Vincent Giraud’s PhD thesis, entitled Exploration of code security and of operating system security, is in progress at Wordline hardware security labs. His thesis co-supervised with David Naccache, ENS Paris. His PhD thesis was started on September 2020.
In this thesis we will be study code protection techniques against the most recent attacks (in particular ROP or des-obfuscation). The work will be done by simplifying the target architectures as much as possible in order to allow their modeling and the creation of secure compilers making it possible to introduce protections into the code concerned in an automated manner. The results of the thesis will be applied to the securing of Android applications, white box cryptography, obfuscation and reverse engineering. At a second step, we will investigate code-hardening through biologically-inspired mechanisms. This research stream leverages analogies between computer attacks and biological pathogen propagation to model and understand security risks. We apply and adapt the mathematical models developed for capturing the dynamics of biological systems, such as immune systems and epidemics. An increasingly popular field of research is Moving Target Defense where researchers design systems that guarantee a given level of service even in the presence of corrupted environments. As the complexity of information systems increases and approaches the complexity of living organisms, it becomes natural to try and apply similar computational methods to both contexts. This will blend code analysis, genetic algorithms and formal methods.