Frédéric Cuppens

Polytechnique Montréal · Department of Computer Science and Software Engineering

Increasingly, the computer networks supporting the operations of organizations face a higher quantity and sophistication of cyber-incidents. Due to the evolving complexity of these attacks, detection alone is not enough and there is a need for automatic attacker attribution. This task is currently done by network administrators, making it slow, cos...

Attack graphs provide a representation of possible actions that adversaries can perpetrate to attack a system. They are used by cybersecurity experts to make decisions, e.g., to decide remediation and recovery plans. Different approaches can be used to build such graphs. We focus on logical attack graphs, based on predicate logic, to define the cau...

Aim: Data anonymization aims to enable data publishing without compromising the individuals’ privacy. The reidentification and sensitive information inference risks of a dataset are important factors in the decision-making process for the techniques and the parameters of the anonymization process. If correctly assessed, measuring the reidentificati...

This paper is about the estimation of the cyber-resilience of Cyber-Physical Systems (CPS). We define two new resilience estimation metrics: k-steerability and ℓ-monitorability. They aim at assisting designers to evaluate and increase the cyber-resilience of CPS when facing stealthy attacks. The k-steerability metric reflects the ability of a contr...

Network Function Virtualization (NFV) is introduced as a new methodology that offers several advantages such as the optimization of the resources and the improvement of network efficiency and performance. However, potential security issues are an important obstacle for a wide adoption of NFV. To reduce the risk of these security issues, the communi...

The a posteriori access control is being more and more deployed especially in environments where more flexibility is needed when requesting access to information resources. To check if the security rules are being respected; this kind of access control relies on a monitoring process based on logs. It is thus fundamental to have a comprehensive anal...

Aim: Resilience is discussed among researchers and practitioners for several decades, but its definition has been questioned even recently and many methods are proposed to evaluate the resilience of systems. This paper presents a review of historic and recent research articles that define and/or propose a way to measure resilience of systems. Met...

Pattern matching is one of the most fundamental and important paradigms in several application domains such as digital forensics, cyber threat intelligence, or genomic and medical data analysis. While it is a straightforward operation when performed on plaintext data, it becomes a challenging task when the privacy of both the analyzed data and the...

Wireless communication is a key technology for the Internet of Things (IoT). Due to its open nature, the physical layer of wireless systems is a high-priority target for an adversary whose goal is to disrupt the normal behavior of the system. In particular, jamming attacks are one of the most straightforward and effective types of attacks: informat...

Context: Internet of Things (IoT) systems are increasingly deployed in the real world, but their security lags behind the state of the art of non-IoT systems. Moving Target Defense (MTD) is a cyberdefense paradigm, successfully implemented in conventional systems, that could improve IoT security. Objective: Identify and synthesize existing MTD tech...

The race for implementing communication services over 5G has already begun. For this, network coverage is needed and resource sharing is a way to achieve it. Therefore, each provider enforces its own security requirements. Under this scenario, it is necessary to consider security access mechanisms and policy rules, to regulate how interconnections...

The a posteriori access control is a flexible type of access control in which policy violations are deterred by applying accountability. However, the definition of the accountability process is frequently underestimated, as the auditors usually pay more attention to detecting violations. In this paper, we define accountability as a requirement and...

Network Slicing is one of the cornerstones for network operators to provide communication services. It is envisioned that in order to provide richer communication services, network slices need to be connected to each other in an orderly fashion, interlacing their functionalities. The challenge is to manage inter-slice communication securely, levera...

NFV is an important innovation in networking. It has many advantages such as saving investment cost, optimizing resource consumption, improving operational efficiency and simplifying network service lifecycle management. NFV environments introduce new security challenges and issues since new types of threats and vulnerabilities are inevitably intro...

Network Slicing is one of the cornerstones for network operators to provide communication services. It is envisioned that in order to provide richer communication services, network slices need to be connected to each other in an orderly fashion, interlacing their functionalities. The challenge is to manage inter-slice communication securely, levera...

