Welcome To I-SEC

The information security lab

About

I-SEC

The information security lab (I-Sec), within the ISI research institute

We aim to translate the complex nature of Cyber Security into an easily comprehensible way to understand, monitor and control the risks of employing current and future technologies. With a strong commitment to co-designed solutions with the potential end-users, we research new ways on how to expose and present the raised implications on privacy, risk, security and safety.


  • Information Science Institute

    Research institute ISI

    The Information Science Institute has established strong collaborations with multidisciplinary research teams from different faculties (Medicine, Psychology, Science, Society Sciences) and has an extensive national and international network that includes many academic institutions, public administrations, creativity and innovation consultants, think tanks and services providers.

  • Centre universitaire d’informatique

    Computer Science Centre CUI

    The Computer Science Centre is a subdivision of the University of Geneva. It is interfacultary centre of teaching and research in information sciences, associated with all factulties having activity in Information science research.

  • Geneva School of Economics and Management

    Business School of the University of Geneva GSEM

    The Geneva School of Economics and Management is committed to a broad-based, multidisciplinary approach to the sciences of economics and management.

  • University of Geneva

    Founded in 1559 by Jean Calvin, the University of Geneva (UNIGE) is dedicated to thinking, teaching, dialogue and research. With 16’500 students of more than 150 different nationalities, it is Switzerland’s second largest university.

We are dedicated to cybersecurity and privacy in the rapidly evolving landscape of mobility solutions and are active in the following domains:

CCAM Ontology: The CCAM ontology serves as a structured framework or model for representing various aspects of cooperative, connected, and automated mobility within Smart Cities. It enables standardised and organised information management, making it easier to analyse and secure the data and systems involved.

Modelling Smart City Data Interaction: This involves capturing and understanding how data flows and interacts within the context of cooperative, connected, and automated mobility systems in Smart Cities. This understanding is crucial for assessing cybersecurity risks and optimising data management.

Simulating Prediction and Propagation of Cyberthreats: Simulating cyberthreats within the CCAM context allows for proactive identification of vulnerabilities and potential threat vectors specific to connected and automated mobility systems. Understanding threat propagation aids in developing effective security measures.

Analysing Risk Perception: Analysis on how stakeholders perceive and respond to risks associated with CCAM in Smart Cities. This human-centric approach is essential for citizens awareness.

Privacy-Friendly Behavioral Change: Promoting behavioural change in the context of cooperative, connected, and automated mobility while ensuring privacy protection is a significant challenge. While creating safer, more efficient, and more user-friendly urban transportation systems, we are bound to balance technological advancements with ethical considerations.

Team

Dr. Niels A. Nijdam

MER, Lab director

Dr. Anastasija Collen

Senior researcher, Lab co-director

Dr. Meriem Benyahya

Postdoctoral researcher

Dr. Teri Lenard

Research fellow

Jeroen A. Beukers

Research fellow, TPG innovation expert

Julie Bürki

PhD candidate, research assistant

Projects

AutoTRUST

Horizon Project (May 2024-Apr 2027)

Autonomous self-adaptive services for TRansformational personalized inclUsivenesS and resilience in mobiliTy

OPEVA

Horizon Project (Jan 2023-Dec 2026)

OPtimization of Electric Vehicle Autonomy

ULTIMO

Horizon Project (Oct 2022-Sep 2026)

Advancing Sustainable User-centric Mobility with Automated Vehicles

ENFLATE

Horizon Project (Sep 2022-Aug 2026)

ENabling FLexibility provision by all Actors and sectors through markets and digital TEchnologies

SHOW

H2020 Project (Jan 2020-Dec 2023)

SHOW aims to estimate and evaluate the role of autonomous vehicles (AVs) in making urban transport more effective, sustainable and user friendly.

AVENUE

H2020 Project (May 2018-Apr 2022)

AVENUE aims to design and carry out full scale demonstrations of urban transport automation by deploying, for the first time worldwide, fleets of autonomous mini-buses.

nIoVe

H2020 Project (May 2019-Apr 2022)

nIoVe aims to deploy a novel multi-layered interoperable cybersecurity solution for the IoV to share cyber threat intelligence, synchronise and coordinate cybersecurity strategies, response and recovery activities.

GHOST

H2020 Project (May 2017-Apr 2020)

GHOST envisions a transparent cybersecurity environment by developing a user-friendly application to improve security and privacy in a Digital Home connected to Internet of Things (IoT), using the most advanced technologies available for this purpose.

