BASS
4th International Workshop on Behavioral Authentication for System Security
-
Aug 02, 2024
-
SR03
-
09:00 — 15:00
Workshop Chairs
- → Andrea Saracino
- → Alessandro Aldini
- → Marco Rasori
Accepted Paper
Analysis of the Windows Control Flow Guard
Niels Pfau
(Institute of IT Security Research, St. Pölten University of Applied Sciences, Austria), Patrick Kochberger
(Institute of IT Security Research, St. Pölten University of Applied Sciences, Austria)
Full Paper
Cybersecurity’s constantly evolving field demands defense mechanisms’ continuous development and refinement. Memory corruption attacks, including buffer overflows and use-after-free vulnerabilities, have long been a significant threat, especially for web browsers. Microsoft introduced Control Flow Guard (CFG) as a mitigative measure against advanced exploitation techniques, like ROP and use-after-free-based exploits, to address these risks. This paper delves into the internals of CFG, its implementation, effectiveness, and possible bypasses that could undermine its security. A thorough examination of Microsoft’s CFG design principles gives the reader an in-depth understanding of how CFG enforces control flow integrity within a program’s execution. The limitations of this mitigation are highlighted by employing a direct return address overwrite to exploit the ChakraCore JavaScript engine.
Additional potential bypasses are investigated, considering other scenarios wherein CFG might get circumvented. This exploration emphasizes the importance of continued research and development in the field of exploit mitigation, and the chaining of multiple mitigations to address evolving threats and maintain the security and integrity of modern software.
In conclusion, the paper discusses the Windows CFG and its ramifications on memory corruption attacks. It manifests the effectiveness against specific exploitation methods while spotlighting limitations and potential bypasses that could jeopardize its security.
Workshop BASS
Workshop BASS
Additional potential bypasses are investigated, considering other scenarios wherein CFG might get circumvented. This exploration emphasizes the importance of continued research and development in the field of exploit mitigation, and the chaining of multiple mitigations to address evolving threats and maintain the security and integrity of modern software.
In conclusion, the paper discusses the Windows CFG and its ramifications on memory corruption attacks. It manifests the effectiveness against specific exploitation methods while spotlighting limitations and potential bypasses that could jeopardize its security.
A tool for IoT Firmware Certification
Giuseppe Marco Bianco
(Politecnico di Torino, Italy), Luca Ardito
(Politecnico di Torino, Italy), Michele Valsesia
(Politecnico di Torino, Italy)
Full Paper
The IoT landscape is plagued by security and reliability concerns due to the absence of standardization, rendering devices susceptible to breaches. Certifying IoT firmware offers a solution by enabling consumers to easily identify secure products and incentivizing developers to prioritize secure coding practices, thereby fostering transparency within the IoT ecosystem. This study proposes a methodology centered on ELF binary analysis, aimed at discerning critical functionalities by identifying system calls within firmware. It introduces the manifest-producer tool, developed in Rust, for analyzing ELF binaries in IoT firmware certification. Employing static analysis techniques, the tool detects APIs and evaluates firmware behavior, culminating in the generation of JSON manifests encapsulating essential information. These manifests enable an assessment of firmware compliance with security and reliability standards, as well as alignment with declared device behaviors. Performance analysis using benchmarking tools demonstrates the tool's versatility and resilience across diverse programming languages and file sizes. Future avenues of research include refining API discovery algorithms and conducting vulnerability analyses to bolster IoT device security. This paper underscores the pivotal role of firmware certification in cultivating a safer IoT ecosystem and presents a valuable tool for realizing this objective within academic discourse.
Workshop BASS
Workshop BASS
Image-based detection and classification of Android malware through CNN models
Alessandro Aldini
(University of Urbino Carlo Bo, Italy), Tommaso Petrelli
(University of Urbino Carlo Bo, Italy)
Full Paper
Convolutional Neural Networks (CNN) are artificial deep learning networks widely used in computer vision and image recognition for their highly efficient capability of extracting input image features. In the literature, such a successful tool has been leveraged for detection/classification purposes in several application domains where input data are converted into images. In this work, we consider the application of CNN models, developed by employing standard Python libraries, to detect and then classify Android-based malware applications. Different models are tested, even in combination with machine learning-based classifiers, with respect to two datasets of 5000 applications each. To emphasize the adequacy of the various CNN implementations, several performance metrics are considered, as also stressed by a comprehensive comparison with related work.
