Konstantinos Fysarakis - Academia.edu (original) (raw)

Papers by Konstantinos Fysarakis

Research paper thumbnail of Lightweight cryptography for embedded systems – A comparative analysis

Abstract. As computing becomes pervasive, embedded systems are deployed in a wide range of domain... more Abstract. As computing becomes pervasive, embedded systems are deployed in a wide range of domains, including industrial systems, critical infrastructures, private and public spaces as well as portable and wearable applications. An integral part of the functionality of these systems is the storage, access and transmission of private, sensitive or even critical information. Therefore, the confidentiality and integrity of the resources and services of said devices constitutes a prominent issue that must be considered during their design. There is a variety of cryptographic mechanisms which can be used to safeguard the confidentiality and integrity of stored and transmitted information. In the context of embedded systems, however, the problem at hand is exacerbated by the resource-constrained nature of the devices, in conjunction with the persistent need for smaller size and lower production costs. This paper provides a comparative analysis of lightweight cryptographic algorithms appli...

Research paper thumbnail of VirtuWind – An SDN- and NFV-Based Architecture for Softwarized Industrial Networks

Measurement, Modelling and Evaluation of Computing Systems, 2018

VirtuWind proposes the application of Software Defined Networking (SDN) and Network Functions Vir... more VirtuWind proposes the application of Software Defined Networking (SDN) and Network Functions Virtualization (NFV) in critical infrastructure networks. We aim at introducing network programmability, reconfigurability and multi-tenant capability both inside isolated and interconnected industrial networks. Henceforth, we present the design of the VirtuWind architecture that addresses the requirements of industrial communications: granular Quality of Service (QoS) guarantees, system modularity and secure and isolated per-tenant network access. We present the functional components of our architecture and provide an overview of the appropriate realization mechanisms. Finally, we map two exemplary industrial system use-cases to the designed architecture to showcase its applicability in an exemplary industrial wind park network.

Research paper thumbnail of Node . DPWS : Efficient Web Services for the IoT

Interconnected computing systems, in various forms, will soon permeate our lives, realizing the I... more Interconnected computing systems, in various forms, will soon permeate our lives, realizing the Internet of Things (IoT) and allowing us to enjoy novel, enhanced services that promise to improve our everyday life. Nevertheless, this new reality introduces significant challenges in terms of performance, scaling, usability and interoperability. Leveraging the benefits of Service Oriented Architectures (SOAs) can help alleviate many of the issues that developers, implementers and end-users alike have to face in the context of the IoT. This work presents Node.DPWS, a novel implementation of the Devices Profile for Web Services (DPWS) based on the Node.js platform. As such, Node.DPWS is the first DPWS library being made available to Node.js developers and can be used to deploy lightweight, efficient and scalable Web Services over heterogeneous nodes, including devices with limited resources. A performance evaluation on typical embedded devices validates the benefits of Node.DPWS compared...

Research paper thumbnail of The Green Blockchains of Circular Economy

Electronics, 2021

Eco-friendly systems are necessitated nowadays, as the global consumption is increasing. A data-d... more Eco-friendly systems are necessitated nowadays, as the global consumption is increasing. A data-driven aspect is prominent, involving the Internet of Things (IoT) as the main enabler of a Circular Economy (CE). Henceforth, IoT equipment records the system’s functionality, with machine learning (ML) optimizing green computing operations. Entities exchange and reuse CE assets. Transparency is vital as the beneficiaries must track the assets’ history. This article proposes a framework where blockchaining administrates the cooperative vision of CE-IoT. For the core operation, the blockchain ledger records the changes in the assets’ states via smart contracts that implement the CE business logic and are lightweight, complying with the IoT requirements. Moreover, a federated learning approach is proposed, where computationally intensive ML tasks are distributed via a second contract type. Thus, “green-miners” devote their resources not only for making money, but also for optimizing operat...

Research paper thumbnail of Analysis and composition of security primitives towards a framework that safeguards the confidentiality, integrity and availability of embedded systems: uSPBM - a secure policy - based management framework for ubiquitous smart devices

Research paper thumbnail of Towards IoT Orchestrations with Security, Privacy, Dependability and Interoperability Guarantees

2019 IEEE Global Communications Conference (GLOBECOM)

The advent of the Internet of Things opens a plethora of possibilities, provided the research and... more The advent of the Internet of Things opens a plethora of possibilities, provided the research and industry communities are able to overcome a number of challenges such as the dynamicity, scalability, heterogeneity and end-to-end security and privacy requirements of such environments. Motivated by these challenges, this paper proposes leveraging architectural patterns to provide, in an integrated manner, security, dependability, privacy, and interoperability guarantees, across horizontal and vertical compositional structures of IoT applications. The pattern language design process and definition is presented, along with an implementation enabling the automated, pattern- driven property verification and adaptation of IoT orchestrations.

