- Enhancing security investigations with exploration recommendation
Romain Brisse, Frédéric Majorczyk, Simon Boche, Jean-François Lalande
Toulouse Hacking Convention 2022 - DaViz: Visualization for android malware datasets
Tomás Concepción Miranda, Jean-Francois Lalande, Valérie Viet Triem Tong, Pierre Wilke
Rendez-Vous de La Recherche et de l'Enseignement de La Sécurité Des Systèmes d'Information 2022 ABS
With millions of android malware samples available, researchers have a large amount of data to perform malware detection and classification, specially with the help of machine learning. thus far, visualization tools focus on single samples or one-to-many comparison, but not a many-to-many approach. in order to exploit the quantity of data from various datasets to obtain meaningful information, we propose daviz, a visualization tool for android malware datasets. with the aid of multiple chart types and interactive sample filtering, users can explore different application datasets and compare them. this new tool allows to get a better understanding of the datasets at hand, and help to continue research by narrowing the samples to those of interest based on selected characteristics.
- Preventing serialization vulnerabilities through transient field detection
Pierre Graux, Jean-François Lalande, Valérie Viet Triem Tong, Pierre Wilke
The 36th ACM/SIGAPP Symposium On Applied Computing ACM Press 2021 doi - KRAKEN: a knowledge-based recommender system for Analysts, to kick exploration up a Notch
Romain Brisse, Simon Boche, Frédéric Majorczyk, Jean-François Lalande
vol. 13195 14th International Conference on Security for Information Technology and Communications Springer Berlin / Heidelberg 2021 doi ABS
During a computer security investigation, a security analyst has to explore the logs available to understand what happened in the compromised system. for such tasks, visual analysis tools have been developed to help with log exploration. they provide visualisations of aggregated logs, and help navigate data efficiently. however, even using visualisation tools, the task can still be difficult and tiresome. the amount and the numerous dimensions of the logs to analyse, the potential stealthiness and complexity of the attack may end with the analyst missing some parts of an attack. we offer to help the analyst finding the logs where her expertise is needed rapidly and efficiently. we design a recommender system called kraken that links knowledge coming from advanced attack descriptions into a visual analysis tool to suggest exploration paths. kraken confronts real world adversary knowledge with the investigated logs to dynamically provide relevant parts of the dataset to explore. to evaluate kraken we conducted a user study with seven security analysts. using our system, they investigated a dataset from the darpa containing different advanced persistent threat attacks. the results and comments of the security analysts show the usability and usefulness of the recommender system.
- Isolating malicious code in Android malware in the wild
Valérie Viet Triem Tong, Cédric Herzog, Tomás Concepción Miranda, Pierre Graux, Jean-François Lalande, Pierre Wilke
14th International Conference on Malicious and Unwanted Software IEEE Computer society 2019 ABS
A malicious android application often consists of a benign part which is the body of the application, and a malicious part that is added later, by repackaging. fast and efficient analysis of android malware depends on the ana-lyst's ability to quickly locate malicious code and have a clear representation of it. to do this, the analysis tools must allow the suspicious code to be quickly located and isolated from the rest of the application. in this article, we propose in a first part to synthesize recent works from the literature and to refresh older research works in order to highlight the discriminating characteristics of malicious code. then, we propose a heuristic to reveal the suspicious methods of an android application by static analysis. finally, we discuss an algorithm to recover the malicious graft. this graft should contain the methods considered suspicious as well as the code calling these suspicious methods.
- Orchestrating android malware experiments
Jean-François Lalande, Pierre Graux, Tomás Miranda Concepción
27th IEEE International Symposium on the Modeling, Analysis, and Simulation of Computer and Telecommunication Systems IEEE Computer Society 433-4342019 doi ABS
Experimenting with android malware requires to manipulate a large amount of samples and to chain multiple analyses. scripting such a sequence of analyses on a large malware dataset becomes a challenge: the analysis has to handle fails on the computer and crashes on the used smartphone, in case of dynamic analyses. we present a new tool, pymao, for handling such experiments on a regular desktop pc with the highest performance throughput. pymao helps to write sequences of analyses and handle partial experiments that should be restarted after a crash or continued with new unknown analyses. the tool also offers a post processing capability for generating number tables or bar graphs from the analyzed datasets.
