{"id":152,"date":"2026-02-05T10:18:35","date_gmt":"2026-02-05T09:18:35","guid":{"rendered":"https:\/\/project.inria.fr\/attackdefense\/?page_id=152"},"modified":"2026-03-18T09:36:26","modified_gmt":"2026-03-18T08:36:26","slug":"programme","status":"publish","type":"page","link":"https:\/\/project.inria.fr\/attackdefense\/programme\/","title":{"rendered":"Programme"},"content":{"rendered":"<p>Programme d\u00e9finitif<\/p>\n\n\n\n<p>Jeudi 19 mars 2026<\/p>\n\n\n\n                            <button aria-haspopup=\"true\" class=\"change-settings-button\" onclick=\"toggleAll(this)\">\n                                afficher\/cacher tous les d\u00e9tails\n                            <\/button>\n\n                            <script>\n                                function toggleAll(btn) {\n                                    const details = document.querySelectorAll('details');\n                                    const shouldOpen = !([...details].every(d => d.open));\n                                    details.forEach(d => d.open = shouldOpen);\n                                    btn.textContent = shouldOpen ? 'Cacher tous les d\u00e9tails' : 'Afficher tous les d\u00e9tails';\n                                }\n                            <\/script>\n                            <style>\n                                body {\n                                    font-family: Arial, Helvetica, sans-serif;\n                                    background: #f6f8fb;\n                                    margin: 40px;\n                                    color: #333;\n                                }\n\n                                .bg {\n                                    background-color: #eebfbf;\n                                }\n\n                                .session h2 {\n                                    border-left: 6px solid #4a6cf7;\n                                    padding-left: 10px;\n                                    margin-bottom: 15px;\n                                }\n\n                                .tags {\n                                    margin-left: 8px;\n                                }\n\n                                .tag {\n                                    display: inline-block;\n                                    padding: 0px 5px;\n                                    margin: 1px;\n                                    border-radius: 8px;\n                                    font-size: 0.75rem;\n                                    font-weight: bold;\n                                    color: white;\n                                }\n\n                                \/* Tag colors *\/\n                                .ai {\n                                    background: #7c1f4d;\n                                }\n\n                                .secops {\n                                    background: #2563eb;\n                                }\n\n                                .deceptive {\n                                    background: #d97706;\n                                }\n\n                                .ot {\n                                    background: #059669;\n                                }\n\n                                .attack {\n                                    background: #dc2626;\n                                }\n\n                                .malware {\n                                    background: #6b72d0;\n                                }\n\n                                .intrusion {\n                                    background: #db2777;\n                                }\n\n                            <\/style>\n                            <figure class=\"wp-block-table\">\n                                <table>\n                                    <tbody>\n                                    <tr>\n                                        <td>9h-<br>9h30<\/td>\n                                        <td class=\"has-text-align-center\" data-align=\"center\">\u00e9tage<br>restaurant<\/td>\n                                        <td class=\"bg\">\n                                            Accueil &#8211; caf\u00e9 &#9749;\n                                        <\/td>\n                                    <\/tr>\n                                    <tr>\n                                        <td>9h30<br>10h30<\/td>\n                                        <td class=\"has-text-align-center\" data-align=\"center\">Amphi ABL<\/td>\n                                        <td>\n                                            <strong>\n                                        <span class=\"tags\">\n                                            <span class=\"tag ai\">AI<\/span>\n                                            <span class=\"tag secops\">SecOps<\/span>\n                                        <\/span>\n                                                Data Science au SOC dans un environnement\n                                                op\u00e9rationnel<\/strong> <br>\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\"\n                                                  class=\"has-inline-color has-white-color\">___-\n                                            <\/mark>\n                                            Colin Leverger (SOC Orange) <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">9h30-10h00<\/mark>\n                                            <details\n                                                    class=\"wp-block-details is-layout-flow wp-block-details-is-layout-flow\">\n                                                <summary>d\u00e9tails<\/summary>\n                                                <p><\/p>\n                                            <\/details>\n                                            <strong>\n                                            <span class=\"tags\">\n                                                <span class=\"tag deceptive\">Deceptive<\/span>\n                                                <span class=\"tag ot\">OT<\/span>\n                                            <\/span>\n                                                SCADA exposed<\/strong><br>\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\"\n                                                  class=\"has-inline-color has-white-color\">___-\n                                            <\/mark>\n                                            St\u00e9phane Mocanu (Maitre de\n                                            Conf\u00e9rences, INP\/ENSE3)\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">10h00-10h30<\/mark>\n                                            <details\n                                                    class=\"wp-block-details is-layout-flow wp-block-details-is-layout-flow\">\n                                                <summary>d\u00e9tails<\/summary>\n                                                <p>Dans le contexte du d\u00e9veloppement d&rsquo;un\n                                                    honeypot OT (th\u00e8se SuperviZ Elian Loraux) nous souhaitons\n                                                    d&rsquo;abord\n                                                    comprendre les comportements et objectifs des attaquants face \u00e0\n                                                    un\n                                                    syst\u00e8me\n                                                    de contr\u00f4le industriel. Ainsi une exp\u00e9rimentation sera men\u00e9e en\n                                                    collaboration avec l&rsquo;\u00e9quipe PIRAT\\&#8217;); et le LHS Rennes&nbsp;:\n                                                    nous\n                                                    allons exposer sur internet un automate programmable industriel\n                                                    connect\u00e9 \u00e0\n                                                    un processus industriel simul\u00e9.<\/p>\n                                            <\/details>\n                                        <\/td>\n                                    <\/tr>\n                                    <tr>\n                                        <td>10h30<br>11h00<\/td>\n                                        <td class=\"has-text-align-center\" data-align=\"center\">\u00e9tage<br>restaurant<\/td>\n                                        <td class=\"bg\">\n                                            pause caf\u00e9 &#9749; et viennoiseries &#129360;\n                                        <\/td>\n                                    <\/tr>\n\n                                    <tr>\n                                        <td>11h00<br>12h45<\/td>\n                                        <td class=\"has-text-align-center\" data-align=\"center\">Amphi <br>ABL<\/td>\n                                        <td><strong>\n                                            <span class=\"tags\">\n                                                <span class=\"tag ai\">AI<\/span>\n                                                <span class=\"tag secops\">SecOps<\/span>\n                                            <\/span>\n                                            Emploi de l&rsquo;agentic au sein d&rsquo;un AI SOC\n                                        <\/strong><br>\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\"\n                                                  class=\"has-inline-color has-white-color\">___-\n                                            <\/mark>\n                                            Charles Ngor (Principal PM Sekoia)\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">11h00-11h20<\/mark>\n                                            <details\n                                                    class=\"wp-block-details is-layout-flow wp-block-details-is-layout-flow\">\n                                                <summary>d\u00e9tails<\/summary>\n                                                <p>\n                                                    Retour d&rsquo;exp\u00e9rience sur l&rsquo;int\u00e9gration de workflows agentiques au\n                                                    sein d&rsquo;un SOC augment\u00e9 par l&rsquo;IA : d\u00e9fis d&rsquo;UX, de pr\u00e9cision, de\n                                                    transparence et de s\u00e9curit\u00e9 rencontr\u00e9s lors de la conception\n                                                    d&rsquo;agents autonomes pour le triage et l&rsquo;investigation d&rsquo;alertes dans\n                                                    une plateforme XDR.\n                                                <\/p>\n                                            <\/details>\n                                            <strong>\n                                                <span class=\"tags\">\n                                                <span class=\"tag secops\">SecOps<\/span>\n                                            <\/span>\n                                                Cachez-moi ces &#8220;vuln\u00e9rabilit\u00e9s&#8221; que je ne saurais\n                                                traiter<\/strong><br>\n\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\"\n                                                  class=\"has-inline-color has-white-color\">___-\n                                            <\/mark>\n                                            A\u00efmad Berady (CPO YesWeHack)\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">11h20-11h40<\/mark>\n                                            <details\n                                                    class=\"wp-block-details is-layout-flow wp-block-details-is-layout-flow\">\n                                                <summary>d\u00e9tails<\/summary>\n                                                <p>Depuis quelques mois l&#8217;industrie subit un\n                                                    amoncellement d&#8217;\u00e9v\u00e9nements de s\u00e9curit\u00e9 qualifi\u00e9s de &#8220;vuln\u00e9rabilit\u00e9s&#8221;,\n                                                    qui viennent remplir les backlogs des \u00e9quipes op\u00e9rationnelles. Cette\n                                                    pr\u00e9sentation permettra d&#8217;identifier les causes syst\u00e9miques d&#8217;une\n                                                    tendance qui, sous couvert d&#8217;un faux-semblant de s\u00e9curit\u00e9,\n                                                    gaspille\n                                                    inutilement les pr\u00e9cieuses ressources cyber des\n                                                    organisations.