143 results on '"Lahmadi, Abdelkader"'
Search Results
2. Exploratory Data Analysis of a Network Telescope Traffic and Prediction of Port Probing Rates
- Author
-
Zakroum, Mehdi, Houmz, Abdellah, Ghogho, Mounir, Mezzour, Ghita, Lahmadi, Abdelkader, François, Jérôme, and Koutbi, Mohammed El
- Subjects
Computer Science - Cryptography and Security ,Computer Science - Artificial Intelligence ,Computer Science - Machine Learning - Abstract
Understanding the properties exhibited by large scale network probing traffic would improve cyber threat intelligence. In addition, the prediction of probing rates is a key feature for security practitioners in their endeavors for making better operational decisions and for enhancing their defense strategy skills. In this work, we study different aspects of the traffic captured by a /20 network telescope. First, we perform an exploratory data analysis of the collected probing activities. The investigation includes probing rates at the port level, services interesting top network probers and the distribution of probing rates by geolocation. Second, we extract the network probers exploration patterns. We model these behaviors using transition graphs decorated with probabilities of switching from a port to another. Finally, we assess the capacity of Non-stationary Autoregressive and Vector Autoregressive models in predicting port probing rates as a first step towards using more robust models for better forecasting performance., Comment: IEEE Intelligence and Security Informatics
- Published
- 2018
- Full Text
- View/download PDF
3. MitM Attack Detection in BLE Networks Using Reconstruction and Classification Machine Learning Techniques
- Author
-
Lahmadi, Abdelkader, Duque, Alexis, Heraief, Nathan, Francq, Julien, Filipe, Joaquim, Editorial Board Member, Ghosh, Ashish, Editorial Board Member, Prates, Raquel Oliveira, Editorial Board Member, Zhou, Lizhu, Editorial Board Member, Koprinska, Irena, editor, Kamp, Michael, editor, Appice, Annalisa, editor, Loglisci, Corrado, editor, Antonie, Luiza, editor, Zimmermann, Albrecht, editor, Guidotti, Riccardo, editor, Özgöbek, Özlem, editor, Ribeiro, Rita P., editor, Gavaldà, Ricard, editor, Gama, João, editor, Adilova, Linara, editor, Krishnamurthy, Yamuna, editor, Ferreira, Pedro M., editor, Malerba, Donato, editor, Medeiros, Ibéria, editor, Ceci, Michelangelo, editor, Manco, Giuseppe, editor, Masciari, Elio, editor, Ras, Zbigniew W., editor, Christen, Peter, editor, Ntoutsi, Eirini, editor, Schubert, Erich, editor, Zimek, Arthur, editor, Monreale, Anna, editor, Biecek, Przemyslaw, editor, Rinzivillo, Salvatore, editor, Kille, Benjamin, editor, Lommatzsch, Andreas, editor, and Gulla, Jon Atle, editor
- Published
- 2020
- Full Text
- View/download PDF
4. ThreatPredict: From Global Social and Technical Big Data to Cyber Threat Forecast
- Author
-
François, Jérôme, Beck, Frederic, Mezzour, Ghita, Carley, Kathleen M., Lahmadi, Abdelkader, Ghogho, Mounir, Houmz, Abdellah, Hammouchi, Hicham, Zakroum, Mehdi, Nejjari, Narjisse, Cherqi, Othmane, and Palestini, Claudio, editor
- Published
- 2020
- Full Text
- View/download PDF
5. An Empirical Study of Ransomware Vulnerabilities Descriptions
- Author
-
Lanza, Claudia, primary, Lahmadi, Abdelkader, additional, and Osmond, Fabian, additional
- Published
- 2024
- Full Text
- View/download PDF
6. HuMa: A Multi-layer Framework for Threat Analysis in a Heterogeneous Log Environment
- Author
-
Navarro, Julio, Legrand, Véronique, Lagraa, Sofiane, François, Jérôme, Lahmadi, Abdelkader, De Santis, Giulia, Festor, Olivier, Lammari, Nadira, Hamdi, Fayçal, Deruyver, Aline, Goux, Quentin, Allard, Morgan, Parrend, Pierre, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Imine, Abdessamad, editor, Fernandez, José M., editor, Marion, Jean-Yves, editor, Logrippo, Luigi, editor, and Garcia-Alfaro, Joaquin, editor
- Published
- 2018
- Full Text
- View/download PDF
7. Performance of Network and Service Monitoring Frameworks
- Author
-
Lahmadi, Abdelkader, Andrey, Laurent, and Festor, Olivier
- Subjects
Computer Science - Performance - Abstract
The efficiency and the performance of anagement systems is becoming a hot research topic within the networks and services management community. This concern is due to the new challenges of large scale managed systems, where the management plane is integrated within the functional plane and where management activities have to carry accurate and up-to-date information. We defined a set of primary and secondary metrics to measure the performance of a management approach. Secondary metrics are derived from the primary ones and quantifies mainly the efficiency, the scalability and the impact of management activities. To validate our proposals, we have designed and developed a benchmarking platform dedicated to the measurement of the performance of a JMX manager-agent based management system. The second part of our work deals with the collection of measurement data sets from our JMX benchmarking platform. We mainly studied the effect of both load and the number of agents on the scalability, the impact of management activities on the user perceived performance of a managed server and the delays of JMX operations when carrying variables values. Our findings show that most of these delays follow a Weibull statistical distribution. We used this statistical model to study the behavior of a monitoring algorithm proposed in the literature, under heavy tail delays distribution. In this case, the view of the managed system on the manager side becomes noisy and out of date.