- Obfuscated android application development
Pierre Graux, Jean-François Lalande, Valérie Viêt Triem Tong
Central European Cybersecurity Conference ACM Press 1-62019 doi ABS
Obfuscation techniques help developers to hide their code when distributing an android application. the used techniques are linked to the features provided by the programming language but also with the way the application is executed. using obfuscation is now a common practice and specialized companies sell tools or services for automatizing the manipulation of the source code. in this paper, we present how to develop obfuscated applications and how obfuscation technique usage is evolving in the wild. first, using advanced obfuscation techniques requires some advanced knowledge about the development of android applications. we describe how to build such applications for helping researchers to generate samples of obfuscated applications for their own research. second, the use of obfuscation techniques is evolving for both regular applications or malicious ones. we aim at measuring the development of these usages by studying application and malware samples and the artifacts that indicate the use of obfuscation techniques.
- Teaching android mobile security
Jean-François Lalande, Valérie Viet Triem Tong, Pierre Graux, Guillaume Hiet, Wojciech Mazurczyk, Habiba Chaoui, Pascal Berthomé
50th ACM Technical Symposium on Computer Science Education ACM Press 232-2382019 doi ABS
At present, computer science studies generally offer courses addressing mobile development and they use mobile technologies for illustrating theoretical concepts such as operating system, design patterns, and compilation because android and ios use a large variety of technologies for developing applications. teaching courses on security is also becoming an important concern for academics, and the use of mobile platforms (such as android) as supporting material is becoming a reasonable option. in this paper, we intend to bridge a gap in the literature by reversing this paradigm: android is not only an opportunity to learn security concepts but requires strong pedagogical efforts for covering all the aspects of mobile security. thus, we propose teaching android mobile security through a two-dimensional approach. the first dimension addresses the cognitive process of the bloom taxonomy, and the second dimension addresses the technical layers of the architecture of the android operating system. we describe a set of comprehensive security laboratory courses covering various concepts, ranging from the application development perspective to a deep investigation of the android open source project and its interaction with the linux kernel. we evaluated this approach, and our results verify that the designed security labs impart the required knowledge to the students.
- Le projet cominlabs kharon: aidons les malwares à s'exécuter
Jean-François Lalande, Valérie Viet Triem Tong, Valérie Viet, Triem Tong
Rendez-Vous de La Recherche et de l'Enseignement de La Sécurité Des Systèmes d'Information 2018 - Etat de l'Art des Techniques d'Unpacking pour les applications android
Pierre Graux, Jean-François Lalande, Valérie Viet Triem Tong
Rendez-Vous de La Recherche et de l'Enseignement de La Sécurité Des Systèmes d'Information 2018 - Android malware analysis: from technical difficulties to scientific challenges
Jean-François Lalande
International Conference on Information Technology and Communications Security 17-212018 doi ABS
Ten years ago, google released the first version of its new operating system: android. with an open market for third party applications, attackers started to develop malicious applications. researchers started new works too. inspired by previous techniques for windows or gnu/linux malware, a lot of papers introduced new ways of detecting, classifying, defeating android malware. in this paper, we propose to explore the technical difficulties of experimenting with android malware. these difficulties are encountered by researchers, each time they want to publish a solid experiment validating their approach. how to choose malware samples? how to process a large amount of malware? what happens if the experiment needs to execute dynamically a sample? the end of the paper presents the upcoming scientific challenges of the community interested in malware analysis.
- GPFinder: Tracking the Invisible in android malware
Mourad Leslous, Valérie Viet Triem Tong, Jean-François Lalande, Thomas Genet
12th International Conference on Malicious and Unwanted Software IEEE Conputer Society 39-462017 doi ABS
Malicious android applications use clever techniques to hide their real intents from the user and avoid detection by security tools. they resort to code obfuscation and dynamic loading, or wait for special events on the system like reboot or wifi activation. therefore, promising approaches aim to locate, study and execute specific parts of android applications in order to monitor for suspicious behavior. they rely on control flow graphs (cfgs) to obtain execution paths towards sensitive codes. we claim here that these cfgs are incomplete because they do not take into consideration implicit control flow calls, i.e., those that occur when the android framework calls a method implemented in the application space. this article proposes a practical tool, gpfinder, exposing execution paths towards any piece of code considered as suspicious. gpfinder takes the android framework into account and considers explicit and implicit control flow calls to build cfgs. using gpfinder, we give global characteristics of application cfgs by studying a dataset of 14,224 malware and 2,311 goodware samples. we evaluate that 72.69\%of the analyzed malicious samples have at least one suspicious method reachable only through implicit calls.
