Your search keyword '"ANR-15-IDEX-02,CYBER@ALPS,Grenoble Alpes Cybersecurity Institute(2017)"' showing total 7 results

1. Don't Forget to Lock the Front Door! Inferring the Deployment of Source Address Validation of Inbound Traffic

Author

Qasim Lone, Marcin Skwarek, Andrzej Duda, Baptiste Jonglez, Maciej Korczynski, Yevheniya Nosyk, Delft University of Technology (TU Delft), Laboratoire d'Informatique de Grenoble (LIG), Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP ), Université Grenoble Alpes (UGA), Drakkar, Université Grenoble Alpes (UGA)-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP ), Initiative de Recherche Scientifique IRS, ANR-15-IDEX-0002,UGA,IDEX UGA(2015), Université Pierre Mendès France - Grenoble 2 (UPMF)-Université Joseph Fourier - Grenoble 1 (UJF)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP)-Institut National Polytechnique de Grenoble (INPG)-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA), Université Pierre Mendès France - Grenoble 2 (UPMF)-Université Joseph Fourier - Grenoble 1 (UJF)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP)-Institut National Polytechnique de Grenoble (INPG)-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA)-Université Pierre Mendès France - Grenoble 2 (UPMF)-Université Joseph Fourier - Grenoble 1 (UJF)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP)-Institut National Polytechnique de Grenoble (INPG)-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA), ANR-15-IDEX-02,CYBER@ALPS,Grenoble Alpes Cybersecurity Institute(2017), and ANR: IRS,Initiative de Recherche Scientifique

Subjects

Networking and Internet Architecture (cs.NI), FOS: Computer and information sciences, 050101 languages & linguistics, Spoofing attack, Record locking, Ingress filtering, Edge device, Network security, business.industry, Computer science, Network packet, 05 social sciences, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 02 engineering and technology, IP address spoofing, Computer Science - Networking and Internet Architecture, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Border Gateway Protocol, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, 0501 psychology and cognitive sciences, business, Computer network

Abstract

International audience; This paper concerns the problem of the absence of ingress filtering at the network edge, one of the main causes of important network security issues. Numerous network operators do not deploy the best current practice - Source Address Validation (SAV) that aims at mitigating these issues. We perform the first Internet-wide active measurement study to enumerate networks not filtering incoming packets by their source address. The measurement method consists of identifying closed and open DNS resolvers handling requests coming from the outside of the network with the source address from the range assigned inside the network under the test. The proposed method provides the most complete picture of the inbound SAV deployment state at network providers. We reveal that 32 673 Autonomous Systems (ASes) and 197 641 Border Gateway Protocol (BGP) prefixes are vulnerable to spoofing of inbound traffic. Finally, using the data from the Spoofer project and performing an open resolver scan, we compare the filtering policies in both directions.

Published

2020

2. VORONOI COMPLEXES IN HIGHER DIMENSIONS, COHOMOLOGY OF $GL_N (Z)$ FOR $N\ge 8$ AND THE TRIVIALITY OF $K_8 (Z)$

Author

Dutour Sikiric, Mathieu, Elbaz-Vincent, Philippe, Kupers, Alexander, Martinet, Jacques, Rudjer Boskovic Institute [Zagreb], Institut Fourier (IF ), Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes [2016-2019] (UGA [2016-2019]), Department of Mathematics [Cambridge] (HARVARD), Harvard University [Cambridge], Institut de Mathématiques de Bordeaux (IMB), Université Bordeaux Segalen - Bordeaux 2-Université Sciences et Technologies - Bordeaux 1-Université de Bordeaux (UB)-Institut Polytechnique de Bordeaux (Bordeaux INP)-Centre National de la Recherche Scientifique (CNRS), ANR-15-IDEX-0002,UGA,IDEX UGA(2015), Rudjer Boskovic Institute, Institut Fourier (IF), Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA), and ANR-15-IDEX-02,CYBER@ALPS,Grenoble Alpes Cybersecurity Institute(2017)

Subjects

Kummer-Vandiver conjecture, Voronoi complex, group cohomology, modular groups, well-rounded lattices, Perfect forms, [MATH.MATH-KT]Mathematics [math]/K-Theory and Homology [math.KT], Steinberg modules, linear programming, arithmetic groups, K-theory of integers, [MATH.MATH-NT]Mathematics [math]/Number Theory [math.NT]

Abstract

We enumerate the low dimensional cells in the Voronoi cell complexes attached to the modular groups $SL_N (Z)$ and $GL_N (Z)$ for $N = 8, 9, 10, 11$, using quotient sublattices techniques for $N = 8, 9$ and linear programming methods for higher dimensions. These enumerations allow us to compute some cohomology of these groups and prove that $K_8 (Z) = 0$, providing new knowledge on the Kummer-Vandiver conjecture.

