2024

Communications dans un congrès

Romain Cayre, Vincent Nicomette, Guillaume Auriol, Mohamed Kaâniche, Aurélien Francillon. OASIS: An Intrusion Detection System Embedded in Bluetooth Low Energy Controllers. 2024 ACM Asia conference on Computer and Communications Security (ASIACCS)., Jul 2024, Singapore, Singapore. ⟨hal-04488826⟩

2022

Articles dans une revue

Yuxiao Mao, Vincent Migliore, Vincent Nicomette. MATANA: A Reconfigurable Framework for Runtime Attack Detection Based on the Analysis of Microarchitectural Signals. Applied Sciences, 2022, 12 (3), pp.1452. ⟨10.3390/app12031452⟩. ⟨hal-03571995⟩

Rémi Adelin, Cyrius Nugier, Éric Alata, Vincent Nicomette, Vincent Migliore, et al.. Facing Emerging Challenges in Connected Vehicles: A Formally Proven, Legislation Compliant, and Post-Quantum Ready Security Protocol. Journal of Computer Virology and Hacking Techniques, 2022, ⟨10.1007/s11416-022-00426-1⟩. ⟨hal-03756650⟩

Communications dans un congrès

Romain Cayre, Clement Chaine, Guillaume Auriol, Vincent Nicomette, Geraldine Marconato. OASIS: un framework pour la détection d'intrusion embarquée dans les contrôleurs Bluetooth Low Energy. Symposium sur la sécurité des technologies de l'information et des communications (SSTIC 2022), Jun 2022, Rennes, France. ⟨hal-03898224⟩

2021

Articles dans une revue

Pierre-François Gimenez, Jonathan Roux, Eric Alata, Guillaume Auriol, Mohamed Kaâniche, et al.. RIDS: Radio intrusion detection and diagnosis system for wireless communications in smart environment. ACM Transactions on Cyber-Physical Systems, 2021, 5 (3), pp.Article No.: 24. ⟨10.1145/3441458⟩. ⟨hal-03123925⟩

Communications dans un congrès

Ahmed Aboukora, Guillaume Bonnet, Florent Galtier, Romain Cayre, Vincent Nicomette, et al.. A defensive man-in-middle approach to filter BLE packets. 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Jun 2021, Abou Dhabi (virtual), United Arab Emirates. ⟨10.1145/3448300.3468259⟩. ⟨hal-03560107⟩

Romain Cayre, Florent Galtier, Guillaume Auriol, Vincent Nicomette, Mohamed Kaâniche, et al.. WazaBee: attacking Zigbee networks by diverting Bluetooth Low Energy chips. IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2021), Jun 2021, Taipei (virtual), Taiwan. ⟨10.1109/DSN48987.2021.00049⟩. ⟨hal-03193299⟩

Romain Cayre, Florent Galtier, Guillaume Auriol, Vincent Nicomette, Mohamed Kaâniche, et al.. InjectaBLE : injection de trafic malveillant dans une connexion Bluetooth Low Energy. Symposium sur la sécurité des technologies de l'information et des communications (SSTIC 2021), Jun 2021, Rennes (en ligne), France. ⟨hal-03221143⟩

Romain Cayre, Florent Galtier, Guillaume Auriol, Vincent Nicomette, Mohamed Kaâniche, et al.. InjectaBLE: Injecting malicious traffic into established Bluetooth Low Energy connections. IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2021), Jun 2021, Taipei (virtual), Taiwan. ⟨10.1109/DSN48987.2021.00050⟩. ⟨hal-03193297v2⟩

Romain Cayre, Géraldine Marconato, Florent Galtier, Mohamed Kaâniche, Vincent Nicomette, et al.. Cross-protocol attacks: weaponizing a smartphone by diverting its Bluetooth controller. 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Jun 2021, Abu Dhabi, United Arab Emirates. ⟨10.1145/3448300.3468258⟩. ⟨hal-03355664⟩

