Publications

The IoT technology allows many types of personal data to be measured by many kinds of devices and sensors, and to be sent over the Internet for various applications. However, this data transmission has to be secure and the privacy of the users should ideally be preserved. In this work, we… Read more

Internet of Things (IoT) devices increasingly contribute to critical infrastructures, necessitating robust security measures. LoRaWAN, a low-power IoT network, employs the Advanced Encryption Standard (AES) with a 128-bit key for encryption and integrity, balancing efficiency and security. As… Read more

eBPF is a popular technology originating from the Linux kernel that enables safely running user-provided programs in a kernel-context. This technology opened the door for efficient programming in the operating system, especially in its network stack. However, its applicability is not limited to… Read more

The Internet adopts a layered architecture where IP addresses are used to identify endpoints and port numbers serves as application multiplexers over a single host. Nowadays, names are usually used to expose a service to public access. However, even with the current DNS architecture, nodes must… Read more

With a standardization process that attracted much interest, QUIC can been seen as the next general-purpose transport protocol. Still, it does not provide true multipath support yet, missing some use cases that Multipath TCP addresses. To fill that gap, the IETF recently adopted a Multipath… Read more

Concurrency theory has received considerable attention, but mostly in the scope of synchronous
process algebras such as CCS, CSP, and ACP. As another way of handling concurrency, data-based
coordination languages aim to provide a clear separation between interaction and computation by… Read more

We design new encryption mechanisms that enable the design of the first universally verifiable voting schemes, supporting both receipt-freeness and everlasting privacy without assuming the existence of an anonymous channel.

Our schemes support the two most traditional election tallying… Read more

Concurrency theory has received considerable attention, but mostly in the scope of synchronous
process algebras such as CCS, CSP, and ACP. As another way of handling concurrency, data-based
coordination languages aim to provide a clear separation between interaction and computation by… Read more

Part of the Embedded Cryptography Textbook

The proliferation of cybercrime and the escalating threat of malware attacks necessitate more effective and efficient analysis techniques. Traditional methods, such as static and dynamic analysis, have limitations that hinder their effectiveness against sophisticated and evasive malware.… Read more

 This document specifies a multipath extension for the QUIC protocol to enable the simultaneous usage of multiple paths for a single connection.

Shaping first-year students’ minds to solve problems
at different levels of abstraction is both important and challeng-
ing. Although abstraction is a crucial skill in problem-solving,
especially in STEM subjects, students often struggle with abstract
thinking. They tend to focus… Read more

This paper addresses the difficulties students face when learning
and practicing pointers (i.e., variables storing the memory address
of another variable as its value) in a computer programming class.
To improve their understanding and practice, we have developed
Tartare, an… Read more

This paper focuses on a programming methodology relying
on an informal and graphical version of the Loop Invariant for building
the code. This methodology is applied in the context of a CS1 course in
which students are exposed to several C programming language concepts
and… Read more

This Docker image is an experimental toolkit gathering analyzers, detectors, packers, tools and machine learning mechanics for making datasets of packed executables and training machine learning models for the static detection of packing. It aims to support PE, ELF and Mach-O executables and to… Read more

This thesis presents an integrated approach to strengthen software security of Odoo, a popular open-source ERP and CRM system. The approach employs a comprehensive methodology that integrates risk analysis based on the CIA triad, static code analysis using the open-source tool Semgrep, rule… Read more

Executable packing is a well-known problematic especially in the field of malware analysis. It often consists in applying compression or encryption to a binary file and embedding a stub for reversing these transformations at runtime. This way, the packed executable is more difficult to reverse-… Read more

New malware are created every day. However, some are just previously known ones, altered to make them invisible to classifiers. But how can a classifier defend itself against them? Malware mutation tools are developed to help classifiers and to prevent potential malware from accessing a computer… Read more

Tools and techniques for assessing the possibilities and impacts of attacks on IT systems are necessary to ensure the IT systems upon which society depends on continue to operate despite targeted attacks. This reality compels the development of intuitive brainstorming formalisms like attack-… Read more

Software systems are incorporated into various aspects of human society. However, their integration brings a set of challenges, especially when software operates on personal data. The systems must be correct and provide the desired functionality while maintaining privacy and security of personal… Read more

This article presents new contributions for Remote Access Trojan (RAT) analysis using symbolic execution techniques. The first part of the article identifies the challenges in the application of such an analysis, as well as the procedures put in place to address these challenges. The second part… Read more

We design new encryption mechanisms that enable the design of the first universally verifiable voting schemes, supporting both receipt-freeness and everlasting privacy without assuming the existence
of an anonymous channel.
Our schemes support the two most traditional election tallying… Read more

Cyber ranges (CR) have gained attention from researchers and trainees for their virtualization and replication capabilities. The growing focus on improving the user experience~(UX)… Read more

Rule-based systems such as Semgrep are important to detect security breaches by using static code analysis. Taking inspiration from research identifying relationships in energy consumption rules we present a tool (RIT) to enhance rule set development. Our tool allows Semgrep users to check rule… Read more

Mapping behaviors to the features they relate to is a prerequisite for variability-intensive systems (VIS) reverse engineering. Manually providing this whole mapping is labor-intensive. In black-box scenarios, only execution traces are available (e.g., process mining). In our previous work, we… Read more