Olivier Paul Assistant Professor, ENISA Independent Expert RST Department Telecom Sud Paris 91011, Evry cedex, France Tel : +33 160 764 791 Fax : +33 160 764 711 Olivier.Paul@acm.org

Short Bio ...

2011-: Assistant professor for Institut Telecom Sud Paris within the Networks and Telecommunication Services department.

2002-2011: Assistant professor for Institut Telecom Sud Paris within the Network Software department.

2001-2002: Research Engineer for France Telecom R&D LLC within the San Francisco Unit. Mostly working on HFR (now CRS) routers evaluation as well as DoS/DDoS issues and solutions.

1997-2001: Research Assistant and Ph.D student for ENST Bretagne within the RSM department. Working on adapting filtering architectures/mechanisms for high speed networks.

1996-1997: Network Administrator for College Interarmées de Défense.

Teaching

Direct

• DDoS prevention schemes, practical and theoretical issues.
• EI2. Security Module. 2003-2005.
• EI3 ARAD. Security Module. 2003-2006.
• EI3 SSR. Security Filtering Module. 2008-.
• MSC CCN. Security Module. 2003-2004.
• MSC IT. Security Module. 2004-.
• Address Lookup and Packet Classification Algorithms, Theory and Practice.
• EI3 ARAD. Interconnection Networks Module. 2003-2004.
• MSC CCN. Interconnection Networks Module. 2003-2004.
• Filtering Architectures.
• EI3 SSR. Security Filtering Module. 2004-.
• An introduction to filtering issues.
• EI3 SSR. Security Filtering Module. 2004-.
• MSC IT. Security Module. 2004-.
• NAT, Firewalls and applications
• EI3 SSR. Security Filtering Module. 2009-.
• OSI model, Physical, Data-link, Network and Transport Layers.
• EI1. Data Networks module. 2004-.
• TCP/IP Introduction.
• EI1. Data Networks module. 2005-.
• Local Area Networks Introduction.
• EI1. Data Networks module. 2006-.

Coordination

• EI3 SSR. End of Study Project (PFE)
• EI3 SSR. Security Filtering
• EI1. Data Networks

Research

Most of my research during the last years dealt with Access Control in High Speed, Quality of Service aware Networks. However I'm more generally interested in the following themes:
• High Speed Networks
• Security Devices Architectures
• Network Measurement

Projects

Ongoing

• European
• IST FP7 DEcentralized, cooperative and privacy-preserving MONitoring for trustworthinesS (DEMONS) - 2.5 years IP project in partnership with Telefónica Investigación y Desarrollo S.A.U, NEC Europe Limited, Consorzio Nazionale Interuniversitario per le Telecomunicazioni, Forschungszentrum Telekommunikation Wien GmbH, Telekomunikacja Polska S.A.France Telecom, ETH Zurich, Singular Logic, INVEA-TECH a.s., Intitute of Communications and Computer Science, Optenet S.A and Kyos SARL.
• Status: Granted

Completed

• Internal:
• Détection et passivation des Dénis de Service Distribués (DDOS) - 1 year "incitatif" project in partnership with Ecole Nationale Supérieure des Télécommunications de Bretagne, Ecole Nationale Supérieure des Télécommunications and France Telecom R&D.
• Status: Granted
• Open Position: Filled
• National:
• RNRT Architecture Dynamique Pour la Sécurité des réseaux (ADSR) - 2 years precompetitive project in partnership with France Telecom R&D, Ecole Nationale Supérieure des Télécommunications, Alliance Qualité Logiciel - Groupe Silicomp and EADS TELECOM.
• Status: Granted
• Open Position: Filled
• European
• IST FP6 Distributed Adaptive Security by Programmable Firewall (DIADEM) - 2.5 years STRP project in partnership with Clavister, France Telecom R&D, University of Tubingen/Fraunhofer Fokus, IBM Research, Imperial College London, Jozef Stefan Institute and Polish Telecom.
• Status: Granted
• Open Position: Filled