2020

Communications dans un congrès

Rémi Adelin, Eric Alata, Vincent Migliore, Vincent Nicomette. A user privacy-centric access control policy of data for intelligent transportation systems. Embedded Real Time Systems (ERTS), Jan 2020, Toulouse, France. ⟨hal-03139783⟩

Aliénor Damien, Pierre-François Gimenez, Nathalie Feyt, Vincent Nicomette, Mohamed Kaâniche, et al.. On-board Diagnosis: A First Step from Detection to Prevention of Intrusions on Avionics Applications. 2020 IEEE 31st International Symposium on Software Reliability Engineering (ISSRE), Oct 2020, Coimbra, Portugal. pp.358-368, ⟨10.1109/ISSRE5003.2020.00041⟩. ⟨hal-03094215⟩

Florent Galtier, Romain Cayre, Guillaume Auriol, Mohamed Kaâniche, Vincent Nicomette. A PSD-based fingerprinting approach to detect IoT device spoofing. 25th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2020), Dec 2020, Perth, Australia. ⟨10.1109/PRDC50213.2020.00015⟩. ⟨hal-02962655⟩

Yuxiao Mao, Vincent Migliore, Vincent Nicomette. Reconfigurable Hardware for Microarchitectural Timing Attacks Detection. Rendez-vous de la Recherche et de l'Enseignement de la Sécurité des Systèmes d'Information (RESSI 2020), Dec 2020, online, France. ⟨hal-03138649⟩

Malcolm Bourdon, Eric Alata, Mohamed Kaâniche, Vincent Migliore, Vincent Nicomette, et al.. Anomaly detection using hardware performance counters on a large scale deployment. 10th European Congress Embedded Real Time Systems (ERTS 2020), Jan 2020, Toulouse, France. ⟨hal-03328254⟩

Malcolm Bourdon, Pierre-François Gimenez, Eric Alata, Mohamed Kaâniche, Vincent Migliore, et al.. Hardware-Performance-Counters-based anomaly detection in massively deployed smart industrial devices. 19th IEEE International Symposium on Network Computing and Applications (NCA 2020), Nov 2020, Cambridge, MA, United States. ⟨10.1109/NCA51143.2020.9306726⟩. ⟨hal-03328251⟩

Yuxiao Mao, Vincent Migliore, Vincent Nicomette. REHAD: Using Low-Frequency Reconfigurable Hardware for Cache Side-Channel Attacks Detection. 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), Sep 2020, Genova, Italy. ⟨10.1109/EuroS&PW51379.2020.00100⟩. ⟨hal-02949624⟩

Romain Cayre, Florent Galtier, Guillaume Auriol, Vincent Nicomette, Geraldine Marconato. WazaBee : attaque de réseaux Zigbee par détournement de puces Bluetooth Low Energy. Symposium sur la Sécurité des Technologies de l'Information et des Communications (SSTIC 2020), Jun 2020, Rennes, France. ⟨hal-02778262⟩

Autres documents

Rémi Adelin, Eric Alata, Vincent Migliore, Vincent Nicomette. A user privacy-centric access control policy of data for intelligent transportation systems. Embedded Real Time Systems (ERTS), Jan 2020, Toulouse, France. 2020. ⟨hal-03756930⟩

2019

Articles dans une revue

Erwan Beguin, Solal Besnard, Adrien Cros, Barbara Joannes, Ombeline Leclerc-Istria, et al.. Computer-Security-Oriented Escape Room. IEEE Security and Privacy Magazine, 2019, 17 (4), pp.78-83. ⟨10.1109/MSEC.2019.2912700⟩. ⟨hal-02297796⟩

Yann Bachy, Vincent Nicomette, Mohamed Kaâniche, Eric Alata. Smart-TV security: risk analysis and experiments on Smart-TV communication channels. Journal of Computer Virology and Hacking Techniques, 2019, 15 (1), pp.61-76. ⟨10.1007/s11416-018-0320-3⟩. ⟨hal-01761974⟩

