Spectre-Fed: Evolving Federated Edge Intelligence From FedEdge-ID to Robust-Private IoT Intrusion Detection via Hybrid Adversarial Training Saeed Ullah, Junsheng Wu, Mian Muhammad Kamal, Mohammed K. Alzaylaee, Mohammad Alibakhshikenari IEEE Open Journal of the Communications Society, 2026 The growing number of Internet of Things (IoT) devices requires decentralized Edge Intelligence solutions. As the current FL-based IDS systems are decentralized solutions for privacy protection, face two major problems: (1) network traffic manipulation through adversarial evasion attacks (2) privacy threats from gradient-based inference attacks and (3) server-side Robustness issue. The current methods which use Differential Privacy (DP) or adversarial training result in 5-15% accuracy reduction which makes them unsuitable for deployment. The key novelty of our work is the integration of a novel dual-defense framework that uniquely reconciles the conflict between differential privacy noise and adversarial gradient requirements, effectively eliminating the conventional ”accuracy tax” along with server-side Robust Aggregation. Our research develops an enhanced two-stage federated system which is robust and protects privacy while delivering secure IoT edge intelligence solutions. The core system FedEdge-ID provides 99.73% detection performance across different edge devices. Spectre-Fed enhances the FedEdge-ID framework via three key defenses: (1) Hybrid Loss Adversarial Training (α=0.5) to fortify decision boundaries against evasion, (2) Gradient-Guided Adaptive Privacy with decreasing noise injection (σ0=0.0005, γ =0.95) for secure gradient updates, and (3) Robust Trimmed Mean Aggregation to counter Byzantine poisoning. Experiments demonstrate that Spectre-Fed’s client-side (Layer 1) defense achieves 99.72% clean accuracy with only a 0.01% utility loss versus the non-private baseline. It shows strong adversarial resilience, retaining 99.34% accuracy against FGSM attacks (ϵ =0.01), a mere 0.38% degradation from the clean state. When integrated with server-side Robust Aggregation (Layer 2), the system sustains 99.59% accuracy even under active label-flipping attacks from 20% of clients, while preserving high utility compared to the baseline. The system achieves optimal privacy-utility balance through its formal privacy protection and its ability to resist adversarial attacks which makes it suitable for zero-trust IoT systems.
Enhancing Cybersecurity Through Artificial Intelligence: A Novel Approach to Intrusion Detection Mohammed K. Alzaylaee International Journal of Advanced Computer Science and Applications, 2025 Modern cyber threats have evolved to sophisticated levels, necessitating advanced intrusion detection systems (IDS) to protect critical network infrastructure. Traditional signature-based and rule-based IDS face challenges in identifying new and evolving attacks, leading organizations to adopt AI-driven detection solutions. This study introduces an AI-powered intrusion detection system that integrates machine learning (ML) and deep learning (DL) techniques—specifically Support Vector Machines (SVM), Random Forests, Autoencoders, and Convolutional Neural Networks (CNNs)—to enhance detection accuracy while reducing false positive alerts. Feature selection techniques such as SHAP-based analysis are employed to identify the most critical attributes in network traffic, improving model interpretability and efficiency. The system also incorporates reinforcement learning (RL) to enable adaptive intrusion response mechanisms, further enhancing its resilience against evolving threats. The proposed hybrid framework is evaluated using the SDN_Intrusion dataset, achieving an accuracy of 92.8%, a false positive rate of 5.4%, and an F1-score of 91.8%, outperforming conventional IDS solutions. Comparative analysis with prior studies demonstrates its superior capability in detecting both known and unknown threats, particularly zero-day attacks and anomalies. While the system significantly enhances security coverage, challenges in real-time implementation and computational overhead remain. This paper explores potential solutions, including federated learning and explainable AI techniques, to optimize IDS functionality and adaptive capabilities.