Research paper thumbnail of Model-Driven Cyber Range Training: A Cyber Security Assurance Perspective

Computer Security

Security demands are increasing for all types of organisations due to the ever-closer integration... more Security demands are increasing for all types of organisations due to the ever-closer integration of computing infrastructures and smart devices into all aspects of the organisational operations. Consequently, the need for security-aware employees in every role of an organisation increases in accordance. Cyber Range training emerges as a promising solution, allowing employees to train in both realistic environments and scenarios and gain hands-on experience in security aspects of varied complexity, depending on their role and level of expertise. To that end, this work introduces a model-driven approach for Cyber Range training that facilitates the generation of tailor-made training scenarios based on a comprehensive model-based description of the organisation and its security postures. Additionally, our approach facilitates the automated deployment of such training environments, tailored to each defined scenario, through simulation and emulation means. To further highlight the usability of the proposed approach, this work also presents scenarios focusing on phishing threats, with increasing level of complexity and difficulty.

Research paper thumbnail of WARDOG: Awareness detection watchbog for Botnet infection on the host device

IEEE Transactions on Sustainable Computing

Botnets constitute nowadays one of the most dangerous security threats worldwide. High volumes of... more Botnets constitute nowadays one of the most dangerous security threats worldwide. High volumes of infected machines are controlled by a malicious entity and perform coordinated cyber-attacks. The problem will become even worse in the era of the Internet of Things (IoT) as the number of insecure devices is going to be exponentially increased. This paper presents WARDOG-an awareness and digital forensic system that informs the end-user of the botnet's infection, exposes the botnet infrastructure, and captures verifiable data that can be utilized in a court of law. The responsible authority gathers all information and automatically generates a unitary documentation for the case. The document contains undisputed forensic information, tracking all involved parties and their role in the attack. The deployed security mechanisms and the overall administration setting ensures non-repudiation of performed actions and enforces accountability. The provided properties are verified through theoretic analysis. In simulated environment, the effectiveness of the proposed solution, in mitigating the botnet operations, is also tested against real attack strategies that have been captured by the FORTHcert honeypots, overcoming state-of-the-art solutions. Moreover, a preliminary version is implemented in real computers and IoT devices, highlighting the low computational/communicational overheads of WARDOG in the field.

Research paper thumbnail of Hardware Implementation of a System Classifying the Optoacoustic Signature of Insects Wing-Flap

In this paper we present a standalone hardware-implemented system that performs all signal proces... more In this paper we present a standalone hardware-implemented system that performs all signal processing stages necessary to classify the species of insects based on their wing-flap imprint as they fly. The recognizer classifies insect's wing-beat recordings from an array of phototransistors receiving light from an infrared LED or laser. The wing-beat recording is based on the interruption of the emitted light due to the partial occlusion from insect's wings as they fly in typical traps. The classification module and the optoelectronic sensor are inserted in typical insect traps and perform detection, counting , recognition and transmission of results automatically. This work emphasizes the hardware implementation of the classifier performing all steps starting from the analog input to the final transmission of results. We give all necessary implementation details needed to construct all circuit boards. We show recognition results for four insect species. We believe that once optimized the optoacoustic sensor and the standalone recognizer has the potential to revolutionize the way insect monitoring is carried out for a series of insects with large economic impact.

Research paper thumbnail of Pattern-Driven Security, Privacy, Dependability and Interoperability Management of IoT Environments

2019 IEEE 24th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD)

Achieving Security, Privacy, Dependability and Interoperability (SPDI) is of paramount importance... more Achieving Security, Privacy, Dependability and Interoperability (SPDI) is of paramount importance for the ubiquitous deployment and impact maximization of Internet of Things (IoT) applications. Nevertheless, said requirements are not only difficult to achieve at system initialization, but also hard to prove and maintain at run-time. This paper highlights an approach to tackling the above challenges, through the definition of pattern language and a framework that can guarantee SPDI in IoT orchestrations. By integrating pattern reasoning engines at the various layers of the IoT infrastructure, and a machineprocessable representation of said pattern through Drools rules, the proposed framework can provide ways to fulfill SPDI requirements at design time, and also provide the means to guarantee those SPDI properties and manage the orchestrations accordingly. Moreover, an application example of the framework is presented in an Industrial IoT monitoring environment.