Workshop BASS
Workshop BASS
A Web Browser Plugin for Users' Security Awareness
Thomas Hoad
(University of Southampton, United Kingdom), Erisa Karafili
(University of Southampton, United Kingdom)
Full Paper
Browsing online continues to pose a risk to the users’ privacy and security. There is a plethora of existing tools and solutions that aim at ensuring safe and private browsing but they are not used by the majority of the users due to the lack of ease of use or because they are too restrictive. In this work, we present a plugin for Google Chrome that aims to increase the users' security awareness regarding the visited websites. We aim to provide the user with simple and understandable information about the security of the visited website. We evaluated our tool through a usability analysis and compared it with existing well-known solutions. Our study showed that our plugin ranking was high in the ease of use, and in the middle range for clarity, information provided, and overall satisfaction. Overall, our study showed that the users would like to use a tool that has ease of use but that also provides some simple security information about the visited website.
Workshop BASS
Workshop BASS
Systematic Analysis of Label-flipping Attacks against Federated Learning in Collaborative Intrusion Detection Systems
Léo Lavaur
(IMT Atlantique / IRISA-SOTERN / Cyber CNI, France), Yann Busnel
(IMT Nord Europe / IRISA-SOTERN, France), Fabien Autrel
(IMT Atlantique / IRISA-SOTERN, France)
Full Paper
With the emergence of federated learning (FL) and its promise of privacy-preserving knowledge sharing, the field of intrusion
detection systems (IDSs) has seen a renewed interest in the development of collaborative models. However, the distributed nature of FL makes it vulnerable to malicious contributions from its participants, including data poisoning attacks. The specific case of label-flipping attacks, where the labels of a subset of the training data are flipped, has been overlooked in the context of IDSs that leverage FL primitives. This study aims to close this gap by providing a systematic and comprehensive analysis of the impact of label-flipping attacks on FL for IDSs. We show that such attacks can still have a significant impact on the performance of FL models, especially targeted ones, depending on parameters and dataset characteristics. Additionally, the provided tools and methodology can be used to extend our findings to other models and datasets, and benchmark the efficiency of existing countermeasures.
Workshop BASS
Workshop BASS
detection systems (IDSs) has seen a renewed interest in the development of collaborative models. However, the distributed nature of FL makes it vulnerable to malicious contributions from its participants, including data poisoning attacks. The specific case of label-flipping attacks, where the labels of a subset of the training data are flipped, has been overlooked in the context of IDSs that leverage FL primitives. This study aims to close this gap by providing a systematic and comprehensive analysis of the impact of label-flipping attacks on FL for IDSs. We show that such attacks can still have a significant impact on the performance of FL models, especially targeted ones, depending on parameters and dataset characteristics. Additionally, the provided tools and methodology can be used to extend our findings to other models and datasets, and benchmark the efficiency of existing countermeasures.
If It Looks Like a Rootkit and Deceives Like a Rootkit: A Critical Examination of Kernel-Level Anti-Cheat Systems
Christoph Dorner
(St. Pölten University of Applied Sciences, Austria), Lukas Daniel Klausner
(St. Pölten University of Applied Sciences, Austria)
Full Paper
Addressing a critical aspect of cybersecurity in online gaming, this paper systematically evaluates the extent to which kernel-level anti-cheat systems mirror the properties of rootkits, highlighting the importance of distinguishing between protective and potentially invasive software. After establishing a definition for rootkits (making distinctions between rootkits and simple kernel-level applications) and defining metrics to evaluate such software, we introduce four widespread kernel-level anti-cheat solutions. We lay out the inner workings of these types of software, assess them according to our previously established definitions, and discuss ethical considerations and the possible privacy infringements introduced by such programs. Our analysis shows two of the four anti-cheat solutions exhibiting rootkit-like behaviour, threatening the privacy and the integrity of the system. This paper thus provides crucial insights for researchers and developers in the field of gaming security and software engineering, highlighting the need for informed development practices that carefully consider the intersection of effective anti-cheat mechanisms and user privacy.
