IWAPS

4th International Workshop on Advances on Privacy Preserving Technologies and Solutions
  • Date
    Jul 31, 2024
  • Location
    SR04
  • Duration
    08:45 — 16:45
Workshops Lettering

Workshop Chairs

Workshop Chairs Logo Workshop Chairs Logo
  • → Christos Xenakis
  • → Aristeidis Farao

Detail IWAPS 01/05

Topics of interest include, but are not limited to 02/05

  • Economic Implications of Adversarial AI
  • Ethical Considerations in Adversarial AI
  • Architectures and protocols for scalable, secure, robust and privacy enhancing technologies
  • Cryptographic approaches for security and privacy
  • Threat and attack models in IoT
  • End-to-end system security models for IoT
  • ML for security and privacy in privacy preserving technologies
  • ML technique for deep packet inspection
  • Privacy-preserving and machine-learning-based data analytics
  • ML technique to predict psychological manipulation
  • Game Theoretic approach to predict attacking paths
  • Privacy preserving security/privacy policies
  • Applications of privacy-preserving AI systems
  • Differential privacy: theory and applications
  • Human rights and privacy
  • Privacy policies and legal issues
  • Privacy preserving test cases and benchmarks
  • Security economics
  • AI/ML techniques in Cyber Threat Intelligence
  • Weakest link in Cybersecurity
  • ML in automated software testing
  • Human Factors in Adversarial AI
  • Adversarial AI in Cybersecurity
  • Ethical, psychological, sociological, or anthropological aspects of usable security and privacy
  • Trust frameworks and management models for IoT systems
  • Intrusion and malware detection for IoT systems
  • Deep Learning and privacy preserving
  • Protection solutions against adversarial ML attacks
  • ML to analyze cryptographic protocols
  • Analysis of mitigations and automating
  • ML in predicting the weakest link in an architecture
  • Privacy enhancing and anonymization techniques
  • Privacy preserving technologies/solutions for IoT systems
  • Attacks on data privacy
  • Distributed privacy-preserving algorithms
  • Security controls and budget allocation
  • Privacy preserving optimization and ML
  • Surveillance and societal issues
  • Investments in cyber-defense
  • Human firewall
  • Security and privacy frameworks
  • Cybersecurity risk management

Workshop Chairs 03/05

Workshop Chairs

Workshop Chairs Logo
Christos Xenakis
University of Piraeus, Greece
Workshop Chairs Logo
Aristeidis Farao
InQbit Innovation SRL, Romania

Technical Program Committee Chairs

Workshop Chairs Logo
Alexios Lekidis
University of Thessaly, Greece
Workshop Chairs Logo
Apostolis Zarras
Foundation for Research and Technology, Greece
Workshop Chairs Logo
Ilias Politis
ATHENA Research Centre, Greece
Workshop Chairs Logo
Chistoforos Dadoyan
Ionian University, Greece

Dissemination Chairs

Workshop Chairs Logo
Aggeliki Panou
University of Piraeus, Greece
Workshop Chairs Logo
Raisia Gorbunov
InQbit Innovation SRL, Romania

Program Committee

Stefan More | Graz University of Technology and Secure Information Technology Center Austria (A-SIT), Austria
Blaž Podgorelec | Graz University of Technology and Secure Information Technology Center Austria (A-SIT), Austria
Michail Bampatsikos | University of Piraeus, Greece
Vaios Bolgouras | University of Piraeus, Greece
Giannis Chouchoulis | InQbit, Romania
Athanasios Vasileios Grammatopoulos | University of Piraeus, Greece
Christian Leka | University of Piraeus, Greece
Giannis Makropodis | InQbit, Romania
George Paparis | University of Piraeus, Greece
Georgios Petihakis | University of Piraeus, Greece
Martiño Rivera Dourado | Universidade da Coruña, Spain
Ioannis Stylianou | University of Piraeus, Greece
Michalis Takaronis | University of Piraeus, Greece
Anastassis Voudouris | University of Piraeus, Greece