Papers

• Maryline Laurent, Olivier Paul, Pierre Rolin, "Securing communications over ATM networks", 13th IFIP International Conference on Information Security IFIP/SEC'97, Copenhagen, Denmark, May 1997.
• Maryline Laurent, Olivier Paul, Pierre Rolin, "Securing communications over ATM networks" , 4th Workshop of the HP OpenView University Association HPOVUA'97, Madrid, Spain, April 1997.
• Maryline Laurent, Olivier Paul, Pierre Rolin, "Une solution de protection des communications sur les réseaux ATM", 6 ème Colloque Francophone sur l'Ingénierie des Protocoles CFIP'97, Liège, Belgium, September-October 1997.
• Maryline Laurent, Olivier Paul, Pierre Rolin, "Protection des communications sur les réseaux ATM" (invited presentation), 2 ème Colloque Francophone sur la Gestion de REseau et de Service GRES'97, St Malo, France, September 1997.
• Olivier Paul, Maryline Laurent, Sylvain Gombault, "Manageable parameters to improve access control in ATM networks", 5th Workshop of the HP OpenView University Association HPOVUA'98, Rennes, France, April 1998.
• Maryline Laurent, Olivier Paul, Pierre Rolin, "Securing Communications over ATM Networks: The Remote ATM Private Networks Interconnection Example", no 9-10 of Annales des télécommunications, September-October 1998.
• Maryline Laurent, Olivier Paul, Pierre Rolin, "Solution SAFE du projet Démosthène : un système de protection des communications sur les réseaux ATM", vol 18, no 6 of Technique et Science Informatique, June 1999.
• Olivier Paul, Maryline Laurent, "An Alternative Access Control Architecture for IP over ATM Networks", 4th IFIP Conference on Communications and Multimedia Security CMS'99, Leuven, Belgium, September 1999.
• Olivier Paul, Maryline Laurent, Sylvain Gombault, "Une architecture de gestion efficace du contrôle d'accés", Journées Doctorales Informatique et Réseaux JDIR'99, Evry, France, November 1999.
• Olivier Paul, Maryline Laurent, Sylvain Gombault, "Comment concilier controle d'accés et qualité de service dans les réseaux de type IP sur ATM ?", 13eme Congres De Nouvelles Architectures pour les Communications DNAC'99, Paris, France,December 1999.
• Olivier Paul, Maryline Laurent, Sylvain Gombault, "An Asynchronous Distributed Access Control Architecture For IP Over ATM Networks", 15th ACSA/ACM Annual Computer Security Applications Conference ACSAC'99, Phoenix Arizona, December 1999.
• Olivier Paul, Maryline Laurent, "Improving Packet Filters Management through Automatic and Dynamic Schemes", 15th IFIP International Conference on Information Security IFIP/SEC'2000, Beijing, China, August 2000.
• Olivier Paul, "Improving Network Access Control Integrity through Redundant Mechanisms", 15th IFIP International Conference on Information Security IFIP/SEC'2000, Beijing, China, August 2000.
• Olivier Paul, Maryline Laurent, Sylvain Gombault, "A Full Bandwidth ATM Firewall", In proceedings of ESORICS'2000, Lecture Notes in Computer Science, LNCS 1895, Springer-Verlag, October 2000.
• Olivier Paul, Maryline Laurent, "Techniques d'amélioration des méthodes de gestion automatique des routeurs filtrants", 8 ème Colloque Francophone sur l'Ingenierie des Protocoles CFIP'2000, Toulouse, France, October 2000.
• Olivier Paul, Maryline Laurent, "Improving Packet Filters Management through Automatic and Dynamic Schemes", Annales des télécommunications, Vol 56 ,num 9-10, 2001.
• Olivier Paul, "Techniques de prévention des dénis de service dans les réseaux public", Editions Technique de l'Ingénieur, 2003.
• Olivier Paul, "Improving Distributed Firewalls Performance through Vertical Load Balancing". In proceedings of Third IFIP-TC6 Networking Conference, NETWORKING 2004, Lecture Notes in Computer Science, LNCS 3042, Springer-verlag. May 2004.
