V. Kumar, G. Oikonomou, T. Tryfonas, D. Page, I. Phillips, "Digital Investigations for IPv6-Based Wireless Sensor Networks", Digital Investigation, Elsevier, 11, Supplement 2(0), pp. S66-S75, 2014 (Fourteenth Annual DFRWS Conference)
Developments in the field of Wireless Sensor Networks (WSNs) and the Internet of Things (IoT) mean that sensor devices can now be uniquely identified using an IPv6 address and, if suitably connected, can be directly reached from the Internet. This has a series of advantages but also introduces new security vulnerabilities and exposes sensor deployments to attack. A compromised Internet host can send malicious information to the system and trigger incorrect actions. Should an attack take place, post-incident analysis can reveal information about the state of the network at the time of the attack and ultimately provide clues about the tools used to implement it, or about the attacker's identity. In this paper we critically assess and analyse information retrieved from a device used for IoT networking, in order to identify the factors which may have contributed to a security breach. To achieve this, we present an approach for the extraction of RAM and flash contents from a sensor node. Subsequently, we analyse extracted network connectivity information and we investigate the possibility of correlating information gathered from multiple devices in order to reconstruct the network topology. Further, we discuss experiments and analyse how much information can be retrieved in different scenarios. Our major contribution is a mechanism for the extraction, analysis and correlation of forensic data for IPv6-based WSN deployments, accompanied by a tool which can analyse RAM dumps from devices running the Contiki Operating System (OS) and powered by 8051-based, 8-bit micro-controllers.
P. Andriotis, T. Tryfonas, G. Oikonomou, "Complexity metrics and user strength perceptions of the pattern-lock graphical authentication method", in Proc. 16th International Conference on Human-Computer Interaction (HCI 2014), ser. Lecture Notes in Computer Science, 8533, pp. 115-126, 2014 (invited)
One of the most popular contemporary graphical password approaches is the Pattern-Lock authentication mechanism that comes integrated with the Android mobile operating system. In this paper we investigate the impact of password strength meters on the selection of a perceivably secure pattern. We first define a suitable metric to measure pattern strength, taking into account the constraints imposed by the Pattern-Lock mechanism's design. We then implement an app via which we conduct a survey for Android users, retaining demographic information of responders and their perceptions on what constitutes a pattern complex enough to be secure. Subsequently, we display a pattern strength meter to the participant and investigate whether this additional prompt influences the user to change their pattern to a more effective and complex one. We also investigate potential correlations between our findings and results of a previous pilot study in order to detect any significant biases on setting a Pattern-Lock.
H. Pöhls, V. Angelakis, S. Suppan, K. Fischer, G. Oikonomou, E. Tragos, R. Rodriguez, T. Mouroutis, "RERUM: Building a Reliable IoT upon Privacy- and Security- enabled Smart Objects", in Proc. Workshop on IoT Communications and Technologies (WCNC 2014), Istanbul, Turkey, 2014
The Internet of Things (IoT) provides a platform for the interconnection of a plethora of smart objects. It has been widely accepted for providing Information and Communication Technologies (ICT) applications in many ``smart'' environments, such as cities, buildings, metering, and even agriculture. For several reasons though such applications have yet to achieve wide adoption; a major hurdle is the lack of user trust in the IoT and its role in everyday activities. RERUM, a recently started FP7 European Union project. aims to develop a framework which will allow IoT applications to consider security and privacy mechanisms early in their design phase, ensuring a configurable balance between reliability (requiring secure, trustworthy and precise data) and privacy (requiring data minimization for private information, like location). The RERUM framework will comprise an architecture, built upon novel network protocols and interfaces as well as the design of smart objects hardware. To highlight the challenges and evaluate the framework, RERUM will employ several Smart City application scenarios, which will be deployed and evaluated in real-world testbeds in two Smart Cities participating in the project. Here we detail the key technologies RERUM will investigate over the coming three years to reach its vision for IoT security, privacy and trust.