Workshop BASS
Workshop BASS
Behavioural Modelling for Sustainability in Smart Homes
Luca Ardito
(Politecnico di Torino, Italy)
Full Paper
The critical role of behavioral interventions, such as real-time feedback, automation, incentives, and nudges, will be discussed in fostering eco-friendly behaviors among residents. Highlighting real case studies on devices, the session will demonstrate practical benefits, including significant energy savings, enhanced comfort, and reduced greenhouse gas emissions.
Addressing privacy concerns is important in the adoption of these technologies. Strategies for robust data protection, transparency, and user education will be outlined to build trust and ensure ethical data use. Furthermore, the session will cover the importance of regulatory frameworks like GDPR and CCPA in safeguarding user privacy and promoting secure smart home ecosystems.
The future of smart homes lies in the intersection of technological advancements, policy development, market growth, and environmental impact. The session will explore how advancements in artificial intelligence, machine learning, and data analytics enhance smart home capabilities and how strategic partnerships and continuous innovation drive market growth. Emphasizing the critical contribution of smart homes to global sustainability efforts, the talk will showcase how these technologies mitigate climate change and conserve natural resources.
A key highlight of this session will be the integration of gamification to increase user engagement and motivation. By applying game-design elements like points, leaderboards, and challenges, sustainable practices can become more engaging and enjoyable, leading to greater user involvement and long-term behavior change.
This speech will provide a comprehensive overview of the current and future directions in smart home sustainability, highlighting the interplay between technology, policy, and user engagement to shape research directions and foster a sustainable and efficient future.
Workshop BASS
Workshop BASS
Addressing privacy concerns is important in the adoption of these technologies. Strategies for robust data protection, transparency, and user education will be outlined to build trust and ensure ethical data use. Furthermore, the session will cover the importance of regulatory frameworks like GDPR and CCPA in safeguarding user privacy and promoting secure smart home ecosystems.
The future of smart homes lies in the intersection of technological advancements, policy development, market growth, and environmental impact. The session will explore how advancements in artificial intelligence, machine learning, and data analytics enhance smart home capabilities and how strategic partnerships and continuous innovation drive market growth. Emphasizing the critical contribution of smart homes to global sustainability efforts, the talk will showcase how these technologies mitigate climate change and conserve natural resources.
A key highlight of this session will be the integration of gamification to increase user engagement and motivation. By applying game-design elements like points, leaderboards, and challenges, sustainable practices can become more engaging and enjoyable, leading to greater user involvement and long-term behavior change.
This speech will provide a comprehensive overview of the current and future directions in smart home sustainability, highlighting the interplay between technology, policy, and user engagement to shape research directions and foster a sustainable and efficient future.
Accepted Paper
Analysis of the Windows Control Flow Guard
Niels Pfau
(Institute of IT Security Research, St. Pölten University of Applied Sciences, Austria), Patrick Kochberger
(Institute of IT Security Research, St. Pölten University of Applied Sciences, Austria)
Full Paper
Cybersecurity’s constantly evolving field demands defense mechanisms’ continuous development and refinement. Memory corruption attacks, including buffer overflows and use-after-free vulnerabilities, have long been a significant threat, especially for web browsers. Microsoft introduced Control Flow Guard (CFG) as a mitigative measure against advanced exploitation techniques, like ROP and use-after-free-based exploits, to address these risks. This paper delves into the internals of CFG, its implementation, effectiveness, and possible bypasses that could undermine its security. A thorough examination of Microsoft’s CFG design principles gives the reader an in-depth understanding of how CFG enforces control flow integrity within a program’s execution. The limitations of this mitigation are highlighted by employing a direct return address overwrite to exploit the ChakraCore JavaScript engine.
Additional potential bypasses are investigated, considering other scenarios wherein CFG might get circumvented. This exploration emphasizes the importance of continued research and development in the field of exploit mitigation, and the chaining of multiple mitigations to address evolving threats and maintain the security and integrity of modern software.
In conclusion, the paper discusses the Windows CFG and its ramifications on memory corruption attacks. It manifests the effectiveness against specific exploitation methods while spotlighting limitations and potential bypasses that could jeopardize its security.
Workshop BASS
Workshop BASS
Additional potential bypasses are investigated, considering other scenarios wherein CFG might get circumvented. This exploration emphasizes the importance of continued research and development in the field of exploit mitigation, and the chaining of multiple mitigations to address evolving threats and maintain the security and integrity of modern software.