The realization of communication services over 5G needs resource sharing as a way to achieve network coverage. To do so, it is necessary to consider security access mechanisms to regulate how interconnections are made. The existing models do not address all the needs inherent to the 5G architecture, such as access control mechanisms, multi-tenancy,...

Deontic logic (from Ancient Greek déon, what is right) aims to formalize the links existing between the notions of obligation, prohibition, permission and optionality. Deontic logic is at the origin of normative systems which are used to model obligations, prohibitions and sanctions in organizations. In this chapter, we will first present standard...

This book constitutes the refereed post-conference proceedings of the 5th International Workshop on Security of Industrial Control Systems and Cyber-Physical Systems, CyberICPS 2019, the Third International Workshop on Security and Privacy Requirements Engineering, SECPRE 2019, the First International Workshop on Security, Privacy, Organizations, a...

This book constitutes the revised selected papers from the 14th International Conference on Risks and Security of Internet and Systems, CRiSIS 2019, held in Hammamet, Tunisia, in October 2019. The 20 full papers and 4 short papers presented in this volume were carefully reviewed and selected from 64 submissions. They cover diverse research themes...

This book constitutes the refereed post-conference proceedings of the 6th International Workshop on Security of Industrial Control Systems and Cyber-Physical Systems, CyberICPS 2020, the Second International Workshop on Security and Privacy Requirements Engineering, SECPRE 2020, and the Third International Workshop on Attacks and Defenses for Inter...

Many companies and organizations use firewalls to control the access to their network infrastructure. Firewalls are network security components which provide means to filter traffic within corporate networks, as well as to police incoming and outcoming interaction with the Internet. For this purpose, it is necessary to configure firewalls with a se...

The more services and functionalities are expected from contemporary systems, the more difficult it is to protect every part of them, to secure every access point or to watch on every connection and message. It is currently considered that security is less and less likely to be flawless and that some part or sub-system can fail or be under attack....

The a posteriori access control mode consists in monitoring actions performed by users, to detect possible violations of the security policy and to apply sanctions or reparations. In general, logs are among the first data sources that information security specialists consult for forensics when they suspect that something went wrong. One difficult c...

Network slicing is an important concept for telecommunication companies for optimizing their infrastructure and providing customized services. In order to deploy them, it is necessary to fully understand the customer requirements. The Communication Service Management Function (CSMF) is an entity that has this task, acting as a gateway to translate...

Network slicing is an important concept for telecommunication companies for optimizing their infrastructure and providing customized services. In order to deploy them, it is necessary to fully understand the customer requirements. The Communication Service Management Function (CSMF) is an entity that has this task, acting as a gateway to translate...

False data Injection attacks is an important security issue in Industrial Control Systems (ICS). Indeed, this kind of attack based on the manipulation and the transmission of corrupted sensing data, can lead to harmful consequences such as disturbing the infrastructure functioning, interrupting it or more again causing its destruction (overheating...

Privacy budget management plays an important role when applying differential privacy, as it sets an upper limit in the ability to utilise the private database. In this paper, we explore the possibility of extending the total allocated privacy budget, taking into consideration the data consumer characteristics and the data utilisation context. To th...

Moving Target Defense techniques have been proposed to increase uncertainty and apparent complexity for attackers. In this paper, we first study the related work on quantification effectiveness and the impact of a diversification based MTD techniques. Then, we propose a new model that relies mainly on the knowledge that the adversary has about the...

Diffie-Hellman key exchange is a popular cryptographic algorithm that allows Internet protocols to agree on a shared key and negotiate a secure connection. It is used in many protocols including SSH, IPsec, SMTPS, and protocols that rely on TLS. In the Internet of Things (IoT), we cannot rely on the PKI architecture to secure communications due to...