Submission 04/05

Important Dates

Submission Deadline Apr 30, 2024
Author Notification May 17, 2024
Proceedings Version Jun 18, 2024
Conference Jul 30 — Aug 02, 2024

Accepted Paper

Advanced methods for generalizing time and duration during dataset anonymization
Jenno Verdonck (DistriNet, KU Leuven, Belgium), Kevin De Boeck (DistriNet, KU Leuven, Belgium), Michiel Willocx (DistriNet, KU Leuven, Belgium), Vincent Naessens (DistriNet, KU Leuven, Belgium)
Full Paper
Time is an often recurring quasi-identifying attribute in many datasets. Anonymizing such datasets requires generalizing the time attribute(s) in the dataset. Examples are start dates and durations, which are traditionally generalized leading to intervals that do not embrace the relation between time attributes. This paper presents advanced methods for creating generalization hierarchies for time data. We propose clustering-based and Mondrian-based techniques to construct generalization hierarchies. These approaches take into account the relation between different time attributes and are designed to improve the utility of the anonymized data. We implemented these methods and conducted a set of experiments comparing them to traditional generalization strategies. The results show that our proposed methods improve the utility of the data for both statistical analysis and machine learning applications. Our approach demonstrates a significant increase in hierarchy quality and configuration flexibility, demonstrating the potential of our advanced techniques over existing methods.
Workshop IWAPS
ARGAN-IDS: Adversarial Resistant Intrusion Detection Systems using Generative Adversarial Networks
João Costa (INOV INESC Inovação, Portugal), Filipe Apolinário (INOV INESC Inovação, Portugal), Carlos Ribeiro (Universidade de Lisboa, Portugal)
Full Paper
Neural Networks (NNs) are not secure enough to be deployed on security-critical tasks such as Network Intrusion Detection Systems(NIDS). NNs are vulnerable to Adversarial Attacks (AAs), which affect their accuracy in identifying malicious activity, by introducing perturbations on network traffic. This work proposes "Adversarial Resistant Intrusion Detection Systems using GANs" (ARGAN-IDS) a method to address these vulnerabilities. ARGAN-IDS is implemented as a Generative Adversarial Network (GAN) trained on network traffic to protect NIDS. ARGAN-IDS, greatly mitigates the impact of AAs, achieving comparable results to a non-perturbed execution. We show GANs have limitations in differentiating between malicious traffic and traffic altered by AAs. And we address this in ARGAN-IDS by training the GAN on network traffic containing malicious packets. This enhancement significantly improved the GAN’s performance, enabling it to identify even highly perturbed adversarial attacks effectively. ARGAN-IDS acts as a neutralizer of perturbations introduced by AAs and mitigates the NIDS vulnerabilities. We have integrated ARGAN-IDS with a state-of-the-art anomaly-based detector, Kitsune. We achieve a reduction of 99.27% of false positives and an improvement of 99.29% of the true negatives, leading to an improvement of roughly 36.75% in overall system accuracy while under AAs.
Workshop IWAPS
Multimodal Security Mechanisms for Critical Time Systems using blockchain in Chriss project
Mari-Anais Sachian (BEIA CONSULT INTERNATIONAL, Romania), George Suciu (BEIA CONSULT INTERNATIONAL, Romania), Maria Niculae (BEIA CONSULT INTERNATIONAL, Romania), Adrian Paun (BEIA CONSULT INTERNATIONAL, Romania), Petrica Ciotirnae (BEIA CONSULT INTERNATIONAL, Romania), Ivan Horatiu (BEIA CONSULT INTERNATIONAL, Romania), Cristina Tudor (BEIA CONSULT INTERNATIONAL, Romania), Robert Florescu (BEIA CONSULT INTERNATIONAL, Romania)
Full Paper
This paper presents an in-depth exploration of blockchain architecture within the context of the CHRISS (Critical infrastructure
High accuracy and Robustness increase Integrated Synchronization Solutions) project. Specifically, the focus lies on elucidating the design principles, functionalities, and security measures embedded within the blockchain architecture envisioned for CHRISS. The CHRISS project endeavors to revolutionize critical infrastructure, particularly in telecommunications networks, by integrating Galileo-based timing distribution with blockchain technology. By leveraging blockchain’s inherent characteristics, such as immutability, decentralization, and cryptographic security, the architecture aims to enhance the resilience and security of time distribution services, thereby mitigating risks associated with GNSS signal interference, jamming, spoofing, and cyber-attacks. This paper delves into the intricacies of the envisioned blockchain architecture, elucidating its functionalities tailored to the specific needs of CHRISS.

