Antonio Grillo

High Capacity Colored Two Dimensional codes

Barcodes enable automated work processes without human intervention, and are widely deployed because they are fast and accurate, eliminate many errors and often save time and money. In order to increase the data capacity of barcodes, two dimensional (2D) code were developed; the main challenges of 2D codes lie in their need to store more information and more character types without compromising their practical efficiency. This paper proposes the High Capacity Colored Two Dimensional (HCC2D) code, a new 2D code which aims at increasing the space available for data, while preserving the strong reliability and robustness properties of QR. The use of colored modules in HCC2D poses some new and non-trivial computer vision challenges. We developed a prototype of HCC2D, which realizes the entire Print&Scan process. The performance of HCC2D was evaluated considering different operating scenarios and data densities. HCC2D was compared to other barcodes, such as QR and Microsofts HCCB; the experiment results showed that HCC2D codes obtain data densities close to HCCB and strong robustness similar to QR.

SecureMyDroid: enforcing security in the mobile devices lifecycle

Due to the extensive growth and diffusion of mobile devices (e.g., Smartphone, PDAs, mobile phones, etc.), and to their powerful capabilities, many users are massively using mobile devices both for personal and for work-related (corporate) activities. This poses serious threats to the security of such devices. In this paper, we propose a novel approach, based on the definition of a secure lifecycle for mobile devices, in order to extend corporate security policies to such devices. We focus on a new perspective that allows us to apply strong security policies and services enforcement to mobile devices. The approach proposed leverages on a customized release of the mobile device Operating System (OS). In particular, we present a prototype (called SecureMyDroid) of a secure mobile device based on a customized release of the Google Android operating system. One of the strong features of this prototype lies in the capability of fully customizing the operating environment of mobile devices. This prevents most of the tampering that is still practicable for devices that have been personalized through the installation of customized applications such as antimalware, antivirus, etc.

Transaction Oriented Text Messaging with Trusted-SMS

The exponential growth of the Short Message Service(SMS) use has led this service to a widespread tool for social, marketing and advertising messaging. The mobile devices are quickly becoming Personal Trust Devices (PTD), embedding personal data, which allow sending/receiving private information from/to the PTD. This paper introduces our Trusted-SMS system, which allows users to exchange non-repudiable SMSs, digitally signed with the Elliptic Curve Digital Signature Algorithm (ECDSA). This system can fit in many scenarios, such as commercial transaction, bureaucratic delegation etc.. In fact, the few bytes signature is embedded into a single SMS, leaving many bytes, depending on the choice of the elliptic curve, for the SMS payload.

Fast User Classifying to Establish Forensic Analysis Priorities

In computer and common crimes, important evidence or clues are increasingly stored in the computers hard disks. The huge and increasing penetration of computers in the daily life together with a considerable increase of storage capacity in mass-market computers, pose, currently, new challenges to forensic operators. Usually a digital forensic investigator has to spend a lot of time in order to find documents, clues or evidence related to the investigation among the huge amount of data extracted from one or more sized hard drive. In particular, the seized material could be very huge, and, very often, only few devices are considered relevant for the investigation. In this paper we propose a methodology and a tool to support a fast computer user profiling via a classification into investigator-defined categories in order to quickly classify the seized computer user. The main purpose of the methodology discussed is to define the class of the user in order to establish an effective schedule with priorities based on the computer user content.

Shared Backup & Restore: Save, Recover and Share Personal Information into Closed Groups of Smartphones

While many solutions for making backups and restoring data are known for servers and desktops, mobile devices pose several challenges, mainly due to the plethora of devices, vendors, operating systems and versions available in the mobile market. In this paper, we introduce a new backup and restore approach for mobile devices, which helps to reduce the effort in saving and restoring personal data. Our approach is platform independent: in particular, we present two prototypes based on two different mobile operating systems: Google Android and Symbian S60. Another feature of our approach lies in the capability of sharing information in mobile devices among a group of selected persons. This can be useful in many situations e.g., in creating a mobile business network among a group of people.

Penalized Second Price: A New Pricing Algorithm for Advertising in Search Engines

Strategic bidding coupled with the GSP pricing mechanism is known to lead to aggressive bidding behaviour and Competitor Busting in keyword auctions. We introduce a new pricing mechanism, named Penalized Second Pricing (PSP), to help reducing the unfair effects of aggressive bidding.The performances of GSP and PSP are evaluated both in a static and a dynamic context, where the number of bidders may change during the auction. The simulation experiments show that PSP not only discourages aggressive bidding behaviour, but also leads to larger revenues for the auctioneer than those obtained with GSP.

Fast smartphones forensic analysis results through mobile internal acquisition tool and forensic farm

Market penetration of smartphones and the enriched capabilities of new devices lead to the storage of lot of data in their internal memory, providing a silent witness of digital crimes and private facts as well. This article proposes a new methodology and a tool for data acquisition by using the removable memory cards (e.g. SD, mini SD, MMC, etc.) to execute in crime scene situ. The presented methodology relies on a forensic farm where Symbian and Windows Mobile devices file system images, acquired via the tool and sent through the forensic operator mobile device, are automatically processed by a piece of software, in order to provide quick and standard results. The purpose of this quick (and general, not ad-hoc) response is to provide essential investigative information to the crime scene operator in the lowest time, in order to collect further evidences, related to the content of the sized smartphone.

A Model for the Dynamics of Bidders in the Simulation of Keyword Auctions

A dynamic population model is proposed for the study of keyword auctions run on search engines. In this model bidders decide to join or leave the auction, depending on the results of the previous auction round. Through the use of a simulation scenario, we show that the model converges to a steady state quite fast, and that a significant portion of the bidders act just for one or two rounds, while a few bidders submit bids for most of the auction rounds but do not exhibit a concentration power on the advertising space awarded by the search engine.

The Competitor Busting Strategy in Keyword Auctions: Who's Worst Hit?

Search engines award their advertising space through keyword auctions. Some bidders may adopt an aggressive bidding strategy known as Competitor Busting, where they submit higher bids than what is strictly needed to win the auction so as to oust the other bidders. Despite the widespread concern for such practice, we show that the Competitor Busting strategy is largely ineffective. The lifetime of non-aggressive bidders, their presence in the auction, and the proportion of slots they are awarded are not affected by the presence of aggressive bidders. These conclusions are valid as long as the aggressive bidders do not have a significant budget advantage over non-aggressive ones.

Mobile Information Warfare: A Countermeasure to Privacy Leaks Based on SecureMyDroid

Mobile device privacy is becoming increasingly important, as business information and personal information moves from personal computer to laptop and handheld devices. These data, enhanced with the raising computational and storage power of current mobile devices, lead to prefigure an enlarged scenario, where people will use massively smartphones for daily activities, regardless they are personal affairs or work. Hence, mobile devices represent an attractive target for attacks to the privacy of their owners. In particular, SpyPhone applications represent a big concern for confidential activities, acting as a bug and menacing both voice calls and data exchanged/stored mainly in form of text and multimedia messages and electronic mails. This paper proposes a new methodological approach to protect mobile devices from threats related to the privacy of mobile device owner. In particular, we suggest the cooperation of SecureMyDroid, a customized release of the Android OS, and the open source forensic tool Mobile Internal Acquisition Tool, to prevent privacy leaks related to SpyPhone applications attacks. Experimental results show the suitability of the proposed strategy in order to support the detection of SpyPhone application installed on the mobile device.