Nadia Tawbi

Laval University | ULAVAL · Department of Computer Science

Insider threats are a growing concern for organizations due to the amount of damage that their members can inflict by combining their privileged access and domain knowledge. Nonetheless, the detection of such threats is challenging, precisely because of the ability of the authorized personnel to easily conduct malicious actions and because of the i...

The ever-increasing presence of Android malware is accompanied by a deep concern about security issues in the mobile ecosystem. Android malware detection has received much attention in the research community. In fact, malware proliferation goes hand in hand with its sophistication and complexity. For instance, more elaborated malware, such as polym...

Spam email automated analysis and classification are a challenging task, which is vital in the identification of botnet structures and cybercrime fighting. In this work, we propose an automated methodology and the resulting framework based on innovative categorical divisive clustering, used both for grouping and for classification of spam messages....

Despite being one of the most common approaches in unsupervised data analysis, a very small literature exists in applying formal methods to address data mining problems. This paper applies an abstract representation of a hierarchical categorical clustering algorithm (CCTree) to solve the problem of privacy-aware data clustering in distributed agent...

We present a novel progress-sensitive, flow-sensitive hybrid information-flow control monitor for an imperative interactive language. Progress-sensitive information-flow control is a strong information security guarantee which ensures that a program's progress (or lack of) does not leak information. Flow-sensitivity means that this strong security...

This book constitutes the thoroughly refereed post-conference proceedings of the 9th International Symposium on Foundations and Practice of Security, FPS 2016, held in Québec City, QC, Canada, in October 2016. The 18 revised regular papers presented together with 5 short papers and 3 invited talks were carefully reviewed and selected from 34 submi...

In order to protect Android users and their information, we have developed a lightweight malware detection tool for Android called Andrana. It leverages machine learning techniques and static analysis to determine, with an accuracy of 94.90%, if an application is malicious. Its analysis can be performed directly on a mobile device in less than a se...

In order to protect Android users and their information, we have developed a lightweight malware detection tool for Android called Andrana. It leverages machine learning techniques and static analysis to determine, with an accuracy of 94.90%, if an application is malicious. Its analysis can be performed directly on a mobile device in less than a se...

Despite being one of the most common approach in unsupervised data analysis, a very small literature exists on the formalization of clustering algorithms. This paper proposes a semiring-based methodology, named Feature-Cluster Algebra, which is applied to abstract the representation of a labeled tree structure representing a hierarchical categorica...

We present a novel progress-sensitive, flow-sensitive hybrid information-flow control monitor for an imperative interactive language. Progress-sensitive information-flow control is a strong information security guarantee which ensures that a program’s progress (or lack of) does not leak information. Flow-sensitivity means that this strong security...

We present a novel progress-sensitive, flow-sensitive hybrid information-flow control monitor for an imperative interactive language. Progress-sensitive information-flow control is a strong information security guarantee which ensures that a program's progress (or lack of) does not leak information. Flow-sensitivity means that this strong security...

Spam emails yearly impose extremely heavy costs in terms of time, storage space and money to both private users and companies. Finding and persecuting spammers and eventual spam emails stakeholders should allow to directly tackle the root of the problem. To facilitate such a difficult analysis, which should be performed on large amounts of unclassi...

Fast analysis of correlated spam emails may be vital in the effort of finding and prosecuting spammers performing cybercrimes such as phishing and online frauds. This paper presents a self-learning framework to automatically divide and classify large amounts of spam emails in correlated labeled groups. Building on large datasets daily collected thr...

Spam emails constitute a fast growing and costly problems associated with the Internet today. To fight effectively against spammers, it is not enough to block spam messages. Instead, it is necessary to analyze the behavior of spammer. This analysis is extremely difficult if the huge amount of spam messages is considered as a whole. Clustering spam...

Runtime monitoring is a widely used approach for the enforcement of security policies. It allows the safe execution of untrusted code by observing the execution and reacting if needed to prevent a violation of a user-defined security policy. Previous studies have determined that the set of security properties enforceable by monitors is greatly exte...

