I am an associate professor at CentraleSupélec (Rennes, France) in the CIDRE research team. I have various areas of interest, most notably:
- applying machine learning techniques to security problems, such as malware analysis, anomaly detection, and data generation
- the application of formal languages theory on system and protocol security, especially on injection-based vulnerabilities
Inria’s Principal Investigator of SecGen (2023-2025)
SecGen is an associated team (“Équipe Associée”) between Inria and CISPA (Saarbrücken, Germany). Security datasets are essential for research, but their quality is disputed: age, lack of diversity, human errors, etc. We propose to generate synthetic data to alleviate such issues. We plan to use data mining to generate network traces with proper temporal dependencies to generate more faithful data with less training data. This dataset will be evaluated with the performances of a network intrusion detection system.
Superviz is a project of the PEPR Cybersécurité. It addresses the following challenges: (i) the increase in the number and diversity of objects to be supervised, (ii) the complexity of systems interconnected to form large critical infrastructures on a European scale, (iii) the existence of increasingly complex and silent targeted attacks, and (iv) the treatment of massive attacks which rapidly affect a significant number of victims. Faced with these challenges, it is necessary to significantly improve the efficiency of the detection-reaction chain (response and remediation).
DefMal is a project of the PEPR Cybersécurité. The objective of the project is to improve the knowledge and understanding of malicious programs and to develop countermeasures. The project involves the human and social sciences, as in the majority of computer attacks, humans are implicated as the “weak link”. Today, malicious programs are increasingly sophisticated and manage to hide themselves and what they are doing. We need to find new techniques to analyze these programs and understand how they operate.
REV is a project of the PEPR Cybersécurité. It addresses the following challenges: (i) holistic vulnerability analysis, from hardware to software to communications, (ii) vulnerabilities exploitation, including the characterization and understanding of the degrees of exploitation allowed by classes of vulnerabilities and the ability to circumvent modern protections, and (iii) vulnerability analysis’s legal aspects (ethical issues, fairness of digital evidence).
I regularly work with researchers from:
- DGA (Bruz) on intrusion detection
- Institut Mines-Télécom (Palaiseau) on intrusion detection and data generation
- IRIT (Toulouse) on data mining
- LAAS-CNRS (Toulouse) on formal language theory applied to security
- NICT (Tokyo, Japan) on XAI for security
Some recent publications
Errors in the CICIDS2017 dataset and the significant differences in detection performances it makes
Lanvin, M., Gimenez, P. F., Han, Y., Majorczyk, F., Mé, L., & Totel, E. (2022, December). Errors in the CICIDS2017 dataset and the significant differences in detection performances it makes. In CRiSIS 2022-International Conference on Risks and Security of Internet and Systems.
Explainable artificial intelligence for cybersecurity: a literature survey
Charmet, F., Tanuwidjaja, H.C., Ayoubi, S. et al. Explainable artificial intelligence for cybersecurity: a literature survey. Ann. Telecommun. (2022).
The complexity of unsupervised learning of lexicographic preferences
Fargier, H., Gimenez, P. F., Mengin, J., & Le Nguyen, B. N. (2022, July). The complexity of unsupervised learning of lexicographic preferences. In 13th Multidisciplinary Workshop on Advances in Preference Handling (M-pref 2022)@ IJCAI 2022
Debiasing Android Malware Datasets: How can I trust your results if your dataset is biased?
Miranda, T. C., Gimenez, P. F., Lalande, J. F., Tong, V. V. T., & Wilke, P. (2022). Debiasing Android Malware Datasets: How can I trust your results if your dataset is biased?. IEEE Transactions on Information Forensics and Security.
Towards a Representation of Malware Execution Traces for Experts and Machine Learning
Raulin, V., Gimenez, P. F., Han, Y., & Tong, V. V. T. (2022). Towards a Representation of Malware Execution Traces for Experts and Machine Learning. RESSI 2022-Rendez-Vous de la Recherche et de l'Enseignement de la Sécurité des Systèmes d'Information.
CentraleSupélec – Campus de Rennes
Avenue de la Boulaie
35510 Cesson-Sévigné – France