Intrusion Detection Model on Network Data with Deep Adaptive Multi-Layer Attention Network (DAMLAN) Fatma S. Alrayes, Syed Umar Amin, Nada Ali Hakami, Mohammed K. Alzaylaee, Tariq Kashmeery CMES Computer Modeling in Engineering and Sciences, 2025 The growing incidence of cyberattacks necessitates a robust and effective Intrusion Detection Systems (IDS) for enhanced network security. While conventional IDSs can be unsuitable for detecting different and emerging attacks... | Find, read and cite all the research you need on Tech Science Press
An Auto Encoder-Enhanced Stacked Ensemble for Intrusion Detection in Healthcare Networks Fatma S. Alrayes, Mohammed Zakariah, Mohammed K. Alzaylaee, Syed Umar Amin, Zafar Iqbal Khan Computers Materials and Continua, 2025 Healthcare networks prove to be an urgent issue in terms of intrusion detection due to the critical consequences of cyber threats and the extreme sensitivity of medical information. The proposed Auto-Stack ID in the study is a stacked ensemble of encoder-enhanced auctions that can be used to improve intrusion detection in healthcare networks. The WUSTL-EHMS 2020 dataset trains and evaluates the model, constituting an imbalanced class distribution (87.46% normal traffic and 12.53% intrusion attacks). To address this imbalance, the study balances the effect of training Bias through Stratified K-fold cross-validation (K = 5), so that each class is represented similarly on training and validation splits. Second, the Auto-Stack ID method combines many base classifiers such as TabNet, LightGBM, Gaussian Naive Bayes, Histogram-Based Gradient Boosting (HGB), and Logistic Regression. We apply a two-stage training process based on the first stage, where we have base classifiers that predict out-of-fold (OOF) predictions, which we use as inputs for the second-stage meta-learner XGBoost. The meta-learner learns to refine predictions to capture complicated interactions between base models, thus improving detection accuracy without introducing bias, overfitting, or requiring domain knowledge of the meta-data. In addition, the auto-stack ID model got 98.41% accuracy and 93.45% F1 score, better than individual classifiers. It can identify intrusions due to its 90.55% recall and 96.53% precision with minimal false positives. These findings identify its suitability in ensuring healthcare networks’ security through ensemble learning. Ongoing efforts will be deployed in real time to improve response to evolving threats.
Deep learning techniques for android botnet detection Suleiman Y. Yerima, Mohammed K. Alzaylaee, Annette Shajan, Vinod P Electronics Switzerland, 2021 Android is increasingly being targeted by malware since it has become the most popular mobile operating system worldwide. Evasive malware families, such as Chamois, designed to turn Android devices into bots that form part of a larger botnet are becoming prevalent. This calls for more effective methods for detection of Android botnets. Recently, deep learning has gained attention as a machine learning based approach to enhance Android botnet detection. However, studies that extensively investigate the efficacy of various deep learning models for Android botnet detection are currently lacking. Hence, in this paper we present a comparative study of deep learning techniques for Android botnet detection using 6802 Android applications consisting of 1929 botnet applications from the ISCX botnet dataset. We evaluate the performance of several deep learning techniques including: CNN, DNN, LSTM, GRU, CNN-LSTM, and CNN-GRU models using 342 static features derived from the applications. In our experiments, the deep learning models achieved state-of-the-art results based on the ISCX botnet dataset and also outperformed the classical machine learning classifiers.
Mobile Botnet Detection: A Deep Learning Approach Using Convolutional Neural Networks Suleiman Y. Yerima, Mohammed K. Alzaylaee 2020 International Conference on Cyber Situational Awareness Data Analytics and Assessment Cyber SA 2020, 2020 Android, being the most widespread mobile operating systems is increasingly becoming a target for malware. Malicious apps designed to turn mobile devices into bots that may form part of a larger botnet have become quite common, thus posing a serious threat. This calls for more effective methods to detect botnets on the Android platform. Hence, in this paper, we present a deep learning approach for Android botnet detection based on Convolutional Neural Networks (CNN). Our proposed botnet detection system is implemented as a CNN-based model that is trained on 342 static app features to distinguish between botnet apps and normal apps. The trained botnet detection model was evaluated on a set of 6,802 real applications containing 1,929 botnets from the publicly available ISCX botnet dataset. The results show that our CNN-based approach had the highest overall prediction accuracy compared to other popular machine learning classifiers. Furthermore, the performance results observed from our model were better than those reported in previous studies on machine learning based Android botnet detection.
High Accuracy Phishing Detection Based on Convolutional Neural Networks Suleiman Y. Yerima, Mohammed K. Alzaylaee Iccais 2020 3rd International Conference on Computer Applications and Information Security, 2020 The persistent growth in phishing and the rising volume of phishing websites has led to individuals and organizations worldwide becoming increasingly exposed to various cyber-attacks. Consequently, more effective phishing detection is required for improved cyber defence. Hence, in this paper we present a deep learning-based approach to enable high accuracy detection of phishing sites. The proposed approach utilizes convolutional neural networks (CNN) for high accuracy classification to distinguish genuine sites from phishing sites. We evaluate the models using a dataset obtained from 6,157 genuine and 4,898 phishing websites. Based on the results of extensive experiments, our CNN based models proved to be highly effective in detecting unknown phishing sites. Furthermore, the CNN based approach performed better than traditional machine learning classifiers evaluated on the same dataset, reaching 98.2% phishing detection rate with an F1-score of 0.976. The method presented in this paper compares favourably to the state-of-the art in deep learning based phishing website detection.