Communications dans un congrès

Rémi Adelin, Eric Alata, Vincent Migliore, Vincent Nicomette. Une politique de contrôle d'accès à grains fins aux données pour les systèmes de transport intelligents. Rendez-vous de la Recherche et de l'Enseignement de la Sécurité des Systèmes d'Information (RESSI), May 2019, Erquy, France. ⟨hal-03139756⟩

Aliénor Damien, Michael Marcourt, Vincent Nicomette, Eric Alata, Mohamed Kaâniche. Implementation of a Host-Based Intrusion Detection System for Avionic Applications. 2019 IEEE 24th Pacific Rim International Symposium on Dependable Computing (PRDC), Dec 2019, Kyoto, Japan. pp.178-17809, ⟨10.1109/PRDC47002.2019.00048⟩. ⟨hal-03094199⟩

Romain Cayre, Jonathan Roux, Eric Alata, Vincent Nicomette, Guillaume Auriol. Mirage : un framework offensif pour l'audit du Bluetooth Low Energy. Symposium sur la Sécurité des Technologies de l'Information et des Communications (SSTIC 2019), Jun 2019, Rennes, France. pp.229-258. ⟨hal-02268774⟩

Romain Cayre, Vincent Nicomette, Guillaume Auriol, Eric Alata, Mohamed Kaâniche, et al.. Mirage: towards a Metasploit-like framework for IoT. 2019 IEEE 30th International Symposium on Software Reliability Engineering (ISSRE), Oct 2019, Berlin, Germany. ⟨hal-02346074⟩

Aliénor Damien, Nathalie Feyt, Vincent Nicomette, Eric Alata, Mohamed Kaâniche. Attack Injection into Avionic Systems through Application Code Mutation. 2019 IEEE/AIAA 38th Digital Avionics Systems Conference (DASC), Sep 2019, San Diego, United States. pp.1-8, ⟨10.1109/DASC43569.2019.9081616⟩. ⟨hal-03094185⟩

Autres documents

Rémi Adelin, Eric Alata, Vincent Migliore, Vincent Nicomette. Une politique de contrôle d'accès à grains fins aux données pour les systèmes de transport intelligents. Rendez-vous de la Recherche et de l'Enseignement de la Sécurité des Systèmes d'Information (RESSI), May 2019, Erquy, France. 2019. ⟨hal-03756890⟩

2018

Articles dans une revue

Benoît Morgan, Eric Alata, Vincent Nicomette, Mohamed Kaâniche. IOMMU protection against I/O attacks: A vulnerability and a proof-of-concept. Journal of the Brazilian Computer Society, 2018, 24, pp.Article number: 2. ⟨10.1186/s13173-017-0066-7⟩. ⟨hal-02877143⟩

Ivan Studnia, Eric Alata, Vincent Nicomette, Mohamed Kaâniche, Youssef Laarouchi. A language-based intrusion detection approach for automotive embedded networks. International Journal of Embedded Systems, 2018, 10 (1), ⟨10.1504/IJES.2018.10010488⟩. ⟨hal-01803432⟩

Julien Duchene, Colas Le Guernic, Eric Alata, Vincent Nicomette, Mohamed Kaâniche. State of the art of network protocol reverse engineering tools. Journal of Computer Virology and Hacking Techniques, 2018, 14 (1), pp.53-68. ⟨10.1007/s11416-016-0289-8⟩. ⟨hal-01496958⟩

Communications dans un congrès

Guillaume Averlant, Eric Alata, Mohamed Kaâniche, Vincent Nicomette, Yuxiao Mao. SAAC: Secure Android Application Context a Runtime Based Policy and its Architecture. IEEE 17th International Symposium on Network Computing and Applications (NCA 2018), Nov 2018, Cambridge, MA, United States. ⟨10.1109/NCA.2018.8548343⟩. ⟨hal-01982589⟩

Julien Duchene, Eric Alata, Vincent Nicomette, Mohamed Kaâniche, Colas Le Guernic. Specification-Based Protocol Obfuscation. DSN 2018 - 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, Jun 2018, Luxembourg City, Luxembourg. pp.1-12, ⟨10.1109/DSN.2018.00056⟩. ⟨hal-01848573⟩

