Overall Objectives
Research Program
Application Domains
New Software and Platforms
Bilateral Contracts and Grants with Industry
Partnerships and Cooperations
Bibliography
 PDF e-Pub

## Section: Bilateral Contracts and Grants with Industry

### Bilateral Grants with Industry

• Amossys: “Evaluation of intrusion detection mechanisms”

The PhD of Georges Bossert is done in the context of a CIFRE contract with the SME Amossys (http://www.amossys.fr/ ). His work consists in proposing new approaches for protocol reverse-engineering. He developed Netzob, a tool dedicated to this task. The goal is to use this tool to generate realistic traffic during IDS assessment. In 2013, Georges has developed two important improvements of the protocol inference process he previously proposed. First, he improved the message format reverse engineering phase. Unlike previous work, our approach uses contextual information and its semantic definition as a key parameter in both the processes of message clustering and field partitioning. We can also detect complex linear and nonlinear relationships between value, size and offset of message fields using correlation-based filtering. Besides, our multi-step pre-clustering phase reduces the required computation time of the main clustering phase. These results have been presented in an article that is under review. The second aspect of his work consisted in enhancing the grammar inference phase. He proposed a new approach that combines passive and active algorithms to infer protocol grammars. This approach also relies on grammar decompositions. Thus, he decreased inference time by using an action-based sequential decomposition and we took into account background noise by using a parallel decomposition. The PhD defense of Georges Bossert was held in December 2014.

• Orange Labs: “Data persistence and consistency in ISP infrastructures”

Pierre Obame is doing his PhD thesis in the context of a CIFRE contract with Orange Labs at Rennes. Pierre Obame has proposed a distributed storage system called Mistore, dedicated to users who access Internet via a Digital Subscriber Line (DSL) technology. This system aims at guaranteeing data availability, persistence, and low access latency by leveraging millions of home gateways and the hundreds of Points of Presence (POP) of an Internet Service Provider (ISP) infrastructure. Pierre Obame has also proposed a mathematical framework for defining both strong and weak consistency criteria within the same formalism. These criteria are offered by Mistore to its clients when they manipulate their data. Pierre Obame, whose PhD thesis is planned to terminate in February 2015, is in the process of writing his PhD manuscript so as to defend it by April 2015.

• Orange Labs: “Privacy-preserving location-based services”

Solenn Brunet has started her PhD thesis since 2014 within the context of a CIFRE contract with Orange Labs Caen. Her PhD subject concerns the development of privacy-preserving location-based services that are able to personalize the service provided to the user according to his current position while preserving his location privacy. In particular, Solenn will adapt existing cryptographic primitives (private information retrieval, secure multiparty computation, secure set intersection, $...$) or design novel ones to use them as building blocks for the construction of these privacy-preserving location-based services.

• DGA-MI: “Security events visualization”

The PhD of Christopher Humphries on visualization is done in the context of a cooperation with DGA-MI. The objective is to propose new visulization mechanisms dedicated to the analysis of security events, for instance for forensic purposes. The CORGI tool presented earlier in this documents is the most recent contribution to this contract.

• DGA-MI: “Alerts correlation taking the context into account”

The PhD of Erwan Godefroy is done in the context of a cooperation with DGA-MI. This PhD started in November 2012. The current work consists in the automatic generation of alert correlation rules in the context of deployed distributed systems. The correlation rules aim at being used by our GnG correlation system.