This book constitutes the thoroughly refereed post-conference proceedings of the 4th International Workshop on the Security of Industrial Control Systems and Cyber-Physical Systems, CyberICPS 2018, and the Second International Workshop on Security and Privacy Requirements Engineering, SECPRE 2018, held in Barcelona, Spain, in September 2018, in con...

This book constitutes the revised selected papers from the 13th International Conference on Risks and Security of Internet and Systems, CRiSIS 2018, held in Arcachon, France, in October 2018. The 12 full papers and 6 short papers presented in this volume were carefully reviewed and selected from 34 submissions. They cover diverse research themes th...

At this moment, the management of a network proposes new challenges for communication service providers (CSP). There is no human workforce capable to perform FCAPS (fault, configuration, accounting, performance and security) administration satisfying the exigent service level agreements to customers and keeping the same pace with respect to busines...

The problem of preserving privacy while mining data has been studied extensively in recent years because of its importance for enabling sharing data sets. Differential Identifiability, parameterized by the probability of individual identification \(\rho \), was proposed to provide a solution to this problem. Our study of the proposed Differential I...

In recent years, USB has become the most popular standard for connecting hosts and peripherals due to its plug-and-play and fast speed features. However, with the emergence of attacks such as badUSB, USB security issues become increasingly prominent. In reaction, different USB protection mechanisms have been proposed, including USB communication fi...

This demonstration defines a small IoT wireless network that uses TI CC2538-OpenMote as hardware platform and state-of-the-art IETF network standards such as 6LoWPAN, RPL, and CoAP implemented by ContikiOS. The IoT nodes are controlled from outside the IoT network using end-to-end connectivity provided by IPv6-CoAP messages. We implement a man-in-t...

Diagnosing accidental and malicious events in an industrial control system requires an event model with specific capacities. Most models are dedicated to either safety or security but rarely both. And the latter are developed for objectives other than diagnosis and therefore unfit for this task. In this paper, we propose an event model considering...

The dynamic configuration and evolution of large-scale heterogeneous systems has made the enforcement of security requirements one of the most critical phases throughout the system development lifecycle. In this paper, we propose a framework architecture to associate the security policies with the specification and the execution phases of applicati...

This paper presents a formal approach based on deontic logic to model security policies that contain exceptions and contraries to duty (CTD). A CTD is a deontic rule which specifies what should happen in case of violation of other security rules like obligations or prohibitions. For example, CTD are useful to specify response policies that apply wh...

This book constitutes the thoroughly refereed post-conference proceedings of the Third International Workshop on the Security of Industrial Control Systems and of Cyber-Physical Systems, CyberICPS 2017, and the First International Workshop on Security and Privacy Requirements Engineering, SECPRE 2017, held in Oslo, Norway, in September 2017, in con...

Communication security is a major concern in industrial process management. Indeed, in addition to real-time requirements, it is very important to ensure that sensing data sent by field sensors are not altered or modified during their transmission. This is more true in Wireless Sensor Networks where communication can be hijacked and false data inje...

Security of Software Defined Networking (SDN) is an open issue because of many reasons. Security requirements were not considered in the primary definition of SDN. Consequently, SDN enlarges the network vulnerability surface by introducing new vulnerabilities that do not exist in the conventional networking architecture. In addition, there are neit...

Recommender systems are tools for processing and organizing information in order to give assistance to the system users. This assistance is provided by analyzing their own preferences or the preferences of their community. This paper introduces an approach based on content-based recommendation for efficient security administrators assistance in the...

Nowadays, Wireless Sensor Network (WSN) is a well-established paradigm. It has a large variety of applications ranging from home to industrial applications (such as health care and military applications). However, as this kind of networks is becoming wider, more heterogeneous and interconnected, ensuring the security of these decentralized systems...

The evolution of the digital world drives cloud computing to be a key infrastructure for data and services. This breakthrough is transforming Software Defined Networking into the cloud infrastructure backbone because of its advantages such as programmability, abstraction and flexibility. As a result, many cloud providers select SDN as a cloud netwo...

