Who am I

Thibaud Ecarot

Information Security System researcher

Thibaud Ecarot received his Ph.D. in 2017 from the Télécom Sud Paris - Mines Télécom Institute in conjunction with the Pierre & Marie Curie University in Paris, France. He works as a researcher, cybersecurity partnership, and research coordinator at the Interdisciplinary research group in cybersecurity (GRIC) within the University of Sherbrooke. His research contributes to developing security methods for critical systems that protect sensitive data. It combines IT, regulatory review, and codes of ethics. His current research interests center on cyberspace security and computational intelligence. His work in computer security focuses on the cryptographic means to be implemented to protect complex systems containing sensitive data and on models that will facilitate the reproducibility of experiments and validate results for increased reliability.
Furthermore, in the context of cyber-physical systems, it is necessary to determine the methodologies and techniques to be used to defend against advanced and stealthy attacks that will have a lasting impact on several dimensions of these systems, such as confidentiality. Computational intelligence is a branch of computer science dedicated to issues that show a severe lack of practical computational algorithms due to NP-Hardness. Computational intelligence interferes with cybersecurity when modeling complex behaviors through fuzzy logic and a more extensive search space in threat detection. His current work in computational intelligence focuses on compliance with both hard and flexible nonlinear constraints and online algorithm design to ensure infrastructure and data security.
Name Thibaud Ecarot
Address Sherbrooke, Quebec, Canada
Email contact@thibaudecarot.me
Jami thibaudecarot

Work Experiences

Cybersecurity Specialist in Cryptography

Banque Nationale du Canada / National Bank of Canada
July 2023 - Present

  • I serve as the primary advisor on post-quantum cryptography migration and am responsible for drafting comprehensive strategies and methodologies.
  • Develop prioritization frameworks and tactical approaches to ensure a smooth and effective transition to post-quantum cryptography.
  • Provide expert consultation to internal teams, offering guidance on cryptographic practices and PQC transition efforts.
Logo BNC
Official BNC logo

Cybersecurity Partnership and Research Coordinator

Groupe de Recherche Interdisciplinaire en Cybersécurité (GRIC)
January 2022 - July 2023

  • Research on cryptographic methods and means can be improved and exploited to perfect and formalize the confidentiality of critical systems.
  • Theoretical and methodological work for formalizing areas of conflict in cyberspace to develop new proactive defenses.
  • Coordination of interdisciplinary research projects with students in collaboration with the professors of the group of research.
  • Establishment of national and international partnerships between the GRIC and industrial, governmental, and non-profit partners lucrative.
Logo GRIC
Official GRIC logo

Cybersecurity member of the Research Ethics Committee

Research Ethics Committee CIUSSS de l’Estrie — CHUS university hospitals
April 2019 - Present

  • Helped drafting an effective SOP for sensitive research data when implementing health studies.
  • Assessed the eligibility of security SOPs when a health research was conducted.
  • Participated in designing tools made to build and select security methods for sensitive data in health research while complying with Data Management Plan from the Tri-Council Policy Statement: Ethical Conduct for Research Involving Humans – TCPS 2 (2018) and further versions.
Logo CER CHUS
Official CER CHUS Estrie logo

Cybersecurity researcher for GRIIS

Groupe de recherche interdisciplinaire en informatique de la santé (GRIIS)
February 2018 - January 2022

  • Securizing the learning platform for health research and social services (PARS3). I have taken part in the designing and developing of tools and algorithms to ensure the de-identification of personal information as well as the confidentiality, security and access control of data processed by the computer systems pertaining to the Interdisciplinary Research Group in Health Informatics (GRIIS).
  • Coordinating the security team and their projects.
  • Fundraising for projects related to data security.
  • Developing a secure platform for the transfer of sensitive data by integrating means of protection for confidentiality and integrity.
  • Building new strategies for the efficient and secure deployment of infrastructures handling sensitive data.
  • Linux kernel system module development to add mitigation and protection when using confidential research data.
  • Architecture design for the infrastructure set-up capable of hosting and handling sensitive data.
Logo GRIIS
Official GRIIS logo

Chief Technology Officer for Cybersecurity Strategies and Innovation

Cloudgriffin
January 2017 - January 2018

  • Securing data and information in a multi-cloud environment. I offered a set of confidentiality techniques (searchable encryption, access control, homomorphic encryption).
  • Developing an algorithm for creating Indicator of Compromise (IoC) rules so resources could be protected within a public cloud platform. A ”sandbox” virtual machine was created on the fly on a system while potentially malicious activity was monitored.
  • Managing international funding.
  • A new evolutionary algorithm to generate IoC rules based on a set of non-linear constraints.
Logo Cloudgriffin
Official Cloudgriffin logo