Published

2019

3. SPAE un schéma opératoire pour l'AES sur du matériel bas-coût

Author

Elbaz-Vincent, Philippe, Hugounenq, Cyril, Riou, Sébastien, Institut Fourier (IF ), Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes [2016-2019] (UGA [2016-2019]), Université Grenoble Alpes [2016-2019] (UGA [2016-2019]), Tiempo SAS [Montbonnot Saint Martin], This work is supported by SECURIOT-2-AAP FUI 23, ANR-15-IDEX-02 and partially supported by ANR-15-CE39-0002.The present work has been partly funded by BPI France and FEDER (Fonds Européen de Développement Économique Régional) Rhône-Alpes Auvergne under national project 'SecurIoT-2' supported by the four competitiveness clusters Minalogic, SCS, Systematic Paris-Région, and Derbi., ANR-15-IDEX-0002,UGA,IDEX UGA(2015), ANR-15-CE39-0002,ARRAND,Arithmétiques Randomisées(2015), Hugounenq, Cyril, IDEX UGA - - UGA2015 - ANR-15-IDEX-0002 - IDEX - VALID, Arithmétiques Randomisées - - ARRAND2015 - ANR-15-CE39-0002 - AAPG2015 - VALID, Institut Fourier (IF), Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA), Université Grenoble Alpes (UGA), This work is supported by SECURIOT-2-AAP FUI 23, ANR-15-IDEX-02 and partially supported by ANR-15-CE39-0002., and ANR-15-IDEX-02,CYBER@ALPS,Grenoble Alpes Cybersecurity Institute(2017)

Subjects

AEAD, authenticated encryption with associated data, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], DFA, XIP, Differential Fault Analysis, Nonce misuse resilience, AES low-cost hardware, Execute In Place, [INFO.INFO-CR] Computer Science [cs]/Cryptography and Security [cs.CR]

Abstract

We propose SPAE, a single pass, patent free, authenticated encryption with associated data (AEAD) for AES. The algorithm has been developped to address the needs of a growing trend in IoT systems: storing code and data on a low cost flash memory external to the main SOC. Existing AEAD algorithms such as OCB, GCM, CCM, EAX , SIV, provide the required functionality however in practice each of them suffer from various drawbacks for this particular use case. Academic contributions such as ASCON and AEGIS-128 are suitable and efficient however they require the development of new hardware accelerators and they use primitives which are not 'approved' by governemental institutions such as NIST, BSI, ANSSI. From a silicon manufacturer point of view, an efficient AEAD which use existing AES hardware is much more enticing: the AES is required already by most industry standards invovling symmetric encryption (GSMA, EMVco, FIDO, Bluetooth, ZigBee to name few). This paper expose the properties of an ideal AEAD for external memory encryption, present the SPAE algorithm and analyze various security aspects. Performances of SPAE on actual hardware are better than OCB, GCM and CCM., Nous présentons SPAE, un schéma en une passe, libre de droit, d'encryption authentifiée avec données associées (AEAD) appliqué à l'AES. Cet algorithme a été développé afin de répondre à une tendance grandissante dans l'internet des objets: stocker du code et des données sur une mémoire flash à bas coût externe au système sur puce (SOC). Des algorithmes AEAD existent déjà tels que OCB, GCM, CCM, EAX, SIV, ils répondent à l'usage demandé cependant en pratique chacun de ces algorithmes présente des désavantages pour cet usage particulier. Les contributions académique telles que ASCON et AEGIS-128 sont appropriés et efficaces cependant ils nécessitent le développement de nouveaux accélérateurs matériels et ils utilisent des primitives qui ne sont pas approuvés par les instituions gouvernementales telles que le NIST, BSI ANSSI. Du point de vue du fabricant de silicone, un AEAD efficace qui utilise du matériel AES existant est beaucoup plus attirant: l'AES est déjà requis par la plupart des standards industriels utilisant de l’encryption symétrique (GSMA, EMVco, FIDO, Bluetooth, ZigBee par exemple). Cet article montre les propriétés d'un AEAD idéal pour de la mémoire encryptée externe, présente l'algorithme SPAE et analyse plusieurs aspects de sécurité. Les performances de SPAE sur du matériel actuel sont meilleures que sur OCB, GCM, et CCM.

