Domain related projects

The following specifically includes cybersecurity projects.

cogni-SHING:

description

With the complex ecosystem of innovative technologies and highly connected networks, people are more attracted by facilities to the detriment of exposure to sophisticated cyber-attacks. Due to the inadvertence and ignorance from people, attackers are unfortunately successful. This issue requires adequate cyber defence and cyber resilience solutions to in a robust way. In this project, we intend to develop such solutions with the help of computational and AI methods.

Objectives :

• To build intelligent approaches based on machine and deep learning techniques;
• To design computational approaches based on genetic algorithms to
• Optimize re-using anti-phishing solutions;
• To build adaptive gamified tools to educate people of different ages;
• To representing phishing knowledge semantics;
• To design game-theory Models for predicting phisher intents;
• To model reinforcement learning to characterize interactions to anticipate attacker actions;
• To model Imitation learning to mimic adversarial actions.

eReputation:

Description

With the advent of covid-19 prescribing limitation of contact and popularity of mobile usage, people have adopted exploitation of app facilities online. With this trend, companies are obliged to provide their services through provision of apps in different stores. However, such advantages come with weaknesses related to vulnerabilities from the code, from behaviour of users and from the host environment. Attacks include app imitations, exploitation of code vulnerabilities, bad use of functions, mis-updating, bad use of secure protocols among others. This project applies to mobile banking and e-health applications, with the aim at investigating security enforcement insufficiencies and providing frameworks for testing security reputation risks.

Objectives :

• Providing a reputation assessment based on sentiment analysis of comments to select the most reliable app from Google Play candidates;
• Statically profiling apps based on similarity fingerprinting on external and intrinsic information;
• Dynamically profiling based on system call signatures, memory accesses and process priorities;
• Characterizing Android banking apps with formal methods;
• Profiling vulnerable Inter/intra component’s communication.

socialEyes:

description

As social media is considered as an arm of communication, it is also exploited as a vehicle of fake information. There are threats from the latter such as provocations, phishing, creation of insecurity atmosphere, falsification of company brand, fake documents, children kidnapping, and negative recommendations (health point of view). We are all potential victims since nearly the half of the global population make use of social media. Authors provide protection approaches based on diverse intelligences, which are not effective because of three main reasons: (i) their deployment is difficult, (ii) the propagation is not stopped even if one detects (iii) the features used in existing approaches are static. Unlike, in this project, the main goal is to contain the propagation of hoaxes using collective intelligence. For that, we can make use of web feeds and automatic dissemination of opposite information across different groups.

Objectives :

• To collect a large collection of hoaxes on social media;
• To provide efficient mechanisms to detect that a post is a hoax based on sources of real information on the Web;
• To identify hoax images based on web image mining and comparison of characteristics of similar images found;
• To build sentiment analysis models to infer polarity of posts from the hoaxers;
• To cluster hoaxes-based similarities (text and image constitution, metadata, …) with unsupervised learning algorithms;.
• To model a social network/graph for the analysis of connections and relationships between (group of) users based on hoax posts and its communication scheme for fluid dissemination across members from different and the same group. This objective defines a group’s reputation scheme based on the ability of group members to accept and reject a hoax and review mining;
• To determine what people think about a fact from crawled feeds on the web;
• To rate posts as an aggregation of individual labelling from crowdsourcing involving reviewer from the concerned organization;
• To design and develop the final system with components from the aforementioned objectives.

ioTrack:

description

According to Dataprot (Source, accessed on 22.03.2022), the number of active IoT devices will surpass 25.4 billion in 2030. This is an incredible statistic but real from the perspectives of the phenomenal increase of highly interconnections and dematerialization of mechanics. This trend is on the contrary attracting malicious habits designing sophisticated threats to smart devices. We are not from the rest since our duties are to assist the victims in such situations. Within this context, we intend to identify entry doors vulnerabilities to attackers and to make use of Software-defined Networks (SDN) and blockchains to bring reliability ang robustness into our approaches.

Objectives :

• Investigating and characterizing existing attacks on IoT by clustering based on similarities;
• Ontogy-based representation of knowledge related to existing attacks;
• Developing SDN approaches to track vulnerable flows relying on the knowledge base;
• Automatic extraction of inline software vulnerabilities from sensors from generated interactions;
• Detection of deviations based on behaviour(/state)-based similarity;
• Design of blockchains layer to reliably support communications between sensors.

Multidisciplinary project

The following deals with cybercrime but involving different disciplines.

DeFenSyVE :

The multidisciplinary research – dealing with phishing – brings together a strong and international group of experts from the fields of law, economics, management, computer science, sociology, philosophy, linguistics and anthropology. They share a joint interest in proposing different artefacts to fight against cybercriminals called phishers who spend their time to design techniques to lure people to let them infiltrate and to divulge sensitive confidential information. The first focus in the project is the analysis of linguistics within phishing vectors that can be used to recognize phishing. A second focus is the determination of aspects required to identify and categorise probable nationalities or ethnics of phishers. A third topic is about how people react and what explicative factors are when they are targeted by phishers. During the investigation, we would look at long-term impacts in victim day life and whether sensitising and educative solutions are effective to raise awareness. A fourth topic concerns the investigation in depth legal challenges arising with the emergence of such attacks and adapted proposals as remedies in the legal systems. This topic is an atomic exploration of worldwide, continental and even national regulations. A fifth focus is the in-depth study of economic challenges arising with the emergence of such attacks as well as proposed remedies to mitigate failures in the affected economy. A sixth focus is to investigate relationships between the lack of control of innovative equipment and the penetration of phishing attacks. A seventh topic is the detection of spear-phishing through innovative and current theories mimicking artificial and collective intelligence in such a way that they bring consistent and coherent knowledge consultable for the detection. It is the strong belief of all participating researchers that these questions are inherently interdisciplinary, and that there is a large benefit for each field from such interdisciplinary cooperation. The group will pursue a broad methodological approach, e.g., formal theoretical modelling, legal analysis (including comparative law) as well as simulations, experimental and empirical studies.