Decision support assistant for cybersecurity optimization

Thales European Research Center for Security & Information Systems
January 2016 - November 2016

  • As an R&D engineer, my job was to provide security and performance solutions to data and security component allocation issues within sensitive IT infrastructures and departments. This is an absolute prerequisite for 5G technology and future virtualized network features.
  • Optimizing allocation of cloud data storage and improving customer confidence in virtualized platforms. This work was carried out in line with the European CLARUS project (around EUR4000K). I worked on an anonymous and secure data block allocation algorithm. It was written in C ++ using hybrid evolutionary algorithms. The aim was to help decision making by finding an efficient allocation solution.
  • I also worked on another project called SENDATE (secure networking for a cloud data center in Europe. Around EUR72,826K). My mission was to provide an allocation algorithm for remediation in the event of any cyberattack on 5G infrastructures. My goal was to reduce the impact of vulnerability by curbing the bad effects from critical to non-critical in a large-scale 5G infrastructure. Several key issues needed to kept on track among which bandwidth, service performance and overall costs.
Thales CIS
Critical Information Systems and Cybersecurity Commercial Presentation

PhD in IT & Network Engineering to improve security on Cloud platform

Thales European Research Center for Security & Information Systems
January 2013 - January 2016

  • WWorking on multiple targets, criteria and constraints algorithms for cloud resource allocation taking into account the interests of both the tenant (consumer) and infrastructure provider.
  • Designing an efficient algorithm to manage costs and availability of infrastructures.
  • Replacing the standard OpenStack scheduler which uses match-making algorithm by a new efficient algorithm managing costs and downtime.
  • Setting up a partnership between Thales and the Open Compute Project Foundation.
Cloud Tower
Cloud Computing Tower with OpenStack

Founding member Open Compute Project Europe

Open Compute Project Foundation
2014 - 2019

  • Founded by Facebook in April of 2011, Open Compute Project (OCP) seeks to design optimized hardware such as server, storage, others under the design philosophy of Open Hardware Computing.
  • Discussion with Mark Shuttleworth, Canonical Founder (Ubuntu system) about Cloud & virtualization.
  • Organization of the first OCP summit in Europe.
  • Meeting with Kushagra Vaid (General Manager, Cloud Server Engineering, Microsoft). Paris 2014
Open Compute Project Europe
Microsoft stand at Open Compute Project Europe summit - Kushagra Vaid

Linux System engineer

Thales
February 2012 – July 2012

  • Creation of indicators and methodology for analysis and prediction of shared storage backups.
  • Work Thales datacenter at Doncast on NetBackup supervision.
  • Improved infrastructure between production servers and backup system.
  • Design and implementation of the capacity forecast tools.
Open Compute Project Europe
Thales Data center Supervision

Publications

Peer-reviewed Conferences

  • Louis-Simon Letourneau, Frappier Marc, Ecarot Thibaud, and Tardif Pierre-Martin. Anomaly Detection on circular data using applications logs. In progress.
  • El Jabri Chaymae, Frappier Marc, Ecarot Thibaud, and Tardif Pierre-Martin. 2022. Development of Monitoring Systems for Anomaly Detection Using ASTD Specifications. In Theoretical Aspects of Software Engineering: 16th International Symposium, TASE 2022, Cluj-Napoca, Romania, July 8–10, 2022
  • T. Ecarot, B. Fraikin, L. Lavoie, M. McGilchrist and J. -F. Ethier, "Learning Health Systems: An Anonymous Network Routing Protocol" , IEEE International Symposium on Computer-Based Medical Systems, 2021
  • T. Ecarot, S. Dussault, A. Souid, L. Lavoie and J. -F. Ethier, "AppArmor For Health Data Access Control: Assessing Risks and Benefits," 2020 7th International Conference on Internet of Things: Systems, Management and Security (IOTSMS), Paris, France, 2020, pp. 1-7, doi: 10.1109/IOTSMS52051.2020.9340206.
  • T. Ecarot, B. Fraikin, F. Ouellet, L. Lavoie, M. McGilchrist and J. -F. Ethier, "Sensitive Data Exchange Protocol Suite for Healthcare," 2020 IEEE Symposium on Computers and Communications (ISCC), Rennes, France, 2020, pp. 1-7, doi: 10.1109/ISCC50000.2020.9219707.
  • T. Ecarot, D. Zeghlache and C. Brandily, "Consumer-and-Provider-Oriented Efficient IaaS Resource Allocation," 2017 IEEE International Parallel and Distributed Processing Symposium Workshops (IPDPSW), Lake Buena Vista, FL, USA, 2017, pp. 77-85, doi: 10.1109/IPDPSW.2017.97.
  • A. Fougères, P. Canalda, T. Ecarot, A. Samaali and L. Guglielmetti, "A Push Service for Carpooling," 2012 IEEE International Conference on Green Computing and Communications, Besancon, France, 2012, pp. 685-691, doi: 10.1109/GreenCom.2012.111.