In conclusion, the paper discusses the Windows CFG and its ramifications on memory corruption attacks. It manifests the effectiveness against specific exploitation methods while spotlighting limitations and potential bypasses that could jeopardize its security.
If It Looks Like a Rootkit and Deceives Like a Rootkit: A Critical Examination of Kernel-Level Anti-Cheat Systems
Christoph Dorner
(St. Pölten University of Applied Sciences, Austria), Lukas Daniel Klausner
(St. Pölten University of Applied Sciences, Austria)
Full Paper
Addressing a critical aspect of cybersecurity in online gaming, this paper systematically evaluates the extent to which kernel-level anti-cheat systems mirror the properties of rootkits, highlighting the importance of distinguishing between protective and potentially invasive software. After establishing a definition for rootkits (making distinctions between rootkits and simple kernel-level applications) and defining metrics to evaluate such software, we introduce four widespread kernel-level anti-cheat solutions. We lay out the inner workings of these types of software, assess them according to our previously established definitions, and discuss ethical considerations and the possible privacy infringements introduced by such programs. Our analysis shows two of the four anti-cheat solutions exhibiting rootkit-like behaviour, threatening the privacy and the integrity of the system. This paper thus provides crucial insights for researchers and developers in the field of gaming security and software engineering, highlighting the need for informed development practices that carefully consider the intersection of effective anti-cheat mechanisms and user privacy.
Workshop BASS
Workshop BASS
Systematic Analysis of Label-flipping Attacks against Federated Learning in Collaborative Intrusion Detection Systems
Léo Lavaur
(IMT Atlantique / IRISA-SOTERN / Cyber CNI, France), Yann Busnel
(IMT Nord Europe / IRISA-SOTERN, France), Fabien Autrel
(IMT Atlantique / IRISA-SOTERN, France)
Full Paper
With the emergence of federated learning (FL) and its promise of privacy-preserving knowledge sharing, the field of intrusion
detection systems (IDSs) has seen a renewed interest in the development of collaborative models. However, the distributed nature of FL makes it vulnerable to malicious contributions from its participants, including data poisoning attacks. The specific case of label-flipping attacks, where the labels of a subset of the training data are flipped, has been overlooked in the context of IDSs that leverage FL primitives. This study aims to close this gap by providing a systematic and comprehensive analysis of the impact of label-flipping attacks on FL for IDSs. We show that such attacks can still have a significant impact on the performance of FL models, especially targeted ones, depending on parameters and dataset characteristics. Additionally, the provided tools and methodology can be used to extend our findings to other models and datasets, and benchmark the efficiency of existing countermeasures.
Workshop BASS
Workshop BASS
detection systems (IDSs) has seen a renewed interest in the development of collaborative models. However, the distributed nature of FL makes it vulnerable to malicious contributions from its participants, including data poisoning attacks. The specific case of label-flipping attacks, where the labels of a subset of the training data are flipped, has been overlooked in the context of IDSs that leverage FL primitives. This study aims to close this gap by providing a systematic and comprehensive analysis of the impact of label-flipping attacks on FL for IDSs. We show that such attacks can still have a significant impact on the performance of FL models, especially targeted ones, depending on parameters and dataset characteristics. Additionally, the provided tools and methodology can be used to extend our findings to other models and datasets, and benchmark the efficiency of existing countermeasures.
Behavioural Modelling for Sustainability in Smart Homes
Luca Ardito
(Politecnico di Torino, Italy)
Full Paper
The critical role of behavioral interventions, such as real-time feedback, automation, incentives, and nudges, will be discussed in fostering eco-friendly behaviors among residents. Highlighting real case studies on devices, the session will demonstrate practical benefits, including significant energy savings, enhanced comfort, and reduced greenhouse gas emissions.
Addressing privacy concerns is important in the adoption of these technologies. Strategies for robust data protection, transparency, and user education will be outlined to build trust and ensure ethical data use. Furthermore, the session will cover the importance of regulatory frameworks like GDPR and CCPA in safeguarding user privacy and promoting secure smart home ecosystems.
