Increasingly, with embedded intelligence and control, IoT devices are being adopted faster than ever. However, the IoT landscape and its security implications are not yet fully understood. This paper seeks to shed light on this by focusing on a ...

The iCloud Private Relay (PR) is a new feature introduced by Apple in June 2021 that aims to enhance online privacy by protecting a subset of web traffic from both local eavesdroppers and websites that use IP-based tracking. The service is integrated ...

Mix net is the most frequently used secure MPC (multi-party computation) application in the real world, where multiple routers cooperates to anonymise a batch of data. It builds an important network security mechanism to implement anonymous ...

Traffic fingerprinting allows making inferences about encrypted traffic flows through passive observation. They have been used for tasks such as network performance management and analytics and in attacker settings such as censorship and surveillance. ...

Moving Target Defenses (MTD) are proactive security countermeasures that change the attack surface in a system in ways that make it harder for attackers to succeed. These techniques have been shown to be effective, and their application in software-...

This paper aims to investigate the resilience of the internet in the face of censorship through a current case study: the war between Russia and Ukraine. We focus on whether Russia, as a major Internet power, has been using its network to deny access to ...

Containerization allows bundling applications and their dependencies into a single image. The containerization framework Docker eases the use of this concept and enables sharing images publicly, gaining high momentum. However, it can lead to users ...

As Smart TV devices become more prevalent in our lives, it becomes increasingly important to evaluate the security of these devices. In addition to a smart and connected ecosystem through apps, Smart TV devices expose a WiFi remote protocol, that ...

To detect runtime attacks against programs running on a remote computing platform, Control-Flow Attestation (CFA) lets a (trusted) verifier determine the legality of the program’s execution path, as recorded and reported by the remote platform (prover)...

Misuse of cryptographic APIs remains one of the most common flaws in Android applications. The complexity of cryptographic APIs frequently overwhelms developers. This can lead to mistakes that leak sensitive user data to trivial attacks. Despite ...

Telegram is a popular messenger with more than 550 million active users per month and with a large ecosystem of different clients. The wide adoption of Telegram by protestors relying on private and secure messaging provides motivation for developing a ...