Peer-reviewed Journals

  • Ecarot, T.; Frappier, M.; Tardif P.; A Survey of Key Management Systems for Complex Critical Systems - In progress
  • Ecarot, T.; Fraikin, B.; Lavoie, L.; McGilchrist, M.; Ethier, J.-F. A Sensitive Data Access Model in Support of Learning Health Systems. Computers 2021, 10, 25. https://doi.org/10.3390/computers10030025

Presentation

  • Protéger ces données à l'heure de la cryptographie post-quantique. (Ecarot T.) Colloque annuel du GRIC 2022
  • Les exigences de sécurité et les nouveaux modèles d’accès et d’échanges des données sensibles en santé , (Ecarot T.) Colloque Santé et numérique - juin 2022 - Montpellier France
  • Nouveau modèle d’accès aux données sensibles en soutien aux systèmes de santé apprenant, (Ecarot T.) Congrès ACFAS mai 2021
  • Chiffrement quasi-homomorphe et homomorphe complet et ces applications , (Ecarot T.) - Réunion scientifique, Université de Sherbrooke - mai 2019
  • Assurer la sécurité des données de bout en bout durant le cycle de vie d’une application, octobre 2018, (Ecarot T.) Jeux et défis informatiques de Sherbrooke Conférence
  • Infrastructure security: New behavioral detection for malwares. septembre 2017, (Ecarot T.) First Fridays For Startups
  • Operating Systems: Memory management and scheduling algorithms. juillet 2017, (Ecarot T.) National College of Ireland
  • How can you save Infrastructure costs? janvier 2016, (Ecarot T.) Thales Group
  • Orchestration sécurisée de réseaux basée sur une infrastructure Openstack. juin 2015, (Ecarot T.) Thales Group

Peer-reviewer and Technical Committee

  • 2022 - Technical Committee Member for IEEE Conference on ICT Solutions for eHealth
  • 2022 - Reviewer for Methods of Information in Medicine journal
  • 2021 - Technical Committee Member for IEEE Conference on ICT Solutions for eHealth
  • 2021 - Reviewer for Methods of Information in Medicine journal

Reports and theses

  • Gestion des secrets au sein d’infrastructure critique [Rapport de stage] , (Dembele B., Ecarot T. as supervisor) - Université de Sherbrooke - Août 2020
  • Allocation efficace de ressource Cloud dans l’intérêt du fournisseur et des consommateurs [Internet] [Thèse de doctorat] janvier 2017, (Ecarot T.) Télécom SudParis Université Pierre-Marie Curie

Posters

  • Formalisation du cycle de vie et des propriétés de sécurité associées aux informations classifiées dans une stratégie de défense en profondeur. , (Souid A., Ecarot, T.) Congrès ACFAS 2021
  • Outdoor computing for military application. mars 2015, (Ecarot, T., Marmin G.) Thales Research Days
  • Efficient resource allocation for distributed and connected clouds. 2014, (Ecarot T.; Zeghlache D.;Brandily C.) IPDPS 2014 PhD Forum
  • Cloud tower : Real-time mitigation and consolidation for virtual infrastructure. mars 2014, (Ecarot, T., Brandily C.) Thales InnovDays

Communications

  • ICSJWG Quaterly Newsletter. December 2022. Ecarot, T.; Frappier, M.; Tardif P.;
  • Noovo Info Estrie - Situation sur la fuite des données sensibles au sein de BRP. 25 août 2022
  • Radio Canada : Téléjournal du matin. Description des risques pour les employés de BRP. 12 août 2022
  • Noovo Info Estrie - Explication sur les impacts des rançongiciels. 11 août 2022
  • Radio Canada : Téléjournal de l'Estrie. Description des impacts d'une cyberattaque chez BRP. 10 août 2022
  • Radio Canada : Téléjournal du midi. Description des impacts d'une cyberattaque chez BRP. 10 août 2022
  • Radio Canada : Radio Estrie. Explication sur la défense contre les rançongiciels. 10 août 2022
  • Le bel Horizon du Plateau de Saclay. , (Ecarot T., Kamaloudine F., Volkaerts J.C., Tomas V.) Media Paris Saclay, 7 décembre 2014
  • Optimisation des panneaux solaires de la station spatiale internationale. , (Beck, C., Ecarot, T.) France Bleu, 16 février. 12:00, 19:00
  • Concours sur l’optimisation des panneaux solaires de la Station Spatiale Internationale. février 2013, (Vadam, L., Ecarot, T.) L’Est Républicain, 14 février, p. 1 -3
  • Cloud tower : Real-time mitigation and consolidation for virtual infrastructure. 2013, (Ecarot, T., Brandily C.) Thales InnovDays

