Publications by type in reversed chronological order. Generated by jekyll-scholar using this bib file.

Journal articles
  1. V. Kumar, S. Gunner, M. Pregnolato, P. Tully, N. Georgalas, G. Oikonomou, S. Karatzas, T. Tryfonas, "Sense (and) the City: From IoT sensors and Open Data Platforms to Urban Observatories", IET Smart Cities, pp. 1–21, 2024
    @article{Kumar-2024-IET-SmartCities, title = {Sense (and) the City: From IoT sensors and Open Data Platforms to Urban Observatories}, author = {Kumar, Vijay and Gunner, {Sam D} and Pregnolato, Maria and Tully, Patrick and Georgalas, Nektarios and Oikonomou, George and Karatzas, Stylianos and Tryfonas, Theo}, year = {2024}, journal = {IET Smart Cities}, pages = {1--21}, oa-url = {https://doi.org/10.1049/smc2.12081}, doi = {10.1049/smc2.12081}, gsid = {8208362633224586343} }
    Digitalisation and the Internet of Things (IoT) help city coun- cils improve services, increase productivity and reduce costs. City-scale monitoring of traffic and pollution enables the development of insights into low-air quality areas and the introduction of improvements. IoT provides a platform for the intelligent interconnection of everyday objects and has become an integral part of a citizen’s life. Anyone can monitor from their fitness to the air quality of their immediate environment using everyday technologies. With caveats around privacy and accuracy, such data could even complement those collected by authorities at city- scale, for validating or improving policies. In this paper we explore the hierarchies of urban sensing from citizen- to city-scale, how sensing at different levels may be interlinked, and the challenges of managing the urban IoT. We provide examples from the UK, map the data gen- eration processes across levels of urban hierarchies and discuss the role of emerging sociotechnical urban sensing infrastructures, i.e., in- dependent, open, and transparent capabilities that facilitate stakeholder engagement and collection and curation of grassroots data. We discuss how such capabilities can become a conduit for alignment of community- and city-level action via an example of tracking the use of shared electric bicycles in Bristol, UK.
  2. U. Erol, F. Raimondo, J. Pope, S. Gunner, V. Kumar, I. Mavromatis, P. Carnelli, T. Spyridopoulos, A. Khan, G. Oikonomou, "Multi-sensor, multi-device smart building indoor environmental dataset", Data in Brief, 49, pp. 109392, 2023
    @article{Erol-2023-DataInBrief, title = {Multi-sensor, multi-device smart building indoor environmental dataset}, author = {Erol, Ufuk and Raimondo, Francesco and Pope, James and Gunner, {Sam D} and Kumar, Vijay and Mavromatis, Ioannis and Carnelli, Pietro and Spyridopoulos, Theodoros and Khan, Aftab and Oikonomou, George}, journal = {Data in Brief}, volume = {49}, pages = {109392}, year = {2023}, doi = {10.1016/j.dib.2023.109392}, oa-url = {https://www.sciencedirect.com/science/article/pii/S2352340923005024}, gsid = {4439854924824988615} }
    A dataset of sensor measurements is presented. Our dataset contains discrete measurements of 8 IoT devices located in various places in a research lab at the University of Bristol. Nordic nRF52840 DK IoT devices periodically collects environmental data, such as temperature, humidity, pressure, gas, room light intensity, accelerometer; including also a measurement quality indicator. The measurements were taken every 10 seconds over a six-month period between February and September 2022. In addition, we provide Received Signal Strength Indicator (RSSI) of the IoT devices. The data files are formatted as CSV files. There are various software libraries available to access and read this file format. We provide “README.txt” file which explains the repository and how to use dataset. Each data file is named according to its creation date and, once it reaches a size of 1MB, it is compressed and archived. A new folder is created every week to store all the data files from that week automatically. The dataset can be used for drift detection such as malicious or anomaly detection algorithms. It can also be used for smart building applications like occupation detection. The dataset can be found at https://data.bris.ac.uk/data/dataset/fwlmb11wni392kodtyljkw4n2
  3. C. Morgan, J. Jameson, I. Craddock, E. Tonkin, G. Oikonomou, H. Isotalus, F. Heidarivincheh, R. McConville, G. Tourte, K. Kinnunen, A. Whone, "Understanding how people with Parkinson’s disease turn in gait from a real-world in-home dataset", Parkinsonism and Related Disorders, 105, pp. 114–122, Elsevier Science, 2022
    @article{Morgan-2022-Parkinsonism, title = {Understanding how people with Parkinson's disease turn in gait from a real-world in-home dataset}, keywords = {Remote sensing technology, Home environment, Gait analysis, Mobility, Parkinson's Disease}, author = {Morgan, {Catherine A M} and Jameson, Jack and Craddock, {Ian J} and Tonkin, {Emma L.} and Oikonomou, George and Isotalus, {Hanna Kristiina} and Heidarivincheh, Farnoosh and McConville, Ryan and Tourte, {Gregory J. L.} and Kinnunen, {Kirsi M.} and Whone, {Alan L}}, year = {2022}, volume = {105}, pages = {114--122}, journal = {Parkinsonism and Related Disorders}, publisher = {Elsevier Science}, doi = {10.1016/j.parkreldis.2022.11.007}, oa-url = {https://doi.org/10.1016/j.parkreldis.2022.11.007}, gsid = {5788287165949490938} }
    Turning in gait digital parameters may be useful in measuring disease progression in Parkinson’s disease (PD), however challenges remain over algorithm validation in real-world settings. The influence of clinician observation on turning outcomes is poorly understood. Our objective is to describe a unique in-home video dataset and explore the use of turning parameters as biomarkers in PD.Methods11 participants with PD, 11 control participants stayed in a home-like setting living freely for 5 days (with two sessions of clinical assessment), during which high-resolution video was captured. Clinicians watched the videos, identified turns and documented turning parameters.ResultsFrom 85 hours of video 3869 turns were evaluated, averaging at 22.7 turns per hour per person. 6 participants had significantly different numbers of turning steps and/or turn duration between “ON” and “OFF” medication states. Positive Spearman correlations were seen between the Movement Disorders Society-sponsored revision of the Unified Parkinson’s Disease Rating Scale III score with a) number of turning steps (rho = 0.893, p ConclusionThis study shows proof of concept that real-world free-living turn duration and number of turning steps recorded can distinguish between PD medication states and correlate with gold-standard clinical rating scale scores. It illustrates a methodology for ecological validation of real-world digital outcomes.
  4. G. Oikonomou, S. Duquennoy, A. Elsts, J. Eriksson, Y. Tanaka, N. Tsiftes, "The Contiki-NG Open Source Operating System for Next Generation IoT Devices", SoftwareX, 18, pp. 101089, 2022
    @article{Contiki-NG, title = {The Contiki-NG Open Source Operating System for Next Generation {IoT} Devices}, author = {Oikonomou, George and Duquennoy, Simon and Elsts, Atis and Eriksson, Joakim and Tanaka, Yasuyuki and Tsiftes, Nicolas}, journal = {SoftwareX}, volume = {18}, pages = {101089}, year = {2022}, issn = {2352-7110}, doi = {10.1016/j.softx.2022.101089}, oa-url = {https://doi.org/10.1016/j.softx.2022.101089}, gsid = {380550636315716590} }
    Contiki-NG (Next Generation) is an open source, cross-platform operating system for severely constrained wireless embedded devices. It focuses on dependable (reliable and secure) low-power communications and standardised protocols, such as 6LoWPAN, IPv6, 6TiSCH, RPL, and CoAP. Its primary aims are to (i) facilitate rapid prototyping and evaluation of Internet of Things research ideas, (ii) reduce time-to-market for Internet of Things applications, and (iii) provide an easy-to-use platform for teaching embedded systems-related courses in higher education. Contiki-NG started as a fork of the Contiki OS and retains many of its original features. In this paper, we discuss the motivation behind the creation of Contiki-NG, present the most recent version (v4.7), and highlight the impact of Contiki-NG through specific examples.
  5. A. Elsts, X. Fafoutis, G. Oikonomou, R. Piechocki, I. Craddock, "TSCH Networks for Health IoT: Design, Evaluation and Trials in the Wild", Trans. on Internet of Things, 1(2), ACM, 2020
    @article{elsts-2020-tiot, title = {TSCH Networks for Health IoT: Design, Evaluation and Trials in the Wild}, author = {Elsts, Atis and Fafoutis, Xenofon and Oikonomou, George and Piechocki, Robert and Craddock, Ian}, journal = {Trans. on Internet of Things}, publisher = {ACM}, year = {2020}, volume = {1}, number = {2}, oa-url = {https://atiselsts.github.io/2015/04/publications.html}, gsid = {6923216158561975838}, doi = {10.1145/3366617} }
    Sensing technology and the emerging Internet of Things (IoT) have the potential to solve major societal challenges associated with healthcare provision. Yet, to fully meet this potential, Health IoT applications must be supported by dependable data collection infrastructures. In this context, low-power wireless protocols for residential Health IoT applications are characterized by high reliability requirements, the need for an energy-efficient operation, and the need to operate robustly in diverse environments and in presence of external interference. To address these challenges, we enhance the Time-Slotted Channel Hopping (TSCH) protocol from the IEEE 802.15.4 standard with a new schedule and an adaptive channel selection mechanism to increase its performance in this domain. Our evaluation in a test house shows that for our e-Health application, the enhanced system shows better results than both the standard TSCH and state-of-the-art options such as the SmartMesh IP stack, the Orchestra scheduler, and the 6top distributed scheduling mechanism. Results from 29 long-term residential deployments confirm the suitability for the application. The results show 99.96% average reliability in the uncontrolled environments for networks that generate 7.5 packets per second on the average.
  6. R. Piyare, G. Oikonomou, A. Elsts, "TSCH for Long Range Low Data Rate Applications", IEEE Access, 8, pp. 228754–228766, IEEE, 2020
    @article{elsts-2020-tsch-for-long-range, title = {TSCH for Long Range Low Data Rate Applications}, author = {Piyare, Rajeev and Oikonomou, George and Elsts, Atis}, year = {2020}, month = dec, day = {23}, doi = {10.1109/ACCESS.2020.3046769}, volume = {8}, pages = {228754--228766}, journal = {IEEE Access}, publisher = {IEEE}, gsid = {2148209372833723149}, oa-url = {https://doi.org/10.1109/ACCESS.2020.3046769} }
    The TSCH (Time Slotted Channel Hopping) protocol from the IEEE 802.15.4-2015 standard is known to be suitable for highly reliable applications in low-power networks of severely constrained wireless embedded devices. Most of the research on TSCH has focused on the 2.4GHz frequency band. The present work extends the TSCH protocol to low data rate applications using the sub-GHz frequency bands for an increased link budget. We introduce multiple improvements on top of the standard TSCH, namely, a special schedule for the network’s root nodes and their direct neighbors, as well as the option to have multiple root nodes in a single TSCH network. Experimental results in a testbed and a real-world deployment show that after applying the improvements, the network meets application requirements and provides reliable and energy-efficient operation.
  7. M. Haubro, C. Orfanidis, G. Oikonomou, X. Fafoutis, "TSCH-over-LoRA: Long Range and Reliable IPv6 Multi-hop Networks for the Internet of Things", Internet Technology Letters, 3(4), Wiley, 2020
    @article{fafoutis-2020-lora-tsch, title = {TSCH-over-LoRA: Long Range and Reliable IPv6 Multi-hop Networks for the Internet of Things}, author = {Haubro, Martin and Orfanidis, Charalampos and Oikonomou, George and Fafoutis, Xenofon}, journal = {Internet Technology Letters}, publisher = {Wiley}, year = {2020}, oa-url = {https://doi.org/10.1002/itl2.165}, doi = {10.1002/itl2.165}, gsid = {6334573030319870603}, volume = {3}, number = {4} }
    TSCH-over-LoRa is a long range and reliable IPv6 multi-hop solution that aims at combining the reliability of TSCH (Time-Slotted, Channel Hopping) together with the long range capabilities of LoRa. TSCH-over-LoRa brings mesh IPv6 networking to LoRa devices, enabling the use of standard protocols (such as RPL, UDP, and CoAP) and long range operation to TSCH/6TiSCH industrial wireless IoT networks. We design, implement, and integrate TSCH-over-LoRa into the TSCH/6TiSCH networking stack of the Contiki-NG operating system and experimentally demonstrate its compatibility with higher-level protocols and its resilience to interference.
  8. M. Baddeley, A. Stanoev, U. Raza, G. Oikonomou, R. Nejabati, D. Simeonidou, M. Sooriyabandara, "Atomic-SDN: Is Synchronous Flooding the Solution to Software-Defined Networking in IoT?", IEEE Access, 7(1), pp. 96019–96034, IEEE, 2019
    @article{Baddeley-2019-access, title = {Atomic-SDN: Is Synchronous Flooding the Solution to Software-Defined Networking in IoT?}, author = {Baddeley, Michael and Stanoev, Aleksandar and Raza, Usman and Oikonomou, George and Nejabati, Reza and Simeonidou, Dimitra and Sooriyabandara, Mahesh}, journal = {IEEE Access}, year = {2019}, volume = {7}, number = {1}, publisher = {IEEE}, pages = {96019--96034}, gsid = {17470899592040512837}, doi = {10.1109/ACCESS.2019.2920100}, oa-url = {http://dx.doi.org/10.1109/ACCESS.2019.2920100} }
    The adoption of Software Defined Networking (SDN) within traditional networks has provided operators the ability to manage diverse resources and easily reconfigure networks as requirements change. Recent research has extended this concept to IEEE 802.15.4 low-power wireless networks, which form a key component of the Internet of Things (IoT). However, the multiple traffic patterns necessary for SDN control makes it difficult to apply this approach to these highly challenging environments. This paper presents Atomic-SDN, a highly reliable and low-latency solution for SDN in low-power wireless. Atomic-SDN introduces a novel Synchronous Flooding (SF) architecture capable of dynamically configuring SF protocols to satisfy complex SDN control requirements, and draws from the authors’ previous experiences in the IEEE EWSN Dependability Competition: where SF solutions have consistently outperformed other entries. Using this approach, Atomic-SDN presents considerable performance gains over other SDN implementations for low-power IoT networks. We evaluate Atomic-SDN through simulation and experimentation, and show how utilizing SF techniques provides latency and reliability guarantees to SDN control operations as the local mesh scales. We compare Atomic-SDN against other SDN implementations based on the IEEE 802.15.4 network stack, and establish that Atomic-SDN improves SDN control by orders-of-magnitude across latency, reliability, and energy-efficiency metrics.
  9. G. Margelis, X. Fafoutis, G. Oikonomou, R. Piechocki, T. Tryfonas, P. Thomas, "Efficient DCT-based Secret Key Generation for the Internet of Things", Ad Hoc Networks, 92, Elsevier, 2019
    @article{Margelis-2018-AdHoc, author = {Margelis, George and Fafoutis, Xenofon and Oikonomou, George and Piechocki, Robert and Tryfonas, Theo and Thomas, Paul}, title = {Efficient DCT-based Secret Key Generation for the Internet of Things}, journal = {Ad Hoc Networks}, publisher = {Elsevier}, year = {2019}, volume = {92}, gsid = {5818991158831943032}, doi = {10.1016/j.adhoc.2018.08.014}, oa-url = {https://www.sciencedirect.com/science/article/pii/S1570870518305948} }
    Internet of Things (IoT) Security is critical, and the most widely employed method to ensure robust confidentiality is cryptography. However, establishing cryptographically secure communication links between two transceivers requires the pre-agreement on some key, unknown to an external attacker. In recent years there has been growing interest in techniques that generate a shared random key through observation of the channel and its effects on the exchanged messages. In this work we present SKYGlow, a novel scheme for secret-key generation, designed for low-power IoT devices and tested on IEEE 802.15.4 transceivers. We first examine the practical upper bounds of the maximum length of the secret-key that can be generated by communicating IEEE 802.15.4 devices. We contrast that upper-bound with the current state-of-the-art, and elaborate on the workings of our proposed scheme. SKYGlow applies the Discreet Cosine Transform (DCT) on the Received Signal Strength (RSS) values of exchanged messages to reduce mismatches and increase correlation between the generated secret-bits. We validate the performance of our scheme on both outdoor and indoor scenarios, on the 2.4 GHz and 868 MHz ISM bands. Our experiments have resulted in the creation of 128 bit secret keys with only 65 packet exchanges and with an entropy of 0.9978 bits, making our scheme much more energy efficient compared with others in the existing literature.
  10. A. Elsts, X. Fafoutis, P. Woznowski, E. Tonkin, G. Oikonomou, R. Piechocki, I. Craddock, "Enabling Healthcare in Smart Homes: The SPHERE IoT Network Infrastructure", Communications Magazine, 56(12), pp. 164–170, IEEE, 2018
    @article{Fafoutis-2018-commag, title = {Enabling Healthcare in Smart Homes: The SPHERE IoT Network Infrastructure}, author = {Elsts, Atis and Fafoutis, Xenofon and Woznowski, {Przemyslaw R.} and Tonkin, {Emma L.} and Oikonomou, George and Piechocki, Robert and Craddock, Ian}, year = {2018}, month = dec, volume = {56}, number = {12}, pages = {164--170}, doi = {10.1109/MCOM.2017.1700791}, journal = {Communications Magazine}, publisher = {IEEE}, gsid = {14036256930428349798}, oa-url = {https://research-information.bristol.ac.uk/en/publications/enabling-healthcare-in-smart-homes(efc41bd8-5805-4108-b5ff-39d232fa9477).html} }
    Healthcare professionals currently lack the means to gather unbiased and quantitative multi-modal data about the long-term behaviors of patients in their home environments. SPHERE is a multi-modal platform of non-medical sensors for behavior monitoring in residential environments that aims to overcome this major limitation of healthcare provision through using the inherently cost-efficient and scalable technologies of the Internet of Things (IoT). One of SPHERE’s key tasks is to help to bring the next-generation low-power wireless networking and sensing technologies from the lab to the field by applying them in real-world environments. In this article we describe the highlights of SPHERE’s system requirements, architecture, practical challenges, as well as of the design and deployment lessons learned. By leveraging novel IoT technologies such as the IEEE 802.15.4 TSCH network protocol, SPHERE has achieved successful initial deployments in twelve volunteer houses at the time of writing.
  11. A. Peters, G. Oikonomou, G. Zervas, "In Compute/Memory Dynamic Packet/Circuit Switch Placement for Optically Disaggregated Data Centers", J. Opt. Commun. Netw., 10(7), pp. B164-B178, OSA, 2018
    @article{Peters-2018-ofc, title = {In Compute/Memory Dynamic Packet/Circuit Switch Placement for Optically Disaggregated Data Centers}, author = {Peters, Adaranijo and Oikonomou, George and Zervas, Georgios}, year = {2018}, journal = {J. Opt. Commun. Netw.}, publisher = {OSA}, volume = {10}, number = {7}, pages = {B164-B178}, doi = {10.1364/JOCN.10.00B164}, gsid = {14408439199561786844}, oa-url = {https://research-information.bristol.ac.uk/en/publications/in-computememory-dynamic-packetcircuit-switch-placement-for-optically-disaggregated-data-centers(d681bf01-0f67-4fcd-a80d-0cfa03ed453d).html} }
    Network function services on conventional hybrid data center (DC) architectures such as HELIOS are hard-wired and dedicated to specific network resources. This limits flexibility and performance to handle diverse traffic patterns. Furthermore, disaggregation of server resources has shown promising potential to improve resource utilization, which has been a limitation of conventional server-centric DCs. This paper presents a reconfigurable hybrid disaggregated DC (dRedBox) architecture that combines the concept of server resource disaggregation with cutting-edge software and electronic and optical technologies. The dRedBox architecture provides a remarkable amount of flexibility and connectivity through hardware-based multilayer network function service programmability. This allows for multilayer network services to be dynamically deployed at runtime to network resources and, in turn, handle diverse traffic patterns. Furthermore, this study proposes algorithms and strategies for selecting and deploying electronic packet switching and optical circuit switching function services to implement virtual machine network requests across dRedBox and conventional hybrid disaggregated architectures under different traffic patterns. Finally, the performance of the various strategies on the dRedBox and conventional hybrid disaggregated DC architectures is evaluated in terms of blocking probability, energy efficiency, network utilization, and cost. Extensive results show that, at 10% blocking probability, dRedBox architecture achieves 100% gain on VM placement and 92% energy savings compared with conventional hybrid disaggregated architectures.
  12. A. Elsts, X. Fafoutis, S. Duquennoy, G. Oikonomou, R. Piechocki, I. Craddock, "Temperature-Resilient Time Synchronization for the Internet of Things", Trans. on Industrial Informatics, 14(5), pp. 2241-2250, IEEE, 2018
    @article{Elsts-2018-tii, title = {Temperature-Resilient Time Synchronization for the Internet of Things}, author = {Elsts, Atis and Fafoutis, Xenofon and Duquennoy, Simon and Oikonomou, George and Piechocki, Robert and Craddock, Ian}, journal = {Trans. on Industrial Informatics}, publisher = {IEEE}, doi = {10.1109/TII.2017.2778746}, pages = {2241-2250}, volume = {14}, number = {5}, year = {2018}, month = may, oa-url = {https://research-information.bristol.ac.uk/en/publications/temperatureresilient-time-synchronization-for-the-internet-of-things(429dd808-1364-40e3-9c88-085f68ab37c9).html}, gsid = {999822098705616907} }
    Networks deployed in real-world conditions have to cope with dynamic, unpredictable environmental temperature changes. These changes affect the clock rate on network nodes, and can cause faster clock de-synchronization compared to situations where devices are operating under stable temperature conditions. Wireless network protocols such as Time-Slotted Channel Hopping (TSCH) from the IEEE 802.15.4-2015 standard are affected by this problem, since they require tight clock synchronization among all nodes for the network to remain operational. This paper proposes a method for autonomously compensating temperature-dependent clock rate changes. After a calibration stage, nodes continuously perform temperature measurements to compensate for clock drifts at run-time. The method is implemented on low-power IoT nodes and evaluated through experiments in a temperature chamber, indoor and outdoor environments, as well as with numerical simulations. The results show that applying the method reduces the maximum synchronization error more than 10 times. In this way, the method allows reduce the total energy spent for time synchronization, which is practically relevant concern for low data rate, low energy budget TSCH networks, especially those exposed to environments with changing temperature.
  13. X. Fafoutis, A. Vafeas, B. Janko, S. Sherratt, J. Pope, A. Elsts, E. Mellios, G. Hilton, G. Oikonomou, R. Piechocki, I. Craddock, "Designing Wearable Sensing Platforms for Healthcare in a Residential Environment", EAI Endorsed Trans. on Pervasive Health and Technology, 17(12), European Alliance for Innovation, 2017
    @article{Fafoutis-2017-eai, title = {Designing Wearable Sensing Platforms for Healthcare in a Residential Environment}, author = {Fafoutis, Xenofon and Vafeas, Antonis and Janko, Balazs and Sherratt, Simon and Pope, James and Elsts, Atis and Mellios, Evangelos and Hilton, Geoffrey and Oikonomou, George and Piechocki, Robert and Craddock, Ian}, year = {2017}, month = sep, doi = {10.4108/eai.7-9-2017.153063}, volume = {17}, journal = {EAI Endorsed Trans. on Pervasive Health and Technology}, issn = {2411-7145}, publisher = {European Alliance for Innovation}, number = {12}, gsid = {1445270239734662268}, oa-url = {https://research-information.bristol.ac.uk/en/publications/designing-wearable-sensing-platforms-for-healthcare-in-a-residential-environment(5a9756d4-c840-479d-a989-2e8bbaa9f0ff).html} }
    Wearable technologies are valuable tools that can encourage people to monitor their own well-being and facilitate timely health interventions. In this paper, we present SPW-2; a low-profile versatile wearable sensor that employs two ultra low power accelerometers and an optional gyroscope. Designed for minimum maintenance and a long-term operation outside the laboratory, SPW-2 is able to oer a battery lifetime of multiple months. Measurements on its wireless performance in a real residential environment with thick brick walls, demonstrate that SPW-2 can fully cover a room and - in most cases - the adjacent room, as well.
  14. P. Cooper, K. Maraslis, T. Tryfonas, G. Oikonomou, "An intelligent hot-desking model harnessing the power of occupancy sensing data", Journal of Facilities, 35(13/14), pp. 766-786, Emerald Group Publishing Limited, 2017
    @article{Cooper-2017-jof, title = {An intelligent hot-desking model harnessing the power of occupancy sensing data}, author = {Cooper, Peter and Maraslis, Konstantinos and Tryfonas, Theo and Oikonomou, George}, journal = {Journal of Facilities}, publisher = {Emerald Group Publishing Limited}, year = {2017}, volume = {35}, number = {13/14}, pages = {766-786}, doi = {doi.org/10.1108/F-01-2016-0014}, oa-url = {https://research-information.bristol.ac.uk/en/publications/an-intelligent-hotdesking-model-harnessing-the-power-of-occupancy-sensing(d9032bd5-17e7-4cf5-9ebe-c8138abcbc86).html}, gsid = {17022844007095112637} }
    In this paper a model is developed to harness the power of occupancy sensing in an Intelligent Hot-Desking system utilizing experimental data from a commercial office in central London. To achieve that, the model uses that data as an input in order to undertake the task of allocating the office desks to the employees in a way that will maximise their productivity based on the type of project that each employee is working on each time. In this way, and by taking into account other parameters that are involved as well, the synergy that this situation can create, can increase productivity significantly compared to the situation where employees have their desks fixed under any circumstances and also allow for expenses cut since the desks can now be less than the employees. Not only is this approach able to optimize desk utilization based on quality occupancy data, but also speculates how and by how much overall productivity increases, while proving that its benefits outweigh the costs of adopting such a system. Furthermore, this paper explores the barriers towards Intelligent Hot-Desking, including how an increase in occupancy data collection in the private sector could have key advantages for the business as an organization and the city as a whole. Ultimately, it provides a valuable and feasible use case for the use of occupancy data in smart buildings, a dataset that is perceived to be valuable yet underexplored.
  15. X. Fafoutis, L. Marchegiani, G. Papadopoulos, R. Piechocki, T. Tryfonas, G. Oikonomou, "Privacy Leakage of Physical Activity Levels in Wireless Embedded Wearable Systems", Signal Processing Letters, 24(2), pp. 136–140, IEEE, 2017
    @article{Fafoutis-2016-spl, title = {Privacy Leakage of Physical Activity Levels in Wireless Embedded Wearable Systems}, author = {Fafoutis, Xenofon and Marchegiani, Letizia and Papadopoulos, Georgios and Piechocki, Robert and Tryfonas, Theo and Oikonomou, George}, year = {2017}, doi = {10.1109/LSP.2016.2642300}, oa-url = {http://research-information.bristol.ac.uk/en/publications/privacy-leakage-of-physical-activity-levels-in-wireless-embedded-wearable-systems(4394b8d7-d8fb-4c6e-a91e-06fb9cab6c30).html}, journal = {Signal Processing Letters}, issn = {1070-9908}, publisher = {IEEE}, volume = {24}, number = {2}, pages = {136--140}, gsid = {18301989522027990431} }
    With the ubiquity of sensing technologies in our personal spaces, the protection of our privacy and the confidentiality of sensitive data becomes a major concern. In this paper, we focus on wearable embedded systems that communicate data periodically over the wireless medium. In this context, we demonstrate that private information about the physical activity levels of the wearer can leak to an eavesdropper through the physical layer. Indeed, we show that the physical activity levels strongly correlate with changes in the wireless channel that can be captured by measuring the signal strength of the eavesdropped frames. We practically validate this correlation in several scenarios in a real residential environment, using data collected by our prototype wearable accelerometer-based sensor. Lastly, we propose a privacy enhancement algorithm that
    mitigates the leakage of this private information.