DL-Droid: Deep learning based android malware detection using real devices Mohammed K. Alzaylaee, Suleiman Y. Yerima, Sakir Sezer Computers and Security, 2020 The Android operating system has been the most popular for smartphones and tablets since 2012. This popularity has led to a rapid raise of Android malware in recent years. The sophistication of Android malware obfuscation and detection avoidance methods have significantly improved, making many traditional malware detection methods obsolete. In this paper, we propose DL-Droid, a deep learning system to detect malicious Android applications through dynamic analysis using stateful input generation. Experiments performed with over 30,000 applications (benign and malware) on real devices are presented. Furthermore, experiments were also conducted to compare the detection performance and code coverage of the stateful input generation method with the commonly used stateless approach using the deep learning system. Our study reveals that DL-Droid can achieve up to 97.8% detection rate (with dynamic features only) and 99.6% detection rate (with dynamic + static features) respectively which outperforms traditional machine learning techniques. Furthermore, the results highlight the significance of enhanced input generation for dynamic analysis as DL-Droid with the state-based input generation is shown to outperform the existing state-of-the-art approaches.
Few-shot learning for detecting malicious executables KA Asmitha, MK Alzaylaee, P Vinod, N Renugadevi, VD Vikram CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS 29 (4) , 2026 2026
Spectre-Fed: Evolving Federated Edge Intelligence from FedEdge-ID to Robust-Private IoT Intrusion Detection via Hybrid Adversarial Training MA Saeed Ullah, Junsheng Wu, Mian Muhammad Kamal, Mohammed K. Alzaylaee IEEE Open Journal of the Communications Society , 2026 2026
Advancing Cybersecurity: AI-Driven Computer Vision and Machine Learning Models for Real-Time Threat Detection and Prevention MK Alzaylaee, FA Almarshad, GA Gashgari, D Algawiaz, AIA Alzahrani Journal of Engineering Research , 2026 2026
Optimizing Intrusion Detection System (IDS) with Hybrid Random Forest and CNN-LSTM Models for Improved Accuracy and Efficiency FS Alrayes, M Zakariah, MK Alzaylaee, SU Amin, ZI Khan 2025 Citations: 1
Enhancing Cybersecurity Through Artificial Intelligence: A Novel Approach to Intrusion Detection. MK Alzaylaee International Journal of Advanced Computer Science & Applications 16 (4) , 2025 2025 Citations: 8
A Systematic Review of Security Vulnerabilities in Smart Home Devices and Mitigation Techniques MK Alzaylaee IJCSNS 23 (3), 206 , 2025 2025 Citations: 1
An Auto Encoder-Enhanced Stacked Ensemble for Intrusion Detection in Healthcare Networks FS Alrayes, M Zakariah, MK Alzaylaee, SU Amin, ZI Khan Computers, Materials, & Continua 85 (2), 3457 , 2025 2025 Citations: 2
Intrusion Detection Model on Network Data with Deep Adaptive Multi-Layer Attention Network (DAMLAN) F Alrayes, S Amin, N Hakami, M Alzaylaee, T Kashmeery Computer Modeling in Engineering & Sciences 144 (1), 581 , 2025 2025 Citations: 2
Deep Learning Techniques for Android Botnet Detection SY Yerima, MK Alzaylaee, A Shajan, V P Electronics 10 (4), 519 , 2021 2021 Citations: 60
P, V. Deep Learning Techniques for Android Botnet Detection. Electronics 2021, 10, 519 SY Yerima, MK Alzaylaee, A Shajan s Note: MDPI stays neutral with regard to jurisdictional claims in published … , 2021 2021
Mobile botnet detection: A deep learning approach using convolutional neural networks SY Yerima, MK Alzaylaee 2020 International Conference on Cyber Situational Awareness, Data Analytics … , 2020 2020 Citations: 49
High accuracy phishing detection based on convolutional neural networks SY Yerima, MK Alzaylaee 2020 3rd International Conference on Computer Applications & Information … , 2020 2020 Citations: 138
DL-Droid: Deep learning based android malware detection using real devices MK Alzaylaee, SY Yerima, S Sezer Computers & Security 89, 101663 , 2020 2020 Citations: 547
Enhanced Machine Learning Based Dynamic Detection of Evasive Android Malware MKM Alzaylaee Queen's University Belfast. Faculty of Engineering and Physical Sciences, July , 2019 2019
Machine learning-based dynamic analysis of Android apps with improved code coverage SS Suleiman Y. Yerima, Mohammed K. Alzaylaee EURASIP Journal on Information Security, 1-24 , 2019 2019 Citations: 52