Publications

@article{fournier_cybersecurity_2024, address = {Cham}, author = {Nijdam, Niels A. and Benyahya, Meriem and Collen, Anastasija}, booktitle = {Automated {Vehicles} as a {Game} {Changer} for {Sustainable} {Mobility}}, doi = {10.1007/978-3-031-61681-5_6}, editor = {Fournier, Guy and Boos, Adrian and Konstantas, Dimitri and Attias, Danielle}, isbn = {978-3-031-61680-8 978-3-031-61681-5}, language = {en}, note = {Series Title: Contributions to Management Science}, pages = {151--168}, publisher = {Springer Nature Switzerland}, shorttitle = {Cybersecurity and {Data} {Privacy}}, title = {Cybersecurity and {Data} {Privacy}: {Stakeholders}' {Stand} on {Regulations} and {Standards}}, url = {https://link.springer.com/10.1007/978-3-031-61681-5_6}, urldate = {2024-07-18}, year = {2024}, bdsk-url-1 = {https://link.springer.com/10.1007/978-3-031-61681-5_6}, bdsk-url-2 = {https://doi.org/10.1007/978-3-031-61681-5_6} }

@inproceedings{lenard_loki-2_2024, location = {Cluj-Napoca, Romania}, title = {{LOKI}-2: An Improved Lightweight Cryptographic Key Distribution Protocol for Automotive Systems}, rights = {https://doi.org/10.15223/policy-029}, isbn = {9798350370355}, url = {https://ieeexplore.ieee.org/document/10398644/}, doi = {10.1109/ICCP60212.2023.10398644}, shorttitle = {{LOKI}-2}, eventtitle = {2023 {IEEE} 19th International Conference on Intelligent Computer Communication and Processing ({ICCP})}, pages = {187--194}, booktitle = {2023 {IEEE} 19th International Conference on Intelligent Computer Communication and Processing ({ICCP})}, publisher = {{IEEE}}, author = {Lenard, Teri and Genge, Bèla and Collen, Anastasija and Nijdam, Niels A.}, urldate = {2024-05-07}, year = {2024}, }

@article{benyahya_analyses_2023, title = {Analyses on standards and regulations for connected and automated vehicles: {Identifying} the certifications roadmap}, volume = {14}, issn = {2666691X}, shorttitle = {Analyses on standards and regulations for connected and automated vehicles}, url = {https://linkinghub.elsevier.com/retrieve/pii/S2666691X23000453}, doi = {10.1016/j.treng.2023.100205}, language = {en}, urldate = {2023-12-19}, journal = {Transportation Engineering}, author = {Benyahya, Meriem and Collen, Anastasija and Nijdam, Niels Alexander}, month = dec, year = {2023}, pages = {100205}, }

@article{lenard_exploring_2023, title = {Exploring {Trust} {Modeling} and {Management} {Techniques} in the {Context} of {Distributed} {Wireless} {Networks}: {A} {Literature} {Review}}, volume = {11}, issn = {2169-3536}, shorttitle = {Exploring {Trust} {Modeling} and {Management} {Techniques} in the {Context} of {Distributed} {Wireless} {Networks}}, url = {https://ieeexplore.ieee.org/document/10267920/}, doi = {10.1109/ACCESS.2023.3320945}, urldate = {2023-12-19}, journal = {IEEE Access}, author = {Lenard, Teri and Collen, Anastasija and Benyahya, Meriem and Nijdam, Niels Alexander and Genge, Béla}, year = {2023}, pages = {106803--106832}, }

@article{benyahya_cybersecurity_2023, title = {Cybersecurity and {Data} {Privacy} {Certification} {Gaps} of {Connected} and {Automated} {Vehicles}}, volume = {72}, issn = {23521465}, url = {https://linkinghub.elsevier.com/retrieve/pii/S2352146523007664}, doi = {10.1016/j.trpro.2023.11.468}, language = {en}, urldate = {2023-12-19}, journal = {Transportation Research Procedia}, author = {Benyahya, Meriem and Collen, Anastasija and Nijdam, Niels Alexander}, year = {2023}, pages = {783--790}, }

