oru.sePublications
Change search
Link to record
Permanent link

Direct link
BETA
Publications (10 of 38) Show all publications
Sigurdsson, G., Giaretta, A. & Dragoni, N. (2020). Vulnerabilities and Security Breaches in Cryptocurrencies. In: Ciancarini, P.; Mazzara, M.; Messina, A.; Sillitti, A.; Succi, G. (Ed.), Proceedings of 6th International Conference in Software Engineering for Defence Applications: . Paper presented at 6th International Conference in Software Engineering for Defence Applications (SEDA 2018), Rome, Italy, June 7-8, 2018. Springer
Open this publication in new window or tab >>Vulnerabilities and Security Breaches in Cryptocurrencies
2020 (English)In: Proceedings of 6th International Conference in Software Engineering for Defence Applications / [ed] Ciancarini, P.; Mazzara, M.; Messina, A.; Sillitti, A.; Succi, G., Springer, 2020Conference paper, Published paper (Refereed)
Place, publisher, year, edition, pages
Springer, 2020
Series
Advances in Intelligent Systems and Computing, ISSN 2194-5357 ; 925
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:oru:diva-71864 (URN)978-3-030-14686-3 (ISBN)978-3-030-14687-0 (ISBN)
Conference
6th International Conference in Software Engineering for Defence Applications (SEDA 2018), Rome, Italy, June 7-8, 2018
Available from: 2019-01-28 Created: 2019-01-28 Last updated: 2019-02-01Bibliographically approved
De Donno, M., Felipe, J. M. & Dragoni, N. (2019). ANTIBIOTIC 2.0: A Fog-based Anti-Malware for Internet of Things. In: 4th IEEE European Symposium on Security and Privacy Workshops, EUROS and PW 2019: Proceedings. Paper presented at 4th IEEE European Symposium on Security and Privacy Workshops (EUROS and PW 2019), Stockholm, Sweden, June 17-19, 2019 (pp. 11-20). IEEE
Open this publication in new window or tab >>ANTIBIOTIC 2.0: A Fog-based Anti-Malware for Internet of Things
2019 (English)In: 4th IEEE European Symposium on Security and Privacy Workshops, EUROS and PW 2019: Proceedings, IEEE , 2019, p. 11-20Conference paper, Published paper (Refereed)
Abstract [en]

The Internet of Things (IoT) has been one of the key disruptive technologies over the last few years, with its promise of optimizing and automating current manual tasks and evolving existing services. However, the increasing adoption of IoT devices both in industries and personal environments has exposed businesses and consumers to a number of security threats, such as Distributed Denial of Service (DDoS) attacks. Along the way, Fog computing was born. A novel paradigm that aims at bridging the gap between IoT and Cloud computing, providing a number of benefits, including security. In this paper, we present ANTIBIOTIC 2.0, an anti-malware that relies upon Fog computing to secure IoT devices and to overcome the main issues of its predecessor (ANTIBIOTIC 1.0). In particular, we discuss the design and implementation of the system, including possible models for deployment, security assumptions, interaction among system components, and possible modes of operation.

Place, publisher, year, edition, pages
IEEE, 2019
Keywords
Fog Computing, Internet of Things, Security, Distributed Denial of Service, Malware, Anti-Malware
National Category
Computer Sciences
Identifiers
urn:nbn:se:oru:diva-76974 (URN)10.1109/EuroSPW.2019.00008 (DOI)000485315600002 ()2-s2.0-85071931412 (Scopus ID)9781728130262 (ISBN)
Conference
4th IEEE European Symposium on Security and Privacy Workshops (EUROS and PW 2019), Stockholm, Sweden, June 17-19, 2019
Available from: 2019-10-03 Created: 2019-10-03 Last updated: 2019-10-03Bibliographically approved
Herskind, L., Giaretta, A., De Donno, M. & Dragoni, N. (2019). BitFlow: Enabling Real‐time Cash‐flow Evaluations through Blockchain. Concurrency and Computation, Article ID e5333.
Open this publication in new window or tab >>BitFlow: Enabling Real‐time Cash‐flow Evaluations through Blockchain
2019 (English)In: Concurrency and Computation, ISSN 1532-0626, E-ISSN 1532-0634, article id e5333Article in journal (Refereed) Epub ahead of print
Abstract [en]