- Published
- 2009
8. SecSip: A Stateful Firewall for SIP-based Networks
- Author
-
Lahmadi, Abdelkader and Festor, Olivier
- Subjects
Computer Science - Cryptography and Security ,Computer Science - Networking and Internet Architecture - Abstract
SIP-based networks are becoming the de-facto standard for voice, video and instant messaging services. Being exposed to many threats while playing an major role in the operation of essential services, the need for dedicated security management approaches is rapidly increasing. In this paper we present an original security management approach based on a specific vulnerability aware SIP stateful firewall. Through known attack descriptions, we illustrate the power of the configuration language of the firewall which uses the capability to specify stateful objects that track data from multiple SIP elements within their lifetime. We demonstrate through measurements on a real implementation of the firewall its efficiency and performance.
- Published
- 2009
9. An Experimental Study of Denial of Service Attacks on a 5G COTS Hardware
- Author
-
Baccar, Karim, primary and Lahmadi, Abdelkader, additional
- Published
- 2023
- Full Text
- View/download PDF
10. ML Models for Detecting QoE Degradation in Low-Latency Applications: A Cloud-Gaming Case Study
- Author
-
Ky, Joël Roman, primary, Mathieu, Bertrand, additional, Lahmadi, Abdelkader, additional, and Boutaba, Raouf, additional
- Published
- 2023
- Full Text
- View/download PDF
11. MitM Attack Detection in BLE Networks Using Reconstruction and Classification Machine Learning Techniques
- Author
-
Lahmadi, Abdelkader, primary, Duque, Alexis, additional, Heraief, Nathan, additional, and Francq, Julien, additional
- Published
- 2020
- Full Text
- View/download PDF
12. Using Information Centric Networking in Internet of Things: A Survey
- Author
-
Mars, Dorra, Mettali Gammar, Sonia, Lahmadi, Abdelkader, and Azouz Saidane, Leila
- Published
- 2019
- Full Text
- View/download PDF
13. Outsourcing Mobile Security in the Cloud
- Author
-
Hurel, Gaëtan, Badonnel, Rémi, Lahmadi, Abdelkader, Festor, Olivier, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Kobsa, Alfred, editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Weikum, Gerhard, editor, Sperotto, Anna, editor, Doyen, Guillaume, editor, Latré, Steven, editor, Charalambides, Marinos, editor, and Stiller, Burkhard, editor
- Published
- 2014
- Full Text
- View/download PDF
14. HuMa: A Multi-layer Framework for Threat Analysis in a Heterogeneous Log Environment
- Author
-
Navarro, Julio, primary, Legrand, Véronique, additional, Lagraa, Sofiane, additional, François, Jérôme, additional, Lahmadi, Abdelkader, additional, De Santis, Giulia, additional, Festor, Olivier, additional, Lammari, Nadira, additional, Hamdi, Fayçal, additional, Deruyver, Aline, additional, Goux, Quentin, additional, Allard, Morgan, additional, and Parrend, Pierre, additional
- Published
- 2018
- Full Text
- View/download PDF
15. Assessing Unsupervised Machine Learning solutions for Anomaly Detection in Cloud Gaming Sessions
- Author
-
Ky, Joel Roman, primary, Mathieu, Bertrand, additional, Lahmadi, Abdelkader, additional, and Boutaba, Raouf, additional
- Published
- 2022
- Full Text
- View/download PDF
16. Multi-Attribute Monitoring for Anomaly Detection: a Reinforcement Learning Approach based on Unsupervised Reward
- Author
-
Said Frikha, Mohamed, Mettali Gammar, Sonia, Lahmadi, Abdelkader, Centre de Recherche Réseau Image SysTème Architecture et MuLtimédia (CRISTAL), École Nationale des Sciences de l'Informatique [Manouba] (ENSI), Université de la Manouba [Tunisie] (UMA)-Université de la Manouba [Tunisie] (UMA), Resilience and Elasticity for Security and ScalabiliTy of dynamic networked systems (RESIST), Inria Nancy - Grand Est, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Networks, Systems and Services (LORIA - NSS), Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), and Lahmadi, Abdelkader
- Subjects
[INFO.INFO-AI] Computer Science [cs]/Artificial Intelligence [cs.AI] ,[INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI] ,[INFO.INFO-NI] Computer Science [cs]/Networking and Internet Architecture [cs.NI] ,Deep Reinforcement Learning ,Internet of Things ,Outlier detection ,Unsupervised Learning ,[INFO.INFO-AI]Computer Science [cs]/Artificial Intelligence [cs.AI] - Abstract
International audience; This paper proposes a new method to solve the monitoring and anomaly detection problems of Low-power Internet of Things (IoT) devices. However, their performances are constrained by limited processing, memory, and communication, usually using battery-powered energy. Polling driven mechanisms for monitoring the security, performance, and quality of service of these networks should be efficient and with low overhead, which makes it particularly challenging. The present work proposes the design of a novel method based on a Deep Reinforcement Learning (DRL) algorithm coupled with an Unsupervised Learning reward technique to build a pooling monitoring of IoT networks. This combination makes the network more secure and optimizes predictions of the DRL agent in adaptive environments.
