This laboratory is coordinated with



The long-term ambition is to contribute to build distributed systems that are trustworthy and respectful of privacy, even when some nodes in the system have been compromised.

With this objective in mind, the CIDRE group focuses on three different aspects of security, namely trust, intrusion detection, and privacy as well as on the bridges that exist between these aspects. Indeed, we believe that to study new security solutions one must take into account that it is now a necessity to interact with devices whose owners are unknown. To reduce the risk of relying on dishonest entities, a trust mechanism is an essential prevention tool that aims at measuring the capacity of a remote node to provide a service compliant with its specification. Such a mechanism should allow to overcome ill-founded suspicions and to be aware of established misbehaviors. To identify such misbehaviors, intrusion detection systems are necessary. Such systems aim at detecting, by analyzing data flows, whether violations of the security policies have occurred. Finally, Privacy, which is now recognized as a fundamental individual right, should be respected despite the presence of tools and systems that continuously observe or even control users actions or behaviors.


The CIDRE team considers three complementary levels of study:

  • The Node Level: The term node either refers to a device that hosts a network client or service or to the process that runs this client or service. Node security management must be the focus of a particular attention, since from the user point of view, security of his own devices is crucial. Sensitive information and services must therefore be locally protected against various forms of attacks. This protection may take a dual form, namely prevention and detection.
  • The Group Level: Distributed applications often rely on the identification of sets of interacting entities. These subsets are either called groups, clusters, collections, neighborhoods, spheres, or communities according to the criteria that define the membership.
    Among others, the adopted criteria may reflect the fact that a unique person administrates its members, or that they share the same security policy. It can also be related to the localization of the physical entities, or the fact that they need to be strongly synchronized, or even that they share mutual interests.

    Due to the vast number of possible contexts and terminologies, we refer to a single type of set of entities, that we call set of nodes. We assume that a node can locally and independently identify a set of nodes and modify the composition of this set at any time. The node that manages one set has to know the identity of each of its members and should be able to communicate directly with them without relying on a third party.

    Despite these two restrictions, this definition remains general enough to include as particular cases most of the examples mentioned above. Of course, more restrictive behaviors can be specified by adding other constraints.
    We are convinced that security can benefit from the existence and the identification of sets of nodes of limited size as they can help in improving the efficiency of the detection and prevention mechanisms.

  • The Open Network Level: In the context of large-scale distributed and dynamic systems, interaction with unknown entities becomes an unavoidable habit despite the induced risk. For instance, consider a mobile user that connects his laptop to a public Wi-Fi access point to interact with his company.

    At this point, data (regardless if it is valuable or not) is updated and managed through non-trusted undedicated entities (i.e., communication infrastructure and nodes) that provide multiple services to multiple parties during that user connection. In the same way, the same device (e.g., laptop, PDA, USB key) is often used for both professional and private activities, each activity accessing and manipulating decisive data.

Presentation of the lab with Ludovic Mé, former head of the lab: (in French).



C Cube, Competence Center in Cybersurity. Announced at Fall 2020 and supported by the Brittany Regional Council, CentraleSupélec, ENS Rennes, ENSAI, IMT Atlantique, INSA Rennes, IEP, University Rennes 1 and University Rennes 2, CNRS and Inria, C CUBE aims to intensify the site's activities in the field of cybersecurity on the 3 axes of research, training and innovation. It will bring together in one place, in Rennes, activities related to these 3 axes and will strengthen synergies between partners. C CUBE will contribute to the promotion, in Europe and internationally, of Britain know-how and skills in cybersecurity.


Key Figures 2014

  • Faculty members: 12
  • PhD Students: 16
  • Post-Doc: 1
  • rank A publications (Source: Web Of Science): 14
  • Contracts: 394 K€


Academic Partners

La Sapienza university, Technische Universitaet Hamburg-Harburg, Inria, CNRS, INSERM, LAAS, LIRIS, Rennes 1 university, Nantes university, Institut Mines-Telecom, ENS Rennes, ENSI Bourges, ENSI Caen.


Industrial Partners

RHEA Systems SA, Alcatel-Lucent Bell Labs France, EPIST, DGA-MI, Thales, NEC Corporation, Microsoft, Atos Wordline, CS, Technicolor, Hewlett Packard, Orange Labs, Oberthur Technologies, ACEA, Amossys, Mobigis, Tisséo, CryptoExperts, MoDyCo.



Web site:

Leader: Valérie Viet Triem Tong
Tél: (+33) 2
Fax: (+33) 2

Latest submissions

Article in a review
Characterisation and quantification of condensed tannins in rapeseed hulls and meals by depolymerization methods
Xiaoxi Yu, Jean-Michel Le Quére, Hélène Sotin, Morgane Citeau, Sylvie Dauguet, Sylvain Guyot
Article in a review
Assessing the opportunity of combining state-of-the-art Android malware detectors
Nadia Daoudi, Kevin Allix, Tegawendé Bissyandé, Jacques Klein
Communication on a congress
AdvCat: Domain-Agnostic Robustness Assessment for Cybersecurity-Critical Applications with Categorical Inputs
Helene Orsini, Hongyan Bao, Yujun Zhou, Xiangrui Xu, Yufei Han, Longyang Yi, Wei Wang, Xin Gao, Xiangliang Zhang
Errors in the CICIDS2017 dataset and the significant differences in detection performances it makes
Maxime Lanvin, Pierre-François Gimenez, Yufei Han, Frédéric Majorczyk, Ludovic Mé, Eric Totel
Browse all laboratory submissions on HAL