Section: Bilateral Contracts and Grants with Industry

Bilateral Contracts with Industry

• Thales contract (2014): “Capalid v2”

  This contract consists in validating an intrusion detection strategy in a supervised distributed system. This work relies on the results obtained by Erwan Godefroy in his PhD Thesis: considering the description of an attack and a description of the deployed system (topology, cartography, IDS deployment), we must answer the question: "Is it possible to detect this attack?". This answer consists in determining if it is possible to build a correlation rule that a correlation system can use to detect the attack.

• CS contract (2014-2015): “SecEF”

  The COSCOM contract consists in analyzing current used standards for information security events. Such events following a standardized structure are needed to allow communications between the various security tools, in order to consolidate and correlate information, and for communications between different security response teams, to share information relative to incidents. Examples of such events are IDMEF (Intrusion Detection Message Exchange Format, RFC 4765) or IODEF ( Incident Object Description Exchange Format, RFC 5070). Unfortunately, these two standards are insufficiently deployed on a market still dominated by proprietary formats. The objective of the SecEF (Security Exchange Format) project is thus to propose evolutions of these formats, based on the initial feedback form current users.

• Technicolor contract (2011-2014): “Data Aggregation in Large Scale Systems”

  The theme of this contract focuses on the management of massively distributed data sets. In a nutshell, our goal is to provide a lightweight yet continuous flow of aggregate and relevant data from a very large number of distributed sources to a management system. Collaborative data aggregation are relevant mechanisms that could help in securely providing digests of information. However, an important aspect that we want to preserve is the privacy of the aggregated information. This is of particular interest for Telco operators or software/hardware providers in order to smoothly manage the current state of their deployed platforms, allowing accordingly to develop new applications based on quick reactions/optimizations to identify and handle services inconsistencies.

  This study is conducted in cooperation with the Inria project Dionysos.

• HP contract (2013-2014): “Embedded Systems Security”

  We have initiated a research program in collaboration with HP Labs in the domain of embedded systems security. We aim at researching and prototyping low-level intrusion detection mechanisms in embedded system software. This involves mechanisms in continuation of previous work realized by our team as well as investigating new techniques more directly tied to specific device architectures. Details about this research program cannot be provided as they are covered by a non-disclosure agreement.