Publications & Demonstrators

All accepted publications from SPARTA partners under its funding as well as videos presenting some of the work done under SPARTA

Publications

Privacy Enhancing Technologies for solving the Privacy-Personalization Paradox

Nesrine Kaaniche, Maryline Laurent and Sana Belguith

Personal data are often collected and processed in a decentralized fashion, within different contexts. For instance, with the emergence of distributed applications, several providers are usually correlating their records, and providing personalized services to their clients. Collected data include geographical and indoor positions of users, their movement patterns as...More>>

Domains: Privacy, enhancing, technologies, Recommendation, services, Web-search, engines, Pervasive, applications, Location-based, Profile-based, Cryptographic, trends, Secure, communications, Anonymous, certification, Private, information, retrieval, multi-party, computation, Homomorphic, encryption, Trust, models

CFI: Control Flow Integrity or Control Flow Interruption?

Nicoló Maunero, Paolo Prinetto, Gianluca Roascio

Runtime memory vulnerabilities, especially present in widely used languages as C and C++, are exploited by attackers to corrupt code pointers and hijack the execution flow of a program running on a target system to force it to behave abnormally. This is the principle of modern Code Reuse Attacks (CRAs)...More>>

Domains: control, flow

Never Trust Your Victim: Weaponizing Vulnerabilities in Security Scanners

Andrea Valenza, Gabriele Costa, Alessandro Armando

The first step of every attack is reconnaissance, i.e., to acquire information about the target. A common belief is that there is almost no risk in scanning a target from a remote location. In this paper we falsify this belief by showing that scanners are exposed to the same risks...More>>

Domains: Research, in, Attacks, Intrusions, Defenses

Another Look at Privacy-Preserving Automated Contact Tracing

Qiang Tang

In the current COVID-19 pandemic, manual contact tracing has been proven very helpful to reach close contacts of infected users and slow down virus spreading. To improve its scalability, a number of automated contact tracing (ACT) solutions have proposed and some of them have been deployed. Despite the dedicated efforts,...More>>

Domains: Cryptography, Security, (cs.CR);, Computers, Society, (cs.CY)

dg2pix: Pixel-Based Visual Analysis of Dynamic Graphs

Eren Cakmak, Dominik Jäckle, Tobias Schreck, Daniel Keim

Presenting long sequences of dynamic graphs remains challenging due to the underlying large-scale and high-dimensional data. We propose dg2pix, a novel pixel-based visualization technique, to visually explore temporal and structural properties in long sequences of large-scale graphs. The approach consists of three main steps: (1) the multiscale modeling of...More>>

Domains: Human-centered, computing, Visualization, Visualization, techniques, Machine, learning, Learning, paradigms, Unsupervised, learning

Multiscale Snapshots: Visual Analysis of Temporal Summaries in Dynamic Graphs

Eren Cakmak, Udo Schlegel, Dominik Jäckle, Daniel Keim, Tobias Schreck

The overview-driven visual analysis of large-scale dynamic graphs poses a major challenge. We propose Multiscale Snapshots, a visual analytics approach to analyze temporal summaries of dynamic graphs at multiple temporal scales. First, we recursively generate temporal summaries to abstract overlapping sequences of graphs into compact snapshots. Second, we apply...More>>

Domains: Dynamic, Graph, Network, Unsupervised, Graph, Learning, Embedding, Multiscale, Visualization

Towards Automating Safety and Security Co-Analysis with Patterns

Yuri Dantas, Antoaneta Kondeva, Vivek Nigam

This article presents the first results towards au-tomating safety and security co-analysis with patterns.

More>>
Domains: safety, security, co-analysis, automation

Towards Incremental Safety and Security Requirements Co-Certification

Morgagni Andrea, Massonet Philippe, Dupont Sébastien, Grandclaudon Jeremy

The continuous technological developments andthe growing connectivity of applications and infrastructuresis leading to the new threats to the technological world inparticular to the possibility of considering certain threats inenvironments that were not previously touched by them. Nowthat many safety critical systems are becoming connected,they need to be protected from...More>>

Domains: cybersecurity, safety, certification, require-ments, incremental

Cybersecurity Certification for Agile and Dynamic Software Systems – a Process-Based Approach

Volkmar Lotz

In this extended abstract, we outline an approachfor security certification of products or services for moderncommercial systems that are characterized by agiledevelopment, the integration of development and operations,and high dynamics of system features and structures. Theproposed scheme rather evaluates the processes applied indevelopment and operations than investigates into the...More>>

Domains: security, certification, agile, development, software