The need for interoperability with multiple systems and multiple stakeholders is fuelling a trend for increased openness, even for embedded systems. The attendant risks of malicious attack require architectures able to provide adequate protection and analysis techniques for assessing their effectiveness.

Our work at the architecture level focuses on protection against I/O attacks and the use of virtualization and diversification for securing operating system kernels. From the analysis viewpoint, we address the development of experimental methods aimed at the analysis of vulnerabilities and the assessment of security protection mechanisms considering various types of target systems including web based applications, cloud infrastructures and embedded systems for different application domains (avionics, automotive, etc.).

These research topics are complemented by:

  1. the characterization of Internet malicious activities based on the collection and analysis of real-life attack data using high-interaction honeypots [1],
  2. the development of probabilistic modeling approaches aimed at the evaluation of quantitative security metrics to help the system designers in the assessment of vulnerability exploitation risks [2].

[1] V. Nicomette, M.Kaâniche, E. Alata, M. Herrb, "Set-up and Deployment of a High-Interaction Honeypot: Experiment and Lessons Learned", Journal in Computer Virology, Vol. 7, N°2, pp.143-157, 2011.
[2] G. Vache, M. Kaâniche, V. Nicomette, "A Vulnerability Life Cycle-Based Security Modeling and Evaluation Approach", The Computer Journal, Oxford University Press, British Computer Society, vol 56, n°4, pp. 422-439, 2013.


Back to TSF Research Topics page