@inproceedings{kouzinopoulos_using_2018, address = {Cham}, title = {Using {Blockchains} to {Strengthen} the {Security} of {Internet} of {Things}}, volume = {821}, copyright = {All rights reserved}, isbn = {978-3-319-95188-1 978-3-319-95189-8}, url = {http://link.springer.com/10.1007/978-3-319-95189-8_9}, urldate = {2023-09-10}, booktitle = {Security in {Computer} and {Information} {Sciences}}, publisher = {Springer International Publishing}, author = {Kouzinopoulos, Charalampos S. and Spathoulas, Georgios and Giannoutakis, Konstantinos M. and Votis, Konstantinos and Pandey, Pankaj and Tzovaras, Dimitrios and Katsikas, Sokratis K. and Collen, Anastasija and Nijdam, Niels A.}, editor = {Gelenbe, Erol and Campegiani, Paolo and Czachórski, Tadeusz and Katsikas, Sokratis K. and Komnios, Ioannis and Romano, Luigi and Tzovaras, Dimitrios}, year = {2018}, doi = {10.1007/978-3-319-95189-8_9}, note = {Series Title: Communications in Computer and Information Science}, pages = {90--100}, }

@inproceedings{tsiourti_cameli_2018, address = {Cham}, title = {The {CaMeLi} {Framework}—{A} {Multimodal} {Virtual} {Companion} for {Older} {Adults}}, volume = {751}, copyright = {All rights reserved}, isbn = {978-3-319-69265-4 978-3-319-69266-1}, url = {http://link.springer.com/10.1007/978-3-319-69266-1_10}, urldate = {2023-09-10}, booktitle = {Intelligent {Systems} and {Applications}}, publisher = {Springer International Publishing}, author = {Tsiourti, Christiana and Quintas, Joao and Ben-Moussa, Maher and Hanke, Sten and Nijdam, Niels Alexander and Konstantas, Dimitri}, editor = {Bi, Yaxin and Kapoor, Supriya and Bhatia, Rahul}, year = {2018}, doi = {10.1007/978-3-319-69266-1_10}, note = {Series Title: Studies in Computational Intelligence}, pages = {196--217}, }

@inproceedings{collen_ghost_2018, address = {Cham}, title = {{GHOST} - {Safe}-{Guarding} {Home} {IoT} {Environments} with {Personalised} {Real}-{Time} {Risk} {Control}}, volume = {821}, copyright = {All rights reserved}, isbn = {978-3-319-95188-1 978-3-319-95189-8}, url = {http://link.springer.com/10.1007/978-3-319-95189-8_7}, urldate = {2023-09-10}, booktitle = {Security in {Computer} and {Information} {Sciences}}, publisher = {Springer International Publishing}, author = {Collen, A. and Nijdam, N. A. and Augusto-Gonzalez, J. and Katsikas, S. K. and Giannoutakis, K. M. and Spathoulas, G. and Gelenbe, E. and Votis, K. and Tzovaras, D. and Ghavami, N. and Volkamer, M. and Haller, P. and Sánchez, A. and Dimas, M.}, editor = {Gelenbe, Erol and Campegiani, Paolo and Czachórski, Tadeusz and Katsikas, Sokratis K. and Komnios, Ioannis and Romano, Luigi and Tzovaras, Dimitrios}, year = {2018}, doi = {10.1007/978-3-319-95189-8_7}, note = {Series Title: Communications in Computer and Information Science}, pages = {68--78}, }

@inproceedings{lenard_key_2023, address = {Delft, Netherlands}, title = {A {Key} to {Embedded} {System} {Security}: {Locking} and {Unlocking} {Secrets} with a {Trusted} {Platform} {Module}}, copyright = {All rights reserved}, isbn = {9798350327205}, shorttitle = {A {Key} to {Embedded} {System} {Security}}, url = {https://ieeexplore.ieee.org/document/10190676/}, doi = {10.1109/EuroSPW59978.2023.00041}, urldate = {2023-09-10}, booktitle = {2023 {IEEE} {European} {Symposium} on {Security} and {Privacy} {Workshops} ({EuroS}\&{PW})}, publisher = {IEEE}, author = {Lenard, Teri and Collen, Anastasija and Nijdam, Niels A. and Genge, Bela}, month = jul, year = {2023}, pages = {329--335}, }