Research paper thumbnail of CloudNet Anti-malware Engine: GPU-Accelerated Network Monitoring for Cloud Services

Lecture Notes in Computer Science

In the modern applications for Internet-of-Things (IoT) and Cyber-Physical Systems (CPSs) heterog... more In the modern applications for Internet-of-Things (IoT) and Cyber-Physical Systems (CPSs) heterogeneous embedded devices exchange high volumes of data. Interconnection with cloud services is becoming popular. Thus, enhanced security is imperative but network monitoring is computational intensive. Parallel programming utilizing Graphics Processing Units (GPUs) is a well-tried practice for drastically reducing the computation time in computation intensive domains. This paper presents CloudNeta lightweight and efficient GPU-accelerated anti-malware engine, utilizing the CUDA General Purpose GPU (GPGPU). The core of the system computes the digests of files using a CUDA-optimized SHA-3 hashing mechanism. Malware digests are stored in a data structure so that detection checks take place as network traffic is processed. Work includes a comparative analysis for three types of data structures (hash table, tree, and array) to identify the most appropriate for this specific field. We develop several versions of two basic variations of applications, including performance comparisons of GPU-accelerated implementation to the reference and optimized CPU implementations. The CloudNet is developed in order to protect CPSs that communicate information to the industrial cloud. A trace of an industrial wind park traffic is utilized for the evaluation of CloudNet, achieving two times faster network monitoring than typical CPU solutions.

Research paper thumbnail of The CE-IoT Framework for Green ICT Organizations: The interplay of CE-IoT as an enabler for green innovation and e-waste management in ICT

2019 15th International Conference on Distributed Computing in Sensor Systems (DCOSS), 2019

The growth of the global middle class provokes significant increment in product consumption. As t... more The growth of the global middle class provokes significant increment in product consumption. As the available resources are limited, Circular Economy (CE) raises as a promising initiative towards the sustainable development. Except from the traditional approaches of reusing or recycling products, the current trend utilizes modern computer technologies and involves a data-driven aspect. The Internet of Things (IoT) is the main enabler for the integration of CE with technology. This paper proposes a framework for implementing the cooperative vision of CE and IoT. Via this solution, a pilot system is developed in a medium size telecommunication company for administrating the lifecycle of the deployed electronic equipment and the management of the related supply chains. Mechanisms and devices are maintained/repaired/fabricated in a regular basis, green computing techniques are efficiently applied, and the productive period is prolonged. When the business upgrades the system, the retired...

Research paper thumbnail of The Green Blockchains of Circular Economy

Electronics

Eco-friendly systems are necessitated nowadays, as the global consumption is increasing. A data-d... more Eco-friendly systems are necessitated nowadays, as the global consumption is increasing. A data-driven aspect is prominent, involving the Internet of Things (IoT) as the main enabler of a Circular Economy (CE). Henceforth, IoT equipment records the system’s functionality, with machine learning (ML) optimizing green computing operations. Entities exchange and reuse CE assets. Transparency is vital as the beneficiaries must track the assets’ history. This article proposes a framework where blockchaining administrates the cooperative vision of CE-IoT. For the core operation, the blockchain ledger records the changes in the assets’ states via smart contracts that implement the CE business logic and are lightweight, complying with the IoT requirements. Moreover, a federated learning approach is proposed, where computationally intensive ML tasks are distributed via a second contract type. Thus, “green-miners” devote their resources not only for making money, but also for optimizing operat...

Research paper thumbnail of SPD-Safe: Secure Administration of Railway Intelligent Transportation Systems

Electronics, 2021

The railway transport system is critical infrastructure that is exposed to numerous man-made and ... more The railway transport system is critical infrastructure that is exposed to numerous man-made and natural threats, thus protecting this physical asset is imperative. Cyber security, privacy, and dependability (SPD) are also important, as the railway operation relies on cyber-physical systems (CPS) systems. This work presents SPD-Safe—an administration framework for railway CPS, leveraging artificial intelligence for monitoring and managing the system in real-time. The network layer protections integrated provide the core security properties of confidentiality, integrity, and authentication, along with energy-aware secure routing and authorization. The effectiveness in mitigating attacks and the efficiency under normal operation are assessed through simulations with the average delay in real equipment being 0.2–0.6 s. SPD metrics are incorporated together with safety semantics for the application environment. Considering an intelligent transportation scenario, SPD-Safe is deployed on ...

Research paper thumbnail of Pattern-Driven Security, Privacy, Dependability and Interoperability Management of IoT Environments

2019 IEEE 24th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), 2019

Achieving Security, Privacy, Dependability and Interoperability (SPDI) is of paramount importance... more Achieving Security, Privacy, Dependability and Interoperability (SPDI) is of paramount importance for the ubiquitous deployment and impact maximization of Internet of Things (IoT) applications. Nevertheless, said requirements are not only difficult to achieve at system initialization, but also hard to prove and maintain at run-time. This paper highlights an approach to tackling the above challenges, through the definition of pattern language and a framework that can guarantee SPDI in IoT orchestrations. By integrating pattern reasoning engines at the various layers of the IoT infrastructure, and a machine-processable representation of said pattern through Drools rules, the proposed framework can provide ways to fulfill SPDI requirements at design time, and also provide the means to guarantee those SPDI properties and manage the orchestrations accordingly. Moreover, an application example of the framework is presented in an Industrial IoT monitoring environment.

