Luca Caviglione

A survey on energy-aware security mechanisms

The increasing adoption of mobile devices as the preferred tool to access the Internet imposes to deepen the investigation of security aspects. In parallel, their power constrained nature must be explicitly considered in order to analyze security in an effective and comprehensive manner. This aspect, which is often neglected in the literature, allows investigating two important behaviors of mobile devices: (i) evaluate if all the layers accounting for privacy and security can be re-engineered or optimized to save power, and (ii) understand the effectiveness of draining energy to conduct attacks.In this perspective, this paper surveys and highlights the most recent work on energy-awareness and security. Also, it summarizes the current state of the art on general techniques to save energy, as well as tools to perform measurements. The major contributions of this survey are, thus, a review of past work aimed at minimizing the energy footprint of security mechanisms, and the identification of promising research trends, such as detecting attacks via anomalous power consumption.

Steganography in Modern Smartphones and Mitigation Techniques

By offering sophisticated services and centralizing a huge volume of personal data, modern smartphones changed the way we socialize, entertain and work. To this aim, they rely upon complex hardware/software frameworks leading to a number of vulnerabilities, attacks and hazards to profile individuals or gather sensitive information. However, the majority of works evaluating the security degree of smartphones neglects steganography, which can be mainly used to: i) exfiltrate confidential data via camouflage methods, and ii) conceal valuable or personal information into innocent looking carriers. Therefore, this paper surveys the state of the art of steganographic techniques for smartphones, with emphasis on methods developed over the period 2005 to the second quarter of 2014. The different approaches are grouped according to the portion of the device used to hide information, leading to three different covert channels, i.e., local, object and network. Also, it reviews the relevant approaches used to detect and mitigate steganographic attacks or threats. Lastly, it showcases the most popular software applications to embed secret data into carriers, as well as possible future directions.

Supporting vertical handover by using a pastry peer-to-peer overlay network

Vertical handovers (VHO) are expected to be a key feature in beyond 3G (B3G) networks. This paper presents a pastry-based P2P overlay network for supporting vertical handover in B3G networks. The P2P overlay is used to quickly locate attachment points (APs) for mobile entities and to rapidly retrieve the configuration and coverage information of these APs. The advantage of the P2P-based solution is its distributed nature, its scalability, and its self-organizing capability

What is Green Security

Green Security is a new research field defining and investigating security solutions under an energy-aware perspective. Green Security aims at: 1) evaluating the actual security mechanisms in order to assess their energy consumption; 2) building new security mechanisms by considering energy costs from the design phase. In this paper, we first provide a definition of Green Security and formalism to model it, then we provide a use case showing how it is possible to model the energy consumption of two Intrusion Detection System (IDS) strategies, finally we leverage this model to assess the energy leakage due to the late discovery of bad packets.

Privacy problems with Web 2.0

Web 2.0 is an attitude rather then a new technology, as the creation of a social environment was already present in the original web vision. The evolution of web-based technologies, such as scripting languages and HTML 5, has produced more powerful and user-friendly interfaces. Moreover, clear and widely accepted standards dramatically push the concept of interoperability. As a consequence, it is now easier to conduct social activities, create communities, establish relationships and publish user-generated content. But this also has a drawback – the increased ‘social attitude’ introduces related issues in terms of privacy and personal information protection.

Performance Evaluation of SPDY over High Latency Satellite Channels

Originally developed by Google, SPDY is an open protocol for reducing download times of content rich pages, as well as for managing channels characterized by large Round Trip Times (RTTs) and high packet losses. With such features, it could be an efficient solution to cope with performance degradations of Web 2.0 services used over satellite networks. In this perspective, this paper evaluates the SPDY protocol over a wireless access also exploiting a satellite link. To this aim, we implemented an experimental set-up, composed of an SPDY proxy, a wireless link emulator, and an instrumented Web browser. Results confirm that SPDY can enhance the performances in terms of throughput, and reduce the traffic fragmentation. Moreover, owing to its connection multiplexing architecture, it can also mitigate the transport layer complexity, which is critical when in presence of middleboxes deployed to isolate satellite trunks.

The energy impact of security mechanisms in modern mobile devices

The massive uptake of mobile devices is raising concerns about their security. Yet there may be a difficult trade-off to be made between security and power consumption. Luca Caviglione of the Institute of Intelligent Systems for Automation, National Research Council of Italy and Alessio Merlo, University of Genoa and eCampus University, undertook a power consumption analysis of some security-related aspects deployed within a sample Android mobile phone and examined whether security does have an energy cost associated with it. The availability of powerful and cost-effective wireless interfaces makes the modern Internet accessible according to the ‘anywhere, anytime’ paradigm. In addition, the explosion of Web 2.0 applications enables people to interact with an increased degree of social connectivity. And, in a simple and cost-effective manner, modern end-user devices allow people to produce and share contents, interact with the surrounding environment – for example, via Global Positioning System (GPS) or Near Field Communication (NFC) mechanisms – and enjoy multimedia material such as music and video. To be effective, such a rich set of features must be supported by an adequate supply of on-board power, which is mostly provided via batteries. Even though battery technology and silicon efficiency have made important advances in the past few years, excessive power drain still remains the major weakness when designing and using mobile appliances. Luca Caviglione of the Institute of Intelligent Systems for Automation, National Research Council of Italy and Alessio Merlo, University of Genoa and eCampus University, undertook a power consumption analysis of some security-related aspects deployed within a sample Android mobile phone and examined whether security does have an energy cost associated with it.

Can satellites face trends? The case of Web 2.0

Satellite communication is one of the key technologies for the future Internet development, which nowadays is experiencing a new trend in its usage, especially in the field of Web. However the joint utilization of satellites and “trendy” solutions, e.g., Web 2.0 and Software as a Service (SaaS), poses some issues. In this perspective, the contribution of this work is twofold: i) to analyze and introduce new usage patterns imposed by the Web 2.0 phenomena and ii) to study the impact of satellite links in such environments. In addition, an analysis of the main behaviors (both of web browsers and traffic) in the scenario where satellites and Web 2.0 applications are mixed is also provided.

Information Hiding as a Challenge for Malware Detection

Malware increasingly uses information-hiding techniques to hide its existence and communication attempts. Having a better understanding of this technique could help mitigate and prevent cyberattacks.

FIRST: Future Internet — a role for satellite technology

This paper identifies key research issues and technologies that we envision will be important to the continued evolution of satellite networking and its integration as a core component of a future Internet that offers reliable, robust and pervasive networking and access to network services.