Articles

Product Incremental Security Risk Assessment Using DevSecOps Practices
Security risk assessment is often a heavy manual process, making it expensive to perform. DevOps, that aims at improving software quality and speed of delivery, as well as DevSecOps that augments DevOps with the automation of security activities, provide tools and procedures to automate the risk… En savoir plus
Incremental Common Criteria Certification Processes using DevSecOps Practices
The growing digitalisation of our economies and societies is driving the need for increased connectivity of critical applications and infrastructures to the point where failures can lead to important disruptions and consequences to our lives. One growing source of failures for critical… En savoir plus
Analysis of Machine Learning Approaches to Packing Detection
Packing is a widely used obfuscation technique by which malware hides content and behavior. Much research explores how to detect a packed program via such varied approaches as entropy analysis, syntactic signatures, and, more recently, machine learning classifiers using various features. Yet no… En savoir plus
CHAUSSETTE: A Symbolic Verification of Bitcoin Scripts
The Bitcoin protocol relies on scripts written in SCRIPT, a simple Turing-incomplete stack-based language, for locking the money carried over the Bitcoin network. This paper explores the usage of symbolic execution for finding transactions that permit to redeem the money without being the… En savoir plus
Tool Paper - SEMA: Symbolic Execution Toolchain for Malware Analysis
Today, malware threats are more dangerous than ever with thousand of new samples emerging everyday. There exists a wide range of static and dynamic tools to detect malware signatures. Unfortunately, most of those tools are helpless when coming to automatic detection of polymorphic malwares, i.e… En savoir plus
Symbolic analysis meets federated learning to enhance malware identifier
The manual methods to create detection rules are no longer practical in the anti-malware product since the number of malware threats has been growing over past years. Thus, the turn to machine learning approaches is a promising way to make malware recognition more efficient. The traditional… En savoir plus
Malware Analysis with Symbolic Execution and Graph Kernel
Malware analysis techniques are divided into static and dy- namic analysis. Both techniques can be bypassed by circumvention techniques such as obfuscation. In a series of works, the authors have pro- moted the use of symbolic executions combined with machine learning to avoid such traps. Most… En savoir plus
Using LoRaWAN and Wi-Fi for smart city monitoring in Louvain-la-Neuve
The latest advancements in computing and network technologies, more precisely in the topics of the Internet of Things (IoT) and cloud computing, are the drivers of wide and seemingly unlimited possibilities of applications. One of the popular fields of application of those technologies are "… En savoir plus
A Survey of Public IoT Datasets for Network Security Research
Publicly available datasets are an indispensable tool for researchers, as they allow testing new algorithms on a wide range of different scenarios and making scientific experiments verifiable and reproducible. Research in IoT security is no exception. In particular, the design of traffic… En savoir plus