Smartphone software for department of computer science

The presented document provides an overview of the Smartphone Software for Department of Computer Science project development through out several phases: analysis of the project proposal, preliminary study of the concepts involved in the project, design decisions and modeling, implementation, experiments and conclusions obtained in the end, as well as a reflection on possible future system improvements. The final version of the system, which was built after the design and implementation decisions made through out the development of the project, is a prototype mainly composed of an application for Android smartphones leaning on a distributed architecture in order to provide all its expected functionalities. Thus, the system is based on a mixture of the two main distributed systems architectural models: client-server and peer-to-peer. The functionalities that lean on the client-server architecture are those whose data are relative to information of general interest and need to be always (ideally) available: consulting news, information and schedules for courses, frequently asked questions, maps and indoors positioning. On the other hand, functionalities such as the chat system and the possibility of contacting with the students of a certain course depend on the availability of the users, so a peer-to-peer architectural model was developed to support them. Regarding the system functionalities, the in-door localization and the chat system were determined as the most relevant ones. With the aim to provide those functionalities, the choice made was to implement an in-door positioning based on the RedPin model and, on the other hand, to make use of an already existing Java solution to build a chat system by means of multicast DNS and DNS Service Discovery: JmDNS

The design and implementation of a smart-parking system for Helsinki Area

The strain on the parking infrastructure for the general public has significantly grown as a result of the ever rising number of vehicles geared by the rapid population growth in urban areas. Consequently, finding a vacant parking space has become quite a challenging task, especially at peak hours. Drivers have to cycle back and forth a number of times before they finally find where to park. This leads to increased fuel consumption, air pollution, and increased likelihood of causing accidents, to mention but a few. Paying for the parking is not straight forward either, as the ticket machines, on top of being located at a distance, in many times, they have several payment methods drivers must prepare for. A system therefore, that would allow drivers to check for the vacant parking places before driving to a busy city, takes care of the parking fee for exact time they have used, manages electronic parking permit, is the right direction towards toppling these difficulties. The main objective of this project was to design and implement a system that would provide parking occupancy estimation, parking fee payment method, parking permit management and parking analytics for the city authorities. The project had three phases. The first and the second phases used qualitative approaches to validate our hypotheses about parking shortcoming in Helsinki area and the recruitment of participants to the pilot of the project, respectively. The third phase involved the design, implementation and installation of the system. The other objective was to study the challenges a smart parking system would face at different stages of its life cycle. The objectives of the project were achieved and the considered assumption about the challenges associated with parking in a busy city were validated. A smart parking system will allow drivers to check for available parking spaces beforehand, they are able to pay for the parking fee, they can get electronic parking permits, and the city authority can get parking analytics for the city plannin

Smart mobile sensing for measuring quality of experience (QoE) in urban public transports

Tese de mestrado integrado. Engenharia Informática e Computação. Faculdade de Engenharia. Universidade do Porto. 201

Design and implementation of a positioning service in the context of smart cities

In recent decades, cities have become the global hubs of commerce, culture, science and society, being also the largest consumers of energy and the largest carbon emitters. With the objective of solving this problem, sustainable cities or "Smart Cities" are one of the objectives to be fulfilled in the 2030 Agenda. With this objective in mind and in the context of the project "Navigation and GNSS in Smart Cities -Testbed Concept Definition" (HANSEL), the student intends to design and develop a service in charge of sensor positioning based on GNSS and Cellular technologies for the subsequent treatment of the information generated for various purposes, such as the detection and location of sources of interference or GNSS and Cellular hybridization, obtaining hybrid positions, more precise than those of each system separately. This system or service is intended to be accessible to the general public via Internet (as a Software as a Service orSaaS), and takes advantage of the all the features cloud computing has to offer, both at performance and energy consumption level.En les últimes dècades, les ciutats s'han convertit en els nuclis mundials de comerç, cultura, ciència i societat, sent també les majors consumidores d'energia i les més grans emissores de carboni. Amb l'objectiu de solucionar aquesta problemàtica, les ciutats sostenibles o "SmartCities" són un dels objectius a complir en l'Agenda 2030. Amb aquest objectiu en ment i en el context del projecte "Navigation and GNSS in Smart Cities - Testbed Concept Definition"(HANSEL), l'estudiant pretén dissenyar i desenvolupar un servei a càrrec del posicionament de sensors basats en tecnologies GNSS i cel·lular per al posterior tractament de la informació generada per a diverses finalitats, com la detecció i localització de fonts d'interferència o la hibridació GNSS i cel·lular, donant lloc a posicions híbrides, més precises que les de cada sistema per separat. Aquest servei pretén ser accessible mitjançant Internet al públic general (com un Software com a servei o SaaS), i aprofita els avantatges que la computació en el núvol és capaç d'oferir tant a nivell de prestacions com a nivell d'estalvi d'energia respecte als dispositius de navegació actuals.En las últimas décadas, las ciudades se han convertido en los núcleos mundiales de comercio, cultura, ciencia y sociedad, siendo también las mayores consumidoras de energía y las más grandes emisoras de carbono. Con el objetivo de solucionar esta problemática, las ciudades sostenibles o "Smart Cities" son uno de los objetivos a cumplir en la Agenda 2030. Con este objetivo en mente y en el contexto del proyecto "Navigation and GNSS in Smart Cities - Testbed Concept Definition" (HANSEL), el estudiante pretende diseñar y desarrollar un servicio a cargo del posicionamiento de sensores basados en tecnologías GNSS y celular para el posterior tratamiento de la información generada para diversos fines, como la detección y localización de fuentes de interferencia o la hibridación GNSS y celular, dando lugar a posiciones híbridas, más precisas que las de cada sistema por separado. Dicho servicio pretende ser accesible mediante Internet al público general (como un Software como servicio o SaaS), y aprovecha las ventajas que la computación en la nube es capaz de ofrecer tanto a nivel de prestaciones como a nivel de ahorro de energía con respecto a los dispositivos de navegación actuales

