| We are pleased to invite you to the 3rd annual DefMal workshop, organized as part of the PEPR Cybersecurity – DefMal project. The event will take place at EURECOM, Sophia Antipolis, on June 5–6, 2025. This workshop is an opportunity to bring together our teams from Nancy, Rennes, Paris, Sophia Antipolis, as well as our invited guests, to exchange ideas and share progress on our common topic: Combating Malware . We look forward to seeing you in Sophia Antipolis! |
Thursday, June 5
From 08h30: Welcome coffee
9h00 – 9h20: Workshop introduction by Jean-Yves Marion, Scientific Responsible for the DefMal
9h20 – 9h40: Aurélien Francillon (Eurecom), PEPR Cybersecurité : REV project presentation
9h40-10h10: Géraud Canet (CEA) – French PEPR Cybersécurité ecosystem
10h10 – 11h00: Invited speaker – Juan Caballero (IMDEA Software Institute) – Cryptocurrency and Blockchain Abuse by Malware
11h00 – 11h30: Coffee break
11h30 – 12h20: Invited speaker – Luca Demetrio (University of Genoa) – Pick Two: Robustness, Accuracy, Generalization in Malware Detection with AI
12h30 – 14h00: Lunch time
14h00-14h30: François Teyssier et Michel Mauny (INRIA) – PTCC : Programme de Transfert au Campus Cyber
14h30-15h00: Gregoire Menguy (CEA List) Binsec: A Reverse Engineering Point of View
15h00-16h00: Focus on DefMal Platforms – presentations, demo, discussion.
-Threat Nemesis (15’) – Poneypot (15’) – GoatTracer (15’) + Discussions
16h00-16h30: Coffee break
16h30: Dataset Brainstorming Session: Listing and Mapping Resources
17h30-18h00: Bureau DefMal
19h00: Dinner together
Friday, June 6
From 08h30- Welcome coffee
9h00 – 9h50: Invited speaker – Juan Tapiador, Universidad Carlos III de Madrid, The Threat Actor Naming Mess
09h50-10h10: Vincent Raulin (CentraleSupélec/IRISA) – Learning and Using Expert Knowledge with Machine Learning: CROISSANT
10h10-10h40: Charles-Henry Bertrand Van Ouytsel (Université Catholique de Louvain) – Static, Dynamic, Symbolic: Exploring Binary Representations for machine learning classification
10h40-11h00: Coffee break
11h00-11h30: Sébastien Killian (CentraleSupelec/IRISA) – A Deep Dive into Offensive Security Datasets: Examples and Methodology
11h30 – 12h00: Yufei Han (INRIA/IRISA) – Does Code LM really understand Code
12h00-12h30: Sébastien Larinier (Université de Lorraine, LORIA) – Dive in stalkerware ecosystem
12h30 – 14h00: Lunch break
14h00 – 14h30: Olzhas Zhangeldinov (CNRS/IRIF) – LTL model-checking for Concurrent Self-modifying Malware Detection (visio)
14h30 – 15h00: Leo Bertrand, (Université de Lorraine, LORIA) – The Use of LLMs to Automate Cyberattacks
15h00 – 15h30: Jean-Marie Mineau (CentraleSupelec/IRISA) – Android of Theseus: Patching applications to improve analysis
15h30 – 15h50: Coffee break
15h50 – 16h20: Shijie Lin (CNRS/IRIF) Reachability Analysis of Upper-Stack manipulating Binary code (visio)
16h30 : Conclusions
| Practical Information: EURECOM Campus SophiaTech, 450 Route des Chappes, CS 50193 – 06904 Biot Sophia Antipolis cedex, FRANCE https://www.eurecom.fr/en/access |