Disbursement registration has always been a cumbersome, opaque, and inefficient process, up to the point that most businesses perform cash-flow evaluations only on a quarterly basis. We believe that automatic cash-flow evaluations can actively mitigate these issues. In this paper, we presentBitFlow, ablockchain-based architecture thatprovides complete cash-flow transparency and diminishes the probability of undetected frauds through the BitKrone, a non-volatile cryptocurrency that maps to the Danish Krone (DKK). We show that confidentiality can be effectively achieved on a permissionless blockchain using Zero-Knowledge proofs, ensuring verifiable transfers and automatic evaluations. Furthermore, we discuss several experiments to evaluate our proposal, in particular, the impact that confidential transactions have on the whole system, in terms of responsiveness and from an economical expenditure perspective.

Place, publisher, year, edition, pages
John Wiley & Sons, 2019
Keywords
BitFlow, blockchain, bulletproofs, cash-flow, Ethereum, zero-knowledge
National Category
Computer Sciences
Identifiers
urn:nbn:se:oru:diva-78929 (URN)10.1002/cpe.5333 (DOI)
Available from: 2020-01-09 Created: 2020-01-09 Last updated: 2020-01-10Bibliographically approved
De Donno, M. & Dragoni, N. (2019). Combining ANTIBIOTIC with Fog Computing: ANTIBIOTIC 2.0. In: 2019 IEEE 3rd International Conference on Fog and Edge Computing, ICFEC 2019 - Proceedings: . Paper presented at 3rd IEEE International Conference on Fog and Edge Computing (ICFEC 2019), Larnaca, Cyprus, May 14-17, 2019. IEEE
Open this publication in new window or tab >>Combining ANTIBIOTIC with Fog Computing: ANTIBIOTIC 2.0
2019 (English)In: 2019 IEEE 3rd International Conference on Fog and Edge Computing, ICFEC 2019 - Proceedings, IEEE , 2019Conference paper, Published paper (Refereed)
Abstract [en]

The Internet of Things (IoT) has been one of the key disruptive technologies over the last few years, with its promise of optimizing and automating current manual tasks and evolving existing services. From the security perspective, the increasing adoption of IoT devices in all aspects of our society has exposed businesses and consumers to a number of threats, such as Distributed Denial of Service (DDoS) attacks. To tackle this IoT security problem, we proposed ANTIBIOTIC 1.0 In However, this solution has some limitations that make it difficult (when not impossible) to be implemented in a legal and controlled manner. Along the way, Fog computing was born: a novel paradigm that aims at bridging the gap between IoT and Cloud computing, providing a number of benefits, including security. As a result, in this paper, we present ANTIBIOTIC 2.0, an anti-malware that relies upon Fog computing to secure IoT devices and to overcome the main issues of its predecessor (ANTIBIOTIC 1.0). First, we present ANTIBIOTIC 1.0 and its main problem. Then, after introducing Fog computing, we present ANTIBIOTIC 2.0, showing how it overcomes the main issues of its predecessor by including Fog computing in its design.

Place, publisher, year, edition, pages
IEEE, 2019
Keywords
Fog Computing, Internet of Things, Security, Distributed Denial of Service, Malware, Anti-Malware
National Category
Computer Sciences
Identifiers
urn:nbn:se:oru:diva-75969 (URN)10.1109/CFEC.2019.8733144 (DOI)000480444000001 ()2-s2.0-85068409281 (Scopus ID)978-1-7281-2365-3 (ISBN)
Conference
3rd IEEE International Conference on Fog and Edge Computing (ICFEC 2019), Larnaca, Cyprus, May 14-17, 2019
Available from: 2019-08-29 Created: 2019-08-29 Last updated: 2019-08-29Bibliographically approved
De Donno, M., Giaretta, A., Dragoni, N., Bucchiarone, A. & Mazzara, M. (2019). Cyber-Storms Come from Clouds: Security of Cloud Computing in the IoT Era. Future Internet, 11(6), Article ID 127.
Open this publication in new window or tab >>Cyber-Storms Come from Clouds: Security of Cloud Computing in the IoT Era
Show others...
2019 (English)In: Future Internet, ISSN 1999-5903, E-ISSN 1999-5903, Vol. 11, no 6, article id 127Article in journal (Refereed) Published
Abstract [en]