<\/p>\n                                            <\/details>\n\n                                            <strong>\n                                                <span class=\"tags\">\n                                                <span class=\"tag ai\">AI<\/span>\n                                                <span class=\"tag attack\">attackPattern<\/span>\n                                                <span class=\"tag malware\">MalwareAnalysis<\/span>\n                                            <\/span>\n                                                L&#8217;explicabilit\u00e9 comme outil d&#8217;analyse de\n                                                menace<\/strong><br>\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\"\n                                                  class=\"has-inline-color has-white-color\">___-\n                                            <\/mark>\n                                            Marie Salmon et Sylvio Hoarau (Glimps, ing\u00e9nieure IA et analyste malware\n                                            CTI)\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">11h40-12h00<\/mark>\n                                            <details\n                                                    class=\"wp-block-details is-layout-flow wp-block-details-is-layout-flow\">\n                                                <summary>d\u00e9tails<\/summary>\n                                                <p>\n                                                    Du mod\u00e8le bo\u00eete noire aux analystes; comment l&#8217;explicabilit\u00e9\n                                                    accompagne\n                                                    dans l&#8217;identification et la compr\u00e9hension des nouveaux\n                                                    patterns d&#8217;attaque?\n                                                <\/p>\n                                            <\/details>\n\n\n                                            <strong>\n                                            <span class=\"tags\">\n                                                <span class=\"tag secops\">SecOps<\/span>\n                                                <span class=\"tag attack\">attackPattern<\/span>\n                                            <\/span>\n                                                Mod\u00e9lisation de patterns d&#8217;attaques pour tester et\n                                                entrainer\n                                                sa d\u00e9fense. Cas d&#8217;usages avec Atomic Red Team et Emulation\n                                                Plan<\/strong>\n                                            <br>\n\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\"\n                                                  class=\"has-inline-color has-white-color\">___-\n                                            <\/mark>\n                                            Damien Cr\u00e9milleux (Almond R&amp;D)\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">12h00-12h20<\/mark>\n\n                                            <details\n                                                    class=\"wp-block-details is-layout-flow wp-block-details-is-layout-flow\">\n                                                <summary>d\u00e9tails<\/summary>\n                                            <\/details>\n\n                                            <strong>\u2705\ufe0f Transferts des r\u00e9sultats de la recherche acad\u00e9mique vers les\n                                                b\u00e9n\u00e9ficiaires industriels et \u00e9tatiques fran\u00e7ais.\n                                            <\/strong>\n                                            <br>\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\"\n                                                  class=\"has-inline-color has-white-color\">___-\n                                            <\/mark>\n                                            Nicolas Prigent (Programme de Transfert aux Campus Cyber Ing\u00e9nieur transfert\n                                            et innovation)\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">12h20-12h40<\/mark>\n                                            <details\n                                                    class=\"wp-block-details is-layout-flow wp-block-details-is-layout-flow\">\n                                                <summary>d\u00e9tails<\/summary>\n                                                <p>Alors que la recherche acad\u00e9mique fran\u00e7aise en cybers\u00e9curit\u00e9 d\u00e9montre\n                                                    chaque jour\n                                                    sa performance, le transfert de ses r\u00e9sultats vers les b\u00e9n\u00e9ficiaires\n                                                    industriels et institutionnels fran\u00e7ais reste perfectible. Cette\n                                                    pr\u00e9sentation traitera des diff\u00e9rents outils mis en place par le\n                                                    Programme de\n                                                    Transfert aux Campus Cyber pour faciliter le transfert entre\n                                                    recherche\n                                                    acad\u00e9mique et b\u00e9n\u00e9ficiaires industriels ou\n                                                    institutionnels.