• Cedric Aoun, Olivier Paul, Ahmed Sehrouchni, "Résolution des problèmes de routage asymétrique et du partage de charge avec les pare-feux", 11ème Colloque Francophone sur l'Ingénierie des Protocoles, CFIP'05, Bordeaux, France, March 2005.
• Olivier Paul, Jean Etienne Kiba, "Tradeoffs for Web Communications Fast Analysis", In proceedings of Fourth IFIP-TC6 Networking Conference, NETWORKING 2005, Lecture Notes in Computer Science, LNCS 3462, Springer-verlag. May 2005.
• Jean Etienne Kiba, Olivier Paul, "Une technique de catégorisation rapide des requêtes HTTP", In proceedings of Fourth conference on Security and Network Architectures, SAR 2005, Batz sur mer, France, June 2005.
• Olivier Paul, Jean Etienne Kiba, "RequIn, a tool for fast web traffic inference", In proceedings of 48th annual IEEE Global Telecommunications Conference, Globecom 2005, Saint Louis, MO, USA, November-December 2005.
• Gerhard Münz, Ali Fessi, Georg Carle, Oliver Paul, Dušan Gabrijelcic, Yannick Carlinet, Sherif Yusuf, Morris Sloman, Vrizlynn Thing, Jan van Lunteren, Patricia Sagmeister, Gero Dittmann, "DIADEM Firewall: Web Server Overload Attack Detection and Response", In proceedings of Broadband Europe (BBEurope), December 2005, Bordeaux, France.
• Olivier Paul, "Les pare-feux", Chapitre du traité IC2 sur la sécurité des réseaux et systèmes répartis, volume 2, Hermès Science, Yves Deswartes, Ludovic Me Editors, ISBN 2-7462-1259-5, March 2006.
• Ons Jelassi, Olivier Paul, "Markers-based Space Decomposition Algorithm: A new algorithm for multi-fields packet classification", In proceedings of 2006 IEEE Workshop on High Performance Switching and Routing, June 2006, Poznan, Poland.
• Ons Jelassi, Olivier Paul, "Un algorithme optimisé pour le filtrage de paquets",In proceedings of Fifth conference on Security and Network Architectures, SAR 2006, June 2006, Seignosse, France.
• Ons Jelassi, Olivier Paul, "A two-level packet classification", In proceedings of first IEEE/IST Workshop on Monitoring, Attack Detection and Mitigation, September, 2006, Tuebingen, Germany.
• Olivier Paul, "Improving web servers focused DDoS attacks Detection", In proceedings of first IEEE/IST Workshop on Monitoring, Attack Detection and Mitigation, September, 2006, Tuebingen, Germany.
• Georg Carle, Morris Sloman, Olivier Paul Editors. Proceedings of first IEEE/IST Workshop on Monitoring, Attack Detection and Mitigation, ISBN 3-937201-02-5, ISSN 1862-7803, September, 2006.
• Olivier Paul, "Contrôle d'accès", Partie du chapitre "Les mécanismes de sécurité fondamentaux" du traité IC2 sur la sécurité des réseaux sans fil et mobiles, Hermès Science, Hakima Chaouchi, Maryline Maknavicius Editors, March 2007.
• Olivier Paul, "Improving web traffic inference using page level embedding information", In proceedings of second IEEE Workshop on Monitoring, Attack Detection and Mitigation, November 2007, Toulouse, France.
• Ons Jelassi, Olivier Paul, "Optimization study of a packet classification algorithm", In Annals of telecommunications/Annales des télécommunications, Vol. 62, n°11-12, November-December 2007.
• Olivier Paul, "Analyse de comportement de pare-feu par marquage de données", In proceedings of 3rd conference on Security of Network Architectures and Information Systems SAR/SSI’2008, October 2008, Loctudy, France.
• Olivier Paul,"Network Access Control", Parts of chapter "Security mechanisms" in "Wireless and Mobile Networks Security" book, ISTE (International Society for Technology in Education), Hakima Chaouchi, Maryline Maknavicius Editors, 2009.
• Olivier Paul, "Techniques de prévention des dénis de service dans les réseaux public", Editions Technique de l'Ingénieur, new edition, to appear.

