Ph.D. Candidate · INRIA Nord Europe

Aymen Bouferroum

Security and machine learning for the Industrial Internet of Things.

Working at the intersection of machine learning, cybersecurity, and network systems, from ML-driven trust models to physical-layer sensor attacks.

Scroll
01

About

I am a third-year Ph.D. candidate at INRIA Nord Europe in Lille, France, supervised by Valeria Loscri and co-supervised by Abderrahim Benslimane (University of Avignon). My thesis investigates machine learning for security in multi-technology Industrial Internet of Things.

My work sits at the intersection of cybersecurity, machine learning, and network systems. I explore how ML can enhance trust management, detect adversarial attacks on physical-layer sensors, and build resilient security frameworks for industrial networks. This spans theoretical modeling (Markov chains, stochastic optimization, statistical learning) and hands-on experimentation with real hardware including LiDAR sensors, WiFi CSI, and embedded platforms.

Recently I was a visiting researcher at CISPA Helmholtz Center for Information Security in Saarbrücken, Germany, investigating mirror-based LiDAR spoofing attacks on autonomous and industrial systems.

Aymen Bouferroum
Photo
Industrial IoT SecurityTrust ManagementFederated LearningLiDAR SpoofingWiFi CSIMachine LearningPhysical-Layer SecurityAdversarial AttacksCyber-Physical SystemsDeep Learning Industrial IoT SecurityTrust ManagementFederated LearningLiDAR SpoofingWiFi CSIMachine LearningPhysical-Layer SecurityAdversarial AttacksCyber-Physical SystemsDeep Learning
02

Publications

Channel State Information (CSI) is a widely used Wi-Fi sensing modality, and models are commonly trained on data simulated by adding noise (most often additive white Gaussian noise) to recorded channel estimates. Testing this assumption on six commodity receivers across two indoor environments, we show it does not hold: automatic gain control compresses the channel estimate multiplicatively, producing amplitude distributions that no additive noise variance can reproduce. We propose MQTC, a measurement-calibrated model combining per-subcarrier quantile mapping, temporal filtering, and copula-based cross-subcarrier reordering, which reduces amplitude error 8-fold and closes 89% of the aggregate fidelity gap. Classifiers trained on MQTC-simulated data recover 93% of real-data jamming-detection performance, while AWGN-trained classifiers remain near random.

Channel State InformationWi-Fi SensingSimulation ValidationSim-to-Real TransferReceiver ChainData Augmentation
PDF HAL
@misc{bouferroum2026csisimulationadditivenoise,
      title={CSI Simulation: Why Additive Noise Fails and How to Fix It},
      author={Aymen Bouferroum and Ildi Alla and Vincent Lenders and Valeria Loscri},
      year={2026},
      eprint={2607.01882},
      archivePrefix={arXiv},
      primaryClass={cs.NI},
      url={https://arxiv.org/abs/2607.01882},
}

Radio-frequency jamming poses a critical threat to the availability of wireless Industrial IoT networks. CITADEL is a lightweight, two-stage hierarchical pipeline that uses only Channel State Information (CSI), natively available on commodity IIoT devices, to detect and classify jamming attacks including previously unseen ones. Across 6 known attack types and 15 zero-day scenarios it achieves 100% known-attack detection and 97.1% zero-day detection at a 0.4% false-positive rate, resists white-box and black-box adversarial evasion, and completes end-to-end inference in 14.2 ms at 95.9 mJ on an edge GPU, outperforming eight baselines across detection, generalization, and robustness.

Wi-Fi SecurityChannel State InformationJamming DetectionOpen-Set RecognitionAdversarial RobustnessEdge Computing
PDF HAL
@misc{bouferroum2026citadelcsibasedjammingdetection,
      title={CITADEL: CSI-Based Jamming Detection and Open-Set Classification for IIoT Networks},
      author={Aymen Bouferroum and Ildi Alla and Valeria Loscri and Abderrahim Benslimane and Vincent Lenders},
      year={2026},
      eprint={2606.22939},
      archivePrefix={arXiv},
      primaryClass={cs.CR},
      url={https://arxiv.org/abs/2606.22939},
}

The Industrial IoT introduces serious security challenges as resource-constrained devices join critical processes, yet most defenses address a single layer and remain confined to simulation. This paper presents the research framework of my doctoral thesis: a lightweight, ML-based, multi-layer security framework for IIoT. Building on the Tm-IIoT trust model and the Hybrid IIoT (H-IIoT) architecture, it introduces the Trust Convergence Acceleration (TCA) approach, up to 28.6% faster trust convergence under degraded networks while staying robust to adversarial behavior, and proposes a real-world deployment on affordable, open-source hardware, extending toward multi-layer and physical-layer threat detection with resilience to adversarial ML.