- Information flows at OS level unmask sophisticated Android malware
Valérie Viet Triem Tong, Aurélien Trulla, Mourad Leslous, Jean-François Lalande
vol. 6 14th International Conference on Security and Cryptography SciTePress 578-5852017 doi - Malware à base de canaux auxiliaires
Jean-François Lalande
Colloque International Sur La Sécurité Des Systèmes d'Information 2016 - GroddDroid: A gorilla for triggering malicious behaviors
A. Abraham, R. Andriatsimandefitra, A. Brunelat, J. F. Lalande, V. Viet Triem Tong
2015 10th International Conference on Malicious and Unwanted Software, MALWARE 2015 IEEE Computer Society 119-1272015 doi ABS
Android malware authors use sophisticated techniques to hide the malicious intent of their applications. they use cryptography or obfuscation techniques to avoid detection during static analysis. they can also avoid detection during a dynamic analysis. frequently, the malicious execution is postponed as long as the malware is not convinced that it is running in a real smartphone of a real user. however, we believe that dynamic analysis methods give good results when they really monitor the malware execution. in this article, we propose a method to enhance the execution of the malicious code of unknown malware. we especially target malware that have triggering protections, for example branching conditions that wait for an event or expect a specific value for a variable before triggering malicious execution. in these cases, solely executing the malware is far from being sufficient. we propose to force the triggering of the malicious code by combining two contributions. first, we define an algorithm that automatically identifies potentially malicious code. second, we propose an enhanced monkey called grodddroid, that stimulates the gui of an application and forces the execution of some branching conditions if needed. the forcing is used by grodddroid to push the execution flow towards the previously identified malicious parts of the malware and execute it. the source code for our experiments with grodddroid is released as free software. we have verified on a malware dataset that we investigated manually that the malicious code is accurately executed by grodddroid. additionally, on a large dataset of 100 malware we precisely identify the nature of the suspicious code and we succeed to execute it at 28\%.
(best paper award)
- ANR LYRICS: Cryptographie pour la protection de la vie privée, optimisée pour les services mobiles sans contact
Sébastien Gambs, Jean-François Lalande, Jacques Traoré
Rendez-Vous de La Recherche et de l'Enseignement de La Sécurité Des Systèmes d'Information 2015 - Kharon : découvrir, comprendre et reconnaitre des malware Android par suivi de flux d'information
Radoniaina Andriatsimandefitra Ratsisahanana, Thomas Genet, Laurent Guillo, Jean-François Lalande, David Pichardie, Valérie Viet Triem Tong
Rendez-Vous de La Recherche et de l'Enseignement de La Sécurité Des Systèmes d'Information 2015 - Sécurité Android: exemples de malware
Jean-François Lalande
Colloque International Sur La Sécurité Des Systèmes d'Information 2015 - A practical set-membership proof for privacy-preserving nfc mobile ticketing
Ghada Arfaoui, Jean-François Lalande, Jacques Traoré, Nicolas Desmoulins, Pascal Berthomé, Saïd Gharout
Proceedings on Privacy Enhancing Technologies vol. 2015 2 De Gruyter Open 25-452015 doi ABS
To ensure the privacy of users in transport systems, researchers are working on new protocols providing the best security guarantees while respecting functional requirements of transport operators. in this paper1, we design a secure nfc m-ticketing protocol for public transport that preserves users' anonymity and prevents transport operators from tracing their customers' trips. to this end, we introduce a new practical set-membership proof that does not require provers nor verifiers (but in a specific scenario for verifiers) to perform pairing computations. it is therefore particularly suitable for our (ticketing) setting where provers hold sim/uicc cards that do not support such costly computations. we also propose several optimizations of boneh-boyen type signature schemes, which are of independent interest, increasing their performance and efficiency during nfc transactions. our m-ticketing protocol offers greater flexibility compared to previous solutions as it enables the post-payment and the off-line validation of m-tickets. by implementing a prototype using a standard nfc sim card, we show that it fulfils the stringent functional requirement imposed by transport operators whilst using strong security parameters. in particular, a validation can be completed in 184.25ms when the mobile is switched on, and in 266.52ms when the mobile is switched off or its battery is flat.
