Papers by Costas Lambrinoudakis
Computers & Security, Dec 1, 2008
The work presented in this paper has been focused to the SIP protocol. However, generalization to... more The work presented in this paper has been focused to the SIP protocol. However, generalization to other signaling protocols is possible.
Communications in computer and information science, 2011
In this paper we identify some areas where cryptography can help a rapid adoption of cloud comput... more In this paper we identify some areas where cryptography can help a rapid adoption of cloud computing. Although secure storage has already captured the attention of many cloud providers, offering a higher level of protection for their customer's data, we think that more advanced techniques such as searchable encryption and secure outsourced computation will become popular in the near future, opening the doors of the Cloud to customers with higher security requirements.
Advances in information security, 2003
Computer Communications, Mar 1, 2007
Voice over IP (VoIP) services based on the Session Initiation Protocol (SIP) gain ground as compa... more Voice over IP (VoIP) services based on the Session Initiation Protocol (SIP) gain ground as compared to other protocols like MGCP or H.323. However, the open SIP architecture constitutes the provided services vulnerable to various attacks, similar to those currently existing in Internet. The lack of a formal way to describe VoIP vulnerabilities hinders the development of tools that could be utilized for identifying such vulnerabilities or for testing the security level of the offered services, in both cases the tools being independent from a specific implementation. This paper introduces such a formalization for SIP-based VoIP services, utilizing ontologies, facilitating an extensible description of known SIP security vulnerabilities that can be employed in a real environment for testing or intrusion detection purposes.
Telecommunication Systems, Dec 1, 2007
The advent of Voice over IP (VoIP) has offered numerous advantages but, at the same time, it has ... more The advent of Voice over IP (VoIP) has offered numerous advantages but, at the same time, it has introduced security threats not previously encountered in networks with a closed architecture like the Public Switch Telephone Networks (PSTN). One of these threats is that of signaling attacks. This paper examines the signaling attacks in VoIP environments based on the Session Initiation Protocol (SIP), focusing on the design of a robust lightweight protection mechanism against them. The proposed scheme introduces a new SIP header, namely the Integrity-Auth header, which is utilized for protecting the SIP-based VoIP services from signaling attacks while ensuring authenticity and integrity.
Computers & Security, Oct 1, 2009
Any application or service utilizing the Internet is exposed to both general Internet attacks and... more Any application or service utilizing the Internet is exposed to both general Internet attacks and other specific ones. Most of the times the latter are exploiting a vulnerability or misconfiguration in the provided service and/or in the utilized protocol itself. Consequently, the employment of critical services, like Voice over IP (VoIP) services, over the Internet is vulnerable to such attacks and, on top of that, they offer a field for new attacks or variations of existing ones. Among the various threats-attacks that a service provider should consider are the flooding attacks, at the signaling level, which are very similar to those against TCP servers but have emerged at the application level of the Internet architecture. This paper examines flooding attacks against VoIP architectures that employ the Session Initiation Protocol (SIP) as their signaling protocol. The focus is on the design and implementation of the appropriate detection method. Specifically, a bloom filter based monitor is presented and a new metric, named session distance, is introduced in order to provide an effective protection scheme against flooding attacks. The proposed scheme is evaluated through experimental test bed architecture under different scenarios. The results of the evaluation demonstrate that the required time to detect such an attack is negligible and also that the number of false alarms is close to zero.
Computer Communications, Oct 1, 2003
The concept of one-stop on-line government is not science fiction any more. On the contrary, the ... more The concept of one-stop on-line government is not science fiction any more. On the contrary, the high reliability and performance of communication links, combined with architectural models that facilitate transparent access to distributed computational and storage resources, propel the development of integrated e-government platforms that support increased citizen mobility. The price we have to pay is the complexity introduced in the design of the security mechanisms required for protecting several heterogeneous information systemseach one supporting some of the services offered through the e-government integrated environment-and ensuring user privacy. This paper demonstrates that the security services offered by Public Key Infrastructure (PKI) can be employed for fulfilling most of the identified security requirements for an integrated e-government platform. The list of security requirements has been compiled by adopting an organisational framework that facilitates the classification of e-government services according to the security requirements they exhibit. The proposed approach has been applied, as a case study, to the e-government system 'Webocrat', identifying its security requirements and then designing a PKI-based security architecture for fulfilling them.
Journal of Forensic Sciences, Aug 1, 2023
Springer eBooks, 2023
Recent technological advances allow us to design and implement sophisticated infrastructures to a... more Recent technological advances allow us to design and implement sophisticated infrastructures to assist users' everyday life; technological paradigms such as Intelligent Transportation Systems (ITS) and Multi-modal Transport are excellent instances of those cases. Therefore, a systematic risk evaluation process in conjunction with proper threat identification are essential for environments like those mentioned above as they involve human safety. Threat modelling is the process of identifying and understanding threats while risk analysis is the process of identifying and analyzing potential risks. This research initially focuses on the most widely-used threat modelling and risk analysis approaches and reviewing their characteristics. Then, it presents a service-oriented dynamic risk analysis approach that focuses on Cyber-Physical Systems (CPS) by adopting threat modelling characteristics and by blending other methods and well-established sources to achieve automation in several stages. Finally, it provides the qualitative features of the proposed method and other related threat modelling and risk analysis approaches with a discussion regarding their similarities, differences, advantages and drawbacks.
