Research Interests:
This book constitutes the refereed proceedings of the International ECML/PKDD Workshop on Privacy and Security Issues in Data Mining and Machine Learning, PSDML 2010, held in Barcelona, Spain, in September 2010. The 11 revised full papers... more
This book constitutes the refereed proceedings of the International ECML/PKDD Workshop on Privacy and Security Issues in Data Mining and Machine Learning, PSDML 2010, held in Barcelona, Spain, in September 2010. The 11 revised full papers presented were carefully reviewed and selected from 21 submissions. The papers range from data privacy to security applications, focusing on detecting malicious behavior in computer systems.
Research Interests:
Research Interests:
Research Interests:
This book constitutes the refereed proceedings of the International ECML/PKDD Workshop on Privacy and Security Issues in Data Mining and Machine Learning, PSDML 2010, held in Barcelona, Spain, in September 2010. The 11 revised full papers... more
This book constitutes the refereed proceedings of the International ECML/PKDD Workshop on Privacy and Security Issues in Data Mining and Machine Learning, PSDML 2010, held in Barcelona, Spain, in September 2010. The 11 revised full papers presented were carefully reviewed and selected from 21 submissions. The papers range from data privacy to security applications, focusing on detecting malicious behavior in computer systems.
Many applications involve agents sharing a resource, such as networks or services. When agents are honest, the system functions well and there is a net profit. Unfortunately, some agents may be malicious, but it may be hard to detect... more
Many applications involve agents sharing a resource, such as networks or services. When agents are honest, the system functions well and there is a net profit. Unfortunately, some agents may be malicious, but it may be hard to detect them. We consider the intrusion response problem of how to permanently blacklist agents, in order to maximise expected profit. This is not trivial, as blacklisting may erroneously expel honest agents. Conversely, while we gain information by allowing an agent to remain, we may incur a cost due to malicious behaviour. We present an efficient algorithm (HIPER) for making near-optimal decisions for this problem. Additionally, we derive three algorithms by reducing the problem to a Markov decision process (MDP). Theoretically, we show that HIPER is near-optimal. Experimentally, its performance is close to that of the full MDP solution, when the (stronger) requirements of the latter are met.
ABSTRACT In many cases, we can only have access to a service by proving we are sufficiently close to a particular location (e.g., in automobile or building access control). In these cases, proximity can be guaranteed through signal... more
ABSTRACT In many cases, we can only have access to a service by proving we are sufficiently close to a particular location (e.g., in automobile or building access control). In these cases, proximity can be guaranteed through signal attenuation. However, by using additional transmitters an attacker can relay signals between the prover and the verifier. Distance-bounding protocols are the main countermeasure against such attacks; however, such protocols may leak information regarding the location of the prover and/or the verifier who run the distance-bounding protocol. In this paper, we consider a formal model for location privacy in the context of distance-bounding. In particular, our contributions are threefold: we first define a security game for location privacy in distance bounding; secondly, we define an adversarial model for this game, with two adversary classes; finally, we assess the feasibility of attaining location privacy for distance-bounding protocols. Concretely, we prove that for protocols with a beginning or a termination, it is theoretically impossible to achieve location privacy for either of the two adversary classes, in the sense that there always exists a polynomially-bounded adversary winning the security game. However, for so-called limited adversaries, who cannot see the location of arbitrary provers, carefully chosen parameters do, in practice, enable computational location privacy.
Research Interests:
ABSTRACT RFID technology is one of the most pervasive computing technologies with important advantages and a wide range of applications. Nevertheless, the widespread adoption of RFID technology mainly depends on fixing the security and... more
ABSTRACT RFID technology is one of the most pervasive computing technologies with important advantages and a wide range of applications. Nevertheless, the widespread adoption of RFID technology mainly depends on fixing the security and privacy concerns of this technology. Using a tagged object should not lead to the traceability of this object. This concern is a challenging issue that has motivated the proposal of several authentication protocols that attempted to fix the traceability problem. In this paper, we analyze the security of three authentication protocols that have been recently proposed by Morshed et al. [2]. Our security analysis clearly highlights important security pitfalls in these protocols that lead to their vulnerability against traceability. The proposed attacks require only several runs of the protocols while the adversary's advantages to trace the tagged object are maximal.
Research Interests:
ABSTRACT At ACM CCS 2008, Rasmussen and Čapkun introduced a distance-bounding protocol [22] (henceforth RČ protocol) where the prover and verifier use simultaneous transmissions and the verifier counts the delay between sending a... more
ABSTRACT At ACM CCS 2008, Rasmussen and Čapkun introduced a distance-bounding protocol [22] (henceforth RČ protocol) where the prover and verifier use simultaneous transmissions and the verifier counts the delay between sending a challenge (starting with a hidden marker) and receiving the response. Thus, the verifier is able to compute an upper bound on the distance separating it and the prover. Distance bounding protocols should resist to the most classical types of attacks such as distance fraud and mafia fraud. In mafia fraud, a man-in-the-middle adversary attempts to prove to a legitimate verifier that the prover is in the verifier's proximity, even though the prover is in reality far away and does not wish to run the protocol. The RČ protocol was only claiming to resist distance fraud attacks. In this paper, we show a concrete mafia fraud attack against the RČ protocol, which relies on replaying the prover nonce which was used in a previous session between a legitimate prover and the verifier. This attack has a large probability of success. We propose a new protocol called LPDB that is not vulnerable to the presented attack. It offers state-of-the-art security in addition to the notion of location privacy achieved by the RČ protocol.
