Publications

This Docker image is an experimental toolkit gathering analyzers, detectors, packers, tools and machine learning mechanics for making datasets of packed executables and training machine learning models for the static detection of packing. It aims to support PE, ELF and Mach-O executables and to… Read more

This thesis presents an integrated approach to strengthen software security of Odoo, a popular open-source ERP and CRM system. The approach employs a comprehensive methodology that integrates risk analysis based on the CIA triad, static code analysis using the open-source tool Semgrep, rule… Read more

Executable packing is a well-known problematic especially in the field of malware analysis. It often consists in applying compression or encryption to a binary file and embedding a stub for reversing these transformations at runtime. This way, the packed executable is more difficult to reverse-… Read more

New malware are created every day. However, some are just previously known ones, altered to make them invisible to classifiers. But how can a classifier defend itself against them? Malware mutation tools are developed to help classifiers and to prevent potential malware from accessing a computer… Read more

Tools and techniques for assessing the possibilities and impacts of attacks on IT systems are necessary to ensure the IT systems upon which society depends on continue to operate despite targeted attacks. This reality compels the development of intuitive brainstorming formalisms like attack-… Read more

Software systems are incorporated into various aspects of human society. However, their integration brings a set of challenges, especially when software operates on personal data. The systems must be correct and provide the desired functionality while maintaining privacy and security of personal… Read more

This article presents new contributions for Remote Access Trojan (RAT) analysis using symbolic execution techniques. The first part of the article identifies the challenges in the application of such an analysis, as well as the procedures put in place to address these challenges. The second part… Read more

We design new encryption mechanisms that enable the design of the first universally verifiable voting schemes, supporting both receipt-freeness and everlasting privacy without assuming the existence
of an anonymous channel.
Our schemes support the two most traditional election tallying… Read more

Cyber ranges (CR) have gained attention from researchers and trainees for their virtualization and replication capabilities. The growing focus on improving the user experience~(UX)… Read more

Rule-based systems such as Semgrep are important to detect security breaches by using static code analysis. Taking inspiration from research identifying relationships in energy consumption rules we present a tool (RIT) to enhance rule set development. Our tool allows Semgrep users to check rule… Read more

Mapping behaviors to the features they relate to is a prerequisite for variability-intensive systems (VIS) reverse engineering. Manually providing this whole mapping is labor-intensive. In black-box scenarios, only execution traces are available (e.g., process mining). In our previous work, we… Read more

Basic Block Coverage (BBC) is a secondary objective for search-based unit test generation techniques relying on the approach level and branch distance to drive the search process. Unlike the approach level and branch distance, which considers only information related to the coverage of explicit… Read more

Researchers and practitioners have designed and implemented various automated test case generators to support effective software testing. Such generators exist for various languages (e.g., Java, C#, or Python) and various platforms (e.g., desktop, web, or mobile applications). The generators… Read more

Automated feedback and grading platforms can require substantial effort when encoding new programming exercises for first-year students. Such exercises are usually simple but require defining several test cases to ensure their functional correctness. This paper describes our initial effort to… Read more

Operational Technology has gotten a growing place in our daily lives. With the increasing number of devices (connected or not), the need for a clean environment that allows effective and efficient testing is also increasing. Furthermore, some devices are connected to the physical world with the… Read more

Risk assessment is a key part of all cyber security frameworks, standards and related certification schemes. It is a complex process involving both the business domain to assess impact and the technical domain to measure feasibility. It requires to produce a realistic risk matrix based on… Read more

Coping with cybercrime in the scope of increasingly open and interconnected systems is a difficult challenge. DevSecOps provide an adequate framework to keep in control of this perpetual race. We show here how it can be efficiently supported by an internal model-based analysis and automation… Read more

Security risk assessment is often a heavy manual process, making it expensive to perform. DevOps, that aims at improving software quality and speed of delivery, as well as DevSecOps that augments DevOps with the automation of security activities, provide tools and procedures to automate the risk… Read more

The growing digitalisation of our economies and societies is driving the need for increased connectivity of critical applications and infrastructures to the point where failures can lead to important disruptions and consequences to our lives. One growing source of failures for critical… Read more

Packing is a widely used obfuscation technique by which malware hides content and behavior. Much research explores how to detect a packed program via such varied approaches as entropy analysis, syntactic signatures, and, more recently, machine learning classifiers using various features. Yet no… Read more

The Bitcoin protocol relies on scripts written in SCRIPT, a simple Turing-incomplete stack-based language, for locking the money carried over the Bitcoin network. This paper explores the usage of symbolic execution for finding transactions that permit to redeem the money without being the… Read more

Today, malware threats are more dangerous than ever with thousand of new samples emerging everyday. There exists a wide range of static and dynamic tools to detect malware signatures. Unfortunately, most of those tools are helpless when coming to automatic detection of polymorphic malwares, i.e… Read more

The manual methods to create detection rules are no longer practical in the anti-malware product since the number of malware threats has been growing over past years. Thus, the turn to machine learning approaches is a promising way to make malware recognition more efficient. The traditional… Read more

Malware analysis techniques are divided into static and dy- namic analysis. Both techniques can be bypassed by circumvention techniques such as obfuscation. In a series of works, the authors have pro- moted the use of symbolic executions combined with machine learning to avoid such traps. Most… Read more

The latest advancements in computing and network technologies, more precisely in the topics of the Internet of Things (IoT) and cloud computing, are the drivers of wide and seemingly unlimited possibilities of applications. One of the popular fields of application of those technologies are "… Read more