- Published
- 2021
17. Modeling and Performance Evaluation of the Network and Service Management Plane
- Author
-
Lahmadi, Abdelkader, Andrey, Laurent, Festor, Olivier, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Bandara, Arosha K., editor, and Burgess, Mark, editor
- Published
- 2007
- Full Text
- View/download PDF
18. On the Impact of Management Instrumentation Models on Web Server Performance: A JMX Case Study
- Author
-
Lahmadi, Abdelkader, Ghitescu, Anca, Andrey, Laurent, Festor, Olivier, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Bandara, Arosha K., editor, and Burgess, Mark, editor
- Published
- 2007
- Full Text
- View/download PDF
19. On Delays in Management Frameworks: Metrics, Models and Analysis
- Author
-
Lahmadi, Abdelkader, Andrey, Laurent, Festor, Olivier, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Sudan, Madhu, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Dough, Series editor, Vardi, Moshe Y., Series editor, Weikum, Gerhard, Series editor, State, Radu, editor, van der Meer, Sven, editor, O’Sullivan, Declan, editor, and Pfeifer, Tom, editor
- Published
- 2006
- Full Text
- View/download PDF
20. Caractérisation et diagnostic des applications de cloud gaming sur réseaux mobiles
- Author
-
Ky, Joël, Mathieu, Bertrand, Lahmadi, Abdelkader, Boutaba, Raouf, Orange Labs [Lannion], France Télécom, Resilience and Elasticity for Security and ScalabiliTy of dynamic networked systems (RESIST), Inria Nancy - Grand Est, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Networks, Systems and Services (LORIA - NSS), Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), David R. Cheriton School of Computer Science, University of Waterloo [Waterloo], and ANR-19-CE25-0012,MOSAICO,Orchestration multi couches pour les applications à faible latence et sécurisées(2019)
- Subjects
[INFO]Computer Science [cs] - Abstract
International audience; Low-latency applications (cloud-gaming, cloud-robotics, metaverse...) have soared with the rapid evolution of Internet. Current network capacities (especially time-varying capacity networks like 4G/5G networks) struggle to ensure user QoE (Quality of Experience). There is therefore a need to collect, identify and analyze metrics specific to low-latency applications in network equipment (switches, base stations, UEs...) for efficient troubleshooting of user QoE degradation purposes.
- Published
- 2022
21. On the Impact of Management on the Performance of a Managed System: A JMX-Based Management Case Study
- Author
-
Lahmadi, Abdelkader, Andrey, Laurent, Festor, Olivier, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Sudan, Madhu, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Dough, Series editor, Vardi, Moshe Y., Series editor, Weikum, Gerhard, Series editor, Schönwälder, Jürgen, editor, and Serrat, Joan, editor
- Published
- 2005
- Full Text
- View/download PDF
22. Computer-implemented method for testing the cybersecurity of a target environment
- Author
-
Lahmadi, Abdelkader, François, Jérôme, Beck, Frédéric, Resilience and Elasticity for Security and ScalabiliTy of dynamic networked systems (RESIST), Inria Nancy - Grand Est, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Networks, Systems and Services (LORIA - NSS), Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), and Institut National de Recherche en Informatique et en Automatique (Inria)
- Subjects
[INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI] ,[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] - Published
- 2022
23. Automatically Distributing and Updating In-Network Management Rules for Software Defined Networks
- Author
-
Abboud, Ahmad, primary, Garcia, Remi, additional, Lahmadi, Abdelkader, additional, Rusinowitch, Michael, additional, Bouhoula, Adel, additional, and Ayadi, Mondher, additional
- Published
- 2022
- Full Text
- View/download PDF
24. Multi-Attribute Monitoring for Anomaly Detection: a Reinforcement Learning Approach based on Unsupervised Reward
- Author
-
Frikha, Mohamed Said, primary, Gammar, Sonia Mettali, additional, and Lahmadi, Abdelkader, additional
- Published
- 2021
- Full Text
- View/download PDF
25. Automated mapping of CVE vulnerabilties to MITRE ATT&CK Framework
- Author
-
Baccar, Karim, Lahmadi, Abdelkader, Beck, Frédéric, Resilience and Elasticity for Security and ScalabiliTy of dynamic networked systems (RESIST), Inria Nancy - Grand Est, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Networks, Systems and Services (LORIA - NSS), Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), Service Expérimentation et Développement [Nancy] (SED), Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), Tekup, and Khaled Jerbi
- Subjects
Machine Learning ,[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] ,Deep Learning ,[INFO]Computer Science [cs] ,[INFO.INFO-NE]Computer Science [cs]/Neural and Evolutionary Computing [cs.NE] ,MITRE ATT&CK ,Natural Language Processing ,[INFO.INFO-AI]Computer Science [cs]/Artificial Intelligence [cs.AI] - Abstract
National audience; This report is the synthesis of our work carried out within the INRIA research laboratory. The main objective of this project is to automate the mapping of the vulnerability database of MITRE CVE to the MITRE ATT&CK framework which is a set of knowledge base of tactics and techniques used incomputer attacks. We implemented in this project an approach which is based on machine learning, as well as Natural Language Processing(NLP) to be able to process the textual data of the vulnerabilities and thus classify them through a classification algorithm. We also detailed the techniques used such as the pre-processing and post-processing methods implemented in order to improve the datasets quality and to therefore improve the prediction performance.; Ce rapport est le synthèse de notre travail réalisé au sein du Laboratoire de recherche INRIA. L’objectif principal de ce projet est d’automtiser le mapping de la base de données de vulnerabilités de MITRE CVE vers le framework MITRE ATT&CK qui est un ensemble de base de connaissances des tactiques et techniques utilisées dans les attaques informatique. Nous avons implémenté dans ce projet une approche qui sera basée sur l’apprentissage automatique ainsi que les techniques de traitement automatique de langues (NLP) pour pouvoir traiter les données textuelles des vulnerabilités et les classifier a travers un algorithme de classification. Nous avons également détaillé la méthodologie utilisée ainsi que lestraitements appliqués afin d’analyser les jeux de données et améliorer la prédiction.
