pr\u00e9sentent<\/p>\n\n\n\n
Autoris\u00e9 \u00e0 pr\u00e9senter ses travaux en vue de l\u2019obtention du Doctorat de l’Institut Polytechnique de Paris, pr\u00e9par\u00e9 \u00e0 T\u00e9l\u00e9com SudParis en :<\/p>\n\n\n\n
le MERCREDI 6 NOVEMBRE 2024 \u00e0 13h30<\/p>\n\n\n\n
\u00e0<\/p>\n\n\n\n
4A467
19 Place Marguerite Perey, 91120 Palaiseau<\/p>\n\n\n\n
Membres du jury :<\/strong><\/p>\n\n\n\n Mme Maryline LAURENT<\/strong>, Professeure, T\u00e9l\u00e9com SudParis, FRANCE – Directrice de these R\u00e9sum\u00e9 :<\/strong><\/p>\n\n\n\n Il y a quelques ann\u00e9es, un incident de cybers\u00e9curit\u00e9 aurait pu facilement \u00eatre le sc\u00e9nario d\u2019un film hollywoodien : des attaquants ont exploit\u00e9 un point d\u2019entr\u00e9e inattendu : un thermom\u00e8tre intelligent dans l\u2019aquarium du hall d\u2019un casino. Cet objet connect\u00e9 avait acc\u00e8s au r\u00e9seau du casino, et les pirates ont r\u00e9ussi \u00e0 le compromettre. Ils ont ensuite utilis\u00e9 ce point d\u2019entr\u00e9e initial pour acc\u00e9der \u00e0 d\u2019autres parties du r\u00e9seau et ont finalement exfiltr\u00e9 20 Go de donn\u00e9es sensibles, y compris des informations sur les clients \u201dgros joueurs\u201d. Cet exploit audacieux met en \u00e9vidence la vuln\u00e9rabilit\u00e9 des appareils de l\u2019Internet des Objets (IoT) et l\u2019importance cruciale de leur s\u00e9curisation dans notre monde de plus en plus interconnect\u00e9. Dans le domaine en constante expansion de l\u2019IoT, la s\u00e9curisation des r\u00e9seaux de capteurs sans fil (WSN) pr\u00e9sente un d\u00e9fi unique. Ces r\u00e9seaux, compos\u00e9s de n\u0153uds de capteurs \u00e0 ressources limit\u00e9es, jouent un r\u00f4le vital dans diverses applications, agissant comme des sentinelles de notre environnement physique. Cependant, leur puissance de traitement limit\u00e9e et leur dur\u00e9e de vie de batterie les rendent vuln\u00e9rables aux cyberattaques. Garantir l\u2019int\u00e9grit\u00e9 et la s\u00e9curit\u00e9 des donn\u00e9es collect\u00e9es par les WSN est primordial. Cette th\u00e8se aborde ce d\u00e9fi en adoptant une approche \u00e0 deux volets, traitant de la s\u00e9curit\u00e9 \u00e0 la fois du point de vue du r\u00e9seau et du d\u00e9veloppement logiciel. Le premier facette pr\u00e9sente un sch\u00e9ma d\u2019authentification l\u00e9ger et novateur, con\u00e7u pour r\u00e9pondre aux exigences strictes des RSN contraintes par la puissance. En surmontant la charge computationnelle des techniques cryptographiques traditionnelles, ce protocole innovant assure une communication s\u00e9curis\u00e9e tout en minimisant la consommation de ressources, am\u00e9liorant ainsi consid\u00e9rablement l\u2019efficacit\u00e9 et la fiabilit\u00e9 des r\u00e9seaux de capteurs sans fil. Cette contribution est valid\u00e9e par une s\u00e9rie de m\u00e9thodes d\u2019\u00e9valuation, notamment la mise en \u0153uvre en temps r\u00e9el, les tests d\u2019exactitude et les \u00e9valuations de l\u2019efficacit\u00e9 \u00e9nerg\u00e9tique. Ces m\u00e9thodes d\u00e9montrent l\u2019efficacit\u00e9 et la practicalit\u00e9 du sch\u00e9ma propos\u00e9. La deuxi\u00e8me facette introduit Shmulik, un syst\u00e8me bas\u00e9 sur le Deep Learning con\u00e7u pour d\u00e9tecter des vuln\u00e9rabilit\u00e9s logicielles, en particulier pour les syst\u00e8mes embarqu\u00e9s et \u00e0 ressources limit\u00e9es. Les m\u00e9thodes traditionnelles de fortification de ces syst\u00e8mes ont souvent un co\u00fbt, n\u00e9cessitant une m\u00e9moire accrue, une puissance de traitement plus importante ou du mat\u00e9riel d\u00e9di\u00e9, ce qui