In an era of hyperconnectivity, Network Security is no longer an optional safeguard, it is a core architectural principle. The Network Security Group investigates, develops, and evaluates advanced strategies to protect communication networks against evolving cyber threats.
Our focus is on proactive and intelligent security mechanisms that go beyond traditional perimeter defences. We combine theoretical modelling with applied research across three key pillars:
- Network Fuzzing: Uncovering protocol vulnerabilities through intelligent fuzz testing to detect deep flaws before attackers do.
- Intrusion Detection Systems: Leveraging AI and deep learning for anomaly-based detection of sophisticated cyberattacks.
- Network Security Simulation: Creating safe, virtual environments to simulate and evaluate real-world threats targeting complex infrastructures, including smart grids and IoT systems.
We are also exploring emerging technologies such as LLM-based anomaly classifiers and cyber-physical security for critical infrastructure protection, with strong ties to current industrial and EU-level regulatory demands (e.g., CRA, NIS2, IEC 62443, MITRE ATT&CK).
Our aim is to anticipate, simulate, and defend, transforming resilience from a buzzword into a quantifiable, verifiable system property.
Enhancing Employability and Skills for Engineering Graduates through Innovation, Networking, Collaboration and Curriculum Updating
(Non-FAU Project)Project leader:
Term: 2026-01-01 - 2028-12-31
Acronym: Eng-Inc
Funding source: Erasmus+
URL: https://sites.ju.edu.jo/en/Eng-INC/home.aspxThe ENG- INC project has come to strengthen the capacity and quality of higher education in engineering to respond to increased demand for qualified engineers by the new global economy. Concentrating on the critical gaps of engineering curricula, it shall provide a better understanding both in practical and theoretical knowledge toward professional success. Strategic integration in the innovation of teaching will encompass not only academic improvement but also the assurance of employability by affording the students hands-on experiences that can meet today's industrial demands through the incorporation of virtual and remote labs, problem-based learning, and ECTS.
The project will promote knowledge transfer and the elaboration of customized training programs for both academic staff and students through active collaboration with European higher education institutions recognized for their expertise in modern teaching methodologies. In this way, it will bridge the gap between academic knowledge and the needs of industry, making graduates capable of meeting the challenges of local and regional labor markets, especially those that are growing fast, such as technology and sustainable engineering.
The latent message of this project, therefore, is inclusiveness. Equal attention will, therefore, be paid to the disabled, underprivileged, and deprived groups so as to allow them equal chances to compete at better opportunities with others. The project includes accessible learning tools, adaptive technologies, and support systems that reduce barriers to access and allow all students, specially the targeted ones, to benefit from the improved curriculum and methodologies.
Test Patterns zur Erkennung von Softwareschwachstellen
(Third Party Funds Group – Sub project)Overall project: Evaluierung von Verfahren zum Testen der Informationssicherheit in der nuklearen Leittechnik durch smarte Testfallgenerierung 2
Project leader:
Term: 2020-07-01 - 2023-06-30
Acronym: SMARTEST2-FAU-SWE
Funding source: Bundesministerium für Wirtschaft und Energie (BMWE)Das Verbundvorhaben SMARTEST2 befasst sich mit Untersuchungen zur Verbesserung der IT-Sicherheit vernetzter software-basierter leittechnischer Systeme. Aufbauend auf den Forschungsergebnissen des Vorgängerprojekts SMARTEST sollen weitergehende securityrelevante Testverfahren zur Unterstützung der Erkennung von Schwachstellen in nuklearen Leittechniksystemen erarbeitet werden.
Auf der Basis des Vorgängerteilvorhabens SMARTEST-FAU-SWE befasst sich das Teilvorhaben SMARTEST2-FAU-SWE mit der Entwicklung systematischer, angriffsspezifischer Testverfahren mittels sukzessiver Identifikation relevanter Schwachstellenklassen, statischer Verfahren zur Eingrenzung des Suchraums und zur Ermittlung der zu verfolgenden Testziele, sowie dynamischer Verfahren zur heuristischen Verfolgung der statisch identifizierten Testziele. Ein weiteres Ziel betrifft die Herleitung eines Leitfadens mittels Zuordnung der untersuchten Schwachstellenarten und der sich ergebenden Testmuster.
Model-based testing strategies
(Third Party Funds Group – Sub project)Overall project: SMARTEST: Evaluierung von Verfahren zum Testen der Informationssicherheit in der nuklearen Leittechnik durch smarte Testfallgenerierung
Project leader:
Term: 2015-07-01 - 2018-12-31
Acronym: SMARTEST-FAU-SWE
Funding source: Bundesministerium für Wirtschaft und Energie (BMWE)Overall goal of the cooperative project SMARTEST is to increase the ability of detecting as far as possible IT vulnerabilities in automatic control software for nuclear power plants. By removing the vulnerabilities identified the chances of IT attacks and thus also the risk of critical events due to systematic IT attacks can be reduced.Appropriate model notations are to be selected for the purpose of representing predefined attack scenarios at an adequate abstraction level. On the basis of the resulting models and scenarios, test targets are to be determined and formalised such that their achievement can provide evidence for existing system vulnerabilities. In case the testing targets are not achieved, appropriate metrics are to be provided allowing for a significant quantitative evaluation of the testing progress achieved so far. Such measurable test stopping criteria can finally be applied to control the automatic generation of optimal test data.
2025
2024
2023
2022
2019
| Type | Title | Status |
|---|---|---|
| MA thesis | Al-Based Anomaly Detection to Enhance Cybersecurity in IoT Networks | running |
| MA thesis | Al-Driven Anomaly Detection of ICS Protocols in Smart Grids | running |
| MA thesis | Enhancing Cybersecurity for Cyber-Physical Systems: Integration of Preventive and Detective Controls Using Digital Twins | running |
| MA thesis | A Social-aware Software Stack for an Autonomous Driving Wheelchair | finnished |
| MA thesis | i7Fuzzer: An Intelligent Approach for Protocol Security Testing | finnished |
Dr.-Ing. Loui Al Sardy
Address
Contact
