Dr Nick Pitropakis

ICT Systems Security and Privacy Protection: 39th IFIP International Conference, SEC 2024, Edinburgh, UK, June 12–14, 2024, Proceedings (2024)
Book
Pitropakis, N., Katsikas, S., Furnell, S., & Markantonakis, K. (Eds.). (2024). ICT Systems Security and Privacy Protection: 39th IFIP International Conference, SEC 2024, Edinburgh, UK, June 12–14, 2024, Proceedings. Springer. https://doi.org/10.1007/978-3-031-65175-5

This book constitutes the proceedings of the 39th IFIP International Conference on ICT Systems Security and Privacy Protection, SEC 2024, held in Edinburgh, UK, during June 12–14, 2024.

The 34 full papers presented were carefully reviewed and sel... Read More about ICT Systems Security and Privacy Protection: 39th IFIP International Conference, SEC 2024, Edinburgh, UK, June 12–14, 2024, Proceedings.

Transforming EU Governance: The Digital Integration Through EBSI and GLASS (2024)
Presentation / Conference Contribution
Kasimatis, D., Buchanan, W. J., Abubakar, M., Lo, O., Chrysoulas, C., Pitropakis, N., Papadopoulos, P., Sayeed, S., & Sel, M. (2024, June). Transforming EU Governance: The Digital Integration Through EBSI and GLASS. Presented at 39th IFIP International Conference, Edinburgh, UK

Traditionally, government systems managed citizen identities through disconnected data systems, using simple identifiers and paper-based processes, limiting digital trust and requiring citizens to request identity verification documents. The digital... Read More about Transforming EU Governance: The Digital Integration Through EBSI and GLASS.

Examining the Strength of Three Word Passwords (2024)
Presentation / Conference Contribution
Fraser, W., Broadbent, M., Pitropakis, N., & Chrysoulas, C. (2024, June). Examining the Strength of Three Word Passwords. Presented at ICT Systems Security and Privacy Protection (SEC 2024), Edinburgh

Passwords make up the most common method of authentication. With ever increasing computing power, password complexity has had to keep pace. This creates a challenge for remembering all complex passwords which some password policies attempt to resolve... Read More about Examining the Strength of Three Word Passwords.

Malicious Insider Threat Detection Using Sentiment Analysis of Social Media Topics (2024)
Presentation / Conference Contribution
Kenny, M., Pitropakis, N., Sayeed, S., Chrysoulas, C., & Mylonas, A. (2024, June). Malicious Insider Threat Detection Using Sentiment Analysis of Social Media Topics. Presented at 39th IFIP International Conference, SEC 2024, Edinburgh

Malicious insiders often pose a danger to information security systems, which can be a crucial challenge to tackle. Existing technological solutions attempt to identify potential threats via their anomalous system interactions, however, fully fail to... Read More about Malicious Insider Threat Detection Using Sentiment Analysis of Social Media Topics.

Chaotic Quantum Encryption to Secure Image Data in Post Quantum Consumer Technology (2024)
Journal Article
Khan, M. S., Ahmad, J., Al-Dubai, A., Pitropakis, N., Ghaleb, B., Ullah, A., Khan, M. A., & Buchanan, W. J. (online). Chaotic Quantum Encryption to Secure Image Data in Post Quantum Consumer Technology. IEEE Transactions on Consumer Electronics, https://doi.org/10.1109/tce.2024.3415411

The rapid advancement in consumer technology has led to an exponential increase in the connected devices, resulting in an enormous and continuous flow of data, particularly the image data. This data needs to be processed, managed, and secured efficie... Read More about Chaotic Quantum Encryption to Secure Image Data in Post Quantum Consumer Technology.

PermutEx: Feature-Extraction-Based Permutation — A New Diffusion Scheme for Image Encryption Algorithms (2024)
Presentation / Conference Contribution
Khan, M. S., Ahmad, J., Al-Dubai, A., Jaroucheh, Z., Pitropakis, N., & Buchanan, W. J. (2023, November). PermutEx: Feature-Extraction-Based Permutation — A New Diffusion Scheme for Image Encryption Algorithms. Presented at 2023 IEEE 28th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), Edinburgh, United Kingdom

Traditional permutation schemes mostly focus on random scrambling of pixels, often neglecting the intrinsic image information that could enhance diffusion in image encryption algorithms. This paper introduces PermutEx, a feature-extractionbased permu... Read More about PermutEx: Feature-Extraction-Based Permutation — A New Diffusion Scheme for Image Encryption Algorithms.

SRSS: A New Chaos-Based Single-Round Single S-Box Image Encryption Scheme for Highly Auto-Correlated Data (2023)
Presentation / Conference Contribution
Shahbaz Khan, M., Ahmad, J., Ali, H., Pitropakis, N., Al-Dubai, A., Ghaleb, B., & Buchanan, W. J. (2023, October). SRSS: A New Chaos-Based Single-Round Single S-Box Image Encryption Scheme for Highly Auto-Correlated Data. Presented at 9th International Conference on Engineering and Emerging Technologies (IEEE ICEET 2023), Istanbul, Turkey

With the advent of digital communication, securing digital images during transmission and storage has become a critical concern. The traditional s-box substitution methods often fail to effectively conceal the information within highly auto-correlate... Read More about SRSS: A New Chaos-Based Single-Round Single S-Box Image Encryption Scheme for Highly Auto-Correlated Data.

OPSEC VS Leaked Credentials: Password reuse in Large-Scale Data Leaks (2023)
Presentation / Conference Contribution
Uzonyi, D. G., Pitropakis, N., McKeown, S., & Politis, I. (2023, November). OPSEC VS Leaked Credentials: Password reuse in Large-Scale Data Leaks. Presented at 2023 IEEE 28th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), Edinburgh, UK

Security and authentication are ubiquitous problems that impact all modern networked systems. Password-based authentication systems are still prevalent, and information leaked via other channels may be used to attack networked systems. Researchers ha... Read More about OPSEC VS Leaked Credentials: Password reuse in Large-Scale Data Leaks.