Projects Deliverables

• Dusan Gabrijelcic, Editor"Initial Interfaces Specification", DIADEM FP6 IST project D2 delivrable, July 2004.
• Olivier Paul, Editor, "Attacks Detection Requirements Specification", DIADEM FP6 IST project D3 delivrable, July 2004.
• Sherif Yusuf, Editor, "Attacks Reaction Requirements Specification", DIADEM FP6 IST project D4 delivrable, July 2004.
• Yannick Carlinet, Editor, "Architecture Specification", DIADEM FP6 IST project D5 delivrable, January 2005.
• Piotr Piotrowski, Editor, "Initial Demonstrator Specification", DIADEM FP6 IST project D7 delivrable, January 2005.
• Gerhard Muenz, Editor, "Initial Violation Detection Prototype", DIADEM FP6 IST project D9 delivrable, July 2005.
• Yannick Carlinet, Editor, "Integrated Prototype", DIADEM FP6 IST project D11 delivrable, January 2006.
• Piotr Piotrowski, Editor, "Testbed Specification", DIADEM FP6 IST project D12 delivrable, January 2006.
• Yannick Carlinet, Editor, "Plan for Exploitation of Results", DIADEM FP6 IST project D13 delivrable, September 2006.
• Ali Fessi, Editor, "Evaluation Report", DIADEM FP6 IST project D14 delivrable, September 2006.
• A. D’Alconzo, A. Berger and F. Ricciato, C. Callegari, T. Pepe, N. d’Heureuse, H. Debar, O. Paul, J. Garcia-Alfaro, J.M. Gomez, F. Romero, J. Roldan, A. Armenteros, "Application Layer Components: State of the Art(SoA) review", DEMON FP7 IST project D5.1 delivrable, November 2010.

Patents

• J.L. Simon, P. Rolin, O. Paul, M. Laurent, S. Gombault, Dispositif de controle d'acces entre des reseaux ATM, Patents FR2812491, WOFR0102394 and EP1303953, filed July 2000, granted January 2002, April 2003.
• O. Paul, S. Gombault, M. Laurent, C. Duret, H. Guesdon, J. Lattmann, Procédé de configuration d'une mémoire trie pour le traitement de paquets de données, et dispositif de traitement de paquets mettant en oeuvre un tel procédé, Patents FR2835991 and US20030156590, August 2003.
• O. Paul, S. Gombault, M. Laurent, C. Duret, H. Guesdon, J. Lattmann, Method and device for the processing of data packets , Patent EP1335565, August 2003.

Software

• The ATM Signaling Filtering Gateway, Version 0.2, July 2000.
• Web Server Monitor, Version 0.3, July 2005.

Reports, Posters, Presentations ...

• Olivier Paul, "Etude bibliographique sur les firewalls", March 1996.
• Olivier Paul "Conception et implémentation d'un module de sécurité pour les réseaux ATM", DEA thesis, September 1996.
• Olivier Paul, Maryline Laurent, "Où trouver les informations de contrôle d'accés dans le cas des réseaux ATM", technical report, August 1998.
• Olivier Paul, " Controle d'accés et qualité de service dans les réseaux basés sur ATM ", Poster, Ecole d'été des Réseaux Haut Débit et Multimédia, RHDM'99, Brest, France, September 1999.
• Olivier Paul, " Gestion efficace du controle d'accés dans les réseaux", Invited Talk, Séminaire réseaux et systèmes, IRISA, Rennes, France, January 2000.
• Olivier Paul, " CARAT, Controle d'Accés et qualité de service dans les Réseaux ATM", Presentation, Journée GOETIC, IRISA, Rennes, France, May 2000.
• Olivier Paul, " Controle d'Accés et Hauts Débits", Invited Talk, Journées Protection des Réseaux, SUPELEC, Rennes, France, May 2000.
• Olivier Paul, " Access Control and Quality of Service in ATM Networks", Poster, 7th Workshop of the HP OpenView University Association HPOVUA'00, Santorini, Greece, June 2000.
• Olivier Paul, " A Full Bandwidth ATM Firewall", Presentation, VTHD Meeting, Rennes, December 2000.
• Olivier Paul, " Le controle d'accés dans les réseaux ATM", Ph.D. Thesis, Rennes, February 2001.
• O.Paul, M. Laurent, S. Gombault, C. Duret, H. Guesdon, V. Laspreses, J. Lattman, J. Le Moal, P. Rolin, J-L. Simon, "Design and Implementation of a Full Bandwidth Firewall", March 2001.
• Olivier Paul, "An overview of Packet Tracking techniques in public networks", Tutorial, Sécurité et Architecture Réseau 2003, Marrakech, Morocco, June 2003.
• Olivier Paul, "An overview of Distributed Denial of Service Issues and Solutions in operator networks", Tutorial, Franco-Mexican Telecommunication summer school, Mexico DF, Mexico, August-September 2005.
• Olivier Paul, "There's nothing like a firewall", Panel presentation, second IEEE Workshop on Monitoring, Attack Detection and Mitigation, November 2007, Toulouse, France.

Other stuff...

Here are some pictures i took during the various trips i did since 1998.