This paper presents an approach to enforce information flow policies using a multi-valued type-based analysis followed by an instru-mentation when needed. The target is a core imperative language. Our approach aims at reducing false positives generated by static analysis, and at reducing execution overhead by instrumenting only when needed. False p...

This special issue of the /Journal of Information Security and Applications/ presents a selection of papers from two conferences: SETOP 2012 (Autonomous and Spontaneous Security) and FPS 2012 (Foundations & Practice of Security). Four high-quality papers were selected from SETOP 2012 covering different aspects of autonomic and spontaneous security,...

This paper presents an approach to enforce information flow policies using a three-valued type-based analysis on a core imperative language. Our analysis aims first at reducing false positives generated by static analysis, and second at preparing for instrumentation. False positives arise in the analysis of real computing systems when some informat...

Runtime monitoring is an increasingly popular method to ensure the safe execution of untrusted codes. Monitors observe and transform the execution of these codes, responding when needed to correct or prevent a violation of a user-defined security policy. Prior research has shown that the set of properties monitors can enforce correlates with the la...

Runtime monitoring is a widely used approach to ensure code safety. Several implementations of formal monitors have been proposed in the literature, and these differ with respect to the set of security policies that they are capable of enforcing. In this survey, we examine the evolution of knowledge regarding the issue of precisely which security p...

A previous study showed how a monitor can be inlined into a po-tentially untrusted program, producing an instrumented version of this program which provably respects the desired security policy. That study extended previ-ous approaches to the same problem in that it allowed non-safety properties to be monitored, and did not incur any runtime overhe...

Runtime monitors are a widely used approach to enforcing security policies. Truncation monitors are based on the idea of truncating an execution before a violation occurs. Thus, the range of security policies they can enforce is limited to safety properties. The use of an a priori static analysis of the target program is a possible way of extending...

Monitoring is a powerful security policy enforcement paradigm that allows the execution of a potentially malicious software by observing and transforming it, thus ensuring its compliance with a user-defined security policy. Yet some restrictions must be imposed on the monitor’s ability to transform sequences for the enforcement to be meaningful. Th...

In this paper, we present a new framework of runtime security policy enforcement. Building on previous studies, we examine the enforcement power of monitors able to transform their target’s execution, rather than simply accepting it if it is valid, or aborting it otherwise. We bound this ability by a restriction stating that any transformation must...

A promising solution to the problem of securing potentially malicious mobile code lies in the use of program monitors. Such monitors can be in-lined into an untrusted program to produce an instrumented code that provably satisfies the security policy. It is well known that enforcement mechanisms based on Schneider’s security automata only enforce s...

In this paper, we propose a new approach for the static detection of malicious code in executable pro- grams. Our approach rests on a semantic analysis based on behaviour that even makes possible the de- tection of unknown malicious code. This analysis is carried out directly on binary code. Static analysis offers techniques for predicting properti...

Recently, attention has been given to formally characterize security policies that are enforceable by different kinds of security mechanisms. A very important research problem is the characterization of security policies that are enforceable by execution monitors constrained by memory limitations. This paper contributes to give more precise answers...

The main intent of this paper is to present a semantic framework for the validation of JVML/CLDC optimizations. The semantic style of the framework is denotational and rests on an extension of the resource pomsets semantics of Gastin and Mislove [12]. The resource pomsets is a fully abstract semantic model that is based on true concurrency. However...

Recently, attention has been given to formally character- ize security policies that are enforceable by different kinds of security mechanisms. Since execution monitoring (EM) is a ubiquitous technique for enforcing security policies, this class of enforcement mechanisms has attracted the attention of the majority of authors characterizing security...

We address, in a type-based framework, the problem of control-flow analysis for concurrent and functional languages. We present an efficient algorithm that propagates automatically types, communication effects and call graphs. The algorithm comes with a logical characterization that consists of a type proof system. The latter operates on a Concurre...

This paper presents a new selective dynamic compilation technique targeting ARM 16/32-bit embedded system processors. This compiler is built inside the J2ME/CLDC (Java 2 Micro Edition for Connected Limited Device Configuration) platform [8]. The primary objective of our work is to come up with an efficient, lightweight and low-footprint accelerated...