AALLA: Attack-Aware Logical Link Assignment Cost-Minimization Model for Protecting Software-Defined Networks against DDoS Attacks (2023)
Journal Article
Ali, S., Tan, S. C., Lee, C. K., Yusoff, Z., Haque, M. R., Mylonas, A., & Pitropakis, N. (2023). AALLA: Attack-Aware Logical Link Assignment Cost-Minimization Model for Protecting Software-Defined Networks against DDoS Attacks. Sensors, 23(21), Article 8922. https://doi.org/10.3390/s23218922

Software-Defined Networking (SDN), which is used in Industrial Internet of Things, uses a controller as its “network brain” located at the control plane. This uniquely distinguishes it from the traditional networking paradigms because it provides a g... Read More about AALLA: Attack-Aware Logical Link Assignment Cost-Minimization Model for Protecting Software-Defined Networks against DDoS Attacks.

CellSecure: Securing Image Data in Industrial Internet-of-Things via Cellular Automata and Chaos-Based Encryption (2023)
Presentation / Conference Contribution
Ali, H., Khan, M. S., Driss, M., Ahmad, J., Buchanan, W. J., & Pitropakis, N. (2023, October). CellSecure: Securing Image Data in Industrial Internet-of-Things via Cellular Automata and Chaos-Based Encryption. Presented at 2023 IEEE 98th Vehicular Technology Conference (VTC2023-Fall), Hong Kong, Hong Kong

In the era of Industrial IoT (IIoT) and Industry 4.0, ensuring secure data transmission has become a critical concern. Among other data types, images are widely transmitted and utilized across various IIoT applications, ranging from sensor-generated... Read More about CellSecure: Securing Image Data in Industrial Internet-of-Things via Cellular Automata and Chaos-Based Encryption.

Rapidrift: Elementary Techniques to Improve Machine Learning-Based Malware Detection (2023)
Journal Article
Manikandaraja, A., Aaby, P., & Pitropakis, N. (2023). Rapidrift: Elementary Techniques to Improve Machine Learning-Based Malware Detection. Computers, 12(10), Article 195. https://doi.org/10.3390/computers12100195

Artificial intelligence and machine learning have become a necessary part of modern living along with the increased adoption of new computational devices. Because machine learning and artificial intelligence can detect malware better than traditional... Read More about Rapidrift: Elementary Techniques to Improve Machine Learning-Based Malware Detection.

Start thinking in graphs: using graphs to address critical attack paths in a Microsoft cloud tenant (2023)
Journal Article
Elmiger, M., Lemoudden, M., Pitropakis, N., & Buchanan, W. J. (2024). Start thinking in graphs: using graphs to address critical attack paths in a Microsoft cloud tenant. International Journal of Information Security, 23, 467-485. https://doi.org/10.1007/s10207-023-00751-6

The challenge of securing IT environments has reached a new complexity level as a growing number of organisations adopt cloud solutions. This trend increases the possibility of overseen attack paths in an organisation’s IT infrastructure. This paper... Read More about Start thinking in graphs: using graphs to address critical attack paths in a Microsoft cloud tenant.

TRUSTEE: Towards the creation of secure, trustworthy and privacy-preserving framework (2023)
Presentation / Conference Contribution
Sayeed, S., Pitropakis, N., Buchanan, W. J., Markakis, E., Papatsaroucha, D., & Politis, I. (2023, August). TRUSTEE: Towards the creation of secure, trustworthy and privacy-preserving framework. Presented at 18th International Conference on Availability, Reliability and Security, Benevento, Italy

Digital transformation is a method where new technologies replace the old to meet essential organisational requirements and enhance the end-user experience. Technological transformation often improvises the manner in which a facility or resources are... Read More about TRUSTEE: Towards the creation of secure, trustworthy and privacy-preserving framework.

Progressive Web Apps to Support (Critical) Systems in Low or No Connectivity Areas (2023)
Presentation / Conference Contribution
Josephe, A. O., Chrysoulas, C., Peng, T., El Boudani, B., Iatropoulos, I., & Pitropakis, N. (2023, May). Progressive Web Apps to Support (Critical) Systems in Low or No Connectivity Areas. Presented at 2023 IEEE IAS Global Conference on Emerging Technologies (GlobConET), London

Web applications are popular in our world today and every organization or individual either build or access at least one each day. It’s important for every application user to continue accessing contents of a web application irrespective of the netwo... Read More about Progressive Web Apps to Support (Critical) Systems in Low or No Connectivity Areas.

Forensic Investigation Using RAM Analysis on the Hadoop Distributed File System (2023)
Presentation / Conference Contribution
Laing, S., Ludwiniak, R., El Boudani, . B., Chrysoulas, C., Ubakanma, G., & Pitropakis, N. (2023, April). Forensic Investigation Using RAM Analysis on the Hadoop Distributed File System. Presented at 2023 19th International Conference on the Design of Reliable Communication Networks (DRCN), Barcelona, Spain

The usage of cloud systems is at an all-time high, and with more organizations reaching for Big Data the forensic implications must be analyzed. The Hadoop Distributed File System is widely used both as a cloud service and with organizations implemen... Read More about Forensic Investigation Using RAM Analysis on the Hadoop Distributed File System.

BIoMT: A Blockchain-Enabled Healthcare Architecture for Information Security in the Internet of Medical Things (2023)
Journal Article
Badri, S., Ullah Jan, S., Alghazzawi, D., Aldhaheri, S., & Pitropakis, N. (2023). BIoMT: A Blockchain-Enabled Healthcare Architecture for Information Security in the Internet of Medical Things. Computer Systems Science and Engineering, 46(3), 3667-3684. https://doi.org/10.32604/csse.2023.037531

Rapid technological advancement has enabled modern healthcare systems to provide more sophisticated and real-time services on the Internet of Medical Things (IoMT). The existing cloud-based, centralized IoMT architectures are vulnerable to multiple s... Read More about BIoMT: A Blockchain-Enabled Healthcare Architecture for Information Security in the Internet of Medical Things.

Attacking Windows Hello for Business: Is It What We Were Promised? (2023)
Journal Article
Haddad, J., Pitropakis, N., Chrysoulas, C., Lemoudden, M., & Buchanan, W. J. (2023). Attacking Windows Hello for Business: Is It What We Were Promised?. Cryptography, 7(1), Article 9. https://doi.org/10.3390/cryptography7010009

Traditional password authentication methods have raised many issues in the past, including insecure practices, so it comes as no surprise that the evolution of authentication should arrive in the form of password-less solutions. This research aims to... Read More about Attacking Windows Hello for Business: Is It What We Were Promised?.