Research paper thumbnail of CloudNet Anti-malware Engine: GPU-Accelerated Network Monitoring for Cloud Services

In the modern applications for Internet-of-Things (IoT) and Cyber-Physical Systems (CPSs) heterog... more In the modern applications for Internet-of-Things (IoT) and Cyber-Physical Systems (CPSs) heterogeneous embedded devices exchange high volumes of data. Interconnection with cloud services is becoming popular. Thus, enhanced security is imperative but network monitoring is computational intensive. Parallel programming utilizing Graphics Processing Units (GPUs) is a well-tried practice for drastically reducing the computation time in computation intensive domains. This paper presents CloudNet – a lightweight and efficient GPU-accelerated anti-malware engine, utilizing the CUDA General Purpose GPU (GPGPU). The core of the system computes the digests of files using a CUDA-optimized SHA-3 hashing mechanism. Malware digests are stored in a data structure so that detection checks take place as network traffic is processed. Work includes a comparative analysis for three types of data structures (hash table, tree, and array) to identify the most appropriate for this specific field. We develo...

Research paper thumbnail of 7. Pattern-driven Security, Privacy, Dependability and Interoperability in IoT

This chapter presents the development of a pattern-driven approach for guaranteeing Security, Pri... more This chapter presents the development of a pattern-driven approach for guaranteeing Security, Privacy, Dependability and Interoperability (SPDI) properties in the IoT domain. The chapter details how SPDI patterns can be introduced to guarantee multi-layer end-to-end properties, and how the enforcement of the patterns can help and satisfy the requirements for network dependability guarantees. Moreover, it briefly evaluates the presented approach and thus demonstrates how the application of patterns offers a solution to semantic interoperability challenges in IoT environments.

Research paper thumbnail of SecRoute: End-to-end secure communications for wireless ad-hoc networks

2017 IEEE Symposium on Computers and Communications (ISCC), 2017

Railways constitute a main means of mass transportation, used by public, private, and military en... more Railways constitute a main means of mass transportation, used by public, private, and military entities to traverse long distances every day. Railway control software must collect spatial information and effectively manage these systems. Wireless sensor networks (WSNs) are an attractive solution to cover the area along-side the railway routes. In-carriage WSNs are also studied in cases of dangerous cargo transportation. The secure communication of all these devices becomes important as successful attacks can harm the railway's business operation or cause serious injuries and deaths. This paper presents SecRoute - an end-to-end secure communications scheme for wireless ad hoc networks. The scheme implements mechanisms for cryptographic communication, trusted-based routing, and policy-based access control. SecRoute and alternative schemes are modelled on the NS-2 network simulator and a comparative analysis is conducted, indicating that the proposed scheme provides enhanced protec...

Research paper thumbnail of SeMIBIoT: Secure Multi-Protocol Integration Bridge for the IoT

2018 IEEE International Conference on Communications (ICC), 2018

The Internet of Things (IoT) is gradually becoming a reality, supported by an assortment of heter... more The Internet of Things (IoT) is gradually becoming a reality, supported by an assortment of heterogeneous devices, varying from resource- starved wireless sensors to embedded devices and resource-rich backend systems, which are supplemented by a range of networking technologies and protocols. Nevertheless, this diverse ecosystem of platforms and protocols, along with the inherent limitations in processing power, energy, memory and communications bandwidth for some of the involved devices, render secure and interoperable interactions a primary concern, and an important obstacle to the introduction of novel applications, and the adoption of IoT in general. Motivated by the above, this work presents SeMIBIoT, a Secure Multi-protocol Integration Bridge for the IoT. Acting as a gateway, SeMIBIoT is able to provide hop-by-hop or end-to-end secure communications between an array of heterogeneous nodes and standardized IoT protocols, guaranteeing seamless interactions and thus alleviating s...

Research paper thumbnail of Towards a Collection of Security and Privacy Patterns

Applied Sciences, 2021

Security and privacy (SP)-related challenges constitute a significant barrier to the wider adopti... more Security and privacy (SP)-related challenges constitute a significant barrier to the wider adoption of Internet of Things (IoT)/Industrial IoT (IIoT) devices and the associated novel applications and services. In this context, patterns, which are constructs encoding re-usable solutions to common problems and building blocks to architectures, can be an asset in alleviating said barrier. More specifically, patterns can be used to encode dependencies between SP properties of individual smart objects and corresponding properties of orchestrations (compositions) involving them, facilitating the design of IoT solutions that are secure and privacy-aware by design. Motivated by the above, this work presents a survey and taxonomy of SP patterns towards the creation of a usable pattern collection. The aim is to enable decomposition of higher-level properties to more specific ones, matching them to relevant patterns, while also creating a comprehensive overview of securityand privacy-related p...