  16. P. Andriotis, G. Oikonomou, A. Mylonas, T. Tryfonas, "A Study on Usability and Security Features of the Android Pattern Lock Screen", Information and Computer Security, 24(1), pp. 53–72, Emerald, 2016
    @article{Andriotis-2016-ics, title = {A Study on Usability and Security Features of the Android Pattern Lock Screen}, author = {Andriotis, Panagiotis and Oikonomou, George and Mylonas, Alexios and Tryfonas, Theo}, year = {2016}, journal = {Information and Computer Security}, publisher = {Emerald}, gsid = {5950329922045653607}, doi = {10.1108/ICS-01-2015-0001}, volume = {24}, number = {1}, pages = {53--72} }
    The Android pattern lock screen (or graphical password) is a popular user authentication method that relies on the advantages provided by the visual representation of a password, which enhance its memorability. Graphical passwords are vulnerable to attacks (e.g. shoulder surfing); thus, the need for more complex passwords becomes apparent. This paper aims to focus on the features that constitute a usable and secure pattern and investigate the existence of heuristic and physical rules that possibly dictate the formation of a pattern.
  17. P. Woznowski, D. Kaleshi, G. Oikonomou, I. Craddock, "Classification and Suitability of Sensing Technologies for Activity Recognition", Computer Communications, 89-90, pp. 34–50, 2016
    @article{Woznowski-2016-comcom, title = {Classification and Suitability of Sensing Technologies for Activity Recognition}, keywords = {activity recognition, sensors, ADL}, author = {Woznowski, {Przemyslaw R.} and Kaleshi, Dritan and Oikonomou, George and Craddock, Ian}, year = {2016}, month = sep, doi = {10.1016/j.comcom.2016.03.006}, journal = {Computer Communications}, volume = {89-90}, pages = {34--50}, gsid = {2120913581950507169}, oa-url = {https://research-information.bristol.ac.uk/en/publications/classification-and-suitability-of-sensing-technologies-for-activity-recognition(3ec963e5-7f84-4490-8181-fcfc6aec2d05).html} }
    Wider availability of sensors and sensing systems has pushed research in the direction of automatic activity recognition (AR) either for medical or other personal benefits e.g. wellness or fitness monitoring. Researchers apply different AR techniques/algorithms and use a wide range of sensors to discover home activities. However, it seems that the AR algorithms are purely technology-driven rather than informing studies on the type and quality of input required. There is an expectation to over-instrument the environment or the subjects and then develop AR algorithms, where instead the problem should be approached from a different angle i.e. what sensors (type, quality and quantity) a given algorithm requires to infer particular activities with a certain confidence? This paper introduces the concept of activity recognition, its taxonomy and familiarises the reader with sub-classes of sensor-based AR. Furthermore, it presents an overview of existing health services Telecare and Telehealth solutions, and introduces the hierarchical taxonomy of human behaviour analysis tasks. This work is a result of a systematic literature review and it presents the reader with a comprehensive set of home-based activities of daily living (ADL) and sensors proven to recognise these activities. Apart from reviewing usefulness of various sensing technologies for home-based AR algorithms, it highlights the problem of technology-driven cycle of development in this area.
  18. P. Andriotis, G. Oikonomou, T. Tryfonas, S. Li, "Highlighting Relationships of a Smartphone’s Social Ecosystem in Potentially Large Investigations", Trans. on Cybernetics, 46(9), pp. 1974–1985, IEEE, 2016
    @article{Andriotis-2016-smc, title = {Highlighting Relationships of a Smartphone’s Social Ecosystem in Potentially Large Investigations}, author = {Andriotis, Panagiotis and Oikonomou, George and Tryfonas, Theo and Li, Shancang}, month = sep, year = {2016}, journal = {Trans. on Cybernetics}, publisher = {IEEE}, volume = {46}, number = {9}, pages = {1974--1985}, doi = {10.1109/TCYB.2015.2454733}, gsid = {1213135168299493361} }
    Social media networks are becoming increasingly popular because they can satisfy diverse needs of individuals (both personal and professional). Modern mobile devices are empowered with increased capabilities, taking advantage of the technological progress that makes them smarter than their predecessors. Thus, a smartphone user is not only the phone owner, but also an entity that may have different facets and roles in various social media networks. We believe that these roles can be aggregated in a single social ecosystem, which can be derived by the smartphone. In this paper, we present our concept of the social ecosystem in contemporary devices and we attempt to distinguish the different communities that occur from the integration of social networking in our lives. In addition, we propose techniques to highlight major actors within the ecosystem. Moreover, we demonstrate our suggested visualization scheme, which illustrates the linking of entities that live in separate communities using data taken from the smartphone. Finally, we extend our concept to include various parallel ecosystems during potentially large investigations and we link influential entities in a vertical fashion. We particularly examine cases where data aggregation is performed by specific applications, producing volumes of textual data that can be analyzed with text mining methods. Our analysis demonstrates the risks of the rising “bring your own device” trend in enterprise environments.
  19. T. Spyridopoulos, K. Maraslis, A. Mylonas, T. Tryfonas, G. Oikonomou, "A Game Theoretical Method for Cost-Benefit Analysis of Malware Dissemination Prevention", Information Security Journal: A Global Perspective, 24(4-6), pp. 164–176, Taylor & Francis, 2015
    @article{Spyridopoulos-2015-isj, title = {A Game Theoretical Method for Cost-Benefit Analysis of Malware Dissemination Prevention}, journal = {Information Security Journal: A Global Perspective}, year = {2015}, publisher = {Taylor \& Francis}, author = {Spyridopoulos, Theodoros and Maraslis, Konstantinos and Mylonas, Alexios and Tryfonas, Theo and Oikonomou, George}, doi = {10.1080/19393555.2015.1092186}, pages = {164--176}, volume = {24}, number = {4-6}, gsid = {8271092279672830123} }
    Literature in malware proliferation focuses on modeling and analyzing its spread dynamics. Epidemiology models, which are inspired by the characteristics of biological disease spread in human populations, have been used against this threat to analyze the way malware spreads in a network. This work presents a modified version of the commonly used epidemiology models Susceptible Infected Recovered (SIR) and Susceptible Infected Susceptible (SIS), which incorporates the ability to capture the relationships between nodes within a network, along with their effect on malware dissemination process. Drawing upon a model that illustrates the network’s behavior based on the attacker’s and the defender’s choices, we use game theory to compute optimal strategies for the defender to minimize the effect of malware spread, at the same time minimizing the security cost. We consider three defense mechanisms: patch, removal, and patch and removal, which correspond to the defender’s strategy and use probabilistically with a certain rate. The attacker chooses the type of attack according to its effectiveness and cost. Through the interaction between the two opponents we infer the optimal strategy for both players, known as Nash Equilibrium, evaluating the related payoffs. Hence, our model provides a cost-benefit risk management framework for managing malware spread in computer networks.
  20. S. Li, G. Oikonomou, T. Tryfonas, T. Chen, L. Xu, "A distributed consensus algorithm for decision-making in service-oriented Internet of Things", Trans. on Industrial Informatics, 10(2), pp. 1461–1468, IEEE, 2014
    @article{Li-2014-tii, author = {Li, Shancang and Oikonomou, George and Tryfonas, Theo and Chen, Thomas and Xu, Li}, title = {A distributed consensus algorithm for decision-making in service-oriented Internet of Things}, journal = {Trans. on Industrial Informatics}, volume = {10}, number = {2}, pages = {1461--1468}, year = {2014}, publisher = {IEEE}, doi = {10.1109/TII.2014.2306331}, gsid = {12827813065240277184}, url = {http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6740862} }
    In a service-oriented Internet of Things (IoT) deployment, it is difficult to make consensus decisions for services at different IoT edge nodes, where available information might be insufficient or overloaded. Existing statistical methods attempt to resolve the inconsistency, which requires adequate information to make decisions. Distributed Consensus Decision Making (CDM) methods can provide an efficient and reliable means of synthesizing information by using a wider range of information than existing statistical methods. In this paper, we firstly discuss service composition for the IoT, by minimizing the multi-parameter dependent matching value. Subsequently, a cluster-based distributed algorithm is proposed, whereby consensuses are first calculated locally and subsequently combined in an iterative fashion to reach global consensus. The distributed consensus method improves the robustness and trustiness of the decision process.
  21. V. Kumar, G. Oikonomou, T. Tryfonas, D. Page, I. Phillips, "Digital Investigations for IPv6-Based Wireless Sensor Networks", Digital Investigation, 11, Supplement 2(0), pp. S66–S75, Elsevier, 2014 (Fourteenth Annual DFRWS Conference)
    @article{Kumar-2014-dfrws, author = {Kumar, Vijay and Oikonomou, George and Tryfonas, Theo and Page, Dan and Phillips, Iain}, title = {Digital Investigations for IPv6-Based Wireless Sensor Networks}, journal = {Digital Investigation}, month = aug, year = {2014}, publisher = {Elsevier}, volume = {11, Supplement 2}, number = {0}, pages = {S66--S75}, note = {Fourteenth Annual {DFRWS} Conference}, doi = {10.1016/j.diin.2014.05.005}, url = {http://www.dfrws.org/conferences/dfrws-usa-2014/sessions/digital-investigations-ipv6-based-wireless-sensor-networks}, gsid = {15425437038405595172} }
    Developments in the field of Wireless Sensor Networks (WSNs) and the Internet of Things (IoT) mean that sensor devices can now be uniquely identified using an IPv6 address and, if suitably connected, can be directly reached from the Internet. This has a series of advantages but also introduces new security vulnerabilities and exposes sensor deployments to attack. A compromised Internet host can send malicious information to the system and trigger incorrect actions. Should an attack take place, post-incident analysis can reveal information about the state of the network at the time of the attack and ultimately provide clues about the tools used to implement it, or about the attacker’s identity. In this paper we critically assess and analyse information retrieved from a device used for IoT networking, in order to identify the factors which may have contributed to a security breach. To achieve this, we present an approach for the extraction of RAM and flash contents from a sensor node. Subsequently, we analyse extracted network connectivity information and we investigate the possibility of correlating information gathered from multiple devices in order to reconstruct the network topology. Further, we discuss experiments and analyse how much information can be retrieved in different scenarios. Our major contribution is a mechanism for the extraction, analysis and correlation of forensic data for IPv6-based WSN deployments, accompanied by a tool which can analyse RAM dumps from devices running the Contiki Operating System (OS) and powered by 8051-based, 8-bit micro-controllers.
  22. P. Andriotis, G. Oikonomou, T. Tryfonas, "JPEG Steganography Detection with Benford’s Law", Digital Investigation, 9(3-4), pp. 246–257, Elsevier, 2013
    @article{Andriotis-2013-1-di, author = {Andriotis, Panagiotis and Oikonomou, George and Tryfonas, Theo}, title = {JPEG Steganography Detection with Benford's Law}, journal = {Digital Investigation}, publisher = {Elsevier}, year = {2013}, month = feb, volume = {9}, number = {3-4}, pages = {246--257}, doi = {10.1016/j.diin.2013.01.005}, gsid = {8640025567589568682}, url = {http://www.sciencedirect.com/science/article/pii/S1742287613000066} }
    In this paper we present a novel approach to the problem of steganography detection in JPEG images by applying a statistical attack. The method is based on the empirical Benford’s Law and, more specifically, on its generalised form. We prove and extend the validity of the logarithmic rule in colour images and introduce a blind steganographic method which can flag a file as a suspicious stego-carrier. The proposed method achieves very high accuracy and speed and is based on the distributions of the first digits of the quantised Discrete Cosine Transform coefficients present in JPEGs. In order to validate and evaluate our algorithm, we developed steganographic tools which are able to analyse image files and we subsequently applied them on the popular Uncompressed Colour Image Database. Furthermore, we demonstrate that not only can our method detect steganography but, if certain criteria are met, it can also reveal which steganographic algorithm was used to embed data in a JPEG file.
  23. P. Andriotis, Z. Tzermias, A. Mparmpaki, S. Ioannidis, G. Oikonomou, "Multilevel Visualization Using Enhanced Social Network Analysis with Smartphone Data", International Journal of Digital Crime and Forensics, 5(4), pp. 34–54, IGI Global, 2013
    @article{Andriotis-2013-ijdcf, author = {Andriotis, Panagiotis and Tzermias, Zacharias and Mparmpaki, Anthi and Ioannidis, Sotiris and Oikonomou, George}, title = {Multilevel Visualization Using Enhanced Social Network Analysis with Smartphone Data}, journal = {International Journal of Digital Crime and Forensics}, year = {2013}, month = oct, publisher = {IGI Global}, volume = {5}, number = {4}, doi = {10.4018/ijdcf.2013100103}, url = {http://www.igi-global.com/article/multilevel-visualization-using-enhanced-social-network-analysis-with-smartphone-data/103936}, pages = {34--54}, gsid = {17553242766499722565} }
    While technology matures and becomes more productive, mobile devices can be affordable and, consequently, fully integrated in people’s lives. After their unexpected bloom and acceptance, Online Social Networks are now sources of valuable information. We therefore use them for tasks varying from direct marketing to forensic analysis. We have already seen Social Network Forensics techniques focused on particular networks implementing methods that collect data from user accounts. During the forensic analysis it is common to aggregate information from different sources but, usually, this procedure causes correlation problems. Here, we present our method to correlate data gathered from various social networks in combination with smartphones creating a new form of social map of the user under investigation. In addition, we introduce a multi level graph that utilises the correlated information from the smartphone and the social networks and demonstrates in three dimensions the relevance of each contact with the suspect.
  24. G. Oikonomou, I. Phillips, T. Tryfonas, "IPv6 Multicast Forwarding in RPL-Based Wireless Sensor Networks", Wireless Personal Communications, 73(3), pp. 1089–1116, Springer US, 2013
    @article{Oikonomou-2013-1-wpc, author = {Oikonomou, George and Phillips, Iain and Tryfonas, Theo}, title = {IPv6 Multicast Forwarding in RPL-Based Wireless Sensor Networks}, journal = {Wireless Personal Communications}, year = {2013}, volume = {73}, number = {3}, pages = {1089--1116}, publisher = {Springer US}, doi = {10.1007/s11277-013-1250-5}, gsid = {15682302709616391961} }
    Abstract In wireless sensor deployments, network layer multicast can be used to improve the bandwidth and energy efficiency for a variety of applications, such as service discovery or network management. However, despite efforts to adopt IPv6 in networks of constrained devices, multicast has been somewhat overlooked. The Multicast Forwarding Using Trickle (Trickle Multicast) internet draft is one of the most noteworthy efforts. The specification of the IPv6 Routing Protocol for Low power and Lossy Networks (RPL) also attempts to address the area but leaves many questions unanswered. In this paper we highlight our concerns about both these approaches. Subsequently, we present our alternative mechanism, called Stateless Multicast RPL Forwarding algorithm (SMRF), which addresses the aforementioned drawbacks. Having extended the TCP/IP engine of the Contiki embedded operating system to support both Trickle Multicast (TM) and SMRF, we present an in-depth comparison, backed by simulated evaluation as well as by experiments conducted on a multi-hop hardware testbed. Results demonstrate that SMRF achieves significant delay and energy efficiency improvements at the cost of a small increase in packet loss. The outcome of our hardware experiments show that simulation results were realistic. Lastly, we evaluate both algorithms in terms of code size and memory requirements, highlighting SMRF’s low implementation complexity. Both implementations have been made available to the community for adoption.
  25. T. Spyridopoulos, G. Karanikas, T. Tryfonas, G. Oikonomou, "A Game Theoretic Defence Framework Against DoS/DDoS Cyber Attacks", Computers & Security, 38, pp. 39–50, Elsevier, 2013
    @article{Spyridopoulos-2013-1-compsec, author = {Spyridopoulos, Theodoros and Karanikas, George and Tryfonas, Theo and Oikonomou, George}, title = {A Game Theoretic Defence Framework Against DoS/DDoS Cyber Attacks}, journal = {Computers \& Security}, year = {2013}, month = oct, publisher = {Elsevier}, doi = {10.1016/j.cose.2013.03.014}, url = {http://www.sciencedirect.com/science/article/pii/S016740481300059X}, gsid = {9469142758600259804}, volume = {38}, pages = {39--50} }
    Game-theoretic approaches have been previously employed in the research area of network security in order to explore the interaction between an attacker and a defender during a Distributed Denial of Service (DDoS) attack scenario. Existing literature investigates payoffs and optimal strategies for both parties, in order to provide the defender with an optimal defence strategy. In this paper, we model a DDoS attack as a one-shot, non-cooperative, zero-sum game. We extend previous work by incorporating in our model a richer set of options available to the attacker compared to what has been previously achieved. We investigate multiple permutations in terms of the cost to perform an attack, the number of attacking nodes, malicious traffic probability distributions and their parameters. We analytically demonstrate that there exists a single optimal strategy available to the defender. By adopting it, the defender sets an upper boundary to attacker payoff, which can only be achieved if the attacker is a rational player. For all other attack strategies (those adopted by irrational attackers), attacker payoff will be lower than this boundary. We preliminary validate this model via simulations with the ns2 network simulator. The simulated environment replicates the analytical model’s parameters and the results confirm our model’s accuracy.
Conference and workshop papers
  1. A. Eker, G. Isik, T. Tryfonas, G. Oikonomou, "SmartMoveChain: A Proposal for Unified Scalable BMaaS for Smart Cities", In , 2024 (accepted, to appear)
    @inproceedings{Eker-2024-SmartMoveChain, title = {SmartMoveChain: A Proposal for Unified Scalable BMaaS for Smart Cities}, author = {Eker, Akin and Isik, {Gizay Kisa} and Tryfonas, Theo and Oikonomou, George}, year = {2024}, note = {accepted, to appear} }
    Transportation systems typically follow predefined routes, leading to a cumbersome experience, especially for users relying on multiple services daily. Mobility-as-a-Service (MaaS), proposed as a solution, integrates various mobility devices and services, including bicycles, scooters, cars, taxis, bike-sharing, and more on a single digital platform, streamlining journey planning, ticketing, and personalized travel experiences. MaaS offers various transformative benefits such as a single digital platform unifying available mobility services a cost-effective, and seamless single-ticket experience for journeys. However, there are certain challenges to be addressed such as transparency, information asymmetry, and system complexity persist. To address these challenges, Blockchain technology emerges as a solution, providing decentralisation, security, and transparency. In this work, we analysed the proposals in the literature and industry, then we identified essential features and metrics for Blockchain-supported MaaS (BMaaS) systems. Lastly, we propose this conceptual design of a scalable and unifying BMaaS system, named SmartMoveChain, addressing the existing issues in the current MaaS systems for the latter simulation process.
  2. A. Eker, T. Tryfonas, G. Oikonomou, "FlexBoT: A Scalable Architecture for Multi-Application Supporting BIoT Environments with Application Shifting at Runtime", In Proc. IFIP Networking, pp. 186–194, 2024
    @inproceedings{fe49bc463f4448128beb036f7d87b29e, title = {FlexBoT: A Scalable Architecture for Multi-Application Supporting BIoT Environments with Application Shifting at Runtime}, author = {Eker, Akin and Tryfonas, Theo and Oikonomou, George}, booktitle = {Proc. IFIP Networking}, pages = {186--194}, year = {2024}, doi = {10.23919/IFIPNetworking62109.2024.10619067}, oa-url = {https://hdl.handle.net/1983/fe49bc46-3f44-4812-8beb-036f7d87b29e}, gsid = {1794814709707166564} }
    While existing approaches that integrate IoT and blockchain technologies have demonstrated efficiency, they often exhibit limitations by focusing on a single application scenario. These proposals require specific hardware configurations, resulting reduced adaptability and manageability when transitioning to new application scenarios and updating device configurations. Though, an additional management layer could mitigate vulnerabilities, it may also introduce performance and privacy issues, particularly as the system scales up rapidly. In response, this paper introduces an architecture for Blockchain of Things (BoT) systems, providing the flexibility to accommodate multiple application scenarios within a unified hardware infrastructure. Our methodology utilizes smart contracts for system orchestration, offering an agile and cost-effective alternative. The proposed architecture is designed mainly for IoT environments, ensuring scalability without the need for centralized authority or causing network centralization and associated vulnerabilities. Moreover, it facilitates real-time application scenario transitions through smart contracts. The obtained results demonstrate the proposal’s capability to scale effectively in network size, and handle varying numbers of requests within each identified scenario type. Furthermore, the results support adoption of smart contract-based scenario transitioning in BoT environments.
  3. A. Eker, T. Tryfonas, G. Oikonomou, "Public Blockchain in Support of Transactive Energy Markets", In Proc. IEEE WF-IoT, pp. 1–6, 2023
    @inproceedings{Eker-2023-WF-IoT, title = {Public Blockchain in Support of Transactive Energy Markets}, author = {Eker, Akin and Tryfonas, Theo and Oikonomou, George}, booktitle = {Proc. IEEE WF-IoT}, year = {2023}, pages = {1--6}, doi = {10.1109/WF-IoT58464.2023.10539475}, oa-url = {https://hdl.handle.net/1983/4ba77282-ec39-4a99-ba58-973050b3fc66}, gsid = {4468283739719564817} }
    Transactive Energy Markets (TEM) have the potential to reduce wasted energy, increase the utilisation of renewable energy resources and enable independence in the energy sector. Blockchain has been utilised in TEMs in the literature aiming to acquire transparency, security and trustless operations. Though public blockhain enables leveraged transparency and fairness, the majority of proposals suggest adoption of private or consortium blockchains mainly due to performance concerns. In this paper, we created a TEM environment where consumers, prosumers and suppliers bid for price agreement upon a game theory model and then deployed it on localised Ethereum blockchain infrastructure. To compare the performance, we created a centralized TEM environment keeping all the settings the same. The obtained results show that public blockchains may be adaptable to TEMs to enhance system transparency and fairness as well as automated and trustless transactions. Conducted test results show that our proposal exhibit a similar scalability trend as the referenced centralized system.
  4. A. Andrews, G. Oikonomou, S. Armour, P. Thomas, T. Cattermole, "Reliable Identification of IoT Devices from Passive Network Traffic Analysis: Requirements and Recommendations", In Proc. IEEE WF-IoT, pp. 1–6, 2023
    @inproceedings{Andrews-2023-WF-IoT, title = {Reliable Identification of IoT Devices from Passive Network Traffic Analysis: Requirements and Recommendations}, author = {Andrews, Ashley and Oikonomou, George and Armour, Simon and Thomas, Paul and Cattermole, Thomas}, booktitle = {Proc. IEEE WF-IoT}, year = {2023}, pages = {1--6}, doi = {10.1109/WF-IoT58464.2023.10539470}, gsid = {14609532542931730506}, oa-url = {https://hdl.handle.net/1983/70065d42-dfe1-44fd-9816-565148362e66} }
    Internet of Things (IoT) devices are becoming more widespread in networks and can give malicious actors new vectors to compromise networks. Of particular concern are devices running out-of-date firmware versions with known vulnerabilities. Securing real-world IoT networks therefore relies on knowing what devices are on a network and knowing what specific firmware versions they are running. At present, though, commercial solutions that include IoT device identification are not reliable at this level of granularity, and the academic literature has largely ignored the problem. In this paper, we highlight the shortcomings present in current IoT device identification and use these observations to develop a set of lab requirements. We then present our own lab setup for providing reliable real-world IoT device identification that meets this set of requirements. Building on this work, we develop a schema for documenting device versions and event histories that accompany network packet traces as metadata.
  5. G. Isik, T. Tryfonas, G. Oikonomou, "E-scooter Sharing Platforms: Understanding their Architecture and Cybersecurity Threats", In Proc. IEEE ITSC, pp. 5909–5916, 2023
    @inproceedings{Isik-2023-ITSC, title = {E-scooter Sharing Platforms: Understanding their Architecture and Cybersecurity Threats}, author = {Isik, {Gizay Kisa} and Tryfonas, Theo and Oikonomou, George}, booktitle = {Proc. IEEE ITSC}, year = {2023}, pages = {5909--5916}, doi = {10.1109/ITSC57777.2023.10421849}, gsid = {17265766491278275727}, oa-url = {https://hdl.handle.net/1983/b37a6d59-196b-4a39-8211-efb7f4065e63} }
    E-scooter sharing platforms (ESPs) offer fast, affordable and flexible urban mobility solutions, with numerous benefits such as reducing traffic congestion, air pollution and carbon emissions. However, the long-term sustainability of the platform could be challenged by the threats and risks it faces because these can negatively impact the system and its users. The potential consequences may include the abuse of system resources, manipulation, denial of service (DoS) or data loss. In addition, breaches of users’ personal information endanger the reputation of companies and the privacy and security of users. This paper describes a typical ESP system architecture so as to provide a better understanding of the potential threats it faces. The paper also presents a categorization of the risks so as to provide solutions. Risks include data breaches, privacy violations, service disruptions, DoS attacks, firmware and software vulnerabilities, GPS spoofing and breaches of physical security, including theft and vandalism. The paper contributes to the progress and development of ESP and supports the development of effective strategies for its long-term sustainability and security.
  6. A. Eker, T. Tryfonas, G. Oikonomou, "A Conceptual Architecture for Scalable Multi-Application Support in Blockchain-based IoT Environments", In Proc. IEEE INDIN, 2023
    @inproceedings{Eker-2023-Indin, title = {A Conceptual Architecture for Scalable Multi-Application Support in Blockchain-based IoT Environments}, author = {Eker, Akin and Tryfonas, Theo and Oikonomou, George"}, booktitle = {Proc. IEEE INDIN}, year = {2023}, doi = {10.1109/INDIN51400.2023.10217952}, gsid = {13025039823118482442}, oa-url = {https://hdl.handle.net/1983/7005a8c8-97ef-4b89-9e35-f2ced4cdd966} }
    Existing proposals that merge IoT with blockchain technologies have been efficient but often limited to a single application scenario. They require specific hardware setups, thus in case of switching to a new application scenario, they may become ineffective and require a new hardware setup. In this paper, we present a new blockchain-based architecture for IoT environments that addresses one of the fundamental challenges in the area which is the capability of supporting multiple application scenarios. The proposed architecture enables transitioning between various application scenarios via smart contracts and configuration files stored on blockchain. The architecture, additionally, addresses scalability concerns of the blockchain-based IoT systems through a cluster-based approach which provides a more flexible and secure solution.
  7. C. Paschou, F. Raimondo, M. Gugala, D. Mcewan, J. Pope, G. Oikonomou, "CRICKET: A Practical Physical Layer Key Agreement Protocol for IoT Networks", In Proc. IEEE ICC, pp. 4521–4527, 2023
    @inproceedings{Paschou-2023-Cricket, title = {{CRICKET: A Practical Physical Layer Key Agreement Protocol for IoT Networks}}, author = {Paschou, Chrys and Raimondo, Francesco and Gugala, Michael and Mcewan, Dave and Pope, James and Oikonomou, George}, booktitle = {Proc. IEEE ICC}, year = {2023}, pages = {4521--4527}, oa-url = {https://hdl.handle.net/1983/af973911-7f06-4e3b-bcad-90d556321d3d}, doi = {10.1109/ICC45041.2023.10278817}, gsid = {10474241819155408100} }
    Physical Layer Key Generation (PLKG) is an attractive method for solving the key distribution problem in IoT networks. Although PLKG has a much lower complexity when compared to public key cryptography, it is not always practical in resource-constrained networks due to a high reconciliation cost. Channel Reciprocity for KEy Transmission (CRicKET) is an ultra-lightweight key agreement method that exploits channel reciprocity for securely transmitting a key generated at one end of a single-hop network. The key disagreement rate can be arbitrarily chosen without increasing the computational complexity. Analytical results allow design optimisation and derive the entropy requirement for perfect secrecy. The practicality of CRicKET is successfully tested on a series of IoT boards connected to a wireless network.