- Published
- 2021
26. TANGLED: A Cooperative Anycast Testbed
- Author
-
Bertholdo, Leandro Marcio, Ceron, Joao Marcelo, de Vries, Wouter B., Schmitt, Ricardo de O., Granville, Lisandro Zambenedetti, van Rijswijk - Deij, Roland Martijn, Pras, Aiko, Ahmed, Toufik, Festor, Olivier, Ghamri-Doudane, Yacine, Kang, Joon-Myung, Schaeffer-Filho, Alberto E., Lahmadi, Abdelkader, Madeira, Edmundo, Design and Analysis of Communication Systems, and Digital Society Institute
- Subjects
Routing Management ,Testing networks ,ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS ,Configuration Management ,22/1 OA procedure ,Anycast Network ,Network Measurement - Abstract
Anycast routing has attracted interest in recent years as a technology for CDNs and anti-DDoS services. Most anycast studies conducted in the past relied on coarse measurement data, or are subjected to the collaboration of a global player affecting the experiment flexibility. In this paper, we present TANGLED, an anycast testbed where researchers can run experiments and better understand the impacts of their proposals on a global infrastructure. We also share our hand-on experience validating transit providers routing configurations. Our testbed offers a flexible and complete testing environment to evaluate the routing behavior of anycast networks in the wild. We provided tools that allow users to customize and reconFigure the anycast network, perform experiments, do active measurements, and collect data by using a platform specially designed for. The deployed infrastructure was designed to create industry and academy cooperation. TANGLED enables researchers to answer your research questions while allows transit providers to validate the implementation of complex routing agreements.
- Published
- 2021
27. HSL: a Cyber Security Research Facility for Sensitive Data Experiments
- Author
-
Beck, Frédéric, Lahmadi, Abdelkader, François, Jérôme, Inria Nancy - Grand Est, Institut National de Recherche en Informatique et en Automatique (Inria), Resilience and Elasticity for Security and ScalabiliTy of dynamic networked systems (RESIST), Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Networks, Systems and Services (LORIA - NSS), Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL), This work was supported in part by the CPER funding, and the ThreatPredict project funded by NATO., Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), and Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)
- Subjects
reproducible experiments ,[INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI] ,[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] ,cybersecurity ,research facility - Abstract
International audience; Cybersecurity experiments that involve private data or malware samples require controlled environments and an appropriate facility to collect and characterise them, or understand their operations without compromising the security of these data and the hosting institution. Using such facilities allows the researchers to carry reproducible and long term research activities in a safe environment, without worrying about side effects or loss of data. In this paper, we detail the design of a cybersecurity facility to carry such experiments, including malware collection and analysis, network telescopes and honeypots, or hosting critical services. The facility, aka High Security Lab (HSL), is running since 2010, and is widely used by multiple research groups to carry sensitive data cybersecurity experiments. It includes an evolving infrastructure with tools and processes for building and running long-term and reproducible cyber security experiments. We report on our experience and lessons learned from the design, the setup and the evolution of this facility during 10 years while focusing on major cybersecurity experiments that have been conducted by researchers.
- Published
- 2021
28. Practical security analysis of IoT devices
- Author
-
Lahmadi, Abdelkader, Beck, Frédéric, Resilience and Elasticity for Security and ScalabiliTy of dynamic networked systems (RESIST), Inria Nancy - Grand Est, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Networks, Systems and Services (LORIA - NSS), Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL), Institut National de Recherche en Informatique et en Automatique (Inria), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), and Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)
- Subjects
[INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI] ,[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] ,ComputingMilieux_MISCELLANEOUS - Abstract
International audience
- Published
- 2021
29. BRAINS 2020 special issue: Blockchain research and applications for innovative networks and services
- Author
-
Lahmadi, Abdelkader, primary, Bertin, Emmanuel, additional, and Li, Ruidong, additional
- Published
- 2021
- Full Text
- View/download PDF
30. Reinforcement and deep reinforcement learning for wireless Internet of Things: A survey
- Author
-
Frikha, Mohamed Said, primary, Gammar, Sonia Mettali, additional, Lahmadi, Abdelkader, additional, and Andrey, Laurent, additional
- Published
- 2021
- Full Text
- View/download PDF
31. Automated Orchestration of Security Chains Driven by Process Learning*
- Author
-
Schnepf, Nicolas, primary, Badonnel, Rémi, additional, Lahmadi, Abdelkader, additional, and Merz, Stephan, additional
- Published
- 2021
- Full Text
- View/download PDF
32. Outsourcing Mobile Security in the Cloud
- Author
-
Hurel, Gaëtan, primary, Badonnel, Rémi, additional, Lahmadi, Abdelkader, additional, and Festor, Olivier, additional
- Published
- 2014
- Full Text
- View/download PDF
33. CONTAIN: Privacy-oriented Contact Tracing Protocols for Epidemics
- Author
-
Ahmed, Toufik, Festor, Olivier, Ghamri-Doudane, Yacine, Kang, Joon-Myung, Schaeffer-Filho, Alberto E., Lahmadi, Abdelkader, Madeira, Edmundo, Hekmati, Arvin, Ramachandran, Gowri, Krishnamachari, Bhaskar, Ahmed, Toufik, Festor, Olivier, Ghamri-Doudane, Yacine, Kang, Joon-Myung, Schaeffer-Filho, Alberto E., Lahmadi, Abdelkader, Madeira, Edmundo, Hekmati, Arvin, Ramachandran, Gowri, and Krishnamachari, Bhaskar
- Abstract
Public health agencies advocate the use of contact tracing procedures to deal with pandemics such as COVID-19 to prevent the infection of a vast population. Although several mobile applications have been developed previously for contact tracing, they typically require collection of privacy-intrusive information such as GPS locations, personal data, or require infrastructures such as WiFi APs. In this paper, we introduce CONTAIN, an early proposal for privacy-sensitive contact tracing. CONTAIN is a privacy-oriented bluetooth-based mobile digital contact tracing framework that does not rely on any infrastructure-based location sensing, nor the continuous logging of personally identifiable information. The goal of CONTAIN is to allow users to determine with complete privacy if and when they have been within a short distance of someone that is infected. We identify and prove the privacy guarantees provided by CONTAIN. We also present a simulation study utilizing an empirical trace dataset which shows that users can maximize their possibility of identifying if they were near an infected user by turning on the app in more crowded settings.
