A5038047052- Network Security and Intrusion Detection
- Advanced Malware Detection Techniques
- Information and Cyber Security
- Internet Traffic Analysis and Secure E-voting
- Access Control and Trust
- Anomaly Detection Techniques and Applications
- Software-Defined Networks and 5G
- Security and Verification in Computing
- Spam and Phishing Detection
- Software Reliability and Analysis Research
- Service-Oriented Architecture and Web Services
- Artificial Immune Systems Applications
- Software Engineering Research
- Smart Grid Security and Resilience
- Cryptographic Implementations and Security
- Caching and Content Delivery
- Peer-to-Peer Network Technologies
- Digital and Cyber Forensics
- Software System Performance and Reliability
- Cybersecurity and Cyber Warfare Studies
- IPv6, Mobility, Handover, Networks, Security
- Complex Network Analysis Techniques
- Software Testing and Debugging Techniques
- Advanced Authentication Protocols Security
- Network Packet Processing and Optimization
Institut Polytechnique de Paris
2015-2024
Telecom SudParis
2015-2024
Laboratoire d'Ingénierie Circulation Transports
2021-2024
Télécom Paris
2010-2023
Orange (France)
2012-2021
Centre National de la Recherche Scientifique
2010-2019
Institut Mines-Télécom
2012-2017
Université Paris-Saclay
2016-2017
Centre National pour la Recherche Scientifique et Technique (CNRST)
2017
Supélec
2004-2010
An approach toward user behavior modeling that takes advantage of the properties neural algorithms is described, and results obtained on preliminary testing are presented. The basis IDES (Intruder Detection Expert System) which has two components, an expert system looking for evidence attacks known vulnerabilities a statistical model computer under surveillance. This learns habits when he works with computer, raises warnings current not consistent previously learned patterns. authors suggest...
The growing Internet of Things (IoT) market introduces new challenges for network activity monitoring. Legacy monitoring is not tailored to cope with the huge diversity smart devices. New discovery techniques are necessary in order find out what IoT devices connected network. In this context, data analysis can be leveraged specific patterns that help recognize device types. Indeed, contrary desktop computers, perform very tasks making their networking behavior predictable. paper, we present...
Distributed Denial of Service attacks (DDoS) have remained as one the most destructive in Internet for over two decades. Despite tremendous efforts on design DDoS defense strategies, few them been considered widespread deployment due to strong assumptions infrastructure, prohibitive operational costs and complexity. Recently, emergence Software Defined Networking (SDN) has offered a solution reduce network management It is also believed facilitate security thanks its programmability. To...
Combining an "anomaly" and a "misuse" IDSes offers the advantage of separating monitored events between normal, intrusive or unqualified classes (i.e. not known as attack, but recognize safe either). In this article, we provide framework to systematically reason about combination anomaly misuse components. This applied Web servers lead us propose serial architecture, using drastic component with sensitive component. architecture provides operator better qualification detection results,...
The rapid development of the Internet Things (IoT) has prompted a recent interest into realistic IoT network traffic generation. Security practitioners need data to develop and assess network-based intrusion detection systems (NIDS). Emulating will avoid costly physical deployment thousands smart devices. From an attacker's perspective, generating that mimics legitimate behavior device can be useful evade NIDS. As consist sequences packets, problem is similar generation categorical data,...
Intrusion detection systems create large amounts of alerts. Significant part these alerts can be seen as background noise an operational information system, and its quantity typically overwhelms the user. In this paper we have three points to make. First, present our findings regarding causes noise. Second, provide some reasoning why one would like keep eye on despite number Finally, approach for monitoring with reasonable user load is proposed. The based modeling regularities in alert flows...
The new threat of the Internet, but little known to 'general public' is constituted by botnets. Botnets are networks infected computers, which headed a pirate called also 'Attacker' or 'Master'. botnets nowadays mainly responsible for large-scale coordinated attacks. attacker can ask computers 'Agents' 'Zombies' perform all sorts tasks him, like sending spam, performing DDoS attacks, phishing campaigns, delivering malware, leasing selling their other fraudsters anywhere. In this paper we...
When a new computer security vulnerability is publicly disclosed, only textual description of it available. Cybersecurity experts later provide an analysis the severity using Common Vulnerability Scoring System (CVSS). Specifically, different characteristics are summarized into vector (consisting set metrics), from which score computed. However, because high number vulnerabilities disclosed everyday this process requires lot manpower, and several days may pass before analyzed. We propose to...
The authors present an application of recurrent neural networks for intrusion detection. A partially network has been chosen this particular application. acts as a data filter that highlights anomalous or suspicious according to previously learned patterns. It proven adaptive, because the same results several users have obtained with varying activities. cosine function was tested, and hetero-associative version used analyze flipflop problem. >