Explainable AI-Based DDOS Attack Identification Method for IoT Networks (2023)
Journal Article
Kalutharage, C. S., Liu, X., Chrysoulas, C., Pitropakis, N., & Papadopoulos, P. (2023). Explainable AI-Based DDOS Attack Identification Method for IoT Networks. Computers, 12(2), Article 32. https://doi.org/10.3390/computers12020032

The modern digitized world is mainly dependent on online services. The availability of online systems continues to be seriously challenged by distributed denial of service (DDoS) attacks. The challenge in mitigating attacks is not limited to identify... Read More about Explainable AI-Based DDOS Attack Identification Method for IoT Networks.

Towards The Creation Of The Future Fish Farm (2023)
Journal Article
Papadopoulos, P., Buchanan, W. J., Sayeed, S., & Pitropakis, N. (2023). Towards The Creation Of The Future Fish Farm. Journal of Surveillance, Security and Safety, 4, 1-3. https://doi.org/10.20517/jsss.2022.16

Aim: A fish farm is an area where fish raise and bred for food. Fish farm environments support the care and management of seafood within a controlled environment. Over the past few decades, there has been a remarkable increase in the calorie intake o... Read More about Towards The Creation Of The Future Fish Farm.

Post Quantum Cryptography Analysis of TLS Tunneling on a Constrained Device (2022)
Presentation / Conference Contribution
Barton, J., Pitropakis, N., Buchanan, W., Sayeed, S., & Abramson, W. (2022, February). Post Quantum Cryptography Analysis of TLS Tunneling on a Constrained Device. Presented at 8th International Conference on Information Systems Security and Privacy, Online

Advances in quantum computing make Shor’s algorithm for factorising numbers ever more tractable. This threatens the security of any cryptographic system which often relies on the difficulty of factorisation. It also threatens methods based on discret... Read More about Post Quantum Cryptography Analysis of TLS Tunneling on a Constrained Device.

Using Social Media & Sentiment Analysis to Make Investment Decisions (2022)
Journal Article
Hasselgren, B., Chrysoulas, C., Pitropakis, N., & Buchanan, W. J. (2023). Using Social Media & Sentiment Analysis to Make Investment Decisions. Future Internet, 15(1), Article 5. https://doi.org/10.3390/fi15010005

Making investment decisions by utilizing sentiment data from social media (SM) is starting to become a more tangible concept. There has been a broad investigation into this field of study over the last decade, and many of the findings have promising... Read More about Using Social Media & Sentiment Analysis to Make Investment Decisions.

Trusted Threat Intelligence Sharing in Practice and Performance Benchmarking through the Hyperledger Fabric Platform (2022)
Journal Article
Ali, H., Ahmad, J., Jaroucheh, Z., Papadopoulos, P., Pitropakis, N., Lo, O., Abramson, W., & Buchanan, W. J. (2022). Trusted Threat Intelligence Sharing in Practice and Performance Benchmarking through the Hyperledger Fabric Platform. Entropy, 24(10), Article 1379. https://doi.org/10.3390/e24101379

Historically, threat information sharing has relied on manual modelling and centralised network systems, which can be inefficient, insecure, and prone to errors. Alternatively, private blockchains are now widely used to address these issues and impro... Read More about Trusted Threat Intelligence Sharing in Practice and Performance Benchmarking through the Hyperledger Fabric Platform.

Investigating Machine Learning Attacks on Financial Time Series Models (2022)
Journal Article
Gallagher, M., Pitropakis, N., Chrysoulas, C., Papadopoulos, P., Mylonas, A., & Katsikas, S. (2022). Investigating Machine Learning Attacks on Financial Time Series Models. Computers and Security, 123, https://doi.org/10.1016/j.cose.2022.102933

Machine learning and Artificial Intelligence (AI) already support human decision-making and complement professional roles, and are expected in the future to be sufficiently trusted to make autonomous decisions. To trust AI systems with such tasks, a... Read More about Investigating Machine Learning Attacks on Financial Time Series Models.

DRaNN_PSO: A deep random neural network with particle swarm optimization for intrusion detection in the industrial internet of things (2022)
Journal Article
Ahmad, J., Shah, S. A., Latif, S., Ahmed, F., Zou, Z., & Pitropakis, N. (2022). DRaNN_PSO: A deep random neural network with particle swarm optimization for intrusion detection in the industrial internet of things. Journal of King Saud University (Computer and Information Sciences), 34(10), 8112-8121. https://doi.org/10.1016/j.jksuci.2022.07.023

The Industrial Internet of Things (IIoT) is a rapidly emerging technology that increases the efficiency and productivity of industrial environments by integrating smart sensors and devices with the internet. The advancements in communication technolo... Read More about DRaNN_PSO: A deep random neural network with particle swarm optimization for intrusion detection in the industrial internet of things.

A New Intrusion Detection System for the Internet of Things via Deep Convolutional Neural Network and Feature Engineering (2022)
Journal Article
Ullah, S., Ahmad, J., Khan, M. A., Alkhammash, E. H., Hadjouni, M., Ghadi, Y. Y., Saeed, F., & Pitropakis, N. (2022). A New Intrusion Detection System for the Internet of Things via Deep Convolutional Neural Network and Feature Engineering. Sensors, 22(10), Article 3607. https://doi.org/10.3390/s22103607

The Internet of Things (IoT) is a widely used technology in automated network systems across the world. The impact of the IoT on different industries has occurred in recent years. Many IoT nodes collect, store, and process personal data, which is an... Read More about A New Intrusion Detection System for the Internet of Things via Deep Convolutional Neural Network and Feature Engineering.

A New Multistage Encryption Scheme Using Linear Feedback Register and Chaos-Based Quantum Map (2022)
Journal Article
Alharbi, A. R., Ahmad, J., Arshad, Shaukat, S., Masood, F., Ghadi, Y. Y., Pitropakis, N., & Buchanan, W. J. (2022). A New Multistage Encryption Scheme Using Linear Feedback Register and Chaos-Based Quantum Map. Complexity, 2022, Article 7047282. https://doi.org/10.1155/2022/7047282

With the increasing volume of data transmission through insecure communication channels, big data security has become one of the important concerns in the cybersecurity domain. To address these concerns and keep data safe, a robust privacy-preserving... Read More about A New Multistage Encryption Scheme Using Linear Feedback Register and Chaos-Based Quantum Map.

