Waël Kanoun

Paris-Saclay, France


At Nokia Bell Labs, I am a Head of Cyber Security Paris Department. My domain of expertise covers cyber security and defense, risk management, security policies, vulnerability and threat analysis, response systems, NFV, and SDN. My work focuses on dynamic risk management for comprehensive security evaluation and enforcement in critical infrastructures. My research is extensively published and I have filed many international patents. Moreover, I provide support and consultancy for Nokia's Business Units. I have served on review committees of several international conferences and journals. I hold a PhD and a Master's degree in information security from Telecom Bretagne, one of the prestigious French engineering graduate schools known as Les Grandes Écoles.


PhD in "Information & Cyber Security", Telecom Bretagne, 2010
Master in "Systems, Architectures & Networks", Telecom Bretagne, 2007

Selected articles and publications

  • On the Fly Design and Co-simulation of Responses against Simultaneous Attacks, European Symposium on Research in Computer Security (ESORICS), Austria, 2015.
  • Elementary Risks: Bridging Operational and Strategic Security Realms Elementary, 11th International Conference on Signal-Image Technology & Internet-Based Systems, Thailand, 2015.
  • Novel Decision Support System for Cyber Defence, NATO - SAS 106 Symposium on “Analysis support to decision making in cyber defence”, Estonia, 2014.
  • Coordination and Concurrency aware Likelihood Assessment of Simultaneous Attacks, 10th International Conference on Security and Privacy in Communication Networks (SECURECOMM), Bejing, 2014.
  • Dynamic Design of non Conflicting Responses against Simultaneous Attacks. C&ESAR, France, 2014.
  • Assessing the Likelihood of Individual, Coordinated and Simultaneous attack Scenarios. 9th Conference on Security of Networks and Information Systems Architectures (SARSSI), Lyon, France, 13-16 May, 2014.
  • Towards Dynamic Risk Management: Success Likelihood of Ongoing Attack, Bell Labs Technical Journal December 2012 issue on Delivering Network Assurance, volume 17, number 3, 2012.
  • Risk-aware Framework for Activating and Deactivating Policy-based Response, 4th IEEE International Conference on Network and System Security (NSS10); Melbourne, Australia, September 2010.


  • Formal Framework to Specify and Deploy Reaction Policies, Web-Based Information Technologies and Distributed Systems; Atlantis Press, 2010. Chapter 8.


  • Blockchain-based Authentication Method and System (17305152.5); 20 February 2017.
  • Blockchain-based Security Threat Detection Method and System (16306061.9); 16 August 2016.
  • Detection of Fraudulent Green Energy Producers for Secure Smart Grids (16305963.7); 26 July 2016.
  • Process For Preserving The Privacy Of A User Connected To A Network (14305566.3); 16 April 2014.
  • Method for Calculating and Analyzing Risks and Corresponding Device (13290145.5); 18 June 2013.
  • Monitoring Interactions with Audiovisual Content (13305369.4); 26 March 2013.
  • Method and Apparatus for Assessing the Efficiency of Rules of Filtering Devices Protecting a Network (13156372.8); 22 February 2013
  • Method for Adapting Security Policies of an Information System Infrastructure (10290250.9); 07 May 2010.
  • Method for Identifying Email Communication, and a Server and Email Client for Executing Same (10305694.1); 28 June 2010.