Some ideas for a Master Thesis
If you are interested in the topics below, you can contact Savio Sciancalepore (s.sciancalepore * tue.nl (replace * with @) ). You can also check some recent publications at ssciancalepore.win.tue.nl
Privacy-Enhancing Technologies (PETS) for Internet of Things (IoT) Deployments
Thanks to the increasing capability of embedding powerful microcontrollers, modern IoT devices are equipped with even more computational capabilities, getting slowly closer to IT deployments in terms of processing resources. However, two main limitations still stand: (i) many IoT devices, especially mobile ones, feature batteries with limited energy availability, requiring the devices to save energy as much as possible to achieve the planned operations while maximizing lifetime; and (ii) many IoT devices might operate unattended, even for short time periods. Therefore, adversaries active in the field may have the opportunity to physically capture such devices and access their contents, posing confidentiality and privacy issues.
To mitigate such threats, our team at TU/e works on integrating PETS onboard various IoT devices. The integration presents various challenges, due to the limitations still existing in the computational capabilities of the devices, the peculiar nature of the Operating Systems (OS) onboard, and the energy limitations, requiring us either to adapt existing PETS to the specific use cases or to come up with new, ad-hoc solutions for the domain.
Reference Papers:
- George, Dominik Roy, Savio Sciancalepore, and Nicola Zannone. “Privacy-Preserving Multi-Party Access Control for Third-Party UAV Services.” Proceedings of the 28th ACM Symposium on Access Control Models and Technologies. 2023. PDF
- Sciancalepore, Savio, and Dominik Roy George. “Privacy-Preserving Trajectory Matching on Autonomous Unmanned Aerial Vehicles.” Proceedings of the 38th Annual Computer Security Applications Conference. 2022. PDF
Physical-Layer Security in Internet of Things (IoT) Networks.
Physical-layer security (PLS) approaches leverage intrinsic characteristics of the devices or of their transmitted signals to provide various security services, such as authentication, spoofing detection, and jamming detection, to name a few. Such approaches require no cryptography operations from the involved devices, thus being very useful in contexts where such devices cannot afford to run expensive cryptography techniques, e.g., constrained IoT networks. Also, PLS approaches require no modifications to the transmitters, as they can use unencrypted and opportunistic signals emitted by the target devices. Thus, PLS approaches are also useful in contexts where modifying the transmitter is hard, e.g., for some specific IoT deployments or in satellite networks.
At the same time, deploying PLS approaches in the wild requires dealing with a large variety of undesired side effects, e.g., the movements of the involved devices, variable noise affecting the communication channel, and temporal phenomena. Our team at TU/e works on improving the robustness of PLS approaches when deployed in the real world, so as to mitigate and overcome issues due to real-world operating conditions.
Reference Papers:
- Oligeri, G., Sciancalepore, S., Raponi, S., & Di Pietro, R. (2022). PAST-AI: Physical-layer authentication of satellite transmitters via deep learning. IEEE Transactions on Information Forensics and Security, 18, 274-289. PDF
- Alhazbi, Saeif, Savio Sciancalepore, and Gabriele Oligeri. “BloodHound: Early Detection and Identification of Jamming at the PHY-layer.” 2023 IEEE 20th Consumer Communications & Networking Conference (CCNC). IEEE, 2023. PDF
Autonomous Navigation Systems Security
Autonomous Navigation Systems (ANSs) are emerging in various application domains as a time-efficient and cost-effective means to achieve various transportation operations. ANSs integrate several communication technologies (Global Navigation Satellite Systems, WiFi, Low-Power Wide Area Networks, …) and sensors (accelerometers, gyroscopes, LiDAR, …), in a way to achieve situational awareness of the surrounding environment and navigate safely, avoiding obstacles while approaching the intended destination.
Due to the multiple interactions occurring with remote entitities and with the surrounding environment, the vehicles integrating ANSs can be attacked in several different ways, possibly combining various attack vectors at the communication and sensing level.
At SEC, we have several ongoing research projects investigating the cybersecurity and privacy of ANSs. We look both at the attack and defense side of problem, investigating the effectiveness and impact of various vulnerabilities on ANSs operations in various controlled and real-world conditions, as well as the development of effective mitigation strategies applicable in various domains.
Reference Papers:
- Oligeri, G., Sciancalepore, S., Ibrahim, O. A., & Di Pietro, R. (2022). GPS spoofing detection via crowd-sourced information for connected vehicles. Computer Networks, 216, 109230.Link
- Oligeri, G., Sciancalepore, S., Ibrahim, O. A., & Di Pietro, R. (2019, May). Drive me not: GPS spoofing detection via cellular network: (architectures, models, and experiments). In Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks (pp. 12-22).PDF