  8. U. Erol, F. Raimondo, J. Pope, S. Gunner, V. Kumar, I. Mavromatis, P. Carnelli, T. Spyridopoulos, A. Khan, G. Oikonomou, "Evaluating Concept Drift Detectors on Real-World Data", In , pp. 397–402, 2023
    @inproceedings{Erol-2023-EWSN, title = {Evaluating Concept Drift Detectors on Real-World Data}, author = {Erol, Ufuk and Raimondo, Francesco and Pope, James and Gunner, {Sam D} and Kumar, Vijay and Mavromatis, Ioannis and Carnelli, Pietro and Spyridopoulos, Theodoros and Khan, Aftab and Oikonomou, George}, pages = {397--402}, year = {2023}, gsid = {1441085897791885294}, oa-url = {https://orca.cardiff.ac.uk/id/eprint/161398/} }
    Cloud-IoT deployments are ubiquitous and employed in various application domains, including smart buildings. Often employed in public spaces, IoT devices are exposed to various security threats. One such attack is "anomalous concept drift". It occurs when an attacker tampers with a device causing it to report realistic sensor data that slowly deviates from the correct value. Evaluating concept drift detectors on real-world data is ideal. Though many indoor datasets exist, our real-world dataset provides a natural, long-term collection of indoor environmental sensor readings over six months. The dataset consists of environmental sensor samples collected via eight IoT devices in a real office setting. The dataset is particularly useful for evaluating concept drift detection algorithms as spatial aspects can be used along with the signals. The dataset has been made openly available, and in this paper we use it to inject malicious concept drifts and to evaluate the performance of several drift detection techniques. The injection tool’s source code is also publicly available.
  9. I. Mavromatis, A. Sanchez Mompo, F. Raimondo, J. Pope, M. Bullo, I. Weeks, V. Kumar, P. Carnelli, G. Oikonomou, T. Spyridopoulos, A. Khan, "LE3D: A Lightweight Ensemble Framework of Data Drift Detectors for Resource-Constrained Devices", In Proc. IEEE CCNC, 2023
    @inproceedings{Mavromatis-2023-ccnc, title = {LE3D: A Lightweight Ensemble Framework of Data Drift Detectors for Resource-Constrained Devices}, author = {Mavromatis, Ioannis and {Sanchez Mompo}, Adrian and Raimondo, Francesco and Pope, James and Bullo, Marcello and Weeks, Ingram and Kumar, Vijay and Carnelli, Pietro and Oikonomou, George and Spyridopoulos, Theodoros and Khan, Aftab}, booktitle = {Proc. IEEE CCNC}, year = {2023}, doi = {10.1109/CCNC51644.2023.10060415}, gsid = {7570424467549429359}, oa-url = {https://hdl.handle.net/1983/bf5f376e-c282-44e5-a7e4-c3f3ae1f8d9f} }
    Data integrity becomes paramount as the number of Internet of Things (IoT) sensor deployments increases. Sensor data can be altered by benign causes or malicious actions. Mechanisms that detect drifts and irregularities can preventdisruptions and data bias in the state of an IoT application. This paper presents LE3D, an ensemble framework of data drift estimators capable of detecting abnormal sensor behaviours. Working collaboratively with surrounding IoT devices, the type of drift (natural/abnormal) can also be identified and reportedto the end-user. The proposed framework is a lightweight and unsupervised implementation able to run on resource-constrained IoT devices. Our framework is also generalisable, adapting to new sensor streams and environments with minimal online reconfiguration. We compare our method against state-of-the-artensemble data drift detection frameworks, evaluating both the real-world detection accuracy as well as the resource utilisation of the implementation. Experimenting with real-world data and emulated drifts, we show the effectiveness of our method, which achieves up to 97% of detection accuracy while requiring minimal resources to run.
  10. A. Andrews, G. Oikonomou, S. Armour, P. Thomas, T. Cattermole, "Granular IoT Device Identification Using TF-IDF and Cosine Similarity", In Proceedings of the 5th Workshop on CPS&IoT Security and Privacy, pp. 91–99, 2023
    @inproceedings{Andrews-2023-cpsiotsec, title = {Granular IoT Device Identification Using TF-IDF and Cosine Similarity}, author = {Andrews, Ashley and Oikonomou, George and Armour, Simon and Thomas, Paul and Cattermole, Thomas}, booktitle = {Proceedings of the 5th Workshop on CPS&IoT Security and Privacy}, pages = {91--99}, year = {2023}, oa-url = {https://doi.org/10.1145/3605758.3623492}, doi = {10.1145/3605758.3623492}, gsid = {10416430505967466923} }
    Internet of things (IoT) devices are becoming more prevalent in home environments and are shown to be generally insecure. There have been many previous studies looking to identify unknown IoT devices on networks. To truly secure a network however, there is a need to identify unknown devices down to the granularity of firmware version; a problem previous studies have failed to solve. As devices change versions, it is expected that there would be subtle differences in the on-wire signatures that would be hard for a human analyst to notice, but easy for an NLP technique to identify. In this paper we extract keywords from both encrypted and unencrypted network traffic and first use UMAP with K-Means clustering to visualise the data and show that natural clusters form across our test dataset of 18 devices covering 61 versions. This analysis suggests that there are underlying patterns in the extracted keywords that could be detected by machine learning techniques. We then show that these patterns can be detected by proposing a novel technique using TF-IDF and cosine similarity that follows the clustering results to identify IoT devices down to the level of firmware version. We show that our chosen features are strong enough to work accurately across a range of device types, manufacturers, models and versions, and note the main observations found when trying to identify devices down to a firmware version. This approach to get granularity down to device version level achieves an accuracy of 67% without being to the detriment of identifying device models, where we achieve an accuracy of 90%.
  11. F. Raimondo, U. Erol, S. Gunner, J. Pope, R. Zakrzewski, M. Faulks, R. McConville, T. Pasquier, R. Piechocki, G. Oikonomou, "IoT Key Exchange Performance Analysis", In Proc. ACM EWSN, 2022
    @inproceedings{Raimondo-2022-EWSN, title = {IoT Key Exchange Performance Analysis}, author = {Raimondo, Francesco and Erol, Ufuk and Gunner, {Sam D} and Pope, James and Zakrzewski, Robert and Faulks, Mike and McConville, Ryan and Pasquier, Thomas and Piechocki, {Robert J} and Oikonomou, George}, year = {2022}, booktitle = {Proc. ACM EWSN}, oa-url = {https://hdl.handle.net/1983/13d38fc6-2125-4277-8c56-2c5e1add1d1c}, gsid = {13726583842906646668} }
    The security of data in motion and at rest depends on the ability to exchange session keys between communicating parties. Key agreement approaches can provide the additional security assurance of perfect forward secrecy, however, for many Internet of Things resource-constrained devices the session key establishment process is too costly in terms of energy consumption and processing time. In this paper we quantify the energy consumption and execution load when performing session key establishment. We develop a software security framework, implementing both lightweight key transport and key agreement, the latter based on elliptic curve Diffie-Hellman. Measurements are taken using energy and digital-events monitoring tools. We find that key agreement implemented via software requires a quantity of energy thousand of times greater than a key transport approach. Also, we measure and quantify how much a hardware implementation can improve energy and execution time performance. Our research provides critical information for practitioners in selecting the appropriate hardware and security scheme for IoT applications.
  12. C. Lockie, I. Mavromatis, A. Stanoev, Y. Jin, G. Oikonomou, "Securing Synchronous Flooding Communications: An Atomic-SDN Implementation", In Proc. ACM EWSN, 2022
    @inproceedings{Lockie-2022-EWSN, title = {Securing Synchronous Flooding Communications: An Atomic-SDN Implementation}, author = {Lockie, Charles and Mavromatis, Ioannis and Stanoev, Aleksandar and Jin, Yichao and Oikonomou, George}, year = {2022}, booktitle = {Proc. ACM EWSN}, month = oct, oa-url = {https://hdl.handle.net/1983/67ca476b-d47f-4f82-813e-a4dbd3a6d5a8}, gsid = {37925499222647934} }
    Synchronous Flooding (SF) protocols can enhance the wireless connectivity between Internet of Things (IoT) devices. However, existing SF solutions fail to introduce sufficient security measures due to strict time synchronisation requirements, making them vulnerable to malicious actions. Our paper presents a design paradigm for encrypted SF communications. We describe a mechanism for synchronising encryption parameters in a network-wide fashion. Our solution operates with minimal overhead and without compromising communication reliability. Evaluating our paradigm on a real-world, large-scale IoT testbed, we have proven that a communication layer impervious to a range of attacks is established without sacrificing the network performance.
  13. A. Andrews, G. Oikonomou, S. Armour, P. Thomas, T. Cattermole, "Keyword Extraction for Fine-Grained IoT Device Identification", In Proc. IEEE FMEC, 2022
    @inproceedings{Andrews-2022-FMEC, title = {Keyword Extraction for Fine-Grained IoT Device Identification}, author = {Andrews, Ash and Oikonomou, George and Armour, Simon and Thomas, Paul and Cattermole, Thomas}, year = {2022}, booktitle = {Proc. IEEE FMEC}, doi = {10.1109/FMEC57183.2022.10062747}, oa-url = {https://hdl.handle.net/1983/a802591f-346c-43c5-9616-beb6280034c6}, gsid = {11394207799078972562} }
    Internet of Things (IoT) devices are becoming more widespread in networks and are shown to have security considerations as an afterthought. Identifying IoT devices can help users locate security vulnerabilities in their networks. Previous studies have used machine learning and rule-based methods to try and identify unknown devices from passive network traffic. The first issue with these approaches however is that the device must have been seen on a training dataset beforehand; otherwise it cannot be identified. The second issue is that trying to achieve granularity on device identification down to firmware level from passive network traffic has not been researched before, and is a key factor in identifying vulnerable devices. This paper contains a novel technique to solve those two problems. The technique automatically identifies unknown devices from passive network traffic without using a machine learning approach that finds and weights keywords found in each packet per device. These keywords then allow device identification down to a specific firmware version. The approach in this paper achieved 68% accuracy for identifying firmware versions and 73% and 70% for models and makes respectively, across a test dataset of 49 devices.
  14. H. Erdol, X. Wang, P. Li, J. Thomas, R. Piechocki, G. Oikonomou, R. Inacio, A. Ahmad, K. Briggs, S. Kapoor, "Federated Meta-Learning for Traffic Steering in O-RAN", In Proc. VTC Fall, 2022
    @inproceedings{Erdol-2022-VTC, title = {Federated Meta-Learning for Traffic Steering in O-RAN}, author = {Erdol, Hakan and Wang, Xiaoyang and Li, Peizheng and Thomas, {Jonathan D} and Piechocki, {Robert J} and Oikonomou, George and Inacio, Rui and Ahmad, Abdelrahim and Briggs, Keith and Kapoor, Shipra}, year = {2022}, booktitle = {Proc. VTC Fall}, doi = {10.1109/VTC2022-Fall57202.2022.10012789}, oa-url = {https://hdl.handle.net/1983/c33b5d43-7de6-41f6-a518-7ad3a45968b8}, gsid = {10244919700981046369} }
    The vision of 5G lies in providing high data rates, low latency (for the aim of near-real-time applications), significantly increased base station capacity, and near-perfect quality of service (QoS) for users, compared to LTE networks. In order to provide such services, 5G systems will support various combinations of access technologies such as LTE, NR, NR-U and Wi-Fi. Each radio access technology (RAT) provides different types of access, and these should be allocated and managed optimally among the users. Besides resource management, 5G systems will also support a dual connectivity service. The orchestration of the network therefore becomes a more difficult problem forsystem managers with respect to legacy access technologies. In this paper, we propose an algorithm for RAT allocation based on federated meta-learning (FML), which enables RAN intelligent controllers (RICs) to adapt more quickly to dynamically changing environments. We have designed a simulation environment which contains LTE and 5G NR service technologies. In the simulation,our objective is to fulfil UE demands within the deadline of transmission to provide higher QoS values. We compared our proposed algorithm with a single RL agent, the Reptile algorithm and a rule-based heuristic method. Simulation results show that the proposed FML method achieves higher caching rates atfirst deployment round 21% and 12% respectively. Moreover, proposed approach adapts to new tasks and environments most quickly amongst the compared methods.
  15. R. Zakrzewski, T. Martin, G. Oikonomou, "Anomaly Detection in Logical Sub-Views of WSNs", In Proc. IEEE ISCC, 2022
    @inproceedings{Zakrzewski-2022-iscc, author = {Zakrzewski, Robert and Martin, {Trevor P} and Oikonomou, George}, title = {Anomaly Detection in Logical Sub-Views of WSNs}, booktitle = {Proc. IEEE ISCC}, year = {2022}, doi = {10.1109/ISCC55528.2022.9912826}, gsid = {5824546022485421235}, oa-url = {https://research-information.bris.ac.uk/en/publications/anomaly-detection-in-logical-sub-views-of-wsns} }
    Wireless sensor networks are often distributed, diverse, and large making their monitoring hard. One way to tackle it is to focus on part of the system by creating logical sub-views which can be seen as proxies of the overall system operations. In this manuscript, logical sub-views consist of traffic aggregators and their topology which are monitored for anomaly. The aggregators are selected based on diversity and importance in the system and they are modelled as graphs to capture aggregation topology and data distributions. The aggregators’ selection criteria, the method for comparison of partially overlapping sub-views, normal aggregation profiles acquisition, and measures of anomaly are proposed. A simulated wireless sensor network is used to acquire data at the edge and apply the method. We demonstrate that focusing on system sub-views and comparing aggregation profiles facilitates anomaly detection also caused elsewhere in the system and the impact the anomaly has on aggregators.
  16. R. Zakrzewski, T. Martin, G. Oikonomou, "Graph modelled system change detection in WSNs", In Proc. MECO, 2022
    @inproceedings{Zakrzewski-2022-meco-b, author = {Zakrzewski, Robert and Martin, {Trevor P} and Oikonomou, George}, title = {Graph modelled system change detection in WSNs}, booktitle = {Proc. MECO}, year = {2022}, doi = {10.1109/MECO55406.2022.9797209}, gsid = {1936660121058630310}, oa-url = {https://research-information.bris.ac.uk/en/publications/graph-modelled-system-change-detection-in-wsns} }
    Graphs are suitable to model topology and data patterns in systems such as WSNs. To detect change, there is a need for graph comparison, a computationally demanding task difficult to run on constrained devices. For monitoring, the definition of normal patterns, and deviation from normal are required. In this contribution a flexible graph comparison method allowing monitoring of normal patterns and metrics providing measures of deviation from normal are proposed. In this manuscript, we apply the method to the system modelled by synthetic and random graphs. We demonstrate that the fingerprints of normal topology and data patterns can be acquired with the measures of deviation from normal. We discuss applicability of the method at the edge of WSNs.
  17. R. Zakrzewski, T. Martin, G. Oikonomou, "Topology Change Localisation in WSNs", In Proc. MECO, 2022
    @inproceedings{Zakrzewski-2022-meco-a, author = {Zakrzewski, Robert and Martin, {Trevor P} and Oikonomou, George}, title = {Topology Change Localisation in WSNs}, booktitle = {Proc. MECO}, year = {2022}, doi = {10.1109/MECO55406.2022.9797135}, gsid = {14809320844886637565}, oa-url = {https://research-information.bris.ac.uk/en/publications/topology-change-localisation-in-wsns} }
    Wireless Sensor Networks are often distributed, diverse, and large making their monitoring and anomaly localisation hard. Anomaly may pertain to parts of topology unknown in the ground truth. It is advantageous to localise anomaly, ideally using data at the edge which helps to implement countermeasures such as threat containment and attacker localisation. In this manuscript a method allowing localisation of sensors with malicious topology change and ground truth acquisition is presented. A simulated wireless sensor network is used to acquire data at the edge and apply the method. We demonstrate detection of malicious topology change based on topology distance measure and localisation of sensors impacted by the change using the data available at the edge of WSN.
  18. V. Kumar, G. Oikonomou, T. Tryfonas, "An urban sensing architecture as essential infrastructure for future cities", In Proc. IEEE/ACM UCC, 2021
    @inproceedings{Kumar-2021-ucc, title = {An urban sensing architecture as essential infrastructure for future cities}, author = {Kumar, Vijay and Oikonomou, George and Tryfonas, Theo}, booktitle = {Proc. IEEE/ACM UCC}, doi = {10.1145/3492323.3503507}, gsid = {4806805670050306504}, year = {2021} }
    Climate change and migration have become one of the most challenging problems for our civilization. In this context, city councils work hard to manage essential services for citizens such as waste collection, street lamp lighting, and water supply. Increasingly, digitalization and the Internet of Things (IoT) help cities improve services, increase productivity and reduce costs. However, to understand how this may happen, we explore the urban sensing capabilities from citizen- to city-scale, how sensing at different levels is interlinked, and the challenges of managing innovations based on IoT data and devices.Local authorities collaborate with researchers and deploy testbeds as a part of demonstration and research projects to perform the above data collection, improve city services, and support innovation. The data gathered is about indoor and outdoor environmental conditions, energy usage, built environment, structural health monitoring. Such monitoring requires IT infrastructure at three different tiers: at the endpoint, edge, and cloud. Managing infrastructure at all tiers with provisioning, connectivity, security updates of devices, user data privacy controls, visualization of data, multi-tenancy of applications, and network resilience, is challenging. So, in turn, we focus on performing a systematic study of the technical and non-technical challenges faced during the implementation, management, and deployment of devices into citizens’ homes and public spaces.Our third piece of work explores IoT edge applications’ resiliency and reliability requirements that vary from non-critical (best delivery efforts) to safety-critical with time-bounded guarantees. We investigate how to meet IoT application mixed-criticality QoS requirements in multi-communication networks.Finally, to demonstrate the principles of our framework in the real world, we implement an open-source air quality platform Open City Air Quality Platform (OpenCAQP), that merges a wide range of data sources and air pollution parameters into a single platform. The OpenCAQP allows citizens, environmentalists, data analysts, and developers to access and visualize that data.
  19. J. Pope, F. Raimondo, V. Kumar, R. McConville, R. Piechocki, G. Oikonomou, T. Pasquier, B. Luo, D. Howarth, I. Mavromatis, P. Carnelli, A. Sanchez-Mompo, T. Spyridopoulos, A. Khan, "Container Escape Detection for Edge Devices", In Proc. ACM SenSys, pp. 532–536, 2021
    @inproceedings{Pope-2021-DATA, author = {Pope, James and Raimondo, Francesco and Kumar, Vijay and McConville, Ryan and Piechocki, Rob and Oikonomou, George and Pasquier, Thomas and Luo, Bo and Howarth, Dan and Mavromatis, Ioannis and Carnelli, Pietro and Sanchez-Mompo, Adrian and Spyridopoulos, Theodoros and Khan, Aftab}, title = {Container Escape Detection for Edge Devices}, year = {2021}, publisher = {ACM}, doi = {10.1145/3485730.3494114}, booktitle = {Proc. ACM SenSys}, pages = {532–536}, oa-url = {https://research-information.bris.ac.uk/en/publications/container-escape-detection-for-edge-devices}, gsid = {3004275169705243068} }
    Edge computing is rapidly changing the IoT-Cloud landscape. Various testbeds are now able to run multiple Docker-like containers developed and deployed by end-users on edge devices. However, this capability may allow an attacker to deploy a malicious container on the host and compromise it. This paper presents a dataset based on the Linux Auditing System, which contains malicious and benign container activity. We developed two malicious scenarios, a denial of service and a privilege escalation attack, where an adversary uses a container to compromise the edge device. Furthermore, we deployed benign user containers to run in parallel with the malicious containers. Container activity can be captured through the host system via system calls. Our time series auditd dataset contains partial labels for the benign and malicious related system calls. Generating the dataset is largely automated using a provided AutoCES framework. We also present a semi-supervised machine learning use case with the collected data to demonstrate its utility. The dataset and framework code are open-source and publicly available.
  20. M. Baddeley, A. Aijaz, U. Raza, A. Stanoev, Y. Jin, M. Schuß, C. Boano, G. Oikonomou, "6TiSCH++ With Bluetooth 5 and Concurrent Transmissions", In Proc. ACM EWSN, pp. 25–30, 2021
    @inproceedings{Baddeley-2021-EWSN, title = {6TiSCH++ With Bluetooth 5 and Concurrent Transmissions}, author = {Baddeley, Michael and Aijaz, Adnan and Raza, Usman and Stanoev, Aleksandar and Jin, Yichao and Schu{\ss}, Markus and Boano, {Carlo Alberto} and Oikonomou, George}, year = {2021}, month = feb, pages = {25--30}, booktitle = {Proc. ACM EWSN}, oa-url = {https://www.ewsn.org/file-repository/ewsn2021/Article3.pdf}, gsid = {3885390453090888875} }
    Targeting dependable communications for industrial Internet of Things applications, IETF 6TiSCH provides mechanisms for efficient scheduling, routing, and forwarding of IPv6 traffic across low-power wireless mesh networks. Yet, despite an overwhelming body of literature covering autonomous, centralized, and distributed scheduling schemes for 6TiSCH, the design of an effective control solution remains an open challenge. Our paper fills this gap with a novel multi-PHY approach that eliminates much of the 6TiSCH routing and link-layer overhead. Specifically, we leverage the physical layer (PHY) switching capabilities of modern single-radio, multi-protocol wireless platforms to build on recent work highlighting the viability of CT-based flooding protocols across the Bluetooth 5 (BT 5) PHYs, demonstrating the feasibility of single-radio devices injecting a BT 5-based CT flood within a standard IEEE 802.15.4 TSCH slotframe. We present experimental evaluation and analytical modeling showing how our solution can exploit BT 5’s high data-rate PHYs for rapid data dissemination, while the coded PHYs can provide reliable 6TiSCH association and synchronization even under external RF interference. We further discuss how the proposed technique can be used to address other open challenges within 6TiSCH.
  21. R. Zakrzewski, T. Martin, G. Oikonomou, "Anomaly detection of data and topology patterns in WSNs", In Proc. IEEE DCOSS, pp. 535–542, 2021
    @inproceedings{Zakrzewski-2021-DCOSS, title = {Anomaly detection of data and topology patterns in WSNs}, author = {Zakrzewski, Robert and Martin, {Trevor P} and Oikonomou, George}, booktitle = {Proc. IEEE DCOSS}, year = {2021}, month = jul, pages = {535--542}, doi = {10.1109/DCOSS52077.2021.00087}, oa-url = {https://research-information.bris.ac.uk/en/publications/anomaly-detection-of-data-and-topology-patterns-in-wsns}, gsid = {9965296865227600366} }
    Wireless sensor networks are often distributedwhich makes detection of cyber-attacks or misconfiguration hard.Topology and data patterns change may result from attacksleading to the compromise of data and service availability orindicate operational problems. Graphs are often used to modeltopology and data paths to describe and compare state of asystem. For anomaly detection, the definition of normal patterns,deviation from normal, and criteria when to declare anomalyare required. In this contribution the process of acquisition ofnormal patterns (ground truth), and criteria when to declareanomaly based on graph comparison are proposed. The anomalydetection is suitable for deployment at the edge of a network.Finally, the inability to define all security threats is addressedby a custom tree-based classifier which only requires normalpatterns for training. A simulated wireless sensor network wasused to acquire data and apply the method. Our experimentsshow that data and topology change can be detected at the edgeof a network.
  22. F. Algahtani, T. Tryfonas, G. Oikonomou, "A Reference Implementation for RPL Attacks Using Contiki-NG and COOJA", In Proc. IEEE DCOSS, 2021
    @inproceedings{Algahtani-2021-DCOSS, title = {A Reference Implementation for RPL Attacks Using Contiki-NG and COOJA}, author = {Algahtani, Faya and Tryfonas, Theo and Oikonomou, George}, booktitle = {Proc. IEEE DCOSS}, year = {2021}, month = jul, doi = {10.1109/DCOSS52077.2021.00053}, gsid = {10165054698553642527}, oa-url = {https://research-information.bris.ac.uk/en/publications/a-reference-implemenation-for-rpl-attacks-using-contiki-ng-and-co} }
    RPL-based IoT networks are vulnerable to rout- ing attacks as well as flooding attacks. Developing security countermeasures requires knowledge of possible attacks, their timing, and combinations. Most implementations of RPL related attacks only consider individual attacks triggered when their simulation starts. Furthermore, nodes which to be compromised are preselected before a simulation starts and cannot later be changed. In this paper, we present a Contiki-NG implementation of most known RPL attacks all of which is shared on a public Github repository. In addition, we designed a framework in COOJA to facilitate simulating hybrid RPL attacks with different settings in terms of duration and severity.
  23. R. Singh, S. Armour, A. Khan, M. Sooriyabandara, G. Oikonomou, "Towards Multi-Criteria Heuristic Optimization for Computational Offloading in Multi-Access Edge Computing", In Proc. IEEE HPSR, 2021
    @inproceedings{Singh-2021-HPSR, author = {Singh, Raghubir and Armour, Simon and Khan, Aftab and Sooriyabandara, Mahesh and Oikonomou, George}, booktitle = {Proc. IEEE HPSR}, title = {Towards Multi-Criteria Heuristic Optimization for Computational Offloading in Multi-Access Edge Computing}, year = {2021}, gsid = {7739947261341185144}, oa-url = {https://research-information.bris.ac.uk/en/publications/towards-multi-criteria-heuristic-optimization-for-computational-o}, doi = {10.1109/HPSR52026.2021.9481852} }
    In recent years, there has been considerable interest in computational offloading algorithms. The interest is mainly driven by the potential savings that offloading offers in task completion time and mobile device energy consumption. This paper builds on authors’ previous work on computational offloading and describes a multi-objective optimization model that optimizes time and energy in a network with multiple Multi-Access Edge Computing servers (MECs) and Mobile Devices (MDs). Each MD has multiple computational jobs to process, and each task can be processed locally or offloaded to one of the MEC servers. Several heuristic offloading policies are proposed and tested with an objective function with a range of weightings for optimizing time and energy. The approaches are illustrated with the help of three test cases of varying complexity. The objective function shows a continuous variation as the emphasis is placed on either time or energy saving by the weighting factors. The numerical tests demonstrate that the proposed heuristic algorithms produce near-optimal computational offloading solutions while considering a combined weighted score for schedule task completion time and energy.
  24. W. Boukley Hasan, L. Li, G. Oikonomou, M. Beach, "Radio Resource Allocation Between Massive MIMO and LTE Using SDN", In Proc. IEEE PIMRC, 2020
    @inproceedings{Boukley-2020-pimrc, title = {Radio Resource Allocation Between Massive MIMO and LTE Using SDN}, author = {Boukley Hasan, Wael and Li, Li and Oikonomou, George and Beach, Mark}, year = {2020}, month = may, booktitle = {Proc. IEEE PIMRC}, publisher = {IEEE}, gsid = {17964905938022766745}, doi = {10.1109/PIMRC48278.2020.9217374}, oa-url = {https://research-information.bris.ac.uk/en/publications/radio-resource-allocation-between-massive-mimo-and-lte-using-sdn} }
    Massive multiple-input, multiple-output (Ma-MIMO) is currently being deployed in the fifth generation (5G) networks. It has increased the capacity for sub-6GHz wireless access. However, the ongoing development is a critical step in enhancing this technology in order to deliver the capacity gains and the Quality of Service (QoS) requirements in 5G. Here, a novel spatial Software-Defined Networking (SDN) controller framework for radio resource allocation between a single cell long-term evolution (LTE) and a single cell Ma-MIMO is proposed and shown to further enhance performance. For the first time, an SDN-based radio resource management (SDN-RRM) framework for multiple radio access technologies (multi-RATs) is introduced. The methodologies in this framework address the interference caused by the user channel vectors as well as hardware impairments in Ma-MIMO by mainly relying on the Error Vector Magnitude (EVM) and channel state information (CSI). The handover between the LTE Access Point (AP) and the Ma-MIMO AP is decided by the wireless SDN controller. This has led to maximize the throughput and to achieve the QoS requirement. The proposed framework has been built and evaluated in real-time by using a massive Ma-MIMO testbed and an LTE testbed controlled by an SDN controller.