The Internet of Things (IoT) is rapidly changing our society to a world where every thing is connected to the Internet, making computing pervasive like never before. This tsunami of connectivity and data collection relies more and more on the Cloud, where data analytics and intelligence actually reside. Cloud computing has indeed revolutionized the way computational resources and services can be used and accessed, implementing the concept of utility computing whose advantages are undeniable for every business. However, despite the benefits in terms of flexibility, economic savings, and support of new services, its widespread adoption is hindered by the security issues arising with its usage. From a security perspective, the technological revolution introduced by IoT and Cloud computing can represent a disaster, as each object might become inherently remotely hackable and, as a consequence, controllable by malicious actors. While the literature mostly focuses on the security of IoT and Cloud computing as separate entities, in this article we provide an up-to-date and well-structured survey of the security issues of cloud computing in the IoT era. We give a clear picture of where security issues occur and what their potential impact is. As a result, we claim that it is not enough to secure IoT devices, as cyber-storms come from Clouds.

Place, publisher, year, edition, pages
MDPI, 2019
Keywords
security, Internet of Things, Cloud computing
National Category
Computer Sciences
Identifiers
urn:nbn:se:oru:diva-75237 (URN)10.3390/fi11060127 (DOI)000473805800007 ()2-s2.0-85067464961 (Scopus ID)
Available from: 2019-07-25 Created: 2019-07-25 Last updated: 2019-07-25Bibliographically approved
De Donno, M., Tange, K. & Dragoni, N. (2019). Foundations and Evolution of Modern Computing Paradigms: Cloud, IoT, Edge, and Fog. IEEE Access, 7, 150936-150948
Open this publication in new window or tab >>Foundations and Evolution of Modern Computing Paradigms: Cloud, IoT, Edge, and Fog
2019 (English)In: IEEE Access, E-ISSN 2169-3536, Vol. 7, p. 150936-150948Article in journal (Refereed) Published
Abstract [en]

In the last few years, Internet of Things, Cloud computing, Edge computing, and Fog computing have gained a lot of attention in both industry and academia. However, a clear and neat definition of these computing paradigms and their correlation is hard to find in the literature. This makes it difficult for researchers new to this area to get a concrete picture of these paradigms. This work tackles this deficiency, representing a helpful resource for those who will start next. First, we show the evolution of modern computing paradigms and related research interest. Then, we address each paradigm, neatly delineating its key points and its relation with the others. Thereafter, we extensively address Fog computing, remarking its outstanding role as the glue between IoT, Cloud, and Edge computing. In the end, we briefly present open challenges and future research directions for IoT, Cloud, Edge, and Fog computing.

Place, publisher, year, edition, pages
IEEE, 2019
Keywords
Cloud computing, Edge computing, Internet of Things, Market research, Computer architecture, Licenses, Libraries, Fog computing, mobile cloud computing, mobile edge computing
National Category
Computer Sciences
Identifiers
urn:nbn:se:oru:diva-78533 (URN)10.1109/ACCESS.2019.2947652 (DOI)000497163000043 ()
Note

Funding Agencies:

European Union (EU) 764785

Fog Computing for Robotics and Industrial Automation (FORA)  

Available from: 2019-12-10 Created: 2019-12-10 Last updated: 2019-12-10Bibliographically approved
Giaretta, A., Dragoni, N. & Massacci, F. (2019). IoT Security Configurability with Security-by-Contract. Sensors, 19(19), Article ID E4121.
Open this publication in new window or tab >>IoT Security Configurability with Security-by-Contract
2019 (English)In: Sensors, ISSN 1424-8220, E-ISSN 1424-8220, Vol. 19, no 19, article id E4121Article in journal (Refereed) Published
Abstract [en]

