Retour au site du LAAS-CNRS

Laboratoire d’analyse et d’architecture des systèmes

Publications de l'équipe TSF

Choisir la langue : FR | EN

1485documents trouvés

10042
01/02/2019

Dependability modeling and evaluation of an automated highway system

O.HAMOUDA, M.KAANICHE, K.KANOUN

TSF

Manifestation avec acte : European Dependable Computing Conference ( EDCC ) 2008 du 07 mai au 09 mai 2008, Kaunas (Lithuanie), Février 2019 , N° 10042

Lien : http://hal.archives-ouvertes.fr/hal-00453026/fr/

Diffusable

146373
18547
20/12/2018

Développement et évaluation d'obsfucations de protocoles basées sur la spécification

J.DUCHENE

TSF

Doctorat : INSA de Toulouse, 20 Décembre 2018, 165p., Président: M.KAANICHE, Rapporteurs: M.L.POTET, J.Y.MARION, Examinateurs: S.ZENNOU, G.BOSSERT, C.LE GUERNIC, Directeurs de thèse: V.NICOMETTE, E.ALATA , N° 18547

Lien : https://hal.laas.fr/tel-02018873

Diffusable

Plus d'informations

Abstract

There are more and more protocols. Many of them have their specification available for interoperability purpose for instance. However, when it comes to intellectual property, this specification is kept secret. Attackers might use a wrongly implemented protocol to compromise a system, if he has access to the specification, it’s attack would be far more efficient. Even if he does not have access to the specification, he can reverse-engine it. Thus, create protocols hard to reverse is interesting. In this thesis, we develop a novel approach of protocol protections to make protocol reverse engineering more complex. We apply some obfuscations on protocol message format, furthermore, we do it automatically from the original protocol specification. Firstly, we have analyzed more than 30 different contributions of protocol reverse engineering tools. We retrieved the following elements : 1) Protocol reverse engineering tools try to infer regular models ; 2) They suppose that the parsing is done from left to right ; 3) They delimit fields based on well-known delimiters or with ad-hoc techniques ; 4) They cluster messages based on pattern similarity measures. Thus, to make protocol reverse harder, one can create protocols which does not respect theses statements. Secondly, we have proposed a model of message format on which obfuscations can be applied. With this model, we also provide some atomic obfuscations which can be composed. Each obfuscation target one or more protocol reverse engineering hypothesis. Obfuscation composition ensures effectiveness of our solution and makes protocol reverse-engineering more complex. This model is used to automatically generate code for parser, serializer and accessors. This solution is implemented into a framework we called ProtoObf. ProtoObf is used to evaluate obfuscations performance. Results show an increase of protocol complexity with the number of obfuscation composition while costs (particularly the serialized buffer size) stay low.

Résumé

Il existe de plus en plus de protocoles de communications différents. La spécification de beaucoup d’entre eux est disponible. Cependant, quand il s’agit de moyens de communication propriétaires, cette spécification est gardée secrète : un attaquant qui aurait accès à cette spécification pourrait compromettre un système utilisant ce protocole. Même s’il n’a pas accès à cette spécification, l’attaquant peut l’obtenir par rétro-conception. Ainsi, il est intéressant de créer des protocoles qui sont difficiles à rétro-concevoir. Dans cette thèse, nous proposons une nouvelle approche spécifiquement développée pour rendre complexe la rétro-conception de protocole. Nous appliquons pour cela des obfuscations au format du message et ceci de façon automatique à partir de la spécification du protocole. Pour cela, nous avons dans un premier temps étudié plus de 30 contributions différentes concernant des outils de rétro-conception de protocole et en avons tiré des conclusions suivantes : 1) les outils de rétro-conception de protocole pratiquent l’inférence de modèles réguliers ; 2) ils supposent que le parsing d’un message s’effectue de gauche à droite ; 3) ils délimitent le message en champs d’après des délimiteurs bien connus ou via des algorithmes ad-hoc ; 4) ils regroupent les messages d’après des mesures de similarité sur des patterns. Ainsi, pour créer un protocole difficile à rétro-concevoir, une solution est de s’assurer que le protocole ne respecte pas ces conditions. Dans un second temps, nous avons donc proposé un modèle de format de messages qui permet l’application d’obfuscations. Nous avons défini des obfuscations atomiques qui peuvent être composées. Chacune de ces obfuscations cible une ou plusieurs des hypothèses des outils de rétro-conception. La composition des obfuscations assure l’efficacité de notre solution et rend la rétro-conception de protocole complexe. Ce modèle est utilisé pour générer automatiquement le code du parseur, du sérialiseur et des accesseurs. Cette solution est implémentée dans un prototype nommé ProtoObf grâce auquel nous avons pu évalué les performances des obfuscations. Les résultats montrent une nette augmentation de la complexité de la rétro-conception avec le nombre de compositions d’obfuscation tandis que les coûts induits (particulièrement la taille du buffer sérialisé) restent bas.