  25. L. Li, G. Oikonomou, M. Beach, "An SDN Agent-enabled Radio Resource Management Framework for Wireless LAN", In Proc. IEEE GLOBECOM, 2020
    @inproceedings{Li-2020-Globecom, title = {An SDN Agent-enabled Radio Resource Management Framework for Wireless LAN}, author = {Li, Li and Oikonomou, George and Beach, {Mark A}}, year = {2020}, month = may, day = {16}, booktitle = {Proc. IEEE GLOBECOM}, gsid = {9707705631607506029} }
    A Software-Defined Networking (SDN) agent is a software element bridging an SDN controller and any legacy wireless network elements by providing the abstraction of these elements. In this paper, we present the work of an SDN approach for designing and implementing a radio resource management (RRM) framework for wireless local area networks (WLAN). The framework provides support for real-time rate adaptation (RA) and transmit power control (TPC) applications. It is also flexible to satisfy various degrees of granularity, per link, per flow and per packet. We implement the proposed framework as an extension to the Wireless Open-Access Research Platform (WARP), an FPGA based Software-Defined Radio (SDR) platform. Our evaluation results demonstrate the effectiveness of decoupling RRM functions from the underlying wireless hardware. To highlight the applicability of our approach, we present a use case deployed over the framework focusing on providing high-throughput reliable multicast transmissions, hence improving the WLAN’s overall spectrum efficiency.
  26. R. Singh, S. Armour, A. Khan, M. Sooriyabandara, G. Oikonomou, "Heuristic Approaches for Computational Offloading in Multi-Access Edge Computing Networks", In Proc. IEEE PIMRC, 2020
    @inproceedings{Singh-2020-pimrc, author = {Singh, Raghubir and Armour, Simon and Khan, Aftab and Sooriyabandara, Mahesh and Oikonomou, George}, title = {Heuristic Approaches for Computational Offloading in Multi-Access Edge Computing Networks}, booktitle = {Proc. IEEE PIMRC}, publisher = {IEEE}, year = {2020}, gsid = {12509043996148941573}, doi = {10.1109/PIMRC48278.2020.9217181}, oa-url = {https://research-information.bris.ac.uk/en/publications/heuristic-approaches-for-computational-offloading-in-multi-access} }
    Computational offloading is a strategy by which mobile device (MD) users can access the superior processing power of a Multi-Access Edge Computing (MEC) server network. In this paper, we contribute a model of a system that consists of multiple MEC servers and multiple MD users. Each MD has multiple computational tasks to perform, and each task can either be computed locally on the MD, or it can be offloaded to one of the MEC servers. For this system and having global knowledge, we compute the theoretical optimal allocation that minimises the time required to complete the computation of all tasks. Subsequently, we contribute a distributed heuristic algorithm that allows each MD to independently, and using local knowledge only, decide how to handle each individual job. Furthermore, we propose three approaches to decide whether to offload each individual job, and three mechanisms to determine which MEC server each task should be offloaded to. We use simulations to evaluate those approaches in terms of how well they can approximate the theoretical optimum. The proposed heuristic algorithm is tested on a range of experiments, and the results demonstrate that the heuristic algorithm can produce reasonable quality solutions.
  27. R. Singh, S. Armour, A. Khan, M. Sooriyabandara, G. Oikonomou, "Identification of the Key Parameters for Computational Offloading in Multi-Access Edge Computing", In Proc. IEEE Cloud Summit, 2020
    @inproceedings{Singh-2020-cloud-summit, author = {Singh, Raghubir and Armour, Simon and Khan, Aftab and Sooriyabandara, Mahesh and Oikonomou, George}, title = {Identification of the Key Parameters for Computational Offloading in Multi-Access Edge Computing}, booktitle = {Proc. IEEE Cloud Summit}, publisher = {IEEE}, year = {2020}, doi = {10.1109/IEEECloudSummit48914.2020.00026}, gsid = {461323988999931891}, oa-url = {https://research-information.bris.ac.uk/en/publications/identification-of-the-key-parameters-for-computational-offloading} }
    Computational offloading is a strategy by which mobile device (MD) users can access the superior processing power of a Multi-Access Edge Computing (MEC) server network. This paper investigates the impact of CPU workloads (on both the user and server-side) on overall processing times and energy consumption as well as We provide a comprehensive mathematical model using two applications of varying complexity are tested on a range of cases. Our findings show that the relationship between the CPU workloads on the MD and MEC server and the link speed between them are the crucial parameters that determine the success of offloading in the MEC network. We demonstrate that a certain threshold of link speed is required for shorter completion times by offloading, and the MD CPU workload determines it. Furthermore, MD energy usage can be reduced considerably by offloading for varying complexity applications provided a sufficiently link speed is available to the MEC network.
  28. A. Vafeas, X. Fafoutis, A. Elsts, I. Craddock, M. Biswas, R. Piechocki, G. Oikonomou, "Wearable Devices for Digital Health: The SPHERE Wearable 3", In Proc. ACM EWSN, pp. 236–241, 2020
    @inproceedings{vafeas-2020-ewsn, title = {Wearable Devices for Digital Health: The SPHERE Wearable 3}, author = {Vafeas, Antonis and Fafoutis, Xenofon and Elsts, Atis and Craddock, Ian and Biswas, {Md Israfil} and Piechocki, Robert and Oikonomou, George}, year = {2020}, booktitle = {Proc. ACM EWSN}, pages = {236–241}, gsid = {5741477175044553506}, doi = {10.5555/3400306.3400352}, oa-url = {https://research-information.bris.ac.uk/en/publications/wearable-devices-for-digital-health(cdcc1f91-84da-418d-96f0-31bc2e91cfda).html} }
    This paper presents a novel wearable device: the SPHERE Wearable 3. The Wearable 3 is a wrist-worn sensor node tailored for low maintenance residential health and behaviour monitoring. It features multiple inertial measurement sensors, as well as a heart-rate sensor, capacitive button, and OLED screen. The Wearable 3 builds on our experience with previous generations of wearable sensing nodes while adding novel features, including interactive elements. We present a novel two-way communication based on a customized implementation of the Bluetooth Low Energy (BLE) protocol to connect the Wearable 3 with a gateway device, and describe various optimizations of energy consumption. The Wearable 3 is currently being deployed in residential homes in Bristol, UK, as part of a project aiming to collect diagnostic data from early-stage Alzheimer’s patients.
  29. R. Singh, S. Armour, A. Khan, M. Sooriyabandara, G. Oikonomou, "The Advantage of Computation Offloading in Multi-Access Edge Computing", In Proc. IEEE FMEC, 2019
    @inproceedings{Singh-2019-FMEC, title = {The Advantage of Computation Offloading in Multi-Access Edge Computing}, author = {Singh, Raghubir and Armour, Simon and Khan, Aftab and Sooriyabandara, Mahesh and Oikonomou, George}, year = {2019}, month = jun, booktitle = {Proc. IEEE FMEC}, doi = {10.1109/FMEC.2019.8795335}, gsid = {4635599596477921932}, oa-url = {https://research-information.bristol.ac.uk/en/publications/the-advantage-of-computation-offloading-in-multiaccess-edge-computing(c528b331-9ae0-436f-961e-9976ed62bba9).html} }
    Computation offloading plays a critical role inreducing task completion time for mobile devices. The advantagesof computation offloading to cloud resources in Mobile CloudComputing have been widely considered. In this paper, we haveinvestigated different scenarios for offloading to less distantMulti-Access Edge Computing (MEC) servers for multiple userswith a range of mobile devices and computational tasks. Wepresent detailed simulation data for how offloading can bebeneficial in a MEC network with varying quantitative mobileuser demand, heterogeneity in mobile device on-board and MECprocessor speeds, computational task complexity, communicationspeeds, link access delays and mobile device user numbers.Unlike previous work where simulations considered only limitedcommunication speeds for offloading, we have extended the rangeof link speeds and included two types of communication delay.We find that more computationally complex applications areoffloaded preferentially (especially with the higher server:mobiledevice processor speed ratios) while low link speeds and anydelays caused by network delays or excessive user numbersdegrade any advantages in reduced task completion times offeredby offloading. Additionally, significant savings in energy usage bymobile devices are guaranteed except at very low link speeds.
  30. M. Baddeley, U. Raza, M. Sooriyabandara, G. Oikonomou, R. Nejabati, D. Simeonidou, "Atomic-SDN: A Synchronous Flooding Framework for SDN Control of Low-Power Wireless", In Proc. ACM EWSN, pp. 206 – 207, 2019
    @inproceedings{Baddeley-2019-EWSN, title = {Atomic-SDN: A Synchronous Flooding Framework for SDN Control of Low-Power Wireless}, author = {Baddeley, Michael and Raza, Usman and Sooriyabandara, Mahesh and Oikonomou, George and Nejabati, Reza and Simeonidou, Dimitra}, booktitle = {Proc. ACM EWSN}, publisher = {Association for Computing Machinery (ACM)}, year = {2019}, month = feb, pages = {206 -- 207}, oa-url = {https://research-information.bristol.ac.uk/en/publications/atomicsdn(35df9370-3ded-45dc-acc2-26bd36aad29b).html}, gsid = {15963983663240748841} }
    We present Atomic-SDN, a highly flexible framework capable of dynamically scheduling synchronous flooding phases to accommodate multiple traffic patterns resulting from application-level requirements. Specifically, Atomic-SDN accommodates the complex and varying traffic generated in a Software Defined Networking (SDN) control solutions for low-power wireless networks, where the high-overhead and centralized nature of SDN causes considerable problems due to the constrained nature of the network. By utilizing the high-reliability and low-latency properties of synchronous flooding, our results show that Atomic-SDN is capable of providing minimal bounded latency guarantees for network-wide SDN operations. This reduces the time to perform SDN operations on all nodes by orders-of-magnitude, and allows core SDN concepts to be pushed to the very edge of IoT networks.
  31. L. Li, G. Oikonomou, M. Beach, R. Nejabati, D. Simeonidou, "An SDN Agent-enabled Rate Adaptation Framework for WLAN", In Proc. IEEE ICC, 2019
    @inproceedings{Li-2019-ICC, title = {An SDN Agent-enabled Rate Adaptation Framework for WLAN}, author = {Li, Li and Oikonomou, George and Beach, Mark and Nejabati, Reza and Simeonidou, Dimitra}, booktitle = {Proc. IEEE ICC}, publisher = {IEEE}, year = {2019}, month = may, doi = {10.1109/ICC.2019.8761424}, gsid = {7175808884894693046}, oa-url = {https://research-information.bristol.ac.uk/en/publications/an-sdn-agentenabled-rate-adaptation-framework-for-wlan(8744fc84-b6b4-4a72-b968-9ac13c267217).html} }
    Rate or link adaptation is the determination of the optimal modulation and coding scheme (MCS) that will maximize the performance under the current wireless channel conditions. A Software-Defined Networking (SDN) agent is a software element bridging an SDN controller and any legacy wireless network elements by providing the abstraction of these elements. In this paper, we present the work of an SDN approach for designing and implementing a Rate/Link Adaptation (RA) framework for wireless local area networks (WLAN). The framework provides support for real-time RA applications and flexibility to satisfy various degrees of Quality of Service (QoS) or Quality of Experience (QoE) requirements. We implement the proposed framework as an extension to the Wireless Open-Access Research Platform (WARP), an FPGA based Software-Defined Radio (SDR) platform, with evaluation results indicating the feasibility of using SDN-RA under the stringent time constraints posed by the WLAN. To demonstrate the effectiveness of decoupling rate decision functions from the underlying wireless interface card and to highlight its applicability for a diverse set of scenarios, we present a use case deployed over the framework focusing on rate adaptation for individual traffic, and display optimization in different aspects, such as the reduction transmission errors.
  32. A. Mavromatis, G. Papadopoulos, A. Elsts, N. Montavont, R. Piechocki, T. Tryfonas, G. Oikonomou, X. Fafoutis, "Adaptive Guard Time for Energy-Efficient IEEE 802.15.4 TSCH Networks", In Proc. IFIP WWIC, pp. 15–26, 2019
    @inproceedings{Mavromatis-2019-WWIC, author = {Mavromatis, Alex and Papadopoulos, Georgios Z. and Elsts, Atis and Montavont, Nicolas and Piechocki, Robert and Tryfonas, Theo and Oikonomou, George and Fafoutis, Xenofon}, title = {Adaptive Guard Time for Energy-Efficient IEEE 802.15.4 TSCH Networks}, booktitle = {Proc. IFIP WWIC}, year = {2019}, publisher = {Springer}, pages = {15--26}, doi = {10.1007/978-3-030-30523-9_2}, gsid = {5056135999068334608}, oa-url = {http://www2.compute.dtu.dk/~xefa/files/conf/2019_wwic_guard.pdf} }
    Several Internet of Things (IoT) applications have strict performance requirements, in terms of reliability and power consumption. IEEE 802.15.4 Time Slotted Channel Hopping (TSCH) is a recently standardised Medium Access Control (MAC) protocol that supports these requirements by keeping the nodes time-synchronised. In order to ensure successful communication between a sender and a receiver, the latter starts listening shortly before the expected frame’s arrival. This time offset is called guard time and it aims to reduce the probability of missed frames due to clock drift. This paper investigates the impact of the guard time on the energy consumption and proposes a scheme for the decentralised adaptation of the guard time in each node depending on its hop-distance from the sink. Simulations and test-bed experiments demonstrate that guard time adaptation can reduce the energy consumption by up to 50%, without compromising the reliability of the network.
  33. A. Elsts, J. Pope, X. Fafoutis, R. Piechocki, G. Oikonomou, "Instant: A TSCH Schedule for Data Collection from Mobile Nodes", In Proc. ACM EWSN, 2019
    @inproceedings{Elsts-2019-ewsn, title = {Instant: A TSCH Schedule for Data Collection from Mobile Nodes}, author = {Elsts, Atis and Pope, James and Fafoutis, Xenofon and Piechocki, Robert and Oikonomou, George}, year = {2019}, month = feb, booktitle = {Proc. ACM EWSN}, publisher = {Association for Computing Machinery (ACM)}, oa-url = {https://research-information.bristol.ac.uk/en/publications/instant(97ed3512-b98b-4bd7-9d31-5c0584bace9b).html}, gsid = {2350264299336058644} }
    Low-power wearable devices are becoming increasingly important for fitness and healthcare applications. However, existing protocols based on the IEEE 802.15.4 low-power wireless standard are not optimized for data collection from mobile devices. This paper presents Instant: a schedule for the IEEE 802.15.4 TSCH protocol tailored for this application. We evaluate the data collection speed, energy consumption, and fairness of Instant, and show that Instant achieves several times higher data collection speed from mobile nodes compared with the state-of-the-art Orchestra schedule.
  34. W. Boukley Hassan, A. Doufexi, G. Oikonomou, M. Beach, "EVM Prediction for Massive MIMO", In Proc. IEEE PIMRC, 2019
    @inproceedings{Boukley-2019-PIMRC, title = {EVM Prediction for Massive MIMO}, author = {Boukley Hassan, Wael and Doufexi, Angela and Oikonomou, George and Beach, Mark}, year = {2019}, month = sep, booktitle = {Proc. IEEE PIMRC}, doi = {10.1109/PIMRC.2019.8904437}, gsid = {9004208396109384086}, oa-url = {https://research-information.bris.ac.uk/en/publications/evm-prediction-for-massive-mimo(8448efa4-1ba5-4a26-90ca-45232ff442ba).html} }
    Signal to interference plus noise ratio (SINR) is a widely common performance metric used in the majority of massive multiple-input, multiple-output (Ma-MIMO) research. This metric requires prior knowledge of the user channel vectors and the interference caused by inaccurate channel state information (CSI). However, the interference caused by inaccurate CSI can’t be calculated for realworld scenarios. On the other hand, a comprehensive performance indicator can be achieved by the Error Vector Magnitude (EVM) metric in real-world scenarios. This considers all impairments upon the transmitted symbol as seen at the receiver. However, measuring the EVM values for a subset of users requires each user to retransmit data symbols. This paper presents an estimation method with high accuracy by associating EVM to SINR values for Ma-MIMO with zero-forcing (ZF) and Minimum Mean Square Error (MMSE). Also introduced is a novel EVM prediction method for subset of users taken from the original set of simultaneous users in a single cell Ma-MIMO. This method jointly relies on the channel correlation between users and the EVM performance to predict the EVM values for a subset of the available users without the need to retransmit data symbols. This method considers the user channel vector and the interference caused by inaccurate CSI, which make it suitable for Ma-MIMO algorithms, such as user grouping and power control. Real-world experimental data-sets with real-time results are carried out to validate the EVM prediction method using software-defined radio Ma-MIMO testbed.
  35. J. Pope, A. Vafeas, A. Elsts, G. Oikonomou, R. Piechocki, I. Craddock, "An Accelerometer Lossless Compression Algorithm and Energy Analysis for IoT Devices", In Proc. WCNC Workshops, pp. 396-401, 2018
    @inproceedings{Pope-2018-wcnc, title = {An Accelerometer Lossless Compression Algorithm and Energy Analysis for IoT Devices}, author = {Pope, James and Vafeas, Antonis and Elsts, Atis and Oikonomou, George and Piechocki, Robert and Craddock, Ian}, year = {2018}, booktitle = {Proc. WCNC Workshops}, publisher = {IEEE}, pages = {396-401}, doi = {10.1109/WCNCW.2018.8368985}, gsid = {4137926603080687766}, oa-url = {https://research-information.bristol.ac.uk/en/publications/an-accelerometer-lossless-compression-algorithm-and-energy-analysis-for-iot-devices(ba9c4c1b-a085-429d-a5db-d8010736b6fc).html} }
    The Internet of Things promises to enable numerous future applications spanning many domains, including health care, and is comprised of devices that are constrained in terms of computational and energy resources. A specific health care application is to ascertain patients’ activity of daily living while at home using accelerometer data from non-invasive wearables. It is often necessary to store this data on the device to be retrieved later for analysis. However, the devices typically store far more data than can be transmitted with commonly used low power radios. To mitigate the problem, this paper proposes an energy efficient, lossless compression algorithm that uses an offline frequency distribution to create a symbol-code lookup table. Using an extensive set of data from a previous study, an analysis of the entropy of activities of daily living accelerometer data is presented. The compression algorithm is compared against this estimated entropy. Energy being critical for IoT devices, the trade-off between energy cost for compression versus energy saved during transmission is also analysed.
  36. A. Vafeas, A. Elsts, J. Pope, X. Fafoutis, G. Oikonomou, R. Piechocki, I. Craddock, "Energy-Efficient, Noninvasive Water Flow Sensor", In Proc. SMARTCOMP, pp. 139-146, 2018
    @inproceedings{Vafeas-2018-smartcomp, title = {Energy-Efficient, Noninvasive Water Flow Sensor}, author = {Vafeas, Antonis and Elsts, Atis and Pope, James and Fafoutis, Xenofon and Oikonomou, George and Piechocki, Robert and Craddock, Ian}, booktitle = {Proc. SMARTCOMP}, year = {2018}, pages = {139-146}, doi = {10.1109/SMARTCOMP.2018.00084}, gsid = {1340752008608334172} }
    We are interested in hot and cold water flow detection in domestic kitchen and bathroom taps for smart home environments. Water flow monitoring is particularly valuable for long-term behavioural monitoring systems for health-related applications, as it enables the collection of long-term data on the hydration levels of the house residents, and it is associated with several activities of daily life, such as cooking and cleaning. This paper presents a water flow sensing device that is based on sensing the vibrations on the pipe when water is flowing through them. The proposed solution is noninvasive and energyefficient, as it does not require cutting the water pipes or altering the plumbing system, and consumes less then 2 µA in continuous operation. The proposed water flow sensor has been integrated to SPHERE, a sensing platform of non-medical sensors for healthcare monitoring and behavioural analytics in a home environment, and deployed to more than 15 residential properties.
  37. X. Fafoutis, A. Elsts, A. Vafeas, G. Oikonomou, R. Piechocki, "On Predicting the Battery Lifetime of IoT Devices: Experiences from the SPHERE Deployments", In Proc. ACM RealWSN, pp. 7–12, 2018
    @inproceedings{Fafoutis-2018-RealWSN, title = {On Predicting the Battery Lifetime of IoT Devices: Experiences from the SPHERE Deployments}, author = {Fafoutis, Xenofon and Elsts, Atis and Vafeas, Antonis and Oikonomou, George and Piechocki, Robert}, year = {2018}, month = nov, day = {4}, doi = {10.1145/3277883.3277892}, language = {English}, pages = {7--12}, booktitle = {Proc. ACM RealWSN}, publisher = {Association for Computing Machinery (ACM)}, oa-url = {https://research-information.bristol.ac.uk/en/publications/on-predicting-the-battery-lifetime-of-iot-devices-experiences-from-the-sphere-deployments(05c0efb7-16c9-47fc-b0e1-7fe9dc6f21ec).html}, gsid = {10336648821840413740} }
    One of the challenges of deploying IoT battery-powered sensing systems is managing the maintenance of batteries. To that end, practitioners often employ prediction techniques to approximate the battery lifetime of the deployed devices. Following a series of longterm residential deployments in the wild, this paper contrasts real-world battery lifetimes and discharge patterns against battery lifetime predictions that were conducted during the development of the deployed system. The comparison highlights the challenges of making battery lifetime predictions, in an attempt to motivate further research on the matter. Moreover, this paper summarises key lessons learned that could potentially accelerate future IoT deployments of similar scale and nature.
  38. X. Fafoutis, A. Elsts, G. Oikonomou, R. Piechocki, "SPHERE Deployment Manager: A Tool for Deploying IoT Sensor Networks at Large Scale", In Proc. AdHoc Now, 11104, pp. 307–318, 2018
    @inproceedings{Fafoutis-2018-AdHocNow, title = {SPHERE Deployment Manager: A Tool for Deploying IoT Sensor Networks at Large Scale}, author = {Fafoutis, Xenofon and Elsts, Atis and Oikonomou, George and Piechocki, Robert}, booktitle = {Proc. AdHoc Now}, pages = {307--318}, year = {2018}, gsid = {6516981089610036943}, doi = {10.1007/978-3-030-00247-3_27}, volume = {11104}, publisher = {Springer}, oa-url = {https://research-information.bristol.ac.uk/en/publications/sphere-deployment-manager(81e729f8-7f20-49af-b76c-43ad9dbe09e0).html}, series = {LNCS} }
    Internet of Things (IoT) technology has the potential to revolutionise several domains of everyday life, including the healthcare sector. In order to reach its full potential, IoT technology needs to be evaluated in the real world, beyond controlled environments, such as laboratories and test-beds. SPHERE is an experimental sensing platform for healthcare in a residential environment. Unlike other similar smart home health systems, SPHERE is deployed in a large number of properties of volunteers. Based on our experiences and lessons learned from SPHERE’s large-scale deployments, this paper focuses on the challenge of effectively managing the sensor installation overhead, aiming at supporting our deployment technicians with achieving a satisfactory deployment throughput. In this context, this paper presents the SPHERE Deployment Manager: an open-source tool that facilitates the deployment of bespoke IoT networks by technicians that are not experts in IoT technology. We believe that the SPHERE Deployment Manager is a tool that can accelerate future IoT research deployments of similar nature and scale.
  39. A. Elsts, E. Mitskas, G. Oikonomou, "Distributed Ledger Technology and the Internet of Things: A Feasibility Study", In Proc. BlockSys, pp. 7–12, 2018
    @inproceedings{Elsts-2018-blocksys, title = {Distributed Ledger Technology and the Internet of Things: A Feasibility Study}, author = {Elsts, Atis and Mitskas, Efstathios and Oikonomou, George}, year = {2018}, month = nov, day = {4}, doi = {10.1145/3282278.3282280}, language = {English}, pages = {7--12}, booktitle = {Proc. BlockSys}, oa-url = {https://research-information.bristol.ac.uk/en/publications/distributed-ledger-technology-and-the-internet-of-things-a-feasibility-study(e9dbecde-7089-41d5-9943-e028b9d40e6c).html}, gsid = {16052130940079673351}, publisher = {Association for Computing Machinery (ACM)} }
    Distributed Ledger Technologies have promising applications in the Internet of Things. However, scalability and support for micropayments remain problems for blockchain-based applications, therefore other alternatives such as IOTA should be considered. This work reports on an experimental evaluation of IOTA on several different IoT platforms. We show that even though the communication overhead to join the IOTA network can be significantly reduced by adapting a proxy-based architecture, the computational overhead remains high. We conclude that IOTA is not currently suitable for battery-powered IoT devices.
  40. M. Baddeley, R. Nejabati, G. Oikonomou, M. Sooriyabandara, D. Simeonidou, "Evolving SDN for Low-Power IoT Networks", In Proc. NetSoft, 2018
    @inproceedings{Baddeley-2018-netsoft, title = {Evolving SDN for Low-Power IoT Networks}, author = {Baddeley, Michael and Nejabati, Reza and Oikonomou, George and Sooriyabandara, Mahesh and Simeonidou, Dimitra}, booktitle = {Proc. NetSoft}, year = {2018}, oa-url = {https://research-information.bristol.ac.uk/en/publications/evolving-sdn-for-lowpower-iot-networks(f9eb201c-8800-45af-bab5-6b86d440e952).html}, doi = {10.1109/NETSOFT.2018.8460125}, gsid = {13759044828155681085} }
    Software Defined Networking (SDN) offers a flexible and scalable architecture that abstracts decision making away from individual devices and provides a programmable network platform. Low-power wireless Internet of Things (IoT) networks, where multi-tenant and multi-application architectures require scalable and configurable solutions, are ideally placed to capitalize on this research. However, implementing a centralized SDN architecture within the constraints of a low-power wireless network faces considerable challenges. Not only is controller traffic subject to jitter due to unreliable links and network contention, but the overhead generated by SDN can severely affect the performance of other traffic. This paper addresses the challenge of bringing high-overhead SDN architecture to IEEE 802.15.4 networks. We explore how the traditional view of SDN needs to evolve in order to overcome the constraints of low-power wireless networks, and discuss protocol and architectural optimizations necessary to reduce SDN control overhead - the main barrier to successful implementation. Additionally, we argue that interoperability with the existing protocol stack is necessary to provide a platform for controller discovery, and coexistence with legacy networks. We consequently introduce µSDN, a lightweight SDN framework for Contiki OS with both IPv6 and underlying routing protocol interoperability, as well as optimizing a number of elements within the SDN architecture to reduce control overhead to practical levels. We evaluate µSDN in terms of latency, energy, and packet delivery. Through this evaluation we show how the cost of SDN control overhead (both bootstrapping and management) can be reduced to a point where comparable performance and scalability is achieved against an IEEE 802.15.4-2012 RPL-based network. Additionally, we demonstrate µSDN through simulation: providing a use-case where the SDN configurability can be used to provide Quality of Service (QoS) for critical network flows experiencing interference, and we achieve considerable reductions in delay and jitter in comparison to a scenario without SDN.