Furthermore, it outlines the modalities employed to ensure secure transfer of information between the Timing Synchronization Unit (TSU) and the blockchain, as well as among entities within the blockchain ecosystem. Through a comprehensive analysis of blockchain architecture, this paper not only sheds light on the technical underpinnings of CHRISS but also underscores its potential to revolutionize critical infrastructure by providing robust, secure, and resilient time synchronization solutions.
Workshop IWAPS
Just Rewrite It Again: A Post-Processing Method for Enhanced Semantic Similarity and Privacy Preservation of Differentially Private Rewritten Text
Stephen Meisenbacher (Technical University of Munich, Germany), Florian Matthes (Technical University of Munich, Germany)
Full Paper
The study of Differential Privacy (DP) in Natural Language Processing often views the task of text privatization as a rewriting task, in which sensitive input texts are rewritten to hide explicit or implicit private information. In order to evaluate the privacy-preserving capabilities of a DP text rewriting mechanism, empirical privacy tests are frequently employed. In these tests, an adversary is modeled, who aims to infer sensitive information (e.g., gender) about the author behind a (privatized) text. Looking to improve the empirical protections provided by DP rewriting methods, we propose a simple post-processing method based on the goal of aligning rewritten texts with their original counterparts, where DP rewritten texts are rewritten again. Our results shown that such an approach not only produces outputs that are more semantically reminiscent of the original inputs, but also texts which score on average better in empirical privacy evaluations. Therefore, our approach raises the bar for DP rewriting methods in their empirical privacy evaluations, providing an extra layer of protection against malicious adversaries.
Workshop IWAPS
PAKA: Pseudonymous Authenticated Key Agreement without bilinear cryptography
Raphael Schermann (Institute of Technical Informatics, Graz University of Technology, Austria), Simone Bussa (Department of Control and Computer Engineering, Politecnico di Torino, Italy), Rainer Urian (Infineon Technologies AG, Augsburg, Germany), Roland Toegl (Infineon Technologies Austria AG, Austria), Christian Steger (Institute of Technical Informatics, Graz University of Technology, Austria)
Full Paper
Anonymity and pseudonymity are important concepts in the domain of the Internet of Things. The existing privacy-preserving key agreement schemes are only concerned with maintaining the privacy of the communicated data that appears on the channel established between two honest entities. However, privacy should also include anonymity or pseudonymity of the device identity. This means there should not exist any correlation handle to associate different communications done by the device.

This paper proposes a privacy-preserving key agreement method, called Pseudonymous Authenticated Key Agreement Protocol (PAKA), that also provides device unlinkability across different domains. This protocol is based on an Elliptic-Curve Diffie-Hellman using standard cryptographic primitives and curves, i.e., no pairing-based cryptography or other computationally intensive cryptography is necessary.