- Published
- 2021
34. Efficient Distribution of Security Policy Filtering Rules in Software Defined Networks
- Author
-
Abboud, Ahmad, primary, Garcia, Remi, additional, Lahmadi, Abdelkader, additional, Rusinowitch, Michael, additional, and Bouhoula, Adel, additional
- Published
- 2020
- Full Text
- View/download PDF
35. R2-D2: Filter Rule set Decomposition and Distribution in Software Defined Networks
- Author
-
Abboud, Ahmad, primary, Garcia, Remi, additional, Lahmadi, Abdelkader, additional, Rusinowitch, Michael, additional, and Bouhoula, Adel, additional
- Published
- 2020
- Full Text
- View/download PDF
36. Management Plane for Differential Privacy Preservation Through Smart Contracts
- Author
-
Khan, Nida, primary, Lahmadi, Abdelkader, additional, Kraussl, Zsofia, additional, and State, Radu, additional
- Published
- 2020
- Full Text
- View/download PDF
37. Leveraging Reinforcement Learning for Adaptive Monitoring of Low-Power IoT Networks
- Author
-
Frikha, Mohamed Said, primary, Lahmadi, Abdelkader, additional, Gammar, Sonia Mettali, additional, and Andrey, Laurent, additional
- Published
- 2020
- Full Text
- View/download PDF
38. Detecting a Stealthy Attack in Distributed Control for Microgrids using Machine Learning Algorithms
- Author
-
Ma, Mingxiao, primary, Lahmadi, Abdelkader, additional, and Chrisment, Isabelle, additional
- Published
- 2020
- Full Text
- View/download PDF
39. Double Mask: An Efficient Rule Encoding for Software Defined Networking
- Author
-
Abboud, Ahmad, primary, Lahmadi, Abdelkader, additional, Rusinowitch, Michael, additional, Couceiro, Miguel, additional, Bouhoulal, Adel, additional, and Avadi, Mondher, additional
- Published
- 2020
- Full Text
- View/download PDF
40. On the Impact of Management Instrumentation Models on Web Server Performance: A JMX Case Study
- Author
-
Lahmadi, Abdelkader, primary, Ghitescu, Anca, additional, Andrey, Laurent, additional, and Festor, Olivier, additional
- Published
- 2007
- Full Text
- View/download PDF
41. On the Impact of Management on the Performance of a Managed System: A JMX-Based Management Case Study
- Author
-
Lahmadi, Abdelkader, primary, Andrey, Laurent, additional, and Festor, Olivier, additional
- Published
- 2005
- Full Text
- View/download PDF
42. Minimizing Range Rules for Packet Filtering Using a Double Mask Representation
- Author
-
Abboud, Ahmad, Lahmadi, Abdelkader, Rusinowitch, Michaël, Couceiro, Miguel, Bouhoula, Adel, Resilience and Elasticity for Security and ScalabiliTy of dynamic networked systems (RESIST), Inria Nancy - Grand Est, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Networks, Systems and Services (LORIA - NSS), Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), Proof techniques for security protocols (PESTO), Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Formal Methods (LORIA - FM), Knowledge representation, reasonning (ORPAILLEUR), Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Natural Language Processing & Knowledge Discovery (LORIA - NLPKD), and Ecole supérieure des communications de Tunis (SUP'COM [TUNIS])
- Subjects
Computer Science::Sound ,Astrophysics::Instrumentation and Methods for Astrophysics ,[INFO]Computer Science [cs] - Abstract
International audience; In this work, we introduce a novel representation of packet filtering rules, so called double masks, where the first mask is used as an inclusion prefix and the second one for exclusion. An efficient algorithm is developed to compute a set of double masks for a given range.
