Moritz Eck, Mixnets in a Distributed Ledger Remote Electronic Voting System, University of Zurich, Faculty of Business, Economics and Informatics, 2021. (Master's Thesis)
The integrity and fair execution of privacy-preserving votes and elections is a cornerstone of modern democracy. Changes to the voting process are delicate and highly debated, including the introduction of remote electronic voting (REV). REV poses a unique set of challenges as it allows citizens to cast their ballots from an uncontrolled environment (e.g., mobile phone). The legal and technical requirements increase the difficulty in digitizing votes and elections as the preservation of privacy required by law is in direct contrast to the verifiability of the system. Extensive research has been conducted over the past years trying to satisfy these requirements by applying various cryptographic techniques. Although many REV systems have been proposed in literature, few have been implemented practically. Additionally, almost all of them pursue a centralized approach, in which a single authority is trusted to handle the votes according to protocol.
By distributing the trust among the stakeholders in the system, similar to the federal structure of Switzerland, and thereby preventing a single point of failure, this work takes a different approach. A key component in the success is a distributed ledger utilized as public bulletin board to guarantee transparency, integrity and robustness through decentralization. Using established cryptographic techniques (e.g., mixnets, zero-knowledge proofs) this work further enhances the scope of Provotum, a secure and verifiable distributed REV system developed
at CSG@IfI, by enabling elections and shifting the computational burden from the voter to the voting infrastructure, allowing participation from any device.
The proposed voting protocol is implemented in a proof-of-concept and evaluated in terms of privacy, verifiability and scalability. The results show that the system can scale to nationwide elections and votes, as the computational complexity scales linearly with the number of ballots cast. Finally, possibilities for improvement and expansion are identified. |
|
Fabian Künzler, Optimizing MAC Scavenger’s Data Streaming Pipeline, University of Zurich, Faculty of Business, Economics and Informatics, 2021. (Bachelor's Thesis)
Passive wireless tracking is used to track an individual with a wireless capable device over an area covered by a network. This technology could help to monitor occupancy levels in public transport systems and buildings. To avoid being tracked, countermeasures, such as MAC-Randomization, have been implemented on WiFi capable devices.
A thesis at the University of Zurich analyzed these countermeasures and presented a system called MAC-Scavenger which circumvents them.
This thesis analyses the basic background concepts of wireless networks and passive wireless tracking. It investigates the MAC-Scavenger and its data gathering process in detail and derives requirements for an improved system. The main requirement is to simplify the existing MAC-Scavenger and therefore to make the passive wireless tracking technology available for non-computer experts. Another requirement, inferred from studies in related research, includes the secure handling of the gathered data. Based on these requirements the Web-Scavenger is implemented and documented in the scope of this thesis. The documentation shows the high level architecture as well as key implementation parts. In the end the requirements are evaluated against the implemented system. |
|
Bulin Shaqiri, Development and Refinement of a Chatbot for Cybersecurity Support, University of Zurich, Faculty of Business, Economics and Informatics, 2021. (Bachelor's Thesis)
Cybersecurity is increasingly getting the attention it deserves. At the latest now that the Covid-19 pandemic has gripped the entire world and employees are forced to work from home wherever possible, thereby creating new vulnerabilities for cyber criminals to exploit, the importance of cybersecurity is even more evident. In the past years, however, the investments as such have been rising, with the vast majority moving towards security as a service, and thus contracting on-site protection from various providers. Together with recommender systems, the sheer volume of solution alternatives can be managed, but still requires expertise to correctly specify the requirements. End-users are therefore not enabled to enter their demands in a simple and quick way. While other fields have explored conversational agents (i.e., chatbots) as possible solutions, including some approaches in cybersecurity, there has still been no work that has used such conversational agents to improve cybersecurity management. In this sense, the overall objective of this thesis is to provide a prototype that allows end-users to submit their requests for cybersecurity support, with the conversational agent then responding with accurate answers, so that the insightful information extracted from the conversation can be used by end-users during the cybersecurity decision-making process. |
|
Jonas Brunner, Payment Flow for an Open Source Donation Platform, University of Zurich, Faculty of Business, Economics and Informatics, 2021. (Bachelor's Thesis)
With platforms such as GitHub, it is easier than ever to collaborate together on open source software. It is not surprising that the use of open source software has grown over the last years. Today, from web servers to front-end frameworks, large parts of the web and software generally rely on open source software. However, many open source projects disappear after a short period, often due to lack of funding. While there exist donation platforms that address this problem, the setup is mostly time-consuming and complicated.