met encore plus \u00e0 rude \u00e9preuve leurs ressources limit\u00e9es. Shmulik offre une alternative int\u00e9ressante. En exploitant l\u2019apprentissage profond, nous visons \u00e0 d\u00e9velopper un syst\u00e8me capable d\u2019analyser automatiquement le code et de rep\u00e9rer les faiblesses de s\u00e9curit\u00e9 potentielles d\u00e8s le d\u00e9but du processus de d\u00e9veloppement. La justification de cette double approche r\u00e9side dans la recherche d\u2019un cadre de s\u00e9curit\u00e9 complet. Un sch\u00e9ma d\u2019authentification robuste s\u00e9curise la communication au sein du WSN, tandis que Shmulik prot\u00e8ge l\u2019ensemble du firmware des vuln\u00e9rabilit\u00e9s. Les sch\u00e9mas d\u2019authentification traditionnels seuls pourraient ne pas \u00eatre suffisants si le logiciel lui-m\u00eame pr\u00e9sente des faiblesses exploitables. \u00c0 l\u2019inverse, l\u2019efficacit\u00e9 de Shmulik repose sur les canaux de communication s\u00e9curis\u00e9s qu\u2019un sch\u00e9ma d\u2019authentification l\u00e9ger peut fournir. En abordant la s\u00e9curit\u00e9 au niveau du r\u00e9seau et du logiciel, nous visons \u00e0 cr\u00e9er un syst\u00e8me de d\u00e9fense plus r\u00e9silient. Cette th\u00e8se comble le foss\u00e9 entre les solutions de s\u00e9curit\u00e9 l\u00e9g\u00e8res pour les r\u00e9seaux \u00e0 ressources limit\u00e9es et les techniques d\u2019apprentissage profond de pointe pour l\u2019analyse des vuln\u00e9rabilit\u00e9s logicielles. En explorant ces deux pistes, nous nous effor\u00e7ons de contribuer \u00e0 un avenir plus s\u00fbr et plus fiable pour les WSN, am\u00e9liorant ainsi la fiabilit\u00e9 et l\u2019efficacit\u00e9 de cette technologie en \u00e9volution rapide. A few years ago, a cybersecurity incident could easily have been the scenario of a Hollywood movie: attackers exploited an unexpected entry point: a smart thermometer in the casino\u2019s lobby fish tank. This Internet of Things (IoT) device had access to the casino\u2019s network, and the hackers managed to compromise it. They then used this initial foothold to access other parts of the network and ultimately exfiltrated 20GB of sensitive data, including high-roller customer information. This audacious exploit highlights the vulnerability of IoT devices and the critical importance of securing them in our increasingly interconnected world. In the ever-expanding realm of the Internet of Things (IoT), securing Wireless Sensor Networks (WSNs) presents a unique challenge. These networks, composed of resource-constrained sensor nodes, play a vital role in various applications, acting as the sentinels of our physical environment. However, their limited processing power and battery life make them vulnerable to cyberattacks. Ensuring the integrity and security of the data collected by WSNs is paramount. This thesis tackles this challenge with a two-pronged approach, addressing security from both the network and software development perspectives. The first facet explores the development of a lightweight authentication scheme specifically designed for power-constrained WSNs. By overcoming the computational overhead of traditional cryptographic techniques, this innovative protocol ensures secure communication while minimizing resource consumption, thereby significantly enhancing the efficiency and reliability of wireless sensor networks. This contribution is validated through a range of evaluation methods, including real-time implementation, accuracy testing, and energy efficiency assessments. These methods demonstrate the effectiveness and practicality of the proposed scheme. The second