The future of smart homes lies in the intersection of technological advancements, policy development, market growth, and environmental impact. The session will explore how advancements in artificial intelligence, machine learning, and data analytics enhance smart home capabilities and how strategic partnerships and continuous innovation drive market growth. Emphasizing the critical contribution of smart homes to global sustainability efforts, the talk will showcase how these technologies mitigate climate change and conserve natural resources.
A key highlight of this session will be the integration of gamification to increase user engagement and motivation. By applying game-design elements like points, leaderboards, and challenges, sustainable practices can become more engaging and enjoyable, leading to greater user involvement and long-term behavior change.
This speech will provide a comprehensive overview of the current and future directions in smart home sustainability, highlighting the interplay between technology, policy, and user engagement to shape research directions and foster a sustainable and efficient future.
Workshop BASS
Workshop BASS
Addressing privacy concerns is important in the adoption of these technologies. Strategies for robust data protection, transparency, and user education will be outlined to build trust and ensure ethical data use. Furthermore, the session will cover the importance of regulatory frameworks like GDPR and CCPA in safeguarding user privacy and promoting secure smart home ecosystems.
The future of smart homes lies in the intersection of technological advancements, policy development, market growth, and environmental impact. The session will explore how advancements in artificial intelligence, machine learning, and data analytics enhance smart home capabilities and how strategic partnerships and continuous innovation drive market growth. Emphasizing the critical contribution of smart homes to global sustainability efforts, the talk will showcase how these technologies mitigate climate change and conserve natural resources.
A key highlight of this session will be the integration of gamification to increase user engagement and motivation. By applying game-design elements like points, leaderboards, and challenges, sustainable practices can become more engaging and enjoyable, leading to greater user involvement and long-term behavior change.
This speech will provide a comprehensive overview of the current and future directions in smart home sustainability, highlighting the interplay between technology, policy, and user engagement to shape research directions and foster a sustainable and efficient future.
A tool for IoT Firmware Certification
Giuseppe Marco Bianco
(Politecnico di Torino, Italy), Luca Ardito
(Politecnico di Torino, Italy), Michele Valsesia
(Politecnico di Torino, Italy)
Full Paper
The IoT landscape is plagued by security and reliability concerns due to the absence of standardization, rendering devices susceptible to breaches. Certifying IoT firmware offers a solution by enabling consumers to easily identify secure products and incentivizing developers to prioritize secure coding practices, thereby fostering transparency within the IoT ecosystem. This study proposes a methodology centered on ELF binary analysis, aimed at discerning critical functionalities by identifying system calls within firmware. It introduces the manifest-producer tool, developed in Rust, for analyzing ELF binaries in IoT firmware certification. Employing static analysis techniques, the tool detects APIs and evaluates firmware behavior, culminating in the generation of JSON manifests encapsulating essential information. These manifests enable an assessment of firmware compliance with security and reliability standards, as well as alignment with declared device behaviors. Performance analysis using benchmarking tools demonstrates the tool's versatility and resilience across diverse programming languages and file sizes. Future avenues of research include refining API discovery algorithms and conducting vulnerability analyses to bolster IoT device security. This paper underscores the pivotal role of firmware certification in cultivating a safer IoT ecosystem and presents a valuable tool for realizing this objective within academic discourse.
Workshop BASS
Workshop BASS
Image-based detection and classification of Android malware through CNN models
Alessandro Aldini
(University of Urbino Carlo Bo, Italy), Tommaso Petrelli
(University of Urbino Carlo Bo, Italy)
Full Paper
Convolutional Neural Networks (CNN) are artificial deep learning networks widely used in computer vision and image recognition for their highly efficient capability of extracting input image features. In the literature, such a successful tool has been leveraged for detection/classification purposes in several application domains where input data are converted into images. In this work, we consider the application of CNN models, developed by employing standard Python libraries, to detect and then classify Android-based malware applications. Different models are tested, even in combination with machine learning-based classifiers, with respect to two datasets of 5000 applications each. To emphasize the adequacy of the various CNN implementations, several performance metrics are considered, as also stressed by a comprehensive comparison with related work.
