Section: Partnerships and Cooperations

Regional Initiatives

• Region Bretagne ARED Grant : the PhD of Mourad Leslous on malicious codes in Android applications is supported by a grant from the Région Bretagne.

• Labex COMINLAB contract (2012-2016): “SecCloud” - http://www.seccloud.cominlabs.ueb.eu/ Attacks targeting web browsers constitute a major threat. We tackled in the context of the SecCloud project attacks induced by client-side code execution (javascript, flash or html5). Existing security mechanisms such as os-level access control often are not sufficient to pre- vent client-side browser attacks as the web browser is granted the same privileges as the user. The idea is to monitor information flows within the web browser in order to enforce a security information flow policy. Such a policy should allow to define fine-grained in- formation flow rules between user data and distant web sites. We proposed a new secure information flow control model specifically designed for JavaScript. This study was conducted in cooperation with other Inria Teams (Ascola and Celtique). Deepak Subramanian is doing his PhD in the context of this project.

• Labex COMINLAB contract (2013-2018): “DeSceNt” - http://www.descent.cominlabs.ueb.eu In DeSceNt, we propose to investigate how decentralized home-based networks of plug computers can support personal clouds according to sound architectural principles, mechanisms, and programming abstractions. To fulfill this vision we see three core scientific challenges, which we think must be overcome. The first challenge, decentralized churn-poor design, arises from the nature of plug federations, which show much lower levels of churn than traditional peer-to-peer environments. The second challenge, quasi-causal consistency, is caused by the simultaneous needs to produce a highly scalable environment (potentially numbering millions of users), that also offers collaborative editing capabilities of mutable data-structures (to offer rich social interactions). The third and final challenge, intuitive data structures for plug programming, arises from the need by programmers for intuitive and readily reusable data-structures to rapidly construct rich and robust decentralized personal cloud applications. This study is conducted in cooperation with other teams (GDD Team (University of Nantes), Inria team ASAP)

• Labex COMINLAB contract (2014-2017): “Kharon-Security” - http://kharon.gforge.inria.fr

  Google Play offers more than 800’000 applications (apps), and this number increases every day. Google play users have performed more than 25 billion app downloads. These applications vary from games to music, video, books, tools, etc. Unfortunately, each of these application is an attack vector on Android. The number of malicious applications (pieces of malware) discovered during the first six months of 2013 exceeds the number of pieces of malware discovered during the 2010 to 2012 period, more than 700 thousand malicious and risky applications were found in the wild. In this context, we propose the Kharon-Security project to stem the progression of Android pieces of malware. We propose to combine static and dynamic monitoring to compute a behavioral signature of Android malware. Behavioral signatures are helpful to understand how malware infect the devices and how they spread information in the Android operating system. Static analysis is essential to understand which particular event or callback triggers malware payload.

  In the project we have already developed GroddDroid a tool dedicated to automatic identification and execution of suspicious code. We have also built a dataset of Android malware, it this dataset, all malware are entirely manually reverse and documented. We have also developed an analysis platform. This platform is currently under private deployment.

• Labex COMINLAB contract (2015-2018): “HardBlare-Security” - http://www.hardblare.cominlabs.ueb.eu/

  The general context of the HardBlare project is to address Dynamic Information Flow Control that generally consists in attaching marks to denote the type of information that is saved or generated within the system. These marks are then propagated when the system evolves and information flow control is performed in order to guarantee a safe execution and storage within the system. Existing solutions imply a large overhead induced by the monitoring process. Some attempts rely on a hardware-software approach where DIFC operations are delegated to a coprocessor. Nevertheless, such approaches are based on modified processors. Beyond the fact hardware-assisted DIFC is hardly adopted, existing works do not take care of coprocessor security and multicore/multiprocessor embedded systems.

  We plan to implement DIFC mechanisms on boards including a non-modified ARM processor and a FPGA such as those based on the Xilinx Zynq family. The HardBlare project is a multidisciplinary project between CentraleSupélec IETR SCEE research team, CentraleSupélec Inria CIDRE research team and UBS Lab-STICC laboratory. Mounir Nasr Allah is doing his PhD in the context of this project. The main objective of this PhD is to study how hybrid analysis could improve hardware assisted DIFC using static analysis performed at compile-time. Another objective is to manage labels for persistent memory (i.e., files) using a modified OS kernel.