I am hiring!

Interested in doing research on System security, Internet of Things, trust technology or web security? Then please send me an e-mail. I am always looking for good candidates for PhD, junior or senior researcher and also as a professor.

Find more info about our new results on behavioural biometrics here.

Find more info about the CINI Cyber Security National Lab i am involved with, by clicking on its logo Cyber Security National Lab .

Applications to the CyberChallenge CTF 2024 are open.

News

  • Dec 2023
    Our paper OAuth 2.0 Redirect URI Validation Falls Short, Literally" has been presented at ACSAC 2023 by Elsevier.
  • July 2023
    Our paper AppBox: A Black-Box Application Sandboxing Technique for Mobile App Management Solutions" has been presented at IEEE ISCC 2023.
  • Feb. 2023
    Our paper "A Survey of Human-Computer Interaction (HCI) & Natural Habits-based Behavioural Biometric Modalities for User Recognition Schemes" has been accepted at Pattern Recognition Journal published by Elsevier.
  • Dec. 2022
    Our paper "AI-enabled IoT Penetration Testing: State-of-the-art and Research Challenges" has been accepted at Enterprise Information Systems Journal published by Taylor & Francis.
  • FloodGate: A Micropayment Incentivized P2P Content Delivery Network


    Project description
    Floodgate is a research peer-to-peer architecture that aims at providing a scalable Content Delivery Network-like system by incentivising the peers to share their resources for monetary benefits. How is it different P2P protocols like BitTorrent use the tit-for-tat mechanism to 'force' peers to upload content while they are downloading. This approach however has several problems. Attacks aimed at downloading more than the fair share of content have been proposed and implemented in real-world. Furthermore, there is no real incentive to seed the content (i.e. keep uploading after the download has been completed). This impairs the use P2P technologies as a mean of providing a viable CDN. Floodgate is a micropayment supported P2P protocol with the aim of incetivizing the peers to upload the content fairly as well as to seed the content. How does it work? The figure below sums up the basic steps in the protocol.


    The network is managed by a central entity T. Each customer (peer) wishing to join the network registers and creates an account with T, the account being tied to a real-world monetary account like credit card or bank account. The content provider T controls the tracker as well as the web server that serves the torrent file. Once a peer c1 registers itself with T and creates an account, when it wishes to download a content, it searches for the associated torrent file in a known public repository operated by T and downloads it. c1 then contacts the tracker specified in the torrent file. The tracker replies with the list of peers in the network who are in various stages of downloading or seeding the content. In addition, it also sends to c1 micropayment tokens that can be used by the peer to pay for content pieces it successfully downloads from various peers in the network. Just as in BitTorrent, the peer then contacts other peers in the list given by the tracker to start downloading pieces of the content. After each successful download of a piece, c1 sends the appropriate micropayment token to the peer from which it downloaded the piece. Each received token is redeemable at T in the form of future download credit or other payment options like cash, as the case may be. The exact business model adopted by T is independent of the working of Floodgate, making Floodgate more flexible.

    Software:
    Version 1.0 of the Floodgate sourc code, based on the BitTorrent 5.0.7 reference implementation is available for download here, under the same license as the BitTorrent itself - 'BitTorrent Open Source License'. This code was released on 30th July, 2008.
    People: Bruno Crispo, Muhammad Rizwan Asghar, Srijith Nair, Andrew Tanenbaum, Erik Zentveld
    Publications:
    • Srijith K. Nair, Erik Zentveld, Bruno Crispo, Andrew S. Tanenbaum, "Floodgate: A Micropayment Incentivised P2P Content Delivery Network ". Proceedings of the 17th Internation Conference on Computer Communications and Networks. (ICCCN 2008) Virgin Islands, USA, August 2008, pages 291-298 pdf