Research domains
Intrusion detection

By exploiting vulnerabilities in operating systems, applications, or network services, an attacker can defeat the preventive security mechanisms and violate the security policy of the whole system. The goal of intrusion detection systems (IDS) is to be able to detect, by analyzing some data generated on a monitored system, violations of the security policy. From our point of view, while useful in practice, misuse detection is intrinsically limited. Indeed, it requires to update the signatures database in real-time similarly to what has to be done for antivirus tools. Given that there are thousands of machines that are every day victims of malware, such an approach may appear as insufficient especially due to the incredible expansion of malware, drastically limiting the capabilities of human intervention and response. The CIDRE group takes the alternative approach, i.e. the anomaly approach, which consists in detecting a deviation from a referenced behavior. Specifically, we propose to study two complementary methods, namely Illegal Flow detection and Data Corruption detection.

Privacy Protection

In our world of ubiquitous technologies, each individual constantly leaves digital traces related to his activities and interests which can be linked to his identity. In forthcoming years, the protection of privacy is one of the greatest challenge that lies ahead and also an important condition for the development of the Information Society. Moreover, due to legality and confidentiality issues, problematics linked to privacy emerge naturally for applications working on sensitive data, such as medical records of patients or proprietary datasets of enterprises. Privacy Enhancing Technologies (PETs) are generally designed to respect both the principles of data minimization and data sovereignty. The data minimization principle states that only the information necessary to complete a particular application should be disclosed (and no more). This principle is a direct application of the legitimacy criteria defined by the European data protection directive (Article 7). The data sovereignty principle states that data related to an individual belong to him and that he should stay in control of how this data is used and for which purpose. This principle can be seen as an extension of many national legislations on medical data that consider that a patient record belongs to the patient, and not to the doctors that create or update it, nor to the hospital that stores it. In the CIDRE project, we will investigate PETs that are generally based on a mix of different foundations such as cryptographic techniques, security policies and access control mechanisms just to name a few. Examples of domains where privacy and utility aspects collide and that will be studied within the context of CIDRE include: identity and privacy, geo-privacy, distributed computing and privacy, privacy-preserving data mining and privacy issues in social networks.

Trust management

While the distributed computing community relies on the trustworthiness of its algorithms to ensure systems availability, the security community historically makes the hypothesis of a Trusted Computing Base (TCB) that contains the security mechanisms (such as access controls, and cryptography) that implement the security policy. Unfortunately, as information systems get increasingly complex and open, the TCB management may itself get very complex, dynamic and error-prone. From our point of view, an appealing approach is to distribute and manage the TCB on each node and to leverage the trustworthiness of the distributed algorithms in order to strengthen each node’s TCB.

Digital reputation has recently emerged as a promising approach to cope with the specificities of large scale and dynamic systems. Briefly, reputation stimulates the development of relationship among trustworthy entities, while discouraging them in presence of untrustworthy entities. Specifically, a reputation mechanism expresses a collective opinion about some target entity by gathering and aggregating feedbacks about the past behavior of that target entity. The derived reputation score is used to help entities to decide whether an interaction with that entity is conceivable or not. To be considered as a valuable tool for trust assessment, a reputation mechanism has to be itself robust against adversity. In other words, reputation must have the ability to self-heal or at least to self-protect against undesirable behavior that may jeopardize users security.

 Current research projects

  • SECCLOUD (Labex Cominlabs 2012-2015)
  • POSEIDON (Labex Cominlabs 2012-2015)
  • Droit à l’Oubli (GIP Justice 2012-2014)
  • CAPPRIS (AE Inria 2012-2016)
  • AMORES (ANR INS 2011-2015)
  • LYRICS (ANR INS 2011-2014)

Current transfer activities

  • Orange Labs (PhD of Pierre Obame Meye, 2012-2015)
  • Technicolor (PhD of Romaric Ludinard, 2011-2014)
  • CEA (PhD of Mounir Assaf, 2011-2014)
  • Amossys (PhD of Georges Bossert, 2010-2013)
  • DGA:
    • AFSPC, 2012-2013
    • PREVA, 2011-2013
    • PhD of Geoffroy Guéguen, 2012-2015
    • PhD of Christopher Humphries, 2011-2014
    • PhD of Thomas Demongeot, 2008-2013

Former research projects

  • DALI (ANR Arpege 2009-2012)
  • POLUX (ANR SETIN 2007-2011)
  • PLACID (ANR SETIN 2007-2011)
  • LISE (ANR SeSur 2008-2011)

Comments are closed.