Malicious third-party applications can leak personal data stored in the Android system by exploiting side channels. TaintDroid uses a dynamic taint analysis mechanism to control the manipulation of private data by third-party apps [9]. However, TaintDroid does not propagate taint in side channels. An attacker can exploit this limitation to get priv...

This book constitutes the thoroughly refereed post-conference proceedings of the 9th International Symposium on Foundations and Practice of Security, FPS 2016, held in Québec City, QC, Canada, in October 2016. The 18 revised regular papers presented together with 5 short papers and 3 invited talks were carefully reviewed and selected from 34 submi...

This book constitutes the refereed proceedings of the Second Conference on Security of Industrial Control Systems and Cyber-Physical Systems, CyberICPS 2016, held in Crete, Greece, in September 2016 in conjunction with ESORICS 2016, the 21st annual European Symposium on Research in Computer Security. The 5 revised full papers 2 invited papers prese...

This book constitutes the revised selected papers from the 11th International Conference on Risk and Security of Internet and Systems, CRISIS 2016, held in Roscoff, France, in September 2016. The 17 full papers presented in this volume were carefully reviewed and selected from 24 submissions. They cover diverse research themes, ranging from classic...

The law of computer and freedoms specifies that the access to personal data is a right that must be ensured. Indeed, this law provides sanctions when this right is violated. It is important to preserve this access right because it allows people to verify the accuracy of their personal data and thus, emit a rectification request or ask for the delet...

Dans ses activités d’enseignement et de recherche, Jacky Akoka a toujours considéré les systèmes d’information sous la double perspective de l’ingénierie et du management. Cet ouvrage en son honneur regroupe 26 chapitres organisés en six thématiques, reflets de ses principaux domaines d’expertise : (1) business intelligence, (2) qualité et évaluati...

L'invention concerne un procédé de protection d'un réseau de communication, par l'intermédiaire duquel un équipement de communication client, est apte à établir une connexion à états selon un protocole de transport avec un équipement de communication serveur, et à lui transmettre des paquets de données , comprenant les étapes suivantes : - Installa...

Security solutions in conventional networks are complex and costly because of the lack of abstraction, the rigidity and the heterogeneity of the network architecture. However, in Software Defined Networking (SDN), flexible , reprogrammable, robust and cost effective security solutions can be built over the architecture. In this context, we propose...

The use of wireless communication is a major trend in the so called Supervisory Control and Data Acquisition systems (SCADA). Consequently, Wireless Industrial Sensor Networks (WISN) were developed to meet real time and security requirements needed by SCADA systems. In term of security, WISN suffer from the same threats that those targeting classic...

Many research works focus on the adoption of cloud infrastructure as a service (IaaS), where virtual machines (VM) are deployed on multiple cloud service providers (CSP). In terms of virtual resource allocation driven by security requirements, most of proposals take the aspect of cloud service customer (CSC) into account but do not address such req...

Network security is a crucial issue of Software Defined Networking (SDN). It is probably, one of the key features for the success and the future pervasion of the SDN technology. In this perspective, we propose a SDN reactive stateful firewall. Our solution is integrated into the SDN architecture. The application filters TCP communications according...

This paper presents an approach allowing for a given security and utility requirements, the selection of a combination of mechanisms and the way it will be applied to enforce them. To achieve this goal, we firstly use an expressive formal language to specify the security and utility properties required by data owners and the security mechanisms tha...

This book constitutes the refereed proceedings of the First Conference on Cybersecurity of Industrial Control Systems, CyberICS 2015, and the First Workshop on the Security of Cyber Physical Systems, WOS-CPS 2015, held in Vienna, Austria, in September 2015 in conjunction with ESORICS 2015, the 20th annual European Symposium on Research in Computer...

The interaction between different applications and services requires expressing their security properties. This is typically defined as security policies, which aim at specifying the diverse privileges of different actors. Today similarity measure for comparing security policies becomes a crucial technique in a variety of scenarios, such as finding...