Mots-Clés / Keywords
Sécurité; Protocoles; Rétro-conception; Obfuscations; Spécification de protocoles; Security; Protocols; Reverse-Engineering; Protocol specification;

146433
17460
01/12/2018

Modelling confidence in railway safety case

R.WANG, J.GUIOCHET, G.MOTET, W.SCHON

TSF, UTC

Revue Scientifique : Safety Science, Vol.110 Part B, pp.286-299, Décembre 2018, https://doi.org/10.1016/j.ssci.2017.11.012 , N° 17460

Lien : https://hal.archives-ouvertes.fr/hal-01661045

Diffusable

Plus d'informations

Abstract

Railway standard EN50129 clarifies the safety acceptance conditions of safety-related electronic systems for signalling. It requires using a structured argumentation, named Safety Case, to present the fulfilment of these conditions. As guidance for building the Safety Case, this standard provides the structure of high-level safety objectives and the recommendations of development techniques according to different Safety Integrity Levels (SIL). Nevertheless, the rationale connecting these techniques to the high-level safety objectives is not explicit. The proposed techniques stem from experts belief in the effectiveness and efficiency of these techniques to achieve the underlying safety objectives. So, how should one formalize and assess this belief? And as a result how much confidence can we have in the safety of railway systems when these standards are used? To deal with these questions, the paper successively addresses two aspects: 1) making explicit the safety assurance rationale by modelling the Safety Case with GSN (Goal Structuring Notation) according to EN5012x standards ; 2) proposing a quantitative framework based on Dempster-Shafer theory to formalize and assessing the confidence in the Safety Case. A survey amongst safety experts is carried out to estimate the confidence parameters. With these results, an application guidance of this framework is provided based on the Wheel Slide Protection (WSP) system.

141833
18597
01/12/2018

Load-Optimal Local Fast Rerouting for Dense Networks

M.BOROKOVICH, Y.A.PIGNOLET, S.SCHMID, G.TREDAN

AT&T, ABB CRC, Switzerland, AAU, TSF

Revue Scientifique : IEEE/ACM Transactions on Networking (TON), Vol.26, N°6, pp.2583-2597, Décembre 2018 , N° 18597

Lien : https://hal.laas.fr/hal-02043798

Diffusable

Plus d'informations

Abstract

Reliable and highly available computer networks must implement resilient fast rerouting mechanisms: upon a link or node failure, an alternative route is determined quickly, without involving the network control plane. Designing such fast failover mechanisms capable of dealing with multiple concurrent failures however is challenging, as failover rules need to be installed proactively, i.e., ahead of time, without knowledge of the actual failures happening at runtime. Indeed, only little is known today about the design of resilient routing algorithms. This paper introduces a general framework to reason about and design local failover algorithms which minimize the resulting load after failover on dense networks, beyond destination-based routing. We show that due to the inherent locality of the failover decisions at runtime, the problem is fundamentally related to the field of distributed algorithms without coordination. We derive an intriguing lower bound on the inherent network load overhead any local fast failover scheme will introduce in the worst-case, even though globally seen, much more balanced traffic allocations exist. We then present different randomized and deterministic failover algorithms and analyze their overhead load. In particular, we build upon the theory of combinatorial designs and develop a novel deterministic failover mechanism based on symmetric block design theory which tolerates a maximal number of link failures while ensuring low loads.