This thesis presents a payment flow for a donation platform that minimizes the required configuration steps on both, sponsor- and contributor-side. The platform distributes the donations among the projects and their contributors based on the analysis of a commit evaluation engine. Thereby, the platform follows an optimistic donation approach, where users can sponsor projects without registered contributors. While donations can be made using credit card payments, the payout to contributors is implemented using crypto payments. Besides the architecture and implementation of the payment flow, this thesis evaluates the transaction fees for different payout approaches. It is shown that a "pull payment" approach using an Ethereum smart contract provides a transparent and secure way to pay contributors. Additionally, the straightforward registration process is shown based on two use cases. |
|
Jan von der Assen, DDoSGrid 2.0: Integrating and Providing Visualizations for the European DDoS Clearing House, University of Zurich, Faculty of Business, Economics and Informatics, 2021. (Master's Thesis)
|
|
Valerian Rey, Pedro Miguel Sánchez Sánchez, Alberto Huertas Celdran, Gérôme Bovet, Gregorio Martínez Pérez, Burkhard Stiller, Federated Learning for Malware Detection in IoT Devices, In: ArXiv.org, No. 09994, 2021. (Working Paper)
The Internet of Things (IoT) is penetrating many facets of our daily life with the proliferation of intelligent services and applications empowered by artificial intelligence (AI). Traditionally, AI techniques require centralized data collection and processing that may not be feasible in realistic application scenarios due to the high scalability of modern IoT networks and growing data privacy concerns. Federated Learning (FL) has emerged as a distributed collaborative AI approach that can enable many intelligent IoT applications, by allowing for AI training at distributed IoT devices without the need for data sharing. In this article, we provide a comprehensive survey of the emerging applications of FL in IoT networks, beginning from an introduction to the recent advances in FL and IoT to a discussion of their integration. Particularly, we explore and analyze the potential of FL for enabling a wide range of IoT services, including IoT data sharing, data offloading and caching, attack detection, localization, mobile crowdsensing, and IoT privacy and security. We then provide an extensive survey of the use of FL in various key IoT applications such as smart healthcare, smart transportation, Unmanned Aerial Vehicles (UAVs), smart cities, and smart industry. The important lessons learned from this review of the FL-IoT services and applications are also highlighted. We complete this survey by highlighting the current challenges and possible directions for future research in this booming area. |
|
Burkhard Stiller, Muriel Figueredo Franco, Christian Killer, Sina Rafati Niya, Bruno Bastos Rodrigues, Eder John Scheid, Rafael Hengen Ribeiro, Alberto Huertas, Eryk Jerzy Schiller, Internet Economics Report XIV, Version: 1, 2021. (Technical Report)
|
|
Burkhard Stiller, Muriel Figueredo Franco, Christian Killer, Sina Rafati Niya, Bruno Bastos Rodrigues, Eder John Scheid, Rafael Hengen Ribeiro, Alberto Huertas Celdran, Eryk Jerzy Schiller, Communication Systems XIV, Version: 1, 2021. (Technical Report)
|
|
Elfat Esati, Tamper-resistant IoT-based Video Surveillance with Blockchains, University of Zurich, Faculty of Business, Economics and Informatics, 2021. (Master's Thesis)