Research paper thumbnail of Lightweight cryptography for embedded systems – A comparative analysis

Abstract. As computing becomes pervasive, embedded systems are deployed in a wide range of domain... more Abstract. As computing becomes pervasive, embedded systems are deployed in a wide range of domains, including industrial systems, critical infrastructures, private and public spaces as well as portable and wearable applications. An integral part of the functionality of these systems is the storage, access and transmission of private, sensitive or even critical information. Therefore, the confidentiality and integrity of the resources and services of said devices constitutes a prominent issue that must be considered during their design. There is a variety of cryptographic mechanisms which can be used to safeguard the confidentiality and integrity of stored and transmitted information. In the context of embedded systems, however, the problem at hand is exacerbated by the resource-constrained nature of the devices, in conjunction with the persistent need for smaller size and lower production costs. This paper provides a comparative analysis of lightweight cryptographic algorithms appli...

Research paper thumbnail of VirtuWind – An SDN- and NFV-Based Architecture for Softwarized Industrial Networks

Measurement, Modelling and Evaluation of Computing Systems, 2018

VirtuWind proposes the application of Software Defined Networking (SDN) and Network Functions Vir... more VirtuWind proposes the application of Software Defined Networking (SDN) and Network Functions Virtualization (NFV) in critical infrastructure networks. We aim at introducing network programmability, reconfigurability and multi-tenant capability both inside isolated and interconnected industrial networks. Henceforth, we present the design of the VirtuWind architecture that addresses the requirements of industrial communications: granular Quality of Service (QoS) guarantees, system modularity and secure and isolated per-tenant network access. We present the functional components of our architecture and provide an overview of the appropriate realization mechanisms. Finally, we map two exemplary industrial system use-cases to the designed architecture to showcase its applicability in an exemplary industrial wind park network.

Research paper thumbnail of Node . DPWS : Efficient Web Services for the IoT

Interconnected computing systems, in various forms, will soon permeate our lives, realizing the I... more Interconnected computing systems, in various forms, will soon permeate our lives, realizing the Internet of Things (IoT) and allowing us to enjoy novel, enhanced services that promise to improve our everyday life. Nevertheless, this new reality introduces significant challenges in terms of performance, scaling, usability and interoperability. Leveraging the benefits of Service Oriented Architectures (SOAs) can help alleviate many of the issues that developers, implementers and end-users alike have to face in the context of the IoT. This work presents Node.DPWS, a novel implementation of the Devices Profile for Web Services (DPWS) based on the Node.js platform. As such, Node.DPWS is the first DPWS library being made available to Node.js developers and can be used to deploy lightweight, efficient and scalable Web Services over heterogeneous nodes, including devices with limited resources. A performance evaluation on typical embedded devices validates the benefits of Node.DPWS compared...

Research paper thumbnail of The Green Blockchains of Circular Economy

Electronics, 2021

Eco-friendly systems are necessitated nowadays, as the global consumption is increasing. A data-d... more Eco-friendly systems are necessitated nowadays, as the global consumption is increasing. A data-driven aspect is prominent, involving the Internet of Things (IoT) as the main enabler of a Circular Economy (CE). Henceforth, IoT equipment records the system’s functionality, with machine learning (ML) optimizing green computing operations. Entities exchange and reuse CE assets. Transparency is vital as the beneficiaries must track the assets’ history. This article proposes a framework where blockchaining administrates the cooperative vision of CE-IoT. For the core operation, the blockchain ledger records the changes in the assets’ states via smart contracts that implement the CE business logic and are lightweight, complying with the IoT requirements. Moreover, a federated learning approach is proposed, where computationally intensive ML tasks are distributed via a second contract type. Thus, “green-miners” devote their resources not only for making money, but also for optimizing operat...

Research paper thumbnail of Analysis and composition of security primitives towards a framework that safeguards the confidentiality, integrity and availability of embedded systems: uSPBM - a secure policy - based management framework for ubiquitous smart devices

Research paper thumbnail of Towards IoT Orchestrations with Security, Privacy, Dependability and Interoperability Guarantees

2019 IEEE Global Communications Conference (GLOBECOM)

The advent of the Internet of Things opens a plethora of possibilities, provided the research and... more The advent of the Internet of Things opens a plethora of possibilities, provided the research and industry communities are able to overcome a number of challenges such as the dynamicity, scalability, heterogeneity and end-to-end security and privacy requirements of such environments. Motivated by these challenges, this paper proposes leveraging architectural patterns to provide, in an integrated manner, security, dependability, privacy, and interoperability guarantees, across horizontal and vertical compositional structures of IoT applications. The pattern language design process and definition is presented, along with an implementation enabling the automated, pattern- driven property verification and adaptation of IoT orchestrations.