146875
18508
08/11/2018

Anomaly based Intrusion Detection for an Avionic Embedded System

A.DAMIEN, M.FUMEY, M.KAANICHE, V.NICOMETTE

TSF, Thales, Thales Avionics

Manifestation avec acte : Aerospace Systems and Technology Conference ( ASTC ) 2018 du 06 novembre au 08 novembre 2018, Londres (UK), Novembre 2018, 11p. , N° 18508

Lien : https://hal.laas.fr/hal-01967646

Diffusable

Plus d'informations

Abstract

This paper firstly describes the challenges raised by the introduction of Intrusion Detection Systems (IDS) in avionic systems. In particular, we discuss some specific characteristics of such systems and the advantages and limitations of signature-based and anomaly-based techniques in an avionics context. Based on this analysis, a framework is proposed to integrate a Host-based Intrusion Detection System (HIDS) in the general Integrated Modular Avionics (IMA) development process, which fits avionic systems constraints. The proposed HIDS architecture is composed of three modules: anomaly detection, attack confirmation, and alert sending. To demonstrate the efficiency of this HIDS, an attack injection module has also been developed. The overall approach is implemented on an IMA platform running a cockpit display function, to be representative of embedded avionic systems.

146135
18567
03/11/2018

SAAC: Secure Android Application Context a Runtime Based Policy and its Architecture

G.AVERLANT, E.ALATA, M.KAANICHE, V.NICOMETTE, MYMAO

TSF

Manifestation avec acte : IEEE International Symposium on Network Computing and Applications ( NCA ) 2018 du 01 novembre au 03 novembre 2018, Cambridge (USA), Novembre 2018 , N° 18567

Lien : https://hal.laas.fr/hal-01982589

Diffusable

Plus d'informations

Abstract

A smartphone runtime environment consists of multiple entities with different goals and scope. Indeed, critical applications such as banking applications that make contactless payments, share the same environment with other applications of varying levels of trust. This paper presents a novel approach allowing a standard Android user to launch its applications in a configurable secure execution context. The security rules defined for each application are enforced by a dedicated security architecture implemented in several parts of the Android ecosystem. A performance assessment of the solution is also provided.

146606
18359
03/11/2018

RadIoT: Radio Communications Intrusion Detection for IoT - A Protocol Independent Approach

J.ROUX, E.ALATA, G.AURIOL, M.KAANICHE, V.NICOMETTE, CCAYRE

TSF

Manifestation avec acte : IEEE International Symposium on Network Computing and Applications ( NCA ) 2018 du 01 novembre au 03 novembre 2018, Cambridge (USA), Novembre 2018 , N° 18359

Lien : https://hal.laas.fr/hal-01914981

Diffusable

Plus d'informations

Abstract

Internet-of-Things (IoT) devices are nowadays massively integrated in daily life: homes, factories, or public places. This technology offers attractive services to improve the quality of life as well as new economic markets through the exploitation of the collected data. However, these connected objects have also become attractive targets for attackers because their current security design is often weak or flawed, as illustrated by several vulnerabilities such as Mirai, Blueborne, etc. This paper presents a novel approach for detecting intrusions in smart spaces such as smarthomes, or smartfactories, that is based on the monitoring and profiling of radio communications at the physical layer using machine learning techniques. The approach is designed to be independent of the large and heterogeneous set of wireless communication protocols typically implemented by connected objects such as WiFi, Bluetooth, Zigbee, Bluetooth-Low-Energy (BLE) or proprietary communication protocols. The main concepts of the proposed approach are presented together with an experimental case study illustrating its feasibility based on data collected during the deployment of the intrusion detection approach in a smart home under real-life conditions.