&nbsp;<\/p>\n                                            <\/details>\n                                        <\/td>\n                                    <\/tr>\n\n                                    <tr>\n                                        <td>12h45<br>14h<\/td>\n                                        <td class=\"has-text-align-center\" data-align=\"center\">\u00e9tage<br>restaurant<\/td>\n                                        <td class=\"bg\">\n                                            pause d\u00e9jeuner <br> et caf\u00e9\n                                        <\/td>\n                                    <\/tr>\n                                    <tr>\n                                        <td>14h<br>16h00<\/td>\n                                        <td class=\"has-text-align-center\" data-align=\"center\">Amphi<br>ABL<\/td>\n                                        <td>\n                                            <strong>\n                                            <span class=\"tags\">\n                                                <span class=\"tag ot\">OT<\/span>\n                                                <span class=\"tag ai\">AI<\/span>\n                                                <span class=\"tag intrusion\">IntrusionDetection<\/span>\n                                            <\/span>\n                                                Breaking into the AI-protected Realm: A\n                                                Practical\n                                                Session on\n                                                (pen)testing Embedded Targets with AI-based EDR (Retex GreHack\n                                                2025)\n                                            <\/strong>\n                                            <br>\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\"\n                                                  class=\"has-inline-color has-white-color\">___-\n                                            <\/mark>\n                                            Lalie Arnoud et Ulysse Vincenti (Doctorant.es 3\u00e8me\n                                            ann\u00e9e au CEA-Leti Grenoble)\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">14h00-14h30<\/mark>\n                                            <br>\n                                            <details\n                                                    class=\"wp-block-details is-layout-flow wp-block-details-is-layout-flow\">\n                                                <summary>d\u00e9tails<\/summary>\n                                                <p>Dans cet atelier de 2h30 tenu \u00e0 la conf\u00e9rence GreHack\n                                                    2025, nous avons pr\u00e9sent\u00e9 les avanc\u00e9es en intelligence\n                                                    artificielle\n                                                    appliqu\u00e9e \u00e0 la cybers\u00e9curit\u00e9 d\u00e9fensive au travers du cas d&#8217;utilisation\n                                                    d&#8217;un barrage hydro\u00e9lectrique simul\u00e9 dont le syst\u00e8me de\n                                                    contr\u00f4le\n                                                    industriel est \u00e9quip\u00e9 d&#8217;un syst\u00e8me de d\u00e9tection d&#8217;intrusion\n                                                    (IDS).\n                                                    <br>\n                                                    Les participants ont pu:\n                                                    <!-- HTML list  -->\n                                                <ul>\n                                                    <li>Suivre une br\u00e8ve introduction au Machine Learning, ainsi que\n                                                        leur applicabilit\u00e9 \u00e0 la cybers\u00e9curit\u00e9;\n                                                    <\/li>\n                                                    <li>D\u00e9ployer un banc de test Hardware-in-the-Loop, comprenant un\n                                                        IDS\n                                                        utilisant ce type d&rsquo;algorithmes pour la d\u00e9tection d&rsquo;actions\n                                                        malveillantes \u00e0 l&rsquo;encontre du contr\u00f4leur r\u00e9gissant le\n                                                        proc\u00e9d\u00e9\n                                                        industriel;\n                                                    <\/li>\n                                                    <li>Attaquer cette m\u00eame cible afin d&rsquo;y trouver les secrets\n                                                        cach\u00e9s\n                                                        par nos soins, \u00e0 la mani\u00e8re d&rsquo;un CTF;\n                                                    <\/li>\n                                                    <li>Voir en temps r\u00e9el les alertes lev\u00e9es suite \u00e0 leurs actions,\n                                                        ou\n                                                        non, par l&rsquo;IDS.\n                                                    <\/li>\n                                                <\/ul>\n                                                L&rsquo;atelier s&rsquo;est conclu en pr\u00e9sentant plus largement les opportunit\u00e9s\n                                                et\n                                                recherches \u00e0 poursuivre autour de la d\u00e9tection d&rsquo;intrusion par IA.\n                                                <br>\n                                                Pour ce retour d&rsquo;exp\u00e9rience, nous ferons part des discussions\n                                                entretenues avec certains participants qui venaient de plusieurs\n                                                milieux, d\u00e9fensifs et offensifs, ainsi que les perspectives\n                                                d&rsquo;am\u00e9liorations pour l&rsquo;exercice.