Chaire Cyber CNI

Chaire Cyber CNI – Cybersecurity for Critical Networked Infrastructures

[RU2/22] Awaleh HOUSSEIN MERANEH : Automated Learning for handling Cyber-Physical Attacks

On Oct 17, 2022, our PhD Awaleh HOUSSEIN MERANEH presented her latest results regarding “Automated Learning for handling Cyber-Physical Attacks“. This presentation took place during the research update fall 2022 event of the chair Cybersecurity for Critical Networked Infrastructures ( at the SNCF Head Office. You find more infos on our website

We cordially invite you to contact us for collaborations, partnerships, etc. We are constantly looking for new industry partners to strengthen our profile. Make an appointment to find out more!

To see the video, click on this link :


Industrial control systems (ICS) interconnect highly physical components and cyber components via a communication network. This intensive interconnection increases the vulnerability of the physical
components. In addition, disruption of these systems due to anomalies can cause collateral damage (e.g. the Stuxnet attack). Anomaly and mitigation methods are used to guarantee the security and the proper
functioning of ICSs. As a result, the primary goal of this study is to develop an ICS anomaly detection approach. Network-based Intrusion Detection Systems (NIDS) and Host-based Intrusion Detection Systems (HIDS) are the most used anomaly and intrusion detection methods in the literature. Due to the rising complexity of the network, these methods have a high false alarm rate and a delayed response time (long detection period). The manufacturing life cycle time of ICS, on the other hand, is shorter than the detection period, which can result in physical harm (product defects, equipment damage, etc.). Behavioral Anomaly Detection (BAD) is becoming more widely used in the literature to address the aforementioned issues and shorten the detection time. BAD consists of monitoring the behavior of physical components of ICSs. In addition, side-channel parameters, such as electromagnetic, power consumption, and sound, effectively describe the behavior of systems. So the main research question addressed in this thesis is: how can side channels be used to improve the detection of anomalies in ICS?


After graduating from the University of Djibouti with a Bachelor’s degree in Computer Mathematics in 2018, I continued on to the University of Limoges to study a Master’s degree in Information Security and
Cryptology. This program allowed me to acquire advanced skills in cryptology, both theoretically and practically. Moreover, the training projects (both research and practical) allowed me to become familiar with concepts such as quantum and post-quantum cryptography, PKI and certifications. Indeed, I did my end-of-studies internship in the SRCD department of the IMT Atlantic campus in Rennes. The subject of my internship is “blind side-channel attacks on the Elephant LFSR (a lightweight algorithm)”. It is through projects, internships and the passion I have for research that I decided to pursue my adventure in research by a PhD thesis.

About Research Update

The Research Updates happen once per semester. They are our big status event where our PhD students, PostDocs, and Engineers present their progress, current works, and next challenges. The research update is the perfect opportunity for getting an overview on and discussing what is going on at the chair.

About the chair Cybersecurity of Critical Networked Infrastructures (

The Cyber CNI Chair at IMT Atlantique does research, innovation, and teaching in the field of cybersecurity for critical networked infrastructures. Such infrastructures include industrial processes, financial systems, building automation, energy networks, water treatment plants, or transportation.

The chair covers the full stack from sensors and actuators and their signals over industrial control systems, distributed services at the edge or cloud, to user interfaces with collaborative Mixed Reality, and security policies. The chair currently hosts 9 PhD students, 4 PostDocs, 11 Professors, 1 engineer, and 1 internship student.

The chair runs a large testbed that enables applied research together with the industry partners. The industry partners of the current third funding round are Airbus, BNP Paribas, EDF, and SNCF. The chaire is located in Brittany, France. Brittany is the cybersecurity region number 1 in France. The chair Cyber CNI is strongly embedded in the cybersecurity ecosystem through its partnerships with the Pôle d’Excellence Cyber (PEC) and the Brittany Region.

The chair provides a unique environment for cybersecurity research with lots of development possibilities.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.