References of "Engel, Thomas 50001752"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailAdvanced Detection Tool for PDF Threats
Jerome, Quentin UL; Marchal, Samuel UL; State, Radu UL et al

in Proceedings of the sixth International Workshop on Autonomous and Spontaneous Security, RHUL, Egham, U.K., 12th-13th September 2013 (2013, September 13)

In this paper we introduce an efficient application for malicious PDF detection: ADEPT. With targeted attacks rising over the recent past, exploring a new detection and mitigation paradigm becomes ... [more ▼]

In this paper we introduce an efficient application for malicious PDF detection: ADEPT. With targeted attacks rising over the recent past, exploring a new detection and mitigation paradigm becomes mandatory. The use of malicious PDF files that exploit vulnerabilities in well-known PDF readers has become a popular vector for targeted at- tacks, for which few efficient approaches exist. Although simple in theory, parsing followed by analysis of such files is resource-intensive and may even be impossible due to several obfuscation and reader-specific artifacts. Our paper describes a new approach for detecting such malicious payloads that leverages machine learning techniques and an efficient feature selection mechanism for rapidly detecting anomalies. We assess our approach on a large selection of malicious files and report the experimental performance results for the developed prototype. [less ▲]

Detailed reference viewed: 1000 (6 UL)
Full Text
See detailPath Extension Analysis of Peer-to-Peer Communications in 6LoWPAN/RPL Sensor Networks
Melakessou, Foued UL; Engel, Thomas UL

in Abstract book of 21st International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems, MASCOTS’13 (2013)

Researchers and manufacturers are currently putting a lot of efforts to design, improve and deploy the Internet of Things, involving a significant number of constrained and low cost embedded devices ... [more ▼]

Researchers and manufacturers are currently putting a lot of efforts to design, improve and deploy the Internet of Things, involving a significant number of constrained and low cost embedded devices deployed in large scales with low power consumption, low bandwidth and limited communication range. For instance we can easily build a network composed by multiple sensors distributed in a building in order to monitor temperature in different offices. This kind of architecture is generally centralized as all sensors are mainly programmed to periodically transmit their data to the sink. The specific IPv6 Routing Protocol for Low-power and Lossy Networks (RPL) had been designed in order to enable such communications. Support for point-to-point traffic is also available. In fact new applications may also consider peer-to-peer communications between any nodes of the network. In that case, RPL is not optimal as data packets are forwarded in respect with longer paths with larger metrics. In this paper we propose to study the effectiveness of RPL compared to a shortest path algorithm such like the Dijkstra's algorithm. We suggest to analyze peer-to-peer communications inside random wireless sensor network topologies with size limited to 250 nodes, corresponding to a reasonable cluster size. We have built a particular simulation environment named Network Analysis and Routing eVALuation (NARVAL). This toolbox permits to generate random topologies in order to study the impact of routing algorithms on the effectiveness of communication protocols. In our work, we first generated many random network topologies where we selected a sink node. We built the Destination Oriented Directed Acyclic Graph (DODAG) from the chosen sink in respect with the RPL algorithm. We finally performed all paths between each couple of two distinct sensor nodes and compared them to the corresponding shortest paths obtained by the Dijkstra's algorithm. This approach permits to retrieve some statistics on the path extension between RPL and the Dijkstra's algorithm. We also analyzed the impact of the sink position and the network size on this path extension. [less ▲]

Detailed reference viewed: 139 (6 UL)
Full Text
Peer Reviewed
See detailA semantic firewall for Content Centric Networking
Goergen, David UL; Cholez, Thibault UL; François, Jérôme UL et al

in IFIP/IEEE International Symposium on Integrated Network Management (2013, May)

Content-Centric Networking (CCN) is a promising routing paradigm for content dissemination over a future Internet based on named data instead of named hosts. The CCN architecture has aspects that provide ... [more ▼]