\n\n                                                <\/p>\n                                            <\/details>\n                                            <strong>\n                                            <span class=\"tags\">\n                                                <span class=\"tag deceptive\">Deceptive<\/span>\n                                                <span class=\"tag secops\">SecOps<\/span>\n                                            <\/span>\n                                                Deceptive security : transformer l&#8217;attaquant en alli\u00e9\n                                                involontaire\n                                                de votre d\u00e9tection<\/strong><br>\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\"\n                                                  class=\"has-inline-color has-white-color\">___-\n                                            <\/mark>\n                                            Corentin Margraff (Trapster by\n                                            Ballpoint)\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">14h30-14h50<\/mark>\n                                            <details\n                                                    class=\"wp-block-details is-layout-flow wp-block-details-is-layout-flow\">\n                                                <summary>d\u00e9tails<\/summary>\n                                                <p>Cette pr\u00e9sentation montrera comment\n                                                    transformer chaque geste de l&#8217;attaquant en signal d&#8217;alerte\n                                                    fiable gr\u00e2ce aux technologies de d\u00e9ception, v\u00e9ritables capteurs\n                                                    actifs au\n                                                    service du SOC. Il d\u00e9cryptera le panorama des solutions\n                                                    disponibles\n                                                    pour\n                                                    identifier celle qui r\u00e9pond \u00e0 chaque besoin de d\u00e9tection.<\/p>\n                                            <\/details>\n\n                                            <strong>\n                                            <span class=\"tags\">\n                                                <span class=\"tag deceptive\">Deceptive<\/span>\n                                                <span class=\"tag ot\">OT<\/span>\n                                            <\/span>\n                                                Can You Spot The Trap? Building Realistic Cyber-Physical\n                                                Honeynets\n                                            <\/strong><br>\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\"\n                                                  class=\"has-inline-color has-white-color\">___-\n                                            <\/mark>\n                                            Mathis Durand (Doctorant 3\u00e8me ann\u00e9e au IMT\n                                            Atlantique)\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">14h50-15h10<\/mark>\n                                            <br>\n                                            <details\n                                                    class=\"wp-block-details is-layout-flow wp-block-details-is-layout-flow\">\n                                                <summary>d\u00e9tails<\/summary>\n                                                <p>Les attaquants ont \u00e0 disposition des outils pour\n                                                    d\u00e9tecter les technologies trompeuses telles que des pots de\n                                                    miel. S&#8217;engage\n                                                    alors une course au r\u00e9alisme entre attaquants avanc\u00e9s et\n                                                    collecteurs\n                                                    d&#8217;information\n                                                    sur les menaces. Cette pr\u00e9sentation d\u00e9crit l&#8217;\u00e9tat de la\n                                                    litt\u00e9rature\n                                                    sur les techniques de d\u00e9tection des pots de miel, les strat\u00e9gies\n                                                    pour les\n                                                    administrateurs de pots de miel, et les exp\u00e9rimentations \u00e0\n                                                    venir.<\/p>\n                                            <\/details>\n\n                                            <strong>\n                                            <span class=\"tags\">\n                                                <span class=\"tag malware\">MalwareAnalysis<\/span>\n                                            <\/span>\n                                                Dynamic Analysis of Malware in the Light of\n                                                Evasion <\/strong><br>\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\"\n                                                  class=\"has-inline-color has-white-color\">___-\n                                            <\/mark>\n\n                                            Dorian Bachelot (Ing\u00e9nieur de recherche PIRAT,\n                                            CentraleSup\u00e9lec)\n                                            <mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-vivid-red-color\">15h10-15h40<\/mark>\n                                            <details\n                                                    class=\"wp-block-details is-layout-flow wp-block-details-is-layout-flow\">\n                                                <summary>d\u00e9tails<\/summary>\n                                                <p>Cette pr\u00e9sentation introduit ShareMal, une nouvelle plateforme\n                                                    d\u00e9di\u00e9e\n                                                    \u00e0 l&rsquo;analyse\n                                                    dynamique de malwares, tout en mettant en \u00e9vidence les limites\n                                                    actuelles des\n                                                    approches existantes (exploitation insuffisante des donn\u00e9es).