Master Internship: Cyberdeception strategies using stochastic optimization and dynamic graphs

10 December 2023

General information: Context: Cyber deception is a defense strategy, complementary to conventional approaches, used to enhance the security posture of a system. The basic idea of this technique is to deliberately conceal and/or falsify a part of such system by deploying and managing decoys (e.g., “honeypots”, “honeynets”, etc.), i.e., applications, data, network elements and protocols that appear to malicious actors as a legitimate part of the system, and to which their attacks are misdirected. The advantage of an effective cyber deception strategy is twofold: on one hand, it depletes attackers’ resources while allowing system security tools to take necessary countermeasures; on the other hand, it provides valuable insights on attackers’ tactics and techniques, which can be used to improve system’s resilience to future attacks and upgrade security policies accordingly. Although cyber-deception has been successfully applied in some scenarios, existing deception approaches lack the flexibility to be seamlessly operated in highly distributed and resource-constrained environments. Indeed, if virtualization and cloud-native design approaches paved the way for ubiquitous deployment of applications, they widened the attack surface that malicious actors might exploit. In such a scenario, it is practically unfeasible to try to deploy decoys for each and every system’s service or application Plus d'infos

Master Internship: Impact of regional aggregation on energy scheduling flexibility performances

10 December 2023

Context: Large scale problems exist for the electricity system both for short-term (e.g., the Unit Commitment problem) and long-term (system planning, e.g. ”Generation Expansion Planning”). In these problems concerning the modern and future electricity system, the question of the integration of energy consumption flexibility is crucial. This flexibility, consisting in “optimally” scheduling the power profile of particular electrical appliances (the most common and suitable ones for that purpose being Electric Vehicles (EV) and Water-Heaters (WH) for residential consumers), allows obtaining a supply-demand equilibrium with diminished total system cost, in comparison to the case where only production assets are controllable. Considering flexibilities related to “small” individual con- sumers (again, EV or WH), their very large number makes it inappropriate to model them individually in the typical electricity system optimization problems, for tractability reasons: it thus seems relevant to consider an aggregate model of consumption flexibilities. In turn, the question of the “right level” of aggregation modelling is of particular importance. Aggregation/disaggregation techniques are widely studied in the context of smart grids. Objective: More precisely, the objective of this internship is to study, on a simple example, the impact of aggregation techniques and aggregation levels, and to solve an optimal energy scheduling Plus d'infos

14th Conference on Decision and Game Theory for Security (GameSec-23)

11 November 2023

The 14th Conference on Decision and Game Theory for Security (GameSec-23) will take place from October 18-20, 2023 in Avignon, France. With the rapid development of information, automation, and communication technology, the security of these emerging systems is more important now than ever. GameSec 2023 focuses on the protection of heterogeneous, large-scale, and dynamic cyber-physical systems as well as managing security risks faced by critical infrastructures through rigorous and practically relevant analytical methods. GameSec 2023 invites novel, high-quality theoretical and empirical contributions, which leverage decision theory and game theory to address security problems and related problems such as privacy, trust, or bias in emerging systems. The goal of the conference is to bring together academic, government, and industrial researchers in an effort to identify and discuss the major challenges and recent results that highlight the interdisciplinary connections between game theory, control, distributed optimization, adversarial reasoning, machine learning, mechanism design, behavioral analysis, risk assessments, and security, reputation, trust and privacy problems. Website: www.gamesec-conf.org

Simulator of a propagation process in graphs

29 July 2023

This software, developed in Python as part of Oumaima DIAMI’s Master 2 internship, allows for observing the dynamics of a propagation process in a graph. Various control policies (Intrusion Detection Systems) can be tested, as well as different types of propagation (unicast, broadcast, random, etc.). The software enables real-time visualization of the different states of nodes as the propagation progresses. A graph also allows for viewing the temporal evolution of the propagation process. Finally, various types of networks can be generated: random, ER, or small-world.