145118
18270
20/08/2018

Evaluating the Impact of Traffic Sampling on AATAC's DDoS Detection

G.ROUDIERE, P.OWEZARSKI

TSF, SARA

Manifestation avec acte : Workshop on Traffic Measurements for Cybersecurity ( WTMC ) 2018 du 20 août au 20 août 2018, Budapest (Hongrie), Août 2018, pp.27-32 , N° 18270

Lien : https://hal.laas.fr/hal-01862765

Diffusable

Plus d'informations

Abstract

As Distributed Denial of Service (DDoS) attack are still a severe threat for the Internet stakeholders, they should be detected with efficient tools meeting industrial requirements. In a previous paper, we introduced the AATAC detector, which showed its ability to accurately detect DDoS attacks in real time on full traffic, while being able to cope with the several constraints due to an industrial operation. However, in a realistic scenario, network monitoring is done using sampled traffic. Such sampling may impact the detection accuracy or the pertinence of produced results. Consequently, in this paper, we evaluate AATAC over sampled traffic. We use five different count-based or time-based sampling techniques, and show that AATAC's resources consumption is in general greatly reduced with little to no impact on the detection accuracy. Obtained results are succinctly compared with those from FastNetMon, an open-source threshold-based DDoS detector.

144579
18617
01/08/2018

Addressing scalable, optimal and secure communications over LoRa networks: challenges and research directions

N.ACCETTURA, E.ALATA, P.BERTHOU, D.DRAGOMIRESCU, T.MONTEIL

SARA, TSF, MINC

Revue Scientifique : Internet Technology Letters, Vol.1, N°4, e54p., Août 2018 , N° 18617

Lien : https://hal.laas.fr/hal-02063758

Diffusable

Plus d'informations

Abstract

The Internet of Things (IoT) enables large scale deployments of very low power devices connected through wireless lossy links and able to interact with the surrounding environment (sensing and actuation). Two main challenges are then present: make them communicate; handle their energy consumption while respecting some cost constraints. Low Power Wide Area Networks (LPWANs) tackle these challenges by offering long-distance coverage while guaranteeing the use of a very little amount of energy for communications. Among many LPWAN technologies, Long Range (LoRa) networks provide a very promising but incomplete basis for satisfying the needs expressed by the applications running on low power devices. This paper describes the LoRa technology from the architectural point of view and points out those aspects that permit its seamless integration into the IoT. As major contribution , a focus on the current and future research on LoRa networks is provided by inspecting three facets: scalability, Quality of Service and security.

147075
18030
28/07/2018

Malware Detection in PDF Files Using Machine Learning

B.CUAN, A.DAMIEN, C.DELAPLACE, M.VALOIS

INSA Lyon, TSF, CRIStAL, GREYC

Manifestation avec acte : International Conference on Security and Cryptography ( SECRYPT ) 2018 du 26 juillet au 28 juillet 2018, Porto (Portugal), Juillet 2018, 16p. , N° 18030

Lien : https://hal.archives-ouvertes.fr/hal-01704766

Diffusable

Plus d'informations

Abstract

In this report we present how we used machine learning techniques to detect malicious behaviours in PDF files. At this aim, we first set up a SVM (Support Machine Vector) classifier that was able to detect 99.7% of malware. However, this classifier was easy to lure with malicious PDF, we forged to make them look like clean ones. We first proposed a very naive attack, that was easily stopped by the establishment of a threshold. We also implemented a gradientdescent attack to evade this SVM. This attack was almost 100% successful. In order to fix this problem, we provided counter-measures to the latter attack. A more elaborated features selection, and the use of a threshold, allowed us to stop up to 99.99% of these attacks. Finally, using adversarial learning techniques, we were able to prevent gradient descent attacks by iteratively feeding the SVM with malicious forged PDF. We found that after 3 iterations, every gradient-descent forged PDF were detected, completely preventing the attack.

144536
Les informations recueillies font l’objet d’un traitement informatique destiné à des statistiques d'utilisation du formulaire de recherche dans la base de données des publications scientifiques. Les destinataires des données sont : le service de documentation du LAAS.Conformément à la loi « informatique et libertés » du 6 janvier 1978 modifiée en 2004, vous bénéficiez d’un droit d’accès et de rectification aux informations qui vous concernent, que vous pouvez exercer en vous adressant à
Pour recevoir une copie des documents, contacter doc@laas.fr en mentionnant le n° de rapport LAAS et votre adresse postale. Signalez tout problème de dysfonctionnement à sysadmin@laas.fr. http://www.laas.fr/pulman/pulman-isens/web/app.php/