Research paper thumbnail of Model-Driven Cyber Range Training: A Cyber Security Assurance Perspective

Computer Security

Security demands are increasing for all types of organisations due to the ever-closer integration... more Security demands are increasing for all types of organisations due to the ever-closer integration of computing infrastructures and smart devices into all aspects of the organisational operations. Consequently, the need for security-aware employees in every role of an organisation increases in accordance. Cyber Range training emerges as a promising solution, allowing employees to train in both realistic environments and scenarios and gain hands-on experience in security aspects of varied complexity, depending on their role and level of expertise. To that end, this work introduces a model-driven approach for Cyber Range training that facilitates the generation of tailor-made training scenarios based on a comprehensive model-based description of the organisation and its security postures. Additionally, our approach facilitates the automated deployment of such training environments, tailored to each defined scenario, through simulation and emulation means. To further highlight the usability of the proposed approach, this work also presents scenarios focusing on phishing threats, with increasing level of complexity and difficulty.

Research paper thumbnail of WARDOG: Awareness detection watchbog for Botnet infection on the host device

IEEE Transactions on Sustainable Computing

Botnets constitute nowadays one of the most dangerous security threats worldwide. High volumes of... more Botnets constitute nowadays one of the most dangerous security threats worldwide. High volumes of infected machines are controlled by a malicious entity and perform coordinated cyber-attacks. The problem will become even worse in the era of the Internet of Things (IoT) as the number of insecure devices is going to be exponentially increased. This paper presents WARDOG-an awareness and digital forensic system that informs the end-user of the botnet's infection, exposes the botnet infrastructure, and captures verifiable data that can be utilized in a court of law. The responsible authority gathers all information and automatically generates a unitary documentation for the case. The document contains undisputed forensic information, tracking all involved parties and their role in the attack. The deployed security mechanisms and the overall administration setting ensures non-repudiation of performed actions and enforces accountability. The provided properties are verified through theoretic analysis. In simulated environment, the effectiveness of the proposed solution, in mitigating the botnet operations, is also tested against real attack strategies that have been captured by the FORTHcert honeypots, overcoming state-of-the-art solutions. Moreover, a preliminary version is implemented in real computers and IoT devices, highlighting the low computational/communicational overheads of WARDOG in the field.

Research paper thumbnail of Hardware Implementation of a System Classifying the Optoacoustic Signature of Insects Wing-Flap

In this paper we present a standalone hardware-implemented system that performs all signal proces... more In this paper we present a standalone hardware-implemented system that performs all signal processing stages necessary to classify the species of insects based on their wing-flap imprint as they fly. The recognizer classifies insect's wing-beat recordings from an array of phototransistors receiving light from an infrared LED or laser. The wing-beat recording is based on the interruption of the emitted light due to the partial occlusion from insect's wings as they fly in typical traps. The classification module and the optoelectronic sensor are inserted in typical insect traps and perform detection, counting , recognition and transmission of results automatically. This work emphasizes the hardware implementation of the classifier performing all steps starting from the analog input to the final transmission of results. We give all necessary implementation details needed to construct all circuit boards. We show recognition results for four insect species. We believe that once optimized the optoacoustic sensor and the standalone recognizer has the potential to revolutionize the way insect monitoring is carried out for a series of insects with large economic impact.

Research paper thumbnail of Pattern-Driven Security, Privacy, Dependability and Interoperability Management of IoT Environments

2019 IEEE 24th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD)

Achieving Security, Privacy, Dependability and Interoperability (SPDI) is of paramount importance... more Achieving Security, Privacy, Dependability and Interoperability (SPDI) is of paramount importance for the ubiquitous deployment and impact maximization of Internet of Things (IoT) applications. Nevertheless, said requirements are not only difficult to achieve at system initialization, but also hard to prove and maintain at run-time. This paper highlights an approach to tackling the above challenges, through the definition of pattern language and a framework that can guarantee SPDI in IoT orchestrations. By integrating pattern reasoning engines at the various layers of the IoT infrastructure, and a machineprocessable representation of said pattern through Drools rules, the proposed framework can provide ways to fulfill SPDI requirements at design time, and also provide the means to guarantee those SPDI properties and manage the orchestrations accordingly. Moreover, an application example of the framework is presented in an Industrial IoT monitoring environment.