Content-Centric Networking (CCN) is a promising routing paradigm for content dissemination over a future Internet based on named data instead of named hosts. The CCN architecture has aspects that provide more scalability, security, collaborative and pervasive networking. However, several key components that secures the current Internet are still missing in CCN, in particular a firewall able to enforce security policies. We provide a comprehensive study of CCN security requirements from which we design the first CCN-compliant firewall, including syntax and definition of rules. In particular, based on CCN features, our firewall can filter packets according to both their authentication and the semantics of the content name. We also provide a performance evaluation of our prototype. [less ▲]

Detailed reference viewed: 102 (6 UL)
Full Text
Peer Reviewed
See detailOn the Evaluation of Make-Before-Break Handovers in Urban WiFi Networks for Moving Vehicles
Mouton, Maximilien UL; Castignani, German UL; Frank, Raphaël UL et al

Scientific Conference (2013, February)

Detailed reference viewed: 192 (12 UL)
Full Text
Peer Reviewed
See detailModel synchronization based on triple graph grammars: correctness, completeness and invertibility
Hermann, Frank UL; Ehrig, Hartmut; Orejas, Fernando et al

in Software and Systems Modeling (2013)

Triple graph grammars (TGGs) have been used successfully to analyze correctness and completeness of bidirectional model transformations, but a corresponding formal approach to model synchronization has ... [more ▼]

Triple graph grammars (TGGs) have been used successfully to analyze correctness and completeness of bidirectional model transformations, but a corresponding formal approach to model synchronization has been missing. This paper closes this gap by providing a formal synchronization framework with bidirectional update propagation operations. They are generated from a given TGG, which specifies the language of all consistently integrated source and target models. As our main result, we show that the generated synchronization framework is correct and complete, provided that forward and backward propagation operations are deterministic. Correctness essentially means that the propagation operations preserve and establish consistency while completeness ensures that the operations are defined for all possible inputs. Moreover, we analyze the conditions under which the operations are inverse to each other. All constructions and results are motivated and explained by a running example, which leads to a case study, using concrete visual syntax and abstract syntax notation based on typed attributed graphs. [less ▲]

Detailed reference viewed: 180 (24 UL)
Full Text
Peer Reviewed
See detailASMATRA: Ranking ASs Providing Transit Service to Malware Hosters
Wagner, Cynthia UL; François, Jérôme UL; State, Radu UL et al

in IFIP/IEEE International Symposium on Integrated Network Management IM2013 (2013)

The Internet has grown into an enormous network offering a variety of services, which are spread over a multitude of domains. BGP-routing and Autonomous Systems (AS) are the key components for maintaining ... [more ▼]

The Internet has grown into an enormous network offering a variety of services, which are spread over a multitude of domains. BGP-routing and Autonomous Systems (AS) are the key components for maintaining high connectivity in the Internet. Unfortunately, Internet Service Providers (ISPs) operating ASs do not only host normal users and content, but also malicious content used by attackers for spreading malware, hosting phishing web-sites or performing any kind of fraudulent activity. Practical analysis shows that such malware-providing ASs prevent themselves from being de-peered by hiding behind other ASs, which do not host the malware themselves but simply provide transit service for malware. This paper presents a new method for detecting ASs that provide transit service for malware hosters, without being malicious themselves. A formal definition of the problem and the metrics are determined by using the AS graph. The PageRank algorithm is applied to improve the scalability and the completeness of the approach. The method is assessed on real and publicly available datasets, showing promising results. [less ▲]

Detailed reference viewed: 99 (1 UL)
Full Text
Peer Reviewed
See detailOn an Automated Translation of Satellite Procedures Using Triple Graph Grammars
Hermann, Frank UL; Gottmann, Susann UL; Nachtigall, Nico UL et al

in Duddy, Keith; Kappel, Gerti (Eds.) Theory and Practice of Model Transformations (2013)

Model transformation based on triple graph grammars (TGGs) is a general, intuitive and formally well defined technique for the translation of models [5,6,2]. While previous concepts and case studies were ... [more ▼]