IIoTTrust ManagementMachine LearningSecurity FrameworkNetwork Quality
@article{bouferroum2026toward,
  title={Toward a Multi-Layer ML-Based Security Framework for Industrial IoT},
  author={Bouferroum, Aymen and Loscri, Valeria and Benslimane, Abderrahim},
  journal={arXiv preprint arXiv:2603.24111},
  year={2026}
}

In Industrial IoT environments, trust management is vital for security, especially with resource-constrained devices, yet traditional trust models ignore fluctuating network quality, causing slow convergence and inaccurate assessments. We propose the Trust Convergence Acceleration (TCA) approach, which integrates a Random Forest model to predict the number of time units needed for trust convergence and dynamically adapts the transition probabilities of the trust model. On a simulation framework with realistic IEEE 802.11 (Wi-Fi 6) conditions, TCA cuts trust-convergence time by up to 28.6% under challenging conditions and improves trust-evaluation accuracy against malicious nodes.

IoTIIoTTrust ManagementMachine LearningNetwork Quality
PDF IEEE
@inproceedings{bouferroum2025accelerating,
  title={Accelerating Trust Convergence in IIoT: A ML Approach for Dynamic Network Conditions},
  author={Bouferroum, Aymen and Loscri, Valeria and Benslimane, Abderrahim},
  booktitle={IEEE Global Communications Conference (GLOBECOM) 2025},
  year={2025}
}

User-centric cell-free massive MIMO (UC-CFmMIMO) offers promising coverage for UAV communications but faces challenges in dynamic subband allocation. We propose a reinforcement-learning-driven framework that optimizes subband allocation for UAV users, adapting to varying trajectories and traffic demands to achieve near-optimal spectral efficiency at a fraction of the computational cost of exhaustive search.

Reinforcement LearningCell-Free mMIMOUAV CommunicationsResource Allocation
IEEE
@INPROCEEDINGS{11099147,
  author={Cheggour, Selina and Bouferroum, Aymen and Krishnan, Rahul},
  booktitle={2025 International Conference on Computer, Information and Telecommunication Systems (CITS)},
  title={Reinforcement Learning-Driven UC-CFmMIMO for UAVs: A Subband Allocation Framework},
  year={2025},
  volume={},
  number={},
  pages={1-8},
  keywords={6G mobile communication;Wireless communication;Reinforcement learning;Quality of service;Massive MIMO;Interference;Dynamic scheduling;Resource management;Vehicle dynamics;Radio spectrum management;Sixth-generation (6G);User-Centric Cell-Free Massive MIMO (UC-CFmMIMO);Aerial Vehicular Networks;Resource Allocation;Reinforcement Learning (RL);Deep Deterministic Policy Gradient (DDPG)},
  doi={10.1109/CITS65975.2025.11099147}}

The FITNESS project addresses the technical barriers preventing widespread IoT adoption in industrial and societal contexts. This paper presents the project vision and key insights on overcoming challenges of network heterogeneity, security, energy efficiency, and scalability, outlining the architectural principles developed within the French PEPR Future Networks program toward trustworthy, interoperable IoT.

IoTFuture NetworksFITNESSPEPRArchitecture
HAL
@misc{cassiau2025fitness,
  author = {Cassiau, Nicolas and Achir, Nadjib and Adjih, Cédric and Andrieux, Guillaume and Bechkit, Walid and others},
  title  = {Overcoming the Technical Hurdles of IoT Adoption: the FITNESS Project Vision and Insights},
  year   = {2025},
  doi    = {10.5281/zenodo.17119689},
  note   = {hal-05257163},
  url    = {https://hal.science/hal-05257163}
}
03

Research

01 / Trust

Trust Management in Industrial IoT

Machine-learning approaches that accelerate trust convergence and enable reliable device assessment in dynamic IIoT networks, designing trust models resilient to manipulation as topology and channels shift.

Markov chains · Machine learning · Stochastic optimization

02 / Sensing

Physical-Layer Security & Sensor Attacks

Vulnerabilities in physical-layer sensors for IIoT and autonomous systems: mirror-based LiDAR spoofing (Ouster, Hesai, Livox, RoboSense) and CSI-based jamming detection over WiFi channel state information.

LiDAR · WiFi CSI · CARLA · Point clouds · ESP32 · HackRF

03 / Frameworks

ML-Based Network Security Frameworks

Multi-layer security architectures uniting physical-layer authentication, traffic analysis, and application-level anomaly detection for resource-constrained industrial devices across heterogeneous networks.

