Philippe Jaillon

An adaptive and Socially-Compliant Trust Management System for virtual communities

Virtual communities (VCs) are open socio-technical structures wherein autonomous entities (i.e. agents) with common objectives join together to mutually satisfy their goals. The success of these communities relies on collaboration and resource sharing principals, making trust a critical issue for each member. Such environments motivate the need for more flexible trust models wherein both individual (i.e. user-centred) and collective (i.e. community-centred) trust requirements are considered in the decision making-process. This paper reports our on-going efforts in that perspective and presents our Adaptive and Socially-Compliant Trust Management System (ASC-TMS). Policies are used, in the system, to specify individual and collective trust requirements, while meta-policies enable agents to dynamically adapt their policies and make socially-compliant trust decisions through automatic combination of individual and collective policies.

Vigi4Med Scraper: A Framework for Web Forum Structured Data Extraction and Semantic Representation.

The extraction of information from social media is an essential yet complicated step for data analysis in multiple domains. In this paper, we present Vigi4Med Scraper, a generic open source framework for extracting structured data from web forums. Our framework is highly configurable; using a configuration file, the user can freely choose the data to extract from any web forum. The extracted data are anonymized and represented in a semantic structure using Resource Description Framework (RDF) graphs. This representation enables efficient manipulation by data analysis algorithms and allows the collected data to be directly linked to any existing semantic resource. To avoid server overload, an integrated proxy with caching functionality imposes a minimal delay between sequential requests. Vigi4Med Scraper represents the first step of Vigi4Med, a project to detect adverse drug reactions (ADRs) from social networks founded by the French drug safety agency Agence Nationale de Sécurité du Médicament (ANSM). Vigi4Med Scraper has successfully extracted greater than 200 gigabytes of data from the web forums of over 20 different websites.

Adaptiveness and social-compliance in trust management within virtual communities

The success of virtual communities VCs relies on collaboration and resource sharing principles, making trust a priority for each member. The work presented in this paper addresses the problem of trust management in open and decentralised virtual communities. We address this problem by proposing an Adaptive and Socially-Compliant Trust Management System ASC-TMS adopting a multi-agent based approach. Our proposal relies on the joint use of trust policies and meta-policies, which allow VC members to exhibit adaptive i.e., in accordance with environment changes and socially-compliant i.e., in accordance with the collective policies specified by the community members behaviour. The experiments reported in this paper focus on the socially-compliant aspect of ASC-TMS. They aim at evaluating different policy integration algorithms.

Runtime Code Polymorphism as a Protection Against Side Channel Attacks

We present a generic framework for runtime code polymorphism, applicable to a broad range of computing platforms including embedded systems with low computing resources (e.g. microcontrollers with few kilo-bytes of memory). Code polymorphism is defined as the ability to change the observable behaviour of a software component without changing its functional properties. In this paper we present the implementation of code polymorphism with runtime code generation, which offers many code transformation possibilities: we describe the use of random register allocation, random instruction selection, instruction shuffling and insertion of noise instructions. We evaluate the effectiveness of our framework against correlation power analysis: as compared to an unprotected implementation of AES where the secret key could be recovered in less than 50 traces in average, in our protected implementation, we increased the number of traces necessary to achieve the same attack by more than 20000\(\times \). With regards to the state of the art, our implementation shows a moderate impact in terms of performance overhead.

An Agent Based Trust Management System for Multi-Agent Based Virtual Communities

The success of a virtual community relies on collaboration and resource sharing principals, making trust a priority for each member. Such systems need a flexible trust model wherein trust policies are automatically adapted and where both individual and collective trust requirements are considered in the decision making-process. This paper reports our on-going efforts in that direction. It presents an agent based Adaptive and Socially-Compliant Trust Management System (ASC-TMS) for multi-agent based virtual communities.

Social-Compliance in Trust Management within Virtual Communities

Recent years witnessed an ever growing impact of trust in the decision-making process within virtual communities. The inherent decentralized and open nature of such environments produced new challenges that received, up to now, little attention. For example, the individual and collective trust co-influence remains an unexplored issue. In this paper we are considering how user-centred and community-centred trust policies can be considered, managed and combined. To this aim, we propose a Socially-Compliant Trust Management Systems (SC-TMS) based on dynamic and adaptive trust policies and multi-agent technologies.

COGITO: Code polymorphism to secure devices

In this paper, we advocate the use of code polymorphism as an efficient means to improve security at several levels in electronic devices. We analyse the threats that polymorphism could help thwart, and present the solution that we plan to demonstrate in the scope of a collaborative research project called COGITO. We expect our solution to be effective to improve security, to comply with the computing and memory constraints of embedded devices, and to be easily generalisable to a large set of embedded computing platforms.

Towards an Approach for Hybrid Trust Model

We present here an approach for a hybrid model of trust. Our idea on the trust model is that all evidences on interactions could be used to measure the trust on required actions before taking the decision. We use the policy language proposed by Krukow et al.[2], with some slight modifications to specify our trust model.

Impact of social influence on trust management within communities of agents

In the real world as in the virtual one, trust is a fundamental concept. Without it, humans can neither act nor interact. So unsurprisingly, this concept received in the last years a growing interest from researchers in security and distributed artificial intelligence that gave rise to numerous models. The principal aim of these models was to assist users in making safe decisions at the individual level. However, studies have shown that the behavior of an individual within collective structures (e.g., a group, a community, a coalition or an organization) is affected (directly or indirectly) by the behavior of other members, creating a social influence dynamics within these structures. In this article, we study the impact of social influence phenomena when they are applied to trust management within open distributed communities of self-organized and self-governed agents.

Filtering-based CPA: a successful side-channel attack against desynchronization countermeasures

Secure implementations against side channel attacks usually combine hiding and masking protections in software implementations. In this work, we focus on desynchronization protection which is considered as a hiding countermeasure. The idea of desynchronization is to obtain a non-predictable offset of the attacking point in terms of time dimension. For this purpose, we present exploiting pattern-recognition methods to filter interesting points for obtaining a successful side channel attack. Using this tool as a case study, we completely cancel the desynchronization effect of the CHES 2009/2010 countermeasure [2, 3]. Moreover, 25k traces are needed for a successful key recoveries in case of polymorphism-based countermeasure [4].