Model transformation based on triple graph grammars (TGGs) is a general, intuitive and formally well defined technique for the translation of models [5,6,2]. While previous concepts and case studies were focused mainly on visual models of software and systems, this article describes an industrial application of model transformations based on TGGs as a powerful technique for software translation using the tool Henshin [1]. The general problem in this scenario is to translate source code that is currently in use into corresponding source code that shall run on a new system. Up to now, this problem was addressed based on manually written converters, parser generators, compiler-compilers or meta-programming environments using term rewriting or similar techniques (see e. g. [4]). [less ▲]

Detailed reference viewed: 207 (22 UL)
Full Text
Peer Reviewed
See detailOn Optimal Scheduling in Duty-Cycled IoT Industrial Applications using IEEE 802.15.4e TSCH
Palattella, Maria Rita UL; Accettura, Nicola; Grieco, Luigi Alfredo et al

in IEEE Sensors Journal (2013), 13(10), 3655-3666

Detailed reference viewed: 174 (4 UL)
Full Text
Peer Reviewed
See detailCorrectness and Completeness of Generalised Concurrent Model Synchronisation Based on Triple Graph Grammars
Gottmann, Susann UL; Hermann, Frank UL; Nachtigall, Nico UL et al

in Baudry, Benoit; Dingel, Juergen; Lucio, Levi (Eds.) et al Proc. Int. Workshop on Analysis of Model Transformations 2013 (AMT'13) (2013)

Detailed reference viewed: 136 (19 UL)
Full Text
Peer Reviewed
See detailAssessing In-Vehicle Information Systems application in the car: a versatile tool and unified testing platform.
Louveton, Nicolas UL; McCall, Roderick UL; Avanesov, Tigran UL et al

in Proceedings of the 5th International Conference on Automotive User Interfaces and Interactive Vehicular Applications (2013)

In this paper we present the DriveLab IVIS testing platform which allows for the same experiments to be conducted both under simulator and real car conditions. Other key aspects of DriveLab is that it is ... [more ▼]

In this paper we present the DriveLab IVIS testing platform which allows for the same experiments to be conducted both under simulator and real car conditions. Other key aspects of DriveLab is that it is highly modular (therefore allowing the exchange or integration of different components) and that it supports more than one driver. For example we show that the same IVIS devices and scenario can be used with two different 3D engines. The paper provides a technical overview and a brief example of use. [less ▲]

Detailed reference viewed: 215 (23 UL)
Full Text
Peer Reviewed
See detailSymbolic Execution of Satellite Control Procedures in Graph-Transformation-Based EMF Ecosystems
Nachtigall, Nico UL; Braatz, Benjamin UL; Engel, Thomas UL

in Boulanger, Frédéric; Famelis, Michalis; Ratiu, Daniel (Eds.) MoDeVVa@MoDELS (2013)

Symbolic execution is a well-studied technique for analysing the behaviour of software components with applications to test case generation. We propose a framework for symbolically executing satellite ... [more ▼]

Symbolic execution is a well-studied technique for analysing the behaviour of software components with applications to test case generation. We propose a framework for symbolically executing satellite control procedures and generating test cases based on graph transformation techniques. A graph-based operational symbolic execution semantics is defined and the executed procedure models are used for generating test cases by performing model transformations. The approach is discussed based on a prototype implementation using the Eclipse Modelling Framework (EMF), Henshin and ECLiPSe-CLP tool ecosystem. [less ▲]

Detailed reference viewed: 107 (8 UL)
Full Text
Peer Reviewed
See detailTowards Bidirectional Engineering of Satellite Control Procedures Using Triple Graph Grammars
Gottmann, Susann UL; Hermann, Frank UL; Ermel, Claudia et al

in Jacquet, Christophe; Balasubramanian, Daniel; Jones, Edward (Eds.) et al Proc. Int. Workshop on Multi-Paradigm Modeling 2013 (MPM'13) (2013)

The development and maintenance of satellite control software are very complex, mission-critical and cost-intensive tasks that require expertise from different domains. In order to adequately address ... [more ▼]

