Cashing out crypto: state of practice in ransom payments

The fast pace of blockchain technology and cryptocurrencies’ evolution makes people vulnerable to financial fraud and provides a relatively straightforward monetisation mechanism for cybercriminals, in particular ransomware groups which exploit crypto’s pseudo-anonymity properties. At the same time, regulatory efforts for addressing crimes related to crypto assets are emerging worldwide. In this work, we shed light on the current state of practice of ransomware monetisation to provide evidence of their payment traceability, explore future trends, and—above all—showcase that over-regulating cryptocurrencies is not the best way to mitigate their risks. For that purpose, first, we provide an overview of the legislative initiatives currently taken by the USA, the EU, and the OECD to regulate cryptocurrencies, showing that strict laws and the divergences between the regulatory regimes can hardly efficiently regulate the global phenomenon of cryptocurrency, which transcends borders and states. Next, we focus on illicit payments in bitcoin to ransomware groups, illustrating how these payments are siphoned off and how criminals cash out the ransom, often leaving traceable evidence behind. To this end, we leverage a publicly available dataset and a set of state-of-the-art blockchain analysis tools to identify payment patterns, trends, and transaction trails, which are provided in an anonymised form. Our work reveals that a significant amount of illicit bitcoin transactions can be easily traced, and consequently, many cyber crimes like ransomware can actually be tracked down and investigated with existing tools and laws, thus providing fertile ground for better and fairer legislation on crypto

Emotional intelligence in object oriented multimodal user interfaces for mobile learning and e-learning

Το πεδίο της κινητής τεχνολογίας λογισμικού αποτελεί σημαντικό ερευνητικό στόχο της διατριβής, με βασική επικέντρωση στην παροχή εκπαιδευτικού λογισμικού και συγγραφικών εργαλείων για εκπαιδευτές. Το προκύπτον σύστημα «Mobile Tutor» ενσωματώνει μηχανισμούς συλλογιστικής σε σχέση με τους χρήστες, όπως η μοντελοποίηση των χρηστών, καθώς και τεχνικές προσαρμοστικότητας (adaptivity) στον χρήστη και στο περιβάλλον λειτουργίας της εκάστοτε κινητής συσκευής. Η ενσωμάτωση των ευφυών αυτών μηχανισμών στην κινητή τεχνολογία λογισμικού αποτελεί σημαντική καινοτομία και συνεισφορά αυτής της διατριβής. Η προσαρμοστικότητα του συστήματος στο περιβάλλον της εκάστοτε διεπαφής είναι ιδιαίτερης σημασίας, αφού επιτρέπει την προσαρμογή της παρουσίασης της μεταδιδόμενης πληροφορίας ανάλογα με τη κινητή συσκευή του κάθε χρήστη. Κύρια ενότητα της διατριβής αποτελεί το πεδίο της συναισθηματικής αλληλεπίδρασης ανθρώπου-υπολογιστή, με απώτερο στόχο την εν δυνάμει ενσωμάτωση του πεδίου αυτού στην κινητή τεχνολογία λογισμικού. Η συναισθηματική αλληλεπίδραση ανθρώπου-υπολογιστή περιλαμβάνει την αναγνώριση των συναισθημάτων των χρηστών από τους υπολογιστές, καθώς και την παραγωγή συναισθηματικών καταστάσεων από την πλευρά του υπολογιστή, μέσω βοηθών-πρακτόρων. Τόσο η παραγωγή, όσο και η αναγνώριση συναισθηματικών καταστάσεων μελετήθηκε στο πλαίσιο της παρούσας διατριβής, ενώ ενισχύθηκε και η πεποίθηση και η σημασία της αλληλοσύνδεσης και αλληλεξάρτησής τους

Session Fingerprinting in Android via Web-to-App Intercommunication

The extensive adoption of mobile devices in our everyday lives, apart from facilitating us through their various enhanced capabilities, has also raised serious privacy concerns. While mobile devices are equipped with numerous sensors which offer context-awareness to their installed apps, they can also be exploited to reveal sensitive information when correlated with other data or sources. Companies have introduced a plethora of privacy invasive methods to harvest users’ personal data for profiling and monetizing purposes. Nonetheless, up till now, these methods were constrained by the environment they operate, e.g., browser versus mobile app, and since only a handful of businesses have actual access to both of these environments, the conceivable risks could be calculated and the involved enterprises could be somehow monitored and regulated. This work introduces some novel user deanonymization approaches for device and user fingerprinting in Android. Having Android AOSP as our baseline, we prove that web pages, by using several inherent mechanisms, can cooperate with installed mobile apps to identify which sessions operate in specific devices and consequently further expose users’ privacy

Object-oriented user interfaces for personalized mobile learning

This book presents recent research in mobile learning and advanced user interfaces. It is shown how the combination of this fields can result in personalized educational software that meets the requirements of state-of-the-art mobile learning software. This book provides a framework that is capable of incorporating the software technologies, exploiting a wide range of their current advances and additionally investigating ways to go even further by providing potential solutions to future challenges. The presented approach uses the well-known Object-Oriented method in order to address these challenges. Throughout this book, a general model is constructed using Object-Oriented Architecture. Each chapter focuses on the construction of a specific part of this model, while in the conclusion these parts are unified. This book will help software engineers build more sophisticated personalized software that targets in mobile education, while at the same time retaining a high level of adaptivity and user-friendliness within human-mobile interaction.