Hugo BOURREAU (PhD Student)
Contact
You can reach me at hugo.bourreau@imt-atlantique.fr.
My research
PhD Student at IMT Atlantique
I'm a PhD Student working on digital twins and AI for cybersecurity.
Latest posts by Hugo Bourreau (see all)
My publications
2021
Navas, Renzo E; Cuppens, Frederic; Cuppens, Nora Boulahia; Toutain, Laurent; Papadopoulos, Georgios Z
MTD, Where Art Thou? A Systematic Review of Moving Target Defense Techniques for IoT Journal Article
In: IEEE Internet of Things Journal, vol. 8, no. 10, pp. 7818–7832, 2021, ISSN: 23274662.
Abstract | Links | BibTeX | Tags: Cyber security, entropy, Internet of Things (IoT), metrics, moving target defense (MTD), Systematic literature review
@article{Navas2021,
title = {MTD, Where Art Thou? A Systematic Review of Moving Target Defense Techniques for IoT},
author = {Renzo E Navas and Frederic Cuppens and Nora Boulahia Cuppens and Laurent Toutain and Georgios Z Papadopoulos},
doi = {10.1109/JIOT.2020.3040358},
issn = {23274662},
year = {2021},
date = {2021-01-01},
journal = {IEEE Internet of Things Journal},
volume = {8},
number = {10},
pages = {7818--7832},
abstract = {Context: Internet-of-Things (IoT) systems are increasingly deployed in the real world, but their security lags behind the state of the art of non-IoT systems. Moving target defense (MTD) is a cyberdefense paradigm, successfully implemented in conventional systems, that could improve IoT security. Objective: Identify and synthesize existing MTD techniques for IoT and validate the feasibility of MTD as a cybersecurity paradigm suitable for IoT systems. Method: We use a systematic literature review method to search and analyze existing MTD for IoT techniques up to July 2020. We evaluated the existing techniques in terms of security foundations and real-world deployability using the evidence they provide. We define and use entropy-related metrics to categorize them. This is the first MTD survey to use Shannon's entropy metric empirically. Results: Thirty-two distinct MTD for IoT techniques exist: 54% are Network-layer-based, 50% present strong evidence about their real-world deployment, and 64% have weak security foundations. Conclusion: MTD for IoT is a feasible cyberdefense approach. A variety of proposals exist, with evidence about their implementation and evaluation. Nevertheless, the MTD for IoT state of the art is still immature: the security foundations of most existing proposals are weak. Novel techniques should prioritize providing convincing security foundations and real-world deployment evidence.},
keywords = {Cyber security, entropy, Internet of Things (IoT), metrics, moving target defense (MTD), Systematic literature review},
pubstate = {published},
tppubtype = {article}
}
Context: Internet-of-Things (IoT) systems are increasingly deployed in the real world, but their security lags behind the state of the art of non-IoT systems. Moving target defense (MTD) is a cyberdefense paradigm, successfully implemented in conventional systems, that could improve IoT security. Objective: Identify and synthesize existing MTD techniques for IoT and validate the feasibility of MTD as a cybersecurity paradigm suitable for IoT systems. Method: We use a systematic literature review method to search and analyze existing MTD for IoT techniques up to July 2020. We evaluated the existing techniques in terms of security foundations and real-world deployability using the evidence they provide. We define and use entropy-related metrics to categorize them. This is the first MTD survey to use Shannon's entropy metric empirically. Results: Thirty-two distinct MTD for IoT techniques exist: 54% are Network-layer-based, 50% present strong evidence about their real-world deployment, and 64% have weak security foundations. Conclusion: MTD for IoT is a feasible cyberdefense approach. A variety of proposals exist, with evidence about their implementation and evaluation. Nevertheless, the MTD for IoT state of the art is still immature: the security foundations of most existing proposals are weak. Novel techniques should prioritize providing convincing security foundations and real-world deployment evidence.
2020
Kabil, Alexandre; Duval, Thierry; Cuppens, Nora
Alert characterization by non-expert users in a cybersecurity virtual environment: A usability study Proceedings Article
In: Lecture Notes in Computer Science, pp. 82–101, 2020, ISSN: 16113349.
