Publication List

The new fifth generation (5G) mobile cellular network brings enhanced mobile broadband, massive machine type communication (e.g. IoT), critical machine type communication and fixed wireless access and will accommodate new services and applications such as augmented reality, and seamless streaming to all. 5G will boost security with encrypted data, segmented networks (network slices), enhanced privacy, and user authentication, but the 5G success may also attract attackers to look for vulnerabilities, exploits or eavesdropping. The increase in connected devices creates more targets, and larger attack surfaces, hence attacks on vital connected systems could become more chaotic and consequential. The MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework attempts to provide a comprehensive overview of the methods (Techniques) by which an attacker can achieve various operational objectives (Tactics). However, some techniques may not be included in the MITRE ATT&CK matrices. This paper proposes to enhance the ATT & CK framework with Adversarial Tactics and Techniques catered for the mobile network infrastructure – CONCORDIA Mobile Threat Modeling Framework (CMTMF).

The number of Internet of Things (IoT) devices used in eldercare are increasing day by day and bringing big security challenges especially for health care organizations, IoT service providers and most seriously for the elderly users. Attackers launch many attacks using compromised IoT devices such as Distributed Denial of Services (DDoS), among others. To detect and prevent these types of attacks on IoT devices connected to the cellular network, it is essential to have a proper overview of the existing threats and vulnerabilities. The main objective of this work is to present and compare different machine learning algorithms for anomaly detection in the cellular IoT scenario. Five supervised machine learning algorithms, namely KNN, Naïve Bayes, Decision Tree and Logistic Regression are used and evaluated by their performance. We see that, for both normal (using a local test dataset) and attack traffic (CICDDoS2019 Dataset: https://www.unb.ca/cic/datasets/ddos-2019.html.) datasets, the accuracy and precision of the models are in average above 90%.

As we notice the increasing adoption of Cellular IoT solutions (smart-home, e-health, among others), there are still some security aspects that can be improved as these devices can suffer various types of attacks that can have a high-impact over our daily lives. In order to avoid this, we present a multi-front security solution that consists on a federated cross-layered authentication mechanism, as well as a machine learning platform with anomaly detection techniques for data traffic analysis as a way to study devices' behavior so it can preemptively detect attacks and minimize their impact. In this paper, we also present a proof-of-concept to illustrate the proposed solution and showcase its feasibility, as well as the discussion of future iterations that will occur for this work.

Upon the new paradigm of Cellular Internet of Things, through the usage of technologies such as Narrowband IoT (NB-IoT), a massive amount of IoT devices will be able to use the mobile network infrastructure to perform their communications. However, it would be beneficial for these devices to use the same security mechanisms that are present in the cellular network architecture, so that their connections to the application layer could see an increase on security. As a way to approach this, an identity management and provisioning mechanism, as well as an identity federation between an IoT platform and the cellular network is proposed as a way to make an IoT device deemed worthy of using the cellular network and perform its actions.

This paper presents a Cellular Identity Federation solution which both strengthens and simplifies the authentication of Internet of Things (IoT) devices and applications by providing single sign-on between the network layer and IoT applications. They are hence relieved of the burden of authentication and identity management, which could be both technically and economically challenging. The paper aims at clarifying how IoT authentication can be skipped without compromising security. The proposed solution is described thoroughly, and the authentication process is depicted step by step. Last but not least is the comprehensive description of the proof-of-concept which shows the feasibility of the Cellular Identity Federation.

With the upcoming deployment and usage of Cellular Internet of Things solutions, it is important to mitigate some issues regarding security, due to the physical limitations that some devices have such as low memory, low processing power or even low battery range that don't allow them to perform or support more complex functions. To combine and benefit from the security mechanisms that exist in cellular networks, in this paper we present a cross-federation identity solution that simplifies the authentication and identification procedures for these devices by providing a single sign-on access trait between both the network and the application layers, by also addressing a developed proof-of-concept that allows to illustrate the solution's potential.

With the upcoming introduction of 5G networks for our daily usage and convenience and with the purpose of accommodating a countless amount of Internet of Things (IoT) devices and applications alongside the billion devices that already use the network (e.g. mobile phones), one of the key aspects for its success is to ensure to these upcoming devices enhanced but affordable security. With this paper, we present a solution that introduces an Identity Federation mechanism that reuses the SIM authentication for cellular IoT devices, enabling single sign-on features. This solution aims to relieve the responsibility of IoT providers for developing (proprietary) device identity management mechanisms while allowing to reduce operation costs overall.

Although the vision of 5G is to accommodate billions IoT devices and applications, its success depends very much on its ability to provide enhanced and affordable security. This paper introduces an Identity Federation solution which reuses the SIM authentication for cellular IoT devices enabling single-sign-on. The proposed solution alleviates the IoT provider's burden of device identity management at the same time as the operational costs are reduced considerably. The proposed solution is realized by open source software for LTE, identity management and IoT.