JulienDepaillat (Conservatoire national des arts et métiers (CNAM), France),
PierreParadinas (Conservatoire national des arts et métiers (CNAM), France),
PhilippeBaumard (Conservatoire national des arts et métiers (CNAM), France)
Dr. Meltem Sonmez Turan is a mathematician in the Computer Security Division of National Institute of Standards and Technology. Meltem co-leads the Lightweight Cryptography Standardization project at NIST. Her research interests include symmetric cryptography, random number generation and circuit complexity.
Final Steps of the NIST Lightweight Cryptography Standardization [visio]
This talk includes an overview of the NIST Lightweight Cryptography Standardization process and explains the evaluation of the finalists, the selection of Ascon as the winner and the final steps in the standardization process.
Vincent Nicomette is an engineer from ENSEEIHT Toulouse (1992), doctor of INPT (1996) and holder of an HDR from the INPT (2009). After having worked as an engineer in Matra Marconi Space (today Airbus Defense and Space), from 1997 to 2000, he is now a teacher at INSA Toulouse and a researcher at LAAS-CNRS since October 2000. His main research work covers 3 main aspects: 1) network security, and in particular lately the security of IoT communication protocols, 2) the security of the lower layers of operating systems, and 3) the security of critical embedded systems. He is also co-manager of the TLS-SEC course in Toulouse, a course dedicated to computer security and provided at three different schools: INSA, ENAC and N7.
Romain Cayre is currently a post-doctoral researcher in the S3 (Software and System Security) team at the EURECOM Institute in Biot. His research work is devoted to the security of wireless communication protocols and the security of embedded systems, with a particular interest in the analysis of interactions at the boundary between software and hardware. He received an engineering degree in computer science from the Institut National des Sciences Appliquées de Toulouse in 2018, and carried out his doctoral thesis from 2019 to 2022 within the TSF team (Tolerance to faults and Dependability) from LAAS-CNRS. During his PhD thesis, his work focused on the security of wireless communication protocols in the context of the Internet of Things. As part of this work, he has produced several software tools published under a free license, in particular the Mirage wireless protocol vulnerability analysis tool.
Ten years of studies on the security of connected objects: a wrap-up
Connected objects are invading our professional and personal daily lives. These objects are more and more efficient and provide more and more varied services, but are they sufficiently secure? This keynote will try to answer this question by taking stock of ten years of research in the context of the security of connected objects. This work was carried out within the LAAS-CNRS’s TSF team (Fault Tolerance and Computer Operating Safety), within the framework of 4 theses. This work brought contributions on both offensive and defensive aspects. On the offensive side, the presentation will address in particular the analysis of vulnerabilities targeting various objects and protocols (ADSL Box, connected TVs, BLE objects, wireless keyboard/mouse, specification of the BLE protocol). On the defensive side, the presentation will address intrusion detection and identification of connected objects. This keynote will be illustrated with several demonstrations.
Eleonora Losiouk is an Assistant Professor at the University of Padua (Italy). In 2018, she obtained her Ph.D. in Bioengineering and Bioinformatics from the University of Pavia (Italy). She has been a Visiting Fellow at EPFL in 2017 and a Fulbright Visiting Fellow at the International Computer Science Institute in Berkeley in 2021/2022. In 2021, she got the H2020 CONCORDIA Award for Early Career Women Researcher. In 2022, she was awarded a Google Research Program Scholarship to develop a tool that automatically detects and exploits vulnerabilities in Android apps. Her main research interests regard the Android OS security and the wireless communications security (in particular, the Bluetooth Low-Energy ones). She has recently started inspecting the Automated Program Repair research area.
Fortifying your Smartphone: Advancements in Android Security Research
As Android devices continue to shape our modern digital landscape, the imperative to bolster their security becomes increasingly urgent. This research talk illuminates the latest advancements in Android security, shedding light on innovative strategies, emerging threats, and cutting-edge technologies designed to safeguard our digital lives. This research talk aims to equip both security practitioners and enthusiasts with a comprehensive understanding of the latest Android security research trends and innovations.
Victor Vuillard is the security director of S3NS, a Thales subsidiary in partnership with Google, aiming to operate in France a Trusted Cloud offering with the efficiency and richness of GCP Cloud services. Before joining S3NS in September 2023, he spent 7 years at ANSSI. He was responsible for the audit and inspection team and in particular led the first audits of Operators of Vital Importance. He was then the first head of the Rapid Intervention Group, the ANSSI team which intervenes in large-scale compromises. At the same time, he held the position of Deputy SSI Officer of the SGDSN. In 2013, he joined EDF as cybersecurity manager for nuclear engineering to define the security strategy for the 58 French nuclear power plants, define the security architectures, audit the security level and participate in cybersecurity governance jointly with the operator. In addition to creating and managing the team in charge of these cybersecurity issues at EDF, he was also French representative at the IAEA (United Nations) to help define international practices for securing nuclear installations, as well as at the IEC. In 2018, he was then security director of the Parrot group, the leading European manufacturer of micro-drones. As Cybersecurity CTO, he designed the overall security architecture and security features of drones, to deliver trusted drones, particularly for defense and homeland security.
