Date depot: 6 avril 2021 Titre: Knowledge-based System for Cybersecurity in IoT environments Directrice de thèse: Lina MROUEH (LISITE) Encadrant : Nouredine TAMANI (LISITE) Encadrant : Saad EL JAOUHARI (LISITE) Domaine scientifique: Sciences et technologies de l'information et de la communication Thématique CNRS : Non defini Resumé: The progress in the area of embedded systems has favored the emergence of so called “smart objects” or “Things”. The latter incorporate, in a context of low energy consumption, various wireless communication capabilities combined with a microcontroller driving sensors and / or actuators. The Internet of Things (IoT) conceptualizes this new environment based on traditional networks connected with objects as specific components of the real world. However, this also leads to inherit all the problems of security, privacy and trust already present in the Internet. These problems rest with stronger acuity in this new environment, because of its particular characteristics. As the IoT domain is relatively new, the current available solutions are based on the adaptation of regular cybersecurity solutions from regular networks where the nodes are endowed with memory and computation resources that provide them the ability to perform complex processing that can help filter traffics, monitor events, and so on. It is not the case for IoT devices, which have very little resources. A security layer, generally implemented at the application level as a middleware, becomes then of a great importance to build trust in IoT environments. There are many approaches to build such a middleware, such as adopting authentication and access control platforms to ensure IoT data confidentiality and integrity. But it is not sufficient to protect both the devices and the data from network attacks such as denial of service, for instance. We explore, in this thesis, the potentialities of a knowledge-based system to protect a cyber-physical system by ensuring a one-in-all cybersecurity service for IoT environments. From theoretical point of view, the proposed topic is three-fold: - Knowledge representation to give semantics to the world considered in the study: IoT environment. - Learning and reasoning within this framework to extract from the collected data and the attached semantics the main situations seen as normal, then perform reasoning in order to assess any evolution within the system to detect anomalies. - To go beyond the detection and to start the prevention in general and for IoT environment in particular. From application point of view, the objectives, challenges and tasks to achieve in this PhD thesis are as follows: - To conceive a real IoT environment in order to experiment on and to produce datasets. - To design and implement a knowledge-based anomaly detection to protect the system from attacks. - Tests and assessment of the effectiveness of the proposed approach.