[RU1/21] Leo LAVAUR, Federated detection and defense against cyber-attacks
Leo LAVAUR is at the chaire since October 2020 Airbus, BNP Parisbas, EDF, Nokia and SNCF.
The Internet of Things has begun to spread over avariety of domains, including industry and finance. It represents an increasing threat for both IT and OT. The lack of collaboration results in the same attacks targeting different organizations one after the other. Often employed as an answer to this problem, cyber threat-intelligence sharing induces its own set of challenges :trust, privacy, and traceability. This thesis takes advantages of a distributed sharing-oriented architecture to enhance the security of industrial infrastructures. We study Federated Learning algorithms to build a distributed, autonomic system for detecting and characterizing attacks, as well as providing counter-measures. Experiments on real-world testbeds at the chair Cyber CNI allow us to validate the theoretical assumptions against realistic infrastructures and scenarios, fitting industrial use-cases.