Skip to main content
Cybersecurity

Research Spirit – Rethinking access control and security services for a better controlled, better protected information.

Privacy

Research Spirit – Scrutinizing thoughts to design non-traditional solutions for a better understood, better managed, and better owned information privacy for all.

Trust & Risk

Research Spirit – Designing risk management, trust measures, and social reputation models for a safer e-social world.

News

University of Insubria organized the Security, Privacy and Trust for Wearable Devices Workshop

STRICT SociaLab organized the “Security, Privacy and Trust for Wearable Devices” workshop in the framework of RAIS project. The workshop was held in Heraklion, Greece on September 9-10, 2021 as a part of RAIS activities that involved a summer school and an entrepreneurship workshop.

The following is the program with the speakers and their presentations’ titles:

SpeakerPresentation Title
Elisa BertinoSecurity of 4G and 5G cellular networks
Hamed HaddadiSafeguarding against Information Exposure From Consumer IoT Devices
Michael SirivianosCharacterizing abhorrent misinformative and mistargeted content on YouTube
Mauro ContiSide and Covert Channels: the Dr. Jekyll and Mr Hyde of Modern Technologies
Shahid RazaAutomated cybersecurity for Internet-connected Things
Arthur van der WeesSense & Sensibility in Sports: Personal & Interdependent Wearables that Work

LiMNet: Early-Stage Detection of IoT Botnets with Lightweight Memory Networks

STRICT SociaLab members Prof. Elena Ferrari, Prof. Barbara Carminati, and Ahmed Lekssays have published their new paper entitled: “LiMNet: Early-Stage Detection of IoT Botnets with Lightweight Memory Networks” at ESORICS 2021 with a collaboration with Dr. Šarūnas Girdzijauskas and Lodovico Giaretta from KTH Institute of Technology in Stockholm, Sweden in the framework of the RAIS project.

The following is the abstract of the new publication:

IoT devices have been growing exponentially in the last few years. This growth makes them an attractive target for attackers due to their low computational power and limited security features. Attackers use IoT botnets as an instrument to perform DDoS attacks which caused major disruptions of Internet services in the last decade. While many works have tackled the task of detecting botnet attacks, only a few have considered early-stage detection of these botnets during their propagation phase.

While previous approaches analyze each network packet individually to predict its maliciousness, we propose a novel deep learning model called LiMNet (Lightweight Memory Network), which uses an internal memory component to capture the behaviour of each IoT device over time. This memory incorporates both packet features and behaviour of the peer devices. With this information, LiMNet achieves almost maximum AUROC classification scores, between 98.8% and 99.7%, with a 14% improvement over state of the art. LiMNet is also lightweight, performing inference almost 8 times faster than previous approaches.

Blockchain-based Privacy Enforcement in the IoT domain

STRICT SociaLab members Prof. Elena Ferrari, Prof. Barbara Carminati, and Federico Daidone have published their new paper entitled: “Blockchain-based Privacy Enforcement in the IoT domain” at the IEEE Transactions on Dependable and Secure Computing.

The following is the abstract of the new publication:

The Internet of Things (IoT) pervades our lives every day and has given end users the opportunity of accessing personalized and advanced services based on the analysis of the sensed data. However, IoT services are also characterized by new challenges related to security and privacy because end users often share sensitive data with different consumers without precise knowledge of how they will be managed and used. To cope with these issues, we propose a blockchain-based privacy enforcement framework where users can define how their data can be used and check if their will is respected without relying on a centralized manager. The preliminary tests we performed, simulating different scenarios, show the feasibility of our approach.