Workshop BASS
Workshop BASS
A Web Browser Plugin for Users' Security Awareness
Thomas Hoad
(University of Southampton, United Kingdom), Erisa Karafili
(University of Southampton, United Kingdom)
Full Paper
Browsing online continues to pose a risk to the users’ privacy and security. There is a plethora of existing tools and solutions that aim at ensuring safe and private browsing but they are not used by the majority of the users due to the lack of ease of use or because they are too restrictive. In this work, we present a plugin for Google Chrome that aims to increase the users' security awareness regarding the visited websites. We aim to provide the user with simple and understandable information about the security of the visited website. We evaluated our tool through a usability analysis and compared it with existing well-known solutions. Our study showed that our plugin ranking was high in the ease of use, and in the middle range for clarity, information provided, and overall satisfaction. Overall, our study showed that the users would like to use a tool that has ease of use but that also provides some simple security information about the visited website.
Workshop BASS
Workshop BASS
Detail BASS 03/06
4th International Workshop on Behavioral Authentication for System Security to be held in the conjunction with the 19th International Conference on Availability, Reliability and Security
Behavioral features are getting in the last years an increasing attention from both IT research and industrial world. Human behavioral aspects are extremely valuable pieces of information, exploited by companies to profile current or potential customers, in order to anticipate their preferences and present custom offers. Runtime behavioral analysis is being applied with increasing success for continuous and silent user authentication, and is considered an enabler for the seamless authentication paradigm in several environments and devices. Furthermore, behavioral analysis is posing itself as a valuable alternative to signature-based approaches to identify anomalies, intrusions, security attacks and system malfunctioning. These approaches are in fact known to be flexible, self-learning and able to consider multi-level and multi-domain features, related to software execution, system status, user interaction and current context.
BASS aims at attracting innovative contributions from both industry and academia related to all aspects of human, system or software behavioral analysis for IT security. The workshop solicits submission on both theoretical aspects and practical applications of behavior analysis, behavior-based identification and authentication, profiling and privacy and security aspects related to recording and exploitation of behavioral features.
The previous editions of BASS have been held in conjunction with ARES in 2021 and 2019, first edition was co-located with SECRYPT 2018.
Keynote: Behavioural Modelling for Sustainability in Smart Homes
The keynote delves into the transformative potential of smart home technologies in driving sustainability. This session will explore the integration of behavioural modelling, predictive analytics, and gamification to enhance user engagement and promote sustainable practices in smart homes. By examining comprehensive sustainability metrics—environmental, economic, and social—the talk will uncover how these technologies optimise energy efficiency, reduce carbon footprints, and improve overall quality of life.
The critical role of behavioural interventions, such as real-time feedback, automation, incentives, and nudges, will be discussed in fostering eco-friendly behaviours among residents. Highlighting real case studies on devices, the session will demonstrate practical benefits, including significant energy savings, enhanced comfort, and reduced greenhouse gas emissions.
Addressing privacy concerns is important in the adoption of these technologies. Strategies for robust data protection, transparency, and user education will be outlined to build trust and ensure ethical data use. Furthermore, the session will cover the importance of regulatory frameworks like GDPR and CCPA in safeguarding user privacy and promoting secure smart home ecosystems.
The future of smart homes lies in the intersection of technological advancements, policy development, market growth, and environmental impact. The session will explore how advancements in artificial intelligence, machine learning, and data analytics enhance smart home capabilities and how strategic partnerships and continuous innovation drive market growth. Emphasising the critical contribution of smart homes to global sustainability efforts, the talk will showcase how these technologies mitigate climate change and conserve natural resources.
A key highlight of this session will be the integration of gamification to increase user engagement and motivation. By applying game-design elements like points, leaderboards, and challenges, sustainable practices can become more engaging and enjoyable, leading to greater user involvement and long-term behaviour change.
This speech will provide a comprehensive overview of the current and future directions in smart home sustainability, highlighting the interplay between technology, policy, and user engagement to shape research directions and foster a sustainable and efficient future.
About the speaker:
Luca Ardito is an assistant professor at the Politecnico di Torino. He specialises in software engineering, focusing on energy optimisation and testing mobile, web, and IoT applications. He leads the Italian PRIN project funded by the Ministry of Education, named Assistants, and has been involved in the European H2020 SIFIS-Home project as a work package leader. He holds a PhD in Computer and Systems Engineering. He is the co-author of over 50 scientific articles on software energy efficiency, mobile application testing, and the gamification of activities related to teaching and various phases of software development.
