{"id":1231,"date":"2019-12-03T16:27:23","date_gmt":"2019-12-03T15:27:23","guid":{"rendered":"https:\/\/samovar2022.int-evry.fr\/index.php\/2019\/12\/03\/simulation-dattaque-et-dactivite-application-a-la-cyber-defense\/"},"modified":"2020-09-04T18:45:18","modified_gmt":"2020-09-04T16:45:18","slug":"simulation-dattaque-et-dactivite-application-a-la-cyber-defense","status":"publish","type":"post","link":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/2019\/12\/03\/simulation-dattaque-et-dactivite-application-a-la-cyber-defense\/","title":{"rendered":"Simulation d’attaque et d’activit\u00e9 : application \u00e0 la cyber-d\u00e9fense"},"content":{"rendered":"

AVIS DE SOUTENANCE de Monsieur Pierre-Marie BAJAN<\/strong><\/p>\n

Autoris\u00e9 \u00e0 pr\u00e9senter ses travaux en vue de l\u2019obtention du Doctorat de l’Universit\u00e9 Paris-Saclay, pr\u00e9par\u00e9 \u00e0 T\u00e9l\u00e9com SudParis en :
\nR\u00e9seaux, information et communications
\n\u00ab Simulation d’attaque et d’activit\u00e9 : application \u00e0 la cyber-d\u00e9fense \u00bb<\/p>\n

– le VENDREDI 5 JUILLET 2019 \u00e0 10:15
\n– en Salle A003, \u00e0 T\u00e9l\u00e9com SudParis – 9 rue Charles Fourier, 91000 Evry<\/p>\n

Membres du jury <\/strong> :<\/p>\n

M. Herv\u00e9 DEBAR, Professeur, T\u00e9l\u00e9com SudParis, FRANCE – Directeur de th\u00e8se
\nM. Christophe BIDAN, Professeur, Centrale Sup\u00e9lec, FRANCE – Rapporteur
\nM. Micha\u00ebl HAUSPIE, Ma\u00eetre de Conf\u00e9rences, Universit\u00e9 de Lille, FRANCE – Rapporteur
\nM. Ga\u00ebl THOMAS, Professeur, T\u00e9l\u00e9com SudParis, FRANCE – Examinateur
\nMme Isabelle CHRISMENT, Professeur, T\u00e9l\u00e9com Nancy, FRANCE – Examinateur<\/p>\n

