Artificial Intelligence for Cyber and Cyber/Physical Security

Workshop on AI for Cybersecurity

Workshop Overview

Important Information

• Date: September 16th, 2025
  
• Time: 9h30 - 17h00
  
• Location: Comet Place des Victoires, 12 Rue du Mail, 75002 Paris, France
• Language: English
• Registration: Mandatory (Limited places)
• Cost: Free

Description

This workshop is dedicated to exploring the cutting-edge applications of Artificial Intelligence in strengthening cybersecurity and securing cyber-physical systems. We aim to delve into novel AI-driven approaches for threat intelligence, proactive defense mechanisms, anomaly detection, and automated incident response.

Inspired by the research carried out in KINAITICS, which investigates AI-based behavioral monitoring and defense strategies against complex threats, this event will showcase how AI can augment classical cybersecurity tools and address human factors and uncertainties in dynamic threat landscapes.

Organizers

Cédric Gouy-Pailler (CEA)

Program

Workshop Agenda

September 16th, 2025

program

Time	Session	Speaker
9h30 - 9h50	Welcome Coffee
9h50 - 10h00	Opening Remarks	Cédric GOUY-PAILLER (CEA)
10h00 - 11h00	Keynote 1: Threats and Mitigations Landscape in the Age of GenAI	Andrei KUCHARAVY (HES-SO, Switzerland)
11h00 - 11h15	Coffee Break
11h15 - 12h15	Session 1:
	PenTestFox: Intelligent Attack Graphs Meet Large Language Models in Semi-Automated Penetration Testing	Nikolaos VAKAKIS (CERTH, Greece)
	A Black-Box Query-Free Targeted Mimicry Attack on Binary Function Classifiers	Gabriel SAUGER (Université de Lorraine)
12h15 - 13h30	Lunch Break
13h30 - 14h30	Keynote 2: Can we really use LLM on edge devices for trustable, explainable and accurate malicious code detection: Theory and Practices	Yufei HAN (INRIA)
14h30 - 15h30	Session 2:
	MOMENT: A Multi-Objective Mitigation Engine using NSGA-II Techniques for Cyber Threat Response	Nikolaos VAKAKIS (CERTH, Greece)
	Enhancing Trustworthiness of Deep Learning-Based IDS: A Framework Combining Uncertainty Quantification and XAI	Majd SHALAK (Telecom SudParis)
15h30 - 16h00	Coffee Break
16h00 - 17h00	Session 3:
	Explainable AI for Process-Oriented Attacks Detection in Industrial Control Systems	Léa Astrid KENMOGNE (LIG, Grenoble-INP, INRIA)
	Enhancing Bot Detection With Causally and Temporally Constrained Counterfactual Examples for Targeted Retraining	Davy PREUVENEERS (KU Leuven, Belgium)
17h00	Closing Remarks	Organizers

Program subject to modifications

Keynote Speakers

Andrei Kucharavy

Institute of Informatics
HES-SO Valais-Wallis

Assistant Professor

Keynote 1: Threats and Mitigations Landscape in the Age of GenAI

Abstract: While LLMs have been a technology slowly developing since 2017, it was not until the public demo of ChatGPT in late 2022 that the general public became aware of its true potential, launching a global push to integrate and leverage LLMs across domains and industries and a proliferation of different open-weight public models.

While highly useful for defensive cybersecurity, this proliferation was also highly useful for cyber-criminals and APTs. Moreover, the hasty integration of LLM components into existing software across the board created new, vast, and poorly understood attack surfaces.

As the defensive and offensive teams are locked in an arms race to best leverage the arrival of LLMs and genAI to their advantage in the ever-changing threat and mitigation landscape, a clear winner is yet to emerge. The goal of this keynote is to leverage current and prior research at the intersection of cybersecurity and GenAI to gain insight into what the future might hold and how either side can still impact it.

Yufei Han

INRIA Rennes

Senior Researcher

Keynote 2: Can we really use LLM on edge devices for trustable, explainable and accurate malicious code detection: Theory and Practices

Abstract: Deployable Large Language models (1B to 7B parameters) work on consumer-available hardware, and their understanding of language can be of great use to Powershell malware detection and explanation.

However, such goal is prevented by their lacking of capacity due to the low number of parameters, being outmatched by large models (especially for those > 70B parameters). Our exploration aims to investigate how to reduce this gap through the compression of domain knowledge in textual form, thus being includeable into prompts to enhance deteciton and explanations. Thus, we develop GRAIL, a Powershell knowledge graph expressed as questions that LLMs can answer while reviewing input Powershell samples. While providing guidance to the model with domain knowledge, GRAIL acts as a plug-and-play enhancer that provide small LLMs runnable on edge devices with capabilities comparable with their larger and more powerful counterparts, avoiding the needs of cost-intensive re-training from scratch. Also, we highlight how the inclusion of GRAIL in prompts outmatches both fine-tuning and chain-of-thoughts techniques, hence acting as a single action to be taken at deployment time.

In parallel, our study also dives into adversarial robustness of the LLMs in analyzing codes. We show that code refracting may change the reasoning out from LLMs, yet without changing malicious functionalities programmed. This study demonstrates the risk of using LLM for security-critical applications, such as malware classification. On the other hand, this work paves the way towards how we can improve accordingly the robustness of LLM for code analysis.

Registration

Registration Information

• Participation: Free of charge
• Registration: Mandatory (Limited places available)
• Confirmation: You will receive a confirmation email

Online Registration Form (Attendance only)

Registration Form

Nom (Last Name) *

Prénom (First Name) *

Email *

Affiliation/Institution *

Position * -- Select Position -- Professor Researcher Post-doctoral Researcher PhD Student Master Student Industry Professional Other

Country

Participation Type *

Attendance only

Presentation Title

Abstract (max 300 words)

Published Paper Reference (if applicable)

Note: Proposals based on published papers will be given priority for talk slots.

I consent to the processing of my personal data for this event *

Practical Information

Venue Details

Comet Place des Victoires
12 Rue du Mail, 75002 Paris
France

Capacity: 40 participants

Getting There

Location on Maps: - Google Maps

Sponsors & Partners

We thank our sponsors and partners for their support:

The KINAITICS project is funded under Horizon Europe Grant Agreement n°101070176. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union. Neither the European Union nor the granting authority can be held responsible for them.

---