IoT, 5G and Trusted Cloud
The level of connectivity of connected objects brings new uses, particularly in the field of robotics and drones. This connectivity is a guarantee of efficiency and increasing cooperation between robots/drones or between robots/drones and humans. This opens up new cybersecurity challenges, with objects more exposed to threats coming from the Internet, while at the same time they need to exchange and store sensitive data that they collect. This requires to be able to identify and authenticate these objects and allow them to communicate to a Trusted Cloud.
Enhancing Dynamic Access Control Based on Device Fingerprints for IoE Networks: Opportunities and Challenges
The Internet of Everything (IoE) connects things, people, data, and processes into one intelligent network. It provides flexibility and ease of use capabilities to smart connected devices used in our daily life. Under the 5G umbrella, IoE evolved rapidly due to the development of low-cost sensors and massive Machine-Type Communication (mMTC) applications in 5G and Beyond (B5G) wireless networks. The IoE ecosystem is characterized by a huge number of connected devices and people, user-context heterogeneity, and fully distributed interactions, hence high levels of complexity. The weak security for Access Control (AC) mechanisms and default configuration can get the whole system compromised and result in sensitive information theft and disclosure. AC systems need to adapt dynamically to incorporate context factors such as the identity of the user or device, situational context, degree of trust, and current security threat level. Additionally, the AC decision will be dynamically adjusted based on the changes in user and device environments to enhance the security of the underlying systems. One of the challenges in building a dynamic environment is accessing resources when subjects are usually restricted by their roles in traditional AC systems. Relying on credentials like identity and roles for authenticating a subject is complex in IoE as they are easily intercepted and forged. Instead, using IoT device fingerprint (DF) as an identity device-specific signature allows for accomplishing robust authentication and dynamically re-evaluating it when the context changes. It gathers the device’s physical and environment-based features to create an inherent and unique identity of devices reducing the vulnerability of node forgery and identity theft. Device fingerprints provide low complexity, robustness, and secure capability that make it hard to forge or duplicate identity. In this paper, we conduct a comprehensive overview of device fingerprint mechanisms for securing IoT-5G devices and we explore the applicability of device fingerprints in AC systems.
SamiaOukemeni(ESAIP Graduate School of Engineering, CERADE, France);
KarimZkik(ESAIP Graduate School of Engineering, CERADE, France)
Take up the Challenge of Securing Personal Smartphones used in a BYOD Setting
Today, many technologies make it possible to secure the fleets of professional smartphones. But what about the BYOD setting where personal devices, in particular smartphones, are used at work? Unlike the devices provided by companies to their members, which are administered and on which the IT service can control uses and threats, personal mobiles represent a private space on which organizations have reduced control. Thus, entities implementing BYOD are found in a dead end: how to secure the use of personal mobiles without invading personal space and in compliance with data protection laws? When the French army shared this problem with us, we have developed together a security response adapted to their operational reality. This talk will present the course of a real case, from the first challenges encountered until technological innovation today deployed on more than 10,000 mobile devices.The presentation will be provided by LCL Bruno Camel, head of the Digital Transformation and Data section of the Army and Renaud Gruchet, Chief Business Innovation Officer of Pradeo.
LCL BrunoCamel(Chef de la section transformation numérique et données de l’Armée de Terre, France);
RenaudGruchet(Chief Business Innovation Officer chez Pradeo, France)
Securing Communication in the Field: Protecting Geo-distributed Computing in an Untrusted Environment
As the number of geo-distributed connected sensors and the need to perform complex functionality increase in Industrial IoT-based systems, so does the transferred data volume. Mainframes and even edge computing show their limits when facing this intensive computing. To answer this challenge, an emerging trend, called Industrial Continuous Computing (ICC), advocates for truly distributed computation in the network, from the Smart Peripheral Devices (SPD) to the end-server or actuators. This, in turn, raises the issue of communication security. In this context, protecting communications in a dynamic architecture is challenging, as attackers may have physical access to a legitimate device. Surface attack on the communication includes confidentiality and integrity of the data, which in turn requires integrity of the software stack manipulating them. Breaches on these properties are likely to lead to secret exposure or sabotage. We present a novel approach based on open source software and secure hardware aiming to ensure end- to-end security for communication as well as securing devices authentication, enabling the confidentiality and integrity of data exchanges between the different SPDs and the end-server. Our approach uses publish-subscribe communication protocols (i.e. many-to-many) to build scalable and dynamic computing architecture. Amongst them, OPC UA PubSub provides security and interoperability to the ICC, allowing end-to-end encryption. This security however relies on securely embedded secrets on the node. We further secure authentication against specific threats to ICC, by using a Trusted Platform Module (TPM) as a secure element to protect the secrets embedded on devices, and relying on secure boot to protect this secure element against attackers. By doing so, we were able to set up fully secure a geo-distributed industrial computing infrastructure dedicated to the monitoring of railway facilities, connecting sensors, edge devices and data server in order to perform predictive maintenance.