Research Interests:
Abstract There is a high need for secure authentication protocols conforming with the EPC Class-1 Generation 2 (Gen2 in short) standard. The security analyses of the new born authentication protocols provide some guidelines and lessons... more
Abstract There is a high need for secure authentication protocols conforming with the EPC Class-1 Generation 2 (Gen2 in short) standard. The security analyses of the new born authentication protocols provide some guidelines and lessons that should be considered in the design of new proposals. In this paper, we scrutinize the security of a Gen2 based RFID authentication protocol which has been recently proposed by Yi et al.[8]. Our security analysis highlights important security pitfalls in this proposal.
The communication between an honest prover and an honest verifier can be intercepted by a malicious man-in-the-middle (MiM), without the legitimate interlocutors noticing the intrusion. The attacker can simply relay messages from one... more
The communication between an honest prover and an honest verifier can be intercepted by a malicious man-in-the-middle (MiM), without the legitimate interlocutors noticing the intrusion. The attacker can simply relay messages from one party to another, eventually impersonating the prover to the verifier and possibly gaining the privileges of the former.
The communication between an honest prover and an honest verifier can be intercepted by a malicious man-in-the-middle (MiM), without the legitimate interlocutors noticing the intrusion. The attacker can simply relay messages from one... more
The communication between an honest prover and an honest verifier can be intercepted by a malicious man-in-the-middle (MiM), without the legitimate interlocutors noticing the intrusion. The attacker can simply relay messages from one party to another, eventually impersonating the prover to the verifier and possibly gaining the privileges of the former.
Abstract. The communication between an honest prover and an honest verifier can be intercepted by a malicious man-in-the-middle (MiM), without the legitimate interlocutors noticing the intrusion. The attacker can simply relay messages... more
Abstract. The communication between an honest prover and an honest verifier can be intercepted by a malicious man-in-the-middle (MiM), without the legitimate interlocutors noticing the intrusion. The attacker can simply relay messages from one party to another, eventually impersonating the prover to the verifier and possibly gaining the privileges of the former.
Distance bounding protocols form a family of challenge-response authentication protocols that have been introduced to thwart relay attacks. They enable a verifier to authenticate and to establish an upper bound on the physical distance to... more
Distance bounding protocols form a family of challenge-response authentication protocols that have been introduced to thwart relay attacks. They enable a verifier to authenticate and to establish an upper bound on the physical distance to an untrusted prover. They use the response time of the prover in order to estimate the distance between the prover and the verifier. We provide a detailed security analysis of a family of such protocols.
Abstract: Biometric recognition is an important tool that offers an efficient and reliable solution to the problem of user authentication. A large number of biometric systems are used for access control applications. Without doubt the... more
Abstract: Biometric recognition is an important tool that offers an efficient and reliable solution to the problem of user authentication. A large number of biometric systems are used for access control applications. Without doubt the biometric technology has many favorable properties among which is included the strong link between a user and its authenticator for a biometric authentication system. Nevertheless, these advantages are also accompanied with increasing concerns about the security and privacy of biometric technology.
Research Interests:
Research Interests:
Research Interests:
AbstrAct The use of electronic technologies in government services has played a significant role in making citizens' lives more convenient. Even though the transition to digital governance has great advantages for the... more
AbstrAct The use of electronic technologies in government services has played a significant role in making citizens' lives more convenient. Even though the transition to digital governance has great advantages for the quality of government services it may be accompanied with many security threats. One of the major threats and hardest security problems e-government faces are the denial of service (DoS) attacks. DoS attacks have already taken some of the most popular e-government sites off-line for several hours ...
Research Interests:
Research Interests:
Research Interests:
Research Interests:
This book constitutes the refereed proceedings of the International ECML/PKDD Workshop on Privacy and Security Issues in Data Mining and Machine Learning, PSDML 2010, held in Barcelona, Spain, in September 2010. The 11 revised full papers... more
This book constitutes the refereed proceedings of the International ECML/PKDD Workshop on Privacy and Security Issues in Data Mining and Machine Learning, PSDML 2010, held in Barcelona, Spain, in September 2010. The 11 revised full papers presented were carefully reviewed and selected from 21 submissions. The papers range from data privacy to security applications, focusing on detecting malicious behavior in computer systems.
Research Interests:
This book constitutes the refereed proceedings of the International ECML/PKDD Workshop on Privacy and Security Issues in Data Mining and Machine Learning, PSDML 2010, held in Barcelona, Spain, in September 2010. The 11 revised full papers... more
This book constitutes the refereed proceedings of the International ECML/PKDD Workshop on Privacy and Security Issues in Data Mining and Machine Learning, PSDML 2010, held in Barcelona, Spain, in September 2010. The 11 revised full papers presented were carefully reviewed and selected from 21 submissions. The papers range from data privacy to security applications, focusing on detecting malicious behavior in computer systems.
Research Interests:
Livre: Progress in cryptology - africacrypt 2012 MITROKOTSA Aikaterini.