Publications
Routing protocols are key protocols on the public
Internet and in enterprise networks. Routers exchange control
messages to compute their routing tables. A bug in the processing
of such messages could cause routers to crash or reboot, leading
to wide scale disruptions. We propose a… Read more- Résumé - Assurer la robustesse des systèmes cyber-physiques est crucial pour garantir leur résilience face à des perturbations inattendues. Bien que l’ingénierie du chaos fournisse une méthodologie structurée, sa phase de conception manque d’un… Read more
Purpose - The paper studies the integration of UX into a cybersecurity project using longitudinal mixed-method approach, how introducing UX influences design, management decisions and security-relevant outcomes, formalises these mechanisms in a four-phase framework, and derives… Read more
Current marketplaces rely on search mechanisms with distributed systems but centralized governance, making them vulnerable to attacks, failures, censorship and biases. While search mechanisms with more decentralized governance (e.g., DeSearch) have been recently proposed, these are still exposed… Read more
Many smart home applications collect sensitive data and interact with remote services. The local-first principle minimizes data propagation by favoring local processing and communicating with remote services only when necessary. HubOS is an operating system for smart home hubs supporting… Read more
Feature representation is a key factor in machine learning-based malware detection, affecting the information expressed and used for detection, the choice of the classifier, and computational efficiency. While both tabular and graph-based feature representations have been widely studied, we lack… Read more
Intrusion Detection Systems (IDS) play a crucial role in network security. An IDS recognizes malicious activity in network traffic by matching it against patterns defined in a set of rules. The complexity and size of rule sets lead to substantial computational load. In a state-of-the-art IDS,… Read more
Graph-based representations of program behavior are a powerful foundation for machine learning-based malware detection. However, the large size and complexity of these behavior graphs pose scalability challenges. This paper presents a systematic evaluation of five graph reduction strategies—… Read more
Layer-2 protocols such as rollups can help address Ethereum’s throughput limits. An efficient data availability layer is key for layer-2 support in Ethereum, but broadcast methods do not scale. A promising approach is the selective distribution of layer-2 data and its verification by data… Read more
Ethereum is the dominant blockchain ecosystem capable of executing Turing-complete smart contracts. Rollups gained significant traction as the primary layer 2 (L2) solution meant to bring horizontal scalability to the main Ethereum network (L1). A core component of any rollup is the sequencer,… Read more
QUIC is a transport-layer protocol that encrypts most headers and all payload data, encapsulating them in UDP to provide security and low latency. However, this encryption and encapsulation pose challenges for kernel-level network and security monitoring. To address this, we present LinkQUIC,… Read more
Cyber attacks are increasing, causing financial losses, data breaches, and reputational damage for individuals and organizations. Since human error remains the leading cause, raising awareness of cyber threats is essential. Cyber range scenarios aim to mitigate these risks but often fail to… Read more
We propose a novel adaptive self-guarded honeypot called Asgard2.0,
designed to capture shell-based attacks on real Linux-based systems via
remote SSH access and to automatically recover when severely compromised.
Asgard2.0 leverages Deep Q-Networks (DQN), a Deep… Read morePolka is a post-quantum public-key encryption scheme from PKC 2023, designed in order to be efficiently protected against side-channel attacks. Its motivation arises from the acknowledged difficulty of protecting Kyber against such attacks. Concretely, the structure of Polka aims to allow so-… Read more
In 2001, Hirt proposed a receipt-free voting scheme, which
prevents malicious voters from proving to anybody how they voted, under
the assumption of the availability of a helping server that is trusted for
receipt-freeness, and only for that property. This appealing design led to
a… Read more