A new acceleration technology for Java embedded virtual machines is presented in this paper. Based on the selective dynamic compilation technique, this technology addresses the J2ME/CLDC (Java 2 Micro Edition for Connected Limited Device Configuration) platform. The primary objective of our work is to come up with an ecient, lightweight and low-foo...

A new acceleration technology for Java embedded virtual machines is presented in this paper. Based on the selective dynamic compilation technique, this technology addresses the J2ME/CLDC (Java 2 Micro Edition for Connected Limited Device Conflguration) platform. The primary objective of our work is to come up with an e-cient, lightweight and low-fo...

Java is widely used on the Internet, which makes it a target of choice for malicious attackers. This fact stimulates the research work in the field of Java program verification in order to consolidate both Java safety and security. The results achieved so far in this sector are very promising and effective. Nevertheless, the current Java security a...

Object oriented languages, in particular Java, use a frequent dynamic dispatch mechanism to search for the definition of an invoked method. A method could be defined in more than one class. The search for the appropriate method definition is performed dynamically. This induces an execution time overhead that is significant. Many static and dynamic...

In this article we propose a control flow analysis in the presence of exceptions for Java programs. This analysis is realised in two phases: a master key on the hard intra-process level (on the level of only one hard process) and another on the hard inter-process level (between hard processes). This analysis utilises one approximation of possible r...

Abstract Because of time and budget constraints, organisations are turning more and more to Commercial-Off-The-Shelf (COTS) software rather than developing in-house soft- ware. This situation gives rise to great concerns over safety, security, and reliability in critical information sys- tems. This paper presents a research effort to help manage th...

With the advent and the rising popularity of networks, Internet, intranets and distributed systems, security is becoming one of the major concerns in IT research. An increasing number of approaches have been proposed to ensure the safety and security of programs. Among those approaches, certified code seems to be the most promising. Unfortunately,...

We address the formal analysis of authentication cryptographic protocols. We present a new verification algorithm that generates from the protocol description the set of possible flaws, if any, as well as the corresponding attack scenarios. This algorithm does not require any property or invariant specification. The algorithm involves three steps:...

Presents a new approach to the verification of authentication protocols. This approach is formal, fully automatic and does not necessitate any specification of any protocol property or invariant. It takes the protocol specification as the parameter and generates the set of flaws, if any, as well as the corresponding attack scenarios. This approach...

In this paper, we address the formal venfication in workflow systems More precisely, we consider the automatic verification of one of the most prominent workflow models, namely the Information Control Nets (ICNs) model We present a powerful method for the qualitative analy sis of ICNs The analysis proposed rests on an observed analogy between ICNs...

: This paper presents the results of an industrial case-study concerning the use of formal methods for the validation of hardware design. The case-study focuses on PowerScale TM , a multiprocessor architecture based on PowerPC TM micro-processors and used in Bull's Escala TM series of servers and workstations x . The specification language Lotos (I...

This paper presents the results of an industrial case-study concerning the use of formal methods for the validation of hardware design. The case-study focuses on PowerScale, a multiprocessor architecture based on PowerPC micro-processors and used in Bull's Escala series of servers and workstations. The specification language LOTOS (ISO Internationa...

Estimating the execution time of nested loops or the volume of data transferred between processors is necessary to make appropriate processor or data allocation. To achieve this goal one need to estimate the execution time of the body and thus the number of nested loop iterations. This work could be a preprocessing step in an automatic parallelizin...

This paper is concerned with the automatic exploitation of the parallelism detected in a sequential program. The target machine is a shared memory multiprocessor.The main goal is minimizing the completion time of the program. To achieve this, one has first to distribute the code over the processors, then to schedule the parts of the code in order t...

Presents a parallel programming environment called PMACS. The central structure of this environment is the Parametrized Dependence Graph that gives a very precise representation of dependencies. It also facilitates the recompilation of dependencies whenever the user is requested to introduce information about the program. A unique framework for the...

Security is becoming a major issue in our highly networked and computerized era. Malicious code detection is an essential step towards securing the execution of applications in a highly inter-connected context. In this paper, we present a formal definition of Java dynamic semantics. This seman-tics has been used as a basis to develop efficient, rig...