R\u00e9sum\u00e9 :<\/strong><\/p>\n

L’\u00e9valuation de produits de s\u00e9curit\u00e9 est un enjeu crucial de la cybers\u00e9curit\u00e9. De nombreux produits et m\u00e9thodes existent pour les propri\u00e9t\u00e9s des services (conformit\u00e9 aux sp\u00e9cifications, traitement de la charge et r\u00e9sistance aux attaques) et des produits de s\u00e9curit\u00e9 (justesse de la d\u00e9cision, vari\u00e9t\u00e9 d’attaques support\u00e9es, impact sur les performances et traitement de la charge). La plupart des m\u00e9thodes existantes ne peuvent \u00e9valuer qu’une partie de ces propri\u00e9t\u00e9s. Les m\u00e9thodes pouvant couvrir toutes ces propri\u00e9t\u00e9s, comme les bancs de tests, n\u00e9cessitent un fort co\u00fbt de ressources et main d\u2019\u0153uvre. Peu de structures peuvent se permettre de d\u00e9ployer et maintenir des bancs de tests complets avec les outils actuels. Dans cette th\u00e8se, nous proposons une nouvelle approche pour g\u00e9n\u00e9rer des donn\u00e9es d’\u00e9valuation \u00e0 grande \u00e9chelle en respectant les exigences et besoins de l’\u00e9valuateur. Notre m\u00e9thode est bas\u00e9e sur le d\u00e9ploiement d’un simple programme capable de reproduire des donn\u00e9es mod\u00e8les sur un r\u00e9seau virtuel l\u00e9ger. Les exigences de l’\u00e9valuateur sont traduites en diff\u00e9rents niveaux de r\u00e9alisme correspondant \u00e0 la pr\u00e9servation de diff\u00e9rentes caract\u00e9ristiques de la donn\u00e9e mod\u00e8le sur la donn\u00e9e simul\u00e9e. Nous pr\u00e9sentons en d\u00e9tails le formalisme de notre m\u00e9thode et imposons des crit\u00e8res d’exigences (adaptabilit\u00e9, reproductibilit\u00e9, r\u00e9alisme, pr\u00e9cision et passage \u00e0 l’\u00e9chelle) sur notre m\u00e9thode. Nous expliquons \u00e9galement les \u00e9tapes du d\u00e9veloppement d’un prototype de cette m\u00e9thode et les validations exp\u00e9rimentales de nos exigences. Bien que les fonctionnalit\u00e9s du prototype pr\u00e9sent\u00e9es soient limit\u00e9es, nous pouvons n\u00e9anmoins utiliser ce prototype pour faire une premi\u00e8re \u00e9valuation d’un produit de s\u00e9curit\u00e9. Nous introduisons d’abord une m\u00e9thodologie pour \u00e9valuer des services et produits de s\u00e9curit\u00e9 avec notre m\u00e9thode puis nous faisons une s\u00e9rie d’exp\u00e9rimentations pour \u00e9valuer un outil de d\u00e9tection d’intrusion. Cette \u00e9valuation nous permet de souligner l’int\u00e9r\u00eat et les avantages de notre m\u00e9thode mais \u00e9galement de pr\u00e9senter les limitations actuelles de notre prototype. Nous proposons \u00e9galement un ensemble d’axes d’am\u00e9lioration pour d\u00e9velopper notre prototype en un outil d’\u00e9valuation efficace.<\/p>\n

Abstract :<\/strong><\/p>\n

The evaluation of security products is a key issue in cybersecurity. Numerous tools and methods can evaluate the properties of services (compliance with the specifications, workload processing capacity, resilience to attacks) and security products (policy accuracy, attack coverage, performances overhead, workload processing capacity). Most existing methods only evaluate some of those properties. Methods, like testbed environments, that can cover all aspects are costly in resources and manpower. Few structures can afford the deployment and maintenance of those testbed environments. In this thesis, we propose a new method to generate at a large scale evaluation data that match the evaluator’s evaluation requirements. We base our method on the deployment of a small program on a lightweight virtual network. That program reproduces model data according to the need of the evaluator. Those needs are translated into levels of realism. Those levels match the characteristics of the model data preserved by the simulation program. We formally present our method and introduce additional requirements (customization, reproducibility, realism, accuracy, scalability) as properties of our model. We also explain the step by step construction of our prototype along with the experimental validation of our method. Although our prototype’s functions are currently limited, we can still use our prototype to evaluate a security product. We first introduce a methodology to apply our method to the evaluation of services and security products. We then conduct a series of experiments according to the methodology to evaluate an intrusion detection system. Our evaluation of an intrusion detection system illustrates the advantages of our method but it also underline the current limitation of our prototype. We propose a series of improvements and development to conduct to transform our current limited prototype into an efficient evaluation tool that can evaluate services and security products alike.<\/p>\n","protected":false},"excerpt":{"rendered":"

