Recent Developments in Credit Markets

We summarize recent developments in the credit derivative markets. We show the role of dependence between individual debtors in portfolio derivatives in a study of implied correlation. The risk of changing dependence structures between stock and bond markets becomes evident in an example of capital structure arbitrage. How credit derivatives can introduce new risks is illustrated by the example of "overlay” in basket derivative

Symmetry and shape on the plasmonic behaviour of nanocavities

Plasmonic nanocavities confine light in deep subwavelength volumes and in recent years have enabled unprecedented control on light-matter interactions. A characteristic example is the nanoparticle-on-mirror geometry, which allows for the fabrication of very robust plasmonic gaps with sub-nanometre accuracy. Due to the extreme field confinement, the size and shape of plasmonic nanocavities dominate their optical response. But so far, the community has mainly focused on idealized spherical nanoparticles, ignoring that during their synthesis nanoparticles actually acquire polyhedral shapes, and that many different geometries can be synthesised these days. Here, we provide a complete description of the plasmonic modes in nanocavities made of three commonly occurring polyhedral nanoparticles (cuboctahedron, rhombicuboctahedron, decahedron). We show that the shape and symmetry of these plasmonic nanocavities dominate both their near- and far-field response, with intricate and rich optical behaviour. Through a recombination technique, the total far-field emission profile is obtained for an emitter placed at various nanocavity positions, which is crucial for understanding how energy couples in and out of the nanocavity. This work paves the way towards controlling light-matter interactions in extreme plasmonic environments for various applications, such as photochemical reactions and non-linear vibrational pumping

Secure and Privacy Preserving Urban Sensing Systems

The emergence of resource-rich mobile devices and smart vehicles has paved the way for Urban Sensing. In this new paradigm, users, leveraging their sensing-capable devices, sense their environment and become part of an unprecedented large-scale network of sensors, with extensive spatial and temporal coverage, that enables the collection and dissemination of real-time information, potentially, from anywhere, about anything and at anytime. Urban sensing will facilitate the deployment of innovative applications aiming to address the ever-growing concerns for citizens' well-being by offering a better understanding of our activities and environment. Nevertheless, the openness of such systems (ideally anyone can participate) and the richness of the data users contribute unavoidably raise significant concerns both about the security of urban sensing applications and the privacy of the participating users. More specifically, users participating in urban sensing applications are expected to contribute sensed data tagged, in many cases, with spatio-temporal information. Misusing such information could reveal sensitive user-specific attributes including their whereabouts, health condition, and habits and lead to extensive and unsolicited user profiling. At the same time, the participation of large numbers of users possessing sensing- capable devices is a double-edged sword: devices can be compromised or faulty or users can be adversarial seeking to manipulate urban sensing systems by submitting intelligently crafted faulty information. This thesis considers security, resilience and privacy for urban sensing notably in two application domains: intelligent transportation systems and generic smartphone based crowd-sourced sensing applications. For these domains, we design, implement and evaluate provably secure and privacy-preserving solutions capable of protecting the users from the system (i.e., ensuring their privacy in the presence of untrustworthy infrastructure) and the system from malicious users (i.e., holding them accountable for possible system-offending actions)QC 20160229</p

Secure and Privacy Preserving Urban Sensing Systems

The emergence of resource-rich mobile devices and smart vehicles has paved the way for Urban Sensing. In this new paradigm, users sense their environment and become part of an unprecedented large-scale network of sensors, with extensive spatial and temporal coverage, that enables the collection and dissemination of real-time information, practically, from anywhere. Urban sensing can facilitate the deployment of innovative applications that can address the ever-growing concerns for citizens’ well-being. Nevertheless, the openness of such systems (ideally anyone can participate) and the richness of the data users contribute unavoidably raise significant concerns for both the security of urban sensing applications and the privacy of the participating users. In this thesis we consider different urban sensing application domains: vehicular communication networks, intelligent transportation systems and environmental monitoring applications. We begin with a detailed analysis of the security and privacy requirements of these applications domains. Our objective is to protect users from the system (by ensuring their anonymity and privacy) and urban sensing systems from malicious users (by holding malicious users accountable of their actions). This is not straight-forward; anonymity may tempt malicious user behavior, compromising the reliability of the entire urban sensing system.Towards that, we design and implement secure and privacy-preserving identity management systems that can accommodate these requirements. We demonstrate their efficiency, practicality, and scalability through extensive experimental evaluations. Furthermore, we formally evaluate formally their security and privacy preserving properties.QC 20141001</p

