Safer in the Clouds (Extended Abstract)

We outline the design of a framework for modelling cloud computing systems.The approach is based on a declarative programming model which takes the form of a lambda-calculus enriched with suitable mechanisms to express and enforce application-level security policies governing usages of resources available in the clouds. We will focus on the server side of cloud systems, by adopting a pro-active approach, where explicit security policies regulate server's behaviour.Comment: In Proceedings ICE 2010, arXiv:1010.530

Designing Secure Ethereum Smart Contracts: A Finite State Machine Based Approach

The adoption of blockchain-based distributed computation platforms is growing fast. Some of these platforms, such as Ethereum, provide support for implementing smart contracts, which are envisioned to have novel applications in a broad range of areas, including finance and Internet-of-Things. However, a significant number of smart contracts deployed in practice suffer from security vulnerabilities, which enable malicious users to steal assets from a contract or to cause damage. Vulnerabilities present a serious issue since contracts may handle financial assets of considerable value, and contract bugs are non-fixable by design. To help developers create more secure smart contracts, we introduce FSolidM, a framework rooted in rigorous semantics for designing con- tracts as Finite State Machines (FSM). We present a tool for creating FSM on an easy-to-use graphical interface and for automatically generating Ethereum contracts. Further, we introduce a set of design patterns, which we implement as plugins that developers can easily add to their contracts to enhance security and functionality

A Methodology for Abstracting the Physical Layer of Direct V2X Communications Technologies

Recent advancements in vehicle-to-everything (V2X) communications have greatly increased the flexibility of the physical (PHY) and medium access control (MAC) layers. This increases the complexity when investigating the system from a network perspective to evaluate the performance of the supported applications. Such flexibility, in fact, needs to be taken into account through a cross-layer approach, which might lead to challenging evaluation processes. As an accurate simulation of the signals appears unfeasible, a typical solution is to rely on simple models for incorporating the PHY layer of the supported technologies based on off-line measurements or accurate link-level simulations. Such data are, however, limited to a subset of possible configurations, and extending them to others is costly when not even impossible. The goal of this paper is to develop a new approach for modeling the PHY layer of V2X communications that can be extended to a wide range of configurations without leading to extensive measurement or simulation campaigns at the link layer. In particular, given a scenario and starting from results in terms of the packet error rate (PER) vs. signal-to-interference-plus-noise ratio (SINR) related to a subset of possible configurations, we first approximated the curves with step functions characterized by a given SINR threshold, and we then derived one parameter, called implementation loss, that was used to obtain the SINR threshold and evaluate the network performance under any configuration in the same scenario. The proposed methodology, leading to a good trade-off among the complexity, generality, and accuracy of the performance evaluation process, was validated through extensive simulations with both IEEE 802.11p and LTE-V2X sidelink technologies in various scenarios. The results first show that the curves can be effectively approximated by using an SINR threshold, with a value corresponding to 0.5 PER, and then demonstrate that the network-level outputs derived from the proposed approach are very close to those obtained with complete curves, despite not being restricted to a few possible configurations

Effect of facade reflectance on outdoor microclimate: An Italian case study

Global warming affects the built environment with relation to its own characteristics, form, density. Heat waves effects would have limited effects if most of the cities would not be affected by Urban Heat Island that strongly increase their impacts (particularly on urban population). Does the choice of façade colours and materials contribute to this issue? The paper reports a research on a case study in Italy that tries to answer to this question comparing the trend in outdoor temperature increase closed to the building façade with relation to its colour and reflectance variations modelled by using Envi-met software. The outcomes point out that there is a correlation between the building façade reflectance and the temperature trend but this has a very limited influence on outdoor microclimate in open spaces as it varies in a range of less than 1°C

Soft information for localization-of-things

Location awareness is vital for emerging Internetof- Things applications and opens a new era for Localizationof- Things. This paper first reviews the classical localization techniques based on single-value metrics, such as range and angle estimates, and on fixed measurement models, such as Gaussian distributions with mean equal to the true value of the metric. Then, it presents a new localization approach based on soft information (SI) extracted from intra- and inter-node measurements, as well as from contextual data. In particular, efficient techniques for learning and fusing different kinds of SI are described. Case studies are presented for two scenarios in which sensing measurements are based on: 1) noisy features and non-line-of-sight detector outputs and 2) IEEE 802.15.4a standard. The results show that SI-based localization is highly efficient, can significantly outperform classical techniques, and provides robustness to harsh propagation conditions.RYC-2016-1938