IFIP advances in information and communication technology, 2002
Services, Technologies, and Security of Session Initiation Protocol, 2008
Computer Security, 2020
The maritime ecosystem has undergone through changes due to the increasing use of information sys... more The maritime ecosystem has undergone through changes due to the increasing use of information systems and smart devices. The newly introduced technologies give rise to new attack surface in maritime infrastructures. In this position paper, we propose the MAritime Threat INtelligence FRAMEwork (MAINFRAME), which is tailored towards collection and analysis of threat intelligence in maritime environments. MAINFRAME combines: (i) data collection from ship sensors; (ii) collection of publicly available data from social media; (iii) variety of honeypots emulating different hardware and software component; (iv) event detection assisted by deep learning; (v) blockchain implementation that maintains audit trail for activities and transactions, and electronic IDs; and (vi) visual threat analytics. To highlight the interdependencies between cyber and cyber-physical threats in autonomous ships, MAINFRAME's operation is evaluated through the liquefied natural gas (LNG) Carrier case study.
Technology is already affecting every aspect of life, and our health is no exception. Artificial ... more Technology is already affecting every aspect of life, and our health is no exception. Artificial intelligence (AI) has become one of the most emerging technologies over the last few years in almost every environment. New technological advances such as cloud computing provide benefits and have changed the way we store, access and exchange information. Especially, in the Healthcare IT sector, cloud-based systems offer great potential, from many perspectives, including improved medical diagnosis, accurate and faster prediction and cost-effective management treatment. In an attempt to assist cloud providers and healthcare organizations to secure their cloud-based environment and to adopt the appropriate measures for data protection, we present an overview of the security and privacy requirements of cloud-based healthcare systems. Specifically, this chapter starts with the presentation of the reported threats in cloud-based health systems, continues with the identified objectives and ass...
Online advertisements delivered via social media platforms function in a similar way to phishing ... more Online advertisements delivered via social media platforms function in a similar way to phishing emails. In recent years there has been a growing awareness that political advertisements are being microtargeted and tailored to specific demographics, which is analogous to many social engineering attacks. This has led to calls for total bans on this kind of focused political advertising. Additionally, there is evidence that phishing may be entering a more developed phase using software known as Phishing as a Service to collect information on phishing or social engineering, potentially facilitating microphishing campaigns. To help understand such campaigns, a set of well-defined metrics can be borrowed from the field of digital marketing, providing novel insights which inform phishing email analysis. Our work examines in what ways digital marketing is analogous to phishing and how digital marketing metric techniques can be used to complement existing phishing email analysis. We analyse phishing email datasets collected by the University of Houston in comparison with Corporate junk email and microtargeting Facebook Ad Library datasets, thus comparing these approaches and their results using Weka, URL mismatch and visual metrics analysis. Our evaluation of the results demonstrates that phishing emails can be joined up in unexpected ways which are not revealed using traditional phishing filters. However such microphishing may have the potential to gather, store and analyse social engineering information to be used against a target at a later date in a similar way to microtargeting.
Lecture Notes in Computer Science, 2016
Smart phones are, nowadays, a necessity for the vast majority of individuals around the globe. In... more Smart phones are, nowadays, a necessity for the vast majority of individuals around the globe. In addition to the ubiquitous computing paradigm supported by such devices, there are numerous software applications that utilize the high computational capabilities that they offer. This type of software is a vital part of what is known as e-Commerce, with a variety of business models proposed and implemented. Lately, a new era of free-ware mobile application has arisen with paid features and promoted content in them. Piracy is not only the weakest point of software's financial ecosystem for conventional computing systems but also for smartphones. Actions like replication, redistribution and licensing violations can cause financial losses of colossal extent to their creators. Mobile applications also introduce the following peculiarity: They are distributed through predefined channels (Application Stores) owned by mobile operating system vendors such as Apple, Google and Microsoft. In this research we present several scenarios where cracked and modified applications can be freely used into every non jailbroken iOS device. Moreover it is demonstrated that not even in strict mobile environments, such as Apple's, end-users should be considered as trusted entities from application developers by default.
IFIP International Federation for Information Processing
Incorporating security in the application development process is a fundamental requirement for bu... more Incorporating security in the application development process is a fundamental requirement for building secure applications, especially with regard to security sensitive domains, such as e-government. In this paper we follow a novel approach to demonstrate how the process of developing an e-poll application can be substantially facilitated by employing a specialized security ontology. To accomplish this, we describe the security ontology we have developed, and provide a set of indicative questions that developers might face, together with the solutions that ontology deployment provides.
Uploads
Papers by Costas Lambrinoudakis