Improving dynamic analysis of android apps using hybrid test input generation MK Alzaylaee, SY Yerima, S Sezer 2017 international conference on cyber security and protection of digital … , 2017 2017 Citations: 43
EMULATOR vs REAL PHONE: Android Malware Detection Using Machine Learning S Yerima, S Sezer, MK Alzaylaee ACM , 2017 2017
Emulator vs real phone: Android malware detection using machine learning MK Alzaylaee, SY Yerima, S Sezer Proceedings of the 3rd ACM on International Workshop on Security and Privacy … , 2017 2017 Citations: 123
DynaLog: An automated dynamic analysis framework for characterizing android applications MK Alzaylaee, SY Yerima, S Sezer 2016 International Conference On Cyber Security And Protection Of Digital … , 2016 2016 Citations: 94
MOST CITED SCHOLAR PUBLICATIONS
DL-Droid: Deep learning based android malware detection using real devices MK Alzaylaee, SY Yerima, S Sezer Computers & Security 89, 101663 , 2020 2020 Citations: 547
High accuracy phishing detection based on convolutional neural networks SY Yerima, MK Alzaylaee 2020 3rd International Conference on Computer Applications & Information … , 2020 2020 Citations: 138
Emulator vs real phone: Android malware detection using machine learning MK Alzaylaee, SY Yerima, S Sezer Proceedings of the 3rd ACM on International Workshop on Security and Privacy … , 2017 2017 Citations: 123
DynaLog: An automated dynamic analysis framework for characterizing android applications MK Alzaylaee, SY Yerima, S Sezer 2016 International Conference On Cyber Security And Protection Of Digital … , 2016 2016 Citations: 94
Deep Learning Techniques for Android Botnet Detection SY Yerima, MK Alzaylaee, A Shajan, V P Electronics 10 (4), 519 , 2021 2021 Citations: 60
Machine learning-based dynamic analysis of Android apps with improved code coverage SS Suleiman Y. Yerima, Mohammed K. Alzaylaee EURASIP Journal on Information Security, 1-24 , 2019 2019 Citations: 52
Mobile botnet detection: A deep learning approach using convolutional neural networks SY Yerima, MK Alzaylaee 2020 International Conference on Cyber Situational Awareness, Data Analytics … , 2020 2020 Citations: 49
Improving dynamic analysis of android apps using hybrid test input generation MK Alzaylaee, SY Yerima, S Sezer 2017 international conference on cyber security and protection of digital … , 2017 2017 Citations: 43
Enhancing Cybersecurity Through Artificial Intelligence: A Novel Approach to Intrusion Detection. MK Alzaylaee International Journal of Advanced Computer Science & Applications 16 (4) , 2025 2025 Citations: 8
Linear Node Movement Patterns in MANETS M Alzaylaee, J DeDourek, P Pochec The Ninth International Conference on Wireless and Mobile Communications … , 2013 2013 Citations: 5
An Auto Encoder-Enhanced Stacked Ensemble for Intrusion Detection in Healthcare Networks FS Alrayes, M Zakariah, MK Alzaylaee, SU Amin, ZI Khan Computers, Materials, & Continua 85 (2), 3457 , 2025 2025 Citations: 2
Intrusion Detection Model on Network Data with Deep Adaptive Multi-Layer Attention Network (DAMLAN) F Alrayes, S Amin, N Hakami, M Alzaylaee, T Kashmeery Computer Modeling in Engineering & Sciences 144 (1), 581 , 2025 2025 Citations: 2
Optimizing Intrusion Detection System (IDS) with Hybrid Random Forest and CNN-LSTM Models for Improved Accuracy and Efficiency FS Alrayes, M Zakariah, MK Alzaylaee, SU Amin, ZI Khan 2025 Citations: 1
A Systematic Review of Security Vulnerabilities in Smart Home Devices and Mitigation Techniques MK Alzaylaee IJCSNS 23 (3), 206 , 2025 2025 Citations: 1
Investigation of the linear node movement patterns in wireless networks M Alzaylaee University of New Brunswick , 2012 2012 Citations: 1
Few-shot learning for detecting malicious executables KA Asmitha, MK Alzaylaee, P Vinod, N Renugadevi, VD Vikram CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS 29 (4) , 2026 2026
Spectre-Fed: Evolving Federated Edge Intelligence from FedEdge-ID to Robust-Private IoT Intrusion Detection via Hybrid Adversarial Training MA Saeed Ullah, Junsheng Wu, Mian Muhammad Kamal, Mohammed K. Alzaylaee IEEE Open Journal of the Communications Society , 2026 2026
Advancing Cybersecurity: AI-Driven Computer Vision and Machine Learning Models for Real-Time Threat Detection and Prevention MK Alzaylaee, FA Almarshad, GA Gashgari, D Algawiaz, AIA Alzahrani Journal of Engineering Research , 2026 2026
P, V. Deep Learning Techniques for Android Botnet Detection. Electronics 2021, 10, 519 SY Yerima, MK Alzaylaee, A Shajan s Note: MDPI stays neutral with regard to jurisdictional claims in published … , 2021 2021