Research paper thumbnail of CloudNet Anti-malware Engine: GPU-Accelerated Network Monitoring for Cloud Services

Lecture Notes in Computer Science

In the modern applications for Internet-of-Things (IoT) and Cyber-Physical Systems (CPSs) heterog... more In the modern applications for Internet-of-Things (IoT) and Cyber-Physical Systems (CPSs) heterogeneous embedded devices exchange high volumes of data. Interconnection with cloud services is becoming popular. Thus, enhanced security is imperative but network monitoring is computational intensive. Parallel programming utilizing Graphics Processing Units (GPUs) is a well-tried practice for drastically reducing the computation time in computation intensive domains. This paper presents CloudNeta lightweight and efficient GPU-accelerated anti-malware engine, utilizing the CUDA General Purpose GPU (GPGPU). The core of the system computes the digests of files using a CUDA-optimized SHA-3 hashing mechanism. Malware digests are stored in a data structure so that detection checks take place as network traffic is processed. Work includes a comparative analysis for three types of data structures (hash table, tree, and array) to identify the most appropriate for this specific field. We develop several versions of two basic variations of applications, including performance comparisons of GPU-accelerated implementation to the reference and optimized CPU implementations. The CloudNet is developed in order to protect CPSs that communicate information to the industrial cloud. A trace of an industrial wind park traffic is utilized for the evaluation of CloudNet, achieving two times faster network monitoring than typical CPU solutions.

Research paper thumbnail of The CE-IoT Framework for Green ICT Organizations: The interplay of CE-IoT as an enabler for green innovation and e-waste management in ICT

2019 15th International Conference on Distributed Computing in Sensor Systems (DCOSS), 2019

The growth of the global middle class provokes significant increment in product consumption. As t... more The growth of the global middle class provokes significant increment in product consumption. As the available resources are limited, Circular Economy (CE) raises as a promising initiative towards the sustainable development. Except from the traditional approaches of reusing or recycling products, the current trend utilizes modern computer technologies and involves a data-driven aspect. The Internet of Things (IoT) is the main enabler for the integration of CE with technology. This paper proposes a framework for implementing the cooperative vision of CE and IoT. Via this solution, a pilot system is developed in a medium size telecommunication company for administrating the lifecycle of the deployed electronic equipment and the management of the related supply chains. Mechanisms and devices are maintained/repaired/fabricated in a regular basis, green computing techniques are efficiently applied, and the productive period is prolonged. When the business upgrades the system, the retired...

Research paper thumbnail of The Green Blockchains of Circular Economy

Electronics

Eco-friendly systems are necessitated nowadays, as the global consumption is increasing. A data-d... more Eco-friendly systems are necessitated nowadays, as the global consumption is increasing. A data-driven aspect is prominent, involving the Internet of Things (IoT) as the main enabler of a Circular Economy (CE). Henceforth, IoT equipment records the system’s functionality, with machine learning (ML) optimizing green computing operations. Entities exchange and reuse CE assets. Transparency is vital as the beneficiaries must track the assets’ history. This article proposes a framework where blockchaining administrates the cooperative vision of CE-IoT. For the core operation, the blockchain ledger records the changes in the assets’ states via smart contracts that implement the CE business logic and are lightweight, complying with the IoT requirements. Moreover, a federated learning approach is proposed, where computationally intensive ML tasks are distributed via a second contract type. Thus, “green-miners” devote their resources not only for making money, but also for optimizing operat...

Research paper thumbnail of SPD-Safe: Secure Administration of Railway Intelligent Transportation Systems

Electronics, 2021

The railway transport system is critical infrastructure that is exposed to numerous man-made and ... more The railway transport system is critical infrastructure that is exposed to numerous man-made and natural threats, thus protecting this physical asset is imperative. Cyber security, privacy, and dependability (SPD) are also important, as the railway operation relies on cyber-physical systems (CPS) systems. This work presents SPD-Safe—an administration framework for railway CPS, leveraging artificial intelligence for monitoring and managing the system in real-time. The network layer protections integrated provide the core security properties of confidentiality, integrity, and authentication, along with energy-aware secure routing and authorization. The effectiveness in mitigating attacks and the efficiency under normal operation are assessed through simulations with the average delay in real equipment being 0.2–0.6 s. SPD metrics are incorporated together with safety semantics for the application environment. Considering an intelligent transportation scenario, SPD-Safe is deployed on ...

Research paper thumbnail of Pattern-Driven Security, Privacy, Dependability and Interoperability Management of IoT Environments

2019 IEEE 24th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), 2019

Achieving Security, Privacy, Dependability and Interoperability (SPDI) is of paramount importance... more Achieving Security, Privacy, Dependability and Interoperability (SPDI) is of paramount importance for the ubiquitous deployment and impact maximization of Internet of Things (IoT) applications. Nevertheless, said requirements are not only difficult to achieve at system initialization, but also hard to prove and maintain at run-time. This paper highlights an approach to tackling the above challenges, through the definition of pattern language and a framework that can guarantee SPDI in IoT orchestrations. By integrating pattern reasoning engines at the various layers of the IoT infrastructure, and a machine-processable representation of said pattern through Drools rules, the proposed framework can provide ways to fulfill SPDI requirements at design time, and also provide the means to guarantee those SPDI properties and manage the orchestrations accordingly. Moreover, an application example of the framework is presented in an Industrial IoT monitoring environment.