The Industrial Internet of Thing (IIOT) induces new uses based on increased treatment and recovery of industrial data. These new uses generate additional value for manufacturers: reduction of maintenance costs, improvement of yields, resale of data, etc. This intervention offers a method for taking into account the risks associated with the use of IIOTs, architectural principles and adaptations of industrial information systems.
Building Defensive Self-Knowledge Using Embedded Machine Learning in Avionics
With the increasing demand for smart and connected devices (IoT) and embedded systems have become an integral part of our daily lives. However, this also brings new challenges in terms of security, as these systems often deal with sensitive data and / or perform critical operations. Machine learning techniques have emerged as a promising solution for enhancing the security of embedded systems. By leveraging large amounts of data, machine learning algorithms can identify patterns and anomalies that may indicate a security breach and trigger appropriate responses in real-time. In this article we will provide an overview of the use of machine learning in securing embedded systems highlighting its benefits, potential challenges while discussing some of the recent research in this area.
JulienDepaillat(Conservatoire national des arts et métiers (CNAM), France);
PierreParadinas(Conservatoire national des arts et métiers (CNAM), France);
PhilippeBaumard(Conservatoire national des arts et métiers (CNAM), France)
When Side-channel Meets Malware
The Internet of Things (IoT) is a collection of interconnected devices, each becoming increasingly complicated and numerous. They frequently employ modified hardware and software without taking security risks into account, which makes them a target for cybercriminals, especially malware and rootkit crafter. In this extended abstract, we will present two strategies for exploiting electromagnetic side channels to address two issues: rootkit detection difficulties and malware categorization challenges in the presence of obfuscations. Both tactics center on IoT devices, target ARM (raspberry-Pi) and MIPS (CI.20) architectures, and use machine/deep learning techniques. The talk will highlight all the results obtained from the ARN project "Automated Hardware Malware Analysis" (AHMA - Annelie's JCJC).
Zero Trust in the Context of IoT: Industrial Literature Review, Trends, and Challenges
The Zero-trust (ZT) model is an increasingly popular model that relies on the idea that no trust should be granted to any entity (network, persons, devices) by default. ZT model is gaining attention from both research and practice, with various levels of adequation between research developed and real-life applications. NIST provided a standard to fulfill requirements of ZT architecture of network core but many practical aspects remain unspecified, some of them requiring solving first research challenges in order to be implemented efficiently. An example of such an unspecified field is the integration of IoT/Smart Peripheral Devices (SPD). Various reasons explain this gap: specificities of such resources (possibly lower energy/computation power), their lifecycle, and their use, strongly depending on the use of the whole platform IoT devices are part of. Moreover, additional difficulty to have a good understanding is induced by the fact that both Zero Trust and IoT are identified as promising trends in cybersecurity: many vendors/researchers tag their solutions as IoT integration into the ZT model, with little to no effective compliance to ZT model or standard. Industry is providing many practice-oriented literature, that has to be compared to academic work and standards, in order to consolidate the current state of knowledge and solutions offered to realize this integration. In this paper, we conduct a literature review of non-academic publications, in order to consolidate current knowledge, trends, and future challenges for the industrial integration of IoT devices in ZT architecture.
An Interoperable Zero Trust Federated Architecture for Tactical Systems
Military and tactical systems are heterogeneous, encompassing devices with low computing power and network capacity. Such networks can be secured by following the zero trust paradigm: every access request to resources is verified, without relying on inherent trust between the requester and the resource. However, operational needs can require different domains, such as different nations in a coalition, to federate, to enable sharing of resources between domains. This contradicts the principle of zero trust, as information on the requester cannot be verified by the domain offering the resource, and therefore access inherently relies on trust between domains. This paper explores a solution for federating tactical network architectures, while following the zero trust paradigm. In particular, due to the power constraints on devices composing tactical architectures, the presented solution does not require invasive software to be installed in requester devices.
Identification of the Physical Address of Bluetoooth BR/EDR Radio Devices using Software Defined Radio
The object of the presentation is on the one hand to demonstrate the possibilities offered by the software radio to extract the MAC address (BD_ADDR) from Bluetooth BR/EDR devices by a radio listening procedure of a Bluetooth communication established withinFrom a pico-russet, and on the other hand to extract this Mac address again by interacting by software radio with a Bluetooth device configured in a "discoverable" mode.This demonstration illustrates the ability to extract the BD_ADDR address from a Bluetooth device even if the standard has taken precautions to hide this information.