Malware and Ransomware Detection Models

Cybercrime is one of the major digital threats of this century. In particular, ransomware attacks have significantly increased, resulting in global damage costs of tens of billion dollars. In this paper, we train and test different Machine Learning and Deep Learning models for malware detection, malware classification and ransomware detection. We introduce a novel and flexible ransomware detection model that combines two optimized models. Our detection results on a limited dataset demonstrate good accuracy and F1 scores

Rewriting of SPARQL/update queries for securing data access

International audienceSeveral access control models for database management systems (DBMS) only consider how to manage select queries and then assume that similar mechanism would apply to update queries. However they do not take into account that updating data may possibly disclose some other sensitive data whose access would be forbidden through select queries. This is typically the case of current relational DBMS managed through SQL which are wrongly specified and lead to inconsistency between select and update queries. In this paper, we show how to solve this problem in the case of SPARQL queries. We present an approach based on rewriting SPARQL/Update queries. It involves two steps. The first one satisfies the update constraints. The second one handles consistency between select and update operators. Query rewriting is done by adding positive and negative filters (corresponding respectively to permissions and prohibitions) to the initial query

SPARQL query rewriting instrumented by access control model

International audienceA possible way to enforce access control requirements when evaluating SPARQL queries is based on rewriting the queries so that their evaluation fulfills the access control policy. One may then define a new dedicated language to express access control policies for SPARQL. In this paper, we suggest a different approach based on a generic access control policy model in order to express the access control requirements. We present how to instrument the rewriting algorithm using a given security policy rules derived from the OrBAC model

fQuery : réécriture de requêtes SPARQL pour assurer la confidentialité des données

National audienceRDF est un modèle de plus en plus utilisé pour décrire des ressources Web, y compris les ressources sensibles et confidentielles. Dans ce contexte, SPARQL a été défini pour localiser et extraire facilement des données dans un graphe RDF. Lorsque des données confidentielles sont accessibles, les requêtes SPARQL doivent être filtrées, de sorte que seules les données autorisées sont retournées conformément à la politique de confidentialité. Dans cet article nous modélisons une politique de confidentialité comme un ensemble de filtres positifs et négatifs (correspondant respectivement à des autorisations et interdictions) qui s'appliquent aux requêtes SPARQL. Nous définissons ensuite un algorithme de réécriture qui transforme les requêtes de sorte que les résultats des requêtes transformées soient conformes à la politique de confidentialité

fQuery : réécriture de requêtes SPARQL pour assurer la confidentialité des données

National audienceRDF est un modèle de plus en plus utilisé pour décrire des ressources Web, y compris les ressources sensibles et confidentielles. Dans ce contexte, SPARQL a été défini pour localiser et extraire facilement des données dans un graphe RDF. Lorsque des données confidentielles sont accessibles, les requêtes SPARQL doivent être filtrées, de sorte que seules les données autorisées sont retournées conformément à la politique de confidentialité. Dans cet article nous modélisons une politique de confidentialité comme un ensemble de filtres positifs et négatifs (correspondant respectivement à des autorisations et interdictions) qui s'appliquent aux requêtes SPARQL. Nous définissons ensuite un algorithme de réécriture qui transforme les requêtes de sorte que les résultats des requêtes transformées soient conformes à la politique de confidentialité

Privacy Policy Preferences Enforced by SPARQL Query Rewriting

International audienceWhen specifying privacy preferences, the data owner can control who may access its personal data, for which purpose and under which accuracy. In this paper we present an approach that enforces the privacy policy preferences by query transformation. We present also how to instrument this rewriting query algorithm using a privacy-aware model like PrivOrBAC. We take into account various dimensions of privacy preferences through the concepts of consent, accuracy, purpose and recipient

Towards Session-Aware RBAC Delegation: Function Switch

International audienceThis paper shows how to extend RBAC sessions with dynamic aspects to deal with user switch. Users can authenticate using their functions which will create a dynamic session and automatically activate a set of privileges associated with this function. A dynamic session can be joined, leaved, restarted and reused by authorized users. Moreover, a user can switch the session to another user in order to continue the task by preserving the working context. We discuss in this paper how to manage users privileges in the dynamic session and how to deal with the switch mechanism

Policy Mining: a Bottom-Up Approach Toward a Model Based Firewall Management

International audienceTodays enterprises rely entirely on their information systems, usually connected to the internet. Network access control, mainly ensured by firewalls, has become a paramount necessity. Still, the management of manually configured firewall rules is complex, error prone, and costly for large networks. The use of high abstract models such as role based access control RBAC has proved to be very efficient in the definition and management of access control policies. The recent interest in role mining which is the bottom-up approach for automatic RBAC configuration from the already deployed authorizations is likely to further promote the development of this model. Recently, an extension of RBAC adapted to the specificities of network access control, which we refer to as NS- RBAC model, has been proposed. However, no effort has been made to extend the bottom-up approach to configure this model. In this paper, we propose an extension of role mining techniques to facilitate the adoption of a model based framework in the management of network access control. We present policy mining, a bottom-up approach that extracts instances of the NS-RBAC model from the deployed rules on a firewall. We provide a generic algorithm that could adapt most of the existing role mining solutions to the NS-RBAC model. We illustrate the feasibility of our solution by experimentations on real and synthetic data