Published

2019

4. SPAE un schéma opératoire pour l'AES sur du matériel bas-coût

Author

Elbaz-Vincent, Philippe, Hugounenq, Cyril, Riou, Sébastien, Institut Fourier (IF), Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA), Université Grenoble Alpes (UGA), Tiempo SAS [Montbonnot Saint Martin], This work is supported by SECURIOT-2-AAP FUI 23, ANR-15-IDEX-02 and partially supported by ANR-15-CE39-0002., ANR-15-IDEX-02,CYBER@ALPS,Grenoble Alpes Cybersecurity Institute(2017), ANR-15-CE39-0002,ARRAND,Arithmétiques Randomisées(2015), Institut Fourier (IF ), Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes [2016-2019] (UGA [2016-2019]), Université Grenoble Alpes [2016-2019] (UGA [2016-2019]), This work is supported by SECURIOT-2-AAP FUI 23, ANR-15-IDEX-02 and partially supported by ANR-15-CE39-0002.The present work has been partly funded by BPI France and FEDER (Fonds Européen de Développement Économique Régional) Rhône-Alpes Auvergne under national project 'SecurIoT-2' supported by the four competitiveness clusters Minalogic, SCS, Systematic Paris-Région, and Derbi., and ANR-15-IDEX-0002,UGA,IDEX UGA(2015)

Subjects

AEAD, authenticated encryption with associated data, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], DFA, XIP, Differential Fault Analysis, Nonce misuse resilience, AES low-cost hardware, Execute In Place

Abstract

We propose SPAE, a single pass, patent free, authenticated encryption with associated data (AEAD) for AES. The algorithm has been developped to address the needs of a growing trend in IoT systems: storing code and data on a low cost flash memory external to the main SOC. Existing AEAD algorithms such as OCB, GCM, CCM, EAX , SIV, provide the required functionality however in practice each of them suffer from various drawbacks for this particular use case. Academic contributions such as ASCON and AEGIS-128 are suitable and efficient however they require the development of new hardware accelerators and they use primitives which are not 'approved' by governemental institutions such as NIST, BSI, ANSSI. From a silicon manufacturer point of view, an efficient AEAD which use existing AES hardware is much more enticing: the AES is required already by most industry standards invovling symmetric encryption (GSMA, EMVco, FIDO, Bluetooth, ZigBee to name few). This paper expose the properties of an ideal AEAD for external memory encryption, present the SPAE algorithm and analyze various security aspects. Performances of SPAE on actual hardware are better than OCB, GCM and CCM.; Nous présentons SPAE, un schéma en une passe, libre de droit, d'encryption authentifiée avec données associées (AEAD) appliqué à l'AES. Cet algorithme a été développé afin de répondre à une tendance grandissante dans l'internet des objets: stocker du code et des données sur une mémoire flash à bas coût externe au système sur puce (SOC). Des algorithmes AEAD existent déjà tels que OCB, GCM, CCM, EAX, SIV, ils répondent à l'usage demandé cependant en pratique chacun de ces algorithmes présente des désavantages pour cet usage particulier. Les contributions académique telles que ASCON et AEGIS-128 sont appropriés et efficaces cependant ils nécessitent le développement de nouveaux accélérateurs matériels et ils utilisent des primitives qui ne sont pas approuvés par les instituions gouvernementales telles que le NIST, BSI ANSSI. Du point de vue du fabricant de silicone, un AEAD efficace qui utilise du matériel AES existant est beaucoup plus attirant: l'AES est déjà requis par la plupart des standards industriels utilisant de l’encryption symétrique (GSMA, EMVco, FIDO, Bluetooth, ZigBee par exemple). Cet article montre les propriétés d'un AEAD idéal pour de la mémoire encryptée externe, présente l'algorithme SPAE et analyse plusieurs aspects de sécurité. Les performances de SPAE sur du matériel actuel sont meilleures que sur OCB, GCM, et CCM.