A Smart and Robust Automatic Inspection of Printed Labels Using an Image Hashing Technique (2022)
Journal Article
Khan, M. A., Ahmed, F., Khan, M. D., Ahmad, J., Kumar, H., & Pitropakis, N. (2022). A Smart and Robust Automatic Inspection of Printed Labels Using an Image Hashing Technique. Electronics, 11(6), Article 955. https://doi.org/10.3390/electronics11060955

This work is focused on the development of a smart and automatic inspection system for printed labels. This is a challenging problem to solve since the collected labels are typically subjected to a variety of geometric and non-geometric distortions.... Read More about A Smart and Robust Automatic Inspection of Printed Labels Using an Image Hashing Technique.

GLASS: A Citizen-Centric Distributed Data-Sharing Model within an e-Governance Architecture (2022)
Journal Article
Lo, O., Buchanan, W., Sayeed, S., Papadopoulos, P., Pitropakis, N., & Chrysoulas, C. (2022). GLASS: A Citizen-Centric Distributed Data-Sharing Model within an e-Governance Architecture. Sensors, 22(6), Article 2291. https://doi.org/10.3390/s22062291

E-governance is a process that aims to enhance a government’s ability to simplify all the processes that may involve government, citizens, businesses, and so on. The rapid evolution of digital technologies has often created the necessity for the esta... Read More about GLASS: A Citizen-Centric Distributed Data-Sharing Model within an e-Governance Architecture.

Privacy-preserving and Trusted Threat Intelligence Sharing using Distributed Ledgers (2022)
Presentation / Conference Contribution
Ali, H., Papadopoulos, P., Ahmad, J., Pit, N., Jaroucheh, Z., & Buchanan, W. J. (2021, December). Privacy-preserving and Trusted Threat Intelligence Sharing using Distributed Ledgers. Presented at IEEE SINCONF: 14th International Conference on Security of Information and Networks, Edinburgh

Threat information sharing is considered as one of the proactive defensive approaches for enhancing the overall security of trusted partners. Trusted partner organizations can provide access to past and current cybersecurity threats for reducing the... Read More about Privacy-preserving and Trusted Threat Intelligence Sharing using Distributed Ledgers.

PAN-DOMAIN: Privacy-preserving Sharing and Auditing of Infection Identifier Matching (2022)
Presentation / Conference Contribution
Abramson, W., Buchanan, W. J., Sayeed, S., Pitropakis, N., & Lo, O. (2021, December). PAN-DOMAIN: Privacy-preserving Sharing and Auditing of Infection Identifier Matching. Presented at 14th International Conference on Security of Information and Networks, Edinburgh [Online]

The spread of COVID-19 has highlighted the need for a robust contact tracing infrastructure that enables infected individuals to have their contacts traced, and followed up with a test. The key entities involved within a contact tracing infrastructur... Read More about PAN-DOMAIN: Privacy-preserving Sharing and Auditing of Infection Identifier Matching.

HDL-IDS: A Hybrid Deep Learning Architecture for Intrusion Detection in the Internet of Vehicles (2022)
Journal Article
Ullah, S., Khan, M. A., Ahmad, J., Jamal, S. S., e Huma, Z., Hassan, M. T., Pitropakis, N., Arshad, & Buchanan, W. J. (2022). HDL-IDS: A Hybrid Deep Learning Architecture for Intrusion Detection in the Internet of Vehicles. Sensors, 22(4), Article 1340. https://doi.org/10.3390/s22041340

Internet of Vehicles (IoV) is an application of the Internet of Things (IoT) network that connects smart vehicles to the internet, and vehicles with each other. With the emergence of IoV technology, customers have placed great attention on smart vehi... Read More about HDL-IDS: A Hybrid Deep Learning Architecture for Intrusion Detection in the Internet of Vehicles.

GLASS: Towards Secure and Decentralized eGovernance Services using IPFS (2022)
Presentation / Conference Contribution
Chrysoulas, C., Thomson, A., Pitropakis, N., Papadopoulos, P., Lo, O., Buchanan, W. J., Domalis, G., Karacapilidis, N., Tsakalidis, D., & Tsolis, D. (2021, October). GLASS: Towards Secure and Decentralized eGovernance Services using IPFS. Presented at 7th Workshop On The Security Of Industrial Control Systems & Of Cyber-Physical Systems (CyberICPS 2021). In Conjunction With ESORICS 2021, Darmstadt, Germany

The continuously advancing digitization has provided answers to the bureaucratic problems faced by eGovernance services. This innovation led them to an era of automation, broadened the attack surface and made them a popular target for cyber attacks.... Read More about GLASS: Towards Secure and Decentralized eGovernance Services using IPFS.

Ransomware: Analysing the Impact on Windows Active Directory Domain Services (2022)
Journal Article
McDonald, G., Papadopoulos, P., Pitropakis, N., Ahmad, J., & Buchanan, W. J. (2022). Ransomware: Analysing the Impact on Windows Active Directory Domain Services. Sensors, 22(3), Article 953. https://doi.org/10.3390/s22030953

Ransomware has become an increasingly popular type of malware across the past decade and continues to rise in popularity due to its high profitability. Organisations and enterprises have become prime targets for ransomware as they are more likely to... Read More about Ransomware: Analysing the Impact on Windows Active Directory Domain Services.

Decentralised Privacy: A Distributed Ledger Approach (2021)
Book Chapter
Papadopoulos, P., Pitropakis, N., & Buchanan, W. J. (2021). Decentralised Privacy: A Distributed Ledger Approach. In C. Mustansar Hussain, & P. Di Sia (Eds.), Handbook of Smart Materials, Technologies, and Devices (1-26). Springer. https://doi.org/10.1007/978-3-030-58675-1_58-1

Our world due to the technological progress became fast-paced and is constantly evolving, thus changing every single day. Consequently, the most valuable asset on earth is not gold or oil anymore but data. Big data companies try to take advantage of... Read More about Decentralised Privacy: A Distributed Ledger Approach.

Browsers’ Private Mode: Is It What We Were Promised? (2021)
Journal Article
Hughes, K., Papadopoulos, P., Pitropakis, N., Smales, A., Ahmad, J., & Buchanan, W. J. (2021). Browsers’ Private Mode: Is It What We Were Promised?. Computers, 10(12), Article 165. https://doi.org/10.3390/computers10120165

Web browsers are one of the most used applications on every computational device in our days. Hence, they play a pivotal role in any forensic investigation and help determine if nefarious or suspicious activity has occurred on that device. Our study... Read More about Browsers’ Private Mode: Is It What We Were Promised?.