AVIS DE SOUTENANCE de Monsieur Pierre-Marie BAJAN Autoris\u00e9 \u00e0 pr\u00e9senter ses travaux en vue de l\u2019obtention du Doctorat de l’Universit\u00e9 Paris-Saclay, pr\u00e9par\u00e9 \u00e0 T\u00e9l\u00e9com SudParis en : R\u00e9seaux, information et communications \u00ab Simulation d’attaque et d’activit\u00e9 : application \u00e0 la cyber-d\u00e9fense \u00bb – le VENDREDI 5 JUILLET 2019 \u00e0 10:15 – en Salle A003, \u00e0 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ocean_post_layout":"","ocean_both_sidebars_style":"","ocean_both_sidebars_content_width":0,"ocean_both_sidebars_sidebars_width":0,"ocean_sidebar":"","ocean_second_sidebar":"","ocean_disable_margins":"enable","ocean_add_body_class":"","ocean_shortcode_before_top_bar":"","ocean_shortcode_after_top_bar":"","ocean_shortcode_before_header":"","ocean_shortcode_after_header":"","ocean_has_shortcode":"","ocean_shortcode_after_title":"","ocean_shortcode_before_footer_widgets":"","ocean_shortcode_after_footer_widgets":"","ocean_shortcode_before_footer_bottom":"","ocean_shortcode_after_footer_bottom":"","ocean_display_top_bar":"default","ocean_display_header":"default","ocean_header_style":"","ocean_center_header_left_menu":"","ocean_custom_header_template":"","ocean_custom_logo":0,"ocean_custom_retina_logo":0,"ocean_custom_logo_max_width":0,"ocean_custom_logo_tablet_max_width":0,"ocean_custom_logo_mobile_max_width":0,"ocean_custom_logo_max_height":0,"ocean_custom_logo_tablet_max_height":0,"ocean_custom_logo_mobile_max_height":0,"ocean_header_custom_menu":"","ocean_menu_typo_font_family":"","ocean_menu_typo_font_subset":"","ocean_menu_typo_font_size":0,"ocean_menu_typo_font_size_tablet":0,"ocean_menu_typo_font_size_mobile":0,"ocean_menu_typo_font_size_unit":"px","ocean_menu_typo_font_weight":"","ocean_menu_typo_font_weight_tablet":"","ocean_menu_typo_font_weight_mobile":"","ocean_menu_typo_transform":"","ocean_menu_typo_transform_tablet":"","ocean_menu_typo_transform_mobile":"","ocean_menu_typo_line_height":0,"ocean_menu_typo_line_height_tablet":0,"ocean_menu_typo_line_height_mobile":0,"ocean_menu_typo_line_height_unit":"","ocean_menu_typo_spacing":0,"ocean_menu_typo_spacing_tablet":0,"ocean_menu_typo_spacing_mobile":0,"ocean_menu_typo_spacing_unit":"","ocean_menu_link_color":"","ocean_menu_link_color_hover":"","ocean_menu_link_color_active":"","ocean_menu_link_background":"","ocean_menu_link_hover_background":"","ocean_menu_link_active_background":"","ocean_menu_social_links_bg":"","ocean_menu_social_hover_links_bg":"","ocean_menu_social_links_color":"","ocean_menu_social_hover_links_color":"","ocean_disable_title":"default","ocean_disable_heading":"default","ocean_post_title":"","ocean_post_subheading":"","ocean_post_title_style":"","ocean_post_title_background_color":"","ocean_post_title_background":0,"ocean_post_title_bg_image_position":"","ocean_post_title_bg_image_attachment":"","ocean_post_title_bg_image_repeat":"","ocean_post_title_bg_image_size":"","ocean_post_title_height":0,"ocean_post_title_bg_overlay":0.5,"ocean_post_title_bg_overlay_color":"","ocean_disable_breadcrumbs":"default","ocean_breadcrumbs_color":"","ocean_breadcrumbs_separator_color":"","ocean_breadcrumbs_links_color":"","ocean_breadcrumbs_links_hover_color":"","ocean_display_footer_widgets":"default","ocean_display_footer_bottom":"default","ocean_custom_footer_template":"","ocean_post_oembed":"","ocean_post_self_hosted_media":"","ocean_post_video_embed":"","ocean_link_format":"","ocean_link_format_target":"self","ocean_quote_format":"","ocean_quote_format_link":"post","ocean_gallery_link_images":"on","ocean_gallery_id":[],"footnotes":""},"categories":[276],"tags":[],"class_list":["post-1231","post","type-post","status-publish","format-standard","hentry","category-theses-2020-fr","entry"],"_links":{"self":[{"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/posts\/1231","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/comments?post=1231"}],"version-history":[{"count":1,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/posts\/1231\/revisions"}],"predecessor-version":[{"id":1435,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/posts\/1231\/revisions\/1435"}],"wp:attachment":[{"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/media?parent=1231"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/categories?post=1231"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/tags?post=1231"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}