- Published
- 2019
43. Rule-Based Synthesis of Chains of Security Functions for Software-Defined Networks
- Author
-
Schnepf, Nicolas, Badonnel, Rémi, Lahmadi, Abdelkader, Merz, Stephan, Resilience and Elasticity for Security and ScalabiliTy of dynamic networked systems (RESIST), Inria Nancy - Grand Est, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Networks, Systems and Services (LORIA - NSS), Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL), Modeling and Verification of Distributed Algorithms and Systems (VERIDIS), Max-Planck-Institut für Informatik (MPII), Max-Planck-Gesellschaft-Max-Planck-Gesellschaft-Inria Nancy - Grand Est, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Formal Methods (LORIA - FM), Proof-oriented development of computer-based systems (MOSEL), Department of Formal Methods (LORIA - FM), Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Institut National de Recherche en Informatique et en Automatique (Inria), Management of dynamic networks and services (MADYNES), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), and Badonnel, Rémi
- Subjects
[INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI] ,Security Management ,[INFO.INFO-NI] Computer Science [cs]/Networking and Internet Architecture [cs.NI] ,[INFO.INFO-FL]Computer Science [cs]/Formal Languages and Automata Theory [cs.FL] ,Android ,Rule-Based Programming ,Rule- Based Programming ,An- droid ,Software-Defined Networking - Abstract
Software-defined networks (SDN) offer a high degree of programmability for handling and forwarding packets. In particular, they allow network administrators to combine different security functions, such as firewalls, intrusion detection systems, and external services, into security chains designed to prevent or mitigate attacks against end user applications. These chains can benefit from formal techniques for their automated construction and verification. We propose in this paper a rule-based system for automating the composition and configuration of such chains for Android applications. Given the network characterization of an application and the set of permissions it requires, our rules construct an abstract representation of a custom security chain. This representation is then translated into a concrete implementation of the chain in pyretic, a domain-specific language for programming SDN controllers. We prove that the chains produced by our rules satisfy a number of correctness properties such as the absence of black holes or loops, and shadowing freedom, and that they are coherent with the underlying security policy., Electronic Communications of the EASST, Volume 76: Automated Verification of Critical Systems 2018 (AVoCS 2018)
- Published
- 2019
- Full Text
- View/download PDF
44. Minimizing Range Rules for Packet Filtering Using Double Mask Representation
- Author
-
Abboud, Ahmad, Lahmadi, Abdelkader, Rusinowitch, Michaël, Couceiro, Miguel, Bouhoula, Adel, Awainia, Saif El Hakk, Ayadi, Mondher, Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), Resilience and Elasticity for Security and ScalabiliTy of dynamic networked systems (RESIST), Inria Nancy - Grand Est, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Networks, Systems and Services (LORIA - NSS), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), Proof techniques for security protocols (PESTO), Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Formal Methods (LORIA - FM), Knowledge representation, reasonning (ORPAILLEUR), Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Natural Language Processing & Knowledge Discovery (LORIA - NLPKD), Ecole supérieure des communications de Tunis (SUP'COM [TUNIS]), and NUMERYX
- Subjects
[INFO]Computer Science [cs] - Abstract
Packet filtering is widely used in multiple networking appliances and applications, in particular, to block malicious traffic (protect network infrastructures through fire-walls and intrusion detection systems) and to be deployed on routers, switches and load balancers for packet classification. This mechanism relies on the packet's header fields to filter such traffic by using range rules of IP addresses or ports. However, the set of packet filters has to handle a growing number of connected nodes and many of them are compromised and used as sources of attacks. For instance, IP filter sets available in blacklists may reach several millions of entries, and may require large memory space for their storage in filtering appliances. In this paper, we propose a new method based on a double mask IP prefix representation together with a linear transformation algorithm to build a minimized set of range rules. We define formally the double mask representation over range rules and we prove that the number of required masks for any range is at most 2w − 4, where w is the length of a field. This representation makes the network more secure, reliable and easy to maintain and configure. We define formally the double mask representation over range rules. We show empirically that the proposed method achieves an average compression ratio of 11% on real-life blacklists and up to 74% on synthetic range rule sets.Finally, we add support of double mask into a real SDN network.
- Published
- 2019
45. Automated Factorization of Security Chains in Software-Defined Networks
- Author
-
Schnepf, Nicolas, Badonnel, Rémi, Lahmadi, Abdelkader, Merz, Stephan, Resilience and Elasticity for Security and ScalabiliTy of dynamic networked systems (RESIST), Inria Nancy - Grand Est, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Networks, Systems and Services (LORIA - NSS), Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), Modeling and Verification of Distributed Algorithms and Systems (VERIDIS), Max-Planck-Institut für Informatik (MPII), Max-Planck-Gesellschaft-Max-Planck-Gesellschaft-Inria Nancy - Grand Est, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Formal Methods (LORIA - FM), Proof-oriented development of computer-based systems (MOSEL), Department of Formal Methods (LORIA - FM), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Inria Nancy - Grand Est, Institut National de Recherche en Informatique et en Automatique (Inria)-Max-Planck-Institut für Informatik (MPII), and Max-Planck-Gesellschaft-Max-Planck-Gesellschaft
- Subjects
[INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI] ,Security Management ,Merging Methods ,Software-Defined Networking ,Chain Synthesis - Abstract
International audience; Software-defined networking (SDN) offers new perspectives with respect to the programmability of networks and services. In particular in the area of security management, it may serve as a support for building and deploying security chains in order to protect devices that may have limited resources. These security chains are typically composed of different security functions, such as firewalls, intrusion detection systems, or data leakage prevention mechanisms. In previous work, we suggested the use of techniques for learning automata as a basis for generating security chains. However, the complexity and the high number of these chains induce significant deployment and orchestration costs. In this paper, we propose and evaluate algorithms for merging and simplifying these security chains in software-defined networks, while keeping acceptable accuracy. We first describe the overall system supporting the generation and factorization of the security chains. We then present the different algorithms supporting their merging, and finally we evaluate the solution through an extensive set of experiments.