A Deep Learning-Based Intrusion Detection System for MQTT Enabled IoT (2021)
Journal Article
Almas Khan, M., Khan, M. A., Ullah Jan, S., Ahmad, J., Jamal, S. S., Shah, A. A., Pitropakis, N., Buchanan, W. J., Alonistioti, N., Panagiotakis, S., & Markakis, E. K. (2021). A Deep Learning-Based Intrusion Detection System for MQTT Enabled IoT. Sensors, 21(21), Article 7016. https://doi.org/10.3390/s21217016

A large number of smart devices in Internet of Things (IoT) environments communicate via different messaging protocols. Message Queuing Telemetry Transport (MQTT) is a widely used publish–subscribe-based protocol for the communication of sensor or ev... Read More about A Deep Learning-Based Intrusion Detection System for MQTT Enabled IoT.

Launching Adversarial Label Contamination Attacks Against Malicious URL Detection (2021)
Presentation / Conference Contribution
Marchand, B., Pitropakis, N., Buchanan, W. J., & Lambrinoudakis, C. (2021, September). Launching Adversarial Label Contamination Attacks Against Malicious URL Detection. Presented at TrustBus 2021: Trust, Privacy and Security in Digital Business, Online

Web addresses, or Uniform Resource Locators (URLs), represent a vector by which attackers are able to deliver a multitude of unwanted and potentially harmful effects to users through malicious software. The ability to detect and block access to such... Read More about Launching Adversarial Label Contamination Attacks Against Malicious URL Detection.

PyDentity: A playground for education and experimentation with the hyperledger verifiable information exchange platform (2021)
Journal Article
Abramson, W., Papadopoulos, P., Pitropakis, N., & Buchanan, W. J. (2021). PyDentity: A playground for education and experimentation with the hyperledger verifiable information exchange platform. Software Impacts, 9, Article 100101. https://doi.org/10.1016/j.simpa.2021.100101

PyDentity lowers the entry barrier for parties interested in experimenting with the Hyperledger’s verifiable information exchange platform. It enables educators, developers and researchers to configure and initialise a set of actors easily as associa... Read More about PyDentity: A playground for education and experimentation with the hyperledger verifiable information exchange platform.

Towards Lightweight URL-Based Phishing Detection (2021)
Journal Article
Butnaru, A., Mylonas, A., & Pitropakis, N. (2021). Towards Lightweight URL-Based Phishing Detection. Future Internet, 13(6), Article 154. https://doi.org/10.3390/fi13060154

Nowadays, the majority of everyday computing devices, irrespective of their size and operating system, allow access to information and online services through web browsers. However, the pervasiveness of web browsing in our daily life does not come wi... Read More about Towards Lightweight URL-Based Phishing Detection.

SANCUS–Towards Unifying the Analysis and Control of Security, Privacy and Service Reliability (2021)
Presentation / Conference Contribution
Zarakovitis, C., Pitropakis, N., Klonidis, D., & Khalife, H. (2021, June). SANCUS–Towards Unifying the Analysis and Control of Security, Privacy and Service Reliability. Poster presented at EuCNC & 6G Summit, Grenoble, France

The arrival of new technologies change the global digital landscape in many ways. In the past years, for example, network virtualization and cloud computing have given raise to organizations for meeting their everyday needs in an elastic manner witho... Read More about SANCUS–Towards Unifying the Analysis and Control of Security, Privacy and Service Reliability.

Towards An SDN Assisted IDS (2021)
Presentation / Conference Contribution
Sutton, R., Ludwiniak, R., Pitropakis, N., Chrysoulas, C., & Dagiuklas, T. (2021, April). Towards An SDN Assisted IDS. Presented at IFIP NTMS Workshop on CyberSecurity on Hardware 2021, Paris, France

Modern Intrusion Detection Systems are able to identify and check all traffic crossing the network segments that they are only set to monitor. Traditional network infrastructures use static detection mechanisms that check and monitor specific types o... Read More about Towards An SDN Assisted IDS.

Launching Adversarial Attacks against Network Intrusion Detection Systems for IoT (2021)
Journal Article
Papadopoulos, P., Thornewill Von Essen, O., Pitropakis, N., Chrysoulas, C., Mylonas, A., & Buchanan, W. J. (2021). Launching Adversarial Attacks against Network Intrusion Detection Systems for IoT. Journal of Cybersecurity and Privacy, 1(2), 252-273. https://doi.org/10.3390/jcp1020014

As the internet continues to be populated with new devices and emerging technologies, the attack surface grows exponentially. Technology is shifting towards a profit-driven Internet of Things market where security is an afterthought. Traditional defe... Read More about Launching Adversarial Attacks against Network Intrusion Detection Systems for IoT.

A Comparative Analysis of Honeypots on Different Cloud Platforms (2021)
Journal Article
Kelly, C., Pitropakis, N., Mylonas, A., McKeown, S., & Buchanan, W. J. (2021). A Comparative Analysis of Honeypots on Different Cloud Platforms. Sensors, 21(7), Article 2433. https://doi.org/10.3390/s21072433

In 2019, the majority of companies used at least one cloud computing service and it is expected that by the end of 2021, cloud data centres will process 94% of workloads. The financial and operational advantages of moving IT infrastructure to special... Read More about A Comparative Analysis of Honeypots on Different Cloud Platforms.

Privacy and Trust Redefined in Federated Machine Learning (2021)
Journal Article
Papadopoulos, P., Abramson, W., Hall, A. J., Pitropakis, N., & Buchanan, W. J. (2021). Privacy and Trust Redefined in Federated Machine Learning. Machine Learning and Knowledge Extraction, 3(2), 333-356. https://doi.org/10.3390/make3020017

A common privacy issue in traditional machine learning is that data needs to be disclosed for the training procedures. In situations with highly sensitive data such as healthcare records, accessing this information is challenging and often prohibited... Read More about Privacy and Trust Redefined in Federated Machine Learning.

