical National Infrastructures (CNIs). We are discussing new methodologies that could map better the system requirements by incorporating security (and privacy) with reliability (and safety), introducing a new research area under the broad term of secur...

In this paper we present a novel solution that combines the capabilities of Large Language Models (LLMs) with Formal Verification strategies to verify and automatically repair software vulnerabilities. Initially, we employ Bounded Model Checking (BMC) to locate the software vulnerability and derive a counterexample. The counterexample provides evid...

Service composition is combining multiple services to provide for user query a new service which uses data from multiple service providers that are incorporated in the composition. In this situation, the data privacy and especially of the service providers can be breached. Therefore, keeping the data privacy during the composition process is crucia...

The 5th revolution of the industrial era-or Industry 5.0-is the new industry trend 1 that defines the smart factory concept. This concept is based on emerging technologies, 2 such as 5G/6G communications, fog computing, drones, cloud computing, blockchain, 3 artificial intelligence, deep learning, etc. To allow optimization of operations and reduce...

While the benefits of 6G-enabled Internet of Things (IoT) are numerous, providing high-speed, low-latency communication that brings new opportunities for innovation and forms the foundation for continued growth in the IoT industry, it is also important to consider the security challenges and risks associated with the technology. In this paper, we p...

Federated edge learning can be essential in supporting privacy-preserving, artificial intelligence (AI)-enabled activities in digital twin 6G-enabled Internet of Things (IoT) environments. However, we need to also consider the potential of attacks targeting the underlying AI systems (e.g., adversaries seek to corrupt data on the IoT devices during...

The next generation of cellular technology, 6G, is being developed to enable a wide range of new applications and services for the Internet of Things (IoT). One of 6G's main advantages for IoT applications is its ability to support much higher data rates and bandwidth as well as to support ultra-low latency. However, with this increased connectivit...

The digital revolution has taken business sectors to a new height through the advancement of technology. The healthcare sector also embraced digital technology to facilitate technological change from mechanical and analogue electronic devices to the digital technology that is available today. The common use of digital technology in the healthcare s...

Unmanned Aerial Vehicles (UAVs), also known as drones, have recently become one of the most important technological breakthroughs. They have opened the horizon for a vast array of applications and paved the way for a diversity of innovative solutions. Integrating drones with the Internet has led to the emergence of a new paradigm named the Internet...

Cloud Computing is a paradigm allowing access to physical and application resources online via the Internet. These resources are virtualized using virtualization software to make them available to users as a service. Virtual machines (VMs) migration technique provided by virtualization technology impacts the performance of the cloud. It is a signif...

Advanced technologies, such as the Internet of Things (IoT) and Artificial Intelligence (AI), underpin many of the innovations in Industry 4.0. However, the interconnectivity and open nature of such systems in smart industrial facilities can also be targeted and abused by malicious actors, which reinforces the importance of cyber security. In this...

In this study, we review the fundamentals of IoT architecture and we thoroughly present the communication protocols that have been invented especially for IoT technology. Moreover, we analyze security threats, and general implementation problems, presenting several sectors that can benefit the most from IoT development. Discussion over the findings...

By leveraging the conventional Vehicular Ad-hoc Networks (VANETs), the Internet of Vehicles (IoV) paradigm has attracted the attention of different research and development bodies. However, IoV deployment is still at stake as many security and privacy issues are looming; location tracking using overheard safety messages is a good example of such is...

The growing reliance of industry 4.0/5.0 on emergent technologies has dramatically increased the scope of cyber threats and data privacy issues. Recently, federated learning (FL) based intrusion detection systems (IDS) promote the detection of large-scale cyber-attacks in resource-constrained and heterogeneous industrial systems without exposing da...

The industrial internet of things (IIoT) is considered a new paradigm in the era of wireless communication for performing automatic communication in the network. However, automatic computation and data recognition may invite several security and privacy threats into the system during the sharing of information. There exist several intrusion detecti...

The increase in electricity theft has become one of the main concerns of power distribution networks. Indeed, electricity theft could not only lead to financial losses but also leads to reputation damage by reducing the quality of supply. With advanced sensing technologies of metering infrastructures, data collection of electricity consumption enab...

The digital revolution has made people more dependent on ICT technology to perform everyday tasks, whether at home or at work [...]

The International Conference on Pattern Analysis and Intelligent Systems would like to become a major point of contact between researchers, engineers, and practitioners from all over the world to share ideas and achievements in the theory and practice of intelligent control, artificial intelligence and decision support concerned with systems, neura...

Federated learning (FL) is a data-privacy-preserving, decentralized process that allows local edge devices of smart infrastructures to train a collaborative model independently while keeping data localized. FL algorithms, encompassing a well-structured average of the training parameters (e.g., the weights and biases resulting from training-based st...

Computer systems rely heavily on passwords their safety for unreasonable long time, compared to the rapid progress and development of technology. Although insufficient authenti-cation mechanisms were enhanced by the use of two or more factors that resulted in new multi factor authentication schemes, more sophisticated and targeted attacks have show...

The use of Internet key exchange protocols in IP Security architecture and IoT environments has vulnerable to various malicious attacks and affects communication efficiency. To address these weaknesses, we propose a novel efficient and secure Internet key exchange protocol (ESIKE), which achieves a high level of security along with low computationa...

Agricultural advancement over time has been an essential component of human civilization's evolution. The rapid progress of emerging technologies is driving digital empowerment in nearly every industry, including the agricultural sector. Regardless of the benefits derived from this evolution, there are several security threats involved, which can h...

Resistance to differential cryptanalysis is a fundamental security requirement for symmetric block ciphers, and recently, deep learning has attracted the interest of cryptography experts, particularly in the field of block cipher cryptanalysis, where the bulk of these studies are differential distinguisher based black-box attacks. This paper provid...