Cybersecurity is one of the biggest challenges in the Internet of Things (IoT) domain, as well as one of its most embarrassing failures. As a matter of fact, nowadays IoT devices still exhibit various shortcomings. For example, they lack secure default configurations and sufficient security configurability. They also lack rich behavioural descriptions, failing to list provided and required services. To answer this problem, we envision a future where IoT devices carry behavioural contracts and Fog nodes store network policies. One requirement is that contract consistency must be easy to prove. Moreover, contracts must be easy to verify against network policies. In this paper, we propose to combine the security-by-contract (S × C) paradigm with Fog computing to secure IoT devices. Following our previous work, first we formally define the pillars of our proposal. Then, by means of a running case study, we show that we can model communication flows and prevent information leaks. Last, we show that our contribution enables a holistic approach to IoT security, and that it can also prevent unexpected chains of events.

Place, publisher, year, edition, pages
MDPI, 2019
Keywords
Fog computing, IoT, configurability, security, security-by-contract
National Category
Computer Systems
Identifiers
urn:nbn:se:oru:diva-76829 (URN)10.3390/s19194121 (DOI)000494823200065 ()31548501 (PubMedID)2-s2.0-85072578077 (Scopus ID)
Available from: 2019-09-30 Created: 2019-09-30 Last updated: 2019-11-22Bibliographically approved
Giaretta, A., Dragoni, N. & Massacci, F. (2019). Protecting the Internet of Things with Security-by-Contract and Fog Computing. In: 2019 IEEE 5th World Forum on Internet of Things (WF-IoT): . Paper presented at 5th IEEE World Forum on Internet of Things (WF-IoT 2019), Limerick, Ireland, April 15-18, 2019. IEEE
Open this publication in new window or tab >>Protecting the Internet of Things with Security-by-Contract and Fog Computing
2019 (English)In: 2019 IEEE 5th World Forum on Internet of Things (WF-IoT), IEEE , 2019Conference paper, Published paper (Refereed)
Abstract [en]

Nowadays, the Internet of Things (IoT) is a consolidated reality. Smart homes are equipped with a growing number of IoT devices that capture more and more information about human beings lives. However, manufacturers paid little or no attention to security, so that various challenges are still in place. In this paper, we propose a novel approach to secure IoT systems that combines the concept of Security-by-Contract (SxC) with the Fog computing distributed paradigm. We define the pillars of our approach, namely the notions of IoT device contract, Fog node policy and contract-policy matching, the respective life-cycles, and the resulting SxC workflow. To better understand all the concepts of the SxC framework, and highlight its practical feasibility, we use a running case study based on a context-aware system deployed in a real smart home.

Place, publisher, year, edition, pages
IEEE, 2019
Keywords
security-by-contract, Fog computing, IoT
National Category
Computer Sciences
Identifiers
urn:nbn:se:oru:diva-78009 (URN)10.1109/WF-IoT.2019.8767243 (DOI)000492865800001 ()2-s2.0-85073699472 (Scopus ID)978-1-5386-4980-0 (ISBN)
Conference
5th IEEE World Forum on Internet of Things (WF-IoT 2019), Limerick, Ireland, April 15-18, 2019
Available from: 2019-11-22 Created: 2019-11-22 Last updated: 2019-11-22Bibliographically approved
Tange, K., De Donno, M., Fafoutis, X. & Dragoni, N. (2019). Towards a Systematic Survey of Industrial IoT Security Requirements: Research Method and Quantitative Analysis. In: Ramachandran, GS; Ortiz, J (Ed.), Proceedings of the 2019 Workshop on Fog Computing and the IoT (IOT-FOG '19): . Paper presented at 2019 Workshop on Fog Computing and the IoT (IoT-Fog 2019), Montreal, Canada, April 15, 2019 (pp. 56-63). Association for Computing Machinery (ACM)
Open this publication in new window or tab >>Towards a Systematic Survey of Industrial IoT Security Requirements: Research Method and Quantitative Analysis
2019 (English)In: Proceedings of the 2019 Workshop on Fog Computing and the IoT (IOT-FOG '19) / [ed] Ramachandran, GS; Ortiz, J, Association for Computing Machinery (ACM), 2019, p. 56-63Conference paper, Published paper (Refereed)
Abstract [en]

