Gérard Wagener

Learn More
Today, honeypot operators are strongly relying on network analysis tools to examine network traces collected in their honeynet environment. The accuracy of such analysis depends on the ability of the tools to properly reassemble streams especially TCP sessions. Network forensics analysis quality is tight to those tools and we evaluated widely used network(More)
BACKGROUND AND PURPOSE Recent findings suggest a key role for platelet activating factor in neuroinjury. For this reason we evaluated the effects of the platelet activating factor antagonist apafant (4-(2-chlorophenyl)-9-methyl-2[3(4-morpholinyl)-3-propanol-1- yl[6H-thieno[3.2-f[[1.2.4]triazolo]4,3-1]]1.4]diazepine on farct volume and local cerebral blood(More)
Several malware analysis techniques suppose that the disassembled code of a piece of malware is available, which is however not always possible. This paper proposes a flexible and automated approach to extract malware behaviour by observing all the system function calls performed in a virtualized execution environment. Similarities and distances between(More)
High-interaction honeypots are relevant to provide rich and useful information obtained from attackers. Honeypots come in different flavors with respect to their interaction potential. A honeypot can be very restrictive, but then only a few interactions can be observed. If a honeypot is very tolerant though, attackers can quickly achieve their goal. Having(More)
This paper addresses a fundamentally new method for analyzing the behavior of executed applications and sessions. We describe a modeling framework capable of representing relationships among processes belonging to the same session in an integrated way, as well as the information related to the underlying system calls executed. We leverage for this purpose(More)
The structure of the domain name is highly relevant for providing insights into the management, organization and operation of a given enterprise. Security assessment and network penetration testing are using information sourced from the DNS service in order to map the network, perform reconnaissance tasks, identify services and target individual hosts.(More)
This paper introduces a new method for getting insights into IP related data flows based on a simple visualization technique that leverages kernel functions defined over spatial and temporal aggregated IP flows. This approach was implemented in a visualization tool called PeekKernelFlows. This tool simplifies the identification of anomalous patterns over a(More)
The present study investigates the effects of the 5-hydroxytryptamine1A agonist ipsapirone on electroencephalography and somatosensory evoked potentials after middle cerebral artery occlusion in the rat. We implanted 17 silver ball electrodes symmetrically distributed over the skull in 14 rats and registered electroencephalography activity and somatosensory(More)
An important problem in current operational environments is the large quantity of monitoring data that has to be processed online. This paper introduces a new metric that leverages spatially and temporally aggregated IP-flow related information. The metric is based on a new kernel function that captures both IP address space distribution as well as volume(More)
Honeypot evangelists propagate the message that honeypots are particularly useful for learning from attackers. However, by looking at current honeypots, most of them are statically configured and managed, which requires a priori knowledge about attackers. In this paper we propose a high-interaction honeypot capable of learning from attackers and capable of(More)