Sotiris Ioannidis | Technical University of Crete (original) (raw)
Uploads
Papers by Sotiris Ioannidis
The Internet enables global sharing of data across organizational boundaries. Traditional access ... more The Internet enables global sharing of data across organizational boundaries. Traditional access control mechanisms are intended for one or a small number of machines under common administrative control, and rely on maintaining a centralized database of user identities. They fail to scale to a large user base distributed across multiple organizations. This survey provides a taxonomy of decentralized access control mechanisms intended for large scale, in both administrative domains and users. We identify essential properties of such access control mechanisms. We analyze popular networked file systems in the context of our taxonomy.
The upcoming November 2020 presidential elections in the United States have caused extensive disc... more The upcoming November 2020 presidential elections in the United States have caused extensive discussions on social media. A part of the content on US elections is organic, coming from users discussing their opinions of the candidates, political positions, or relevant content presented on television. Another significant part of the content generated originates from organized campaigns, both official and by astroturfing. In this study, we obtain approximately 7.5M tweets, containing 1.4M users, based on prevalent hashtags related to US election 2020, as well as the related YouTube links, contained in the Twitter dataset, likes, dislikes and comments of the videos and conduct volume, sentiment and graph analysis on the communities formed. Particularly, we study the daily traffic per prevalent hashtags and show the evolution of the retweet graph from July to September 2020, highlighting the two main entities ('Biden' and 'Trump') contained in our dataset. The results of ...
Proceedings 2019 Network and Distributed System Security Symposium
Proceedings 2019 Network and Distributed System Security Symposium
Expert Systems with Applications
ACM Transactions on Privacy and Security
Modern smartphone sensors can be leveraged for providing novel functionality and greatly improvin... more Modern smartphone sensors can be leveraged for providing novel functionality and greatly improving the user experience. However, sensor data can be misused by privacy-invasive or malicious entities. Additionally, a wide range of other attacks that use mobile sensor data have been demonstrated; while those attacks have typically relied on users installing malicious apps, browsers have eliminated that constraint with the deployment of HTML5 WebAPI. In this article, we conduct a comprehensive evaluation of the multifaceted threat that mobile web browsing poses to users by conducting a large-scale study of mobile-specific HTML5 WebAPI calls across more than 183K of the most popular websites. We build a novel testing infrastructure consisting of actual smartphones on top of a dynamic Android app analysis framework, allowing us to conduct an end-to-end exploration. In detail, our system intercepts and tracks data access in real time, from the WebAPI JavaScript calls down to the Android sy...
Proceedings of the 4th ACM International Conference on Nanoscale Computing and Communication - NanoCom '17, 2017
2017 IEEE Symposium on Computers and Communications (ISCC), Jul 1, 2017
IEEE Transactions on Information Forensics and Security
PloS one, 2017
Today, a considerable proportion of the public political discourse on nationwide elections procee... more Today, a considerable proportion of the public political discourse on nationwide elections proceeds in Online Social Networks. Through analyzing this content, we can discover the major themes that prevailed during the discussion, investigate the temporal variation of positive and negative sentiment and examine the semantic proximity of these themes. According to existing studies, the results of similar tasks are heavily dependent on the quality and completeness of dictionaries for linguistic preprocessing, entity discovery and sentiment analysis. Additionally, noise reduction is achieved with methods for sarcasm detection and correction. Here we report on the application of these methods on the complete corpus of tweets regarding two local electoral events of worldwide impact: the Greek referendum of 2015 and the subsequent legislative elections. To this end, we compiled novel dictionaries for sentiment and entity detection for the Greek language tailored to these events. We subsequ...
2015 4th International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS), 2015
Proceedings of the 9th ACM International Conference on PErvasive Technologies Related to Assistive Environments - PETRA '16, 2016
One system's data is another system's code. Users regularly exchange apparently innocuous... more One system's data is another system's code. Users regularly exchange apparently innocuous data les using e-mail and ftp. While the users view these data as passive, when they are interpreted as code by some system application, they become active". Some examples of such data are Java, JavaScript and Microsoft Word attachments, each of which are executed within the security context of the user, allowing potentially arbitrary machine access. The structure of current operating systems and user applications makes solving this problem challenging.
