Publications

For many proprietary systems source code and documentation
are not available which makes them hard to test leaving only black-
box approaches. In this work, we present an experience of fuzzing a
protocol for drone control and the developed tool BinFuzz. BinFuzz is a
man-in-the-middle… Read more

Packing is a widely used obfuscation technique for malware to bypass detection tools and hinder reverse engineering. Existing research has already covered methods to detect packing, both with static and dynamic analysis. These methods are based on various features: headers, entropy, API calls,… Read more

LoRaWAN devices are secured using traditional cryptographic methods. However, the end devices are still vulnerable to security attacks such as impersonation. To counter these attacks, LoRa requires an additional layer of security at the physical level. Deep Learning-based LoRa device… Read more

… Read more

Alors que les États membres sont confrontés à des risques croissants en matière de cybersécurité, ils ne sont pas tous en mesure d’y faire face seuls. De plus, il existe un risque évident de propagation rapide… Read more

The IoT technology allows many types of personal data to be measured by many kinds of devices and sensors, and to be sent over the Internet for various applications. However, this data transmission… Read more

The Ethereum Global Network (EGN) hosts a complete ecosystem of decentralized services, including blockchains such as Ethereum mainnet but also exchange markets, content delivery networks, and many more. Service discovery is a fundamental mechanism in the EGN, allowing new nodes to look up and… Read more

Despite their ubiquity, the security of Internet of Things devices is unsatisfactory, as demonstrated by several attacks.
The IETF's MUD standard aims to simplify and automate the secure deployment of network devices.
A MUD file specifies a device-specific description of allowed network… Read more

The last few years in the software engineering field have seen a paradigm shift from monolithic applications towards architectures in which the application is split in various smaller entities (i.e., microservices) fueled by the improved availability and ease of use of containers technologies… Read more

The rise of cryptocurrencies has created new avenues for criminal money exchanges. Among various techniques, Bitcoin address clustering plays a crucial role in detecting and grouping addresses owned by the same entity.

This fundamental step is essential for deanonymizing addresses and… Read more

Over the past two decades, network measurement infrastructures have witnessed significant development and widespread adoption. Internet measurement platforms have become common and have demonstrated their relevance in Internet understanding and security observation. However, despite their… Read more

Internet of Things devices can now be found everywhere, including in our households in the form of Smart Home networks. Despite their ubiquity, their security is unsatisfactory, as demonstrated by recent attacks. The IETF's MUD standard has as goal to simplify and automate the secure deployment… Read more

Integration of agile and user experience (UX) remains a challenge despite being a major research interest for both agile software development (ASD) and UX stakeholders. Typically, ASD stakeholders’ primary focus is delivering working software, whereas UX stakeholders focus on designing systems… Read more

Despite their increasing popularity, blockchains still suffer from severe scalability limitations. Recently, Ethereum proposed a novel approach to block validation based on Data Availability Sampling (DAS), that has the potential to improve its transaction per second rate by more… Read more

In-situ Operations, Administration, and Maintenance (IOAM) records operational and telemetry information in the packet while the packet traverses a path in the network. IETF protocols require features to ensure their security. This document describes the integrity protection of IOAM-Data-Fields… Read more

RFC9511

Some recent use cases have a need for carrying an identifier in IPv6 packets. While those drafts might perfectly make sense on their own, each document requires IANA to allocate a new code point for a new option, and so for very similar situations, which could quickly exhaust the allocation… Read more

Application Programming Interfaces, known as APIs, are increasingly popular in modern web applications. With APIs, users around the world are able to access a plethora of data contained in numerous server databases. To understand the workings of an API, a formal documentation is required. This… Read more

This thesis explores the idea of applying genetic improvement in the aim of injecting vulnerabilities into programs. Generating vulnerabilities automatically in this manner would allow creating datasets of vulnerable programs. This would, in turn, help training machine-learning models to detect… Read more

Les flaky tests sont des tests non déterministes, ils peuvent donner des résultats différents sans modification du code. Ce qui entraîne une perte de temps et de ressources.Une meilleure connaissance de ce domaine doit mener à une diminution de ces désagréments. Cependant, il y a peu de travaux… Read more

Multiple techniques exist to find vulnerabilities in code, such as static analysis and machine learning. Although machine learning techniques are promising, they need to learn from a large quantity of examples. Since there is not such large quantity of data for vulnerable code, vulnerability… Read more

Code Smells have been studied for more than 20 years now. They are used to describe a design flaw in a program intuitively. In this study, we wish to identify the impact of some of these Code Smells. And, more specifically, their potential impact on Testability. To do this, we will study the… Read more

The InterPlanetary File System (IPFS) is currently the largest decentralized storage solution in operation, with thousands of active participants and millions of daily content transfers. IPFS is used as remote data storage for numerous blockchain-based smart contracts, Non-Fungible Tokens (NFT… Read more