A Platform for Safer and Smarter Networks

The number of devices connected to the Internet is growing exponentially. These devices include smartphones, tablets, workstations and Internet of Things devices, which offer a number of cost and time savings by automating routine tasks for the users. However, these devices also introduce a number of security and privacy concerns for the users. These devices are connected to small office/home-office (SOHO) and enterprise networks, where users have very little to no information about threats associated to these devices and how these devices can be managed properly to ensure user's privacy and data security. We proposed a new platform to automate the security and management of the networks providing connectivity to billions of connected devices. Our platform is low cost, scalable and easy to deploy system, which provides network security and management features as a service. It is consisted of two main components i.e. Securebox and Security and Management Service (SMS). Securebox is a newly designed Openflow enabled gateway residing in edge networks and is responsible for enforcing the security and management decisions provided by SMS. SMS runs a number of traffic analysis services to analyze user traffic on demand for Botnet, Spamnet, malware detection. SMS also supports to deploy on demand software based middleboxes for on demand analysis of user traffic in isolated environment. It handles the configuration update, load balancing and scalability of these middlebox deployments as well. In contrast to current state of the art, the proposed platform offloads the security and management tasks to an external entity, providing a number of advantages in terms of deployment, management, configuration updates and device security. We have tested this platform in real world scenarios. Evaluation results show that the platform can be efficiently deployed in traditional networks in an incremental manner. It also allows us to achieve similar user experience with security features embedded in the connectivity