  41. M. Dilmore, A. Doufexi, G. Oikonomou, "Analysing Interface Bonding in 5G WLANs", In Proc. CAMAD, 2018
    @inproceedings{Dilmore-2018-camad, title = {Analysing Interface Bonding in 5G WLANs}, author = {Dilmore, Michael and Doufexi, Angela and Oikonomou, George}, year = {2018}, booktitle = {Proc. CAMAD}, publisher = {IEEE}, doi = {10.1109/CAMAD.2018.8514934}, oa-url = {https://research-information.bristol.ac.uk/en/publications/analysing-interface-bonding-in-5g-wlans(45cb641e-d79b-4304-bbb7-ebc9f07ca667).html}, gsid = {5410971281248490699} }
    This work proposes a simple analytical model for interface bonding in 5G WLANs at the 2.4 GHz and 60 GHz ISM bands. Based on previous analysis of the IEEE 802.11 DCF by Bianchi and Chatzimisios, an expression for the predicted throughput of the bonded interface is given as a function of the number of competing wireless nodes in each network.The model is implemented and validated in MatLab using the Monte Carlo method. When applied to a practical interface bonding scenario, the model results suggest a practical limit of fifteen 2.4 GHz nodes when bonded with a 60 GHz interface, above which the resulting compound throughput is less than that of a single 60 GHz interface.
  42. X. Fafoutis, A. Elsts, G. Oikonomou, R. Piechocki, I. Craddock, "Adaptive Static Scheduling in IEEE 802.15.4 TSCH Networks", In Proc. IEEE WF-IoT, pp. 263-268, 2018
    @inproceedings{Fafoutis-2018-wfiot, author = {Fafoutis, Xenofon and Elsts, Atis and Oikonomou, George and Piechocki, Robert and Craddock, Ian}, title = {Adaptive Static Scheduling in IEEE 802.15.4 TSCH Networks}, publisher = {IEEE}, booktitle = {Proc. IEEE WF-IoT}, month = feb, pages = {263-268}, year = {2018}, doi = {10.1109/WF-IoT.2018.8355114}, gsid = {12784464564427922876}, oa-url = {https://research-information.bristol.ac.uk/en/publications/adaptive-static-scheduling-in-ieee-802154-tsch-networks(bfafab3a-7f19-4ac6-80b3-b2090ce85a90).html} }
    TSCH (Time-Slotted Channel Hopping) is a synchronous MAC (Medium Access Control) protocol, introduced with the recent amendments to the IEEE 802.15.4 standard. Due to its channel hopping nature, TSCH is a promising enabling technology for dependable IoT (Internet of Things) infrastructures that are deployed in environments that are prone to interference. In TSCH, medium access is orchestrated by a schedule that is distributed to all the nodes in the network. In this paper, we propose Adaptive Static Scheduling to improve the energy efficiency of TSCH networks. Adaptive Static Scheduling builds on top of static schedules and allows each pair of communicating nodes to adaptively activate a subset of their allocated slots, effectively reducing the idle listening overhead of unused slots. Moreover, the nodes can dynamically activate more slots when they need to support bursts of high traffic, without the need of redistributing new schedules. Simulation results demonstrate that Adaptive Static Scheduling outperforms static scheduling in dynamic environments, operating nearly as efficiently as an oracle with knowledge of the optimal schedule.
  43. X. Fafoutis, A. Elsts, A. Vafeas, G. Oikonomou, R. Piechocki, "Demo: SPES-2 – A Sensing Platform for Maintenance-Free Residential Monitoring", In Proc. EWSN 2017, 2017
    @inproceedings{Fafoutis-2017-ewsn, title = {Demo: SPES-2 – A Sensing Platform for Maintenance-Free Residential Monitoring}, author = {Fafoutis, Xenofon and Elsts, Atis and Vafeas, Antonis and Oikonomou, George and Piechocki, Robert}, booktitle = {Proc. EWSN 2017}, year = {2017}, gsid = {17625986834348170975}, oa-url = {http://dl.acm.org/citation.cfm?id=3108009.3108060} }
    SPES-2 is a sensing board for room-level monitoring in a home environment. It constitutes a vital modality of the SPHERE architecture: a multi-modal sensing platform for healthcare in a residential environment. SPES-2 uses an optimised implementation of the IEEE 802.15.4-2015 TSCH (Time-Slotted Channel Hopping) standard to operate efficiently and reliably in unknown environments for more than one year without battery replacement, providing continuous information about the ambient characteristics of the room (such as temperature, humidity and light levels), as well as presence information captured through a motion sensor.
  44. A. Mavromatis, G. Papadopoulos, X. Fafoutis, A. Goulianos, G. Oikonomou, P. Chatzimisios, T. Tryfonas, "Link quality and path based clustering in IEEE 802.15.4-2015 TSCH networks", In Proc. IEEE ISCC, pp. 798–803, 2017
    @inproceedings{Mavromatis-2017-iscc, title = {Link quality and path based clustering in IEEE 802.15.4-2015 TSCH networks}, author = {Mavromatis, Alexandros and Papadopoulos, Georgios and Fafoutis, Xenofon and Goulianos, Angelos and Oikonomou, George and Chatzimisios, Periklis and Tryfonas, Theo}, year = {2017}, month = sep, pages = {798--803}, doi = {10.1109/ISCC.2017.8024625}, booktitle = {Proc. IEEE ISCC}, publisher = {IEEE}, gsid = {10353404964759799904}, oa-url = {https://research-information.bristol.ac.uk/en/publications/link-quality-and-path-based-clustering-in-ieee-8021542015-tsch-networks(11a32dd8-50b3-462a-8204-fe34240a47b0).html} }
    Advance clustering techniques have been widely used in Wireless Sensor Networks (WSNs) since they can potentially reduce latency, improve scheduling, decrease end-to-end delay and optimise energy consumption within a dense network topology. In this paper, we present a novel clustering algorithm for high density IEEE 802.15.4-2015 Time-Slotted Channel Hopping (TSCH). In particular, the proposed methodology merges a variety of solutions into an integrated clustering design. Assuming an homogeneous network distribution, the proposed configuration deploys a hierarchical down-top approach of equally numbered sub-groups, in which the formation of the separate sub-groups is adapted to the network density and the node selection metric is based on the link quality indicator. The presented algorithm is implemented in Contiki Operating System (OS) and several test vectors have been designed in order to evaluate the performance of the proposed algorithm in a COOJA simulation environment. Performance results demonstrate the capability of the clustering structure since compared to the default scheme it significantly improves the energy efficiency up to 35%, packet drops more than 40% as well the packet retransmission rate. Last but not least, the outcome of this study indicates a major increase in the network lifetime, i.e., up to 50%.
  45. G. Margelis, X. Fafoutis, G. Oikonomou, R. Piechocki, T. Tryfonas, P. Thomas, "Physical layer secret-key generation with discreet cosine transform for the Internet of Things", In Proc. IEEE ICC, 2017
    @inproceedings{Margelis-2017-icc, title = {Physical layer secret-key generation with discreet cosine transform for the Internet of Things}, author = {Margelis, George and Fafoutis, Xenofon and Oikonomou, George and Piechocki, Robert and Tryfonas, Theo and Thomas, Paul}, year = {2017}, month = jul, doi = {10.1109/ICC.2017.7997419}, isbn = {9781467390002}, booktitle = {Proc. IEEE ICC}, publisher = {IEEE}, gsid = {7131705677557939788}, oa-url = {https://research-information.bristol.ac.uk/en/publications/physical-layer-secretkey-generation-with-discreet-cosine-transform-for-the-internet-of-things(3d03e451-0462-4711-9bd4-c8be5232af9e).html} }
    The confidentiality of communications in the Internet of Things (IoT) is critical, with cryptography currently being the most widely employed method of ensuring it. Establishing cryptographically secure communication links between two transceivers requires the pre-agreement on some key, unknown to an external attacker. In recent years there has been growing attention in techniques that generate a shared random key through observation of the channel and its effects on the exchanged messages. In this work we present SKYGlow, a novel scheme for secret-key generation, designed for IoT devices, such as IEEE 802.15.4 and Bluetooth Low Energy (BLE) transceivers. SKYGlow employs the Discreet Cosine Transform (DCT) of channel observations and Slepian-Wolf coding for information reconciliation. Real-life experiments have resulted in the creation of 128-bit secret keys with only 65 packet exchanges and with an entropy of 0.9978 bits, making our scheme much more energy-efficient compared with others in the existing literature.
  46. A. Elsts, G. Oikonomou, X. Fafoutis, R. Piechocki, "Internet of things for smart homes: lessons learned from the SPHERE case study", In Proc. GIoTS, 2017
    @inproceedings{Elsts-2017-gsiot, title = {Internet of things for smart homes: lessons learned from the SPHERE case study}, author = {Elsts, Atis and Oikonomou, George and Fafoutis, Xenofon and Piechocki, Robert}, year = {2017}, month = mar, booktitle = {Proc. GIoTS}, publisher = {IEEE}, doi = {10.1109/GIOTS.2017.8016226}, gsid = {6103776013711544890}, oa-url = {https://research-information.bristol.ac.uk/en/publications/internet-of-things-for-smart-homes(f86c4eb4-87ec-428a-8d50-9427166d97fd).html} }
    Building large-scale low-power Internet of Things (IoT) systems remains a challenge, as these systems have to meet the requirements of reliability, robustness, and energy- efficiency while running on resource-restricted microcontrollers without memory protection. In this paper we present the case study of IoT in SPHERE (Sensor Platform for HEalthcare in a Residential Environment), a project with the objective to develop a multipurpose, multi-modal sensor platform for monitoring people’s health inside their homes. Atypically for academic projects, in 2017 the SPHERE software is going to be deployed in a 100-home study in volunteer homes, therefore it has to satisfy many real-world requirements. We discuss the requirements for IoT networking in this project, the IoT architecture (built on top of Contiki OS), software engineering challenges and lessons learned, as well as some of the general aspects that still make embedded low-power IoT software development difficult.
  47. A. Elsts, X. Fafoutis, J. Pope, G. Oikonomou, R. Piechocki, I. Craddock, "Scheduling high-rate unpredictable traffic in IEEE 802.15.4 TSCH networks", In Proc. IEEE DCOSS, pp. 3-10, 2017
    @inproceedings{Elsts-2017-dcoss, title = {Scheduling high-rate unpredictable traffic in IEEE 802.15.4 TSCH networks}, keywords = {Time slotted channel hopping, scheduling, Internet of Things}, author = {Elsts, Atis and Fafoutis, Xenofon and Pope, James and Oikonomou, George and Piechocki, Robert and Craddock, Ian}, year = {2017}, month = mar, booktitle = {Proc. IEEE DCOSS}, gsid = {11148583356626153925}, publisher = {IEEE}, pages = {3-10}, doi = {10.1109/DCOSS.2017.20}, oa-url = {https://research-information.bristol.ac.uk/en/publications/scheduling-highrate-unpredictable-traffic-in-ieee-802154-tsch-networks(74903df9-1c10-438c-8a05-7a4ccad936ac).html} }
    The upcoming Internet of Things (IoT) applications include real-time human activity monitoring with wearable sensors. Compared to the traditional environmental sensing with low-power wireless nodes, these new applications generate a constant stream of a much higher rate. Nevertheless, the wearable devices remain battery powered and therefore restricted to low-power wireless standards such as IEEE 802.15.4 or Bluetooth Low Energy (BLE). Our work tackles the problem of building a reliable autonomous schedule for forwarding this kind of dynamic data in IEEE 802.15.4 TSCH networks. Due to the a priori unpredictability of these data source locations, the quality of the wireless links, and the routing topology of the forwarding network, it is wasteful to reserve the number of slots required for the worst-case scenario; under conditions of high expected datarate, it is downright impossible. The solution we propose is a hybrid approach where dedicated TSCH cells and shared TSCH slots coexist in the same schedule. We show that under realistic assumptions of wireless link diversity, adding shared slots to a TSCH schedule increases the overall packet delivery rate and the fairness of the system.
  48. S. Duquennoy, A. Elsts, B. Al Nahas, G. Oikonomou, "TSCH and 6TiSCH for Contiki: challenges, design and evaluation", In Proc. IEEE DCOSS, pp. 11-13, 2017
    @inproceedings{Elsts-2017-dcoss-b, title = {TSCH and 6TiSCH for Contiki: challenges, design and evaluation}, author = {Duquennoy, Simon and Elsts, Atis and {Al Nahas}, Beshr and Oikonomou, George}, year = {2017}, month = mar, booktitle = {Proc. IEEE DCOSS}, publisher = {IEEE}, pages = {11-13}, gsid = {11516234474205003432}, doi = {10.1109/DCOSS.2017.29}, oa-url = {https://research-information.bristol.ac.uk/en/publications/tsch-and-6tisch-for-contiki(f9e8cc62-0f9a-495a-9a38-208a5d1450b9).html} }
    Synchronized communication has recently emerged as a prime option for low-power critical applications. Solutions such as Glossy or Time Slotted Channel Hopping (TSCH) have demonstrated end-to-end reliability upwards of 99.99%. In this context, the IETF Working Group 6TiSCH is currently standardizing the mechanisms to use TSCH in low-power IPv6 scenarios. This paper identifies a number of challenges when it comes to implementing the 6TiSCH stack. It shows how these challenges can be addressed with practical solutions for locking, queuing, scheduling and other aspects. With this implementation as an enabler, we present an experimental validation and comparison with state-of-the-art MAC protocols. We conduct fine-grained energy profiling, showing the impact of link-layer security on packet transmission. We evaluate distributed time synchronization in a 340-node testbed, and demonstrate that tight synchronization (hundreds of microseconds) can be achieved at very low cost (0.3% duty cycle, 0.008% channel utilization). We finally compare TSCH against traditional MAC layers: low-power listening (LPL) and CSMA, in terms of reliability, latency and energy. We show that with proper scheduling, TSCH achieves by far the highest reliability, and outperforms LPL in both energy and latency.
  49. M. Baddeley, R. Nejabati, G. Oikonomou, S. Gormus, M. Sooriyabandara, D. Simeonidou, "Isolating SDN control traffic with layer-2 slicing in 6TiSCH industrial IoT networks", In Proc. IEEE NFV-SDN, pp. 247-251, 2017
    @inproceedings{Baddeley-2018-nfv-sdn, author = {Baddeley, Michael and Nejabati, Reza and Oikonomou, George and Gormus, Sedat and Sooriyabandara, Mahesh and Simeonidou, Dimitra}, booktitle = {Proc. IEEE NFV-SDN}, title = {Isolating SDN control traffic with layer-2 slicing in 6TiSCH industrial IoT networks}, year = {2017}, month = nov, pages = {247-251}, publisher = {IEEE}, doi = {10.1109/NFV-SDN.2017.8169876}, gsid = {3676551668416552782}, oa-url = {https://research-information.bristol.ac.uk/en/publications/isolating-sdn-control-traffic-with-layer2-slicing-in-6tisch-industrial-iot-networks(9873c63c-8204-4f73-8c80-68fa3eedd9e9).html} }
    Recent standardization efforts in IEEE 802.15.4-2015 Time Scheduled Channel Hopping (TSCH) and the IETF 6TiSCH Working Group (WG), aim to provide deterministic communications and efficient allocation of resources across constrained Internet of Things (IoT) networks, particularly in Industrial IoT (IIoT) scenarios. Within 6TiSCH, Software Defined Networking (SDN) has been identified as means of providing centralized control in a number of key situations. However, implementing a centralized SDN architecture in a Low Power and Lossy Network (LLN) faces considerable challenges: not only is controller traffic subject to jitter due to unreliable links and network contention, but the overhead generated by SDN can severely affect the performance of other traffic. This paper proposes using 6TiSCH tracks, a Layer-2 slicing mechanism for creating dedicated forwarding paths across TSCH networks, in order to isolate the SDN control overhead. Not only does this prevent control traffic from affecting the performance of other data flows, but the properties of 6TiSCH tracks allows deterministic, low-latency SDN controller communication. Using our own lightweight SDN implementation for Contiki OS, we firstly demonstrate the effect of SDN control traffic on application data flows across a 6TiSCH network. We then show that by slicing the network through the allocation of dedicated resources along a SDN control path, tracks provide an effective means of mitigating the cost of SDN control overhead in IEEE 802.15.4-2015 TSCH networks.
  50. G. Papadopoulos, A. Mavromatis, X. Fafoutis, N. Montavont, R. Piechocki, T. Tryfonas, G. Oikonomou, "Guard Time Optimisation and Adaptation for Energy Efficient Multi-hop TSCH Networks", In Proc. IEEE WF-IoT, 2016
    @inproceedings{Papadopoulos-2016-wfiot, title = {Guard Time Optimisation and Adaptation for Energy Efficient Multi-hop {TSCH} Networks}, author = {Papadopoulos, Georgios and Mavromatis, Alexandros and Fafoutis, Xenofon and Montavont, Nicolas and Piechocki, Robert and Tryfonas, Theo and Oikonomou, George}, year = {2016}, booktitle = {Proc. IEEE WF-IoT}, oa-url = {http://research-information.bristol.ac.uk/en/publications/guard-time-optimisation-and-adaptation-for-energy-efficient-multihop-tsch-networks(e72d25b2-2193-4b8b-ad01-9a12392e624e).html}, doi = {10.1109/WF-IoT.2016.7845475}, gsid = {9085824851134266013}, publisher = {IEEE} }
    In the IEEE 802.15.4-2015 standard, Time Slotted Channel Hopping (TSCH) aims to guarantee high-level network reliability by keeping nodes time-synchronised. In order to ensure successful communication between a sender and a receiver, the latter starts listening shortly before the expected time of a MAC layer frame’s arrival. The offset between the time a node starts listening and the estimated time of frame arrival is called guard time and it aims to reduce the probability of missed frames due to clock drift. In this paper, we investigate the impact of the guard time on network performance. We identify that, when using the 6tisch minimal schedule, the most significant cause of energy consumption is idle listening during guard time. Therefore, we first perform mathematical modelling on a TSCH link to identify the guard time that maximises the energy-efficiency of the TSCH network in single hop topology. We then continue in multi-hop network, where we empirically adapt the guard time locally at each node depending its distance, in terms of hops, from the sink. Our performance evaluation results, conducted using the Contiki OS, demonstrate that the proposed decentralised guard time adaptation can reduce the energy consumption by up to 40%, without compromising network reliability.
  51. G. Margelis, X. Fafoutis, R. Piechocki, G. Oikonomou, T. Tryfonas, P. Thomas, "Practical Limits of the Secret Key-Capacity for IoT Physical Layer Security", In Proc. IEEE WF-IoT, 2016
    @inproceedings{Margelis-2016-wfiot, title = {Practical Limits of the Secret Key-Capacity for IoT Physical Layer Security}, author = {Margelis, George and Fafoutis, Xenofon and Piechocki, Robert and Oikonomou, George and Tryfonas, Theo and Thomas, Paul}, year = {2016}, booktitle = {Proc. IEEE WF-IoT}, publisher = {IEEE}, oa-url = {http://research-information.bristol.ac.uk/en/publications/practical-limits-of-the-secret-keycapacity-for-iot-physical-layer-security(ae76486e-ce30-440c-af6d-d6a16aa57140).html}, doi = {10.1109/WF-IoT.2016.7845415}, gsid = {10887200623356750520} }
    The confidentiality of communications in the Internet of Things (IoT) is critical, with cryptography being currently the most widely employed method to achieve it. Establishing cryptographically secure communication links between two transceivers requires the pre-agreement on some key, unknown to an external attacker. In recent years there has been growing interest for techniques that generate a shared random key through observation of the channel and its effects on the exchanged messages. The maximum length of that key is characterised by the Mutual Information (MI) between the observations of the two radios. In this work we examine the practical limits of the MI of off-the-shelf transceivers communicating through the IEEE 802.15.4 specification in an indoor office environment, and calculate the secret-key capacity, that is, the maximum length of an extracted secret-key in the presence of an eavesdropper. Furthermore, we study how using groups of observations can affect the MI and both analytically and experimentally prove that grouping observations leads to better results and an increased key-capacity.
  52. V. Kumar, G. Oikonomou, T. Tryfonas, "Traffic Forensics for IPv6-Based Wireless Sensor Networks and the Internet of Things", In Proc. IEEE WF-IoT, 2016
    @inproceedings{Kumar-2016-wfiot, title = {Traffic Forensics for IPv6-Based Wireless Sensor Networks and the Internet of Things}, author = {Kumar, Vijay and Oikonomou, George and Tryfonas, Theo}, year = {2016}, booktitle = {Proc. IEEE WF-IoT}, publisher = {IEEE}, oa-url = {http://research-information.bristol.ac.uk/en/publications/traffic-forensics-for-ipv6based-wireless-sensor-networks-and-the-internet-of-things(ddfe1922-36e2-41c0-9a52-5c0f40d9997f).html}, doi = {10.1109/WF-IoT.2016.7845515}, gsid = {14490874809198159091} }
    Research and standardisation efforts in the fields of Wireless Sensor Networks (WSNs) and the Internet of Things (IoT) are leading towards the adoption of TCP/IP for deployments of networks of severely constrained smart embedded objects. As a result, wireless sensors can now be uniquely identified by an IPv6 address and thus be directly connected to and reachable from the internet. This has a series of advantages but also exposes sensor deployments to new security vulnerabilities. Should a deployment be compromised, post-incident analysis can provide information about the nature of the attack by inspecting the network’s state and traffic during the time period prior, during and after the attack. In this paper we adopt traffic forensic techniques in order to achieve post-hoc detection of attacks against availability in IPv6-based Low-Power Wireless Personal Area Networks. To this end, we first implement an attack which exploits inherent vulnerabilities of the IPv6 Routing Protocol for Low-Power and Lossy Networks (RPL). Subsequently, we present an automated method to detect and analyse this attack by examining network packet captures.
  53. G. Papadopoulos, A. Georgallides, T. Tryfonas, G. Oikonomou, "BMFA: Bi-Directional Multicast Forwarding Algorithm for RPL-based 6LoWPANs", In Proc. InterIoT, 190, pp. 18-25, 2016
    @inproceedings{Papadopoulos-2016-interiot-2, title = {BMFA: Bi-Directional Multicast Forwarding Algorithm for RPL-based 6LoWPANs}, author = {Papadopoulos, Georgios and Georgallides, Andreas and Tryfonas, Theo and Oikonomou, George}, year = {2016}, booktitle = {Proc. InterIoT}, publisher = {Springer}, pages = {18-25}, doi = {10.1007/978-3-319-52727-7_3}, oa-url = {http://research-information.bristol.ac.uk/en/publications/bmfa(82805ae4-2322-4a5d-8431-006626122fdc).html}, volume = {190}, series = {LNICST} }
    In scenarios involving point-to-multipoint network traffic, transmitting to each destination individually with unicast may lead to poor utilisation of network bandwidth, excessive energy consumption caused by the high number of packets and suffers from low scalability as the number of destinations increases. An alternative approach, would be to use network-layer multicast, where packets are transmitted to multiple destinations simultaneously. In doing so, applications adopting a one-to-many communication paradigm may improve their energy efficiency and bandwidth utilisation. In this paper, we present Bi-directional Multicast Forwarding Algorithm (BMFA), a novel RPL-based multicast forwarding mechanism. BMFA improves its pre-predecessor SMRF in that it allows multicast traffic to travel both upwards as well as downwards in an RPL tree. At the same time, it retains SMRF’s low latency and very low energy consumption characteristics. Our performance evaluation results, conducted using the Contiki operating system, show that BMFA outperforms its rival Trickle Multicast / Multicast Protocol for Low power and Lossy Networks (TM / MPL), in terms of reducing both delay and energy consumption.
  54. G. Papadopoulos, A. Mavromatis, X. Fafoutis, R. Piechocki, T. Tryfonas, G. Oikonomou, "Guard Time Optimisation for Energy Efficiency in IEEE 802.15.4-2015 TSCH Links", In 2nd EAI International Conference on Interoperability in IoT, 190, pp. 56–63, 2016
    @inproceedings{Papadopoulos-2016-interiot-1, title = {Guard Time Optimisation for Energy Efficiency in IEEE 802.15.4-2015 TSCH Links}, author = {Papadopoulos, Georgios and Mavromatis, Alexandros and Fafoutis, Xenofon and Piechocki, Robert and Tryfonas, Theo and Oikonomou, George}, year = {2016}, pages = {56--63}, publisher = {Springer}, booktitle = {2nd EAI International Conference on Interoperability in IoT}, doi = {10.1007/978-3-319-52727-7_8}, oa-url = {http://research-information.bristol.ac.uk/en/publications/guard-time-optimisation-for-energy-efficiency-in-ieee-8021542015-tsch-links(fe063bf4-68c0-45c5-a312-142a4faf0808).html}, volume = {190}, series = {LNICST} }
    Time Slotted Channel Hopping (TSCH) is among the Medium Access Control (MAC) schemes defined in the IEEE 802.15.4-2015 standard. TSCH aims to guarantee high-level network reliability by keeping nodes time-synchronised. In order to ensure successful communication between a sender and a receiver, the latter starts listening shortly before the expected time of a MAC layer frame’s arrival. The offset between the time a node starts listening and the estimated time of frame arrival is called guard time and it aims to reduce the probability of missed frames due to clock drift. In this paper, we investigate the impact of the guard time length on network performance. We identify that, when using the 6TiSCH minimal schedule, the most significant cause of energy consumption is idle listening during guard time. Therefore, we perform empirical optimisations on the guard time to maximise the energy-efficiency of a TSCH link. Our experiments, conducted using the Contiki OS, show that optimal guard time configuration can reduce energy consumption by up to 40%, without compromising network reliability.
  55. A. Elsts, S. Duquennoy, X. Fafoutis, G. Oikonomou, R. Piechocki, I. Craddock, "Microsecond-Accuracy Time Synchronization Using the IEEE 802.15.4 TSCH Protocol", In Proc. IEEE LCN, 2016
    @inproceedings{Elsts-2016-SenseApp, title = {Microsecond-Accuracy Time Synchronization Using the IEEE 802.15.4 TSCH Protocol}, author = {Elsts, Atis and Duquennoy, Simon and Fafoutis, Xenofon and Oikonomou, George and Piechocki, Robert and Craddock, Ian}, year = {2016}, month = nov, booktitle = {Proc. IEEE LCN}, doi = {10.1109/LCN.2016.042}, gsid = {11807852472963901506}, publisher = {IEEE}, oa-url = {https://research-information.bristol.ac.uk/en/publications/microsecondaccuracy-time-synchronization-using-the-ieee-802154-tsch-protocol(2e47abe7-60e9-48a7-9f09-9fe7f4859ccb).html} }
    Time-Slotted Channel Hopping from the IEEE 802.15.4-2015 standard requires that network nodes are tightly time-synchronized. Existing implementations of TSCH on embedded hardware are characterized by tens-of-microseconds large synchronization errors; higher synchronization accuracy would enable reduction of idle listening time on receivers, in this way decreasing the energy required to run TSCH. For some applications, it would also allow to replace dedicated time synchronization mechanisms with TSCH. We show that time synchronization errors in the existing TSCH implementations on embedded hardware are caused primarily by imprecise clock drift estimations, rather than by real unpredictable drift variance. By estimating clock drift more precisely and by applying adaptive time compensation on each node in the network, we achieve microsecond accuracy time synchronization on point-to-point links and a <2 microsecond end-to-end error in a 7-node line topology. Our solution is implemented in the Contiki operating system and tested on Texas Instruments CC2650-based nodes, equipped with common off-the-shelf hardware clock sources (20 ppm drift). Our implementation uses only standard TSCH control messages and is able to keep radio duty cycle below 1%.