@article{abdulghani_guidance_2023, title = {Guidance {Framework} for {Developing} {IoT}-{Enabled} {Systems}’ {Cybersecurity}}, volume = {23}, copyright = {All rights reserved}, issn = {1424-8220}, url = {https://www.mdpi.com/1424-8220/23/8/4174}, doi = {10.3390/s23084174}, abstract = {Internet of Things (IoT) faces security concerns different from existing challenges in conventional information systems connected through the Internet because of their limited resources and heterogeneous network setups. This work proposes a novel framework for securing IoT objects, the key objective of which is to assign different Security Level Certificates (SLC) for IoT objects according to their hardware capabilities and protection measures implemented. Objects with SLCs, therefore, will be able to communicate with each other or with the Internet in a secure manner. The proposed framework is composed of five phases, namely: classification, mitigation guidelines, SLC assignment, communication plan, and legacy integration. The groundwork relies on the identification of a set of security attributes, termed security goals. By performing an analysis on common IoT attacks, we identify which of these security goals are violated for specific types of IoT. The feasibility and application of the proposed framework is illustrated at each phase using the smart home as a case study. We also provide qualitative arguments to demonstrate how the deployment of our framework solves IoT specific security challenges.}, language = {en}, number = {8}, urldate = {2023-09-10}, journal = {Sensors}, author = {Abdulghani, Hezam Akram and Collen, Anastasija and Nijdam, Niels Alexander}, month = apr, year = {2023}, note = {Number: 8}, pages = {4174}, }

@article{benyahya_symbiotic_2023, title = {Symbiotic {Analysis} of {Security} {Assessment} and {Penetration} {Tests} {Guiding} {Real} {L4} {Automated} {City} {Shuttles}}, volume = {4}, copyright = {All rights reserved}, issn = {2673-4001}, url = {https://www.mdpi.com/2673-4001/4/1/12}, doi = {10.3390/telecom4010012}, abstract = {The Connected Automated Vehicle (CAV)’s deployment is proof of the wide evolution of autonomous driving technologies enabling vehicles to gradually dispose of their drivers. Within the scope of smart cities, such innovation has given rise to a new type of CAV: the Automated City Shuttle (ACS). Foreseen as the new paradigm aiming to shape the public transport model, the ACS elicits a plurality of new applications, such as the on-demand service in which a driverless shuttle offers the desired ride without human intervention. However, such a model raises cybersecurity concerns through the numerous attack surfaces and vehicle hyperconnection. This phenomenon was highlighted in several studies on CAVs, but very few research works tackled the specific case of ACSs, whose challenges and risks far exceed those of personal vehicles. The present work offers a comprehensive investigation of cybersecurity attacks, demonstrates a performed risk assessment based on the ISO/SAE 21434 standard, and showcases a penetration test over a real ACS of automation level four (L4) according to the Society of Automotive Engineering (SAE)’s ranking. Based on our experiments, we leverage fundamental cybersecurity recommendations with a focus on the ACS’s physical security.}, language = {en}, number = {1}, urldate = {2023-09-10}, journal = {Telecom}, author = {Benyahya, Meriem and Bergerat, Pierre and Collen, Anastasija and Nijdam, Niels Alexander}, month = mar, year = {2023}, note = {Number: 1}, pages = {198--218}, }

@article{lenard_automotive_2023, title = {An {Automotive} {Reference} {Testbed} with {Trusted} {Security} {Services}}, volume = {12}, copyright = {All rights reserved}, issn = {2079-9292}, url = {https://www.mdpi.com/2079-9292/12/4/888}, doi = {10.3390/electronics12040888}, abstract = {While research in the field of automotive systems inclined in the past years towards technologies such as Vehicle-to-Everything (V2X) or Connected and Automated Vehicle (CAV), the underlying system security still plays a crucial role in assuring trust and system safety. The work at hand tackles the issue of automotive system security by designing a multi-service security system specially tailored for in-vehicle networks. The proposed trusted security services leverage Trusted Platform Module (TPM) to store secrets and manage and exchange cryptographic keys. To showcase how security services can be implemented in a in-vehicle network, a Reference TestBed (RTB) was developed. In the RTB, encryption and authentication keys are periodically exchanged, data is sent authenticated, the network is monitored by a Stateful Firewall and Intrusion Detection System (SF/IDS), and security events are logged and reported. A formal individual and multi-protocol analysis was conducted to demonstrated the feasibility of the proposed services from a theoretical point of view. Two distinct scenarios were considered to present the workflow and interaction between the proposed services. Lastly, performance measurements on the reference hardware are provided.}, language = {en}, number = {4}, urldate = {2023-09-10}, journal = {Electronics}, author = {Lenard, Teri and Genge, Béla and Haller, Piroska and Collen, Anastasija and Nijdam, Niels Alexander}, month = feb, year = {2023}, note = {Number: 4}, pages = {888}, }

