Visible to the public Biblio

Filters: Author is Tzovaras, Dimitrios  [Clear All Filters]
2022-09-30
Terzi, Sofia, Savvaidis, Charalampos, Sersemis, Athanasios, Votis, Konstantinos, Tzovaras, Dimitrios.  2021.  Decentralizing Identity Management and Vehicle Rights Delegation through Self-Sovereign Identities and Blockchain. 2021 IEEE 45th Annual Computers, Software, and Applications Conference (COMPSAC). :1217–1223.
With smart vehicles interconnected with multiple systems and other entities, whether they are people or IoT devices, the importance of a digital identity for them has emerged. We present in this paper how a Self-Sovereign Identities combined with blockchain can provide a solution to this end, in order to decentralize the identity management and provide them with capabilities to identify the other entities they interact with. Such entities can be the owners of the vehicles, other drivers and workshops that act as service providers. Two use cases are examined along with the interactions between the participants, to demonstrate how a decentralized identity management solution can take care of the necessary authentication and authorization processes. Finally, we test the system and provide the measurements to prove its feasibility in real-life deployments.
2022-04-18
Aivatoglou, Georgios, Anastasiadis, Mike, Spanos, Georgios, Voulgaridis, Antonis, Votis, Konstantinos, Tzovaras, Dimitrios.  2021.  A Tree-Based Machine Learning Methodology to Automatically Classify Software Vulnerabilities. 2021 IEEE International Conference on Cyber Security and Resilience (CSR). :312–317.
Software vulnerabilities have become a major problem for the security analysts, since the number of new vulnerabilities is constantly growing. Thus, there was a need for a categorization system, in order to group and handle these vulnerabilities in a more efficient way. Hence, the MITRE corporation introduced the Common Weakness Enumeration that is a list of the most common software and hardware vulnerabilities. However, the manual task of understanding and analyzing new vulnerabilities by security experts, is a very slow and exhausting process. For this reason, a new automated classification methodology is introduced in this paper, based on the vulnerability textual descriptions from National Vulnerability Database. The proposed methodology, combines textual analysis and tree-based machine learning techniques in order to classify vulnerabilities automatically. The results of the experiments showed that the proposed methodology performed pretty well achieving an overall accuracy close to 80%.
2022-01-31
Pasias, Achilleas, Kotsiopoulos, Thanasis, Lazaridis, Georgios, Drosou, Anastasios, Tzovaras, Dimitrios, Sarigiannidis, Panagiotis.  2021.  Enabling Cyber-attack Mitigation Techniques in a Software Defined Network. 2021 IEEE International Conference on Cyber Security and Resilience (CSR). :497–502.
Software Defined Networking (SDN) is an innovative technology, which can be applied in a plethora of applications and areas. Recently, SDN has been identified as one of the most promising solutions for industrial applications as well. The key features of SDN include the decoupling of the control plane from the data plane and the programmability of the network through application development. Researchers are looking at these features in order to enhance the Quality of Service (QoS) provisioning of modern network applications. To this end, the following work presents the development of an SDN application, capable of mitigating attacks and maximizing the network’s QoS, by implementing mixed integer linear programming but also using genetic algorithms. Furthermore, a low-cost, physical SDN testbed was developed in order to evaluate the aforementioned application in a more realistic environment other than only using simulation tools.
2020-09-28
Patsonakis, Christos, Terzi, Sofia, Moschos, Ioannis, Ioannidis, Dimosthenis, Votis, Konstantinos, Tzovaras, Dimitrios.  2019.  Permissioned Blockchains and Virtual Nodes for Reinforcing Trust Between Aggregators and Prosumers in Energy Demand Response Scenarios. 2019 IEEE International Conference on Environment and Electrical Engineering and 2019 IEEE Industrial and Commercial Power Systems Europe (EEEIC / I CPS Europe). :1–6.
The advancement and penetration of distributed energy resources (DERs) and renewable energy sources (RES) are transforming legacy energy systems in an attempt to reduce carbon emissions and energy waste. Demand Response (DR) has been identified as a key enabler of integrating these, and other, Smart Grid technologies, while, simultaneously, ensuring grid stability and secure energy supply. The massive deployment of smart meters, IoT devices and DERs dictate the need to move to decentralized, or even localized, DR schemes in the face of the increased scale and complexity of monitoring and coordinating the actors and devices in modern smart grids. Furthermore, there is an inherent need to guarantee interoperability, due to the vast number of, e.g., hardware and software stakeholders, and, more importantly, promote trust and incentivize the participation of customers in DR schemes, if they are to be successfully deployed.In this work, we illustrate the design of an energy system that addresses all of the roadblocks that hinder the large scale deployment of DR services. Our DR framework incorporates modern Smart Grid technologies, such as fog-enabled and IoT devices, DERs and RES to, among others, automate asset handling and various time-consuming workflows. To guarantee interoperability, our system employs OpenADR, which standardizes the communication of DR signals among energy stakeholders. Our approach acknowledges the need for decentralization and employs blockchains and smart contracts to deliver a secure, privacy-preserving, tamper-resistant, auditable and reliable DR framework. Blockchains provide the infrastructure to design innovative DR schemes and incentivize active consumer participation as their aforementioned properties promote transparency and trust. In addition, we harness the power of smart contracts which allows us to design and implement fully automated contractual agreements both among involved stakeholders, as well as on a machine-to-machine basis. Smart contracts are digital agents that "live" in the blockchain and can encode, execute and enforce arbitrary agreements. To illustrate the potential and effectiveness of our smart contract-based DR framework, we present a case study that describes the exchange of DR signals and the autonomous instantiation of smart contracts among involved participants to mediate and monitor transactions, enforce contractual clauses, regulate energy supply and handle payments/penalties.
2020-04-13
Papachristou, Konstantinos, Theodorou, Traianos, Papadopoulos, Stavros, Protogerou, Aikaterini, Drosou, Anastasios, Tzovaras, Dimitrios.  2019.  Runtime and Routing Security Policy Verification for Enhanced Quality of Service of IoT Networks. 2019 Global IoT Summit (GIoTS). :1–6.
The Internet of Things (IoT) is growing rapidly controlling and connecting thousands of devices every day. The increased number of interconnected devices increase the network traffic leading to energy and Quality of Service efficiency problems of the IoT network. Therefore, IoT platforms and networks are susceptible to failures and attacks that have significant economic and security consequences. In this regard, implementing effective secure IoT platforms and networks are valuable for both the industry and society. In this paper, we propose two frameworks that aim to verify a number of security policies related to runtime information of the network and dynamic flow routing paths, respectively. The underlying rationale is to allow the operator of an IoT network in order to have an overall control of the network and to define different policies based on the demands of the network and the use cases (e.g., achieving more secure or faster network).