Phishing URL Detection Through Top-Level Domain Analysis: A Descriptive Approach (2020)
Presentation / Conference Contribution
Christou, O., Pitropakis, N., Papadopoulos, P., Mckeown, S., & Buchanan, W. J. (2020, February). Phishing URL Detection Through Top-Level Domain Analysis: A Descriptive Approach. Presented at ICISSP 2020, Valletta, Malta

Phishing is considered to be one of the most prevalent cyber-attacks because of its immense flexibility and alarmingly high success rate. Even with adequate training and high situational awareness, it can still be hard for users to continually be awa... Read More about Phishing URL Detection Through Top-Level Domain Analysis: A Descriptive Approach.

Privacy-preserving Surveillance Methods using Homomorphic Encryption (2020)
Presentation / Conference Contribution
Bowditch, W., Abramson, W., Buchanan, W. J., Pitropakis, N., & Hall, A. J. (2020, February). Privacy-preserving Surveillance Methods using Homomorphic Encryption. Presented at 6th International Conference on Information Security Systems and Privacy (ICISSP), Valletta, Malta

Data analysis and machine learning methods often involve the processing of cleartext data, and where this could breach the rights to privacy. Increasingly, we must use encryption to protect all states of the data: in-transit, at-rest, and in-memory.... Read More about Privacy-preserving Surveillance Methods using Homomorphic Encryption.

A Traffic Analysis on Serverless Computing Based on the Example of a File Upload Stream on AWS Lambda (2020)
Journal Article
Muller, L., Chrysoulas, C., Pitropakis, N., & Barclay, P. J. (2020). A Traffic Analysis on Serverless Computing Based on the Example of a File Upload Stream on AWS Lambda. Big Data and Cognitive Computing, 4(4), Article 38. https://doi.org/10.3390/bdcc4040038

The shift towards microservisation which can be observed in recent developments of the cloud landscape for applications has led towards the emergence of the Function as a Service (FaaS) concept, also called Serverless. This term describes the event-d... Read More about A Traffic Analysis on Serverless Computing Based on the Example of a File Upload Stream on AWS Lambda.

Review and Critical Analysis of Privacy-preserving Infection Tracking and Contact Tracing (2020)
Journal Article
Buchanan, W. J., Imran, M. A., Ur-Rehman, M., Zhang, L., Abbasi, Q. H., Chrysoulas, C., Haynes, D., Pitropakis, N., & Papadopoulos, P. (2020). Review and Critical Analysis of Privacy-preserving Infection Tracking and Contact Tracing. Frontiers in Communications and Networks, https://doi.org/10.3389/frcmn.2020.583376

The outbreak of viruses have necessitated contact tracing and infection tracking methods. Despite various efforts, there is currently no standard scheme for the tracing and tracking. Many nations of the world have therefore, developed their own ways... Read More about Review and Critical Analysis of Privacy-preserving Infection Tracking and Contact Tracing.

A Privacy-Preserving Healthcare Framework Using Hyperledger Fabric (2020)
Journal Article
Stamatellis, C., Papadopoulos, P., Pitropakis, N., Katsikas, S., & Buchanan, W. J. (2020). A Privacy-Preserving Healthcare Framework Using Hyperledger Fabric. Sensors, 20(22), Article 6587. https://doi.org/10.3390/s20226587

Electronic health record (EHR) management systems require the adoption of effective technologies when health information is being exchanged. Current management approaches often face risks that may expose medical record storage solutions to common sec... Read More about A Privacy-Preserving Healthcare Framework Using Hyperledger Fabric.

Cloud Security, Privacy and Trust Baselines (2020)
Book Chapter
Pitropakis, N., Katsikas, S., & Lambrinoudakis, C. (2020). Cloud Security, Privacy and Trust Baselines. In J. R. Vacca (Ed.), Cloud Computing Security: Foundations and Challenges. Boca Raton, US: CRC Press. https://doi.org/10.1201/9780429055126

Cloud services vary from data storage and processing to software provision, posing requirements for high availability and on-demand commitment-free provision of services. Cloud providers must provide information through their privacy policy and/or up... Read More about Cloud Security, Privacy and Trust Baselines.

Exploring Adversarial Attacks and Defences for Fake Twitter Account Detection (2020)
Journal Article
Kantartopoulos, P., Pitropakis, N., Mylonas, A., & Kylilis, N. (2020). Exploring Adversarial Attacks and Defences for Fake Twitter Account Detection. Technologies, 8(4), Article 64. https://doi.org/10.3390/technologies8040064

Social media has become very popular and important in people’s lives, as personal ideas, beliefs and opinions are expressed and shared through them. Unfortunately, social networks, and specifically Twitter, suffer from massive existence and perpetual... Read More about Exploring Adversarial Attacks and Defences for Fake Twitter Account Detection.

A Distributed Trust Framework for Privacy-Preserving Machine Learning (2020)
Presentation / Conference Contribution
Abramson, W., Hall, A. J., Papadopoulos, P., Pitropakis, N., & Buchanan, W. J. (2020, September). A Distributed Trust Framework for Privacy-Preserving Machine Learning. Presented at The 17th International Conference on Trust, Privacy and Security in Digital Business - TrustBus2020, Bratislava, Slovakia

When training a machine learning model, it is standard procedure for the researcher to have full knowledge of both the data and model. However, this engenders a lack of trust between data owners and data scientists. Data owners are justifiably reluct... Read More about A Distributed Trust Framework for Privacy-Preserving Machine Learning.

Microtargeting or Microphishing? Phishing Unveiled (2020)
Presentation / Conference Contribution
Khursheed, B., Pitropakis, N., McKeown, S., & Lambrinoudakis, C. (2020). Microtargeting or Microphishing? Phishing Unveiled. In Trust, Privacy and Security in Digital Business (89-105). https://doi.org/10.1007/978-3-030-58986-8_7

Online advertisements delivered via social media platforms function in a similar way to phishing emails. In recent years there has been a growing awareness that political advertisements are being microtargeted and tailored to specific demographics, w... Read More about Microtargeting or Microphishing? Phishing Unveiled.

Privacy-Preserving Passive DNS (2020)
Journal Article
Papadopoulos, P., Pitropakis, N., Buchanan, W. J., Lo, O., & Katsikas, S. (2020). Privacy-Preserving Passive DNS. Computers, 9(3), Article 64. https://doi.org/10.3390/computers9030064

The Domain Name System (DNS) was created to resolve the IP addresses of web servers to easily remembered names. When it was initially created, security was not a major concern; nowadays, this lack of inherent security and trust has exposed the global... Read More about Privacy-Preserving Passive DNS.