For the security analysis, we provide a mathematical proof and an automatic cryptographic protocol verification utilizing Proverif. Last, we show the integration with the Trusted Platform Module and a Proof-of-Concept implementation.
Workshop IWAPS
SYNAPSE - An Integrated Cyber Security Risk & Resilience Management Platform, With Holistic Situational Awareness, Incident Response & Preparedness Capabilities
Panagiotis Bountakas (Sphynx Technology Solutions, Switzerland), Konstantinos Fysarakis (Sphynx Technology Solutions, Switzerland), Thomas Kyriakakis (Dienekes SI IKE, Greece), Panagiotis Karafotis (Dienekes SI IKE, Greece), Sotiropoulos Aristeidis (AEGIS IT RESEARCH GmbH, Germany), Maria Tasouli (Insuretics Limited, Cyprus), Cristina Alcaraz (University of Malaga, Spain), George Alexandris (Nodalpoint Systems, Greece), Vassiliki Andronikou (Nodalpoint Systems, Greece), Tzortzia Koutsouri (Cyberalytics Limited, Cyprus), Romarick Yatagha (Framatome, Germany), George Spanoudakis (Sphynx Technology Solutions, Switzerland), Sotiris Ioannidis (Dienekes SI IKE, Greece), Fabio Martinelli (Consiglio Nazionale delle Ricerche, Italy), Oleg Illiashenko (Consiglio Nazionale delle Ricerche, Italy)
Full Paper
In an era of escalating cyber threats, the imperative for robust and comprehensive cybersecurity measures has never been more pressing. To address this challenge, SYNAPSE presents a pioneering approach by conceptualising, designing, and delivering an Integrated Cyber Security Risk \& Resilience Management Platform. This platform embodies a holistic framework, synthesising key elements of situational awareness, incident response, and preparedness (i.e., cyber range), augmented by advanced AI capabilities. Through its holistic approach, SYNAPSE aims to elevate cyber resilience by not only mitigating threats but also fostering a culture of proactive defence, informed decision-making, and collaborative response within organisations and across industries.
Workshop IWAPS
Towards 5G Advanced network slice assurance through isolation mechanisms
Alexios Lekidis (University of Thessaly, Greece)
Full Paper
The sixth generation of telecommunication network (6G) offers even faster data rates, lower latency, greater reliability, and higher device density than the currently available 5G infrastructure. Nevertheless, simultaneously to these advancements include several challenges in different domains slowing substantially the transition to it. Hence, 3GPP opts to gradually tackle these challenges in a second phase 5G Advanced release. One of the most significant challenges amongst them lies in the constantly increasing threat landscape from the use of Network Function Virtualization (NFV) technologies for offering services over a shared mobile infrastructure. A mechanism that allows protection against attacks over established network slices is network isolation. This paper proposes isolation schemes to tackle the threats that arise in 5G slices. Such schemes are integrated in a Slice Manager components, responsible for the implementation of a fully-automated orchestration and lifecycle management of network slices as well as their individual network segments. The schemes are implemented through Quality of Service (QoS) policies in an Electric Vehicle (EV) charging infrastructure, which includes the EV charging stations, the management platform, a Slice Manager on the edge segment as well as the orchestration components in a Ultra-Reliable Low Latency Communications (URLLC) network slice.
Workshop IWAPS
Entity Recognition on Border Security
George Suciu (Beia Consult Int, Romania), Mari-Anais Sachian (Beia Consult Int, Romania), Razvan Bratulescu (Beia Consult Int, Romania), Kejsi Koci (Beia Consult Int, Romania), Grigor Parangoni (Beia Consult Int, Romania)
Full Paper
Entity recognition, also known as named entity recognition (NER), is a fundamental task in natural language processing (NLP) that involves identifying and categorizing entities within text. These entities, such as names of people, organizations, locations, dates, and numerical values, provide structured information from unstructured text data. NER models, ranging from rule-based to machine learning-based approaches, decode linguistic patterns and contextual information to extract entities effectively. This article explores the roles of entities, tokens, and NER models in NLP, detailing their significance in various applications like information retrieval and border security. It delves into the practices of implementing NER in legal document analysis, travel history analysis, and document verification, showcasing its transformative impact in streamlining processes and enhancing security measures. Despite challenges such as ambiguity and data scarcity, ongoing research and emerging trends in multilingual NER and ethical considerations promise to drive innovation in the field. By addressing these challenges and embracing new developments, entity recognition is poised to continue advancing NLP capabilities and powering diverse real-world applications.
