Publications
Selected publications
- AI-Powered System for an Efficient and Effective Cyber Incidents Detection and Response in Cloud Environments (Journal article - 2025)
- Reinforcement learning for an efficient and effective malware investigation during cyber incident response (Journal article - 2025)
- Hierarchical reinforcement learning for efficient and effective automated penetration testing of large networks (Journal article - 2023)
- ESASCF: Expertise Extraction, Generalization and Reply Framework for Optimized Automation of Network Security Compliance (Journal article - 2023)
- Advancing Cyber Incident Timeline Analysis Through Retrieval-Augmented Generation and Large Language Models (Journal article - 2025)
- Revolutionizing intrusion detection in industrial IoT with distributed learning and deep generative techniques (Journal article - 2024)
- Generative AI and LLMs for Critical Infrastructure Protection: Evaluation Benchmarks, Agentic AI, Challenges, and Opportunities. (Journal article - 2025)
- Weaponized IoT: A Comprehensive Comparative Forensic Analysis of Hacker Raspberry Pi and PC Kali Linux Machine (Journal article - 2025)
- D2WFP: A Novel Protocol for Forensically Identifying, Extracting, and Analysing Deep and Dark Web Browsing Activities (Journal article - 2023)
- Reinforcement Learning for Efficient Network Penetration Testing (Journal article - 2020)
2025
Security Compliance of IoT Devices with the UK PSTI Act: A Comparative Analysis
A Systematic Analysis on the Use of AI Techniques in Industrial IoT DDoS Attacks Detection, Mitigation and Prevention
Generative AI and LLMs for Critical Infrastructure Protection: Evaluation Benchmarks, Agentic AI, Challenges, and Opportunities.
Yigit, Y., Ferrag, M. A., Ghanem, M. C., Sarker, I. H., Maglaras, L. A., Chrysoulas, C., . . . Janicke, H. (2025). Generative AI and LLMs for Critical Infrastructure Protection: Evaluation Benchmarks, Agentic AI, Challenges, and Opportunities.. Sensors (Basel, Switzerland), 25(6), 1666. doi:10.3390/s25061666
Weaponized IoT: A Comprehensive Comparative Forensic Analysis of Hacker Raspberry Pi and PC Kali Linux Machine
Ghanem, M. C., Almeida Palmieri, E., Sowinski-Mydlarz, W., Al-Sudani, S., & Dunsin, D. (2025). Weaponized IoT: A Comprehensive Comparative Forensic Analysis of Hacker Raspberry Pi and PC Kali Linux Machine. IoT, 6(1), 18. doi:10.3390/iot6010018
Beyond Detection: Large Language Models and Next-Generation Cybersecurity
Ali, A., & Ghanem, M. C. (2025). Beyond Detection: Large Language Models and Next-Generation Cybersecurity. SHIFRA, 2025, 81-97. doi:10.70470/shifra/2025/005
Synchronization, Optimization, and Adaptation of Machine Learning Techniques for Computer Vision in Cyber-Physical Systems: A Comprehensive Analysis
Advancing Cyber Incident Timeline Analysis Through Retrieval-Augmented Generation and Large Language Models
Loumachi, F. Y., Ghanem, M. C., & Ferrag, M. A. (2025). Advancing Cyber Incident Timeline Analysis Through Retrieval-Augmented Generation and Large Language Models. Computers, 14(2), 67. doi:10.3390/computers14020067
Reinforcement learning for an efficient and effective malware investigation during cyber incident response
Dunsin, D., Ghanem, M. C., Ouazzane, K., & Vassilev, V. (2025). Reinforcement learning for an efficient and effective malware investigation during cyber incident response. High-Confidence Computing, 100299. doi:10.1016/j.hcc.2025.100299
Cryptographically Upgrading TOR Network to Enforce Anonymity by Enhancing Security and Improving Performances
Optimal Portfolio and Trading Strategy Using Machine Learning
Ouazzane, K., Yung Tang, K. H. P., & Ghanem, M. C. (2025). Optimal Portfolio and Trading Strategy Using Machine Learning. doi:10.20944/preprints202501.0585.v1
Leveraging Reinforcement Learning for an Efficient Automation of Windows Registry Analysis during Cyber Incident Response
Weaponized IoT: A Comprehensive Comparative Forensic Analysis of Hacker Raspberry Pi and PC Kali Linux Machine
AI-Powered System for an Efficient and Effective Cyber Incidents Detection and Response in Cloud Environments
Farzaan, M. A. M., Ghanem, M. C., El-Hajjar, A., & Ratnayake, D. N. (2025). AI-Powered System for an Efficient and Effective Cyber Incidents Detection and Response in Cloud Environments. IEEE Transactions on Machine Learning in Communications and Networking, 3, 623-643. doi:10.1109/tmlcn.2025.3564912
2024
A Novel Reinforcement Learning Model for Post-Incident Malware Investigations
Dunsin, D., Ghanem, M. C., Ouazzane, K., & Vassilev, V. (2024). A Novel Reinforcement Learning Model for Post-Incident Malware Investigations. In 2024 11th International Conference on Social Networks Analysis, Management and Security (SNAMS) (pp. 33-40). IEEE. doi:10.1109/snams64316.2024.10883810