Monitoring Users’ Behavior: Anti-Immigration Speech Detection on Twitter (2020)
Journal Article
Pitropakis, N., Kokot, K., Gkatzia, D., Ludwiniak, R., Mylonas, A., & Kandias, M. (2020). Monitoring Users’ Behavior: Anti-Immigration Speech Detection on Twitter. Machine Learning and Knowledge Extraction, 2(3), 192-215. https://doi.org/10.3390/make2030011

The proliferation of social media platforms changed the way people interact online. However, engagement with social media comes with a price, the users’ privacy. Breaches of users’ privacy, such as the Cambridge Analytica scandal, can reveal how the... Read More about Monitoring Users’ Behavior: Anti-Immigration Speech Detection on Twitter.

Testing And Hardening IoT Devices Against the Mirai Botnet (2020)
Presentation / Conference Contribution
Kelly, C., Pitropakis, N., McKeown, S., & Lambrinoudakis, C. (2020, June). Testing And Hardening IoT Devices Against the Mirai Botnet. Presented at IEEE International Conference on Cyber Security and Protection of Digital Services (Cyber Security 2020), Dublin, Ireland

A large majority of cheap Internet of Things (IoT) devices that arrive brand new, and are configured with out-of-the-box settings, are not being properly secured by the manufactures, and are vulnerable to existing malware lurking on the Internet. Amo... Read More about Testing And Hardening IoT Devices Against the Mirai Botnet.

Towards The Creation of A Threat Intelligence Framework for Maritime Infrastructures (2020)
Presentation / Conference Contribution
Pitropakis, N., Logothetis, M., Andrienko, G., Karapistoli, I., Stephanatos, J., & Lambrinoudakis, C. (2019, September). Towards The Creation of A Threat Intelligence Framework for Maritime Infrastructures. Presented at 5th Workshop on the Security of Industrial Control Systems & of Cyber-Physical Systems (CyberICPS 2019), Luxembourg, Luxembourg

The maritime ecosystem has undergone through changes due to the increasing use of information systems and smart devices. The newly introduced technologies give rise to new attack surface in maritime infrastructures. In this position paper, we propose... Read More about Towards The Creation of A Threat Intelligence Framework for Maritime Infrastructures.

A Taxonomy and Survey of Attacks Against Machine Learning (2019)
Journal Article
Pitropakis, N., Panaousis, E., Giannetsos, T., Anastasiadis, E., & Loukas, G. (2019). A Taxonomy and Survey of Attacks Against Machine Learning. Computer Science Review, 34, https://doi.org/10.1016/j.cosrev.2019.100199

The majority of machine learning methodologies operate with the assumption that their environment is benign. However, this assumption does not always hold, as it is often advantageous to adversaries to maliciously modify the training (poisoning attac... Read More about A Taxonomy and Survey of Attacks Against Machine Learning.

Predicting Malicious Insider Threat Scenarios Using Organizational Data and a Heterogeneous Stack-Classifier (2019)
Presentation / Conference Contribution
Hall, A. J., Pitropakis, N., Buchanan, W. J., & Moradpoor, N. (2018, December). Predicting Malicious Insider Threat Scenarios Using Organizational Data and a Heterogeneous Stack-Classifier. Presented at International Workshop on Big Data Analytics for Cyber Threat Hunting, Seattle, WA, USA

Insider threats continue to present a major challenge for the information security community. Despite constant research taking place in this area; a substantial gap still exists between the requirements of this community and the solutions that are cu... Read More about Predicting Malicious Insider Threat Scenarios Using Organizational Data and a Heterogeneous Stack-Classifier.

An Enhanced Cyber Attack Attribution Framework (2018)
Presentation / Conference Contribution
Pitropakis, N., Panaousis, E., Giannakoulias, A., Kalpakis, G., Rodriguez, R. D., & Sarigiannidis, P. (2018, September). An Enhanced Cyber Attack Attribution Framework. Presented at International Conference on Trust and Privacy in Digital Business TrustBus 2018, Regensburg, Germany

Advanced Persistent Threats (APTs) are considered as the threats that are the most challenging to detect and defend against. As APTs use sophisticated attack methods, cyber situational awareness and especially cyber attack attribution are necessary f... Read More about An Enhanced Cyber Attack Attribution Framework.

Towards a Security Enabled and SOA-based QoS (for the Smart Grid) Architecture (2018)
Journal Article
Chrysoulas, C., & Pitropakis, N. (2018). Towards a Security Enabled and SOA-based QoS (for the Smart Grid) Architecture. EAI Endorsed Transactions on Industrial Networks and Intelligent Systems, 4(12), 153551. https://doi.org/10.4108/eai.10-1-2018.153551

QoS and Security features are playing an important role in modern network architecures. Dynamic selection of services and by extension of service providers are vital in today’s liberalized market of energy. On the other hand it is equally important f... Read More about Towards a Security Enabled and SOA-based QoS (for the Smart Grid) Architecture.

Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse (2017)
Presentation / Conference Contribution
Kintis, P., Miramirkhani, N., Lever, C., Chen, Y., Romero-Gómez, R., Pitropakis, N., Nikiforakis, N., & Antonakakis, M. (2017, October). Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse. Presented at 2017 ACM SIGSAC Conference on Computer and Communications Security, Dallas, Texas, USA

Domain squatting is a common adversarial practice where attackers register domain names that are purposefully similar to popular domains. In this work, we study a specific type of domain squatting called "combosquatting," in which attackers register... Read More about Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse.

Secure and Scalable Identity Management for the Aviation Industry (2017)
Presentation / Conference Contribution
Kintis, P., Kountouras, A., Pitropakis, N., Dagon, D., Antonakakis, M., Markou, C., & Buchner, P. (2017, May). Secure and Scalable Identity Management for the Aviation Industry

No abstract available.

The Greater The Power, The More Dangerous The Abuse: Facing Malicious Insiders in The Cloud (2017)
Presentation / Conference Contribution
Pitropakis, N., Lyvas, C., & Lambrinoudakis, C. (2017, February). The Greater The Power, The More Dangerous The Abuse: Facing Malicious Insiders in The Cloud. Presented at The Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, Athens, Greece

The financial crisis made companies around the world search for cheaper and more efficient solutions to cover their needs in terms of computational power and storage. Their quest came to end with the birth of Cloud Computing infrastructures. However,... Read More about The Greater The Power, The More Dangerous The Abuse: Facing Malicious Insiders in The Cloud.

