Peer-Reviewed Research & Active Manuscripts

Publications in Trustworthy Machine Learning and Cybersecurity

My research examines how probabilistic models, generative systems, uncertainty, reproducible experimentation, and downstream evaluation can support dependable cybersecurity and scientific-computing applications.

Synthetic Cybersecurity Data Malware Classification Generative Models Bayesian Deep Learning Uncertainty Estimation Scientific Data Recovery Reproducible Research

Published Peer-Reviewed Work

Research that has completed peer review and is available through established scholarly publishers.

Submitted Research

Completed scholarly work formally submitted for peer review. Submission does not imply acceptance or publication.

Completed Manuscripts Ready for Submission

Completed research manuscripts in the GenCyberSynth publication series. These works are ready for submission but are not presented as submitted, accepted, or published.

Conditional Generation Done Right: External Conditioning Audits for Synthetic Malware Images

Bruno Fonkeng, Regine Khun, Jielun Zhang, and Fuhao Li

Completed manuscript · Preparing for submission

Introduces an external conditioning audit for class-conditional malware-image generators. Requested generation labels are compared against predictions from independent real-only classifiers to measure conditioning accuracy, label leakage, confusion patterns, and predicted-class collapse.

Shows that internal conditioning mechanisms and downstream augmentation gains do not necessarily prove requested-label fidelity, motivating independent conditioning audits for class-specific synthetic cybersecurity data.

When Does Synthetic Data Help Malware Classification? Utility, Class Imbalance, and Failure Modes Across Augmentation Regimes

Bruno Fonkeng, Regine Khun, Jielun Zhang, and Fuhao Li

Completed manuscript · Preparing for submission

Studies when GAN-, VAE-, and diffusion-generated malware images improve downstream classification and when they harm it. The paper compares balanced all-class augmentation with a controlled minority-heavy regime across multiple budgets and random seeds.

Demonstrates that synthetic augmentation is regime-dependent: value depends on generator family, budget, class structure, augmentation policy, and downstream metric rather than synthetic sample count alone.

Selective Synthetic Data Policies for Malware Classification: Allocation, Filtering, and Acceptance Rules Under Utility Constraints

Bruno Fonkeng, Regine Khun, Jielun Zhang, and Fuhao Li

Completed manuscript · Preparing for submission

Investigates which generated malware samples should be retained, filtered, ranked, or allocated before downstream classifier training. The work compares fixed budgets, keep-all augmentation, strict-confidence filtering, Top-k selection, and adaptive class-repair allocation.

Treats synthetic augmentation as a policy-controlled intervention and evaluates whether reduced or adaptively allocated synthetic sets can preserve utility under storage, training-cost, and acceptance constraints.

GenCyberSynth Research Progression

The four-paper sequence moves from benchmark construction to conditional reliability, downstream utility, and policy-controlled synthetic-data selection.

Paper 1

Unified Benchmark

Establishes the reproducible evaluation framework, controlled baselines, generator comparison, and utility-first protocol.

Paper 2

Conditioning Audits

Tests whether class-conditioned samples are externally recognized as the malware classes they were requested to represent.

Paper 3

Utility and Failure Modes

Determines when synthetic augmentation helps, when it hurts, and how results change across budgets and class-imbalance regimes.

Paper 4

Selective Policies

Evaluates filtering, ranking, acceptance, and allocation policies for using synthetic samples under practical utility constraints.

Publication statuses are intentionally precise. “Submitted” indicates formal submission for peer review. “Submission ready” indicates a completed manuscript that has not yet been formally submitted. Neither status implies acceptance or publication.

Research Built Around Defensible Evidence

My publication work connects probabilistic modeling, synthetic cybersecurity data, uncertainty, reproducibility, downstream utility, failure analysis, and the engineering infrastructure required to produce trustworthy scientific conclusions.