I have been involved in several research projects related to Information and Communication Technologies (ICT) security.

Projects funded under the 7th Framework Programme of the European Commission

MAnagement of Security information and events in Service Infrastructures (FP7-ICT-2009-5-MASSIF)

The main objective of MASSIF (MAnagement of Security information and events in Service Infrastructures) is to achieve a significant advance in the area of SIEM (Security Information and Event Management). On the base of proper multi-level event correlation MASSIF will provide innovation techniques in order to enable the detection of upcoming security threats and trigger remediation actions even before the occurrence of possible security incidences. Thus, MASSIF will develop a new generation SIEM framework for service infrastructures supporting intelligent, scalable, and multi-level/multi-domain security event processing and predictive security monitoring. Such service-level SIEM involves the modelling and formal validation of security, including trusted computing concepts, architecture for dependable and resilient collection of service events, supported by an extremely scalable and high performance event collection and processing framework, in the context of service-level attack models.

In the MASSIF project, Télécom SudParis provides the following contributions:

DEcentralized, cooperative and privacy-preserving MONitoring for trustworthinesS (DEMONS)

As an Integrating Project strategy, DEMONS aims at addressing all the key aspects essential in monitoring approaches for the Future Internet. DEMONS’ ultimate goal is to i) design a more scalable, flexible and autonomic monitoring infrastructure, ii) exploit monitoring intelligence distributed inside programmable traffic probes and mediating devices, iii) improve monitoring applications’ performance, capability effectiveness (detection, reporting, and mitigation) and deployment easiness, iv) operating in compliance with the customers’ privacy rights, and v) taking advantage of cross-domain cooperation mechanisms to permit improved defence against global scale cooperative threats and operational failures.

Visual Analytic Representation of Large Datasets for Enhancing Network Security (Vis-Sense)

VIS-SENSE is an EU-funded research project focused on the development of visual analytics technologies for the enhancement of international network security. The VIS-SENSE project uses visualization and data-mining technologies to identify and predict complex patterns of abnormal behaviour. The VIS-SENSE team works in various application areas ranging from network information security and attack attribution to attack prediction and the detection of BGP hijacking. The ultimate goal of VIS-SENSE is to stimulate proactive measures, which improve efforts to combat cyber-crime, and also to enhance the prediction of attacks.

Projects funded under French funding schemes

CompatibleOne

The CompatibleOne project identifies, aggregates and integrates leading open source technologies into a rich and comprehensive ‘cloudware’ stack. CompatibleOne is developing a meta-model-based framework for the abstraction of the configuration, management and integration of these technologies. This ‘cloudware’ framework, based on open, common standards and leading open source technologies, will offer cloud builders the greatest possible interoperability.