References of "Bonnin, Jean-Marie"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailA training-resistant anomaly detection system
Muller, Steve UL; Lancrenon, Jean; Harpes, Carlo et al

in Computers & Security (2018), 76

Modern network intrusion detection systems rely on machine learning techniques to detect traffic anomalies and thus intruders. However, the ability to learn the network behaviour in real-time comes at a ... [more ▼]

Modern network intrusion detection systems rely on machine learning techniques to detect traffic anomalies and thus intruders. However, the ability to learn the network behaviour in real-time comes at a cost: malicious software can interfere with the learning process, and teach the intrusion detection system to accept dangerous traffic. This paper presents an intrusion detection system (IDS) that is able to detect common network attacks including but not limited to, denial-of-service, bot nets, intrusions, and network scans. With the help of the proposed example IDS, we show to what extent the training attack (and more sophisticated variants of it) has an impact on machine learning based detection schemes, and how it can be detected. © 2018 Elsevier Ltd [less ▲]

Detailed reference viewed: 73 (6 UL)
Full Text
Peer Reviewed
See detailEfficiently computing the likelihoods of cyclically interdependent risk scenarios
Muller, Steve UL; Harpes, Carlo; Le Traon, Yves UL et al

in Computers & Security (2017), 64

Quantitative risk assessment provides a holistic view of risk in an organisation, which is, however, often biased by the fact that risk shared by several assets is encoded multiple times in a risk ... [more ▼]

Quantitative risk assessment provides a holistic view of risk in an organisation, which is, however, often biased by the fact that risk shared by several assets is encoded multiple times in a risk analysis. An apparent solution to this issue is to take all dependencies between assets into consideration when building a risk model. However, existing approaches rarely support cyclic dependencies, although assets that mutually rely on each other are encountered in many organisations, notably in critical infrastructures. To the best of our knowledge, no author has provided a provably efficient algorithm (in terms of the execution time) for computing the risk in such an organisation, notwithstanding that some heuristics exist. This paper introduces the dependency-aware root cause (DARC) model, which is able to compute the risk resulting from a collection of root causes using a poly-time randomised algorithm, and concludes with a discussion on real-time risk monitoring, which DARC supports by design. © 2016 Elsevier Ltd [less ▲]

Detailed reference viewed: 31 (4 UL)
Full Text
Peer Reviewed
See detailDynamic Risk Analyses and Dependency-Aware Root Cause Model for Critical Infrastructures
Muller, Steve UL; Harpes, Carlo; Le Traon, Yves UL et al

in International Conference on Critical Information Infrastructures Security (2016)

Critical Infrastructures are known for their complexity and the strong interdependencies between the various components. As a result, cascading effects can have devastating consequences, while foreseeing ... [more ▼]

Critical Infrastructures are known for their complexity and the strong interdependencies between the various components. As a result, cascading effects can have devastating consequences, while foreseeing the overall impact of a particular incident is not straight-forward at all and goes beyond performing a simple risk analysis. This work presents a graph-based approach for conducting dynamic risk analyses, which are programmatically generated from a threat model and an inventory of assets. In contrast to traditional risk analyses, they can be kept automatically up-to-date and show the risk currently faced by a system in real-time. The concepts are applied to and validated in the context of the smart grid infrastructure currently being deployed in Luxembourg. [less ▲]

Detailed reference viewed: 54 (6 UL)