- Analysis of human awareness of Security and privacy threats in smart environments
Luca Caviglione, Jean-Francois Lalande, Wojciech Mazurczyk, Steffen Wendzel
vol. 9190 3rd International Conference on Human Aspects of Information Security, Privacy and Trust Springer Berlin / Heidelberg 165-1772015 doi ABS
Smart environments integrate information and communication technologies (ict) into devices, vehicles, buildings and cities to offer an increased quality of life, energy efficiency and economical sustainability. in this perspective, the individual has a core role and so has networking, which enables such entities to cooperate. however, the huge amount of sensitive data, social aspects and the mixed set of protocols offer many opportunities to inject hazards, exfiltrate information, mass profiling of citizens, or produce a new wave of attacks. this work reviews the major risks arising from the usage of ict-techniques for smart environments, with emphasis on networking. its main contribution is to explain the role of different stakeholders for causing a lack of security and to envision future threats by considering human aspects.
- Practical and privacy-preserving tee migration
Ghada Arfaoui, Jean-François Lalande, Saïd Gharout, Jacques Traoré
vol. 9311 9th IFIP WG 11.2 International Conference on Information Security Theory and Practice Springer 153-1682015 doi ABS
Trusted execution environments (tee) are becoming widely deployed in new smartphone generation. running within the tee, the trusted applications (ta) belong to diverse service providers. each ta manipulates a profile, constituted of secret credentials and user's private data. normally, a user should be able to transfer his tee profiles from a tee to another compliant tee. however, tee profile migration implies security and privacy issues in particular for tee profiles that require explicit agreement of the service provider. in this paper, we first present our perception of the deployment and implementation of a tee: we organize the tee into security domains with different roles and privileges. based on this new model, we build a migration protocol of tee profiles ensuring its confidentiality and integrity. to this end, we use a reencryption key and an authorization token per couple of devices, per service provider and per transfer. the proposed protocol has been successfully validated by avispa, an automated security protocol validation tool.
- Software countermeasures for control flow integrity of smart card c codes
Jean François Lalande, Karine Heydemann, Pascal Berthomé
vol. 8713 European Symposium on Research in Computer Security Springer International Publishing 200-2182014 doi ABS
Fault attacks can target smart card programs in order to disrupt an execution and gain an advantage over the data or the embedded functionalities. among all possible attacks, control flow attacks aim at disrupting the normal execution flow. identifying harmful control flow attacks as well as designing countermeasures at software level are tedious and tricky for developers. in this paper, we propose a methodology to detect harmful intra-procedural jump attacks at source code level and to automatically inject formally-proven countermeasures. the proposed software countermeasures defeat 100\%of attacks that jump over at least two c source code statements or beyond. experiments show that the resulting code is also hardened against unexpected function calls and jump attacks at assembly level.
- Privacy and mobile technologies: the Need to Build a digital culture
Mathilde De Saint Léger, Sébastien Gambs, Brigitte Juanals, Jean-François Lalande, Jean-Luc Minel
Digital Intelligence Université de Nantes 100-1052014 ABS
This paper studies the topic of privacy in its relations with mobile technologies. after presenting the complexity of the topic and the need for an interdisciplinary approach on this subject, we analyze its media coverage in the modern public space. despite the di culties high- lighted by these studies, we argue that research e orts should support the emergence of mobile services that respect users' privacy as well as the development of a digital culture of privacy.
- Un titre de transport sur mobile NFC respectueux de la vie privée
Jean-François Lalande
Colloque International Sur La Sécurité Des Systèmes d'Information 2014 - A privacy preserving post-payment mobile ticketing protocol for transport systems
Ghada Arfaoui, Jean-François Lalande
Atelier Sur La Protection de La Vie Privée 2014 2014 ABS
In this paper, we present a new mobile ticketing protocol for public transport service preserving the users' privacy and offering greater flexibility comparing to existing solutions. our protocol enables post-payment approach. hence, users pay only what they really used. moreover, our protocol enables off-line ticket validation.
