Constantinos Patsakis

• Professor (Associate) at University of Piraeus

The InterPlanetary File System~(IPFS) offers a decentralized approach to file storage and sharing, promising resilience and efficiency while also realizing the Web3 paradigm. Simultaneously, the offered anonymity raises significant questions about potential misuse. In this study, we explore methods that malicious actors can exploit IPFS to upload a...

The double-edged sword of continuous digitization of services and systems opens the door to a myriad of beneficial opportunities, as well as challenging threats. Currently, ransomware is catalogued as the first threat in cybersecurity due to its impact on organizations, critical infrastructure, industry, and society as a whole. Thus, devoting effor...

The continuous increase in malware samples, both in sophistication and number, presents many challenges for organizations and analysts, who must cope with thousands of new heterogeneous samples daily. This requires robust methods to quickly determine whether a file is malicious. Due to its speed and efficiency, static analysis is the first line of...

The proliferation of malware, particularly through the use of packing, presents a significant challenge to static analysis and signature-based malware detection techniques. The application of packing to the original executable code renders extracting meaningful features and signatures challenging. To deal with the increasing amount of malware in th...

The significant increase in software production driven by automation and faster development lifecycles has resulted in a corresponding surge in software vulnerabilities. In parallel, the evolving landscape of software vulnerability detection, highlighting the shift from traditional methods to machine learning and large language models (LLMs), provi...

The goal of this chapter is to illuminate the operational frameworks, key actors, and significant cybersecurity implications of the malware as a service (MaaS) ecosystem. Highlighting the transformation of malware proliferation into a service-oriented model, the chapter discusses how MaaS democratises access to sophisticated cyberattack capabilitie...

The constant arms race between malware authors and defenders has significantly raised the bar for both sides in terms of sophistication. One of the results of the above is that the bulk of modern malware comes in an obfuscated and packed form, armoured with several anti-analysis features. This is to prevent, or at least delay, their analysis, extra...

The escalating complexity and impact of cyber threats require organisations to rehearse responses to cyber-attacks by routinely conducting cyber security exercises. However, the effectiveness of these exercises is limited by the exercise planners’ ability to replicate real-world scenarios in a timely manner that is, most importantly, tailored to th...

The hospital at home concept integrates key digital medicine technologies and concepts in a single platform approach, with telemedicine, wearables, and sensors. It could bring benefits to patients, who face lower risks from hospital infections and who want to be at home with their loved ones. Moreover, it may lead to efficiency savings, through its...

The COVID-19 epidemic has caused a significant and profound change in the worldwide tourism sector, leading to a transition from excessive tourism to a state of non-tourism. Consequently, previously bustling tourist locations have exhibited for years a haunting emptiness. Given the aforementioned circumstances, the present chapter explores the deep...

Artificial intelligence (AI) is widely employed with efficacy across diverse domains. The field of smart tourism has the potential to be significantly transformed through the utilisation of AI. This is not surprising given that AI provides autonomous decision-making similar to that of humans, which in the travel industry enables personalized recomm...

Although “smart tourism” has become a catchphrase, multiple interpretations and understandings exist, making it more of a nebulous term than a field with firm foundations. Aiming to contribute to the smart tourism literature, we have located, selected, categorised, and evaluated recent articles in computer science journals, proceedings, and confere...

Currently, there are 6.8 billion smartphone users worldwide while, at the same time, people of all ages actively engage with social networking sites for business, socialising, dating, politics, and simple day-to-day communication. As of April 2022, approximately 4.65 billion individuals were accessing social media, according to Statista [48]. As th...

Considering that Artificial Intelligence is a game-changer in the smart tourism business, one of our key contributions is the formal presentation of frameworks that leverage AI technologies in the context of smart tourism. The utilisation of user-captured photographs in the smart tourism context is one novel approach shared by both frameworks that...

At the time of writing, there are 6.8 billion smartphone users worldwide and projections indicate that this number will surpass seven billion by 2024 [21]. That being the case, we focused on investigating how this portable technology could contribute to the development of smart cities and smart tourism. This extensive research led to a significant...

As this book has delved deeply into the realm of smart tourism, with a secondary focus on smart cities, addressing key facets and intricacies within these domains, we now stand at a pivotal juncture, a chapter dedicated to “Open Questions and Future Directions.” Within this specific chapter, we explore the questions that remain unanswered, the gaps...

