EL
Eleonora Losiouk
20 records found
1
VEDRANDO
A Novel Way to Reveal Stealthy Attack Steps on Android through Memory Forensics
The ubiquity of Android smartphones makes them targets of sophisticated malware, which maintain long-term stealth, particularly by offloading attack steps to benign apps. Such malware leaves little to no trace in logs, and the attack steps become difficult to discern from benign
...
E-Spoofer
Attacking and Defending Xiaomi Electric Scooter Ecosystem
Xiaomi is the market leader in the electric scooter (e-scooter) segment, with millions of active users. It provides several e-scooter models and Mi Home, a mobile application for Android and iOS to manage and control an e-scooter. Mi Home and the e-scooter interact via Bluetooth
...
Beware of Pickpockets
A Practical Attack against Blocking Cards
Today, we rely on contactless smart cards to perform several critical operations (e.g., payments and accessing buildings). Attacking smart cards can have severe consequences, such as losing money or leaking sensitive information. Although the security protections embedded in smar
...
GNN4IFA
Interest Flooding Attack Detection With Graph Neural Networks
In the context of Information-Centric Networking, Interest Flooding Attacks (IFAs) represent a new and dangerous sort of distributed denial of service. Since existing proposals targeting IFAs mainly focus on local information, in this paper we propose GNN4IFA as the first mechani
...
Security and Privacy of IP-ICN Coexistence
A Comprehensive Survey
Today's Internet is experiencing a massive number of users with a continuously increasing need for data, which is the leading cause of introduced limitations among security and privacy issues. To overcome these limitations, a shift from host-centric to data-centric is proposed, a
...
BreakMi
Reversing, Exploiting and Fixing Xiaomi Fitness Tracking Ecosystem
Xiaomi is the leading company in the fitness tracking industry. Successful attacks on its fitness tracking ecosystem would result in severe consequences, including the loss of sensitive health and personal data. Despite these relevant risks, we know very little about the security
...
Sim2Testbed Transfer
NDN Performance Evaluation
The Internet model has changed from its first design, rolling from host-centric to information-centric. Consequently, researchers foresee the urge for a new network paradigm that will be more suitable for the need of nowadays users. Named-Data Networking (NDN) adheres to the Info
...
HolA
Holistic and Autonomous Attestation for IoT Networks
Collective Remote Attestation (CRA) is a well-established approach where a single Verifier attests the integrity of multiple devices in a single execution of the challenge-response protocol. Current CRA solutions are well-suited for Internet of Things (IoT) networks, where the de
...
Face Recognition Systems
Are you sure they only consider your face?
Face recognition has been one of the major biometric authentication procedures in smart devices that allows users to provide an additional layer of security for accessing their device. The accuracy of image similarity should depend on the face and its expression, as could be extr
...
The attacks that leverage the side-channels produced by processes running on mobile and IoT devices are a concrete threat for cyber–physical systems. This special issue is focused on the most recent research work that investigates novel aspects of this topic. This editorial summa
...
What You See is Not What You Get
A Man-in-the-Middle Attack Applied to Video Channels
People usually think that digital screens are reliable devices. Unfortunately, attackers can exploit this blind trust to persuade a user to perform unintended actions. In this paper, we present a novel type of Man-in-the-Middle attack named Man-in-the-Video. Man-in-the-Video inte
...
ChoKIFA+
An early detection and mitigation approach against interest flooding attacks in NDN
Several ongoing research efforts aim to design potential Future Internet Architectures, among which Named-Data Networking (NDN) introduces a shift from the existing host-centric Internet Protocol-based Internet infrastructure towards a content-oriented one. However, researchers h
...
Vulnerabilities in Android webview objects
Still not the end!
WebView objects allow Android apps to render web content in the app context. More specifically, in Android hybrid apps (i.e., those having both Android code and web code) the web content can interact with the underlying Android framework through Java interfaces and WebViewClient
...
ICN PATTA
ICN privacy attack through traffic analysis
PATTA is the first privacy attack based on network traffic analysis in Information-Centric Networking. PATTA aims to automatically identify the category of requested content by sniffing the communication towards the first hop router. PATTA applies text processing and machine lear
...
Automated contact tracing is a key solution to control the spread of airborne transmittable diseases: it traces contacts among individuals in order to alert people about their potential risk of being infected. The current SARS-CoV-2 pandemic put a heavy strain on the healthcare s
...
Repack Me If You Can
An Anti-Repackaging Solution Based on Android Virtualization
A growing trend in repackaging attacks exploits the Android virtualization technique, in which malicious code can run together with the victim app in a virtual container. In such a scenario, the attacker can directly build a malicious container capable of hosting the victim app i
...
Do not let Next-Intent Vulnerability be your next nightmare
Type system-based approach to detect it in Android apps
Android is currently the most widespread operating system (OS) worldwide, but also the most prone to attacks. Despite the challenges faced by Industry and Academia to improve the Android OS security, it still has several vulnerabilities. Among those, the severity of the Next-Inte
...
Named Data Networking (NDN) is a relatively new architecture, adhering to the Information-Centric Networking (ICN) paradigm, which focuses on explicitly named, routable and addressable content. While addressing and overcoming some of the current Internet issues, ICN is also affec
...
The Road Ahead for Networking
A Survey on ICN-IP Coexistence Solutions
In recent years, the usage model of the Internet has changed, pushing researchers towards the design of the Information-Centric Networking (ICN) paradigm as a possible replacement of the existing architecture. Even though both Academia and Industry have investigated the feasibili
...
Spatial bloom filter in named data networking
A memory efficient solution
Among the possible future Internet architectures, Information Centric Networking (ICN) is the most promising one and researchers working on the Named Data Networking (NDN) project are putting efforts towards its deployment in a real scenario. To properly handle content names, the
...