Project Publications
LOCARD related articles have been published in high-rated journals and presented in top conferences. The following list depicts all articles published and presented from the beginning of the project.

Abstract:

Online recommendation services, such as e-commerce sites, rely on a vast amount of knowledge about users/items that represent an invaluable resource. Part of this acquired knowledge is public and can be accessed by anyone through the Internet. Unfortunately, that same knowledge can be used by competitors or malicious users. A large body of research proposes methods to attack recommender systems, but most of these works assume that the attacker knows or can easily access the rating matrix. In practice, this information is not directly accessible, but can only be gathered via crawling.

Considering such real-life limitations, in this paper, we assess the impact of different crawling approaches when attacking a recommendation service. From the crawled information, we mount different shilling attacks. We determine the value of the collected knowledge through the reconstruction of the user/item neighborhood. Our results show that while crawling can indeed bring knowledge to the attacker (up to 65% of neighborhood reconstruction), this will not be enough to mount a successful shilling attack in practice.


Authors: Aiolli, F., Conti, M., Picek, S., Polato, M.

ConferenceESORICS 2020

Date of Publication: September 2020

Publisher: Springer

Abstract:

The technological advance of drone technology has augmented the existing capabilities of flying vehicles rendering them a valuable asset of the modern society. As more drones are expected to occupy the airspace in the near future, security-related incidents, either malicious acts or accidents, will increase as well. The forensics analysis of a security incident is essential, as drones are flying above populated areas and have also been weaponised from radical forces and perpetrators. Thus, it is an imperative need to establish a Drone Digital Forensics Investigation Framework and standardise the processes of collecting and processing such evidence.

Although there are numerous drone platforms in the market, the same principles apply to all of them; just like mobile phones. Nevertheless, due to the nature of drones, standardised forensics procedures to date do not manage to address the required processes and challenges that such investigations pose. Acknowledging this need, we detail the unique characteristics of drones and the gaps in existing methodologies and standards, showcasing that there are fundamental issues in terms of their forensics analysis from various perspectives, ranging from operational and procedural ones, and escalate to manufacturers, as well as legal restrictions. The above creates a very complex environment where coordinated actions must be made among the key stakeholders. Therefore, this work paves the way to address these challenges by identifying the main issues, their origins, and the needs in the field by performing a thorough review of the literature and a gap analysis.


Authors: Evangelos Mantasa; Constantinos Patsakis

Journal: Array

Date of Publication: July 2022

Publisher: Elsevier

Abstract:

The advances in the miniaturisation of electronic devices and the deployment of cheaper and faster data networks have propelled environments augmented with contextual and real-time information, such as smart homes and smart cities. These context-aware environments have opened the door to numerous opportunities for providing added-value, accurate and personalised services to citizens. In particular, smart healthcare, regarded as the natural evolution of electronic health and mobile health, contributes to enhance medical services and people’s welfare, while shortening waiting times and decreasing healthcare expenditure. However, the large number, variety and complexity of devices and systems involved in smart health systems involve a number of challenging considerations to be considered, particularly from security and privacy perspectives. To this aim, this article provides a thorough technical review on the deployment of secure smart health services, ranging from the very collection of sensors data (either related to the medical conditions of individuals or to their immediate context), the transmission of these data through wireless communication networks, to the final storage and analysis of such information in the appropriate health information systems. As a result, we provide practitioners with a comprehensive overview of the existing vulnerabilities and solutions in the technical side of smart healthcare.


Authors: Edgar Batista; M. Angels Moncusi; Pablo López-Aguilar; Antoni Martinez-Ballesté; Agusti Solanas

JournalSensors

Date of Publication: October 2021

Publisher: MDPI

Abstract:

The proper exploitation of vast amounts of event data by means of process mining techniques enables the discovery, monitoring and improvement of business processes, allowing organizations to develop more efficient business intelligence systems. However, event data often contain personal and/or confidential information that, unless properly managed, may jeopardize people’s privacy while conducting process mining analysis. Despite its relevance, privacy aspects have barely been considered within process mining, and the field of privacy-preserving process mining is still in an embryonic stage.

With the aim to protect people’s privacy, this article presents a novel privacy-preserving process mining method based on microaggregation techniques, called k-PPPM, that increases privacy in process mining through k-anonymity. Contrary to current solutions, mostly based on pseudonyms and encryption, this method averts the re-identification of targeted individuals from attacks based on the analysis of process models in combination with location-oriented attacks, such as Restricted Space Identification and Object Identification attacks. The proposed method provides adjustable parameters to tune different anonymization aspects. Six real-life event logs have been employed to evaluate the method in terms of process models quality and information loss.


Authors: E. Batista; A. M.-Ballesté; A. Solanas

JournalJournal of Information Security and Applications

Date of Publication: August 2022

Publisher: Elsevier

Abstract:

Current connected and autonomous vehicles will contribute to various and green vehicular services. However, sharing personal data with untrustworthy Navigation Service Providers (NSPs) raises serious location concerns. To address this issue, many Location Privacy-Preserving Mechanisms (LPPMs) have been proposed. In addition, several quantification methods have been designed to help understand location privacy and illustrate how location privacy is leaked. However, their assessment is insufficient due to the incomplete assumptions about the adversary’s model. In particular, users tend to request the same navigation routes from home to workplace and acquire traffic information along the route. An adversary can collect the coordinates of adjacent locations and infer the two true locations. In this paper, we provide a formal framework for the analysis of LPPMs in navigation services. Our framework captures extra information that is available to an adversary performing localization attacks. By formalizing the adversary’s performance, we also propose and justify two new metrics to quantify location privacy in navigation services, namely accuracy and visibility . We assess the efficacy of two popular LPPMs for location privacy, i.e., differential privacy and k -anonymity. Experimental results demonstrate that the adversary can recover users’ locations with a high probability.