The development and maintenance of satellite control software are very complex, mission-critical and cost-intensive tasks that require expertise from different domains. In order to adequately address these challenges, we propose to use visual views of the software to provide concise abstractions of the system from different perspectives. This paper introduces a visual language for process flow models of satellite control procedures that we developed in cooperation with the industrial partner SES for the satellite control language SPELL. Furthermore, we present a general and formal bidirectional engineering approach for automatically translating satellite control procedures into corresponding process flow visualisations. The bidirectional engineering framework is supported by a visual editor based on Eclipse GMF, the transformation tool HenshinTGG, and additional extensions to meet requirements set up by the specific application area of satellite control languages. [less ▲]

Detailed reference viewed: 110 (21 UL)
Full Text
Peer Reviewed
See detailSecurity monitoring for Content Centric Networking
Goergen, David UL; Cholez, Thibault UL; François, Jérôme UL et al

in Data Privacy Management and Autonomous Spontaneous Security (2013)

Content-Centric Networking (CCN) is one of the most promising research area for a future Internet. The goal is to obtain a more scalable, secure, collaborative Internet supporting context-aware services ... [more ▼]

Content-Centric Networking (CCN) is one of the most promising research area for a future Internet. The goal is to obtain a more scalable, secure, collaborative Internet supporting context-aware services. However, as a new overlay infrastructure, CCN raises the need of a new monitoring architecture to assess security of CCN devices. In particular, the stateful nature of CCN routers introduces new attack threats that need to be addressed. We propose in this paper a monitoring approach for the instrumentation of CCN enabled network nodes. The rationale of our monitoring approach is demonstrated through real experimentations to detect and mitigate network level attacks against CCN. [less ▲]

Detailed reference viewed: 170 (8 UL)
Full Text
Peer Reviewed
See detailMulti-dimensional Aggregation for DNS Monitoring'
Dolberg, Lautaro UL; François, Jérôme UL; Engel, Thomas UL

in Proceedings of the 26th Large Installation System Administration Conference (LISA 12) (2013)

Detailed reference viewed: 128 (3 UL)
Full Text
See detailA Study on Highway Traffic Flow Optimization using Partial Velocity Synchronization
Forster, Markus UL; Frank, Raphaël UL; Engel, Thomas UL

in Proceedings of the 1st GI/ITG KuVS Fachgespräch Inter-Vehicle Communication (FG-IVC 2013) Technical Report CCS-2013-01 (2013)

In this paper we present a study of highway traffic flow optimization using Partial Velocity Synchronization (PVS). PVS is a Cellular Automaton (CA) model that is extended by a communication layer ... [more ▼]

In this paper we present a study of highway traffic flow optimization using Partial Velocity Synchronization (PVS). PVS is a Cellular Automaton (CA) model that is extended by a communication layer providing the ability to exchange relevant information between vehicles. We show that it is possible to enhance traffic flow on highways significantly with a small number of velocity recommendations computed from the traffic conditions ahead. Furthermore we show that only a limited number of hops in an information chain is necessary to reschedule the vehicles on a given highway segment to avoid the formation of shockwaves. Our results show that traffic flow will be increased while travel time and emissions will be reduced dramatically. [less ▲]

Detailed reference viewed: 486 (8 UL)
Full Text
Peer Reviewed
See detailLuxTraffic: A Collaborative Traffic Sensing System
Kovacheva, Aleksandrina; Frank, Raphaël UL; Engel, Thomas UL

in Proceedings of the 19th IEEE Workshop on Local & Metropolitan Area Networks (LANMAN'13) (2013)

Detailed reference viewed: 221 (7 UL)
Full Text
Peer Reviewed
See detailSemantic based DNS Forensics
Marchal, Samuel UL; François, Jérôme UL; State, Radu UL et al

in Proceedings of the IEEE International Workshop on Information Forensics and Security (2012, December)

