Hi!
I am an associate professor at CentraleSupélec (Rennes, France) in the Inria PIRAT research team (ex-CIDRE). I work mostly on intrusion detection systems (IDS), and on how to make them more reliable, more usable, and more assessable:
- by designing new XAI tools to explain behavioral, semi-supervised IDS
- by proposing new representations of cybersecurity data (network communications, malware dynamic analysis, etc.)
- by devising new techniques of synthetic network traffic generation based on explainable AI and data mining
I am hiring!
- Post-doctoral position on white-box and black-box web application fuzzing based on formal grammars (part of the REV project, with LAAS-CNRS)
- PhD position on transfer learning for network data generation (with DGA, Télécom SudParis and Inria)
Ongoing collaborations
Inria’s Principal Investigator of SecGen (2023-2025)
SecGen is an associated team (“Équipe Associée”) between Inria and CISPA (Saarbrücken, Germany). Security datasets are essential for research, but their quality is disputed: age, lack of diversity, human errors, etc. We propose to generate synthetic data to alleviate such issues. We plan to use data mining to generate network traces with proper temporal dependencies to generate more faithful data with less training data. This dataset will be evaluated with the performances of a network intrusion detection system.
Superviz (2022-2028)
Superviz is a project of the PEPR Cybersécurité. It addresses the following challenges: (i) the increase in the number and diversity of objects, (ii) the complexity of interconnected systems, (iii) the existence of increasingly complex and silent targeted attacks, and (iv) the treatment of massive attacks which rapidly affect a significant number of victims.
REV (2023-2028)
REV is a project of the PEPR Cybersécurité. It addresses the following challenges: (i) holistic vulnerability analysis, from hardware to software to communications, (ii) characterization and understanding of the degrees of exploitation and the ability to circumvent modern protections, and (iii) vulnerability analysis’s legal aspects (ethical issues, fairness of digital evidence).
Other collaborations
I regularly work with researchers from:
- DGA-MI (Bruz) on intrusion detection
- Institut Mines-Télécom (Palaiseau) on data generation
- IRIT (Toulouse) on machine learning
- LAAS-CNRS (Toulouse) on formal language theory applied to security
Recent publications
Learning Conditional Preference Networks: an Approach Based on the Minimum Description Length Principle
Gimenez, P. F., & Mengin, J. (2024). Learning Conditional Preference Networks: an Approach Based on the Minimum Description Length Principle. In Proceedings of the International Joint Conference on Artificial Intelligence (IJCAI).
A Tale of Two Methods: Unveiling the limitations of GAN and the Rise of Bayesian Networks for Synthetic Network Traffic Generation
Schoen, A., Blanc, G., Gimenez, P. F., Han, Y., Majorczyk, F., & Mé, L. (2024). A Tale of Two Methods: Unveiling the limitations of GAN and the Rise of Bayesian Networks for Synthetic Network Traffic Generation. In Proceedings of the 9th International Workshop on Traffic Measurements for Cybersecurity (WTMC 2024).
Towards Understanding Alerts raised by Semi-supervised Network Intrusion Detection Systems
Maxime Lanvin, Pierre-François Gimenez, Yufei Han, Frédéric Majorczyk, Ludovic Mé, et al.. Towards Understanding Alerts raised by Unsupervised Network Intrusion Detection Systems. The 26th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2023), Oct 2023, Hong Kong, France. ⟨10.1145/3607199.3607247⟩
Conditionally Acyclic CO-Networks for Efficient Preferential Optimization
Gimenez, Pierre-François & Mengin, Jérôme. (2023). Conditionally Acyclic CO-Networks for Efficient Preferential Optimization. 10.3233/FAIA230352.
BAGUETTE: Hunting for evidence of malicious behavior in dynamic analysis reports
Vincent Raulin, Pierre-François Gimenez, Yufei Han, Valérie Viet Triem Tong. BAGUETTE: Hunting for Evidence of Malicious Behavior in Dynamic Analysis Reports. 20th International conference on security and cryptography SECRYPT 2023, Jul 2023, Rome, Italy.
Contact
Bureau 506
CentraleSupélec – Campus de Rennes
Avenue de la Boulaie
35510 Cesson-Sévigné – France
pierre-francois.gimenez@centralesupelec.fr