Jordan Samhi

Doctoral researcher · University of Luxembourg

I am a Doctoral Researcher in Software Security and Software Engineering at the University of Luxembourg. I am part of the Interdisciplinary Centre for Security, Reliability and Trust (SnT) and member of TruX research group. Beforehand, I received my Master's degree in Computer and Information Systems Security from the University of Lorraine (France). My research interests are in the security aspects of software engineering, particularly in automatic malware and vulnerability detection using static code analysis. Currently, I am focusing on Android systems. My thesis is under the supervision of Prof. Jacques Klein and I am being advised by Prof. Tegawendé F. Bissyandé and Dr. Alexandre Bartel.

Education

University of Luxembourg

Doctoral degree (Ph.D.)
Software Engineering · Software Security · Software Analysis · Android malware detection · Vulnerability detection · Static Analysis

November 2019 - Present

University of Lorraine

Master's degree
Computer and Information Systems Security

Summa cum laude · 1/35

September 2018 - September 2019

University of Lorraine

First year of Master's degree
Computer and Information Science

Summa cum laude · 1/79

September 2017 - June 2018

University of Lorraine

Bachelor of Science
Computer and Information Science

Summa cum laude · 1/88

September 2016 - June 2017

Experience

Doctoral Researcher

University of Luxembourg · Interdisciplinary Centre for Security, Reliability and Trust · TruX

Research in the security aspects of software engineering with a particular focus on malware and vulnerability detection. Analysis of Android applications by reverse engineering and developing static analysis programs.

November 2019 - Present

Research Intern

University of Luxembourg · Interdisciplinary Centre for Security, Reliability and Trust · SerVal

Literature review on Static Analysis, Malware detection and Android Security. Reverse-engineering of Android applications. Study of anti-reverse-enrineering mecanisms. Open-source development of a solution based on pure static analysis to detect hidden malicious code.

April 2019 - September 2019

Projects

SPARTA

FNR

SPARTA is supported by Europe’s H2020 program, with the objective to develop and implement top-tier research and to design and test an efficient mechanism at european level for research governance and coordination. Strongly guided by concrete challenges forming an ambitious Cybersecurity research & innovation roadmap, SPARTA will setup unique collaboration means, leading the way in building transformative capabilities and forming a world-leading “Competence Network” across the EU.

November 2019 - Present

ONNIVA

FNR

ONNIVA is supported by Luxembourg's National Research Fund, with the objective to develop new approaches to detect Java vulnerabilities. This project focuses on deserialization vulnerabilities which occurs when a Java application accepts serialized files from untrusted sources. Approaches developed within the frame of this project focus on static analysis techniques.

March 2020 - Present

Publications

2021

  • RAICC: Revealing Atypical Inter-Component Communication in Android Apps
    Jordan Samhi, Alexandre Bartel, Tegawendé F. Bissyandé, Jacques Klein
    43rd International Conference on Software Engineering (ICSE), IEEE/ACM, Madrid, Spain
  • A First Look at Android Applications in Google Play related to Covid-19
    Jordan Samhi, Kevin Allix, Tegawendé F. Bissyandé, Jacques Klein
    Empirical Software Engineering, Springer (EMSE)

2020

  • Désamorcer des bombes logiques
    Jordan Samhi, Alexandre Bartel
    Multi-System & Internet Security Cookbook (MISC)

Artefacts

2021

  • RAICC: Revealing Atypical Inter-Component Communication in Android Apps
    DOI

  • A First Look at Android Applications in Google Play related to Covid-19
    DOI

Service

PC Member


2021

Mining Software Repositories Shadow PC member (MSR)
European Conference on Object-Oriented Programming Artifact Evaluation Committee member (ECOOP)

Paper reviews


2021

IEEE Access
Mining Software Repositories (MSR) (Shadow reviews)
IEEE Transactions on Software Engineering (TSE)
IEEE Transactions on Dependable and Secure Computing (TDSC)

2020

PeerJ Computer Science
IEEE/ACM International Conference on Software Engineering (ICSE) (Subreviewer)
IEEE/ACM International Conference on Automated Software Engineering (ASE) (Subreviewer)
IEEE Transactions on Software Engineering (TSE) (Subreviewer)
Empirical Software Engineering (EMSE) (Subreviewer)

2019

Central European Cybersecurity Conference (CECC) (Subreviewer)

Teaching

Introduction to Static Program Analysis

University of Luxembourg · Master in Information and Computer Sciences (MICS2-40)

Introduction to the fundamental theoretical concepts and techniques of static analysis. Implementation of algorithms to solve concrete problems.

February 2021 - June 2021

Introduction to Static Program Analysis

University of Luxembourg · Master in Information and Computer Sciences (MICS2-40)

Introduction to the fundamental theoretical concepts and techniques of static analysis. Implementation of algorithms to solve concrete problems.

February 2020 - June 2020

Supervisions

Mansaf Bourkaib

University of Lorraine (France) · Master's in Information and Computer Security, Networks and Virtual Architectures.

Extracting Android apps information and building efficient query interface for selecting apps matching specific characteristics.

March 2021 - September 2021

Vanitha Varadharajan

University of Luxembourg · Master’s in Information and Computer Science

Mining source code samples from Pastebin public data.

February 2021 - August 2021

Sean Achtatou

University of Luxembourg · Bachelor in Computer Science

Machine-learning based characterization of Android Malware.

February 2020 - July 2020

Awards & Grants

Grants

FNR AFR Individual PhD grants Luxembourg (14596679)
March 2020 - November 2023

Contact