Title : Using LLMs for Secure Code Generation: Lessons Learned and Perspectives
Raphaël Khoury, Ph.D., P. Eng
Abstract: LLMs are increasingly used to generate code, but how secure is the code they produce? Can they be effectively used to perform other security-related coding tasks, such as finding, prioritizing and patching vulnerabilities? In this talk, we review recent research to glean actionable lessons about the benefits and limitations of using LLMs to perform secure coding, and discuss perspectives for future work in this area.
Bio : Raphaël Khoury, Ph.D., P. Eng, obtained his Ph.D. in computer security from Laval University and was a postdoctoral researcher at Defence Research and Development Canada (RDDC-RDDC) in Valcartier, Canada. He is currently a professor at the Université du Québec en Outaouais. His research interests include all aspects of software security. He published numerous papers in this field and he is the author of the book"La Sécurité Logicielle: une approche défensive" published in 2022. He is also the recipient of research grants from FQRNT, NSERC and from industry.
Guillaume Prigent
TBA
Kave Kalamatian
Analyzing resilience of maritime cables networks : from pure maths to practice passing by BGP graphs
Abstract: Internet Resilience, at a time where risks of malicious attacks are increasing because of the geopolitical situation is an utmost issue. National governments must address nowadays questions like : Is the Internet Infrastructure resilient? What will be the impact of malicious targeted attacks on the infrastructure? Which policies and regulations should be implemented to guarantee that resilience is considered by stakeholders? This talk will describe some methodological approaches to analyze large-scale networks to answer these questions. We will describe the global Internet stability observatory (GISO) we have built and describe new “graph-geometry” based metrics to assess resilience and to monitor it at global or country level. The project will leverage on a new set of resilience metric based on Geometrization of graph, where a metric space assigning to each edge of the graph a distance is derived through Discrete Ricci Flow, a non- linear diffusion inspired from the proof of Poincaré-Perelman theorem, that propagate local curvatures curvature by stretching bottleneck edges and compressing redundant ones. This new set of metrics ranks edges by vulnerability and enables “what-if” disruption analysis. We will also look at incentives (in form of regulations or policies) to introduce resilience in the long term as a design criterion for stakeholders.