- Published
- 2019
46. A Tool Suite for the Automated Synthesis of Security Function Chains
- Author
-
Schnepf, Nicolas, Badonnel, Rémi, Lahmadi, Abdelkader, Merz, Stephan, Resilience and Elasticity for Security and ScalabiliTy of dynamic networked systems (RESIST), Inria Nancy - Grand Est, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Networks, Systems and Services (LORIA - NSS), Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL), Modeling and Verification of Distributed Algorithms and Systems (VERIDIS), Max-Planck-Institut für Informatik (MPII), Max-Planck-Gesellschaft-Max-Planck-Gesellschaft-Inria Nancy - Grand Est, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Formal Methods (LORIA - FM), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), and Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)
- Subjects
[INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI] - Abstract
International audience; Software-defined networking may serve as a support for the elaboration of security chains capable of protecting end-userdevices. These chains may be composed of different security functions, such as firewalls and intrusion detection systems.This demonstration showcases a tool suite for automating such a generation, from the learning of the behavior of applications, to the factoring and instanciation of security chains.
- Published
- 2019
47. Verifying Security Requirements of an IoT device using SCUBA Tool Suite
- Author
-
Beck, Frédéric, François, Jérôme, Lacour, Thomas, Lahmadi, Abdelkader, Service Expérimentation et Développement [Nancy] (SED), Inria Nancy - Grand Est, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), Resilience and Elasticity for Security and ScalabiliTy of dynamic networked systems (RESIST), Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Networks, Systems and Services (LORIA - NSS), Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), Inria Nancy - Grand Est (Villers-lès-Nancy, France), In collaboration with Red Alert Labs, Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL), and Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Institut National de Recherche en Informatique et en Automatique (Inria)
- Subjects
[INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI] ,[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] - Published
- 2018
48. Security Analysis of Internet of Things Devices: Hands-on lab
- Author
-
Lahmadi, Abdelkader, Beck, Frédéric, Resilience and Elasticity for Security and ScalabiliTy of dynamic networked systems (RESIST), Inria Nancy - Grand Est, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Networks, Systems and Services (LORIA - NSS), Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), Laboratoire de Haute Sécurité (LHS - Inria), Institut National de Recherche en Informatique et en Automatique (Inria)-Direction générale de l'Armement (DGA), and Institut National de Recherche en Informatique et en Automatique (Inria)
- Subjects
[INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI] ,ComputingMilieux_MISCELLANEOUS - Abstract
International audience
- Published
- 2018
49. OMMA: open architecture for Operator-guided Monitoring of Multi-step Attacks
- Author
-
LAGRAA, Sofiane, FRANÇOIS, Jérôme, LAHMADI, Abdelkader, DE SANTIS, Giulia, FESTOR, Olivier, LAMMARI, Nadira, HAMDI, Fayçal, GOUX, Quentin, ALLARD, Morgan, NAVARRO, Julio, LEGRAND, Véronique, DERUYVER, Aline, PARREND, Pierre, Sécurité Défense, Research Team, Laboratoire des sciences de l'ingénieur, de l'informatique et de l'imagerie (ICube), École Nationale du Génie de l'Eau et de l'Environnement de Strasbourg (ENGEES)-Université de Strasbourg (UNISTRA)-Institut National des Sciences Appliquées - Strasbourg (INSA Strasbourg), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Les Hôpitaux Universitaires de Strasbourg (HUS)-Centre National de la Recherche Scientifique (CNRS)-Matériaux et Nanosciences Grand-Est (MNGE), Université de Strasbourg (UNISTRA)-Université de Haute-Alsace (UHA) Mulhouse - Colmar (Université de Haute-Alsace (UHA))-Institut National de la Santé et de la Recherche Médicale (INSERM)-Institut de Chimie du CNRS (INC)-Centre National de la Recherche Scientifique (CNRS)-Université de Strasbourg (UNISTRA)-Université de Haute-Alsace (UHA) Mulhouse - Colmar (Université de Haute-Alsace (UHA))-Institut National de la Santé et de la Recherche Médicale (INSERM)-Institut de Chimie du CNRS (INC)-Centre National de la Recherche Scientifique (CNRS)-Réseau nanophotonique et optique, Université de Strasbourg (UNISTRA)-Université de Haute-Alsace (UHA) Mulhouse - Colmar (Université de Haute-Alsace (UHA))-Centre National de la Recherche Scientifique (CNRS)-Université de Strasbourg (UNISTRA)-Centre National de la Recherche Scientifique (CNRS), Centre d'études et de recherche en informatique et communications (CEDRIC), Ecole Nationale Supérieure d'Informatique pour l'Industrie et l'Entreprise (ENSIIE)-Conservatoire National des Arts et Métiers [CNAM] (CNAM), HESAM Université - Communauté d'universités et d'établissements Hautes écoles Sorbonne Arts et métiers université (HESAM)-HESAM Université - Communauté d'universités et d'établissements Hautes écoles Sorbonne Arts et métiers université (HESAM), Institut National des Sciences Appliquées - Strasbourg (INSA Strasbourg), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Strasbourg (UNISTRA)-Centre National de la Recherche Scientifique (CNRS)-École