Selected Publications

We propose transferability from Large Geometric Vicinity (LGV), a new technique to increase the transferability of adversarial examples that exploits the geometry of the weight space.
ECCV 2022

Recent Publications


FLOSS Contributions

Significant Contributions

Minor Contributions



Master: Advanced topics in Applied Machine Learning

2nd year of Master in Computer Science. Two lectures, project, planning.

  1. Recalls of machine learning, machine learning frameworks, first part project
  2. Overwiew of adversarial machine learning, model calibration

Project: Creation and evaluation of fill-in-the-blank notebooks (part 1 on preprocessing and part 3 on adversarial examples)

Master: Introduction to Machine Learning

2nd year of Master in Space Science. Six sessions, including four based on the Machine Learning Refined book and one based on the Applied Machine Learning course of Andreas C. Müller. Summary slides.

  1. Recalls of linear algebra: “Machine Learning Refined” book, “Essence of linear algebra” videos serie of 3blue1brown, some formal definitions from the “Mathematics for Machine Learning” book.
  2. Zero-order optimization: Chapter 2, Appendix B.
  3. First-order optimization: Chapter 3, “Gradient descent, how neural networks learn” video from 3Blue1Brown.
  4. Linear regression and linear classification: Chapters 5 and 6
  5. ML project lifecycle: Data preparation, feature engineering, overfitting & underfitting, model evaluation. Slides.
  6. Neural Networks (slides), Keras & Convolutional Neural Nets (slides) and Advanced Neural Networks (slides).


Master: Introduction to Machine Learning

2nd year of Master in Space Science. Two introductory lectures on Machine Learning. Slides.


Bachelor: Software engineering 2

3rd year of Bachelor in Computer Science. Four introductory lectures on Machine Learning Engineering. Course given online during lockdown. Quizzes on Moodle. Videos, Slides

  1. Introduction to Machine Learning: Useful Definitions, Types of Tasks in Machine Learning
  2. Introduction to Machine Learning: Recalls of Statistics, Model’s elements, Elements of Statistical Learning Theory
  3. Machine Learning Project Lifecycle: When to (not) use Machine Learning, Goal Definition, Data Collection & Preparation
  4. Machine Learning Project Lifecycle: Feature Engineering, Choosing and Training a model, Model Evaluation, Feedback loop


I served as a reviewer for the following conferences and journals.

Machine Learning Venues

  • NeurIPS 2022 (Datasets and Benchmarks Track)
  • IEEE Transactions on Image Processing (Journal)
  • AAAI 2021
  • AAAI 2022

Software Engineering Venues

  • ICSE 2021
  • ICSE 2022
  • FSE 2020
  • FSE 2022
  • ICST 2020
  • ICST 2021
  • QRS 2020
  • QRS 2022
  • SANER 2023


Other academic services

ML Reading Group

I organize and animate the weekly Machine Learning Reading Group at the SerVal group (University of Luxembourg) since February 2021.


Contributions to FLOSS Security

Vulnerabilities discovered:

CVE Software Type Description/Impact Links
CVE-2017-6877 Lutim Stored XSS Exposed all images uploaded by the user and their encryption keys issue
CVE-2017-10975 Lutim Stored XSS Idem. Hard to exploit in pratice issue
CVE-2017-1000051 CryptPad Stored XSS Exposed encryption keys of user data blog post
TeleR RCE 3 Arbitrary Code Executions on their server blog post soon
Turtl Stored XSS 3 XSS exposing encrypted data (incl. passwords)
NCrypt Stored XSS issue
not disclosed Stored XSS
not disclosed Stored XSS
Shaarli Stored XSS Markdown plugin MR
not disclosed Stored XSS
Framaforms Improper Access Control Exposed URL of all users forms No public record
Framaforms Stored XSS Exposed responses of user forms. Too permissive formats allowed to untrusted users issue
Framaforms Stored XSS issue
Framaslides Stored XSS Markdown not sanitized commit
Framaslides Stored XSS Escape markdown link sanitization (marked lib not updated) issue
Framaslides Stored XSS issue
CVE-2017-11594 Loomio Stored XSS Markdown not sanitized. Allows to cast users’ votes using their identity commit, demo
Loomio Stored XSS No restrictions to attached files (when served locally). Allows to cast users’ votes using their identity demo
Framemo & Sandstorm’s Scrumblr Stored XSS Markdown not sanitized issue, PR
Framemo & Sandstorm’s Scrumblr Formula Injection issue, MR
CVE-2017-1000039 Framadate Formula Injection issue, MR
not disclosed Stored XSS
CVE-2017-11593 Markdown Preview Plus Chrome’s Extension Stored XSS Led its users vulnerable to XSS in a ton of websites, by converting text, markdown and rst files to HTML without sanitization issue
not disclosed Stored XSS
Wallabag 2 & Graby Stored XSS PR
Kresus Stored Self-XSS Possible to leverage it by importing a malicious JSON issue
Dolomon Stored (Self)-XSS Multiple XSS. Some can be leveraged using a CSRF issue issue
Dolomon Improper Access Control Gave access to the URLs saved by all users issue
Dolomon Formula Injection issue
not disclosed Stored XSS
share-on-diaspora Wordpress Plugin Reflected Client XSS Fixed, but not discovered. PR


Fell free to contact me

Contact me preferably by email and follow me on Twitter or Mastodon.