E. Tragos, V. Angelakis, A. Fragkiadakis, D. Gundlegård, C. Nechifor, G. Oikonomou, H. Pöhls, A. Gavras, "Enabling Reliable and Secure IoT-based Smart City Applications", in Proc. IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops), Budapest, Hungary, 2014
Smart Cities are considered recently as a promising solution for providing efficient services to citizens with the use of Information and Communication Technologies. With the latest advances on the Internet of Things, a new era has emerged in the Smart City domain, opening new opportunities for the development of efficient and low-cost applications that aim to improve the Quality of Life in cities. Although there is much research in this area, which has resulted in the development of many commercial products, significant parameters like reliability, security and privacy have not been considered as very important up until now. The newly launched FP7-SmartCities-2013 project RERUM aims to build upon the advances in the area of Internet of Things in Smart Cities and develop a framework to enhance reliability and security of smart city applications, with the citizen at the center of attention. This work presents four applications that will be developed within RERUM, gives a general description of the open reliability and security issues that have to be taken into account and gives an overall view of the solutions that RERUM will develop to address these issues.
T. Spyridopoulos, K. Maraslis, T. Tryfonas, G. Oikonomou, S. Li, "Managing Cyber Security Risks in Industrial Control Systems with Game Theory and Viable System Modelling", in Proc. 9th IEEE International System of Systems Engineering Conference (SOSE 2014), 2014
Cyber security risk management in Industrial Control Systems has been a challenging problem for both practitioners and the research community. Their proprietary nature along with the complexity of those systems renders traditional approaches rather insufficient and creating the need for the adoption of a holistic point of view. This paper draws upon the principles of the Viable System Model and Game Theory in order to present a novel systemic approach towards cyber security management in this field, taking into account the complex inter-dependencies and providing cost-efficient defence solutions.
V. Michopoulos, G. Oikonomou, I. Phillips, L. Guan, "CADC: Congestion Aware Duty Cycle Mechanism A Simulation Evaluation", in Proc. 19th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), 2014
In WSNs idle listening is a major source of energy consumption. Devices can maximise battery, and hence network, lifetime by keeping their radio transceivers off when not needed. We propose CADC, a new Congestion Aware Duty Cycle (DC) MAC protocol, for 6LoWPANs. This protocol uses a new mechanism for the adaptation of the Radio Duty Cycle (RDC), that reacts quickly to changing traffic loads and pat- terns. CADC is independent of network topology, operating protocols and applications and does not require any clock synchronisation between the nodes. Through simulation, we highlight that in static duty cycle MACs there is always a trade-off between energy-efficiency and performance leading to increased energy consumption and low throughput in certain networks. Additionally, it is shown that dynamic protocols can overcome the constraints observed in static DC MACs. CADC outperforms other previously proposed static and dynamic duty cycle protocols in terms of energy consumption, packet loss and goodput while it achieves competitive delay times
S. Li, G. Oikonomou, T. Tryfonas, T. Chen, L. Xu, "A distributed consensus algorithm for decision-making in service-oriented Internet of Things", Transactions on Industrial Informatics, IEEE, 10(2), pp. 1461-1468, 2014
In a service-oriented Internet of Things (IoT) deployment, it is difficult to make consensus decisions for services at different IoT edge nodes, where available information might be insufficient or overloaded. Existing statistical methods attempt to resolve the inconsistency, which requires adequate information to make decisions. Distributed Consensus Decision Making (CDM) methods can provide an efficient and reliable means of synthesizing information by using a wider range of information than existing statistical methods. In this paper, we firstly discuss service composition for the IoT, by minimizing the multi-parameter dependent matching value. Subsequently, a cluster-based distributed algorithm is proposed, whereby consensuses are first calculated locally and subsequently combined in an iterative fashion to reach global consensus. The distributed consensus method improves the robustness and trustiness of the decision process.
P. Andriotis, T. Tryfonas, G. Oikonomou, S. Li, Z. Tzermias, K. Xynos, H. Read, V. Prevelakis, "On the Development of Automated Forensic Analysis Methods for Mobile Devices", in Proc. 7th International Conference on Trust & Trustworthy Computing (TRUST 2014), ser. Lecture Notes in Computer Science, 8564, pp. 212-213, 2014
This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without explicit permission from the copyright holder.