Eric Filiol interview (Perseus Library talk) Hello Eric. To begin with, can you present your professional background for participants in LSM that do not know you yet? I have a PhD in applied mathematics and computer engineering in cryptology, and I now heads the Laboratory of Virology and Cryptology operational Graduate School in Computer, Electronics and Automation in Laval, since 2008, after 22 years in Defense (Infantry / Marine Troops), half in the field of information security and systems. He specializes in symmetric cryptography, especially in cryptanalysis in virology and operational cyber warfare techniques. I love running (marathon and half marathon), playing bass (when I have time) beer and wine. In the RMLL 2011, you will present the Perseus Project (http://www.esiea-recherche.eu/perse...). Without encroaching on the content of the talk, can you explain in what context this project started? Among the audience of LSM, what audience would be interested in this project? In fact it was originally against the threat of botnets that analyze network flows to retrieve sensitive data (credit card numbers, passwords ...) but soon (and perhaps unconsciously) it becomes obvious that this could be used to protect the privacy of Internet users, their data and exchange. In order to participate in efforts to more freedom on the Internet, to fight against censorship / abusive controls while meeting the needs of states. The research projects of the ESIEA place great way to open source software. Is it a willingness on the part of the research team to focus on this type of software? Yes it is a strong desire to participate in free software and favor such development. This corresponds to the sensitivity of hackers (in the good sense of the term) of a part of our research. To date we have over ten open source projects in operation. Can you give us some free tools recently developed ESIEA? The library Androguard (http://code.google.com/p/androguard/) for the analysis of binary Android The library Andromeda (http://code.google.com/p/andromeda/) for protection Perseus flow torrent The fork SECURE Clamav (http://code.google.com/p/se-clamav/) must become an AV Free, powerful and free term The library Mediggo (http://code.google.com/p/mediggo/) that provides powerful tools for detecting and cryptanalysis of cryptosystems like stream unknown The library malwarebehavioralautomata (http://code.google.com/p/malwarebeh...) for the analysis of execution traces of malware How ESIEA contribue to answer to the growing need for engineers specializing in computer security in government agencies? What types of projects in which students are dealing with graduation? In fact our engineering students are always aware of security with a minimum of 36 hours. They are also aware about free software because many free software tools are used (starting with Linux). Our students (engineers but also specialized masters) are preferentially recruited by the French Department of Defense who appreciates the quality of our training and culture of free and safe. We put in first job and about 40 students per year. As an expert in virology, and in view of recently emerged as threats or Stuxnet Stars, what role viruses may play in the future you think? I do not think Stuxnet is technically an advance except to the combination of several vulnerabilities and theft of cryptographic certificates. I think the future will be the diversion of cryptography (theft of certificates, malicious cryptography), the malware documents as was the case for the attack Bercy (pdf, odt, doc, xls ...) and above all they will become weapons for the surveillance of citizens, police missions, and cyber warfare. Thank you for the time you’ve spent on us, and see you soon in Strasbourg for the LSM. See you soon! PS: This interview was done by mail at the beginningof June 2011 by Mathieu Blanc co-chairman of the SecurityTopic of the RMLL 2011.