Nationale du Génie de l'Eau et de l'Environnement de Strasbourg (ENGEES)-Réseau nanophotonique et optique, Centre National de la Recherche Scientifique (CNRS)-Université de Strasbourg (UNISTRA)-Université de Haute-Alsace (UHA) Mulhouse - Colmar (Université de Haute-Alsace (UHA))-Centre National de la Recherche Scientifique (CNRS)-Université de Strasbourg (UNISTRA)-Université de Haute-Alsace (UHA) Mulhouse - Colmar (Université de Haute-Alsace (UHA))-Matériaux et nanosciences d'Alsace (FMNGE), Institut de Chimie du CNRS (INC)-Université de Strasbourg (UNISTRA)-Université de Haute-Alsace (UHA) Mulhouse - Colmar (Université de Haute-Alsace (UHA))-Institut National de la Santé et de la Recherche Médicale (INSERM)-Centre National de la Recherche Scientifique (CNRS)-Institut de Chimie du CNRS (INC)-Université de Strasbourg (UNISTRA)-Institut National de la Santé et de la Recherche Médicale (INSERM)-Centre National de la Recherche Scientifique (CNRS), HESAM Université (HESAM)-HESAM Université (HESAM), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Centre National de la Recherche Scientifique (CNRS)-Matériaux et nanosciences d'Alsace (FMNGE), Institut de Chimie du CNRS (INC)-Université de Strasbourg (UNISTRA)-Université de Haute-Alsace (UHA) Mulhouse - Colmar (Université de Haute-Alsace (UHA))-Institut National de la Santé et de la Recherche Médicale (INSERM)-Centre National de la Recherche Scientifique (CNRS)-Institut de Chimie du CNRS (INC)-Université de Strasbourg (UNISTRA)-Université de Haute-Alsace (UHA) Mulhouse - Colmar (Université de Haute-Alsace (UHA))-Institut National de la Santé et de la Recherche Médicale (INSERM)-Centre National de la Recherche Scientifique (CNRS)-Réseau nanophotonique et optique, and Centre National de la Recherche Scientifique (CNRS)-Université de Strasbourg (UNISTRA)-Université de Haute-Alsace (UHA) Mulhouse - Colmar (Université de Haute-Alsace (UHA))-Centre National de la Recherche Scientifique (CNRS)-Université de Strasbourg (UNISTRA)
- Subjects
lcsh:Computer engineering. Computer hardware ,Process (engineering) ,Computer science ,[SHS.SOCIO] Humanities and Social Sciences/Sociology ,Distributed computing ,[SHS.INFO]Humanities and Social Sciences/Library and information sciences ,0211 other engineering and technologies ,lcsh:TK7885-7895 ,02 engineering and technology ,computer.software_genre ,lcsh:QA75.5-76.95 ,[SHS.INFO] Humanities and Social Sciences/Library and information sciences ,[SHS]Humanities and Social Sciences ,Set (abstract data type) ,Multi-stage attacks ,0202 electrical engineering, electronic engineering, information engineering ,Open architecture ,Event correlation ,021110 strategic, defence & security studies ,[SHS.SOCIO]Humanities and Social Sciences/Sociology ,biology ,Collaborative engineering ,Ant colony optimization algorithms ,020206 networking & telecommunications ,Network security ,biology.organism_classification ,Networksecurity ,[SHS.SCIPO]Humanities and Social Sciences/Political science ,Computer Science Applications ,Signal Processing ,Intrusion detection systems ,Malware ,[SHS.GESTION]Humanities and Social Sciences/Business administration ,lcsh:Electronic computers. Computer science ,[SHS] Humanities and Social Sciences ,[SHS.GESTION] Humanities and Social Sciences/Business administration ,Omma ,computer ,[SHS.SCIPO] Humanities and Social Sciences/Political science ,Advanced persistent threats - Abstract
International audience; Current attacks are complex and stealthy. The recent WannaCry malware campaign demonstrates that this is true notonly for targeted operations, but also for massive attacks. Complex attacks can only be described as a set ofindividual actions composing a global strategy. Most of the time, different devices are involved in the same attackscenario. Information about the events recorded in these devices can be collected in the shape of logs in a centralsystem, where an automatic search of threat traces can be implemented. Much has been written about automaticevent correlation to detect multi-step attacks but the proposed methods are rarely brought together in the sameplatform. In this paper, we propose OMMA (Operator-guided Monitoring of Multi-step Attacks), an open andcollaborative engineering system which offers a platform to integrate the methods developed by the multi-stepattack detection research community. Inspired by a HuMa access (Navarro et al., HuMa: A multi-layer framework forthreat analysis in a heterogeneous log environment, 2017) and Knowledge and Information Logs-based System(Legrand et al., Vers une architecture «big-data» bio-inspirée pour la détection d’anomalie des SIEM, 2014) systems,OMMA incorporates real-time feedback from human experts, so the integrated methods can improve theirperformance through a learning process. This feedback loop is used by Morwilog, an Ant Colony Optimization-basedanalysis engine that we show as one of the first methods to be integrated in OMMA.
- Published
- 2018
50. SPONGE: Software-Defined Traffic Engineering to Absorb Influx of Network Traffic
- Author
-
Henry, Benoit, primary, Chowdhury, Shihabur Rahman, additional, Lahmadi, Abdelkader, additional, Azais, Romain, additional, Francois, Jerome, additional, and Boutaba, Raouf, additional
- Published
- 2019
- Full Text
- View/download PDF
Catalog
Discovery Service for Jio Institute Digital Library
For full access to our library's resources, please sign in.