Optimal Portfolio and Trading Strategy Using Machine Learning
Ouazzane, K., Tang, K., & Ghanem, M. C. (2024). Optimal Portfolio and Trading Strategy Using Machine Learning. In Global Congress on Emerging Technologies (GCET-2024) (pp. 89-96). IEEE. doi:10.1109/gcet64327.2024.10934318
Revolutionizing intrusion detection in industrial IoT with distributed learning and deep generative techniques
Hamouda, D., Ferrag, M. A., Benhamida, N., Seridi, H., & Ghanem, M. C. (2024). Revolutionizing intrusion detection in industrial IoT with distributed learning and deep generative techniques. Internet of Things, 26, 101149. doi:10.1016/j.iot.2024.101149
A Hierarchical Security Event Correlation Model for Real-Time Threat Detection and Response
Maosa, H., Ouazzane, K., & Ghanem, M. C. (2024). A Hierarchical Security Event Correlation Model for Real-Time Threat Detection and Response. Network, 4(1), 68-90. doi:10.3390/network4010004
A Comprehensive Analysis of the Role of Artificial Intelligence and Machine Learning in Modern Digital Forensics and Incident Response
Dunsin, D., Ghanem, M. C., Ouazzane, K., & Vassilev, V. (2024). A Comprehensive Analysis of the Role of Artificial Intelligence and Machine Learning in Modern Digital Forensics and Incident Response. FSI Digital Investigation. doi:10.1016/j.fsidi.2023.301675
2023
A Novel Hybrid Method for Effective Identification and Extraction of Digital Evidence Masked by Steganographic Techniques in WAV and MP3 Files
Ghane, M. C., Uribarri, M. D., Djemai, R., Dunsin, D., & Araujo, I. I. (2023). A Novel Hybrid Method for Effective Identification and Extraction of Digital Evidence Masked by Steganographic Techniques in WAV and MP3 Files. Journal of Information Security and Cybercrimes Research, 6(2), 89-104. doi:10.26735/izbk9372
D2WFP: A Novel Protocol for Forensically Identifying, Extracting, and Analysing Deep and Dark Web Browsing Activities
Ghanem, M. C., Mulvihill, P., Ouazzane, K., Djemai, R., & Dunsin, D. (2023). D2WFP: A Novel Protocol for Forensically Identifying, Extracting, and Analysing Deep and Dark Web Browsing Activities. Journal of Cybersecurity and Privacy, 3(4), 808-829. doi:10.3390/jcp3040036
Hierarchical reinforcement learning for efficient and effective automated penetration testing of large networks
Ghanem, M. C., Chen, T. M., & Nepomuceno, E. G. (2023). Hierarchical reinforcement learning for efficient and effective automated penetration testing of large networks. Journal of Intelligent Information Systems, 60(2), 281-303. doi:10.1007/s10844-022-00738-0
ESASCF: Expertise Extraction, Generalization and Reply Framework for Optimized Automation of Network Security Compliance
Ghanem, M. C., Chen, T. M., Ferrag, M. A., & Kettouche, M. E. (2023). ESASCF: Expertise Extraction, Generalization and Reply Framework for Optimized Automation of Network Security Compliance. IEEE Access, 11, 129840-129853. doi:10.1109/access.2023.3332834
2020
Reinforcement Learning for Efficient Network Penetration Testing
Ghanem, M. C., & Chen, T. M. (2019). Reinforcement Learning for Efficient Network Penetration Testing. Information, 11(1), 6. doi:10.3390/info11010006
2018
Reinforcement Learning for Intelligent Penetration Testing
Ghanem, M. C., & Chen, T. M. (2018). Reinforcement Learning for Intelligent Penetration Testing. In 2018 Second World Conference on Smart Trends in Systems, Security and Sustainability (WorldS4) (pp. 185-192). IEEE. doi:10.1109/worlds4.2018.8611595
2016
Enhancing WPA2-PSK four-way handshaking after re-authentication to deal with de-authentication followed by brute-force attack a novel re-authentication protocol
Ghanem, M. C., & Ratnayake, D. N. (2016). Enhancing WPA2-PSK four-way handshaking after re-authentication to deal with de-authentication followed by brute-force attack a novel re-authentication protocol. In 2016 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (CyberSA) (pp. 1-7). IEEE. doi:10.1109/cybersa.2016.7503286
Undated
Leveraging Reinforcement Learning for an Efficient Automation of Windows Registry Analysis During Cyber Incident Response
Ghanem, M. C., Benkhelifa, E., Wojtczak, D., Ferrag, M. A., Tihanyi, N., & Nepomuceno, E. G. (n.d.). Leveraging Reinforcement Learning for an Efficient Automation of Windows Registry Analysis During Cyber Incident Response.
Spectre: A Hybrid System for an Adaptative and Optimised Cyber Threats Detection, Response and Investigation in Volatile Memory
Ghanem, M. C., Syed, A. T., Benkhelifa, E., & Idrees Abro, F. (n.d.). Spectre: A Hybrid System for an Adaptative and Optimised Cyber Threats Detection, Response and Investigation in Volatile Memory.