Network Security Research

Led by Dr Muhammad Faiz Bin Mohd Zaki

SIG Overview

The Network Security SIG is the backbone of CSNET's research ecosystem, dedicated to securing the hyper-connected infrastructure of the future. Led by Dr Muhammad Faiz Bin Mohd Zaki, this group bridges the gap between traditional network defence and next-generation intelligence.

Moving beyond simple firewalls, the group pioneers "self-defending networks" — systems capable of autonomously detecting, analysing, and neutralising threats in real time. With deep expertise in network analytics and federated learning provided by top experts like Prof. Nor Badrul Anuar, the SIG focuses on securing high-speed networks, IoT environments, and edge computing infrastructures against increasingly sophisticated, automated cyber attacks.

Key Research Areas

  1. 1

    Intelligent Intrusion Detection Systems (IDS)

    Developing adaptive IDPS that utilise machine learning to detect "low and slow" attacks and zero-day anomalies that traditional signature-based systems miss.

  2. 2

    Granular Network Traffic Analytics

    Deep-diving into encrypted traffic flows using Deep Packet Inspection (DPI) and behavioural analysis to classify applications and identify malicious hidden tunnels.

  3. 3

    Federated Learning & Edge Security

    Pioneering privacy-preserving security models where edge devices (like IoT gateways) collaboratively train defence models without sharing sensitive raw data.

  4. 4

    IoT Device Fingerprinting & Security

    Creating robust methods to identify and quarantine insecure IoT devices on a network based on their signalling patterns and radio frequency signatures.

  5. 5

    Digital Forensics & Audio Source Identification

    Advancing forensic capabilities to trace cybercrimes, including novel techniques for identifying the source of digital audio and tracking malicious VoIP activities.

Research Projects

  1. 1

    Agentic AI for Autonomous Threat Response

    Developing an "Agentic AI" framework capable of autonomously hunting threats and executing response protocols using the Model Context Protocol (MCP), effectively removing the "human bottleneck" in rapid incident response.

  2. 2

    Lightweight Traffic Classification with Explainable AI (XAI)

    Designing lightweight AI models that can run on resource-constrained routers and sensors to classify network traffic, utilising "Explainable AI" to ensure operators understand why traffic was flagged as malicious.

  3. 3

    Secure Federated Learning against Adversarial Attacks

    Investigating vulnerabilities in federated learning systems themselves. This project builds defence mechanisms to prevent attackers from "poisoning" the shared learning model used by edge devices.

  4. 4

    Transformer-Based IoT Traffic Profiling

    Applies Transformer models (similar to those in LLMs) to network traffic sequences. This project improves the identification of diverse IoT devices and anomalies in heterogeneous network environments, outperforming traditional statistical methods in handling complex traffic patterns.

  5. 5

    GRAIN: Granular Encrypted Traffic Classification

    A novel framework designed to classify encrypted network traffic (HTTPS/VPN) at a granular level. It uses advanced "classifier chains" to identify not just the application (e.g., YouTube), but the specific activity (e.g., video streaming vs. upload) without breaking encryption.

Interested in collaborating?

Reach out to discuss postgraduate supervision, joint research, or industry partnerships in network security and edge intelligence.

Get in Touch