The Internet enables global sharing of data across organizational boundaries. Traditional access ... more The Internet enables global sharing of data across organizational boundaries. Traditional access control mechanisms are intended for one or a small number of machines under common administrative control, and rely on maintaining a centralized database of user identities. They fail to scale to a large user base distributed across multiple organizations. This survey provides a taxonomy of decentralized access control mechanisms intended for large scale, in both administrative domains and users. We identify essential properties of such access control mechanisms. We analyze popular networked file systems in the context of our taxonomy.
The upcoming November 2020 presidential elections in the United States have caused extensive disc... more The upcoming November 2020 presidential elections in the United States have caused extensive discussions on social media. A part of the content on US elections is organic, coming from users discussing their opinions of the candidates, political positions, or relevant content presented on television. Another significant part of the content generated originates from organized campaigns, both official and by astroturfing. In this study, we obtain approximately 7.5M tweets, containing 1.4M users, based on prevalent hashtags related to US election 2020, as well as the related YouTube links, contained in the Twitter dataset, likes, dislikes and comments of the videos and conduct volume, sentiment and graph analysis on the communities formed. Particularly, we study the daily traffic per prevalent hashtags and show the evolution of the retweet graph from July to September 2020, highlighting the two main entities ('Biden' and 'Trump') contained in our dataset. The results of ...
Proceedings 2019 Network and Distributed System Security Symposium
Proceedings 2019 Network and Distributed System Security Symposium
Expert Systems with Applications
ACM Transactions on Privacy and Security
Modern smartphone sensors can be leveraged for providing novel functionality and greatly improvin... more Modern smartphone sensors can be leveraged for providing novel functionality and greatly improving the user experience. However, sensor data can be misused by privacy-invasive or malicious entities. Additionally, a wide range of other attacks that use mobile sensor data have been demonstrated; while those attacks have typically relied on users installing malicious apps, browsers have eliminated that constraint with the deployment of HTML5 WebAPI. In this article, we conduct a comprehensive evaluation of the multifaceted threat that mobile web browsing poses to users by conducting a large-scale study of mobile-specific HTML5 WebAPI calls across more than 183K of the most popular websites. We build a novel testing infrastructure consisting of actual smartphones on top of a dynamic Android app analysis framework, allowing us to conduct an end-to-end exploration. In detail, our system intercepts and tracks data access in real time, from the WebAPI JavaScript calls down to the Android sy...
Proceedings of the 4th ACM International Conference on Nanoscale Computing and Communication - NanoCom '17, 2017
2017 IEEE Symposium on Computers and Communications (ISCC), Jul 1, 2017
IEEE Transactions on Information Forensics and Security
PloS one, 2017
Today, a considerable proportion of the public political discourse on nationwide elections procee... more Today, a considerable proportion of the public political discourse on nationwide elections proceeds in Online Social Networks. Through analyzing this content, we can discover the major themes that prevailed during the discussion, investigate the temporal variation of positive and negative sentiment and examine the semantic proximity of these themes. According to existing studies, the results of similar tasks are heavily dependent on the quality and completeness of dictionaries for linguistic preprocessing, entity discovery and sentiment analysis. Additionally, noise reduction is achieved with methods for sarcasm detection and correction. Here we report on the application of these methods on the complete corpus of tweets regarding two local electoral events of worldwide impact: the Greek referendum of 2015 and the subsequent legislative elections. To this end, we compiled novel dictionaries for sentiment and entity detection for the Greek language tailored to these events. We subsequ...
2015 4th International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS), 2015
Proceedings of the 9th ACM International Conference on PErvasive Technologies Related to Assistive Environments - PETRA '16, 2016
One system's data is another system's code. Users regularly exchange apparently innocuous... more One system's data is another system's code. Users regularly exchange apparently innocuous data les using e-mail and ftp. While the users view these data as passive, when they are interpreted as code by some system application, they become active". Some examples of such data are Java, JavaScript and Microsoft Word attachments, each of which are executed within the security context of the user, allowing potentially arbitrary machine access. The structure of current operating systems and user applications makes solving this problem challenging.