Enabling technologies and cyber-physical systems for mission-critical scenarios

Programa Oficial de Doutoramento en Tecnoloxías da Información e Comunicacións en Redes Móbiles . 5029P01[Abstract] Reliable transport systems, defense, public safety and quality assurance in the Industry 4.0 are essential in a modern society. In a mission-critical scenario, a mission failure would jeopardize human lives and put at risk some other assets whose impairment or loss would significantly harm society or business results. Even small degradations of the communications supporting the mission could have large and possibly dire consequences. On the one hand, mission-critical organizations wish to utilize the most modern, disruptive and innovative communication systems and technologies, and yet, on the other hand, need to comply with strict requirements, which are very different to those of non critical scenarios. The aim of this thesis is to assess the feasibility of applying emerging technologies like Internet of Things (IoT), Cyber-Physical Systems (CPS) and 4G broadband communications in mission-critical scenarios along three key critical infrastructure sectors: transportation, defense and public safety, and shipbuilding. Regarding the transport sector, this thesis provides an understanding of the progress of communications technologies used for railways since the implantation of Global System for Mobile communications-Railways (GSM-R). The aim of this work is to envision the potential contribution of Long Term Evolution (LTE) to provide additional features that GSM-R would never support. Furthermore, the ability of Industrial IoT for revolutionizing the railway industry and confront today's challenges is presented. Moreover, a detailed review of the most common flaws found in Radio Frequency IDentification (RFID) based IoT systems is presented, including the latest attacks described in the literature. As a result, a novel methodology for auditing security and reverse engineering RFID communications in transport applications is introduced. The second sector selected is driven by new operational needs and the challenges that arise from modern military deployments. The strategic advantages of 4G broadband technologies massively deployed in civil scenarios are examined. Furthermore, this thesis analyzes the great potential for applying IoT technologies to revolutionize modern warfare and provide benefits similar to those in industry. It identifies scenarios where defense and public safety could leverage better commercial IoT capabilities to deliver greater survivability to the warfighter or first responders, while reducing costs and increasing operation efficiency and effectiveness. The last part is devoted to the shipbuilding industry. After defining the novel concept of Shipyard 4.0, how a shipyard pipe workshop works and what are the requirements for building a smart pipe system are described in detail. Furthermore, the foundations for enabling an affordable CPS for Shipyards 4.0 are presented. The CPS proposed consists of a network of beacons that continuously collect information about the location of the pipes. Its design allows shipyards to obtain more information on the pipes and to make better use of it. Moreover, it is indicated how to build a positioning system from scratch in an environment as harsh in terms of communications as a shipyard, showing an example of its architecture and implementation.[Resumen] En la sociedad moderna, los sistemas de transporte fiables, la defensa, la seguridad pública y el control de la calidad en la Industria 4.0 son esenciales. En un escenario de misión crítica, el fracaso de una misión pone en peligro vidas humanas y en riesgo otros activos cuyo deterioro o pérdida perjudicaría significativamente a la sociedad o a los resultados de una empresa. Incluso pequeñas degradaciones en las comunicaciones que apoyan la misión podrían tener importantes y posiblemente terribles consecuencias. Por un lado, las organizaciones de misión crítica desean utilizar los sistemas y tecnologías de comunicación más modernos, disruptivos e innovadores y, sin embargo, deben cumplir requisitos estrictos que son muy diferentes a los relativos a escenarios no críticos. El objetivo principal de esta tesis es evaluar la viabilidad de aplicar tecnologías emergentes como Internet of Things (IoT), Cyber-Physical Systems (CPS) y comunicaciones de banda ancha 4G en escenarios de misión crítica en tres sectores clave de infraestructura crítica: transporte, defensa y seguridad pública, y construcción naval. Respecto al sector del transporte, esta tesis permite comprender el progreso de las tecnologías de comunicación en el ámbito ferroviario desde la implantación de Global System for Mobile communications-Railway (GSM-R). El objetivo de este trabajo es analizar la contribución potencial de Long Term Evolution (LTE) para proporcionar características adicionales que GSM-R nunca podría soportar. Además, se presenta la capacidad de la IoT industrial para revolucionar la industria ferroviaria y afrontar los retos actuales. Asimismo, se estudian con detalle las vulnerabilidades más comunes de los sistemas IoT basados en Radio Frequency IDentification (RFID), incluyendo los últimos ataques descritos en la literatura. Como resultado, se presenta una metodología innovadora para realizar auditorías de seguridad e ingeniería inversa de las comunicaciones RFID en aplicaciones de transporte. El segundo sector elegido viene impulsado por las nuevas necesidades operacionales y los desafíos que surgen de los despliegues militares modernos. Para afrontarlos, se analizan las ventajas estratégicas de las tecnologías de banda ancha 4G masivamente desplegadas en escenarios civiles. Asimismo, esta tesis analiza el gran potencial de aplicación de las tecnologías IoT para revolucionar la guerra moderna y proporcionar beneficios similares a los alcanzados por la industria. Se identifican escenarios en los que la defensa y la seguridad pública podrían aprovechar mejor las capacidades comerciales de IoT para ofrecer una mayor capacidad de supervivencia al combatiente o a los servicios de emergencias, a la vez que reduce los costes y aumenta la eficiencia y efectividad de las operaciones. La última parte se dedica a la industria de construcción naval. Después de definir el novedoso concepto de Astillero 4.0, se describe en detalle cómo funciona el taller de tubería de astillero y cuáles son los requisitos para construir un sistema de tuberías inteligentes. Además, se presentan los fundamentos para posibilitar un CPS asequible para Astilleros 4.0. El CPS propuesto consiste en una red de balizas que continuamente recogen información sobre la ubicación de las tuberías. Su diseño permite a los astilleros obtener más información sobre las tuberías y hacer un mejor uso de las mismas. Asimismo, se indica cómo construir un sistema de posicionamiento desde cero en un entorno tan hostil en términos de comunicaciones, mostrando un ejemplo de su arquitectura e implementación

Tools and techniques for security and privacy of big data: Healthcare system as a case study

As a case study, this Master thesis will also review the state-of-the-art of security and privacy issues in big data as applied to healthcare industry

Jornadas Nacionales de Investigación en Ciberseguridad: actas de las VIII Jornadas Nacionales de Investigación en ciberseguridad: Vigo, 21 a 23 de junio de 2023

Jornadas Nacionales de Investigación en Ciberseguridad (8ª. 2023. Vigo)atlanTTicAMTEGA: Axencia para a modernización tecnolóxica de GaliciaINCIBE: Instituto Nacional de Cibersegurida

Session Fingerprinting in Android via Web-to-App Intercommunication

The extensive adoption of mobile devices in our everyday lives, apart from facilitating us through their various enhanced capabilities, has also raised serious privacy concerns. While mobile devices are equipped with numerous sensors which offer context-awareness to their installed apps, they can also be exploited to reveal sensitive information when correlated with other data or sources. Companies have introduced a plethora of privacy invasive methods to harvest users’ personal data for profiling and monetizing purposes. Nonetheless, up till now, these methods were constrained by the environment they operate, e.g., browser versus mobile app, and since only a handful of businesses have actual access to both of these environments, the conceivable risks could be calculated and the involved enterprises could be somehow monitored and regulated. This work introduces some novel user deanonymization approaches for device and user fingerprinting in Android. Having Android AOSP as our baseline, we prove that web pages, by using several inherent mechanisms, can cooperate with installed mobile apps to identify which sessions operate in specific devices and consequently further expose users’ privacy