Published

2019

5. DoSE: Deobfuscation based on Semantic Equivalence

Author

Philippe Elbaz-Vincent, Thanh-Ha Le, Maria Christofi, Ramtine Tofighi-Shirazi, Trusted Labs (TL), Trusted Labs, Institut Fourier (IF), Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA), Oppida, ANR-15-IDEX-02,CYBER@ALPS,Grenoble Alpes Cybersecurity Institute(2017), Institut Fourier (IF ), Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes [2016-2019] (UGA [2016-2019]), ANR-15-IDEX-0002,UGA,IDEX UGA(2015), Elbaz-Vincent, Philippe, and IDEX UGA - - UGA2015 - ANR-15-IDEX-0002 - IDEX - VALID

Subjects

0301 basic medicine, Reverse engineering, Computer science, Obfuscation, Code coverage, 02 engineering and technology, computer.software_genre, Symbolic execution, Opaque predicate, [INFO.INFO-CL]Computer Science [cs]/Computation and Language [cs.CL], 03 medical and health sciences, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Semantic equivalence, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, code cloning, deobfuscation, Malware analysis, [INFO.INFO-CR] Computer Science [cs]/Cryptography and Security [cs.CR], Programming language, Obfuscation (software), reverse engineering, control-flow graph, 030104 developmental biology, opaque predicate, [INFO.INFO-CL] Computer Science [cs]/Computation and Language [cs.CL], [INFO.INFO-IT]Computer Science [cs]/Information Theory [cs.IT], Control flow graph, [INFO.INFO-IT] Computer Science [cs]/Information Theory [cs.IT], malware analysis, computer, symbolic execution

Abstract

International audience; Software deobfuscation is a key challenge in malware analysis to understand the internal logic of the code and establish adequate countermeasures. In order to defeat recent obfuscation techniques, state-of-the-art generic deobfuscation methodologies are based on dynamic symbolic execution (DSE). However, DSE suffers from limitations such as code coverage and scalability. In the race to counter and remove the most advanced obfuscation techniques, there is a need to reduce the amount of code to cover. To that extend, we propose a novel deobfuscation approach based on semantic equivalence, called DoSE. With DoSE, we aim to improve and complement DSE-based deobfuscation techniques by statically eliminating obfuscation transformations (built on code-reuse). This improves the code coverage. Our method's novelty comes from the transposition of existing binary diffing techniques, namely semantic equivalence checking, to the purpose of the deobfuscation of untreated techniques, such as two-way opaque constructs, that we encounter in surreptitious software. In order to challenge DoSE, we used both known malwares such as Cryptowall, WannaCry, Flame and BitCoinMiner and obfuscated code samples. Our experimental results show that DoSE is an efficient strategy of detecting obfusca-tion transformations based on code-reuse with low rates of false positive and/or false negative results in practice, and up to 63% of code reduction on certain types of malwares.

Published

2018

6. Sensors and related devices for IoT, medicine and s mart-living

Author

R. Gerbelot-Barillon, Pierre Jallon, E. Pauliac-Vaujour, Olivier P. Thomas, R. Guillemaud, C. Plantier, Sebastien Hentz, P. Boisseau, Thomas Ernst, J.P. Polizzi, G. Delapierre, P. Mailley, A. Koenig, Sébastien Boisseau, E. Calvanese Strinati, Elise Saoutieff, Eric Colinet, Commissariat à l'énergie atomique et aux énergies alternatives - Laboratoire d'Electronique et de Technologie de l'Information (CEA-LETI), Direction de Recherche Technologique (CEA) (DRT (CEA)), Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Commissariat à l'énergie atomique et aux énergies alternatives (CEA), APIX Analytics, Moovlab, ANR-15-IDEX-02,CYBER@ALPS,Grenoble Alpes Cybersecurity Institute(2017), European Project: 257123,EC:FP7:ICT,FP7-ICT-2009-5,CONVERGENCE(2010), and ANR-15-IDEX-0002,UGA,IDEX UGA(2015)