Teaching activities

  • 2022: Overview of threats - Summer School in Cybersecurity, 4H, University of Sherbrooke
  • 2022: Risk Management and Example - Summer School in Cybersecurity, 6H, University of Sherbrooke
  • 2019: Security and cryptography, summer session, 40H, Université de Sherbrooke – Faculty of Science
  • 2019: Security and cryptography, winter session, 40H, Université de Sherbrooke – Faculty of Science
  • 2016: Web Technologies, , 42H, Paris-Sud University – Faculty of Sciences of Orsay Orsay, France
  • 2015 Network and Cloud, Web Technologies, Paris-Sud University – Faculty of Sciences of Orsay Orsay, France
  • 2015 J2EE Architecture, , 42H, Paris-Sud University – Faculty of Sciences of Orsay Orsay, France
  • 2015 Web Technologies, 14hours, Paris-Sud University – Orsay Faculty of Sciences

Grants and subsidies

  • 2022: Programme Samuel de Champlain entre la France et le Québec. (Tardif P.M., Ecarot T., Espes D.) CAN$ 30K au Québec FRQNT- En cours.
  • 2021: Initiative visant le renforcement de la capacité de gestion des données de recherche. (Cumyn A., Ecarot T., Ethier J.F.) CAN$ 8K CRSH Programme Connexion
  • 2014: Système intelligent de gestion des ventilateurs dans un cluster de serveurs. US$ 5K Hackathon Open Compute Project Paris.
  • 2013: Bourse d'étude pour le financement du doctorat et des recherches en sécurité des réseaux- CAN$ 155K CIFRE- Paris, France

Education

Postdoctoral fellowship in information systems and sensitive data security

Université de Sherbrooke
2018 – 2021

  • Research projects on the protection of sensitive data used in health research. These projects are meant to improve the confidentiality of data during its use and storage in critical infrastructures.
  • Seeking funding from Canadian provincial and federal institutional research funds, as well as industry from Mitacs, a national non-profit research organization that, in partnership with universities, the private sector and government Canadian, offers interdisciplinary research programs.
  • Supervision of undergraduate/graduate students and student projects.

Doctor of Philosophy (Ph.D.), Cloud, Network and Optimization

Télécom SudParis - Institut Mines-Télécom
2013 – 2016

  • An efficient allocation of resources within a cloud computing platform: I offered a hybrid resolution method based on an evolutionary algorithm improved through tabu search.
  • Thesis carried out between Thales and Institut Mines-Télécom.
  • Decision Making and Automation within a Cloud Computing Platform: I designed a model that includes affinity / anti-affinity constraints to reflect both customer's and supplier's interests. This is a generic matrix model adaptable to many allocation issues in such a complex system as a cloud.

Master’s Degree, Mobile Computing Networks, IT engineering

Université de Franche-Comté
2010 – 2012

  • Final project oriented research study, co-design and implementation of a web-service prototypal Push for a carpooling service in real-time.
  • Modeling and optimization multiscale (Metaheuristics, Exact resolution...)
  • Mobility and geolocation (Realization of an android application with geolocation)
  • Heterogeneity and convergence networks (Layer TCP / IP)
  • AI development and networking for distributed resolution
  • Algorithms and graph theory
  • Development of webtool for publications managing for the Franche-Comté Computer Laboratory
  • Compiler and an interpreter development for the fictitious language MiniJaja

Bachelor’s Degree, Object-oriented design and development of parallel application

Université de Franche-Comté
2009 – 2010

  • Development and deployment of web application based on the J2EE and web-services
  • Unix/Windows Administration
  • JAVA, C#, C development
  • Systems and networks : Administration and security

PROFESSIONAL Skills

  • Mathematical optimization

  • Parallel and distributed systems

  • Metaheuristic Optimization

  • Cryptography

Theory

  • NIST Cybersecurity Framework

  • NIST SP 800-xx

  • ANSI

  • GDPR

  • HIPAA

Security framework

  • Kali Linux

  • Metasploit

  • Fscrypt kernel

  • Wireshark

  • Aircrack-ng

Security Tools

  • C/C++

  • GO

  • Rust

  • Statistical Computing Languages

  • Systems programming

Coding

Projects

Methodologies for Hiding Processes within Linux Systems