On the Optimal Allocation of Adversarial Resources

Security is important for mission-critical wireless sensor net-works (WSNs). This is especially so because powerful ad-versaries could compromise and control a significant frac-tion of the network nodes. A plethora of schemes has beendeveloped to secure wireless sensor networks and resilienceto sophisticated attacks has been analyzed. However, thequestion of how the adversary could deploy her resources tomaximally affect the attacked system has remained largelyunaddressed. This is the problem this paper is concernedwith: Given a number of compromised entities (nodes) andcryptographic keys, how can the adversary devise a close-to-optimal attack tactic? To the best of our knowledge, this isthe first investigation of its kind: while the basic adversarialbehavior is well-known, the problem of how the adversarycan optimally deploy her resources to maximize the attackimpact has not been considered for WSNs. We consideran abstract model of the mission-critical WSN and the ad-versary, and we find that the determination of an optimalattack is computationally hard, thus, we devise an efficientheuristic approach. An intelligent adversarial resource allo-cation indeed yields disproportional gains for the attacker.Our analysis is the first necessary step to comprehend howto best address vulnerabilities.© ACM, 2012. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in Mobicom'12 The 18th Annual International Conference on Mobile Computing and Networking, http://doi.acm.org/10.1145/2348656.2348666QC 20130110</p

Data Verification andPrivacy-respecting User Remuneration in Mobile Crowd Sensing

The broad capabilities of current mobile devices have paved the way forMobile Crowd Sensing (MCS) applications. The success of this emergingparadigm strongly depends on the quality of received data which, in turn, iscontingent to mass user participation; the broader the participation, the moreuseful these systems become. This can be achieved if users are gratified fortheir contributions while being provided with strong guarantees for the securityand the privacy of their sensitive information. But this very openness is adouble-edge sword: any of the participants can be adversarial and pollute thecollected data in an attempt to degrade the MCS system output and, overall,its usefulness. Filtering out faulty reports is challenging, with practically noprior knowledge on the participants trustworthiness, dynamically changingphenomena, and possibly large numbers of compromised devices. This workpresents a holistic framework that can assess user-submitted data and siftmalicious contributions while offering adequate incentives to motivate usersto submit better quality data. With a rigorous assessment of our systemâAZssecurity and privacy protection complemented by a detailed experimentalevaluation, we demonstrate its accuracy, practicality and scalability. Overall,our framework is a comprehensive solution that significantly extends thestate-of-the-art and can catalyze the deployment of MCS applications.QC 20160129</p

Allocating adversarial resources in wireless networks

A plethora of security schemes for wireless sensor networks (WSNs) has been proposed and their resilience to various attacks analyzed; including situations the adversary compromises a subset of the WSN nodes and/or deploys own misbehaving devices. The higher the degree of such intrusion is, the more effective an attack will be. Consider, however, an adversary that is far from omnipotent: How should she attack, how should she deploy her resources to maximally affect the attacked WSN operation? This basic question has received little attention, with one approach considering genetic algorithms for devising an attack strategy [5]. In this work, we recast the problem towards a more systematic treatment and more computationally efficient solutions: a combination of a genetic algorithm with a convex relaxation, and an l(1)-constraint formulation. The devising of near-optimal attack strategies efficiently strengthens the adversary, allowing her to adapt and mount effective and thus harmful attacks even in complex and dynamically changing settings.QC 20131218</p

Android Privacy C(R)ache : Reading your External Storageand Sensors for Fun and Profit

Android's permission system empowers informed privacy decisions when installing third-party applications.  However, examining the access permissions is not enough to assess privacy exposure; even seemingly harmless applications can severely expose user data. This is what we demonstrate here: an application with the common READ_EXTERNAL_STORAGE and the INTERNET permissions can be the basis of extracting and inferring a wealth of private information. What has been overlooked is that such a ``curious'' application can prey on data stored in the Android's commonly accessible external storage or on unprotected phone sensors. By accessing and stealthily extracting data thought to be unworthy of protection, we manage to access highly sensitive information: user identifiers and habits. Leveraging data-mining techniques, we explore a set of popular applications, establishing that there is a clear privacy danger for numerous users installing innocent-looking and but, possibly, ``curious'' applications.QC 20160129</p