Subjects

Exposome, [SPI]Engineering Sciences [physics], business.industry, Computer science, 020208 electrical & electronic engineering, 0202 electrical engineering, electronic engineering, information engineering, Fading, 02 engineering and technology, Electronics, Internet of Things, business, Telecommunications, 3. Good health

Abstract

International audience; The evolutions of medicine covering genome to exposome (i.e. all types of environmental exposures) [1] opened new paths of development for electronics including low power sensors. Additionally, the frontiers for new generations of sensors between smart-living, environment and health are fading. In this paper, we will give examples based on our developments in emerging autonomous sensors and medical devices, and show how they can be included in our daily life

Published

2018

7. Numerical analysis on seismic resistance of a two-story timber-framed structure with stone and earth infill

Author

Stéphane Grange, Laurent Daudeville, Philippe Garnier, E. Fritsch, H. Algusab, Yannick Sieffert, Laboratoire sols, solides, structures - risques [Grenoble] (3SR), Université Joseph Fourier - Grenoble 1 (UJF)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP)-Institut National Polytechnique de Grenoble (INPG)-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA), Technische Universität Dresden (TUD), Risques, Vulnérabilité des structures et comportement mécanique des matériaux (RV), Université Joseph Fourier - Grenoble 1 (UJF)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP)-Institut National Polytechnique de Grenoble (INPG)-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA)-Université Joseph Fourier - Grenoble 1 (UJF)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP)-Institut National Polytechnique de Grenoble (INPG)-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA), Mécanique des Matériaux et des Structures (M2S), Sols - Matériaux - Structures, Intégrité et Durabilité (SMS-ID), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA), Architecture, Environnement & Cultures constructives (AE&CC), École nationale supérieure d'architecture de Grenoble (ENSAG)-Ministère de la Culture et de la Communication (MCC), CRAterre (CRAterre), ANR-10-HAIT-0003,REparH(2010), ANR-15-IDEX-02,CYBER@ALPS,Grenoble Alpes Cybersecurity Institute(2017), Laboratoire sols, solides, structures - risques [Grenoble] (3SR ), Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes [2016-2019] (UGA [2016-2019]), Technische Universität Dresden = Dresden University of Technology (TU Dresden), Risques, Vulnérabilité des structures et comportement mécanique des matériaux (RV ), Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes [2016-2019] (UGA [2016-2019])-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes [2016-2019] (UGA [2016-2019]), Architecture, Environnement & Cultures Constructives (AE&CC), and ANR-15-IDEX-0002,UGA,IDEX UGA(2015)

Subjects

Visual Arts and Performing Arts, 0211 other engineering and technologies, 020101 civil engineering, 02 engineering and technology, Conservation, seismic resistance, 0201 civil engineering, 021105 building & construction, Architecture, traditional house, Infill, Geotechnical engineering, Seismic resistance, hysteresis behavior, [SPI.GCIV.CD]Engineering Sciences [physics]/Civil Engineering/Construction durable, business.industry, Numerical analysis, multi-stories timber-framed, numercial analysis, Masonry, earth mortar, Haiti, [SPI.GCIV.DV]Engineering Sciences [physics]/Civil Engineering/Dynamique, vibrations, nonlinear elements, business, Geology

Abstract

International audience; Due to their seismic resistance, traditional timber-framed structures with masonry infill suffered little damage during recent earthquakes. Moreover, timber-framed structures can be built with reduced costs thanks to the use of locally available materials such as wood, stone, and earth. Based on an experimentally validated numerical simulation for a one-story house, the seismic resistance of a similar two-story house is investigated. A simplified Finite Element Model with linear and nonlinear truss elements is proposed to analyze the seismic resistance of a two-story building. Nonlinear hysteresis constitutive laws are defined only for two majorcomponents of the structure which are assumed to be representative of the global structure behavior: diagonal X-crosses (concentrating the interaction with the infill material) and steel strip connections. These kinds of structures have been overlooked due to a lack of knowledge of their potential behavior in seismic prone area and a lack of building codes and standards for their own design. To promote them, a failure criterion, that might easily be used in engineering studies, is required. This article proposes a simple criterion based on Eurocode 8 to quantify the seismic resistance of one- and two-story houses. The simulation shows that, even in case of high intensity ground motion, the two-story building should not be collapsed. This study may help at designing two-story timber-framed structures in seismic prone areas for (re)construction projects.

Published

2018