Raphaël Khoury, Ph.D., P. Eng
Title: Using LLMs for Secure Code Generation - Lessons Learned and Perspectives
Abstract: LLMs are increasingly used to generate code, but how secure is the code they produce? Can they be effectively used to perform other security-related coding tasks, such as finding, prioritizing and patching vulnerabilities? In this talk, we review recent research to glean actionable lessons about the benefits and limitations of using LLMs to perform secure coding, and discuss perspectives for future work in this area.
Bio: Raphaël Khoury, Ph.D., P. Eng, obtained his Ph.D. in computer security from Laval University and was a postdoctoral researcher at Defence Research and Development Canada (RDDC-RDDC) in Valcartier, Canada. He is currently a professor at the Université du Québec en Outaouais. His research interests include all aspects of software security. He published numerous papers in this field and he is the author of the book "La Sécurité Logicielle: une approche défensive" published in 2022. He is also the recipient of research grants from FQRNT, NSERC, and from industry.
Olivier Jacq
Title: The use of Hybrid Digital Twins for Industrial Cybersecurity Research and Awareness, with a focus on maritime cybersecurity.
Bio: Olivier JACQ is a renowned specialist and researcher in cybersecurity with a specialty in maritime. He holds a Post-Master's degree from Ecole Centrale/Supélec, a PhD in Computer Science from IMT Atlantique and also holds the title of Expert in Cybersecurity from the French National Cybersecurity Agency. He spent 28 years in the French Navy, working on cybersecurity topics, such as Incident Response, Security Operation Centers, CISO and cybersecurity education and training. He is the former Chief Technical and Scientific Director at France Cyber Maritime, and works now part-time for DIATEAM, a industrial-focused cybersecurity company based in Brest and is also a private consultant and trainer. As an associate fellow at the French Naval Academy, he also supervises doctoral students and published over 15 articles and studies about maritime cybersecurity.
Kave Kalamatian
Title: Analyzing resilience of maritime cables networks : from pure maths to practice passing by BGP graphs
Abstract: Internet Resilience, at a time where risks of malicious attacks are increasing because of the geopolitical situation is an utmost issue. National governments must address nowadays questions like : Is the Internet Infrastructure resilient? What will be the impact of malicious targeted attacks on the infrastructure? Which policies and regulations should be implemented to guarantee that resilience is considered by stakeholders? This talk will describe some methodological approaches to analyze large-scale networks to answer these questions. We will describe the global Internet stability observatory (GISO) we have built and describe new “graph-geometry” based metrics to assess resilience and to monitor it at global or country level. The project will leverage on a new set of resilience metric based on Geometrization of graph, where a metric space assigning to each edge of the graph a distance is derived through Discrete Ricci Flow, a non- linear diffusion inspired from the proof of Poincaré-Perelman theorem, that propagate local curvatures curvature by stretching bottleneck edges and compressing redundant ones. This new set of metrics ranks edges by vulnerability and enables “what-if” disruption analysis. We will also look at incentives (in form of regulations or policies) to introduce resilience in the long term as a design criterion for stakeholders.
Bio: Kave Salamatian is a full professor of computer science at the University of Savoie. He has graduated with a PhD in computer science in 1998 from Paris SUD-Orsay University where he worked on joint source channel coding applied to multimedia transmission over the Internet and developed one of the first prototypes of videoconferencing systems over the Internet. In a former life, he graduated with an MBA and worked on the market floor as a risk analyst and enjoyed being an urban traffic modeller for some years. His main area of research has been Internet measurement and modelling, network security, and networking information theory. In the past decade, he has been developing the emergent area of “Geopolitics of Cyberspace”. He has been a European Chair of Maritime cybersecurity, based at Tallin University of Technology. He has published more than 200 papers and mentored 39 PhD students.