  56. G. Papadopoulos, V. Kotsiou, A. Gallais, G. Oikonomou, P. Chatzimisios, T. Tryfonas, T. Noël, "A Mobility-Supporting MAC Scheme for Bursty Traffic in IoT and WSNs", In Proc. IEEE GLOBECOM, 2016
    @inproceedings{Papadopoulos-2016-globecom, title = {A Mobility-Supporting MAC Scheme for Bursty Traffic in IoT and WSNs}, author = {Papadopoulos, Georgios and Kotsiou, Vasileios and Gallais, Antoine and Oikonomou, George and Chatzimisios, Periklis and Tryfonas, Theo and No\"{e}l, Thomas}, publisher = {IEEE}, year = {2016}, month = jun, booktitle = {Proc. IEEE GLOBECOM}, doi = {10.1109/GLOCOM.2016.7841516}, gsid = {13641558550786127591}, oa-url = {http://research-information.bristol.ac.uk/en/publications/a-mobilitysupporting-mac-scheme-for-bursty-traffic-in-iot-and-wsns(49284368-8a5c-49c6-aa52-51c23b33095c).html} }
    Recent boom of mobile applications has become an essential class of mobile Internet of Things (IoT), whereby large amounts of sensed data are collected and shared by mobile sensing devices for observing phenomena such as traffic or the environmental. However, most of the existing Medium Access Control (MAC) protocols mainly focus on static networks. Thus, mobile sensor nodes may pose many communication challenges during the design and development of a MAC protocol. These difficulties first require an efficient connection establishment between a mobile and static node, and then an effective data packet transmissions. In this study, we propose MobIQ, a MAC scheme that allows an advanced mobility-handling scheme for low-power MAC protocols, which allows for efficient neighbour(hood) discovery and low-delay communication. Our thorough performance evaluation, conducted on top of Contiki OS, shows that MobIQ outperforms state-of-the-art solutions such as MoX-MAC, MOBINET and ME-ContikiMAC, in terms of reducing both delay, contention to the medium and energy consumption.
  57. K. Maraslis, P. Cooper, T. Tryfonas, G. Oikonomou, "An intelligent hot-desking model based on occupancy sensor data and its potential for social impact", In Proc. HICSS, 9860, pp. 142–158, 2016
    @inproceedings{Maraslis-2016-hicss, title = {An intelligent hot-desking model based on occupancy sensor data and its potential for social impact}, author = {Maraslis, Konstantinos and Cooper, Peter and Tryfonas, Theo and Oikonomou, George}, year = {2016}, volume = {9860}, series = {Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)}, publisher = {Springer-Verlag, Berlin}, pages = {142--158}, booktitle = {Proc. HICSS}, doi = {10.1007/978-3-662-53416-8_9}, gsid = {15266394018065816651}, oa-url = {http://research-information.bristol.ac.uk/en/publications/an-intelligent-hotdesking-model-based-on-occupancy-sensor-data-and-its-potential-for-social-impact(8969e538-e87e-4737-8340-ffba18fa7ef7).html} }
    In this paper we develop a model that utilises occupancy sensor data in a commercial Hot-Desking environment. Hot-Desking (or ‘office-hoteling’) is a method of office resource management that emerged in the nineties hoping to reduce the real estate costs of workplaces, by allowing offices to be used interchangeably among employees. We show that sensor data can be used to facilitate office resources management, in our case desk allocation in a Hot-Desking environment, with results that outweigh the costs of occupancy detection. We are able to optimise desk utilisation based on quality occupancy data and also demonstrate the effectiveness of the model by comparing it to a theoretically ideal, but impractical in real life, model. We then explain how a generalisation of the model that includes input from human sensors (e.g. social media) besides the presence sensing and pre-declared personal preferences, can be used, with potential impact on wider community scale.
  58. A. Mavromatis, G. Papadopoulos, X. Fafoutis, A. Elsts, G. Oikonomou, T. Tryfonas, "Impact of Guard Time Length on IEEE 802.15.4e TSCH Energy Consumption", In Proc. IEEE SECON, 2016
    @inproceedings{Mavromatis-2016-secon, title = {Impact of Guard Time Length on IEEE 802.15.4e TSCH Energy Consumption}, author = {Mavromatis, Alexandros and Papadopoulos, Georgios and Fafoutis, Xenofon and Elsts, Atis and Oikonomou, George and Tryfonas, Theo}, publisher = {IEEE}, year = {2016}, month = jun, doi = {10.1109/SAHCN.2016.7732997}, oa-url = {http://research-information.bristol.ac.uk/en/publications/impact-of-guard-time-length-on-ieee-802154e-tsch-energy-consumption(998e1765-d954-455b-8f78-bde35530d3db).html}, gsid = {12463584546266532323}, booktitle = {Proc. IEEE SECON} }
    The IEEE 802.15.4-2015 standard defines a number of Medium Access Control (MAC) layer protocols for low- power wireless communications in the IoT. Originally defined in the IEEE 802.15.4e amendment, TSCH (Time Slotted Channel Hopping) is among the proposed mechanisms. TSCH is a scheme aiming to guarantee network reliability by keeping nodes time-synchronised at the MAC layer. In order to ensure successful communication between a sender and a receiver, the latter starts listening shortly before the expected time of a MAC layer frame’s arrival. The offset between the time a node starts listening and the estimated time of frame arrival is called guard time and it aims to reduce the probability of missed frames due to clock drift. In this poster, we investigate the effect of the guard time duration on energy consumption. We identify that, when using the 6tisch minimal schedule, the most significant cause of energy consumption is idle listening during guard time. Therefore, the energy-efficiency of TSCH can be significantly improved by guard time optimisation. Our performance evaluation results, conducted using the Contiki operating system, show that an efficient configuration of guard time may reduce energy consumption by up to 30%, without compromising network reliability.
  59. P. Andriotis, T. Tryfonas, G. Oikonomou, I. King, "A framework to describe multimedia circulation in the smartphone ecosystem", In Advances in Digital Forensics XI, 462, pp. 251–267, 2015
    @inproceedings{Andriotis-2015-aict, title = {A framework to describe multimedia circulation in the smartphone ecosystem}, author = {Andriotis, Panagiotis and Tryfonas, Theo and Oikonomou, George and King, Irwin}, year = {2015}, editor = {Peterson, Gilbert and Shenoi, Sujeet}, series = {IFIP Advances in Information and Communication Technology}, volume = {462}, publisher = {Springer}, booktitle = {Advances in Digital Forensics XI}, pages = {251--267}, url = {http://link.springer.com/chapter/10.1007%2F978-3-319-24123-4_15}, doi = {10.1007/978-3-319-24123-4_15}, gsid = {16098972184217302989} }
    Contemporary mobile devices allow almost unrestricted sharing of multimedia and other types of files. But as smartphones and tablets can easily access the Internet or exchange files wirelessly, they’ve also transformed to useful tools for criminals, aiming at performing illegal activities such as sharing contraband or distributing child abuse images. Thus, the need to investigate the source and destination of a multimedia file that resides in the internal memory of a smartphone becomes apparent. In this paper we present a framework that illustrates and visualizes the flow of digital images as evidence obtained from the artefacts retrieved from Android smartphones during a forensic investigation. Our approach uses ‘big data’ concepts to facilitate the processing of diverse (semi-structured) evidence derived from mobile devices and extends the idea of Digital Evidence Bags (DEB). We obtained our data after running an experiment that included image exchanging through numerous channels such as Bluetooth, Internet and cloud services. Our study presents information about the locations where evidence resides and uses graph databases to store metadata and therefore, visualize the relationships that connect images with apps and events.
  60. M. Haghighi, K. Maraslis, G. Oikonomou, T. Tryfonas, "Game Theoretic Approach Towards Energy - Efficient Task Distribution in Multitasking Wireless Sensor Networks", In Proc. IEEE Sensors 2015, 2015
    @inproceedings{Haghighi-2015-sensors, title = {Game Theoretic Approach Towards Energy - Efficient Task Distribution in Multitasking Wireless Sensor Networks}, author = {Haghighi, Mo and Maraslis, Konstantinos and Oikonomou, George and Tryfonas, Theo}, publisher = {IEEE}, year = {2015}, booktitle = {Proc. IEEE Sensors 2015}, doi = {10.1109/ICSENS.2015.7370652}, gsid = {7881615689164211808} }
    WSNs have a wide variety of applications, and their usability for remote monitoring of various parameters of interest is growing dramatically. Conventional applications mostly involved a single WSN for collecting raw parameters with limited aggregation on the node side, whereby more sophisticated data mining was implemented by the end-users. Recent applications however, often require more intelligent functions, in which nodes are expected to implement logical decision-makings on the aggregated data. Implementing such functions often involves more processing, and wider interactions amongst network peers, hence resulting in higher energy consumption and shorter node lifetime. Sensomax is an agent-based WSN middleware, which facilitates seamless integration of mathematical functions in large-scale wireless sensor networks. In this paper, we will investigate game theoretic and auction-based techniques in order to optimise task distribution and energy consumption in WSNs.
  61. L. Suzuki, P. Cooper, T. Tryfonas, G. Oikonomou, "Hidden Presence: Sensing Occupancy and Extracting Value from Occupancy Data", In Design, User Experience, and Usability: Interactive Experience Design, 9188, pp. 412–424, 2015
    @inproceedings{Suzuki-2015-hcii, title = {Hidden Presence: Sensing Occupancy and Extracting Value from Occupancy Data}, author = {Suzuki, Larissa and Cooper, Peter and Tryfonas, Theo and Oikonomou, George}, publisher = {Springer}, year = {2015}, volume = {9188}, editor = {Marcus, Aaron}, series = {Lecture Notes in Computer Science}, booktitle = {Design, User Experience, and Usability: Interactive Experience Design}, doi = {10.1007/978-3-319-20889-3_39}, url = {http://link.springer.com/chapter/10.1007%2F978-3-319-20889-3_39}, gsid = {1561420727505472028}, pages = {412--424} }
    In this paper we review various technical architectures for sensing occupancy in commercial real estate spaces and discuss the potential benefits of applications that could be built upon the collected data. The technical capabilities reviewed range from simple presence detection to identifying individual workers and relating those semantically to jobs, teams, processes or other elements of the business. The volume and richness of accumulated data varies accordingly allowing the development of a range of occupancy monitoring applications that could bring multiple benefits to an organization. We find that overall occupancy-based applications are underappreciated in the Smart Buildings mantra due to occupancy’s inability to align to traditional building engineering silos, a lack of common view between stakeholders with respect to what is ‘value’ and the current client assessment tendencies which use predominantly demonstrator-based logic rather than a combination of practical demonstrators and theoretical value. We demonstrate that in commercial office buildings, occupancy-based Smart Building concepts have the potential to deliver benefits that can be orders of magnitude greater than current practice associated with silos such as energy and lighting. The directness of value in these is far more variable however, and the barriers and enablers to its realization are non-trivial. We identify and discuss these factors (including privacy, perceived additional capital expenditure, retrofitting requirements etc.) in more detail and relate them to stages of design and delivery of the built environment. We conclude that, on the presumption costs of development and implementation are relatively similar, the value streams of occupancy-based systems, while requiring more careful and bespoke design in the short term, could produce greater lifetime value in commercial office scenarios than leading smart building technologies.
  62. H. Read, K. Xynos, I. Sutherland, F. Roarson, P. Andriotis, G. Oikonomou, "An Extensible Platform for the Forensic Analysis of Social Media Data", In Human Aspects of Information Security, Privacy, and Trust - HAS 2015, 9190, pp. 404–414, 2015
    @inproceedings{Read-2015-hcii, title = {An Extensible Platform for the Forensic Analysis of Social Media Data}, author = {Read, Huw and Xynos, Konstantinos and Sutherland, Iain and Roarson, Frode and Andriotis, Panagiotis and Oikonomou, George}, publisher = {Springer}, year = {2015}, volume = {9190}, editor = {Tryfonas, Theo and Askoxylakis, {Ioannis G.}}, series = {Lecture Notes in Computer Science}, booktitle = {Human Aspects of Information Security, Privacy, and Trust - HAS 2015}, doi = {10.1007/978-3-319-20376-8_36}, gsid = {5447484619177402307}, pages = {404--414} }
    Visualising data is an important part of the forensic analysis process. Many cell phone forensic tools have specialised visualisation components, but are as of yet able to tackle questions concerning the broad spectrum of social media communication sources. Visualisation tools tend to be stove-piped, it is difficult to take information seen in one visualisation tool and obtain a different perspective in another tool. If an interesting relationship is observed, needing to be explored in more depth, the process has to be reiterated by manually generating a subset of the data, converting it into the correct format, and invoking the new application. This paper describes a cloud-based data storage architecture and a set of interactive visualisation tools developed to allow for a more straightforward exploratory analysis. This approach developed in this tool suite is demonstrated using a case study consisting of social media data extracted from two mobile devices.
  63. K. Maraslis, T. Spyridopoulos, G. Oikonomou, T. Tryfonas, M. Haghighi, "Application of a Game Theoretic Approach in Smart Sensor Data Trustworthiness Problems", In Proc. 30th IFIP TC 11 International Conference (SEC), 455, pp. 601–615, 2015
    @inproceedings{Maraslis-2015-sec, title = {Application of a Game Theoretic Approach in Smart Sensor Data Trustworthiness Problems}, author = {Maraslis, Konstantinos and Spyridopoulos, Theodoros and Oikonomou, George and Tryfonas, Theo and Haghighi, Mo}, publisher = {Springer}, year = {2015}, booktitle = {Proc. 30th IFIP TC 11 International Conference (SEC)}, series = {IFIP Advances in Information and Communication Technology}, volume = {455}, pages = {601--615}, doi = {10.1007/978-3-319-18467-8_40}, url = {http://link.springer.com/chapter/10.1007/978-3-319-18467-8_40}, gsid = {8559050294497355297} }
    In this work we present an Intrusion Detection (ID) and an Intrusion Prevention (IP) model for Wireless Sensor Networks (WSNs). The attacker’s goal is to compromise the deployment by causing nodes to report faulty sensory information. The defender, who is the WSN’s operator, aims to detect the presence of faulty sensor measurements (ID) and to subsequently recover compromised nodes (IP). In order to address the conflicting interests involved, we adopt a Game Theoretic approach that takes into consideration the strategies of both players and we attempt to identify the presence of Nash Equilibria in the two games. The results are then verified in two simulation contexts: Firstly, we evaluate the model in a middleware-based WSN which uses clustering over a bespoke network stack. Subsequently, we test the model in a simulated IPv6-based sensor deployment. According to the findings, the results of both simulation models confirm the results of the theoretic one.
  64. M. Haghighi, K. Maraslis, T. Tryfonas, G. Oikonomou, A. Burrows, P. Woznowski, "Game Theoretic Approach Towards Optimal Multi-tasking and Data-distribution in IoT", In Proc. IEEE World Forum on Internet of Things (WF-IoT), pp. 406–411, 2015
    @inproceedings{Haghighi-2015-wf-iot, title = {Game Theoretic Approach Towards Optimal Multi-tasking and Data-distribution in IoT}, author = {Haghighi, Mo and Maraslis, Konstantinos and Tryfonas, Theo and Oikonomou, George and Burrows, Alison and Woznowski, {Przemyslaw R.}}, publisher = {IEEE}, year = {2015}, month = dec, booktitle = {Proc. IEEE World Forum on Internet of Things (WF-IoT)}, pages = {406--411}, doi = {10.1109/WF-IoT.2015.7389089}, oa-url = {http://research-information.bristol.ac.uk/en/publications/game-theoretic-approach-towards-optimal-multitasking-and-datadistribution-in-iot(b712d5cf-feb7-4576-9f43-49e5db8cecb1).html}, gsid = {13613663511745904563} }
    Current applications of Internet of Things (IoT) often require nodes to implement logical decision-making on aggregated data, which involves more processing and wider interactions amongst network peers, resulting in higher energy consumption and shorter node lifetime. This paper presents a game theoretic approach used in Sensomax, an agent-based WSN middleware that facilitates seamless integration of mathematical functions in large-scale wireless sensor networks. In this context, we investigate game theoretic and auction-based techniques to optimise task distribution and energy consumption in IoT networks of multiple concurrent WSNs. We also demonstrate how our proposed game theoretic approach affects the performance of WSN applications with different operational paradigms.
  65. B. Chen, Z. Fan, F. Cao, G. Oikonomou, T. Tryfonas, "Class Based Overall Priority Scheduling for M2M Communications over LTE Networks", In Proc. 81st Vehicular Technology Conference (VTC2015-Spring), 2015
    @inproceedings{Chen-2015-vtc, title = {Class Based Overall Priority Scheduling for M2M Communications over LTE Networks}, author = {Chen, Beichen and Fan, Zhong and Cao, Fengming and Oikonomou, George and Tryfonas, Theo}, publisher = {IEEE}, year = {2015}, booktitle = {Proc. 81st Vehicular Technology Conference (VTC2015-Spring)}, gsid = {10124812130267965767}, doi = {10.1109/VTCSpring.2015.7145743} }
    The rapidly increasing demand of M2M (Machine to Machine) communications poses great challenges to the capacity of cellular networks. This paper proposes a new M2M scheduling algorithm, namely, Class Based Overall Priority (CBOP) scheduling, which is designed particularly to improve uplink scheduling for a massive number of MTCDs (Machine Type Communication Devices) in LTE networks. We compare the proposed algorithm with several existing scheduling algorithms via simulations and discuss its advantages and limitations.
  66. P. Andriotis, G. Oikonomou, "Messaging Activity Reconstruction with Sentiment Polarity Identification", In Human Aspects of Information Security, Privacy, and Trust - HAS 2015, 9190, pp. 475–486, 2015
    @inproceedings{Andriotis-2015-hcii, title = {Messaging Activity Reconstruction with Sentiment Polarity Identification}, author = {Andriotis, Panagiotis and Oikonomou, George}, publisher = {Springer}, year = {2015}, volume = {9190}, editor = {Tryfonas, Theo and Askoxylakis, {Ioannis G.}}, series = {Lecture Notes in Computer Science}, booktitle = {Human Aspects of Information Security, Privacy, and Trust - HAS 2015}, pages = {475--486}, doi = {10.1007/978-3-319-20376-8_42}, gsid = {3416071116317224488} }
    Sentiment Analysis aims to extract information related to the emotional state of the person that produced a text document and also describe the sentiment polarity of the short or long message. This kind of information might be useful to a forensic analyst because it provides indications about the psychological state of the person under investigation at a given time. In this paper we use machine-learning algorithms to classify short texts (SMS), which could be found in the internal memory of a smartphone and extract the mood of the person that sent them. The basic goal of our method is to achieve low False Positive Rates. Moreover, we present two visualization schemes with the intention to provide the ability to digital forensic analysts to see graphical representations of the messaging activity of their suspects and therefore focus on specific areas of interest reducing their workload.
  67. P. Cooper, T. Crick, T. Tryfonas, G. Oikonomou, "Whole-Life Environmental Impacts of ICT Use", In Proc. 2015 IEEE Globecom Workshops (GC Wkshps), 2015
    @inproceedings{Cooper-2015-gsict, title = {Whole-Life Environmental Impacts of ICT Use}, author = {Cooper, Peter and Crick, Tom and Tryfonas, Theo and Oikonomou, George}, publisher = {IEEE}, year = {2015}, month = dec, booktitle = {Proc. 2015 IEEE Globecom Workshops (GC Wkshps)}, doi = {10.1109/GLOCOMW.2015.7414033}, gsid = {2533471677417562092} }
    In this paper we apply a whole-life assessment approach to estimate the environmental impact of the use of ICT of an individual within the UK over a one-year period. By estimating the energy and data consumption of an average user’s use of a typical device, and estimating the associated energy usage (and thus CO2 produced) of each stage in the data chain, we are able to calculate the summed CO2 value for embodied carbon of an average device. Overall, device energy is seen to dominate; within device, desktops dominate, both due to their high energy use for a given task, but also their high standby power, which is the most significant point of behaviour-driven waste. Geographical, behavioural and chronological factors are all evaluated to be highly significant to the impact of a user’s ICT use, along with a number of secondary factors. Finally, we present policy recommendations to further the understanding of the factors affecting the environmental impact of ICT, particularly focusing on sustainability, resource efficiency and the social implications of ICT in a low-carbon transformation.
  68. T. Spyridopoulos, K. Maraslis, T. Tryfonas, G. Oikonomou, S. Li, "Managing Cyber Security Risks in Industrial Control Systems with Game Theory and Viable System Modelling", In Proc. 9th IEEE International System of Systems Engineering Conference (SOSE 2014), 2014
    @inproceedings{Spyridopoulos-2014-sose, title = {Managing Cyber Security Risks in Industrial Control Systems with Game Theory and Viable System Modelling}, author = {Spyridopoulos, Theodoros and Maraslis, Konstantinos and Tryfonas, Theo and Oikonomou, George and Li, Shancang}, booktitle = {Proc. 9th IEEE International System of Systems Engineering Conference (SOSE 2014)}, year = {2014}, publisher = {IEEE}, keywords = {Systems Engineering; ICS; Security}, doi = {10.1109/SYSOSE.2014.6892499}, url = {http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6892499}, gsid = {14043453444157258112} }
    Cyber security risk management in Industrial Control Systems has been a challenging problem for both practitioners and the research community. Their proprietary nature along with the complexity of those systems renders traditional approaches rather insufficient and creating the need for the adoption of a holistic point of view. This paper draws upon the principles of the Viable System Model and Game Theory in order to present a novel systemic approach towards cyber security management in this field, taking into account the complex inter-dependencies and providing cost-efficient defence solutions.
  69. V. Michopoulos, G. Oikonomou, I. Phillips, L. Guan, "CADC: Congestion Aware Duty Cycle Mechanism A Simulation Evaluation", In Proc. 19th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), 2014
    @inproceedings{Michopoulos-2014-camad, title = {CADC: Congestion Aware Duty Cycle Mechanism A Simulation Evaluation}, author = {Michopoulos, Vasilis and Oikonomou, George and Phillips, Iain and Guan, Lin}, booktitle = {Proc. 19th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD)}, year = {2014}, publisher = {IEEE}, doi = {10.1109/CAMAD.2014.7033262}, url = {http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7033262}, gsid = {13066722263747101066} }
    In WSNs idle listening is a major source of energy consumption. Devices can maximise battery, and hence network, lifetime by keeping their radio transceivers off when not needed. We propose CADC, a new Congestion Aware Duty Cycle (DC) MAC protocol, for 6LoWPANs. This protocol uses a new mechanism for the adaptation of the Radio Duty Cycle (RDC), that reacts quickly to changing traffic loads and pat- terns. CADC is independent of network topology, operating protocols and applications and does not require any clock synchronisation between the nodes. Through simulation, we highlight that in static duty cycle MACs there is always a trade-off between energy-efficiency and performance leading to increased energy consumption and low throughput in certain networks. Additionally, it is shown that dynamic protocols can overcome the constraints observed in static DC MACs. CADC outperforms other previously proposed static and dynamic duty cycle protocols in terms of energy consumption, packet loss and goodput while it achieves competitive delay times
  70. P. Andriotis, T. Tryfonas, G. Oikonomou, S. Li, Z. Tzermias, K. Xynos, H. Read, V. Prevelakis, "On the Development of Automated Forensic Analysis Methods for Mobile Devices", In Proc. 7th International Conference on Trust & Trustworthy Computing (TRUST 2014), 8564, pp. 212–213, 2014
    @inproceedings{Andriotis-2014-trust, title = {On the Development of Automated Forensic Analysis Methods for Mobile Devices}, booktitle = {Proc. 7th International Conference on Trust \& Trustworthy Computing (TRUST 2014)}, author = {Andriotis, Panagiotis and Tryfonas, Theo and Oikonomou, George and Li, Shancang and Tzermias, Zacharias and Xynos, Konstantinos and Read, Huw and Prevelakis, Vasilis}, series = {Lecture Notes in Computer Science}, volume = {8564}, pages = {212--213}, url = {http://link.springer.com/chapter/10.1007%2F978-3-319-08593-7_17}, doi = {10.1007/978-3-319-08593-7_17}, gsid = {4483480654368638323}, publisher = {Springer}, year = {2014} }
  71. P. Andriotis, T. Tryfonas, G. Oikonomou, "Complexity metrics and user strength perceptions of the pattern-lock graphical authentication method", In Proc. 16th International Conference on Human-Computer Interaction (HCI 2014), 8533, pp. 115–126, 2014 (invited)
    @inproceedings{Andriotis-2014-hcii, author = {Andriotis, Panagiotis and Tryfonas, Theo and Oikonomou, George}, title = {Complexity metrics and user strength perceptions of the pattern-lock graphical authentication method}, booktitle = {Proc. 16th International Conference on Human-Computer Interaction (HCI 2014)}, month = jun, year = {2014}, pages = {115--126}, series = {Lecture Notes in Computer Science}, volume = {8533}, doi = {10.1007/978-3-319-07620-1_11}, location = {Crete, Greece}, gsid = {4519444426843393766}, note = {invited} }
    One of the most popular contemporary graphical password approaches is the Pattern-Lock authentication mechanism that comes integrated with the Android mobile operating system. In this paper we investigate the impact of password strength meters on the selection of a perceivably secure pattern. We first define a suitable metric to measure pattern strength, taking into account the constraints imposed by the Pattern-Lock mechanism’s design. We then implement an app via which we conduct a survey for Android users, retaining demographic information of responders and their perceptions on what constitutes a pattern complex enough to be secure. Subsequently, we display a pattern strength meter to the participant and investigate whether this additional prompt influences the user to change their pattern to a more effective and complex one. We also investigate potential correlations between our findings and results of a previous pilot study in order to detect any significant biases on setting a Pattern-Lock.
  72. H. Pöhls, V. Angelakis, S. Suppan, K. Fischer, G. Oikonomou, E. Tragos, R. Rodriguez, T. Mouroutis, "RERUM: Building a Reliable IoT upon Privacy- and Security- enabled Smart Objects", In Proc. Workshop on IoT Communications and Technologies (WCNC 2014), 2014
    @inproceedings{Pohls-2014-wcnc, author = {P\"{o}hls, Henrich C. and Angelakis, Vangelis and Suppan, Santiago and Fischer, Kai and Oikonomou, George and Tragos, Elias Z. and Rodriguez, Rodrigo Diaz and Mouroutis, Theodoros}, booktitle = {Proc. Workshop on IoT Communications and Technologies (WCNC 2014)}, title = {{RERUM: Building a Reliable IoT upon Privacy- and Security- enabled Smart Objects}}, year = {2014}, month = apr, address = {Istanbul, Turkey}, doi = {10.1109/WCNCW.2014.6934872}, url = {http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6934872}, gsid = {12814542570951572856} }
    The Internet of Things (IoT) provides a platform for the interconnection of a plethora of smart objects. It has been widely accepted for providing Information and Communication Technologies (ICT) applications in many “smart” environments, such as cities, buildings, metering, and even agriculture. For several reasons though such applications have yet to achieve wide adoption; a major hurdle is the lack of user trust in the IoT and its role in everyday activities. RERUM, a recently started FP7 European Union project. aims to develop a framework which will allow IoT applications to consider security and privacy mechanisms early in their design phase, ensuring a configurable balance between reliability (requiring secure, trustworthy and precise data) and privacy (requiring data minimization for private information, like location). The RERUM framework will comprise an architecture, built upon novel network protocols and interfaces as well as the design of smart objects hardware. To highlight the challenges and evaluate the framework, RERUM will employ several Smart City application scenarios, which will be deployed and evaluated in real-world testbeds in two Smart Cities participating in the project. Here we detail the key technologies RERUM will investigate over the coming three years to reach its vision for IoT security, privacy and trust.