Jonathan Roux, Eric Alata, Guillaume Auriol, Mohamed Kaâniche, Vincent Nicomette, et al.. RadIoT: Radio Communications Intrusion Detection for IoT - A Protocol Independent Approach. 17th IEEE International Symposium on Network Computing and Applications (NCA 2018), Nov 2018, Cambridge, Massachusetts, United States. 8p. ⟨hal-01914981⟩

Aliénor Damien, Marc Fumey, Eric Alata, Mohamed Kaâniche, Vincent Nicomette. Anomaly based Intrusion Detection for an Avionic Embedded System. Aerospace Systems and Technology Conference (ASTC-2018), Nov 2018, Londres, United Kingdom. ⟨hal-01967646⟩

2017

Communications dans un congrès

Jonathan Roux, Eric Alata, Guillaume Auriol, Vincent Nicomette, Mohamed Kaâniche. Toward an Intrusion Detection Approach for IoT based on Radio Communications Profiling. 13th European Dependable Computing Conference, Sep 2017, Geneva, Switzerland. 4p. ⟨hal-01561710⟩

Guillaume Averlant, Benoît Morgan, Eric Alata, Vincent Nicomette, Mohamed Kaâniche. An abstraction model and a comparative analysis of Intel and ARM hardware isolation mechanisms. The 22nd IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2017), Jan 2017, Christchurch, New Zealand. ⟨hal-01493597⟩

Julien Duchene, Colas Le Guernic, Eric Alata, Vincent Nicomette, Mohamed Kaâniche. Protocol reverse engineering: Challenges and obfuscation. The 11th International Conference on Risks and Security of Internet and Systems - CRiSIS 2016, Sep 2016, Roscoff, France. ⟨10.1007/978-3-319-54876-0_11⟩. ⟨hal-01388060⟩

2016

Articles dans une revue

Julien Duchene, Colas Le Guernic, Eric Alata, Vincent Nicomette, Mohamed Kaâniche. Outils pour la rétro-conception de protocoles : Analyse et classification. Revue des Sciences et Technologies de l'Information - Série TSI : Technique et Science Informatiques, 2016, 35 (6), pp.609-640. ⟨10.3166/tsi.35.609-640⟩. ⟨hal-01864298⟩

Communications dans un congrès

Benoît Morgan, Eric Alata, Vincent Nicomette, Mohamed Kaâniche. Bypassing IOMMU Protection against I/O Attacks. 7th Latin-American Symposium on Dependable Computing (LADC’16), Oct 2016, Cali, Colombia. pp.145-150, ⟨10.1109/LADC.2016.31⟩. ⟨hal-01419962⟩

Benoît Morgan, Guillaume Averlant, Eric Alata, Vincent Nicomette. Bypassing DMA Remapping with DMA. Symposium sur le Sécurité des Technologies de l'Informatino et des Communications, Jun 2016, Rennes, France. 9p. ⟨hal-01322881⟩

2015

Communications dans un congrès

Yann Bachy, Frédéric Basse, Vincent Nicomette, Eric Alata, Mohamed Kaâniche, et al.. Smart-TV security analysis: practical experiments. International Conference on Dependable Systems and Networks, Jun 2015, Rio de Janeiro, Brazil. ⟨hal-01178553⟩

Ivan Studnia, Eric Alata, Vincent Nicomette, Mohamed Kaâniche, Youssef Laarouchi. A language-based intrusion detection approach for automotive embedded networks. IEEE Pacific Rim International Symposium on Dependable Computing ( PRDC ), Nov 2015, Zhangjiajie, China. ⟨hal-01967640⟩

Yann Bachy, Vincent Nicomette, Eric Alata, Mohamed Kaâniche, Jean-Christophe Courrège, et al.. Protocole HbbTV et sécurité : quelques expérimentations. Symposium sur la sécurité des technologies de l’information et des communications, Jun 2015, Rennes, France. ⟨hal-01178550⟩

