Automotive industries are maximizing cooperative interactions between vehicular sensors and infrastructure components to make intelligent decisions in its application (i.e traffic management, naviga- tion, or autonomous driving services). This cooperative behaviour also extends to security. With more connected and cooperative components of vehicular intelligent transportation systems (ITS), the possibility of...More>>

Collaborative filtering recommenders provide effective personalization services at the cost of sacrificing the privacy of their end users. Due to the increasing concerns from the society and stricter privacy regulations, it is an urgent research challenge to design privacy-preserving and yet robust recommenders which offer recommendation services to privacy-aware users....More>>

Visual Analytics is a complex sub-field of data analytics that concentrates on the use of the information visualization methods for facilitating effective analysis of data by employing visual and graphical representation. In cyber security domain, Effective visualization of the data allows to infer valuable insights that enable domain analysts to...More>>

Without appropriate counter-measures, cyber-attacks can exploit the increased system connectivity provided by Industry 4.0 (I4.0) to cause catastrophic events, by, e.g., injecting or tampering with messages. The solution supported by standards, such as, OPC-UA, is to sign or encrypt messages. However, given the limited resources of devices, instead of encrypting...More>>

2019-09-09 00:00:00 +0000 Runtime memory vulnerabilities, especially present in widely used languages as C and C++, are exploited by attackers to corrupt code pointers and hijack the execution flow of a program running on a target system to force it to behave abnormally. This is the principle of modern Code...More>>

On August 14, 2018, a new set of vulnerabilities collectively named “L1 terminal fault” were announced. Systems with microprocessors utilizing out-of-order execution could allow unauthorized disclosure of information residing in the L1 data cache, by tweaking the virtual memory abstraction. The vulnerability was therein mentioned for three different scenarios. In...More>>

Internet of Things (IoT) deployments expand as IoT security lags. This article surveys IoT security protocols standardized by the Internet Engineering Task Force and discusses remaining gaps. Although these standardized IoT security protocols do not completely secure IoT devices, they go a long way.

Cryptographic anonymous credential schemes allow users to prove their personal attributes, such as age, nationality, or the validity of a ticket or a pre-paid pass, while preserving their privacy, as such proofs are unlinkable and attributes can be selectively disclosed. Recently, Chase et al. (CCS 2014) observe that in such...More>>

While IoT deployments multiply in a wide variety of verticals, most IoT devices lack a built-in secure firmware update mechanism. Without such a mechanism, however, critical security vulnerabilities cannot be fixed, and IoT devices can become a permanent liability, as demonstrated by recent large-scale attacks. In this paper, we survey...More>>