Industry 4.0 and, in particular, Industrial Internet of Things (IIoT) represent two of the major automation and data exchange trends of the 21st century, driving a steady increase in the number of smart embedded devices used by industrial applications. However, IoT devices suffer from numerous security flaws, resulting in a number of large scale cyber-attacks. In this light, Fog computing, a relatively new paradigm born from the necessity of bridging the gap between Cloud computing and IoT, can be used as a security solution for the IIoT. To achieve this, the first step is to clearly identify the security requirements of the IIoT that can be subsequently used to design security solutions based on Fog computing. With this in mind, our paper represents a preliminary work towards a systematic literature review of IIoT security requirements. We focus on two key steps of the review: (1) the research method that will be used in the systematic work and (2) a quantitative analysis of the results produced by the study selection process. This lays the necessary foundations to enable the use of Fog computing as a security solution for the IIoT.

Place, publisher, year, edition, pages
Association for Computing Machinery (ACM), 2019
Keywords
Industrial Internet of Things, IIoT, Industry 4.0, Security, Fog Computing, Systematic Literature Review
National Category
Computer Sciences
Identifiers
urn:nbn:se:oru:diva-75280 (URN)10.1145/3313150.3313228 (DOI)000473542200012 ()2-s2.0-85066055366 (Scopus ID)978-1-4503-6698-4 (ISBN)
Conference
2019 Workshop on Fog Computing and the IoT (IoT-Fog 2019), Montreal, Canada, April 15, 2019
Note

Funding Agency:

European Union  764785

Available from: 2019-07-24 Created: 2019-07-24 Last updated: 2019-07-24Bibliographically approved
Giaretta, A., Pepe, S. & Dragoni, N. (2019). UniquID: A Quest to Reconcile Identity Access Management and the IoT. In: Mazzara M., Bruel JM., Meyer B., Petrenko A. (Ed.), Software Technology: Methods and Tools. Paper presented at 51st International Conference on Software Technology: Methods and Tools (TOOLS 2019), Innopolis, Russia, October 15-17, 2019 (pp. 237-251). Cham: Springer
Open this publication in new window or tab >>UniquID: A Quest to Reconcile Identity Access Management and the IoT
2019 (English)In: Software Technology: Methods and Tools / [ed] Mazzara M., Bruel JM., Meyer B., Petrenko A., Cham: Springer, 2019, p. 237-251Conference paper, Published paper (Refereed)
Abstract [en]

The Internet of Things (IoT) has caused a revolutionary paradigm shift in computer networking. After decades of human-centered routines, where devices were merely tools that enabled human beings to authenticate themselves and perform activities, we are now dealing with a device-centered paradigm: the devices themselves are actors, not just tools for people. Conventional identity access management (IAM) frameworks were not designed to handle the challenges of IoT. Trying to use traditional IAM systems to reconcile heterogeneous devices and complex federations of online services (e.g., IoT sensors and cloud computing solutions) adds a cumbersome architectural layer that can become hard to maintain and act as a single point of failure. In this paper, we propose UniquID, a blockchain-based solution that overcomes the need for centralized IAM architectures while providing scalability and robustness. We also present the experimental results of a proof-of-concept UniquID enrolment network, and we discuss two different use-cases that show the considerable value of a blockchain-based IAM.

Place, publisher, year, edition, pages
Cham: Springer, 2019
Series
Lecture Notes in Computer Science (LNCS), ISSN 0302-9743, E-ISSN 1611-3349 ; 11771
Keywords
IAM, Identity management systems, Blockchain, Internet of Things, IoT, Machine-to-machine, M2M
National Category
Computer Sciences
Identifiers
urn:nbn:se:oru:diva-78932 (URN)10.1007/978-3-030-29852-4_20 (DOI)2-s2.0-85075676910 (Scopus ID)978-3-030-29851-7 (ISBN)978-3-030-29852-4 (ISBN)
Conference
51st International Conference on Software Technology: Methods and Tools (TOOLS 2019), Innopolis, Russia, October 15-17, 2019
Available from: 2020-01-09 Created: 2020-01-09 Last updated: 2020-01-10Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0001-9575-2990

Search in DiVA

Show all publications