Crowd-Centric Counting via Unsupervised Learning

Counting targets (people or things) within a moni-tored area is an important task in emerging wireless applications,including those for smart environments, safety, and security.Conventional device-free radio-based systems for counting targetsrely on localization and data association (i.e., individual-centric information) to infer the number of targets present in an area(i.e., crowd-centric information). However, many applications(e.g., affluence analytics) require only crowd-centric rather than individual-centric information. Moreover, individual-centric approaches may be inadequate due to the complexity of data association. This paper proposes a new technique for crowd-centric counting of device-free targets based on unsupervised learning, where the number of targets is inferred directly from a low-dimensional representation of the received waveforms. The proposed technique is validated via experimentation using an ultra-wideband sensor radar in an indoor environment.RYC-2016-1938

'Pencil Beamforming Increases Human Exposure to ElectroMagnetic Fields': True or False?

According to a very popular belief-very widespread among non-scientific communities-the exploitation of narrow beams, a.k.a. 'pencil beamforming', results in a prompt increase of exposure levels radiated by 5G Base Stations (BSs). To face such concern with a scientific approach, in this work we propose a novel localization-enhanced pencil beamforming technique, in which the traffic beams are tuned in accordance with the uncertainty localization levels of User Equipment (UE). Compared to currently deployed beamforming techniques, which generally employ beams of fixed width, we exploit the localization functionality made available by the 5G architecture to synthesize the direction and the width of each pencil beam towards each served UE. We then evaluate the effectiveness of pencil beamforming in terms of ElectroMagnetic Field (EMF) exposure and UE throughput levels over different realistic case-studies. Results, obtained from a publicly released open-source simulator, dispel the myth: the adoption of localization-enhanced pencil beamforming triggers a prompt reduction of exposure w.r.t. other alternative techniques, which include e.g., beams of fixed width and cellular coverage not exploiting beamforming. The EMF reduction is achieved not only for the UE that are served by the pencil beams, but also over the whole territory (including the locations in proximity to the 5G BS). In addition, large throughput levels-adequate for most of 5G services-can be guaranteed when each UE is individually served by one dedicated beam

Cryptocurrency scams: analysis and perspectives

Since the inception of Bitcoin in 2009, the market of cryptocurrencies has grown beyond the initial expectations, as witnessed by the thousands of tokenised assets available on the market, whose daily trades amount to dozens of USD billions. The pseudonymity features of these cryptocurrencies have attracted the attention of cybercriminals, who exploit them to carry out potentially untraceable scams. The wide range of cryptocurrency-based scams observed over the last ten years has fostered the research on the analysis of their effects, and the development of techniques to counter them. However, doing research in this field requires addressing several challenges: for instance, although a few data sources about cryptocurrency scams are publicly available, they often contain incomplete or misclassified data. Further, there is no standard taxonomy of scams, which leads to ambiguous and incoherent interpretations of their nature. Indeed, the unavailability of reliable datasets makes it difficult to train effective automatic classifiers that can detect and analyse cryptocurrency scams. In this paper, we perform an extensive review of the scientific literature on cryptocurrency scams, which we systematise according to a novel taxonomy. By collecting and homogenising data from different public sources, we build a uniform dataset of thousands of cryptocurrency scams.We devise an automatic tool that recognises scams and classifies them according to our taxonomy.We assess the effectiveness of our tool through standard performance metrics.We also give an in-depth analysis of the classification results, offering several insights into threat types, from their features to their connection with other types. Finally, we provide a set of guidelines that policymakers could follow to improve user protection against cryptocurrency scams

Analysis of Co-Channel Coexistence Mitigation Methods Applied to IEEE 802.11p and 5G NR-V2X Sidelink

Direct communication between vehicles and surrounding objects, called vehicle-to-everything (V2X), is ready for the market and promises to raise the level of safety and comfort while driving. To this aim, specific bands have been reserved in some countries worldwide and different wireless technologies have been developed; however, these are not interoperable. Recently, the issue of co-channel coexistence has been raised, leading the European Telecommunications Standards Institute (ETSI) to propose a number of solutions, called mitigation methods, for the coexistence of the IEEE 802.11p based ITS-G5 and the 3GPP fourth generation (4G) long term evolution (LTE)-V2X sidelink. In this work, several of the envisioned alternatives are investigated when adapted to the coexistence of the IEEE 802.11p with its enhancement IEEE 802.11bd and the latest 3GPP standards, i.e., the fifth generation (5G) new radio (NR)-V2X. The results, obtained through an open-source simulator that is shared with the research community for the evaluation of additional proposals, show that the methods called A and C, which require modifications to the standards, improve the transmission range of one or both systems without affecting the other, at least in low-density scenarios