@article{collen_integrating_2022, title = {Integrating {Human} {Factors} in the {Visualisation} of {Usable} {Transparency} for {Dynamic} {Risk} {Assessment}}, volume = {13}, copyright = {All rights reserved}, issn = {2078-2489}, url = {https://www.mdpi.com/2078-2489/13/7/340}, doi = {10.3390/info13070340}, abstract = {Modern technology and the digitisation era accelerated the pace of data generation and collection for various purposes. The orchestration of such data is a daily challenge faced by even experienced professional users in the context of Internet of Things (IoT)-enabled environments, especially when it comes to cybersecurity and privacy risks. This article presents the application of a user-centric process for the visualisation of automated decision making security interventions. The user interface (UI) development was guided by iterative feedback collection from user studies on the visualisation of a dynamic risk assessment (DRA)-based security solution for regular lay users. The methodology we applied starts with the definition of the methodological process to map possible technical actions to related usable actions. The definition and refinement of the user interface (UI) was controlled by the survey feedback loop from end user studies on their general technological knowledge, experience with smart homes, cybersecurity awareness and privacy preservation needs. We continuously improved the visualisation interfaces for configuring a cybersecurity solution and adjusting usable transparency of the control and monitoring of the dynamic risk assessment (DRA). For this purpose, we have designed, developed and validated a decision tree workflow and showed the evolution of the interfaces through various stages of the real-life trials executed under European H2020 project GHOST.}, language = {en}, number = {7}, urldate = {2023-09-10}, journal = {Information}, author = {Collen, Anastasija and Szanto, Ioan-Cosmin and Benyahya, Meriem and Genge, Bela and Nijdam, Niels Alexander}, month = jul, year = {2022}, note = {Number: 7}, pages = {340}, }

@inproceedings{benyahya_systematic_2023, address = {Benevento Italy}, title = {A {Systematic} {Review} of {Threat} {Analysis} and {Risk} {Assessment} {Methodologies} for {Connected} and {Automated} {Vehicles}}, copyright = {All rights reserved}, isbn = {9798400707728}, url = {https://dl.acm.org/doi/10.1145/3600160.3605084}, doi = {10.1145/3600160.3605084}, language = {en}, urldate = {2023-09-10}, booktitle = {Proceedings of the 18th {International} {Conference} on {Availability}, {Reliability} and {Security}}, publisher = {ACM}, author = {Benyahya, Meriem and Lenard, Teri and Collen, Anastasija and Nijdam, Niels Alexander}, month = aug, year = {2023}, pages = {1--10}, }

@article{abdulghani_analysis_2022, title = {Analysis on {Security} and {Privacy} {Guidelines}: {RFID}-{Based} {IoT} {Applications}}, volume = {10}, copyright = {All rights reserved}, issn = {2169-3536}, shorttitle = {Analysis on {Security} and {Privacy} {Guidelines}}, url = {https://ieeexplore.ieee.org/document/9973302/}, doi = {10.1109/ACCESS.2022.3227449}, urldate = {2023-09-10}, journal = {IEEE Access}, author = {Abdulghani, Hezam Akram and Nijdam, Niels Alexander and Konstantas, Dimitri}, year = {2022}, pages = {131528--131554}, }

@article{collen_can_2022, title = {Can {I} {Sleep} {Safely} in {My} {Smarthome}? {A} {Novel} {Framework} on {Automating} {Dynamic} {Risk} {Assessment} in {IoT} {Environments}}, volume = {11}, copyright = {All rights reserved}, issn = {2079-9292}, shorttitle = {Can {I} {Sleep} {Safely} in {My} {Smarthome}?}, url = {https://www.mdpi.com/2079-9292/11/7/1123}, doi = {10.3390/electronics11071123}, abstract = {Fully automated homes, equipped with the latest Internet of Things (IoT) devices, aiming to drastically improve the quality of lives of those inhabiting such homes, is it not a perfect setting for cyber threats? More than that, this is a fear of many regular citizens and a trending topic for researchers to apply Cyber Threat Intelligence (CTI) for seamless cyber security. This paper focuses on the Risk Assessment (RA) methodology for smarthome environments, targeting to include all types of IoT devices. Unfortunately, existing approaches mostly focus on the manual or periodic formal RA, or individual device-specific cyber security solutions. This paper presents a Dynamic Risk Assessment Framework (DRAF), aiming to automate the identification of ongoing attacks and the evaluation of the likelihood of associated risks. Moreover, DRAF dynamically proposes mitigation strategies when full automation of the decision making is not possible. The theoretical model of DRAF was implemented and tested in smarthome testbeds deployed in several European countries. The resulting data indicate strong promises for the automation of decision making to control the tightly coupled balance between cyber security and privacy compromise in terms of the embedded services’ usability, end-users’ expectations and their level of cyber concerns.}, language = {en}, number = {7}, urldate = {2023-09-10}, journal = {Electronics}, author = {Collen, Anastasija and Nijdam, Niels Alexander}, month = apr, year = {2022}, note = {Number: 7}, pages = {1123}, }

