Welcome to my homepage

Photo de Thibault Cholez

About Me

I am, since September 2013, an Associate Professor at the University of Lorraine. I do my teaching activities at TELECOM Nancy, an engineering school in computer science affiliated to the Institut Mines-Télécom and Lorraine INP; and I do my research activities in the MADYNES team within the laboratory LORIA / INRIA Nancy-Grand Est.

I graduated in 2007 from Henri-Poincare University, Nancy, France, for both a Master degree and an Engineering school (ESIAL) in Computer Science, with a minor in networking and systems. I did my PhD studies in the INRIA Nancy / LORIA laboratory and more precisely in the MADYNES research team on the monitoring and security of large P2P networks and I got my PhD degree from Henri-Poincare University in 2011. I did a first postdoc at the University of Technology of Troyes where I taught network services to Master's students and I contributed to a one-year research project proposing new ways to detect and mitigate attacks in P2P networks (pollution, Sybil attack). I did a second postdoc as a Research Associate in the Interdisciplinary Centre for Security, Reliability and Trust which is affiliated to the University of Luxembourg where I kept working on the monitoring and security of distributed networks, with a new particular interest for the new Content-Centric Networking paradigm. I was involved in two European FP7 research projects which aim to design new architectures to support the upcoming services based on the Internet of Things (BUTLER and IoT6). I also gave lectures to students in network security.

PhD Thesis

If you are interested in the Monitoring of structured peer-to-peer networks applied to the security of contents and can read french, my PhD Thesis is available here (some keywords: P2P networks, Distributed Hash Table, KAD, monitoring, honeypots, content indexation, security, Sybil attack, content pollution, attack detection, defense mechanisms). Otherwise, you may have a look on my publications.

The purpose of this thesis is to design and implement new monitoring solutions which are able to deal with the security issues affecting data stored in large structured P2P networks (DHT). There are two major types of issues. First, P2P networks are used to spread illegal contents whose activity is difficult to monitor accurately. Second, the indexation of regular contents can be corrupted (Sybil attack). We first designed a new approach to monitor contents based on the insertion of distributed probes in the network to take control of the indexation mechanism. The probes can attract all the related requests for a given content and assess the peers intent to access it by generating very attractive honeypots. We describe the weaknesses of the network allowing our solution to be effective despite recent protection mechanisms. We then present the services offered by our monitoring architecture and we evaluate its efficiency on KAD. We also present a real deployment whose purpose is to study pedophile contents on this network. Then, we focus on data integrity in distributed hash tables. We performed large scale monitoring campaigns on the KAD network. Our observations show that it suffers from a very harmful pollution of its indexation mechanism affecting 2/3 of the shared files and also from a large number of localized attacks targeting contents. To mitigate these threats, we propose a new efficient protection algorithm based on the analysis of the distribution of peers' ID found around an entry after a DHT lookup. We evaluate our solution and show that it detects the most efficient attacks with a very small false-negative rate, while the countermeasures successfully filter almost all malicious peers involved in an attack at a negligible cost. We demonstrate the direct applicability of our approach by implementing and testing our solution in real P2P networks.

Soutenons La Quadrature du Net ! Valid XHTML 1.0 Strict CSS Valide ! from oswd.