59 results

  • Tackling obfuscated code through variant analysis and Graph Neural Networks

    • March 21, 2025 (11:00 - 12:00)

    • Inria Center of the University of Rennes - - Petri/Turing room

    Speaker : Roxane Cohen and Robin David - Quarkslab

    Existing deobfuscation techniques usually target specific obfuscation passes and assume a prior knowledge of obfuscated location within a program. Also, some approaches tend to be computationally costly. Conversely, few research consider bypassing obfuscation through correlation of various variants of the same obfuscated program or a clear program and a later obfuscated variant. Both scenarios are[…]
    • Malware analysis

    • Binary analysis

    • Obfuscation

  • Cherifying Linux: A Practical View on using CHERI

    • January 31, 2025 (11:00 - 12:00)

    • Centre Inria de l'Université de Rennes - - salle Aurigny

    Speaker : Kui Wang - Huawei

    The CHERI ISA extension enables modern RISC CPU architectures such as RISC-V to enforce memory safety in C/C++ programs. Recent academic works use CHERI for point solutions like constructing enclaves, verifying C programs, or hardening bytecode interpreters, but since the original construction of the CHERI-BSD OS - a FreeBSD port leveraging CHERI capabilities, by Cambridge University - little has[…]
    • SoSysec

    • Compartmentalization

    • Operating system and virtualization

  • A Universal Composability analysis of Android Protected Confirmation

    • January 17, 2025 (11:00 - 12:00)

    • Inria Center of the University of Rennes - - Petri/Turing room

    Speaker : Maïwenn Racouchot - CISPA

    As phones are used for more and more sensitive operations (such as bank transfers for example), there is a great necessity to design and deploy protocols that can ensure the security of such transactions, even in cases when the phone has been compromised. In order to accomplish that, Android in collaboration with Google have worked on a protocol called Android Protected Confirmation. The idea[…]
    • SoSysec

    • Formal methods

    • Protocols

  • Approches humanitaires du risque numérique : accidents de sécurité et impératif de protection

    • January 10, 2025 (11:00 - 12:00)

    • Inria Center of the University of Rennes - - Petri/Turing room

    Speaker : Laetitia Della Torre - Université de technologie de Compiègne

    Les ONG clament qu’elles ne sont pas des cibles (« not a target »), et plaident pour un arrêt des enlèvements d’humanitaires et des bombardements d’hôpitaux. Ajoutons que ce slogan est maintenant décliné dans une version « modernisée » : les ONG ne sont pas des cibles numériques (« not a digital target »). Ce slogan constitue un appel à stopper les cyberopérations contre les ONG, qui sont[…]
    • Risk management

    • SoSysec

  • Safety-Security Convergence of Industrial Control Systems

    • December 13, 2024 (11:00 - 12:00)

    • Inria Center of the University of Rennes - Room Aurigny

    Speaker : Maxime Puys - Université Clermont Auvergne - IUT de Clermont-Ferrand

    Industrial Control Systems (ICS) are designed to provide a service, such as power generation or water treatment, while protecting people, assets, and the environment against hazards. However, ICS now integrate Information Technology (IT) and are interconnected with the outside world such as the Internet, thereby exposing their infrastructures to cyberattacks. Cyberattacks have thus become new[…]
    • Risk Assessment

    • SoSysec

    • Intrusion detection

  • Un protocole SMPC de curation de données d'entrainement et sa fragilité aux hypothèses de sécurité...

    • December 06, 2024 (11:00 - 12:00)

    • Inria Center of the University of Rennes - Métiviers room

    Speaker : Marc-Olivier Killijian - Université du Québec à Montréal

    ... ou "Sécurité et insécurité - dans quel état j’erre, ai-je bien rangé mon modèle de sécurité ?" De nos jours, les sources de données, et leurs curateurs, sont répartis à travers le monde. Il arrive que les propriétaires de ces données souhaitent collaborer entre eux afin d’augmenter la qualité de ces données, particulièrement avant d’entrainer des modèles d’apprentissage machine.Dans cet exposé[…]
    • SoSysec

    • Privacy

    • Machine learning

    • Distributed systems