facet introduces Shmulik, a deep learning-based system crafted to unearth software vulnerabilities, especially for embedded and resource-constrained devices. Traditional methods of fortifying these systems often come at a cost, requiring increased memory, processing power, or dedicated hardware, further straining their limited resources. Shmulik offers a compelling alternative. By leveraging deep learning, we aim to develop a system that can automatically analyze code and pinpoint potential security weaknesses early in the development process. Shmulik\u2019s effectiveness is validated by a comprehensive evaluation, including experimental tests, tool comparisons, a case study, and the detection of zero-day vulnerabilities. The rationale for this dual approach lies in the pursuit of a comprehensive security framework. A robust authentication scheme secures communication within the WSN, while Shmulik safeguards the whole firmware from vulnerabilities. Traditional authentication schemes alone might not be sufficient if the software itself has exploitable weaknesses. Conversely, Shmulik\u2019s effectiveness relies on the secure communication channels that a lightweight authentication scheme can provide. By addressing security at both network and software levels, we aim to create a more resilient defense system. This thesis bridges the gap between lightweight security solutions for resource-constrained networks and cutting-edge deep learning techniques for software vulnerability analysis. By exploring both avenues, we strive to contribute to a more secure and reliable future for WSNs, ultimately enhancing the trustworthiness and effectiveness of this rapidly evolving technology.<\/p>\n","protected":false},"excerpt":{"rendered":" L’Ecole doctorale : Ecole Doctorale de l’Institut Polytechnique de Paris et le Laboratoire de recherche SAMOVAR – Services r\u00e9partis, Architectures, Mod\u00e9lisation, Validation, Administration des R\u00e9seaux pr\u00e9sentent l\u2019AVIS DE SOUTENANCE de Monsieur Ari\u00e9 HAENEL Autoris\u00e9 \u00e0 pr\u00e9senter ses travaux en vue de l\u2019obtention du Doctorat de l’Institut Polytechnique de Paris, pr\u00e9par\u00e9 \u00e0 T\u00e9l\u00e9com SudParis en : […]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ocean_post_layout":"","ocean_both_sidebars_style":"","ocean_both_sidebars_content_width":0,"ocean_both_sidebars_sidebars_width":0,"ocean_sidebar":"","ocean_second_sidebar":"","ocean_disable_margins":"enable","ocean_add_body_class":"","ocean_shortcode_before_top_bar":"","ocean_shortcode_after_top_bar":"","ocean_shortcode_before_header":"","ocean_shortcode_after_header":"","ocean_has_shortcode":"","ocean_shortcode_after_title":"","ocean_shortcode_before_footer_widgets":"","ocean_shortcode_after_footer_widgets":"","ocean_shortcode_before_footer_bottom":"","ocean_shortcode_after_footer_bottom":"","ocean_display_top_bar":"default","ocean_display_header":"default","ocean_header_style":"","ocean_center_header_left_menu":"","ocean_custom_header_template":"","ocean_custom_logo":0,"ocean_custom_retina_logo":0,"ocean_custom_logo_max_width":0,"ocean_custom_logo_tablet_max_width":0,"ocean_custom_logo_mobile_max_width":0,"ocean_custom_logo_max_height":0,"ocean_custom_logo_tablet_max_height":0,"ocean_custom_logo_mobile_max_height":0,"ocean_header_custom_menu":"","ocean_menu_typo_font_family":"","ocean_menu_typo_font_subset":"","ocean_menu_typo_font_size":0,"ocean_menu_typo_font_size_tablet":0,"ocean_menu_typo_font_size_mobile":0,"ocean_menu_typo_font_size_unit":"px","ocean_menu_typo_font_weight":"","ocean_menu_typo_font_weight_tablet":"","ocean_menu