Workshop IWAPS
Integrating Hyperledger Fabric with Satellite Communications: A Revolutionary Approach for Enhanced Security and Decentralization in Space Networks
Anastassios Voudouris (University of Piraeus, Greece), Aristeidis Farao (University of Piraeus, Greece), Aggeliki Panou (University of Piraeus, Greece), John Polley (School of Communication, University of Southern California, United States), Christos Xenakis (University of Piraeus, Greece)
Full Paper
This paper explores the integration of blockchain technology, specifically Hyperledger Fabric, with satellite communications to enhance the security and reliability of global navigation satellite systems (GNSS). Given the inherent vulnerabilities in satellite systems, such as the susceptibility to various cyberattacks and the risk posed by GNSS signal attacks, this research proposes a novel security framework. By leveraging the decentralized and immutable nature of blockchain, the paper aims to fortify the integrity and verification of GNSS data. This is achieved through a consensus mechanisms that aims to prevent unauthorized data alterations, as well as, to provide robust anti-spoofing and anti-jamming capabilities. The integration of blockchain with satellite communications not only ensures data security but also fosters a transparent and decentralized operational model by enhancing the trustworthiness of satellite-derived data. This paper also outlines the current state-of-the-art, the architecture of the proposed solution, and discusses the potential challenges and future research directions in optimizing blockchain for space applications.
Workshop IWAPS
AIAS: AI-ASsisted cybersecurity platform to defend against adversarial AI attacks
Georgios Petihakis (University of Piraeus, Greece), Aristeidis Farao (University of Piraeus, Greece), Panagiotis Bountakas (University of Piraeus, Greece), Athanasia Sabazioti (Department of Tourism Studies, University of Piraeus, Greece), John Polley (School of Communication, University of Southern California, Greece), Christos Xenakis (University of Piraeus, Greece)
Full Paper
The increasing integration of Artificial Intelligence (AI) in critical sectors such as healthcare, finance, and cybersecurity has simultaneously exposed these systems to unique vulnerabilities and cyber threats. This paper discusses the escalating risks associated with adversarial AI and outlines the development of the AIAS framework. AIAS is a comprehensive, AI-driven security solution designed to enhance the resilience of AI systems against such threats. We introduce the AIAS platform that features advanced modules for threat simulation, detection, mitigation, and deception, using adversarial defense techniques, attack detection mechanisms, and sophisticated honeypots. The platform leverages explainable AI (XAI) to improve the transparency and effectiveness of threat countermeasures. Through meticulous analysis and innovative methodologies, AIAS aims to revolutionize cybersecurity defenses, enhancing the robustness of AI systems against adversarial attacks while fostering a safer deployment of AI technologies in critical applications. The paper details the components of the AIAS platform, explores its operational framework, and discusses future research directions for advancing AI security measures.
Workshop IWAPS
NITRO: an Interconnected 5G-IoT Cyber Range
Aristeidis Farao (University of Piraeus, Greece), Christoforos Ntantogian (Ionian University - Department of Informatics, Greece), Stylianos Karagiannis (Ionian University - Department of Informatics, Greece), Emmanouil Magkos (Ionian University - Department of Informatics, Greece), Alexandra Dritsa (University of Piraeus, Greece), Christos Xenakis (University of Piraeus, Greece)
Full Paper
In the contemporary digital landscape, the convergence of Fifth Generation (5G) wireless technology and the Internet of Things (IoT) has ushered in an era of unprecedented connectivity and innovation. This synergy promises to revolutionize industries ranging from healthcare and transportation to manufacturing and agriculture. However, with the proliferation of connected devices and the exponential growth of data transmission, the cybersecurity landscape faces increasingly complex challenges. One of the primary rationales for the implementation of a 5G-IoT Cyber Range lies in the imperative need for comprehensive training programs tailored to the unique characteristics of 5G and IoT technologies. Unlike traditional networks, 5G infrastructure introduces novel architectural paradigms, including network slicing and edge computing, which demand specialized skill sets among cybersecurity professionals. Moreover, the heterogeneity and sheer volume of IoT devices exacerbate the attack surface, rendering conventional cybersecurity methodologies inadequate. Challenges such as interoperability issues, resource constraints, and the dynamic nature of IoT deployments further compound the complexity of securing 5G-enabled IoT ecosystems.