In network level forensics, Domain Name Service (DNS) is a rich source of information. This paper describes a new approach to mine DNS data for forensic purposes. We propose a new technique that leverages ... [more ▼]

In network level forensics, Domain Name Service (DNS) is a rich source of information. This paper describes a new approach to mine DNS data for forensic purposes. We propose a new technique that leverages semantic and natural language processing tools in order to analyze large volumes of DNS data. The main research novelty consists in detecting malicious and dangerous domain names by evaluating the semantic similarity with already known names. This process can provide valuable information for reconstructing network and user activities. We show the efficiency of the method on experimental real datasets gathered from a national passive DNS system. [less ▲]

Detailed reference viewed: 245 (3 UL)
Full Text
Peer Reviewed
See detailProactive Discovery of Phishing Related Domain Names
Marchal, Samuel UL; François, Jérôme UL; State, Radu UL et al

in Proceedings of the 15th International Symposium on Research in Attacks, Intrusions and Defenses, Amsterdam 12-14 September 2012 (2012, September)

Phishing is an important security issue to the Internet, which has a significant economic impact. The main solution to counteract this threat is currently reactive blacklisting; however, as phishing ... [more ▼]

Phishing is an important security issue to the Internet, which has a significant economic impact. The main solution to counteract this threat is currently reactive blacklisting; however, as phishing attacks are mainly performed over short periods of time, reactive methods are too slow. As a result, new approaches to early identify malicious websites are needed. In this paper a new proactive discovery of phishing related domain names is introduced. We mainly focus on the automated detec- tion of possible domain registrations for malicious activities. We leverage techniques coming from natural language modelling in order to build pro- active blacklists. The entries in this list are built using language models and vocabularies encountered in phishing related activities - “secure”, “banking”, brand names, etc. Once a pro-active blacklist is created, ongoing and daily monitoring of only these domains can lead to the efficient detection of phishing web sites. [less ▲]

Detailed reference viewed: 172 (1 UL)
Full Text
Peer Reviewed
See detailLarge Scale DNS Analysis
Marchal, Samuel UL; Engel, Thomas UL

in 6th IFIP WG 6.6 International Conference on Autonomous Infrastructure, Management, and Security, Luxembourg, June 4-8 2012 (2012, June)

In this paper we present an architecture for large scale DNS monitoring. The analysis of DNS traffic is becoming of first importance currently, as it allows to monitor the main part of the interactions on ... [more ▼]

In this paper we present an architecture for large scale DNS monitoring. The analysis of DNS traffic is becoming of first importance currently, as it allows to monitor the main part of the interactions on the Internet. DNS traffic can reveal anomalies such as worm infected hosts, botnets or spam participating hosts. The efficiency and the speed of detection of such anomalies rely on the capacity of DNS monitoring system to treat quickly huge quantity of data. We propose a system that leverages distributed processing and storage facilities. [less ▲]

Detailed reference viewed: 130 (2 UL)
Full Text
Peer Reviewed
See detailSemantic Exploration of DNS
Marchal, Samuel UL; François, Jérôme UL; Wagner, Cynthia UL et al

in Proceedings of the 11th International IFIP TC 6 Networking Conference, Prague, Czech Republic, May 21-25 2012 (2012, May)

The DNS structure discloses useful information about the organization and the operation of an enterprise network, which can be used for designing attacks as well as monitoring domains supporting malicious ... [more ▼]

The DNS structure discloses useful information about the organization and the operation of an enterprise network, which can be used for designing attacks as well as monitoring domains supporting malicious activities. Thus, this paper introduces a new method for exploring the DNS domains. Although our previous work described a tool to generate existing DNS names accurately in order to probe a domain automatically, the approach is extended by leveraging semantic analysis of domain names. In particular, the semantic distributional similarity and relatedness of sub-domains are considered as well as sequential patterns. The evaluation shows that the discovery is highly improved while the overhead remains low, comparing with non semantic DNS probing tools including ours and others. [less ▲]

Detailed reference viewed: 159 (0 UL)