- A privacy preserving post-payment mobile ticketing protocol for transport systems
Ghada Arfaoui, Jean-François Lalande
Atelier Sur La Protection de La Vie Privée 2014 2014 ABS
In this paper, we present a new mobile ticketing protocol for public transport service preserving the users' privacy and offering greater flexibility comparing to existing solutions. our protocol enables post-payment approach. hence, users pay only what they really used. moreover, our protocol enables off-line ticket validation.
- A privacy-preserving contactless transport service for nfc smartphones
Ghada Arfaoui, Sébastien Gambs, Patrick Lacharme, Jean-François Lalande, Lescuyer Roch, Jean-Claude Paillès
vol. 130 Fifth International Conference on Mobile Computing, Applications and Services Springer Berlin / Heidelberg 282-2852013 doi ABS
The development of nfc-enabled smartphones has paved the way to new applications such as mobile payment (m-payment) and mobile ticketing (m-ticketing). however, often the privacy of users of such services is either not taken into account or based on simple pseudonyms, which does not offer strong privacy properties such as the unlinkability of transactions and minimal information leakage. in this paper, we introduce a lightweight privacy-preserving contactless transport service that uses the sim card as a secure element. our implementation of this service uses a group signature protocol in which costly cryptographic operations are delegated to the mobile phone.
- Comment ajouter de la privacy after design pour les applications Android ?
Pascal Berthomé, Jean-François Lalande
Atelier Protection de La Vie Privée 2012 ABS
Nos smartphones hébergent de plus en plus de données privées qu'il convient de protéger d'applications malveillantes. cependant, comme le système de permissions d'android délègue à l'utilisateur l'analyse de la légitimité d'une demande de permission d'accès à une donnée privée, nous considérons que la gestion de la privacy est broken by design. nous proposons donc dans ce papier d'améliorer la sécurité des données privées sans toucher au système d'exploitation sous-jacent, ceci afin de maximiser le nombre d'utilisateurs potentiels de notre solution. la méthodologie proposée repose sur le repackaging d'une application dans laquelle on injecte des codes monitorant l'accès aux données privées du smartphone. nous montrons au travers de résultats expérimentaux comment l'accès aux contacts est audité ou protégé sur un ensemble de 18 applications du market. nous montrons aussi comment décliner la méthode pour empêcher l'envoi de sms, ce que nous avons testé sur un malware réalisant ce type d'attaque.
- HoneyCloud: elastic honeypots - on-attack provisioning of high-interaction honeypots
Patrice Clemente, Jean-François Lalande, Jonathan Rouzaud-Cornabas
International Conference on Security and Cryptography SciTePress 434-4392012 doi ABS
This paper presents honeycloud: a large-scale high-interaction honeypots architecture based on a cloud infrastructure. the paper shows how to setup and deploy on-demand virtualized honeypot hosts on a private cloud. each attacker is elastically assigned to a new virtual honeypot instance. honeycloud offers a high scalability. with a small number of public ip addresses, honeycloud can multiplex thousands of attackers. the attacker can perform malicious activities on the honeypot and launch new attacks from the compromised host. the honeycloud architecture is designed to collect operating system logs about attacks, from various ids, tools and sensors. each virtual honeypot instance includes network and especially system sensors that gather more useful information than traditional network oriented honeypots. the paper shows how are collected the activities of attackers into the cloud storage mechanism for further forensics. honeycloud also addresses efficient attacker's session storage, long term session management, isolation between attackers and fidelity of hosts.
- High level model of control flow attacks for smart card functional security
Pascal Berthome, Karine Heydemann, X. Kauffmann-Tourkestansky, Jean-Francois Lalande
Seventh International Conference on Availability, Reliability and Security IEEE Computer Society 224-2292012 doi ABS
Smart card software has to implement software countermeasures to face attacks. some of these attacks are physical disruptions of chip components that cause a misbehavior in the code execution. a successful functional attack may reveal a secret or grant an undesired authorization. in this paper, we propose to model fault attacks at source level and then simulate these attacks to find out which ones are harmful. after discussing the effects of physical attacks at assembly level and going back to their consequences at source code level, the paper focuses on control flow attacks. such attacks are good candidates for the proposed model that can be used to exhaustively test the robustness of the attacked program. on the bzip2 software, the paper's results show that up to 21\%of the assembly simulated control flow attacks are covered by the c model with 30 times less test cases.
