Profile Picture

Jordan Samhi


Doctoral Researcher in Software Engineering and Software Security


About Me

I am a Doctoral Researcher in Software Security and Software Engineering at the University of Luxembourg. I am part of the Interdisciplinary Centre for Security, Reliability and Trust (SnT) and member of TruX research group. Beforehand, I received my Master's degree in Computer and Information Systems Security from the University of Lorraine (France). My research interests are in the security aspects of software engineering, particularly in automatic malware and vulnerability detection using static code analysis. Currently, I am focusing on Android systems. My thesis is under the supervision of Prof. Jacques Klein and I am being advised by Prof. Tegawendé F. Bissyandé and Prof. Alexandre Bartel.

Research

My research interests lie in Software engineering and Software Security with a emphasis on Android apps dissection:

  • Android code unification to perform comprehensive static analysis of Android apps: In Android apps, dex bytecode cohabits with native code which can be used through the Java Native Interface. Due to the challenge presented to analyze native code, it is most of the time overlooked by existing approaches. This limitation is a severe threat to validity since malicious behavior can be implemented in native code. Therefore, I have the ambition to propose a model unifying both the bytecode and the native code in Android apps. I proposed a first step toward this direction at the call-graph level and with more granularity at the statement level relying on heuristic-based defined statements.
  • Logic bomb detection in Android apps: Nowadays, one of the main goal of malware writers is to evade analyses. One prominent technique used to stay under the radar of dynamic analyzers is to use logic bombs. This mechanism triggers the malicious only under specific circumstances. As a challenging and unresolved problem, I tackle this problem with static approaches. After replicating existing approaches, I contributed to the research effort by proposing an hybrid approach combining static analysis and anomaly detection.
  • Improving Android apps Inter-Component Communication: Android apps are built upon several components that communicate together through Inter-Component Communication (ICC) mechanism. Modeling ICC is a key in Android apps static analysis to ensure data flow tracking through components, as reported by IccTA. However, a substantial number of ICC methods were overlook by the state of the art, leaving room to a lack of precision in app modeling. Indeed, I noticed that ICC can be triggered through what I called Atypical ICC methods (AICCM). To cope with this limitation, I built RAICC, an approach that is AICCM-aware. Hence, existing static approach can rely on RAICC to perform more complete analyses.

Publications

On The (In)Effectiveness of Static Logic Bomb Detector for Android Apps

Jordan Samhi, Alexandre Bartel.
IEEE Transactions on Dependable and Secure Computing (TDSC 2021)

DexRay: A Simple, yet Effective Deep Learning Approach to Android Malware Detection based on Image Representation of Bytecode

Nadia Daoudi, Jordan Samhi, Abdoul Kader Kaboré, Kevin Allix, Tegawendé F. Bissyandé, Jacques Klein.
2nd International Workshop on Deployable Machine Learning for Security Defense, Singapore, Aug. 2021 (MLHat @KDD)

Les dangers de Pastebin

Jordan Samhi, Tegawendé F. Bissyandé, Jacques Klein.
Multi-System & Internet Security Cookbook (MISC 05/2021)

RAICC: Revealing Atypical Inter-Component Communication in Android Apps

Jordan Samhi, Alexandre Bartel, Tegawendé F. Bissyandé, Jacques Klein.
43rd IEEE/ACM International Conference on Software Engineering, Madrid, Spain (ICSE 2021)

A first look at Android applications in Google Play related to COVID-19

Jordan Samhi, Kevin Allix, Tegawendé F. Bissyandé, Jacques Klein.
Empirical Software Engineering, Springer (EMSE 2021)

Désamorcer des bombes logiques

Jordan Samhi, Alexandre Bartel.
Multi-System & Internet Security Cookbook (MISC 09/2020)

Experience

University of Luxembourg · Interdisciplinary Centre for Security, Reliability and Trust · TruX

Doctoral Researcher, November 2019 - Present
Supervisor: Prof. Jacques Klein

Research in the security aspects of software engineering with a particular focus on malware and vulnerability detection. Analysis of Android applications by reverse engineering and developing static analysis programs.

University of Luxembourg · Interdisciplinary Centre for Security, Reliability and Trust · SerVal

Research Intern, April 2019 - September 2019
Supervisor: Prof. Alexandre Bartel

Literature review on Static Analysis, Malware detection and Android Security. Reverse-engineering of Android applications. Study of anti-reverse-enrineering mecanisms. Open-source development of a solution based on pure static analysis to detect hidden malicious code.

Supervisions

François Jullion

École Nationale Supérieure d’Ingénieurs de Bretagne-Sud (ENSIBS), France · June 2021 – August 2021

Engineering degreee in Software Security.
Automatically extracting logic bomb's guarded code using static analysis to build minimal Android app for further dynamic analysis.

Nahom Belay

National Institute of Applied Sciences of Toulouse (INSA), France · June 2021 – August 2021

Master's degreee in Software Security.
Manual characterization of Android malware families using reverse-enginnering tools.

Ye Qiu

University of Luxembourg · May 2021 – July 2021

Master's degree in Information and Computer Science.
Manual characterization of Android malware families using reverse-enginnering tools.

Mansaf Bourkaib

University of Lorraine, France · March 2021 – September 2021

Master's degree in Information and Computer Security, Networks and Virtual Architectures.
Extracting Android apps information and building efficient query interface for selecting apps matching specific characteristics.

Vanitha Varadharajan

University of Luxembourg · February 2021 – August 2021

Master's degree in Information and Computer Science.
Mining source code samples from Pastebin public data.

Sean Achtatou

University of Luxembourg · February 2020 – July 2020

Bachelor in Information and Computer Science.
Machine-learning based characterization of Android Malware.

Education

Doctoral Degree

University of Luxembourg

Software engineering and Software Security with emphasis on Android apps.

November 2019 - Present

Second year of Master's degree

University of Lorraine, France

Computer and Information Systems Security.

Summa cum laude · 1/35 September 2018 - September 2019

First year of Master's degree

University of Lorraine, France

Computer and Information Systems Security.

Summa cum laude · 1/79 September 2017 - June 2018

Bachelor of Science

University of Lorraine, France

Computer and Information Science.

Summa cum laude · 1/88 September 2016 - June 2017

Service

Teaching

Teaching

Static analysis and Malware detection · June 2021 - July 2021

University of Luxembourg · Doctoral programme in Computer Science and Computer Engineering

Introduction to Static Program Analysis · February 2021 - June 2021

University of Luxembourg · Master in Information and Computer Sciences (MICS2-40)

Introduction to Static Program Analysis · February 2020 - June 2020

University of Luxembourg · Master in Information and Computer Sciences (MICS2-40)

Projects

Sparta

SPARTA is supported by Europe’s H2020 program, with the objective to develop and implement top-tier research and to design and test an efficient mechanism at european level for research governance and coordination. Strongly guided by concrete challenges forming an ambitious Cybersecurity research & innovation roadmap, SPARTA will setup unique collaboration means, leading the way in building transformative capabilities and forming a world-leading “Competence Network” across the EU.

Onniva

ONNIVA is supported by Luxembourg's National Research Fund, with the objective to develop new approaches to detect Java vulnerabilities. This project focuses on deserialization vulnerabilities which occurs when a Java application accepts serialized files from untrusted sources. Approaches developed within the frame of this project focus on static analysis techniques.

Awards & Grants