Authors: M. Li; Y. Chen; N. Kumar; C. Lal; M. Conti and M. Alazab

JournalIEEE Transactions on Green Communications and Networking

Date of Publication: January 2022

Publisher: IEEE 

Abstract:

Traffic monitoring services collect traffic reports and respond to users' traffic queries. However, the reports and queries may reveal the user's identity and location. Although different anonymization techniques have been applied to protect user privacy, a new security threat arises, namely, n-by-1 jamming attack, in which an anonymous contributing driver impersonates n drivers and uploads n normal reports by using n reporting devices. Such an attack will mislead the traffic monitoring service provider and further degrade the service quality. Existing traffic monitoring services do not support customized queries, and private information retrieval techniques cannot be applied directly in traffic monitoring. We formally define the new attack and propose a traffic monitoring scheme TraJ to defend the attack and achieve user-defined location privacy. Specifically, we bridge anonymous contributing drivers without disclosing their speed set by using private set intersection. Each RSU collects time traffic reports and structures a weighted proximity graph to filter out malicious colluding drivers. We design a user-defined privacy-preserving query method by encoding complex road network. We leverage the uploading phase from private aggregation to collect traffic conditions and allow requesting drivers to dynamically and privately query traffic conditions. We provide a formal analysis of TraJ to prove its privacy and security properties. We also construct a prototype based on a real-world dataset and Android smartphones to demonstrate its feasibility and efficiency. A formal analysis demonstrates the privacy and security properties. Extensive experiments illustrate the performance and defense efficacy.


Authors: M. Li, L. Zhu, Z. Zhang, C. Lal, M. Conti and M. Alazab

Journal: IEEE/ACM Transactions on Networking

Date of Publication: March 2022

Publisher: IEEE/ACM 

Abstract:

The Internet of Things facilitates the collection of large amounts of data: sensors, smartphones, and even home appliances, generate a data deluge about individuals, their context and the events in their daily life. Providers can analyse these data in order to extract patterns and increase knowledge about their services, either on their own or by transferring datasets to third parties. To mitigate the Big Brother effect, i.e. to preserve the individuals’ right to privacy, techniques in the scope of Statistical Disclosure Control (SDC) must be applied. Microaggregation, is one of the best-known methods in the SDC arena. However, its results are far from optimal. In this paper, we introduce Random Cluster Shuffling, a new post-processing method that aims at improving the results of microaggregation techniques. We describe the proposal and present some results that support the potential of our approach.


Authors: M. Li, L. Zhu, Z. Zhang, C. Lal, M. Conti and M. Alazab

Conference: International Conference on Applications in Electronics Pervading Industry, Environment and Society

Date of Publication: April 2022

Publisher: Springer

Abstract:

Malware authors are continuously evolving their code base to include counter-analysis methods that can significantly hinder their detection and blocking. While the execution of malware in a sandboxed environment may provide a lot of insightful feedback about what the malware actually does in a machine, anti-virtualisation and hooking evasion methods may allow malware to bypass such detection methods. The main objective of this work is to complement sandbox execution with the use of binary emulation frameworks. The core idea is to exploit the fact that binary emulation frameworks may quickly test samples quicker than a sandbox environment as they do not need to open a whole new virtual machine to execute the binary. While with this approach, we lose the granularity of the data that can be collected through a sandbox, due to scalability issues, one may need to simply determine whether a file is malicious or to which malware family it belongs. To this end, we record the API calls that are performed and use them to explore the efficacy of using them as features for binary and multiclass classification. Our extensive experiments with real-world malware illustrate that this approach is very accurate, achieving state-of-the art outcomes with a statistically robust set of classification experiments while simultaneously having a relatively low computational overhead compared to traditional sandbox approaches. In fact, we compare the binary analysis results with a commercial sandbox, and our classification outperforms it at the expense of the fine-grained results that a sandbox provides.


Authors: Vouvoutsis, V.; Casino, F.; and Patsakis, C.

JournalJournal of Information Security and Applications

Date of Publication: April 2022

Publisher: Elsevier

Abstract:

The COVID19 pandemic situation has opened a wide range of opportunities for cyber-criminals, who take advantage of the anxiety generated and the time spent on the Internet, to undertake massive phishing campaigns. Although companies are adopting protective measures, the psychological traits of the victims are still considered from a very generic perspective. In particular, current literature determines that the model proposed in the Big-Five personality traits (i.e., Openness, Conscientiousness, Extraversion, Agreeableness, and Neuroticism) might play an important role in human behaviour to counter cybercrime. However, results do not provide unanimity regarding the correlation between phishing susceptibility and neuroticism. With the aim to understand this lack of consensus, this article provides a comprehensive literature review of papers extracted from relevant databases (IEEE Xplore, Scopus, ACM Digital Library, and Web of Science). Our results show that there is not a well-established psychological theory explaining the role of neuroticism in the phishing context. We sustain that non-representative samples and the lack of homogeneity amongst the studies might be the culprits behind this lack of consensus on the role of neuroticism on phishing susceptibility.


Authors: P. López-Aguilar and A. Solanas.

ConferenceAnnual Computers, Software, and Applications Conference (COMPSAC)

Date of Publication: September 2021

Publisher: IEEE

Page 1 of 6

Slide 1
Join the community
Follow us and stay connected and updated.
EU flag Copyright © 2019 - 2022 LOCARD. All rights reserved. This project has received funding from the European Union’s Horizon 2020 Research and Innovation Programme under Grant Agreement nº 832735. This project reflects only the author’s view and the Commission is not responsible for any use that may be made of the information it contains.