Students supervision

PHD supervision
School perseverance modelisation in a computer science context
Timothée DURON
(in progress since feb 2017)
(co-director : Pr. Philippe Aniorté)
Educational research is constantly developing, in particularly with the arrival of new technologies such as digital tools. What impact can numerical tools have on learning, especially on a student’s perseverance to succeed? The PERSEVERONS project tries to answer the followings questions: What impact can numerical tools have on learning and in particular on the perseverance of students? Can digital tools improve that perseverance? How can digital tools boost it? In this work, we will define an approach in modeling school perseverance as a computer science model, and describe how to use it in education software.
An approach based on Model-driven Engineering to identify, design and assess security aspects
(dec 2010 – dec 2014)
(co-director : Pr. Philippe Aniorté)
Software engineering is an interdisciplinary approach aiming to formalize the development of systems. This approach begins with defining system requirements and then continues with defining the design, implementation and validation of systems. Historically, systems were isolated and often based on proprietary technologies. Todays, computer systems are interconnected using Internet and standard technologies by promoting interoperability. In spite of undeniable contributions, these changes engender new risks of computer vulnerabilities/attacks. To cope with these risks, information security has improved to implement more or less reliable counter-measures. This thesis is situated at the intersection/crossroads of the software engineering and the information security. It aims to propose an approach that integrates these two fields in a collaborative and complementary manner. Although both fields are closely related, there are few approaches that integrate security aspects into software engineering process, much less from engineering requirements, which allow the assessment of security policies from a high level of abstraction. Hence, this thesis makes a contribution in this area. Therefore, in this thesis, we propose an approach based on MDE (Model-Driven Engineering) and MDA (Model Driven Architecture) which integrates software engineering and information security using models. This approach allows to identify, to design and to assess security aspects in the stages of the system development in order to obtain secure systems.
RSIDS : a distributed IDS based on CVSS framework
(oct 2005 – nov 2009)
(co-director : Pr. Alban Gabillon)
Intrusion detection is a method that ensures the availability concept in systems and computer networks. This availability is generally undermined by various anomalies. These anomalies can be caused either legitimately unintended result has operations working on these systems (broken link, traffic, or. . . ), so illegitimate with malicious operations designed to undermine the availability of these systems. The implementation of these various anomalies detection tools, such as IDS (Intrusion Detection System), contribute to early identification of these anomalies and to block them. This thesis has enabled us to develop a new generation platform to generate legitimate and illegitimate anomalies. This work was carried out under the project METROSEC. This platform has enabled us to obtain various traffic captures containing these anomalies. The various illegimitate anomalies were performed with classic tools to make Denial of Service like TFN2k or Trinoo. Legitimate Anormalies were also conducted with flash crowd phenomenon. All these catch real traffic were used in further research on intrusion detection for the evaluation of new methods of detection. In a second part, the implementation of a new detection tool seems necessary to improve the quality of detection of these anomalies. This new distributed IDS, called RSIDS (Risk Scored Intrusion Detection System), will retrieve the results of a multitude of heterogeneous probes. The use of probes will remove the risk of false alarms. Indeed, a probe is not able to detect all anomalies that occur on a system or network. Each alert provided by its probes will be evaluated according to their degree of dangerousness. The assessment of dangerousness based on the framework CVSS (Common Vulnerability Scoring System).
post-doc supervision
An Attempt to Build CWSS from CVSS through Semantic Mapping

(Feb 2017 – Aug 2017)
Having metrics of information systems flaws early in the development process has become highly relevant for security analysts. Metrics about flaws allow to have the information necessary to understand the risks that an organization faces and their impacts. The CVSS framework gives a severity assessment for each CVE vulnerability present in a system. However, that framework cannot be applied when designing a system, since it contains lots of implementation details. On the other hand, CWSS proposes a priority assessment of vulnerability categories (CWE) in order to determine which flaws must be addresses at first during the design of the system. Unfortunately, CWSS generalized scores are not yet given by the NIST. In this work, we aim to automatically compute CWSS generalized scores from CVSS scores by using a semantic mapping.
master supervision
Bouthong NOUKSA (2015) TBA
Razane MOUSSA (2013) TBA
Julien AUSSIBAL (2005) TBA
Other supervision
Timothée DURON
Contract Engineer