• Distributed Resource Orchestration in Realistic 6G Wireless Systems: From Practice, to Theory, to Practice

    Conventional distributed resource management approaches in realistic 6G wireless systems with shared resources, fail to capture the deep inter-dependencies among the user behaviors, interactions, and decisions, under partial system information availability, uncertainty of system available resources, and hence, potential user/system risks and gains. In this tutorial, we first identify the practical challenges of realistic 6G wireless systems, and subsequently, introduce a series of mathematical tools and mechanisms to deal with the issues of: (i) resource sharing under incomplete/ partial information (via Contract Theory), (ii) distributed resource allocation based on Quality of Service (QoS) satisfaction (via Game Theory and Satisfaction Games), (iii) risk-aware resource sharing (via Prospect Theory). The application of the aforementioned theories and models in real-life problems in the field of bandwidth sharing in wireless networks and computing resource sharing in Multi-access Edge Computing (MEC) systems, complements the overall tutorial’s scope.

    Instructor(s)
    ▪ Symeon Papavassiliou, National Technical University of Athens, Greece
    ▪ Christos Pelekis, National Technical University of Athens, Greece
    ▪ Maria Diamanti, National Technical University of Athens, Greece

  • Self-Sovereign Identity (SSI), Decentralized Identifiers, and Verifiable Credentials with Applications to Access Control, Web Services, the Internet of Things, and Smart Cities

    Self-Sovereign Identity (SSI) is a concept that enables individuals or organization to have sole ownership of their identity and control how their personal data is shared and used. SSI allows entities to prove control of one or more identifiers without an intermediary and provides the flexibility for each entity to control which information or claims are revealed to third parties. The importance of providing citizens full control of their data and the decision of which data to disclose is a main objective of the eIDAS 2021 amendment (also referred to as eIDAS 2.0). The vulnerabilities of existing procedures in handling personal data are highlighted by unauthorized access to sensitive data due to data breaches. At the same time, it is becoming increasingly challenging for companies to ensure secure and trusted digital interaction with customers and manage employee authorizations, while there is an increasing need for inter-domain trusted communication and cross-organization authorization. SSI technology, including decentralized identifiers and Verifiable Credentials, can address the above issues in order to unleash tremendous economic potential improving the security, trust, and efficiency while also supporting the privacy of user data.

    Instructor(s)
    ▪ Nikos Fotiou, Athens University of Economics and Business, Greece
    ▪ George C. Polyzos, Athens University of Economics and Business, Greece
    ▪ Vasilios A. Siris, Athens University of Economics and Business, Greece

  • Trusted Federated Identity Management in services and SDN

    Abstract—Federated Identity Management (FIM) is a topic that has attracted the research community and enterprises to build different solutions, suited to specific needs. A few examples include: the Security Assertion Markup Language (SAML), the Open Authentication (OAuth 2.0), and OpenID Connect (OIDC) as a solution to support authentication and identification of users.

    Identity management solutions include mechanisms and architectures to exchange identity information between organisations that are federated for authentication purposes. This has the advantage inherent to the Single Sign On (SSO) process, where an user does not need to replicate login information over multiple systems.

    The evolution of 5G towards 6G will enable multiple access contexts, associated with the support of heterogeneous networks, with the support edge and cloud computing models. In such context, current FIM solutions mainly focus identity management and do not consider the possible context environments where services require user information for authentication and authorization purposes.

    Instructor(s)

    ▪ Carolina Goncalvez, University of Coimbra, Portugal
    ▪ Bruno Sousa, University of Coimbra, Portugal
    ▪ Nuno Antunes, University of Coimbra, Portugal

  • Misbehavior Detection Systems and Security for Vehicular Communication Networks

    Vehicular communication networks are susceptible to various security attacks. Due to the wireless nature of vehicular communications, how to secure vehicular networks are great challenges that have hampered the implementation of vehicular services. Many solutions have been proposed by researchers and the industry in the recent years. In this tutorial, we first present an overview of security issues for vehicular networks, followed by a survey on the state-of-the-art solutions on security for vehicular networks. After that, we present a new study on misbehavior detections in vehicular communication networks by introducing machine learning and reputation-based misbehavior detection systems to enhance the detection accuracy as well as to ensure the reliability of both vehicles and messages. Misbehavior detection systems are trained using datasets generated through extensive simulation based on the realistic vehicular network environment. We show that various machine learning schemes can be exploited in accurately identifying several misbehaviors in vehicular networks.

    Instructor(s)

    ▪ Yi Qian, University of Nebraska-Lincoln, USA

  • Malware Analysis and Detection

    Malicious software threatens the security of computer systems from desktops to cloud servers, from mobile devices to industrial systems. Malware is increasingly used by threatening actors to target private corporations, public organizations and critical infrastructures as well as individuals. Recent cases of attacks, such as SolarWinds attack and the ransomware attacks on Advantech, Canon and Cognizan, are only a few publicly known cases, that demonstrate the extent and importance of the problem. Such attacks have significant financial impact, due to damages, and lead to data leakage with unpredictable and long-term consequences. Current estimates are that the yearly cost of malware is above $ 6 trillion by 2021, while more than 350,000 new malware samples and potentially unwanted applications are detected every day.

    Significant effort is spent to design effective and efficient malware analysis and detection systems. These efforts include the use of program sample features derived from static analysis as well as from dynamic analysis. In static analysis, features are extracted from binary files without executing them. As static analysis is limited due to obfuscated malware, dynamic analysis is employed as well, where suspicious programs are executed in virtual environments and measurements are made. Features and measurements from static and dynamic analyses are provided to classifiers, which differentiate malware from benign programs, using classification techniques. Such classifiers typically employ machine learning techniques such as random forests, support vector machines and, increasingly, deep learning neural networks. In the latter case, significant amounts of reliable data are required for effective and efficient training of the classifiers.

    In this tutorial, we will present malware analysis and detection techniques and tools. First, we will cover techniques and tools for static analysis and then, we will cover dynamic analysis ones. We will present common and advanced classifiers, addressing also the problem of data availability. Finally, we will present a complete, open software platform that combines static and dynamic analysis as well classifiers for effective malware detection.

    Instructor(s)

    ▪ Dimitros Serpanos, University of Patras, Greece