Cloud Security, Privacy, and Trust Baselines (2016)
Book Chapter
Pitropakis, N., Katsikas, S., & Lambrinoudakis, C. (2016). Cloud Security, Privacy, and Trust Baselines. In Cloud Computing Security Foundations and Challenges. Boca Raton: CRC Press

According to ISO 27001, a threat is a potential event. When a threat turns into an actual event, it may cause an undesirable incident. It is undesirable because the incident may harm an organization or a system, causing a security incident and/or t... Read More about Cloud Security, Privacy, and Trust Baselines.

The Far Side of Mobile Application Integrated Development Environments (2016)
Presentation / Conference Contribution
Lyvas, C., Pitropakis, N., & Lambrinoudakis, C. (2016, September). The Far Side of Mobile Application Integrated Development Environments. Presented at International Conference on Trust and Privacy in Digital Business TrustBus 2016: Trust, Privacy and Security in Digital Business, Porto, Portugal

Smart phones are, nowadays, a necessity for the vast majority of individuals around the globe. In addition to the ubiquitous computing paradigm supported by such devices, there are numerous software applications that utilize the high computational ca... Read More about The Far Side of Mobile Application Integrated Development Environments.

Towards an augmented authenticator in the Cloud (2015)
Presentation / Conference Contribution
Pitropakis, N., Yfantopoulos, N., Geneiatakis, D., & Lambrinoudakis, C. (2014, December). Towards an augmented authenticator in the Cloud. Presented at 2014 IEEE International Symposium on Signal Processing and Information Technology (ISSPIT), Noida, India

Many times in the past, critical infrastructures like e-health and e-government services have become a target of cyber-attacks resulting to manipulation of sensitive information. Meanwhile, there are several approaches applying security and privacy p... Read More about Towards an augmented authenticator in the Cloud.

Till All Are One: Towards a Unified Cloud IDS (2015)
Presentation / Conference Contribution
Pitropakis, N., Lambrinoudakis, C., & Geneiatakis, D. (2015, September). Till All Are One: Towards a Unified Cloud IDS. Presented at International Conference on Trust and Privacy in Digital Business TrustBus 2015: Trust, Privacy and Security in Digital Busines, Valencia, Spain

Recently there is a trend to use cloud computing on service deployment, enjoying various advantages that it offers with emphasis on the economy which is achieved in the era of the financial crisis. However, along with the transformation of technology... Read More about Till All Are One: Towards a Unified Cloud IDS.

If you want to know about a hunter, study his prey: detection of network based attacks on KVM based cloud environments (2014)
Journal Article
Pitropakis, N., Anastasopoulou, D., Pikrakis, A., & Lambrinoudakis, C. (2014). If you want to know about a hunter, study his prey: detection of network based attacks on KVM based cloud environments. Journal of cloud computing: advances, systems and applications, 3(1), https://doi.org/10.1186/s13677-014-0020-6

Computational systems are gradually moving towards Cloud Computing Infrastructures, using the several advantages they have to offer and especially the economic advantages in the era of an economic crisis. In addition to this revolution, several secur... Read More about If you want to know about a hunter, study his prey: detection of network based attacks on KVM based cloud environments.

Behaviour reflects personality: detecting co-residence attacks on Xen-based cloud environments (2014)
Journal Article
Pitropakis, N., Pikrakis, A., & Lambrinoudakis, C. (2015). Behaviour reflects personality: detecting co-residence attacks on Xen-based cloud environments. International Journal of Information Security, 14(4), 299-305. https://doi.org/10.1007/s10207-014-0255-8

Cloud computing is gradually becoming the most popular option of Information Technology infrastructures. However, an important issue that has emerged through that revolution is the preservation of an adequate level of security for the infrastructure... Read More about Behaviour reflects personality: detecting co-residence attacks on Xen-based cloud environments.

It's All in the Cloud: Reviewing Cloud Security (2014)
Presentation / Conference Contribution
Pitropakis, N., Darra, E., Vrakas, N., & Lambrinoudakis, C. (2013, December). It's All in the Cloud: Reviewing Cloud Security. Presented at 2013 IEEE 10th International Conference on Ubiquitous Intelligence & Computing and 2013 IEEE 10th International Conference on Autonomic & Trusted Computing (UIC/ATC), Vietri sul Mere, Italy

Cloud computing is gradually replacing traditional IT infrastructures. However, an important issue that has emerged through that revolution is the preservation of an adequate level of security for the infrastructure. Currently there are many research... Read More about It's All in the Cloud: Reviewing Cloud Security.

A Practical Steganographic Approach for Matroska Based High Quality Video Files (2013)
Presentation / Conference Contribution
Pitropakis, N., Lambrinoudakis, C., Geneiatakis, D., & Gritzalis, D. (2013, March). A Practical Steganographic Approach for Matroska Based High Quality Video Files. Presented at 2013 Workshops of 27th International Conference on Advanced Information Networking and Applications (WAINA), Barcelona, Spain

Several steganographic algorithms have been proposed for protecting message secrecy against unauthorized "reads". The most used method for hiding a message relies on embedding the secret message in Least Significant Bit (LSB) on the cover object. Tho... Read More about A Practical Steganographic Approach for Matroska Based High Quality Video Files.

Evaluating Tooling and Methodology when Analysing Bitcoin Mixing Services After Forensic Seizure
Presentation / Conference Contribution
Young, E. H., Chrysoulas, C., Pitropakis, N., Papadopoulos, P., & Buchanan, W. J. (2021, October). Evaluating Tooling and Methodology when Analysing Bitcoin Mixing Services After Forensic Seizure. Paper presented at International Conference on Data Analytics for Business and Industry (ICDABI) 2021 - (DATA'21), Online

Little or no research has been directed to analysis and researching forensic analysis of the Bitcoin mixing or 'tumbling' service themselves. This work is intended to examine effective tooling and methodology for recovering forensic artifacts from tw... Read More about Evaluating Tooling and Methodology when Analysing Bitcoin Mixing Services After Forensic Seizure.

Dr Nick Pitropakis' Outputs (73)