The keynote delves into the transformative potential of smart home technologies in driving sustainability. This session will explore the integration of behavioural modelling, predictive analytics, and gamification to enhance user engagement and promote sustainable practices in smart homes. By examining comprehensive sustainability metrics—environmental, economic, and social—the talk will uncover how these technologies optimise energy efficiency, reduce carbon footprints, and improve overall quality of life.
The critical role of behavioural interventions, such as real-time feedback, automation, incentives, and nudges, will be discussed in fostering eco-friendly behaviours among residents. Highlighting real case studies on devices, the session will demonstrate practical benefits, including significant energy savings, enhanced comfort, and reduced greenhouse gas emissions.
Addressing privacy concerns is important in the adoption of these technologies. Strategies for robust data protection, transparency, and user education will be outlined to build trust and ensure ethical data use. Furthermore, the session will cover the importance of regulatory frameworks like GDPR and CCPA in safeguarding user privacy and promoting secure smart home ecosystems.
The future of smart homes lies in the intersection of technological advancements, policy development, market growth, and environmental impact. The session will explore how advancements in artificial intelligence, machine learning, and data analytics enhance smart home capabilities and how strategic partnerships and continuous innovation drive market growth. Emphasising the critical contribution of smart homes to global sustainability efforts, the talk will showcase how these technologies mitigate climate change and conserve natural resources.
A key highlight of this session will be the integration of gamification to increase user engagement and motivation. By applying game-design elements like points, leaderboards, and challenges, sustainable practices can become more engaging and enjoyable, leading to greater user involvement and long-term behaviour change.
This speech will provide a comprehensive overview of the current and future directions in smart home sustainability, highlighting the interplay between technology, policy, and user engagement to shape research directions and foster a sustainable and efficient future.
About the speaker:
Luca Ardito is an assistant professor at the Politecnico di Torino. He specialises in software engineering, focusing on energy optimisation and testing mobile, web, and IoT applications. He leads the Italian PRIN project funded by the Ministry of Education, named Assistants, and has been involved in the European H2020 SIFIS-Home project as a work package leader. He holds a PhD in Computer and Systems Engineering. He is the co-author of over 50 scientific articles on software energy efficiency, mobile application testing, and the gamification of activities related to teaching and various phases of software development.
Topics of interest include, but are not limited to 04/06
- Software Behavior Analysis
- User behavior modeling and classification
- Ontologies for behavior representation
- Human behavior profiling
- Behavior-based authentication
- Behavioral features and approaches for intrusion detection
- Privacy-preserving behavioral analysis
- Explainability of behavioral analysis
- Secure recording and management of behavioral features
- Hazardous behavior prediction and risk mitigation
- Behavioral models for distributed IT systems
- Hardware and virtual network traffic behavior
- Behavioral analysis and classification for forensic applications
- Cyber-Risk models exploiting behavioral features
- Behavioral practices for cyber-disaster management and recovery
- Models and practices for collaborative behavioral analysis
- Biometric-behavioral models for user authentication
- Ability authentication
- Behavioral Analysis for Access and Usage Control
Workshop Chairs 05/06
Workshop Chairs
Program Committe
Vasileios Gkioulos
|
Norwegian University of Science and Technology, Norway
Paolo Mori
|
IIT-CNR, Italy
Mohammad Hamad
|
Technical University of Munich, Germany
Luca Ardito
|
Politecnico di Torino, Italy
Nicola Zannone
|
Eindhoven University of Technology, Netherlands
Marco Tiloca
|
RISE Research Institutes of Sweden, Sweden
Erisa Karafili
|
University of Southampton, UK
Pericle Perazzo
|
University of Pisa, Italy
Shucheng Yu
|
Stevens Institute of Technology, US
Weizhi Meng
|
Technical University of Denmark, Denmark
Maryam Mehrnezhad
|
Royal Holloway University of London, UK
Wojtek Jamroga
|
Polish Academy of Sciences, Poland
Submission 06/06
Submission Guidelines
The submission guidelines valid for the workshop are the same as for the ARES conference.
Important Dates
Extended Submission Deadline
May 15, 2024
Author Notification
May 29, 2024
Proceedings Version
Jun 18, 2024
Conference
Jul 30
—
Aug 02, 2024