1. Hamza Aabirrouche, Eddy Caron, and Redhouane Messaoud. Towards AI-driven framework of Automating Security Orchestration in Clouds. In Scitepress, editor, ICISSP 2026. 12th International Conference on Information Systems Security and Privacy, Marbella, Spain, 4-6 March 2026.
   Note: 8 pages. hal-05492098.
   Keywords: Security.

   Abstract:

   In this paper, we present an AI-driven framework for securing Cloud deployments by integrating proactive compliance enforcement with adaptive threat detection. The proposed approach contributes in two primary ways. First, it addresses infrastructure hardening. Security directives and best practices (e.g., NIST, CIS, GDPR) are formalized through an ontology-based model. This model enables a fine-tuned Large Language Model (LLM) to automatically generate secure Infrastructure-as-Code (e.g., Terraform) artifacts and custom static analysis rules (e.g., Checkov). A dedicated analysis engine continuously validates these artifacts against compliance requirements, supporting iterative refinement to ensure policy conformance prior to deployment. Second, it focuses on post-deployment threat detection. A complementary LLM, trained on structured mappings among Sigma rules, MITRE ATT&CK, and CVEs, ingests real-time threat intelligence to detect emerging attack patterns. Upon identifying detection gaps, the model generates tailored Sigma rules that are automatically converted and deployed to SIEM platforms (e.g., ELK), and subsequently validated using simulated log scenarios before activation. Overall, this dual-layered approach-combining proactive policy enforcement with reactive threat detection-constitutes a scalable and automated framework that enhances the security lifecycle of modern Cloud environments.

   
   

   @InProceedings{ InProceedingsAabirrouche.ACM_26,
   abstract = {In this paper, we present an AI-driven framework for securing Cloud deployments by integrating proactive compliance enforcement with adaptive threat detection. The proposed approach contributes in two primary ways. First, it addresses infrastructure hardening. Security directives and best practices (e.g., NIST, CIS, GDPR) are formalized through an ontology-based model. This model enables a fine-tuned Large Language Model (LLM) to automatically generate secure Infrastructure-as-Code (e.g., Terraform) artifacts and custom static analysis rules (e.g., Checkov). A dedicated analysis engine continuously validates these artifacts against compliance requirements, supporting iterative refinement to ensure policy conformance prior to deployment. Second, it focuses on post-deployment threat detection. A complementary LLM, trained on structured mappings among Sigma rules, MITRE ATT&CK, and CVEs, ingests real-time threat intelligence to detect emerging attack patterns. Upon identifying detection gaps, the model generates tailored Sigma rules that are automatically converted and deployed to SIEM platforms (e.g., ELK), and subsequently validated using simulated log scenarios before activation. Overall, this dual-layered approach-combining proactive policy enforcement with reactive threat detection-constitutes a scalable and automated framework that enhances the security lifecycle of modern Cloud environments. },
   address = {Marbella, Spain},
   author = {Aabirrouche, Hamza and Caron, Eddy and Messaoud, Redhouane},
   booktitle = {ICISSP 2026. 12th International Conference on Information Systems Security and Privacy},
   editor = {Scitepress},
   keywords = {Security},
   month = {4-6 March},
   note = {8 pages. hal-05492098},
   title = {Towards {AI}-driven framework of {A}utomating {S}ecurity {O}rchestration in {C}louds},
   url = {https://inria.hal.science/hal-05492098},
   year = {2026} 
   }
   




2. Pierre Jacquet, Maxime Agusti, Eddy Caron, Camille Coti, Marcos Dias de Assunção, Laurent Lefèvre, and Anne-Cécile Orgerie. Untangling GPU Power Consumption: Job-Level Inference in Cloud Shared Settings. In ACM, editor, European Conference on Computer Systems (EuroSys) 2026 (EuroSys 2026), Edinburgh, April 2026. ACM Sigops In Europe, ACM.
   Note: To appear. hal number hal-05291033.
   

   @InProceedings{ InProceedingsJacquet.JACCD-d-ALO_26,
   address = {Edinburgh},
   author = {Jacquet, Pierre and Agusti, Maxime and Caron, Eddy and Coti, Camille and Dias de Assun{\c c}{\~a}o, Marcos and Lef{\`e}vre, Laurent and Orgerie, Anne-C{\'e}cile},
   booktitle = {European Conference on Computer Systems (EuroSys) 2026 (EuroSys 2026)},
   editor = {ACM},
   month = {April},
   note = {To appear. hal number hal-05291033},
   organization = {ACM Sigops In Europe},
   publisher = {ACM},
   title = {Untangling GPU Power Consumption: Job-Level Inference in Cloud Shared Settings},
   url = {https://hal.science/hal-05291033},
   year = {2026} 
   }
   

This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All person copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.

Les documents contenus dans ces répertoires sont rendus disponibles par les auteurs qui y ont contribué en vue d'assurer la diffusion à temps de travaux savants et techniques sur une base non-commerciale. Les droits de copie et autres droits sont gardés par les auteurs et par les détenteurs du copyright, en dépit du fait qu'ils présentent ici leurs travaux sous forme électronique. Les personnes copiant ces informations doivent adhérer aux termes et contraintes couverts par le copyright de chaque auteur. Ces travaux ne peuvent pas être rendus disponibles ailleurs sans la permission explicite du détenteur du copyright.

This document was translated from BibT_EX by bibtex2html