Research Interests

IoT security

Cyber space is expanding fast with the introduction of new Internet of Things (IoT) technologies. Wearables, VR devices, medical devices, Internet-connected house appliances, and vehicles have grown exponentially in recent years. This trend will only continue, and billions of smart devices will dominate our everyday lives in a few years. Such an IoT-enabled smart environment improves the quality of life of individuals while handling a new set of data previously untapped and with tremendous forensic value. Although such pervasive IoT-fueled smart settings have immense potential, they have not yet reached their full potential to drastically improve our digital forensics capabilities within the environment. Moreover, given the increasingly critical nature of the cyberspace of IoT devices and applications, it is imperative that they are properly secured against malicious activities.

Remote attestation protocols are widely used to detect device configuration (e.g., software and/or data) compromise in Internet of Things (IoT) scenarios. Unfortunately, the performance of such protocols is unsatisfactory when dealing with thousands of smart devices. Recently, researchers have focused on running attestation in a collective way, with the goal of reducing computation and communication. Despite these advances, there still is the need for a secure, efficient, and practical protocol for attesting potentially large networks of smart devices with unstructured or dynamic topologies. 

Physical unclonable functions can uniquely identify IoT devices but require secure fuzzy extractors to ensure reliable replication. Hence, novel and secure computational fuzzy extractors that address the limitations faced by traditional solutions in resource-constrained IoT devices are necessary.

Security of Future Internet Techonologies

The concept of Information-Centric Networking (ICN) is rooted in the TRIAD project (2000), whose objective was to replace the IP layer with a content-centric layer. Afterward, the research community proposed various ICN architectures: NamedData Networking (NDN) is considered the most promising. NDN switches the communication paradigm from host-based – i.e., where the data is – to content-based – i.e., what the data is. Given the IP addressing replacement, NDN resolves known Denial of Service (DoS) and Distributed Denial of Service (DDoS) issues—e.g., UDP, ICMP, and SYN flood. Nevertheless, NDN is not immune to possible flooding attacks.

Moreover, recently deployed data-driven models in the network data plane have enabled intelligent decision-making at a line rate. In this regard, the emerging edge network devices, e.g., programmable switches and smart NICs, support the design of several network security tasks, including DDoS attack detection. The state-of-the-art DDoS detection in programmable data planes mainly focuses on embedding ML models into the data plane without compromising the inference accuracy. However, it fails to consider multiple factors that are crucial for DDoS detection, like capturing network-wide interactions between malicious sources or deployment issues surfacing in real-world scenarios. Therefore, there is a necessity of a detection mechanism fully distributed among different switches via lightweight learning models, which allows for a more robust capturing of traffic interactions in different parts of the network, introducing low latency in the communications.

Privacy Preserving Applications

Private computing provides a clever way to process data without revealing any details about the data itself to the party in charge of processing it. Signal protection is usually achieved by encrypting the signals and processing them in encrypted form. Possible applications of Homomorphic Encryption, Secure Compuation, and Differential Privacy are virtually endless. Among them, we explore privacy-preserving biometric matching, biomedical signal processing,  private sensor fusion in IoT swarms, and private sample analysis for malware identification.

Critical Infrastructure Security

Since the origin of the Internet, cyber-attacks have evolved in parallel with computer development, changing ways and means of execution. A new class of cyber-threats, known as “Advanced Persistent Threat” (APT), has emerged and has been used by different organizations to perform dangerous and effective attacks against financial and political entities, critical infrastructures, and so on. Understanding the behavior of malware requires a semiautomatic approach including complex software tools and human analysts in the loop. However, the huge number of malicious samples developed daily calls for some prioritization mechanism to carefully select the samples that deserve further examination by analysts. This prevents computational resources from being overloaded and human analysts saturated. We investigate a malware triage stage where samples are quickly and automatically examined to promptly decide whether they should be immediately dispatched to human analysts or other specific automatic analysis queues, rather than following the common and slow analysis pipeline.

Moreover, embedded devices are pivotal in many aspects of critical infrastructures, e-health sector, and the IoT ecosystem. These devices ship with custom software, dubbed firmware, whose development may not have followed strict security-by-design guidelines and for which no detailed documentation may be available. Given their critical role, testing their software before deploying them is crucial to prevent their exploitation from APTs.

AR/VR security

Extended Reality (XR) technologies stand at the forefront of a new digital revolution in an era marked by constant technological innovations. Nowadays, XR technology is much more than a device that produces 3D visuals. With new devices released each year and additional manufacturers getting involved in this field, the XR devices are considered for different application domains from entertainment to education to healthcare. The emerging metaverse realm offers a bright future with capabilities ranging from assisting astronauts in their mission to making hearing-impaired individuals "see" the conversations via subtitles.  XR devices are versatile in their functionality and equipped with an array of advanced sensors, communication capabilities, and hardware specifications. As these technologies evolve, our perception of reality seamlessly blends with the virtual world. However, the exponential growth of these technologies raises concerns about whether these devices are secure and the users' sensitive information is kept private.

Drone security

In the 21st century, the industry of drones, also known as Unmanned Aerial Vehicles (UAVs), has witnessed a rapid increase in its large number of airspace users. The tremendous benefits of this technology in civilian applications such as hostage rescue and parcel delivery will integrate smart cities in the future. Nowadays, the affordability of commercial drones has expanded their usage on a large scale. However, the development of drone technology is associated with vulnerabilities and threats due to the lack of efficient security implementations. Moreover, the complexity of UAVs in software and hardware triggers potential security and privacy issues. Thus posing significant challenges for the industry, academia, and governments.