  73. E. Tragos, V. Angelakis, A. Fragkiadakis, D. Gundlegård, C. Nechifor, G. Oikonomou, H. Pöhls, A. Gavras, "Enabling Reliable and Secure IoT-based Smart City Applications", In Proc. IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops), 2014
    @inproceedings{Tragos-2014-percity, author = {Tragos, Elias Z. and Angelakis, Vangelis and Fragkiadakis, Alexandros and Gundleg\r{a}rd, David and Nechifor, Cosmin-Septimiu and Oikonomou, George and P\"{o}hls, Henrich C. and Gavras, Anastasius}, booktitle = {Proc. IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops)}, title = {{Enabling Reliable and Secure IoT-based Smart City Applications}}, year = {2014}, month = mar, address = {Budapest, Hungary}, doi = {10.1109/PerComW.2014.6815175}, url = {http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6815175}, publisher = {IEEE}, gsid = {14729616098292941759} }
    Smart Cities are considered recently as a promising solution for providing efficient services to citizens with the use of Information and Communication Technologies. With the latest advances on the Internet of Things, a new era has emerged in the Smart City domain, opening new opportunities for the development of efficient and low-cost applications that aim to improve the Quality of Life in cities. Although there is much research in this area, which has resulted in the development of many commercial products, significant parameters like reliability, security and privacy have not been considered as very important up until now. The newly launched FP7-SmartCities-2013 project RERUM aims to build upon the advances in the area of Internet of Things in Smart Cities and develop a framework to enhance reliability and security of smart city applications, with the citizen at the center of attention. This work presents four applications that will be developed within RERUM, gives a general description of the open reliability and security issues that have to be taken into account and gives an overall view of the solutions that RERUM will develop to address these issues.
  74. P. Andriotis, T. Tryfonas, G. Oikonomou, T. Spyridopoulos, A. Zaharis, A. Martini, I. Askoxylakis, "On Two Different Methods for Steganography Detection in JPEG Images with Benford’s Law", In Proc. 7th Scientific NATO Conference in Security and Protection of Information (SPI 2013), pp. 3–14, 2013
    @inproceedings{Andriotis-2013-3-spi, author = {Andriotis, Panagiotis and Tryfonas, Theo and Oikonomou, George and Spyridopoulos, Theodoros and Zaharis, Alex and Martini, Adamantini and Askoxylakis, Ioannis}, booktitle = {Proc. 7th Scientific NATO Conference in Security and Protection of Information (SPI 2013)}, title = {{On Two Different Methods for Steganography Detection in JPEG Images with Benford's Law}}, year = {2013}, month = may, pages = {3--14}, address = {Brno, Czech Republic} }
    The practice of steganography, which in a computer context usually means manipulating multimedia content to embed hidden messages, may be used by criminals worldwide to facilitate their communication instead of, or complementary to, encryption. There is even speculation that global terrorist groups have been using steganography to communicate in covert ways. This paper will introduce steganography and discuss practical aspects of its detection. It will also discuss two recently proposed methods for detecting whether hidden messages exist in JPEG images using Benford’s Law. The Law describes the logarithmic distribution of leading digits in sets of naturally set numbers and has been used with success in detecting financial fraud and election rigging in the past. The first approach examines the lead digit distribution of the raw contents of the bytes of a suspect image, whilst the second examines the distribution of lead digits of quantised discrete cosine transform (DCT) coefficients of the JPEG encoding. Both methods produce fast and credible results and are supported by open source toolkits that can be used by law enforcement and investigative authorities worldwide.
  75. T. Butt, I. Phillips, L. Guan, G. Oikonomou, "Adaptive and Context-aware Service Discovery for the Internet of Things", In Proc. 6th conference on Internet of Things and Smart Spaces (ruSMART 2013), pp. 36–47, 2013
    @inproceedings{Butt-2013-1-rusmart, author = {Butt, Talal Ashraf and Phillips, Iain and Guan, Lin and Oikonomou, George}, booktitle = {Proc. 6th conference on Internet of Things and Smart Spaces (ruSMART 2013)}, title = {{Adaptive and Context-aware Service Discovery for the Internet of Things}}, year = {2013}, month = aug, address = {St.Petersburg, Russia}, pages = {36--47}, publisher = {Springer}, url = {http://rusmart.e-werest.org/2013/ruSmart13-04.pdf}, doi = {10.1007/978-3-642-40316-3_4}, gsid = {3137779046869276383} }
    The Internet of Things (IoT) vision foresees a future Internet encompassing the realm of smart physical objects, which offer hosted functionality as services. The role of service discovery is crucial when providing application-level, end-to-end integration. In this paper, we propose trendy: a RESTful web services based Service Discovery protocol to tackle the challenges posed by constrained domains while offering the required interoperability. It provides a service selection technique to offer the appropriate service to the user application depending on the available context information of user and services. Furthermore, it employs a demand-based adaptive timer and caching mechanism to reduce the communication overhead and to decrease the service invocation delay. trendy’s grouping technique creates location-based teams of nodes to offer service composition. Our simulation results show that the employed techniques reduce the control packet overhead, service invocation delay and energy consumption. In addition, the grouping technique provides the foundation for group-based service mash-ups and localises control traffic to improve scalability.
  76. T. Spyridopoulos, G. Oikonomou, T. Tryfonas, M. Ge, "Game Theoretic Approach for Cost-Benefit Analysis of Malware Proliferation Prevention", In Proc. 28th IFIP TC-11 SEC 2013 International Information Security and Privacy Conference, pp. 28–41, 2013
    @inproceedings{Spyridopoulos-2013-2-sec, author = {Spyridopoulos, Theodoros and Oikonomou, George and Tryfonas, Theo and Ge, Mengmeng}, title = {Game Theoretic Approach for Cost-Benefit Analysis of Malware Proliferation Prevention}, booktitle = {Proc. 28th IFIP TC-11 SEC 2013 International Information Security and Privacy Conference}, year = {2013}, month = jul, pages = {28--41}, publisher = {Springer}, doi = {10.1007/978-3-642-39218-4_3}, url = {http://link.springer.com/chapter/10.1007/978-3-642-39218-4_3}, gsid = {17494868145662175539} }
    Many existing research efforts in the field of malware proliferation aim at modelling and analysing its spread dynamics. Many malware dissemination models are based on the characteristics of biological disease spread in human populations. In this work, we utilise game theory in order to extend two very commonly used malware spread models (SIS and SIR) by incorporating defence strategies against malware proliferation. We consider three different security mechanisms, “patch”, “removal” and “patch and removal” on which our model is based. We also propose a cost-benefit model that describes optimal strategies the defender could follow when cost is taken into account. Lastly, as a way of illustration, we apply our models on the well studied Code-Red worm.
  77. P. Ilia, G. Oikonomou, T. Tryfonas, "Cryptographic Key Exchange in IPv6-Based Low Power, Lossy Networks", In Proc. Workshop in Information Theory and Practice (WISTP 2013), 7886, pp. 34–49, 2013
    @inproceedings{Ilia-2013-1-wistp, author = {Ilia, Panagiotis and Oikonomou, George and Tryfonas, Theo}, title = {Cryptographic Key Exchange in IPv6-Based Low Power, Lossy Networks}, booktitle = {Proc. Workshop in Information Theory and Practice (WISTP 2013)}, publisher = {Springer}, series = {Lecture Notes in Computer Science}, volume = {7886}, year = {2013}, month = may, pages = {34--49}, doi = {10.1007/978-3-642-38530-8_3}, url = {http://link.springer.com/chapter/10.1007/978-3-642-38530-8_3}, gsid = {10392273724478503874} }
    The IEEE 802.15.4 standard for low-power radio communications defines techniques for the encryption of layer 2 network frames but does not discuss methods for the establishment of encryption keys. The constrained nature of wireless sensor devices poses many challenges to the process of key establishment. In this paper, we investigate whether any of the existing key exchange techniques developed for traditional, application-centric wireless sensor networks (WSN) are applicable and viable for IPv6 over Low power Wireless Personal Area Networks (6LoWPANs). We use Elliptic Curve Cryptography (ECC) to implement and apply the Elliptic Curve Diffie Hellman (ECDH) key exchange algorithm and we build a mechanism for generating, storing and managing secret keys. The mechanism has been implemented for the Contiki open source embedded operating system. We use the Cooja simulator to investigate a simple network consisting of two sensor nodes in order to identify the characteristics of the ECDH technique. We also simulate a larger network to examine the solution’s performance and scalability. Based on those results, we draw our conclusions, highlight open issues and suggest further work.
  78. P. Andriotis, T. Tryfonas, G. Oikonomou, C. Yildiz, "A Pilot Study on the Security of Pattern Screen-Lock Methods and Soft Side Channel Attacks", In Proc. 6th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 13), pp. 1–6, 2013
    @inproceedings{Andriotis-2013-2-wisec, author = {Andriotis, Panagiotis and Tryfonas, Theo and Oikonomou, George and Yildiz, Can}, title = {A Pilot Study on the Security of Pattern Screen-Lock Methods and Soft Side Channel Attacks}, booktitle = {Proc. 6th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 13)}, publisher = {acm}, year = {2013}, pages = {1--6}, doi = {10.1145/2462096.2462098}, url = {http://dl.acm.org/ft_gateway.cfm?id=2462098&ftid=1363542&dwn=1&CFID=209744513&CFTOKEN=67660194}, gsid = {14861532957569792597} }
    Graphical passwords that allow a user to unlock a smartphone’s screen are one of the Android operating system’s features and many users prefer them instead of traditional text-based codes. A variety of attacks has been proposed against this mechanism, of which notable are methods that recover the lock patterns using the oily residues left on screens when people move their fingers to reproduce the unlock code. In this paper we present a pilot study on user habits when setting a pattern lock and on their perceptions regarding what constitutes a secure pattern. We use our survey’s results to establish a scheme, which combines a behaviour-based attack and a physical attack on graphical lock screen methods, aiming to reduce the search space of possible combinations forming a pattern, to make it partially or fully retrievable.
  79. W. Rukpakavong, I. Phillips, L. Guan, G. Oikonomou, "RPL Router Discovery for Supporting Energy-Efficient Transmission in Single-hop 6LoWPAN", In Proc. 3rd Workshop On Energy Efficiency in Wireless Networks and Wireless Networks for Energy Efficiency (E2Nets), pp. 7264–7268, 2012
    @inproceedings{Rukpakavong-2012-e2nets, author = {Rukpakavong, Wilawan and Phillips, Iain and Guan, Lin and Oikonomou, George}, title = {{RPL Router Discovery for Supporting Energy-Efficient Transmission in Single-hop 6LoWPAN}}, booktitle = {Proc. 3rd Workshop On Energy Efficiency in Wireless Networks and Wireless Networks for Energy Efficiency (E2Nets)}, year = {2012}, month = jun, address = {Ottawa, Canada}, publisher = {ieee}, pages = {7264--7268}, doi = {10.1109/ICC.2012.6364812}, url = {http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6364812}, gsid = {17646355870807557664} }
    In Wireless Sensor Networks (WSNs), controlling transmission power is a commonly used technique to extend battery life. This paper describes a novel mechanism using measured RSS (Received Signal Strength) to calculate optimal transmission power. This technique works in multipath environments and with nodes with differing transmission capability. Our technique achieves automatic configuration employing modifications to RPL (Routing Protocol for Low-power and lossy networks) router discovery without requiring extra steps or messages. Consequently, each node can send packets with ideal transmission power, which will usually be lower than maximum power and will help to prolong its lifetime. We evaluate the effectiveness of the proposed scheme, using performance metrics such as energy consumption and packet loss, on an WSN testbed. Several factors that impact the RSS, such as antenna, multipath environment, output power and the node’s capabilities are also investigated. Moreover, two RSS estimation techniques are evaluated and compared to the average measured RSS. The experimental results show that energy consumption is reduced by using the proposed technique.
  80. A. Jamil, D. Parish, I. Phillips, R. Phan, J. Whitley, G. Oikonomou, "Maximise Unsafe Path Routing Protocol for Forest Fire Monitoring System using Wireless Sensor Networks", In Proc. 3rd IEEE International Conference on Networked Embedded Systems for Every Application (NESEA 2012), 2012
    @inproceedings{Jamil-2012-1-nesea, author = {Jamil, Ansar and Parish, David and Phillips, Iain and Phan, Raphael and Whitley, John and Oikonomou, George}, title = {Maximise Unsafe Path Routing Protocol for Forest Fire Monitoring System using Wireless Sensor Networks}, booktitle = {Proc. 3rd IEEE International Conference on Networked Embedded Systems for Every Application (NESEA 2012)}, month = dec, year = {2012}, address = {Liverpool, UK}, publisher = {ieee}, doi = {10.1109/NESEA.2012.6474018}, gsid = {16715415936249988616}, url = {http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6474018} }
    Wireless Sensor Networks are an emerging technology with wide potential to be used in many applications. One such application is the detection and prevention of disasters in scenarios such as forest fires, floods and earthquakes. In these disaster situations, the events being monitored have the potential to destroy the sensing devices, for example, they can be burnt in a fire, sunk in a flood, melted in volcano lava, short-circuited in harmful chemicals, etc. In this paper, a novel energy-efficient routing protocol called Maximise Unsafe Path (MUP) Routing using IPv6 over Low power Wireless Personal Area Networks (6LoWPAN) is presented. The protocol aims to extend network lifetime by adapting the routes accordingly based on node destruction threat. MUP uses a routing technique that maximises the energy utilisation of nodes that are going to fail sooner, in order to save the energy of the other nodes. MUP is implemented as an extension to the RPL protocol for IPv6-based WSNs. The performance of the presented routing is evaluated with simulations and compared with the standard RPL in the same scenarios.
  81. P. Andriotis, G. Oikonomou, T. Tryfonas, "Forensic Analysis of Wireless Networking Evidence of Android Smartphones", In Proc. IEEE International Workshop on Information Forensics and Security (WIFS 12), pp. 109 - 114, 2012
    @inproceedings{Andriotis-2012-1-wifs, author = {Andriotis, Panagiotis and Oikonomou, George and Tryfonas, Theo}, title = {{Forensic Analysis of Wireless Networking Evidence of Android Smartphones}}, booktitle = {Proc. IEEE International Workshop on Information Forensics and Security (WIFS 12)}, month = dec, year = {2012}, address = {Tenerife, Spain}, doi = {10.1109/WIFS.2012.6412634}, url = {http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6412634}, gsid = {15073205140195149808}, pages = {109 - 114}, publisher = {ieee} }
    This paper introduces a method for acquiring forensic-grade evidence from Android smartphones using open source tools. We investigate in particular cases where the suspect has made use of the smartphone’s Wi-Fi or Bluetooth interfaces. We discuss the forensic analysis of four case studies, which revealed traces that were left in the inner structure of three mobile Android devices and also indicated security vulnerabilities. Subsequently, we propose a detailed plan for forensic examiners to follow when dealing with investigations of potential crimes committed using the wireless facilities of a suspect Android smartphone. This method can be followed to perform physical acquisition of data without using commercial tools and then to examine them safely in order to discover any activity associated with wireless communications. We evaluate our method using the Association of Chief Police Officers’ (ACPO) guidelines of good practice for computer-based, electronic evidence and demonstrate that it is made up of an acceptable host of procedures for mobile forensic analysis, focused specifically on the device’s Bluetooth and Wi-Fi facilities.
  82. T. Butt, I. Phillips, L. Guan, G. Oikonomou, "TRENDY: An Adaptive and Context-Aware Service Discovery Protocol for 6LoWPANs", In Proc. Third International Workshop on the Web of Things (WoT 2012), pp. 2:1–2:6, 2012
    @inproceedings{Butt-2012-1-wot, author = {Butt, Talal Ashraf and Phillips, Iain and Guan, Lin and Oikonomou, George}, booktitle = {Proc. Third International Workshop on the Web of Things (WoT 2012)}, title = {{TRENDY: An Adaptive and Context-Aware Service Discovery Protocol for 6LoWPANs}}, year = {2012}, month = jun, address = {Newcastle, UK}, pages = {2:1--2:6}, doi = {10.1145/2379756.2379758}, url = {http://www.webofthings.org/wot/2012/papers/Pervasive_WoT2012_Paper4.pdf}, gsid = {11858751101122974221} }
    We propose, TRENDY, a new registry-based Service Discovery protocol with context awareness. It uses CoAP-based RESTful web services to provide a standard interoperable interface which can be easily translated from HTTP. In addition, TRENDY introduces an adaptive timer and grouping mechanism to minimise control overhead and energy consumption. TRENDY’s grouping is based on location tags to localise status maintenance traffic and to compose and offer new group based services. Our simulation results show that TRENDY techniques reduce the control traffic considerably and also reduce the energy consumption, while offering the optimal service selection.
  83. G. Oikonomou, I. Phillips, "Stateless Multicast Forwarding with RPL in 6LoWPAN Sensor Networks", In Proc. 2012 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops), pp. 272–277, 2012
    @inproceedings{Oikonomou-2012-1-persens, author = {Oikonomou, George and Phillips, Iain}, title = {{Stateless Multicast Forwarding with RPL in 6LoWPAN Sensor Networks}}, year = {2012}, month = mar, address = {Lugano, Switzerland}, publisher = {ieee}, pages = {272--277}, doi = {10.1109/PerComW.2012.6197494}, url = {http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6197494}, booktitle = {{Proc. 2012 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops)}}, gsid = {10331574084044662042} }
    Recent research efforts have resulted in efficient support for IPv6 in Low power Wireless Personal Area Networks (6LoWPAN), with the “IPv6 Routing Protocol for Low power and Lossy Networks” (RPL) being on the forefront as the state of the art routing approach. However, little attention has been paid to IPv6 multicast for networks of constrained devices. The “Multicast Forwarding Using Trickle” (Trickle Multicast) internet draft is one of the most noteworthy efforts, while RPL’s specification also attempts to address the area but leaves many questions unanswered. In this paper we expose our concerns about the Trickle Multicast (TM) algorithm, backed up by thorough performance evaluation. We also introduce SMRF, an alternative multicast forwarding mechanism for RPL networks, which addresses TM’s drawbacks. Simulation results demonstrate that SMRF achieves significant delay and energy efficiency improvements at the cost of a small increase in packet loss. We have extended the TCP/IP engine of the Contiki embedded Operating System to support both algorithms. Both implementations have been made available to the community.
  84. V. Michopoulos, L. Guan, G. Oikonomou, I. Phillips, "DCCC6: Duty Cycle-Aware Congestion Control for 6LoWPAN Networks", In Proc. 2012 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops), pp. 278–283, 2012
    @inproceedings{Michopoulos-2012-1-persens, author = {Michopoulos, Vasilis and Guan, Lin and Oikonomou, George and Phillips, Iain}, title = {{DCCC6: Duty Cycle-Aware Congestion Control for 6LoWPAN Networks}}, year = {2012}, month = mar, address = {Lugano, Switzerland}, publisher = {ieee}, pages = {278--283}, doi = {10.1109/PerComW.2012.6197495}, url = {http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6197495}, booktitle = {{Proc. 2012 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops)}}, gsid = {17138642977859138687} }
    In Wireless Sensor Networks (WSNs), congestion can cause a number of problems including packet loss, lower throughput and poor energy efficiency. These problems can potentially result in reduced deployment lifetime and under-performing applications. This has led to several proposals for congestion control (CC) mechanisms for sensor networks. Furthermore, the WSN research community has made significant efforts towards power saving MAC protocols with Radio Duty Cycling (RDC). However, careful study of previous work reveals that RDC schemes are often neglected during the design and evaluation of CC algorithms. In this context, this paper contributes a new CC scheme for Duty Cycle and IPv6 over Low power Wireless Personal Area Networks 6LoWPAN sensor Networks - DCCC6. DCCC6 detects the presence of duty cycling and adjust its operation accordingly. We evaluate DCCC6 both with simulations and on a testbed with multi node topologies. The experimental results have shown that DCCC6 achieved higher goodput and lower packet loss than previous works. Moreover, simulations show that DCCC6 maintained low energy consumption, average delay times and achieved a high degree of fairness.
  85. G. Oikonomou, I. Phillips, "Experiences from Porting the Contiki Operating System to a Popular Hardware Platform", In Proc. 2011 International Conference on Distributed Computing in Sensor Systems and Workshops (DCOSS), pp. 54–59, 2011
    @inproceedings{Oikonomou-2011-2-pwsn, author = {Oikonomou, George and Phillips, Iain}, title = {{Experiences from Porting the Contiki Operating System to a Popular Hardware Platform}}, year = {2011}, month = jun, publisher = {ieee}, address = {Barcelona, Spain}, booktitle = {{Proc. 2011 International Conference on Distributed Computing in Sensor Systems and Workshops (DCOSS)}}, url = {http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5982222}, doi = {10.1109/DCOSS.2011.5982222}, pages = {54--59}, gsid = {10578625582166560308} }
    In contrast to original belief, recent work has demonstrated the viability of IPv6-based Wireless Sensor Networks (WSNs). This has led to significant research and standardization efforts with outcomes such as the “IPv6 over Low-Power Wireless Personal Area Networks” (6LoWPAN) specification. The Contiki embedded operating system is an important open source, multi-platform effort to implement 6LoWPAN functionality for constrained devices. Alongside its RFC-compliant TCP/IP stack (uIP), it provides support for 6LoWPAN and many related standards. As part of our work, we have made considerable fixes and enhancements to one of Contiki’s ports. In the process, we made significant optimizations and a thorough evaluation of Contiki’s memory and code footprint characteristics, focusing on network-related functionality. In this paper we present our experiences from the porting process, we disclose our optimizations and demonstrate their significance. Lastly, we discuss a method of using Contiki to deploy an embedded Internet-to-6LoWPAN router. Our porting work has been made available to the community under the terms of the Contiki license.
  86. G. Oikonomou, I. Phillips, L. Guan, A. Grigg, "ADDER: Probabilistic, Application Layer Service Discovery for MANETs and Hybrid Wired-Wireless Networks", In Proc. 9th Annual Communication Networks and Services Research Conference (CNSR 2011), pp. 33–40, 2011
    @inproceedings{Oikonomou-2011-1-cnsr, author = {Oikonomou, George and Phillips, Iain and Guan, Lin and Grigg, Alan}, title = {{ADDER: Probabilistic, Application Layer Service Discovery for MANETs and Hybrid Wired-Wireless Networks}}, year = {2011}, month = may, publisher = {ieee}, pages = {33--40}, address = {Ottawa, Canada}, doi = {10.1109/CNSR.2011.14}, url = {http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5771189}, booktitle = {{Proc. 9th Annual Communication Networks and Services Research Conference (CNSR 2011)}}, gsid = {14993301371977503898} }
    Over the past years, Mobile ad-hoc networks (MANETs) have attracted a considerable degree of research attention, with service discovery, selection and invocation being among the topics of interest of previous efforts. In this paper we introduce ADDER, a probabilistic, hybrid, directory-less service discovery mechanism. It has been designed for military IPv6-based MANETs but will work in any hybrid wired-wireless deployment. It achieves very low service acquisition time through the exchange of a very small number of short messages. Propagation of service descriptions is based on a distance vector algorithm, achieving loop and starvation freedom through a feasibility condition, which has been adopted from established and well-tested routing protocols. This paper also presents evaluation results, obtained by actual execution of the ADDER daemon on two different test beds. The experiments aim to demonstrate that the mechanism achieves good scalability with increasing number of services and network size.
  87. V. Michopoulos, L. Guan, G. Oikonomou, I. Phillips, "A Comparative Study of Congestion Control Algorithms in IPv6 Wireless Sensor Networks", In Proc. 2011 International Conference on Distributed Computing in Sensor Systems and Workshops (DCOSS), pp. 1–6, 2011
    @inproceedings{Michopoulos-2011-1-pwsn, author = {Michopoulos, Vasilis and Guan, Lin and Oikonomou, George and Phillips, Iain}, title = {{A Comparative Study of Congestion Control Algorithms in IPv6 Wireless Sensor Networks}}, year = {2011}, month = jun, publisher = {ieee}, address = {Barcelona, Spain}, booktitle = {{Proc. 2011 International Conference on Distributed Computing in Sensor Systems and Workshops (DCOSS)}}, url = {http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5982218}, doi = {10.1109/DCOSS.2011.5982218}, pages = {1--6}, gsid = {1498695754826356283} }
    In Wireless Sensor Networks (WSNs), congestion can cause a plethora of malfunctions such as packet loss, lower throughput and energy inefficiency, potentially resulting in reduced deployment lifetime and under-performing applications. This has led to several proposals describing congestion control (CC) mechanisms for sensor networks. Furthermore, the WSN research community has made significant efforts towards power saving MAC protocols with Radio Duty Cycling (RDC). However, careful study of previous work reveals that RDC schemes are often neglected during the design and evaluation of congestion control algorithms. In this paper, we argue that the presence (or lack) of RDC can drastically influence the performance of congestion detection. In addition, most WSN CC mechanisms are evaluated under traditional sensor network topologies and protocols (e.g. trickle data dissemination, tree data collection). The emerging IPv6 over Low power Wireless Personal Area Networks (6LoWPAN) and related standards pose a new requirement: we now need to investigate if previous findings regarding congestion control are still applicable. In this context, this paper contributes a comprehensive evaluation of existing congestion detection mechanisms in a simulated, multi-node 6LoWPAN sensor network. We present results from two sets of experiments, differentiated by the presence or lack of RDC.
  88. G. Oikonomou, I. Phillips, L. Guan, A. Grigg, "An Emulator for the Network Stack of Integrated Modular Systems", In Proc. 5th IEEE International Conference on Systems of Systems Engineering (IEEE SoSE), 2010
    @inproceedings{Oikonomou-2010-1-sose, author = {Oikonomou, George and Phillips, Iain and Guan, Lin and Grigg, Alan}, title = {{An Emulator for the Network Stack of Integrated Modular Systems}}, year = {2010}, month = jun, publisher = {ieee}, address = {Loughborough, UK}, doi = {10.1109/SYSOSE.2010.5543988}, url = {http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5543988}, booktitle = {{Proc. 5th IEEE International Conference on Systems of Systems Engineering (IEEE SoSE)}}, gsid = {12641520291697001229} }
    The networked integration of military systems can enable timely exploitation of intelligence and offer strategic advantages in the battlefield. Despite operating under harsh, hostile conditions, tactical networks have many similarities with typical wireless ad-hoc networks. The UK Ministry of Defence Standard 00-74 attempts to standardise an architecture for integrated avionics and includes the specification of a three layer network stack for the message exchange between applications on board a system. As part of our work, we developed an emulator for this network stack. Furthermore, we have designed and implemented a service discovery mechanism for mobile ad hoc networks. This paper focuses on disclosing the emulator’s design and implementation details. We also discuss the emulator’s integration with the service discovery mechanism in order to achieve scalable, reconfigurable off board communications towards IPv6 based systems of systems.