Deep learning · Federated learning · Flower · PyTorch · TensorFlow

04

Skills

A toolkit that spans research and engineering: training deep and federated models, probing wireless physical layers with software-defined radios, and deploying security systems on real embedded hardware.

AI & Machine Learning

PyTorchTensorFlowKerasscikit-learnFederated LearningFlowerDeep LearningCNNRNN / LSTMDiffusion ModelsVAE

Networks & Wireless

TCP/IPBGPIEEE 802.114G / 5GVLAN / ACLFirewall / VPNWiFi CSILiDARESP32Jetson Orin NanoRaspberry Pi

Security & Offensive

Penetration TestingWiresharkKali LinuxNmapMetasploitBurp SuitesqlmapReverse EngineeringTrust ManagementHackRF OneSDRGNU Radio

Cloud & DevOps

DockerKubernetesAWSOpenStackVMwareRancherApache Spark

Software Development

PythonFlaskPyQt6JavaJavaFXJADEJavaScriptHTML / CSSGitUMLPostgreSQLMySQLMongoDBSQLite

Modeling & Theory

Markov ChainsStochastic OptimizationFinite State MachinesPetri NetsRandom ForestsGame Theory

Languages

ArabicNative
EnglishFull Professional · Linguaskill B2
FrenchFull Professional

Certifications

  • Neural Networks and Deep Learning
  • Preparing for a Career in Cybersecurity · Microsoft & LinkedIn
  • Linguaskill Business B2
  • Claude Code in Action
05

Experience

Mar 2026 – May 2026

Visiting PhD Researcher

CISPA Helmholtz Center · Saarbrücken, Germany

Research stay at the world's #1-ranked institution in computer security and cryptography (CSRankings), working on cyber-physical systems security for autonomous vehicles in the Industry 5.0 paradigm. Rebuilt a mirror-based LiDAR spoofing pipeline in CARLA and evaluated it across five sensors (Ouster, Hesai, Livox, RoboSense).

Oct 2023 – Present

Ph.D. Candidate

INRIA Nord Europe · Lille, France

Designing an energy-efficient trust-management architecture for the multi-technology Industrial IoT in the Industry 4.0 and 6G context: high security at low latency and overhead across heterogeneous, resource-constrained nodes. Supervised by Valeria Loscri, co-supervised by Abderrahim Benslimane.

Mar 2022 – Aug 2022

Research Intern

LIA · University of Avignon, France

Incentive design for efficient federated learning via game-theoretic coalition strategies with Shapley-value optimization.

2020 – 2022

M.Sc. Communicating Computer Systems

University of Avignon · France

2018 – 2020

M.Sc. Networks & Distributed Systems

University of Constantine · Algeria

2015 – 2018

B.Sc. Computer Science

University of Constantine · Algeria

06

Training & Events

Doctoral schools, conferences, and live demonstrations across Europe, where I present my research and sharpen it against the wider community.

Doctoral Schools

Flag of Greece

BEiNG-WISE Third Training School

Litochoro, Greece · Aug 2025 Attended

Cybersecurity and human factors in advanced communication technologies.

Flag of Albania

BEiNG-WISE Summer School

Tirana, Albania · Jun 2025 Attended

Specialized training on advanced communication technologies and cybersecurity.

Flag of North Macedonia

BEiNG-WISE Summer School

North Macedonia · Jun 2024 Attended

Cybersecurity and human factors in advanced communication technologies.

Flag of France

PEPR Cybersecurity Winter School

Grenoble, France · Jan 2025 Attended

Thematic sessions on malware, hardware security, and cryptanalysis, with a student presentation of ongoing work.

Conferences & Events

Flag of Spain

EuCNC & 6G Summit 2026

Málaga, Spain · Jun 2026 Live Demo Poster

Real-time wireless jamming detection on an Industrial IoT testbed, shown at the PEPR Réseaux du Futur booth.

Flag of Luxembourg

RESSI 2026

Clervaux, Luxembourg · May 2026 Paper Talk Poster

Presented the multi-layer ML-based security framework of my doctoral thesis.

Flag of Taiwan

IEEE GLOBECOM 2025

Taipei, Taiwan · Dec 2025 Paper

Presented the Trust Convergence Acceleration (TCA) approach for ML-driven trust management in Industrial IoT.

Flag of France

PEPR Réseaux du Futur

Grenoble · Toulouse · Bordeaux · Rennes · 2024–2026 Posters & Talks

Annual scientific days, FITNESS plenary sessions, and workshops across France.

07

Contact

Interested in collaborating on IIoT security, trust management, or applied machine learning? I am always glad to talk.