The Internet of Things (IoT), articial intelligence (AI), and blockchain are one of the most disruptive technologies that scholars have begun evaluating. In one hand blockchain technology as a distributed decentralized peer to peer network promises to keep records of the various transactions that ever happened in a P2P network. On the other hand IoT allows virtual and physical objects to be connected together. However IoT alone comes with challenges which are centralized architecture, security, transparency, data integrity, issues with analysis of big data and vulnerability to attacks. AI plays a signicant role as a strong analytic tool and delivers a scalable and accurate analysis of data in real-time. Similarly AI faces a number of challenges: centralized architecture, security and resource limitations. Alone any of the three domains would have the potential to alter business, leisure and society. But together the synergy they produce will be unprecedented. In this paper we show that the convergence of BC, AI, and IoT will close the gaps of each of these technologies to come up with a scalable and highly secured intellectual functioning. The aim of this paper is not only to explore the synthesis of the three domains but it will also present the design and development of an IoT architecture with Blockchain (BC) and AI to support access control with facial detection and recognition. We designed and implemented an IoT-based surveillance system incorporating all the three domains that jointly work together for authentication of people allowed to enter a building. By incorporating the most state of the art technologies and algorithms we proved that three domains complement each other's weaknesses. |
|
Noah Berni, SC4CyberInsurance: Automated Cyber-Insurance Contracts, University of Zurich, Faculty of Business, Economics and Informatics, 2021. (Master's Thesis)
|
|
Burkhard Stiller, Eryk Jerzy Schiller, Corinna Schmitt, An Overview of Network Communication Technologies for IoT, In: Handbook of Internet-of-Things, Springer, Cham, Switzerland, p. 1 - 31, 2021. (Book Chapter)
|
|
Lenz Baumann, Cyrill Halter, Kronos - A Forensic Network Data Inspection Tool , 2021. (Other Publication)
|
|
Markus Knecht, Burkhard Stiller, SCUR: Smart Contracts with a Static Upper-Bound on Resource Usage, In: 19th IEEE International Conference on Trust, Security, and Privacy in Computing and Communications, IEEE, Guangzhou, China, 2020. (Conference or Workshop Paper published in Proceedings)
|
|
Sina Rafati Niya, KYoT: Self-sovereign IoT Identification with a Physically Unclonable Function , In: 45th IEEE Conference on Local Computer Networks (LCN 2020). 2020. (Conference Presentation)
|
|
Elfat Esati, Blockchain on MSP430 with IEEE 802.15.4 , In: The 45th IEEE Conference on Local Computer Networks (LCN 2020). 2020. (Conference Presentation)
|
|
Christian Killer, Bruno Rodrigues, Eder John Scheid, Muriel Figueredo Franco, Moritz Eck, Nik Zaugg, Alex Scheitlin, Burkhard Stiller, Provotum: A Blockchain-Based and End-to-End Verifiable Remote Electronic Voting System, In: IEEE 45th Conference on Local Computer Networks (LCN), IEEE, Sidney, Australia, 2020. (Conference or Workshop Paper published in Proceedings)
|
|
Sina Rafati Niya, Benjamin Jeffrey, Burkhard Stiller, KYoT: Self-sovereign IoT Identification with a Physically Unclonable Function, In: The 45th IEEE Conference on Local Computer Networks (LCN 2020), IEEE, New York, NY, USA, 2020-11-16. (Conference or Workshop Paper published in Proceedings)
|
|
Eryk Jerzy Schiller, Elfat Esati, Burkhard Stiller, Blockchain on MSP430 with IEEE 802.15.4, In: 45th IEEE Conference on Local Computer Networks (LCN 2020), IEEE, Piscataway, New Jersey, US, 2020-11-16. (Conference or Workshop Paper published in Proceedings)
This work develops an integration of Blockchains (BC) with the Internet-of-Things (IoT) using a highly constrained TelosB IoT platform based on the MSP430 processor family and CC2420 IEEE 802.15.4-compliant radio interfaces. The system is evaluated in an indoor office environment focusing on overhead and energy efficiency of BC transaction (TX) transmissions. |
|
Burkhard Stiller, Technical Foundations of Advanced (Electronic) Payment Systems , In: Auf dem Weg zu neuen digitalen Geldordnungen, UFSP Finanzmarktregulierung. 2020. (Conference Presentation)
|
|
Muriel Figueredo Franco, SecBot: a Business-Driven Conversational Agent for Cybersecurity Planning and Management , In: 16th International Conference on Network and Service Management (CNSM). 2020. (Conference Presentation)
|
|