Keynotes
Abdelkader Lahmadi is a Full Professor of Computer Science at Université de Lorraine in France. He leads the RESIST research group at LORIA and the Inria Centre of Université de Lorraine. His research focuses on bridging the gap between Artificial Intelligence and cybersecurity for complex networked systems, with a particular emphasis on attack detection, prediction, and automated response. Beyond academia, he is the co-founder of CYBI, a cybersecurity company that develops AI-driven attack-path management and prioritization solutions, transferring cutting-edge research into real-world cybersecurity operations.
Artificial Intelligence for Cybersecurity: from LLM-Powered Offensive Capabilities to AI-Driven Attack Path Prediction
As Artificial Intelligence (AI) becomes deeply integrated into cybersecurity operations, its dual role as both a defensive enabler and an offensive catalyst is increasingly evident. On one side, AI supports defenders by enhancing detection, prediction, and mitigation of cyber threats. On the other, attackers are swiftly adopting AI models—particularly Large Language Models (LLMs)—to automate and amplify offensive operations. In this talk, I will explore this evolving landscape and illustrate how AI reshapes both sides of the cybersecurity battlefield. I will present recent advances from our research on applying Reinforcement Learning (RL) for automated attack-path discovery and prediction, as well as on evaluating the offensive potential of general- purpose LLMs for generating vulnerability exploitation steps.
Language: English (subtitled in French)
Christine Dugoin-Clément is a Research Associate at the “Risks” Chair of the IAE Business School, Paris 1 Panthéon-Sorbonne University, at the Observatory of Artificial Intelligence (Paris 1), and at the Research Center of the French National Gendarmerie (CRGN). A former auditor of the French Institute for Advanced Studies in National Defense (IHEDN), her research focuses on Ukraine, defense, influence strategies, and cybersecurity. Her most recent book, « Géopolitique de l’ingérence russe : la stratégie du chaos », was published by the Presses Universitaires de France (PUF).
Inside the Russian Approach to Cyber Interference
This presentation examines the new forms of digital interference driven by Russia, focusing on the hybridization of cyber and information operations, the use of disinformation, and the exploitation of social networks and generative artificial intelligence. It highlights the evolution of cybercrime since the war in Ukraine, the growing ties between state and criminal actors, and the influence and manipulation strategies deployed across digital platforms and cultural spaces. The talk also reflects on the broader challenges of credibility, regulation, and resilience in the face of today’s information warfare and its implications for democratic societies.
Language: English (subtitled in French)
Rémy Harel is a seasoned cybersecurity leader, currently heading a team of 20 mobile network cybersecurity experts at Orange Group, a role he has held for the past seven years. As a former security auditor, Rémy played a pivotal role in shaping 5G network security from its foundational stages, notably as Chairman of the 5G Security Group at NGMN. His practical expertise was instrumental in the selection and initial deployment of Orange Group's 5G networks, where he and his team conducted extensive on-site security audits to assess real-world security postures. Rémy actively collaborates with major 5G core network vendors, providing critical input on the security architecture and resilience of their solutions.
Beyond the Hype: Real-World 5G Security Challenges & Operational Strategies
5G is not “just another mobile generation”; it is a revolution poised to transform industries and lives. At C&ESAR 2025, I will delve into the critical security imperatives underpinning this transformation. My session will cut through the hype to address the real-world challenges we face in securing 5G deployments. We'll explore the evolving threat landscape, the complexities of supply chain integrity, and the operational realities of securing CI/CD pipelines. Expect actionable insights, regulatory foresight, and practical strategies derived from frontline experience. Let's discuss how to build resilient, trustworthy 5G networks from the ground up.
Language: English (subtitled in French)
Henrik Plate is the principal security researcher at Endor Labs, aiming to improve the security of today’s software supply chains, and the secure consumption of open source. He formerly worked for SAP Security Research, where he led the focus topic “Open Source Security” starting in 2014. He co-authored several academic papers on this topic, presented at academic and industry conferences like the RSA, is the project lead and core-developer of Eclipse Steady (an open source solution using program analysis techniques to assess the exploitability of vulnerabilities), and contributes to the Risk Explorer for Software Supply Chains (an open source solution to understand supply chain threats and safeguards). He earned his PhD in 2024 from the University of Rennes, France, with a thesis titled “On the Security Risks of Open Source Consumption: Vulnerabilities and Supply Chain Attacks in the Era of Open-Source-Based Software Development”. He received his MSc in Computer Science and Business Administration in 1999 from the University of Mannheim, Germany, and holds a CISSP certification.