Workshop IWAPS
Immutability and non-repudiation in the exchange of key messages within the EU IoT-Edge-Cloud Continuum
Salvador Cuñat (Universitat Politècnica de València, Spain), Raúl Reinosa (Universitat Politècnica de València, Spain), Ignacio Lacalle (Universitat Politècnica de València, Spain), Carlos E. Palau (Universitat Politècnica de València, Spain)
Full Paper
The work reflects about the importance of trust in data exchanges in the context of ever-increasing distributed computing ecosystems. It proposes the utilisation of an open-source technology that implements a direct acyclic graph incorporating peer nodes to validate messages in a decentralised network. The tool, IOTA, promises to solve the hindrances of blockchain solutions in highly heterogeneous, IoT-assimilable scenarios, adopting a more lightweight approach, removing the need of mining. The article explores the functioning of IOTA in distributed computing continuum cases, understanding the figures and mechanisms that govern the process. The authors link those reflections to the direct transfer into a research project, aerOS, that uses such a tool as intrinsic part of an IoT-Edge-Cloud continuum framework, enabling the immutability and non-repudiation of key messages in such environments. Also, the authors conclude analysing which next steps might follow to evolve from a not-fully decentralised implementation with the next releases of the tool, and the adaptations for the studied application.
Workshop IWAPS
Open V2X Management Platform Cyber-Resilience and Data Privacy Mechanisms
Alexios Lekidis (University of Thessaly, Greece), Hugo Morais (Universidade de Lisboa, Portugal)
Full Paper
Vehicle-to-Everything (V2X) technologies are recently introduced to provide enhanced connectivity between the different smart grid segments as well as Electric Vehicles (EVs). The EVs draw or power to the grid and may be used as an energy flexibility resource for households and buildings. The increased number of interconnections through is augmenting substantially the cyber-security and data privacy threats that may occur in the V2X ecosystem. In this paper, such threats are categorized in cyber-attack classes which serve as a basis to derive Tactics, Techniques and Procedures (TTPs) for the V2X ecosystem. Additionally, the sensitive data that are exchanged in charging and discharging scenarios are reviewed. Then, an analysis of the existing cyber-security mechanisms is provided and further mechanisms/tools are proposed for detecting/preventing the categorized threats, which are being developed in an Open V2X Management Platform (O-V2X-MP) within the EV4EU project. These mechanisms will provide security-by-design in the O-V2X-MP offered services as well as ensure protection in the V2X interactions.
Workshop IWAPS
Developing a Call Detail Record Generator for Cultural Heritage Preservation and Theft Mitigation: Applications and Implications
Robert Vatasoiu (Beia Consult International, Romania), Alexandru Vulpe (Beia Consult International, Romania), Robert Florescu (Beia Consult International, Romania), Mari-Anais Sachian (Beia Consult International, Romania)
Full Paper
The paper presents an overview of Call Detail Records (CDRs), important datasets within the telecommunications industry that capture detailed information about telephonic activities. CDRs encompass a vast array of metadata, including the date, time, duration, source, destination of calls, and more specific details like service type, call status, and location data. Through a meticulous examination, this paper highlights the significant potential of CDRs in various applications, ranging from telecom fraud detection, urban planning, disaster readiness, to novel methodologies for predicting socio-economic metrics like poverty. We discuss specific use cases, demonstrating the critical role of CDRs in identifying SIM box fraud, analyzing urban mobility, and enhancing emergency response strategies through sophisticated data analysis techniques. Furthermore, we introduce a novel CDR Generator Solution developed within the RITHMS project (G.A. 101073932) aimed at detecting suspicious activities around archaeological sites. The tool leverages modern technologies, including Python, Streamlit, and Folium, to generate synthetic CDRs based on selected geographic areas, demonstrating the applicability of CDRs in safeguarding cultural heritage. By integrating theoretical insights with practical applications, this paper underscores the versatility of CDRs in advancing not only telecommunications but also broader societal objectives.
Workshop IWAPS
Join ARES 2025!

Join us at ARES 2025 in Ghent, Belgium