  89. T. Edwan, L. Guan, G. Oikonomou, I. Phillips, "Higher Order Delay Functions for Delay-Loss Based TCP Congestion Control", In Proc. 6th Wireless Advanced, pp. 1–6, 2010
    @inproceedings{Edwan-2010-1-wireless-advanced, author = {Edwan, Talal and Guan, Lin and Oikonomou, George and Phillips, Iain}, title = {{Higher Order Delay Functions for Delay-Loss Based TCP Congestion Control}}, year = {2010}, month = jun, address = {London, UK}, booktitle = {{Proc. 6th Wireless Advanced}}, publisher = {ieee}, pages = {1--6}, doi = {10.1109/WIAD.2010.5544874}, url = {http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5544874}, gsid = {788159838287487244} }
    TCP-Illinois aims to address TCP’s low throughput when operating in high-speed, high-delay networks. Previous research has shown that, due to its linear increase behaviour and to its relatively long congestion epochs, TCP-Illinois exhibits sub-optimal scaling behaviour with an increasing path Bandwidth-Delay Product (BDP). This paper discloses our contributions towards improving the aggressiveness and responsiveness of loss-based TCP congestion control algorithms. We formally show that higher order versions (of power n) of the delay functions used by TCP-Illinois become more aggressive and responsive with an increasing value of n. Based on this finding, we propose three variants: i) a second order (quadratic) version of additive increase and multiplicative decrease (TCP-Q), ii) a second order multiplicative decrease only (TCP-Fq) and iii) a sub-linear multiplicative decrease only (TCP-Fs). By modifying the TCP-Illinois code in the GNU/Linux kernel, we obtained the three corresponding modules and used them for our simulations using the TCP/Linux patch for ns2. Based on standardised congestion control metrics, we conducted a comparative analysis between our variants and a number of relevant high speed TCP algorithms. Simulation results agree with our analytical findings; compared to TCP-Illinois, TCP-Q exhibits shorter congestion epochs and thus better responsiveness and convergence.
  90. T. Edwan, L. Guan, G. Oikonomou, I. Phillips, "Understanding the Impact of Link Errors on TCP Congestion Control", In Proc. 26th UK Performance Engineering Workshop (UK PEW 2010), pp. 59–64, 2010
    @inproceedings{Edwan-2010-2-uk-pew, author = {Edwan, Talal and Guan, Lin and Oikonomou, George and Phillips, Iain}, title = {Understanding the Impact of Link Errors on TCP Congestion Control}, year = {2010}, month = jun, address = {Coventry, UK}, booktitle = {Proc. 26th UK Performance Engineering Workshop (UK PEW 2010)}, pages = {59--64}, gsid = {4311161433930400772} }
    This paper presents a control-theoretic-like analysis of TCP congestion control mechanism. We extend previous analysis by considering two additional factors: i) wireless link errors and ii) general variable multiplicative decrease (MD). Wireless link errors are usually the cause for unnecessary TCP congestion window reductions and thus lower throughput. We also study the effects of those parameters on TCP’s stability condition. In this paper, we present a modified TCP model and analyse it in the presence of delay. This is then linearised around an equilibrium point and re-analysed using a control-theoretic-like framework. The analysis verifies that non-congestive packet loss acts as a disturbance, as opposed to loss due to congestion, which is well within TCP’s control.
  91. G. Oikonomou, T. Apostolopoulos, "Using a Web-Based Framework to Manage Grid Deployments", In Proc. The 2008 International Conference on Grid Computing and Applications (GCA 08), pp. 10–16, 2008
    @inproceedings{Oikonomou-2008-2-gca, author = {Oikonomou, George and Apostolopoulos, Theodore}, title = {{Using a Web-Based Framework to Manage Grid Deployments}}, year = {2008}, month = jul, address = {Las Vegas, USA}, pages = {10--16}, booktitle = {Proc. The 2008 International Conference on Grid Computing and Applications (GCA 08)}, gsid = {11499777515183354595} }
    WebDMF is a Web-based Framework for the Management of Distributed services. It is based on the Web-based Enterprise Management (WBEM) standards family and introduces a middleware layer of entities called "Representatives". Details related to the managed application are detached from the representative logic, making the framework suitable for a variety of services. WebDMF can be integrated with existing WBEM infrastructures and is complementary to web service-based management efforts. This paper describes how the framework can be used to manage grids without modifications to existing installations. It compares the proposed solution with other research initiatives. Experiments on an emulated network topology indicate its viability.
  92. G. Oikonomou, T. Apostolopoulos, "WebDMF: A Web-Based Management Framework for Distributed Services", In Proc. The 2008 International Conference of Parallel and Distributed Computing (ICPDC 08), 1, pp. 593–598, 2008
    @inproceedings{Oikonomou-2008-1-icpdc, author = {Oikonomou, George and Apostolopoulos, Theodore}, title = {{WebDMF: A Web-Based Management Framework for Distributed Services}}, year = {2008}, month = jul, address = {London, UK}, pages = {593--598}, volume = {1}, booktitle = {Proc. The 2008 International Conference of Parallel and Distributed Computing (ICPDC 08)}, gsid = {16475485647710219590} }
    This paper presents WebDMF, a Web-based Framework for the Management of Distributed services. It is based on the Web-based Enterprise Management (WBEM) family of standards and introduces a middleware layer of entities called "Representatives". WebDMF can be integrated with existing WBEM infrastructures and is not limited to monitoring. On the contrary, it is capable of actively modifying the run-time parameters of the managed application. Its design is abstract and suitable for a variety of distributed services, such as grids and content delivery networks. The paper includes a discussion on WebDMF’s design, implementation and advantages. We also present experiments on an emulated network topology as an indication of the framework’s viability.
  93. G. Oikonomou, T. Apostolopoulos, "Web-Based Management of Content Delivery Networks", In Proc. 19th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management (DSOM). Managing Large Scale Service Deployment (MANWEEK 08), pp. 42–54, 2008
    @inproceedings{Oikonomou-2008-3-manweek, author = {Oikonomou, George and Apostolopoulos, Theodore}, title = {{Web-Based Management of Content Delivery Networks}}, year = {2008}, month = sep, address = {Samos, Greece}, pages = {42--54}, isbn = {978-3-540-85999-4}, publisher = {Springer Berlin / Heidelberg}, url = {http://www.springerlink.com/content/87382027k4700743}, doi = {10.1007/978-3-540-87353-2_4}, booktitle = {Proc. 19th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management (DSOM). Managing Large Scale Service Deployment (MANWEEK 08)}, gsid = {4542635289175070796} }
    Abstract overlay networks have been considered enablers of efficient management for decentralized, large scale service deployments. A Content Delivery Network (CDN) is an example of service falling within this category. The result of our research is WebDMF, a management framework for distributed services based on the Web-Based Enterprise Management (WBEM) family of specifications. Abstract design, combined with a middleware layer of entities called "Representatives", makes WebDMF suitable for the management of a variety of services. Details related to the management of each particular service are detached from the representative logic. This paper discusses how WebDMF can be used for the management of CDNs. A WBEM provider resides on each host participating in the service deployment and implements CDN-specific operations. WebDMF representatives decentralize, unify and coordinate those on a deployment scale. Preliminary measurements on an emulated network topology are also presented as an indication of the solution’s viability and scalability.
  94. G. Oikonomou, T. Apostolopoulos, "A Framework for the Management of Distributed Systems Based on SNMP", In Proc. 22nd International Symposium on Computer and Information Sciences (ISCIS 07), pp. 1–6, 2007
    @inproceedings{Oikonomou-2007-iscis, author = {Oikonomou, George and Apostolopoulos, Theodore}, title = {{A Framework for the Management of Distributed Systems Based on SNMP}}, year = {2007}, month = nov, address = {Ankara, Turkey}, pages = {1--6}, publisher = {ieee}, doi = {10.1109/ISCIS.2007.4456838}, url = {http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=4456838}, isbn = {978-1-4244-1363-8}, booktitle = {Proc. 22nd International Symposium on Computer and Information Sciences (ISCIS 07)}, gsid = {4580156836505276130} }
    The traditional task of managing and monitoring a network has never been a trivial one. With recent changes in computing and networking, the area of distributed systems management faces new challenges and increasing complexity. Research in the relevant field reveals that, while there are many research and commercial solutions available, some of them are based on proprietary standards. Others focus on monitoring, while lacking the ability to actively make modifications and fine-tuning. Some others have a narrow target group. This paper proposes a framework for the management of distributed applications. The managed hosts are treated as integral parts of the deployment and not as stand alone, isolated entities. The framework is based on SNMP and is not limited to monitoring. On the contrary, it is capable of carrying out SNMP-SET commands, actively modifying the run-time parameters of the managed application. Finally, it can perform the management of a variety of distributed systems, ranging from small clusters to larger scale deployments such as computational or data grids.
  95. G. Oikonomou, V. Karakoidas, T. Apostolopoulos, "Pegasus: Competitive Load Balancing Using inetd", In Proc. 5th System Administration and Network Engineering Conference (SANE 2006), pp. 59–68, 2006 (refereed paper)
    @inproceedings{Oikonomou-2006-sane, title = {{Pegasus: Competitive Load Balancing Using inetd}}, author = {Oikonomou, George and Karakoidas, Vassilios and Apostolopoulos, Theodore}, year = {2006}, month = may, booktitle = {Proc. 5th System Administration and Network Engineering Conference (SANE 2006)}, address = {Delft, The Netherlands}, note = {refereed paper}, pages = {59--68}, gsid = {6260829879066953756} }
  96. T. Apostolopoulos, I. Kapetanakis, G. Oikonomou, "An Architecture for the Management of Smart Cards by Mobile Devices Using Java Technologies", In Proc. 7th International IEEE Conference on E-Commerce Technology (CEC 2005), pp. 527–530, 2005 (short paper)
    @inproceedings{Apostolopoulos-2005-cec, title = {{An Architecture for the Management of Smart Cards by Mobile Devices Using Java Technologies}}, author = {Apostolopoulos, Theodore and Kapetanakis, Ilias and Oikonomou, George}, booktitle = {Proc. 7th International IEEE Conference on E-Commerce Technology (CEC 2005)}, note = {short paper}, year = {2005}, month = jul, address = {Munich, Germany}, pages = {527--530}, doi = {10.1109/ICECT.2005.16}, url = {http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=1524102}, gsid = {3100791029352527350} }
    Smart cards are cards with memory and a processor, ideal for authentication and secure applications. Mobile devices have an extraordinary spread; people carry them along at all times. The ability to combine the features of those two devices is quite compelling. We used technologies of the Java family in order to achieve this. In our work, we designed an architecture for the management of smart cards by mobile devices. The system is built up from three components, the Java card applet, the mobile application and the Java card-mobile device gateway. For the purposes of our work and as proof of concept, we developed a sample electronic wallet application. Finally, we extended the proposed system’s functionality and described a business case, where the system could be used in the future.
  97. T. Apostolopoulos, G. Oikonomou, "Overtester: A Peer-to-Peer, Modular Toolkit for Network Performance Evaluation", In Proc. The Fourth International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP 04), pp. 404–407, 2004 (short paper)
    @inproceedings{Apostolopoulos-2004-csndsp, title = {{Overtester: A Peer-to-Peer, Modular Toolkit for Network Performance Evaluation}}, author = {Apostolopoulos, Theodore and Oikonomou, George}, booktitle = {Proc. The Fourth International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP 04)}, year = {2004}, month = jul, address = {Newcastle, UK}, pages = {404--407}, note = {short paper} }
    The field of network performance evaluation is of great significance for researchers and network administrators alike. This has resulted in a great number of applications designed to aid the process. These applications vary quite a bit, ranging from simple tools, such as the famous ping program all the way to complex and sophisticated ones. OverTester resides on top of other performance measurement programs, like a management console, automating and co-coordinating the process. It is Modular, while its most significant features are its Peer-to-Peer and Cross-Platform nature.
  98. T. Apostolopoulos, G. Oikonomou, "A Scalable, Extensible Framework for Grid Management", In Proc. IASTED International Conference on Parallel and Distributed Computing and Networks (PDCN 2004), 2004
    @inproceedings{Apostolopoulos-2004-pdcn, title = {{A Scalable, Extensible Framework for Grid Management}}, author = {Apostolopoulos, Theodore and Oikonomou, George}, booktitle = {Proc. IASTED International Conference on Parallel and Distributed Computing and Networks (PDCN 2004)}, year = {2004}, month = feb, address = {Innsbruck, Austria}, url = {http://www.actapress.com/PaperInfo.aspx?PaperID=16589}, gsid = {10236833881799285884} }
    The picture of global computing is rapidly changing. In the last few years, with the progress made in the area of computer networks, standalone desktop computers became largely interconnected. And then grid computing came along. Managing and monitoring a network had never been a trivial task and many efforts have been made in this direction. A variety of protocols have been proposed and standards have arisen in order to facilitate this process. Now the task has become even more complex. Not only do we have the need to monitor and manage the underlying network, but also the availability and utilisation of shared resources. From simple resources such as CPU cycles and storage space, all the way to complicated equipment used for specific purposes, such as medical or scientific instruments. Our vision is of a management framework for grid deployments, that is easy to use, scalable, secure and modular. We propose a framework that has been designed in order to satisfy the above criteria. Furthermore, it is based on open standards, which makes it easy to implement and integrate with existing management systems.
  99. T. Apostolopoulos, G. Oikonomou, N. Chatzivasdekis, "Statistical Analysis of the Performance of IEEE 802.11 LANs", In Proc. IASTED International Conference on Communication Systems and Networks (CSN 2003), pp. 151–156, 2003
    @inproceedings{Apostolopoulos-2003-csn, title = {{Statistical Analysis of the Performance of IEEE 802.11 LANs}}, author = {Apostolopoulos, Theodore and Oikonomou, George and Chatzivasdekis, Nikolaos}, booktitle = {Proc. IASTED International Conference on Communication Systems and Networks (CSN 2003)}, year = {2003}, month = sep, address = {Benalmadena, Spain}, pages = {151--156}, url = {http://www.actapress.com/Abstract.aspx?paperId=13929}, gsid = {11033860864383496578} }
    Wireless LAN technology is relatively new and rapidly developing. The performance of such networks is of great importance and deep understanding is required in order to take advantage of their full potential. In our work, we installed an infrastructure IEEE 802.11b compliant Wireless LAN in the Computer and Communication Systems Laboratory, measured its performance and analyzed it, using statistical methods. Our ultimate goal was to study the impact of various operational parameters on the aforementioned performance.
Edited book chapters
  1. J. Pope, T. Spyridopoulos, V. Kumar, F. Raimondo, S. Gunner, G. Oikonomou, T. Pasquier, R. McConville, P. Carnelli, A. Sanchez Mompo, I. Mavromatis, A. Khan, "Intrusion Detection at the IoT Edge Using Federated Learning", In Security and Privacy in Smart Environments, pp. 98–119, 2024
    @incollection{Pope-2025-LNCS, author = {Pope, James and Spyridopoulos, Theodoros and Kumar, Vijay and Raimondo, Francesco and Gunner, {Sam D} and Oikonomou, George and Pasquier, Thomas and McConville, Ryan and Carnelli, Pietro and {Sanchez Mompo}, Adrian and Mavromatis, Ioannis and Khan, Aftab}, editor = {Pitropakis, Nikolaos and Katsikas, Sokratis}, title = {Intrusion Detection at the IoT Edge Using Federated Learning}, booktitle = {Security and Privacy in Smart Environments}, year = {2024}, pages = {98--119}, doi = {10.1007/978-3-031-66708-4_5}, oa-url = {https://hdl.handle.net/1983/ba3d077d-bd21-47e2-ae0a-bcc291c163e5}, gsid = {14989387774835503947} }
    With the proliferation of Internet of Things (IoT) technologies in urban environments, cities are increasingly deploying Edge processing nodes for urban sensing. This large-scale integration of Edge nodes and sensing endpoints raises significant security concerns. For instance, existing Intrusion Detection methods cannot scale well and do not consider the privacy and energy consumption implications that emerge when applied to those systems. In addition, the use of containerised applications managed by container orchestration platforms in these environments, while enabling diverse applications and allowing scanning of the container images, can still introduce vulnerabilities. This Chapter addresses the challenge of effectively detecting malicious activities in large-scale resource-constrained IoT systems. We introduce an unsupervised distributed learning solution employing Federated Learning (FL) for real-time anomaly detection across the IoT infrastructure. Our approach involves analysing Linux system call data through a Federated Learning Framework, significantly reducing the need for central data processing. The Chapter presents a comprehensive architectural overview of the system, its core components, and the methodology for deploying and updating anomaly detection models. It also provides the performance evaluation of our approach. Our results demonstrate that the size of the clients’ datasets and the use of pre-trained models play a significant role in the performance of FL models. The work presented in this chapter was supported by UK Research and Innovation, Innovate UK [grant number 53707].
  2. P. Woznowski, A. Burrows, T. Diethe, X. Fafoutis, J. Hall, S. Hannuna, M. Camplani, N. Twomey, M. Kozlowski, B. Tan, N. Zhu, A. Elsts, A. Vafeas, A. Paiement, L. Tao, M. Mirmehdi, T. Burghardt, D. Damen, P. Flach, R. Piechocki, I. Craddock, G. Oikonomou, "SPHERE: A sensor platform for healthcare in a residential environment", In Designing, Developing, and Facilitating Smart Cities, pp. 315–333, 2017
    @incollection{Woznowski-2017-sphere, title = {SPHERE: A sensor platform for healthcare in a residential environment}, author = {Woznowski, {Przemyslaw R.} and Burrows, Alison and Diethe, Tom and Fafoutis, Xenofon and Hall, Jake and Hannuna, Sion and Camplani, Massimo and Twomey, Niall and Kozlowski, Michal and Tan, Bo and Zhu, Ni and Elsts, Atis and Vafeas, Antonis and Paiement, Adeline and Tao, Lili and Mirmehdi, Majid and Burghardt, Tilo and Damen, Dima and Flach, Peter and Piechocki, Robert and Craddock, Ian and Oikonomou, George}, editor = {Angelakis, Vangelis and Tragos, Elias and P{\"o}hls, Henrich C. and Kapovits, Adam and Bassi, Alessandro}, booktitle = {Designing, Developing, and Facilitating Smart Cities}, publisher = {Springer}, gsid = {18162269616817626173}, pages = {315--333}, isbn = {978-3-319-44924-1}, doi = {10.1007/978-3-319-44924-1_14}, year = {2017} }
    It can be tempting to think about smart homes like one thinks about smart cities. On the surface, smart homes and smart cities comprise coherent systems enabled by similar sensing and interactive technologies. It can also be argued that both are broadly underpinned by shared goals of sustainable development, inclusive user engagement and improved service delivery. However, the home possesses unique characteristics that must be considered in order to develop effective smart home systems that are adopted in the real world.
  3. A. Fragkiadakis, G. Oikonomou, H. Pöhls, E. Tragos, M. Wojcik, T. Tryfonas, "Securing Communications Among Severely Constrained, Wireless Embedded Devices", In Engineering Secure IoT Systems, 2016
    @incollection{Fragkiadakis-2016-iet, author = {Fragkiadakis, Alexandros and Oikonomou, George and P{\"o}hls, Henrich C. and Tragos, Elias Z. and Wojcik, Marcin and Tryfonas, Theo}, title = {{Securing Communications Among Severely Constrained, Wireless Embedded Devices}}, booktitle = {Engineering Secure IoT Systems}, year = {2016}, publisher = {IET}, gsid = {11061227629507691898} }
    The goal of this chapter is to present the ideas and concepts of the EU-FP7 SMARTCITIES project “RERUM” with regards to improving the communication security in IoT-based smart city applications. The chapter tries to identify the gaps in previous IoT frameworks with regards to security and privacy and shows the advances that RERUM brings to the IoT community with its significant focus on embedded device functionalities. The goal of the RERUM secure communications framework is to provide light-weight solutions so that they can be applied even in the very constrained IoT devices. Solutions for lightweight encryption (based on the relatively new theory of Compressive Sensing), on transport-layer security (based on DTLS) and on integrity verification of data (using on-device signatures) are presented in detail, discussing their applicability and the benefits they bring to IoT.
  4. G. Oikonomou, T. Apostolopoulos, "Web-Based Management of Distributed Services", In Advances in Electrical Engineering and Computational Science, 39, pp. 255–266, 2009 (invited)
    @incollection{Oikonomou-2009-1-eecs, author = {Oikonomou, George and Apostolopoulos, Theodore}, title = {{Web-Based Management of Distributed Services}}, booktitle = {Advances in Electrical Engineering and Computational Science}, series = {Lecture Notes in Electrical Engineering}, chapter = {22}, volume = {39}, note = {invited}, publisher = {Springer Netherlands}, year = {2009}, month = apr, pages = {255--266}, isbn = {978-90-481-2310-0}, url = {http://www.springerlink.com/content/r02077677v630914}, doi = {10.1007/978-90-481-2311-7_22}, gsid = {10826085840837510519} }
    This paper presents WebDMF, a Web-based Framework for the Management of Distributed services. It is based on the Web-based Enterprise Management (WBEM) family of standards and introduces a middleware layer of entities called "Representatives". WebDMF can be integrated with existing WBEM infrastructures and is not limited to monitoring. On the contrary, it is capable of actively modifying the run-time parameters of a managed service. Due to its abstract design, it is suitable for the management of a variety of distributed services, such as grids and content delivery networks. The paper includes a discussion on WebDMF’s design, implementation and advantages. We also present experiments on an emulated network topology as an indication of the framework’s viability.
Other
  1. H. Erdol, X. Wang, R. Piechocki, G. Oikonomou, A. Parekh, "xApp Distillation: AI-based Conflict Mitigation in B5G O-RAN", 2024
    @misc{Erdol-2024-xApp, title = {xApp Distillation: AI-based Conflict Mitigation in B5G O-RAN}, author = {Erdol, Hakan and Wang, Xiaoyang and Piechocki, Robert and Oikonomou, George and Parekh, Arjun}, year = {2024}, oa-url = {https://arxiv.org/abs/2407.03068}, doi = {10.48550/arXiv.2407.03068}, gsid = {13532490694523551184} }
    The advancements of machine learning-based (ML) decision-making algorithms created various research and industrial opportunities. One of these areas is ML-based near-real-time network management applications (xApps) in Open-Radio Access Network (O-RAN). Normally, xApps are designed solely for the desired objectives, and fine-tuned for deployment. However, telecommunication companies can employ multiple xApps and deploy them in overlapping areas. Consider the different design objectives of xApps, the deployment might cause conflicts. To prevent such conflicts, we proposed the xApp distillation method that distills knowledge from multiple xApps, then uses this knowledge to train a single model that has retained the capabilities of Previous xApps. Performance evaluations show that compared conflict mitigation schemes can cause up to six times more network outages than xApp distillation in some cases.
  2. V. Kumar, S. Gunner, T. Spyridopoulos, A. Vafeas, J. Pope, P. Yadav, G. Oikonomou, T. Tryfonas, "Challenges in the Design and Implementation of IoT Testbeds in Smart-Cities: A Systematic Review", 2023
    @misc{Kumar-2023-Challenges, title = {Challenges in the Design and Implementation of IoT Testbeds in Smart-Cities: A Systematic Review}, author = {Kumar, Vijay and Gunner, {Sam D} and Spyridopoulos, Theodoros and Vafeas, Antonis and Pope, James and Yadav, Poonam and Oikonomou, George and Tryfonas, Theo}, year = {2023}, howpublished = {arXiv}, oa-url = {https://arxiv.org/abs/2302.11009}, doi = {10.48550/arXiv.2302.11009}, gsid = {14737381929246947659} }
    Advancements in wireless communication and the increased accessibility to low-cost sensing and data processing IoT technologies have increased the research and development of urban monitoring systems. Most smart city research projects rely on deploying proprietary IoT testbeds for indoor and outdoor data collection. Such testbeds typically rely on a three-tier architecture composed of the Endpoint, the Edge, and the Cloud. Managing the system’s operation whilst considering the security and privacy challenges that emerge, such as data privacy controls, network security, and security updates on the devices, is challenging. This work presents a systematic study of the challenges of developing, deploying and managing urban monitoring testbeds, as experienced in a series of urban monitoring research projects, followed by an analysis of the relevant literature. By identifying the challenges in the various projects and organising them under the V-model development lifecycle levels, we provide a reference guide for future projects. Understanding the challenges early on will facilitate current and future smart-cities IoT research projects to reduce implementation time and deliver secure and resilient testbeds.
  3. J. Pope, J. Liang, V. Kumar, F. Raimondo, X. Sun, R. McConville, T. Pasquier, R. Piechocki, G. Oikonomou, B. Luo, D. Howarth, I. Mavromatis, A. Sanchez Mompo, P. Carnelli, T. Spyridopoulos, A. Khan, "Resource-interaction graph: Efficient graph representation for anomaly detection", 2022
    @misc{pope2022resource, title = {Resource-interaction graph: Efficient graph representation for anomaly detection}, author = {Pope, James and Liang, Jinyuan and Kumar, Vijay and Raimondo, Francesco and Sun, Xinyi and McConville, Ryan and Pasquier, Thomas and Piechocki, Rob and Oikonomou, George and Luo, Bo and Howarth, Dan and Mavromatis, Ioannis and {Sanchez Mompo}, Adrian and Carnelli, Pietro and Spyridopoulos, Theodoros and Khan, Aftab}, year = {2022}, howpublished = {arXiv}, oa-url = {https://arxiv.org/abs/2212.08525}, doi = {10.48550/arXiv.2212.08525}, gsid = {15559955207602333715} }
    Security research has concentrated on converting operating system audit logs into suitable graphs, such as provenance graphs, for analysis. However, provenance graphs can grow very large requiring significant computational resources beyond what is necessary for many security tasks and are not feasible for resource constrained environments, such as edge devices. To address this problem, we present the resource-interaction graph that is built directly from the audit log. We show that the resource-interaction graph’s storage requirements are significantly lower than provenance graphs using an open-source data set with two container escape attacks captured from an edge device. We use a graph autoencoder and graph clustering technique to evaluate the representation for an anomaly detection task. Both approaches are unsupervised and are thus suitable for detecting zero-day attacks. The approaches can achieve f1 scores typically over 80% and in some cases over 90% for the selected data set and attacks.
  4. A. Jamil, D. Parish, R. Phan, J. Whitley, I. Phillips, G. Oikonomou, "Designing Environmental Aware Routing in Wireless Sensor Networks", 2011 (non-refereed)
    @misc{Jamil-2011-uthm, title = {{Designing Environmental Aware Routing in Wireless Sensor Networks}}, author = {Jamil, Ansar and Parish, David and Phan, Raphael and Whitley, John and Phillips, Iain and Oikonomou, George}, howpublished = {UTHM Symposium}, year = {2011}, note = {non-refereed}, address = {London, UK} }
  5. G. Oikonomou, "A Web-Based Framework for the Management of Distributed Systems and Services. Case Study: Management of Content Delivery Networks", 2008 (in Greek)
    @phdthesis{Oikonomou-2008-PhD, address = {Athens, Greece}, author = {Oikonomou, George}, month = nov, school = {Department of Informatics, Athens University of Economics and Business}, note = {in Greek}, title = {{A Web-Based Framework for the Management of Distributed Systems and Services. Case Study: Management of Content Delivery Networks}}, year = {2008} }
  6. T. Apostolopoulos, G. Oikonomou, G. Parisis, "Broadband in Greece. Perspective and Challenges", pp. 28–30, 2007 (in Greek)
    @misc{Oikonomou-2007-broadband, title = {{Broadband in Greece. Perspective and Challenges}}, author = {Apostolopoulos, Theodore and Oikonomou, George and Parisis, George}, howpublished = {Broadband Year Magazine}, year = {2007}, pages = {28--30}, publisher = {Greek Computer Society Press}, note = {in Greek} }
  7. G. Oikonomou, "Statistical Analysis of the Performance of IEEE 802.11 LANs", 2002 (in Greek)
    @mastersthesis{Oikonomou-2002-MSc, address = {Athens, Greece}, author = {Oikonomou, George}, month = feb, school = {Department of Informatics, Athens University of Economics and Business}, note = {in Greek}, title = {{Statistical Analysis of the Performance of IEEE 802.11 LANs}}, year = {2002} }