@inproceedings{augusto-gonzalez_internet_2019, address = {Limassol, Cyprus}, title = {From {Internet} of {Threats} to {Internet} of {Things}: {A} {Cyber} {Security} {Architecture} for {Smart} {Homes}}, copyright = {All rights reserved}, isbn = {978-1-72811-016-5}, shorttitle = {From {Internet} of {Threats} to {Internet} of {Things}}, url = {https://ieeexplore.ieee.org/document/8858493/}, doi = {10.1109/CAMAD.2019.8858493}, urldate = {2023-09-10}, booktitle = {2019 {IEEE} 24th {International} {Workshop} on {Computer} {Aided} {Modeling} and {Design} of {Communication} {Links} and {Networks} ({CAMAD})}, publisher = {IEEE}, author = {Augusto-Gonzalez, J. and Collen, A. and Evangelatos, S. and Anagnostopoulos, M. and Spathoulas, G. and Giannoutakis, K. M. and Votis, K. and Tzovaras, D. and Genge, B. and Gelenbe, E. and Nijdam, N. A.}, month = sep, year = {2019}, pages = {1--6}, }

@article{benyahya_interface_2022, title = {The {Interface} of {Privacy} and {Data} {Security} in {Automated} {City} {Shuttles}: {The} {GDPR} {Analysis}}, volume = {12}, copyright = {All rights reserved}, issn = {2076-3417}, shorttitle = {The {Interface} of {Privacy} and {Data} {Security} in {Automated} {City} {Shuttles}}, url = {https://www.mdpi.com/2076-3417/12/9/4413}, doi = {10.3390/app12094413}, abstract = {The fast evolution and prevalence of driverless technologies has facilitated the testing and deployment of automated city shuttles (ACSs) as a means of public transportation in smart cities. For their efficient functioning, ACSs require a real-time data compilation and exchange of information with their internal components and external environment. However, that nexus of data exchange comes with privacy concerns and data protection challenges. In particular, the technical realization of stringent data protection laws on data collection and processing are key issues to be tackled within the ACSs ecosystem. Our work provides an in-depth analysis of the GDPR requirements that should be considered by the ACSs’ stakeholders during the collection, storage, use, and transmission of data to and from the vehicles. First, an analysis is performed on the data processing principles, the rights of data subjects, and the subsequent obligations for the data controllers where we highlight the mixed roles that can be assigned to the ACSs stakeholders. Secondly, the compatibility of privacy laws with security technologies focusing on the gap between the legal definitions and the technological implementation of privacy-preserving techniques are discussed. In face of the GDPR pitfalls, our work recommends a further strengthening of the data protection law. The interdisciplinary approach will ensure that the overlapping stakeholder roles and the blurring implementation of data privacy-preserving techniques within the ACSs landscape are efficiently addressed.}, language = {en}, number = {9}, urldate = {2023-09-10}, journal = {Applied Sciences}, author = {Benyahya, Meriem and Kechagia, Sotiria and Collen, Anastasija and Nijdam, Niels Alexander}, month = apr, year = {2022}, note = {Number: 9}, pages = {4413}, }

@article{benyahya_automated_2022, title = {Automated city shuttles: {Mapping} the key challenges in cybersecurity, privacy and standards to future developments}, volume = {122}, copyright = {All rights reserved}, issn = {01674048}, shorttitle = {Automated city shuttles}, url = {https://linkinghub.elsevier.com/retrieve/pii/S0167404822002978}, doi = {10.1016/j.cose.2022.102904}, language = {en}, urldate = {2023-09-10}, journal = {Computers \& Security}, author = {Benyahya, Meriem and Collen, Anastasija and Kechagia, Sotiria and Nijdam, Niels Alexander}, month = nov, year = {2022}, pages = {102904}, }