Attacks on Open Source Software Supply Chains: Vectors, Case Studies, and Defenses
The widespread reliance on open source in modern software development has made it a prime target for supply chain attacks, in which adversaries inject malicious code into upstream projects, ultimately reaching developers and end users downstream. In August and September 2025 alone, several attacks against popular npm packages revealed novel techniques not previously observed in the wild—and, at the time of writing, further incidents continue to emerge. This talk surveys common attack vectors, illustrated through both historical and recent case studies, ranging from typo-squatting and dependency confusion to compromised CI/CD pipelines and npm malware. It also examines available countermeasures—both detective and preventive—highlighting their respective strengths and limitations.
Language: English (subtitled in French)
Davide Balzarotti is a full Professor and the head of the Digital Security Department at EURECOM. He received his Ph.D. from Politecnico di Milano in 2006 and his research interests include most aspects of software and system security and in particular the areas of binary and malware analysis, reverse engineering, computer forensics, and web security. Davide authored more than 100 publications in leading conferences and journals. He has been the Program Chair Usenix Security 2024, ACSAC 2017, RAID 2012, and Eurosec 2014. Davide received an ERC Consolidator and an ERC PoC Grants for his research on the analysis of compromised systems. Davide is is also member of the "Order of the Overflow" team, which organized the DEF CON CTF competition between 2018 and 2021.
Four Decades of Malware Research: Milestones, Synthesis, and Open Challenges
Since the emergence of the initial self-replicating viruses in the 1980s, the history of malware has undergone a rich and fascinating evolution - which attracted the interest of researchers, nation-state agencies, and multi-billion dollars corporations. By examining the main contributions in the field through the lens of thousands of published papers, in this talk I will identify a number of recurring themes and long-lasting challenges. The talk will also break down different areas of malware research and try to distill the major results that researchers obtained in this fascinating field.
Language: English (subtitled in French)
Clémentine Maurice is a Research Scientist at CNRS in the CRIStAL laboratory in Lille. She received her PhD from Telecom ParisTech in 2015, and subsequently worked as a postdoctoral researcher at Graz University of Technology in Austria. Her research focuses on microarchitectural attacks and their countermeasures. She also presented her work at hacker conferences such as CCC and Blackhat Europe, and is featured twice in the Mozilla Hall of Fame.
From Theory to Practice: Detecting and Preserving Constant-Time
Side-channel vulnerabilities keep showing up in cryptographic software—despite a decade of automated detection tools meant to stop them. Why do these leaks keep slipping through? In the first part of this keynote, we explore this paradox, benchmarking tools against real-world vulnerabilities and uncovering why detection is harder than it looks. In the second part, we show that even when developers get constant-time code right, the compiler may not. Optimization passes in GCC and LLVM can quietly sabotage security, turning constant time into wishful thinking. We reveal which optimizations are to blame, how to catch them, and what practical defenses developers can actually use. Your compiler is not your friend—but with the right knowledge, you can keep it from turning against you. We conclude by analyzing the impact of recent attacks on automated detection tools.
Language: English (subtitled in French)
Hugo Lefeuvre is a Postdoctoral Research Fellow at the University of British Columbia in Vancouver (Canada), where he researches topics at the intersection of systems and security. Earlier he was a PhD candidate at the University of Manchester (UK) and a Microsoft PhD Research Fellow. His PhD dissertation was awarded the EuroSys Roger Needham PhD Award.
Software Compartmentalization Everywhere - What Will it Take?
Software compartmentalization is the practice of breaking down a program into isolated components to mitigate the impact of bugs and security vulnerabilities. In the event of a compromise, compartmentalization contains the exploit, raising the bar for attackers to mount successful attacks. Although vastly successful in popular software such as web browsers or server software, compartmentalization is still not a widespread software development practice. In this talk, based on our recent publication "SoK: Software Compartmentalization" at IEEE S&P 2025, we will discuss compartmentalization approaches in industry and academia to understand the remaining challenges to making compartmentalization a truly widespread practice, raise awareness on this practice, and show how it can lead to fundamentally more secure and dependable software.
Language: English (subtitled in French)