Yann Bachy, Vincent Nicomette, Eric Alata, Mohamed Kaâniche, Jean-Christophe Courrège. Security of ISP Access Networks: practical experiments. 11th European Dependable Computing Conference - Dependability in Practice (EDCC 2015), Sep 2015, Paris, France. ⟨hal-01190054⟩

Thibaut Probst, Eric Alata, Mohamed Kaâniche, Vincent Nicomette. Automated Evaluation of Network Intrusion Detection Systems in IaaS Clouds. 11th European Dependable Computing Conference (EDCC 2015), Sep 2015, Paris, France. ⟨hal-01212064⟩

Benoît Morgan, Eric Alata, Vincent Nicomette, Guillaume Averlant. Abyme : un voyage au coeur des hyperviseurs récursifs. Symposium sur la Sécurité des Technologies de l'Information et des Communications (SSTIC), Jun 2015, Rennes, France. 29p. ⟨hal-01322880⟩

Benoît Morgan, Eric Alata, Vincent Nicomette, Mohamed Kaâniche, Guillaume Averlant. Design and Implementation of a Hardware Assisted Security Architecture for Software Integrity Monitoring. The 21st IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2015), Nov 2015, Zhangjiajie, China. 10p., ⟨10.1109/PRDC.2015.46⟩. ⟨hal-01322882⟩

2014

Articles dans une revue

Rim Akrout, Eric Alata, Mohamed Kaâniche, Vincent Nicomette. An automated black box approach for web vulnerability identification and attack scenario generation. Journal of the Brazilian Computer Society, 2014, 20 (1), pp.1--16. ⟨10.1186/1678-4804-20-4⟩. ⟨hal-00985670⟩

Rim Akrout, Eric Alata, Mohamed Kaâniche, Vincent Nicomette. Identification de vulnérabilités Web et génération de scénarios d'attaque. Revue des Sciences et Technologies de l'Information - Série TSI : Technique et Science Informatiques, 2014, 33 (9-10), pp.809-840. ⟨10.3166/tsi.33.809-840⟩. ⟨hal-01967638⟩

Yann Bachy, Vincent Nicomette, Eric Alata, Mohamed Kaâniche, Jean-Christophe Courrège. La sécurité des box ADSL. Analyse de risques et expérimentations. Revue des Sciences et Technologies de l'Information - Série ISI : Ingénierie des Systèmes d'Information, 2014, 19 (6), pp.63-88. ⟨10.3166/isi.19.6.63-88⟩. ⟨hal-01178546⟩

Romaric Ludinard, Eric Totel, Frédéric Tronel, Vincent Nicomette, Mohamed Kaâniche, et al.. An Invariant-based Approach for Detecting Attacks against Data in Web Applications. International journal of secure software engineering, 2014, 5 (1), pp.19-38. ⟨10.4018/ijsse.2014010102⟩. ⟨hal-01083296⟩

Communications dans un congrès

Benoît Morgan, Eric Alata, Vincent Nicomette. Tests d’intégrité d’hyperviseurs de machines virtuelles à distance et assisté par le matériel. Symposium sur la sécurité des technologies de l'information et des communications, Jun 2014, Rennes, France. ⟨hal-01493450⟩

Thibaut Probst, Eric Alata, Mohamed Kaâniche, Vincent Nicomette. An Approach for the Automated Analysis of Network Access Controls in Cloud Computing Infrastructures. 8th International Conference on Network and System Security (NSS 2014), Oct 2014, Xi'an, China. pp.1-14, ⟨10.1007/978-3-319-11698-3_1⟩. ⟨hal-01176045⟩

Yann Bachy, Vincent Nicomette, Eric Alata, Yves Deswarte, Mohamed Kaâniche, et al.. Analyse de sécurité des box ADSL. Symposium sur la sécurité des technologies de l’information et des communications, Jun 2014, Rennes, France. ⟨hal-01178496⟩