Research paper thumbnail of CloudNet Anti-malware Engine: GPU-Accelerated Network Monitoring for Cloud Services

In the modern applications for Internet-of-Things (IoT) and Cyber-Physical Systems (CPSs) heterog... more In the modern applications for Internet-of-Things (IoT) and Cyber-Physical Systems (CPSs) heterogeneous embedded devices exchange high volumes of data. Interconnection with cloud services is becoming popular. Thus, enhanced security is imperative but network monitoring is computational intensive. Parallel programming utilizing Graphics Processing Units (GPUs) is a well-tried practice for drastically reducing the computation time in computation intensive domains. This paper presents CloudNet – a lightweight and efficient GPU-accelerated anti-malware engine, utilizing the CUDA General Purpose GPU (GPGPU). The core of the system computes the digests of files using a CUDA-optimized SHA-3 hashing mechanism. Malware digests are stored in a data structure so that detection checks take place as network traffic is processed. Work includes a comparative analysis for three types of data structures (hash table, tree, and array) to identify the most appropriate for this specific field. We develo...

Research paper thumbnail of 7. Pattern-driven Security, Privacy, Dependability and Interoperability in IoT

This chapter presents the development of a pattern-driven approach for guaranteeing Security, Pri... more This chapter presents the development of a pattern-driven approach for guaranteeing Security, Privacy, Dependability and Interoperability (SPDI) properties in the IoT domain. The chapter details how SPDI patterns can be introduced to guarantee multi-layer end-to-end properties, and how the enforcement of the patterns can help and satisfy the requirements for network dependability guarantees. Moreover, it briefly evaluates the presented approach and thus demonstrates how the application of patterns offers a solution to semantic interoperability challenges in IoT environments.

Research paper thumbnail of SecRoute: End-to-end secure communications for wireless ad-hoc networks

2017 IEEE Symposium on Computers and Communications (ISCC), 2017

Railways constitute a main means of mass transportation, used by public, private, and military en... more Railways constitute a main means of mass transportation, used by public, private, and military entities to traverse long distances every day. Railway control software must collect spatial information and effectively manage these systems. Wireless sensor networks (WSNs) are an attractive solution to cover the area along-side the railway routes. In-carriage WSNs are also studied in cases of dangerous cargo transportation. The secure communication of all these devices becomes important as successful attacks can harm the railway's business operation or cause serious injuries and deaths. This paper presents SecRoute - an end-to-end secure communications scheme for wireless ad hoc networks. The scheme implements mechanisms for cryptographic communication, trusted-based routing, and policy-based access control. SecRoute and alternative schemes are modelled on the NS-2 network simulator and a comparative analysis is conducted, indicating that the proposed scheme provides enhanced protec...

Research paper thumbnail of SeMIBIoT: Secure Multi-Protocol Integration Bridge for the IoT

2018 IEEE International Conference on Communications (ICC), 2018

The Internet of Things (IoT) is gradually becoming a reality, supported by an assortment of heter... more The Internet of Things (IoT) is gradually becoming a reality, supported by an assortment of heterogeneous devices, varying from resource- starved wireless sensors to embedded devices and resource-rich backend systems, which are supplemented by a range of networking technologies and protocols. Nevertheless, this diverse ecosystem of platforms and protocols, along with the inherent limitations in processing power, energy, memory and communications bandwidth for some of the involved devices, render secure and interoperable interactions a primary concern, and an important obstacle to the introduction of novel applications, and the adoption of IoT in general. Motivated by the above, this work presents SeMIBIoT, a Secure Multi-protocol Integration Bridge for the IoT. Acting as a gateway, SeMIBIoT is able to provide hop-by-hop or end-to-end secure communications between an array of heterogeneous nodes and standardized IoT protocols, guaranteeing seamless interactions and thus alleviating s...

Research paper thumbnail of Towards a Collection of Security and Privacy Patterns

Applied Sciences, 2021

Security and privacy (SP)-related challenges constitute a significant barrier to the wider adopti... more Security and privacy (SP)-related challenges constitute a significant barrier to the wider adoption of Internet of Things (IoT)/Industrial IoT (IIoT) devices and the associated novel applications and services. In this context, patterns, which are constructs encoding re-usable solutions to common problems and building blocks to architectures, can be an asset in alleviating said barrier. More specifically, patterns can be used to encode dependencies between SP properties of individual smart objects and corresponding properties of orchestrations (compositions) involving them, facilitating the design of IoT solutions that are secure and privacy-aware by design. Motivated by the above, this work presents a survey and taxonomy of SP patterns towards the creation of a usable pattern collection. The aim is to enable decomposition of higher-level properties to more specific ones, matching them to relevant patterns, while also creating a comprehensive overview of securityand privacy-related p...