\n                                                    Elle\n                                                    souligne\n                                                    que l&rsquo;analyse dynamique reste sous-\u00e9tudi\u00e9e, alors m\u00eame que les\n                                                    techniques\n                                                    d&rsquo;\u00e9vasion laissent des traces exploitables. Enfin, elle plaide\n                                                    pour\n                                                    un\n                                                    rapprochement entre l&rsquo;analyse dynamique, les EDR et la\n                                                    supervision\n                                                    syst\u00e8me,\n                                                    et pr\u00e9sente le d\u00e9veloppement en cours d&rsquo;une nouvelle solution\n                                                    d&rsquo;analyse et\n                                                    de mod\u00e9lisation des donn\u00e9es.<\/p>\n                                            <\/details>\n\n                                        <\/td>\n                                    <\/tr>\n\n                                    <tr>\n                                        <td>16h<br>16h30<\/td>\n                                        <td class=\"has-text-align-center\" data-align=\"center\">\u00e9tage restaurant<br>\n                                        <\/td>\n                                        <td class=\"bg\">\n                                            cl\u00f4ture et fruits &#127822; &#129373;\n                                        <\/td>\n                                    <\/tr>\n                                    <\/tbody>\n                                <\/table>\n                            <\/figure>\n\n\n\n\n<p>Vendredi 20 mars 2026<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td>9h30<\/br>12h30<\/br> (fin indicative)<\/td><td>Amphi<\/br>ABL<\/td><td><a href=\"https:\/\/project.inria.fr\/attackdefense\/evaluation-automatisee-de-la-securite-des-systemes-dinformation-par-la-construction-de-jumeau-de-securite-pour-deriver-et-valider-des-chemins-dattaque\/\" data-type=\"page\" data-id=\"116\"><strong><mark style=\"background-color:#d74c25\" class=\"has-inline-color\">Soutenance de th\u00e8se<\/mark> Manuel Poisson<\/strong><\/br>Security Twin <\/a><!-- feux d'artifices \u00e0 20h --><\/br>L\u2019activit\u00e9 de nombreuses organisations repose sur le bon fonctionnement de leur syst\u00e8me d\u2019information (SI) malgr\u00e9 les attaques dont il est la cible. Cette th\u00e8se cherche \u00e0 \u00e9valuer automatiquement le niveau de s\u00e9curit\u00e9 des SI \u00e0 l\u2019aide du concept de jumeaux de s\u00e9curit\u00e9: des copies virtuelles de SI en production avec les m\u00eames caract\u00e9ristiques du point de vue de la s\u00e9curit\u00e9. D\u2019abord, nous collectons et organisons dans un mod\u00e8le de donn\u00e9es les \u00e9l\u00e9ments du SI utiles pour d\u00e9terminer les proc\u00e9dures d\u2019attaque qui pourraient \u00eatre encha\u00een\u00e9es pour atteindre le but vis\u00e9 par l\u2019attaquant. Nous encodons aussi les conditions permettant l\u2019exploitation des proc\u00e9dures et les gains apr\u00e8s leur exploitation. En particulier, nous avons travaill\u00e9 sur l\u2019exploitation de vuln\u00e9rabilit\u00e9s connues (CVE) et le d\u00e9tournement d\u2019outils et de configurations l\u00e9gitimes. Le mod\u00e8le de donn\u00e9es sert ensuite \u00e0 construire un graphe de positions d\u2019attaque repr\u00e9sentant les chemins d\u2019attaque exploitables dans le SI. Enfin, un jumeau virtuel du SI est d\u00e9ploy\u00e9. Ce jumeau permet d\u2019exploiter les chemins d\u2019attaque identifi\u00e9s et de proposer et tester des rem\u00e9diations efficaces. Pour conclure, nous validons l\u2019application de notre m\u00e9thodologie sur plusieurs SI du monde r\u00e9el utilis\u00e9s en production.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p><\/p>","protected":false},"excerpt":{"rendered":"<p>Programme d\u00e9finitif Jeudi 19 mars 2026 afficher\/cacher tous les d\u00e9tails 9h-9h30 \u00e9tagerestaurant Accueil &#8211; caf\u00e9 &#9749; 9h3010h30 Amphi ABL AI SecOps Data Science au SOC dans un environnement op\u00e9rationnel ___- Colin Leverger (SOC Orange) 9h30-10h00 d\u00e9tails Deceptive OT SCADA exposed ___- St\u00e9phane Mocanu (Maitre de Conf\u00e9rences, INP\/ENSE3) 10h00-10h30 d\u00e9tails Dans\u2026<\/p>\n<p> <a class=\"continue-reading-link\" href=\"https:\/\/project.inria.fr\/attackdefense\/programme\/\"><span>Continue reading<\/span><i class=\"crycon-right-dir\"><\/i><\/a> <\/p>\n","protected":false},"author":2663,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-152","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/project.inria.fr\/attackdefense\/wp-json\/wp\/v2\/pages\/152","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/project.inria.fr\/attackdefense\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/project.inria.fr\/attackdefense\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/project.inria.fr\/attackdefense\/wp-json\/wp\/v2\/users\/2663"}],"replies":[{"embeddable":true,"href":"https:\/\/project.inria.fr\/attackdefense\/wp-json\/wp\/v2\/comments?post=152"}],"version-history":[{"count":89,"href":"https:\/\/project.inria.fr\/attackdefense\/wp-json\/wp\/v2\/pages\/152\/revisions"}],"predecessor-version":[{"id":428,"href":"https:\/\/project.inria.fr\/attackdefense\/wp-json\/wp\/v2\/pages\/152\/revisions\/428"}],"wp:attachment":[{"href":"https:\/\/project.inria.fr\/attackdefense\/wp-json\/wp\/v2\/media?parent=152"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}