Gregory Blanc

Learn More
Spam over Internet Telephony (SPIT) will become a serious threat in the near future because of the growing number of Voice over IP (VoIP) users. Due to the real-time processing requirements of voice communication, SPIT is more difficult to filter than email spam. We propose a trust-based mechanism that uses the duration of calls between users to distinguish(More)
Ensuring users with a safe web experience has become a critical problem recently as fraud and privacy infringement on the Internet are becoming current. Web-scripting-based malware is also intensively used to carry out longer-term exploitation such as XSS worms or botnets, and server-side countermeasures are often ineffective against such threats while(More)
HTTPS websites are often considered safe by the users, due to the use of the SSL/TLS protocol. As a consequence phishing web pages delivered via this protocol benefit from that higher level of trust as well. In this paper, we assessed the relevance of heuristics such as the certificate information, the SSL/TLS protocol version and cipher-suite chosen by the(More)
Obfuscation, code transformations that make the code unintelligible, is still an issue for web malware analysts and is still a weapon of choice for attackers. Worse, some researchers have arbitrarily decided to consider obfuscated contents as malicious although it has been proven wrong. Yet, we can assume than some web attack kits only feature a fraction of(More)
Everyday, millions of Internet users access AJAX-powered web applications. However, such richness is prone to security issues. In particular, Web 2.0 attacks are difficult to detect and block since it is similar to legitimate traffic. As a ground for our research, we review past related works and explain what might be missing to tackle Web 2.0 security(More)
This paper proposes a cognitive method with the goal to get end users into the habit of checking the address bar of the web browser. Earlier surveys of end user behavior emphasized that users become victims to phishing due to the lack of knowledge about the structure of URLs, domain names, and security information. Therefore, there exist many approaches to(More)