Abstract | Links | BibTeX | Tags: Cyber security, Usability study, Virtual reality
@inproceedings{Kabil2020b,
title = {Alert characterization by non-expert users in a cybersecurity virtual environment: A usability study},
author = {Alexandre Kabil and Thierry Duval and Nora Cuppens},
doi = {10.1007/978-3-030-58465-8_6},
issn = {16113349},
year = {2020},
date = {2020-01-01},
booktitle = {Lecture Notes in Computer Science},
volume = {12242 LNCS},
pages = {82--101},
abstract = {Although cybersecurity is a domain where data analysis and training are considered of the highest importance, few virtual environments for cybersecurity are specifically developed, while they are used efficiently in other domains to tackle these issues. By taking into account cyber analysts' practices and tasks, we have proposed the 3D Cyber Common Operational Picture model (3D CyberCOP), that aims at mediating analysts' activities into a Collaborative Virtual Environment (CVE), in which users can perform alert analysis scenarios. In this article, we present a usability study we have performed with non-expert users. We have proposed three virtual environments (a graph-based, an office-based, and the coupling of the two previous ones) in which users should perform a simplified alert analysis scenario based on the WannaCry ransomware. In these environments, users must switch between three views (alert, cyber and physical ones) which all contain different kinds of data sources. These data have to be used to perform the investigations and to determine if alerts are due to malicious activities or if they are caused by false positives. We have had 30 users, with no prior knowledge in cybersecurity. They have performed very well at the cybersecurity task and they have managed to interact and navigate easily. SUS usability scores were above 70 for the three environments and users have shown a preference towards the coupled environment, which was considered more practical and useful.},
keywords = {Cyber security, Usability study, Virtual reality},
pubstate = {published},
tppubtype = {inproceedings}
}
Although cybersecurity is a domain where data analysis and training are considered of the highest importance, few virtual environments for cybersecurity are specifically developed, while they are used efficiently in other domains to tackle these issues. By taking into account cyber analysts' practices and tasks, we have proposed the 3D Cyber Common Operational Picture model (3D CyberCOP), that aims at mediating analysts' activities into a Collaborative Virtual Environment (CVE), in which users can perform alert analysis scenarios. In this article, we present a usability study we have performed with non-expert users. We have proposed three virtual environments (a graph-based, an office-based, and the coupling of the two previous ones) in which users should perform a simplified alert analysis scenario based on the WannaCry ransomware. In these environments, users must switch between three views (alert, cyber and physical ones) which all contain different kinds of data sources. These data have to be used to perform the investigations and to determine if alerts are due to malicious activities or if they are caused by false positives. We have had 30 users, with no prior knowledge in cybersecurity. They have performed very well at the cybersecurity task and they have managed to interact and navigate easily. SUS usability scores were above 70 for the three environments and users have shown a preference towards the coupled environment, which was considered more practical and useful.
2017
Kabil, Alexandre; Kabil, Alexandre; Collaborative, Cybercopd Visualisation; Atlantique, I M T; Kabil, Alexandre
CyberCOP3D : Visualisation Collaborative et Immersive pour la cybersécurité To cite this version : HAL Id : hal-01577868 CyberCOP3D : Visualisation Collaborative et Immersive pour la cybersécurité Immersive Collaborative Visualization for Cyber Sécurity Journal Article
In: 2017.
BibTeX | Tags: a, collaborative visualization, common operational, Cyber security, des pratiques, ectuer, fonction des donn{é}es et, human, n de disposer d, nous allons e, un cas d, utilisation r{é}el
@article{Kabil2017,
title = {CyberCOP3D : Visualisation Collaborative et Immersive pour la cybers\'{e}curit\'{e} To cite this version : HAL Id : hal-01577868 CyberCOP3D : Visualisation Collaborative et Immersive pour la cybers\'{e}curit\'{e} Immersive Collaborative Visualization for Cyber S\'{e}curity},
author = {Alexandre Kabil and Alexandre Kabil and Cybercopd Visualisation Collaborative and I M T Atlantique and Alexandre Kabil},
year = {2017},
date = {2017-01-01},
keywords = {a, collaborative visualization, common operational, Cyber security, des pratiques, ectuer, fonction des donn{\'{e}}es et, human, n de disposer d, nous allons e, un cas d, utilisation r{\'{e}}el},
pubstate = {published},
tppubtype = {article}
}