- Simulating physical attacks in smart card C codes: the jump attack case
Pascal Berthomé, Karine Heydemann, Xavier Kauffmann-Tourkestansky, Jean-François Lalande
E-Smart: The Future of Digital Security Technologies 2011 ABS
Smart cards are in the embedded world one of the few hardware devices that can be subject to targeted physical attacks from malicious and skilled people. these physical attacks can target any element of the chip resulting in unpredictable effects on the executed software. for an applicative developer who is more familiar with a high level language, it is a difficult task to predict the consequences of such low level attacks. analysing the consequences of a physical attack and creating a realistic and plausible attack model is the first step that leads to a better understanding of the security of an application. but even with this model it is still difficult to pinpoint locations in the source code where physical attacks might lead to security vulnerabilities. different approaches and techniques exist to simulate faults at hardware or software level. however most of them focus either on a high level of abstraction as with software fuzzing techniques or a precise description of the low level hardware as with a vhdl simulator. since one of the developer's goals is to implement high level countermeasures to prevent low level attacks, both preceding approaches lack of expressiveness. thus, the challenge is to simulate with additional c code the consequences of low level attacks such as register disruption, processor instruction modification, arbitrary jumps. the second difficulty is to deal with the number of possible attacks which is related to the code size, the size of variable domains and the persistence of the attack effect. as it is impossible to exhaustively simulate all the possible attacks, our study focuses on jump attacks. these are classical attacks that lead to a change in the control flow of the code and can be used to bypass security checks. in this talk we will present a cost effective methodology and a technical solution to simulate, at c level, the effects of physical jump attacks. experimental results compare the effect of simulated high level attacks to physical low level attacks. in order to benchmark and validate the methodology, the experiments use the spec 2000 benchmarks with well- studied open source c codes. to make the analogy with the smart card, we consider that a successful attack against a spec 2000 software induces a termination with a wrong output. crashes and non terminating executions are safe results from a security point of view. the results also show how to identify vulnerable functions in a complete application. the knowledge of potential vulnerable locations in the source code of a project will enable a software developer to implement his countermeasures accordingly with more precision and assurance.
- Attaques physiques à haut niveau pour le test de la sécurité des cartes à puce
Pascal Berthomé, Karine Heydemann, Xavier Kauffmann-Tourkestansky, Jean-François Lalande
Journée Sécurité Des Systèmes &Sûreté Des Logiciels 13-142011 ABS
Dans cet article, nous proposons de décrire les hypothèses d'attaques physiques contre les cartes à puce afin de modéliser ces attaques à haut niveau. cette modélisation cherche à représenter l'attaque au niveau du langage c par l'injection d'un morceau de code qui simule ses effets. l'intérêt du modèle est qu'il permet de simuler les attaques possibles à un niveau où le programmeur peut comprendre les effets sur le code qu'il développe. cependant, le nombre d'attaques possibles est très grand ce qui empêche la réalisation exhaustive de tous les tests. les résultats expérimentaux montrent comment identifier par simulation les attaques par saut qui aboutissent. enfin, nous présentons nos perspectives de travaux qui concernent la vérification statique de ces codes attaqués.
- SYNEMA: visual monitoring of network and system security sensors
Aline Bousquet, Patrice Clemente, Jean-François Lalande
International Conference on Security and Cryptography SciTePress 375-3782011 doi ABS
This paper presents a new monitoring tool called synema that helps to visualize different types of alerts from well-known security sensors. the architecture of the proposed tool is distributed and enables centralizing the collected information into a lightweight visualizer. the front-end proposes many display modes in order to give the ability to clearly see malicious activities and to be able to visually monitor information collected at system, network and user level in the hosts. the paper concludes with development perspectives about an auto-configurable plugin for visual correlation of attacks.
- Mandatory access control for shared HPC clusters: Setup and performance evaluation
Mathieu Blanc, Jean-François Lalande
International Conference on High Performance Computing &Simulation IEEE Computer Society 291-2982010 doi ABS
Protecting a hpc cluster against real world cyber threats is a critical task, with the increasing trend to open and share computing resources. as partners can upload data that is confidential regarding other partners, a company managing a shared cluster has to enforce strong security measures. it has to prevent both accidental data leakage and voluntary data stealing. when using an operating system based on linux, the offered protections are difficult to set up in large scale environments. this article presents how to use the mandatory access control feature of selinux in order to guarantee strong security properties for hpc clusters. the proposed solution is based on the use of the multi-category system, the confinement of user profiles and the use of a dual ssh server. the issues encountered during the implementation and the most difficult technical points are presented. finally, this paper shows experimental results about the performance of our solution and the impact on a large scale cluster.