@article{serinelli_analysis_2021, title = {On the analysis of open source datasets: validating {IDS} implementation for well-known and zero day attack detection}, volume = {191}, copyright = {All rights reserved}, issn = {18770509}, shorttitle = {On the analysis of open source datasets}, url = {https://linkinghub.elsevier.com/retrieve/pii/S1877050921014198}, doi = {10.1016/j.procs.2021.07.024}, language = {en}, urldate = {2023-09-10}, journal = {Procedia Computer Science}, author = {Serinelli, Benedetto Marco and Collen, Anastasija and Nijdam, Niels Alexander}, year = {2021}, pages = {192--199}, }

@inproceedings{giannoutakis_blockchain_2020, address = {Rhodes Island, Greece}, title = {A {Blockchain} {Solution} for {Enhancing} {Cybersecurity} {Defence} of {IoT}}, copyright = {All rights reserved}, isbn = {978-0-7381-0495-9}, url = {https://ieeexplore.ieee.org/document/9284690/}, doi = {10.1109/Blockchain50366.2020.00071}, urldate = {2023-09-10}, booktitle = {2020 {IEEE} {International} {Conference} on {Blockchain} ({Blockchain})}, publisher = {IEEE}, author = {Giannoutakis, K. M. and Spathoulas, G. and Filelis-Papadopoulos, C. K. and Collen, A. and Anagnostopoulos, M. and Votis, K. and Nijdam, N. A.}, month = nov, year = {2020}, pages = {490--495}, }

@article{serinelli_training_2020, title = {Training {Guidance} with {KDD} {Cup} 1999 and {NSL}-{KDD} {Data} {Sets} of {ANIDINR}: {Anomaly}-{Based} {Network} {Intrusion} {Detection} {System}}, volume = {175}, copyright = {All rights reserved}, issn = {18770509}, shorttitle = {Training {Guidance} with {KDD} {Cup} 1999 and {NSL}-{KDD} {Data} {Sets} of {ANIDINR}}, url = {https://linkinghub.elsevier.com/retrieve/pii/S1877050920317804}, doi = {10.1016/j.procs.2020.07.080}, language = {en}, urldate = {2023-09-10}, journal = {Procedia Computer Science}, author = {Serinelli, Benedetto Marco and Collen, Anastasija and Nijdam, Niels Alexander}, year = {2020}, pages = {560--565}, }

@inproceedings{kouzinopoulos_implementing_2018, address = {Thessaloniki}, title = {Implementing a {Forms} of {Consent} {Smart} {Contract} on an {IoT}-based {Blockchain} to promote user trust}, copyright = {All rights reserved}, isbn = {978-1-5386-5150-6}, url = {https://ieeexplore.ieee.org/document/8466268/}, doi = {10.1109/INISTA.2018.8466268}, urldate = {2023-09-10}, booktitle = {2018 {Innovations} in {Intelligent} {Systems} and {Applications} ({INISTA})}, publisher = {IEEE}, author = {Kouzinopoulos, Charalampos S. and M. Giannoutakis, Konstantinos and Votis, Konstantinos and Tzovaras, Dimitrios and Collen, Anastasija and Nijdam, Niels A. and Konstantas, Dimitri and Spathoulas, Georgios and Pandey, Pankaj and Katsikas, Sokratis}, month = jul, year = {2018}, pages = {1--6}, }

@inproceedings{pandey_towards_2019, title = {Towards automated threat-based risk assessment for cyber security in smarthomes}, copyright = {All rights reserved}, booktitle = {18th {European} {Conference} on {Cyber} {Warfare} and {Security}, {ECCWS} 2019}, publisher = {Curran Associates, Inc}, author = {Pandey, Pankaj and Collen, Anastasija and Nijdam, Niels and Anagnostopoulos, Marios and Katsikas, Sokratis and Konstantas, Dimitri}, year = {2019}, pages = {839--844}, }