_typo_font_weight_mobile":"","ocean_menu_typo_transform":"","ocean_menu_typo_transform_tablet":"","ocean_menu_typo_transform_mobile":"","ocean_menu_typo_line_height":0,"ocean_menu_typo_line_height_tablet":0,"ocean_menu_typo_line_height_mobile":0,"ocean_menu_typo_line_height_unit":"","ocean_menu_typo_spacing":0,"ocean_menu_typo_spacing_tablet":0,"ocean_menu_typo_spacing_mobile":0,"ocean_menu_typo_spacing_unit":"","ocean_menu_link_color":"","ocean_menu_link_color_hover":"","ocean_menu_link_color_active":"","ocean_menu_link_background":"","ocean_menu_link_hover_background":"","ocean_menu_link_active_background":"","ocean_menu_social_links_bg":"","ocean_menu_social_hover_links_bg":"","ocean_menu_social_links_color":"","ocean_menu_social_hover_links_color":"","ocean_disable_title":"default","ocean_disable_heading":"default","ocean_post_title":"","ocean_post_subheading":"","ocean_post_title_style":"","ocean_post_title_background_color":"","ocean_post_title_background":0,"ocean_post_title_bg_image_position":"","ocean_post_title_bg_image_attachment":"","ocean_post_title_bg_image_repeat":"","ocean_post_title_bg_image_size":"","ocean_post_title_height":0,"ocean_post_title_bg_overlay":0.5,"ocean_post_title_bg_overlay_color":"","ocean_disable_breadcrumbs":"default","ocean_breadcrumbs_color":"","ocean_breadcrumbs_separator_color":"","ocean_breadcrumbs_links_color":"","ocean_breadcrumbs_links_hover_color":"","ocean_display_footer_widgets":"default","ocean_display_footer_bottom":"default","ocean_custom_footer_template":"","ocean_post_oembed":"","ocean_post_self_hosted_media":"","ocean_post_video_embed":"","ocean_link_format":"","ocean_link_format_target":"self","ocean_quote_format":"","ocean_quote_format_link":"post","ocean_gallery_link_images":"on","ocean_gallery_id":[],"footnotes":""},"categories":[286,603],"tags":[],"class_list":["post-6626","post","type-post","status-publish","format-standard","hentry","category-fractualites-ennews-fr","category-seminaire-scn","entry"],"_links":{"self":[{"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/posts\/6626","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/comments?post=6626"}],"version-history":[{"count":1,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/posts\/6626\/revisions"}],"predecessor-version":[{"id":6627,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/posts\/6626\/revisions\/6627"}],"wp:attachment":[{"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/media?parent=6626"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/categories?post=6626"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/samovar.telecom-sudparis.eu\/index.php\/wp-json\/wp\/v2\/tags?post=6626"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
M. David STAROBINSKI<\/strong>, Professeur, Boston University, ETATS-UNIS – Rapporteur
Mme VALERIE VIET TRIEM TONG<\/strong>, Professeure, CentraleSup\u00e9lec – Rennes Campus, FRANCE – Rapporteure
M. Yoram HADDAD<\/strong>, Professeur associ\u00e9, Jerusalem College of Technology, ISRA\u00cbL – CoDirecteur de these
M. Vincent NICOMETTE<\/strong>, Ma\u00eetre de conf\u00e9rences, LAAS Toulouse, FRANCE – Examinateur
Mme Bracha SHAPIRA<\/strong>, Professeure, Ben Gurion University, ISRA\u00cbL – Examinatrice
M. Amit DVIR<\/strong>, Professeur associ\u00e9, Ariel University, ISRA\u00cbL – Examinateur
Mme SOPHIE CHABRIDON<\/strong>, Directrice d’\u00e9tudes, TELECOM SUDPARIS, FRANCE – Examinatrice<\/p>\n\n\n\n\u00ab Solutions de s\u00e9curit\u00e9 hybrides pour des appareils IoT \u00bb<\/h2>\n\n\n\n
pr\u00e9sent\u00e9 par Monsieur Ari\u00e9 HAENEL<\/h2>\n\n\n\n
Abstract :<\/strong><\/p>\n\n\n\n