- Enforcement of security properties for dynamic mac policies
Jérémy Briffaut, Jean-François Lalande, Christian Toinard, Mathieu Blanc
Third International Conference on Emerging Security Information, Systems and Technologies IEEE Computer Society 114-1202009 doi (best paper award)
- Generation of role based access control security policies for Java collaborative applications
Jérémy Briffaut, Xavier Kauffmann-Tourkestansky, Jean-François Lalande, Waleed Smari
Third International Conference on Emerging Security Information, Systems and Technologies IEEE Computer Society 224-2292009 doi ABS
Java collaborative applications are increasingly and widely used in the form of applets or servlets, as a way to easily download and execute small programs on one's computer. however, security associated with these downloaded applications, even if it exists, is not easily manageable. most of the time, it relies on the user's ability to define a security policy for his virtual machine, which is undesirable. this paper proposes to integrate an rbac mechanism for any java application. it introduces a simple tag process that allows the developer to incorporate the appropriate policy in the source code of his application. the user is endowed with the ability to choose a role that corresponds to the required level of trust required in order for him to embed the policy in the executed code. a case study of a collaborative application shows how works the proposed api for managing roles, generating policies and logging in. at the end, a discussion about the dynamic enforcement of the generated policies is presented.
- Team-based MAC policy over security-enhanced linux
Jérémy Briffaut, Jean-François Lalande, Waleed Smari
Second International Conference on Emerging Security Information, Systems and Technologies IEEE Computer Society 41-462008 doi ABS
This paper presents an implementation of team-based access control policy (tmac) using selinux as mandatory access control mechanism for linux operating systems. after explaining the particularities of tmac in an elaborate example, the paper presents the xml tmac format developed and introduces a visualization tool that allows a user to explore the tmac policy. furthermore, we discuss how this policy is projected under selinux. finally, we discuss the limitations of this implementation and propose further future developments.
- Quasi-optimal bandwidth allocation for multi-spot MFTDMA satellites
Sara Alouf, Eitan Altman, Jérôme Galtier, Jean-François Lalande, Corinne Touati
vol. 1 IEEE Conference on Computer Communications IEEE Computer Society 560-5712005 doi ABS
This paper presents an algorithm for resource allocation in satellite networks. it deals with planning a time/frequency plan for a set of terminals with a known geometric configuration under interference constraints. our objective is to maximize the system throughput while guaranteeing that the different types of demands are satisfied, each type using a different amount of bandwidth. the proposed algorithm relies on two main techniques. the first generates admissible configurations for the interference constraints, whereas the second uses linear and integer programming with column generation. the obtained solution estimates a possible allocation plan with optimality guarantees, and highlights the frequency interferences which degrade the construction of good solutions.
- Arrondi aléatoire et protection des réseaux WDM
Jean-François Lalande, Michel Syska, Yann Verhoeven
Congrès Annuel de La Société Française de Recherche Opérationnelle et d'aide à La Décision Tours : Presses universitaires François Rabelais 241-2422005 ABS
Nous présentons un algorithme de calcul de chemins de secours dans un réseau optique qui offre de meilleures performances pratiques que d'autres algorithmes connus grâce à l'application d'une technique d'arrondi aléatoire.
- Approximation Combinatoire de multiflot factionnaire : améliorations
Mohamed Bouklit, David Coudert, Jean-François Lalande, Hervé Rivano
5ièmes Rencontres Francophones Sur Les Aspects ALGOrithmiques Des TELécommunications 2003 - Approximate multicommodity flow for wdm networks design
Mohamed Bouklit, David Coudert, Jean-François Lalande, Christophe Paul, Hervé Rivano
Colloquium on Structural Information and Communication Complexity Carleton Scientific 43-562003 - Groupage dans les réseaux dorsaux WDM
Jean-François Lalande, Stéphane Pérennes, Michel Syska
Congrès Annuel de La Société Française de Recherche Opérationnelle et d'aide à La Décision Université d'Avignon et des Pays de Vaucluse 254-2552003