@article{abdulghani_study_2019, title = {A {Study} on {Security} and {Privacy} {Guidelines}, {Countermeasures}, {Threats}: {IoT} {Data} at {Rest} {Perspective}}, volume = {11}, copyright = {All rights reserved}, issn = {2073-8994}, shorttitle = {A {Study} on {Security} and {Privacy} {Guidelines}, {Countermeasures}, {Threats}}, url = {https://www.mdpi.com/2073-8994/11/6/774}, doi = {10.3390/sym11060774}, abstract = {The Internet of Things (IoT) makes our lives much easier, more valuable, and less stressful due to the development of many applications around us including smart cities, smart cars, and smart grids, offering endless services and solutions. Protecting IoT data of such applications at rest either on the objects or in the cloud is an indispensable requirement for achieving a symmetry in the handling and protection of the IoT, as we do with data created by persons and applications. This is because unauthorised access to such data may lead to harmful consequences such as linkage attacks, loss of privacy, and data manipulation. Such undesired implications may jeopardise the existence of IoT applications if protection measures are not taken, and they stem from two main factors. One is that IoT objects have limited capabilities in terms of memory capacity, battery life, and computational power that hamper the direct implementation of conventional Internet security solutions without some modifications (e.g., traditional symmetric algorithms). Another factor is the absence of widely accepted IoT security and privacy guidelines for IoT data at rest and their appropriate countermeasures, which would help IoT stakeholders (e.g., developers, manufacturers) to develop secure IoT systems and therefore enhance IoT security and privacy by design. Toward this end, we first briefly describe the main IoT security goals and identify IoT stakeholders. Moreover, we briefly discuss the most well-known data protection frameworks (e.g., General Data Protection Regulation (GDPR), Health Insurance Portability (HIPAA)). Second, we highlight potential attacks and threats against data at rest and show their violated security goals (e.g., confidentiality and integrity). Third, we review a list of protection measures by which our proposed guidelines can be accomplished. Fourth, we propose a framework of security and privacy guidelines for IoT data at rest that can be utilised to enhance IoT security and privacy by design and establish a symmetry with the protection of user-created data. Our framework also presents the link between the suggested guidelines, mitigation techniques, and attacks. Moreover, we state those IoT stakeholders (e.g., manufacturers, developers) who will benefit most from these guidelines. Finally, we suggest several open issues requiring further investigation in the future, and we also discuss the limitations of our suggested framework.}, language = {en}, number = {6}, urldate = {2023-09-10}, journal = {Symmetry}, author = {Abdulghani, Hezam Akram and Nijdam, Niels Alexander and Collen, Anastasija and Konstantas, Dimitri}, month = jun, year = {2019}, note = {Number: 6}, pages = {774}, }

@inproceedings{spathoulas_towards_2018, address = {Thessaloniki}, title = {Towards {Reliable} {Integrity} in {Blacklisting}: {Facing} {Malicious} {IPs} in {GHOST} {Smart} {Contracts}}, copyright = {All rights reserved}, isbn = {978-1-5386-5150-6}, shorttitle = {Towards {Reliable} {Integrity} in {Blacklisting}}, url = {https://ieeexplore.ieee.org/document/8466327/}, doi = {10.1109/INISTA.2018.8466327}, urldate = {2023-09-10}, booktitle = {2018 {Innovations} in {Intelligent} {Systems} and {Applications} ({INISTA})}, publisher = {IEEE}, author = {Spathoulas, Georgios and Collen, Anastasija and Pandey, Pankaj and Nijdam, Niels A. and Katsikas, Sokratis and Kouzinopoulos, Charalampos S. and Ben Moussa, Maher and Giannoutakis, Konstantinos M. and Votis, Konstantinos and Tzovaras, Dimitrios}, month = jul, year = {2018}, pages = {1--8}, }

@inproceedings{senecal_motion_2018, address = {Limassol Cyprus}, title = {Motion analysis and classification of salsa dance using music-related motion features}, copyright = {All rights reserved}, isbn = {978-1-4503-6015-9}, url = {https://dl.acm.org/doi/10.1145/3274247.3274514}, doi = {10.1145/3274247.3274514}, language = {en}, urldate = {2023-09-10}, booktitle = {Proceedings of the 11th {Annual} {International} {Conference} on {Motion}, {Interaction}, and {Games}}, publisher = {ACM}, author = {Senecal, Simon and Nijdam, Niels A. and Thalmann, Nadia Magnenat}, month = nov, year = {2018}, pages = {1--10}, }

Positions

Our partners

We are working in close collaboration with:

Blog

Enhanced TARA for CAV unifying upon security and privacy standards

Automated city shuttle: Let’s have a ride in Europe streets!

Who are the actors in a typical cybersecurity scenario?

Security by password authentication – do you remember them all?

GHOST on top of the EU Cybersecurity Act

Contact Us

Battelle, Bâtiment A
Route de Drize 7
CH-1227 Carouge
SWITZERLAND

Niels.Nijdam [at] Unige.CH