Blockchain, also known as Distributed Ledger Technology (DLT), has garnered significant interest from scholars and professionals in various industries. Given this circumstance, our primary objective was to make a scholarly contribution by conducting a comprehensive analysis of the current state of blockchain technology in the smart tourism business...

The fast pace of blockchain technology and cryptocurrencies’ evolution makes people vulnerable to financial fraud and provides a relatively straightforward monetisation mechanism for cybercriminals, in particular ransomware groups which exploit crypto’s pseudo-anonymity properties. At the same time, regulatory efforts for addressing crimes related...

The collection and use of personal data are becoming more common in today’s data-driven culture. While there are many advantages to this, including better decision-making and service delivery, it also poses significant ethical issues around confidentiality and privacy. Text anonymisation tries to prune and/or mask identifiable information from a te...

Typical users are known to use and reuse weak passwords. Yet, as cybersecurity concerns continue to rise, understanding the password practices of software developers becomes increasingly important. In this work, we examine developers' passwords on public repositories. Our dedicated crawler collected millions of passwords from public GitHub reposito...

InterPlanetary File System~(IPFS) is one of the most promising decentralized off-chain storage mechanisms, particularly relevant for blockchains, aiming to store the content forever, thus it is crucial to understand its composition, deduce actor intent and investigate its operation and impact. Beyond the network functionality that IPFS offers, asse...

Content generation that is both relevant and up to date with the current threats of the target audience is a critical element in the success of any cyber security exercise (CSE). Through this work, we explore the results of applying machine learning techniques to unstructured information sources to generate structured CSE content. The corpus of our...

The collection and use of personal data are becoming more common in today's data-driven culture. While there are many advantages to this, including better decision-making and service delivery, it also poses significant ethical issues around confidentiality and privacy. Text anonymisation tries to prune and/or mask identifiable information from a te...

The radical advances in telecommunications and computer science have enabled a myriad of applications and novel seamless interaction with computing interfaces. Voice Assistants (VAs) have become a norm for smartphones, and millions of VAs incorporated in smart devices are used to control these devices in the smart home context. Previous research ha...

Despite the numerous pompous statements regarding 5G, it is indisputable that 5G creates a radical shift in telecommunications. The main reason is that 5G is an enabler of numerous applications we have long envisioned and either simulated or implemented in test environments, partially or on a smaller scale. 5G will soon unlock the potential of smar...

Digital evidence underpin the majority of crimes as their analysis is an integral part of almost every criminal investigation. Even if we temporarily disregard the numerous challenges in the collection and analysis of digital evidence, the exchange of the evidence among the different stakeholders has many thorny issues. Of specific interest are cro...

After the completion of its third year of operation in 2022, the CyberSec4Europe pilot project (https://cybersec4europe.eu/) produced this ”Blue Book” (and delivered it as Deliverable D4.7) to serve as a Horizon Research Roadmap in the area of cyber security. To make this book a reality, the project put together a ”Task Force” of young and senior r...

Content generation that is both relevant and up to date with the current threats of the target audience is a critical element in the success of any Cyber Security Exercise (CSE). Through this work, we explore the results of applying machine learning techniques to unstructured information sources to generate structured CSE content. The corpus of our...

Malware authors continuously evolve their code base to include counter-analysis methods that can significantly hinder their detection and blocking. While malware execution in a sandboxed environment may provide insightful feedback about what the malware does in a machine, anti-virtualisation and hooking evasion methods may allow malware to bypass s...

Digital evidence underpin the majority of crimes as their analysis is an integral part of almost every criminal investigation. Even if we temporarily disregard the numerous challenges in the collection and analysis of digital evidence, the exchange of the evidence among the different stakeholders has many thorny issues. Of specific interest are cro...

Malware authors are continuously evolving their code base to include counter-analysis methods that can significantly hinder their detection and blocking. While the execution of malware in a sandboxed environment may provide a lot of insightful feedback about what the malware actually does in a machine, anti-virtualisation and hooking evasion method...

Many malware campaigns use Microsoft (MS) Office documents as droppers to download and execute their malicious payload. Such campaigns often use these documents because MS Office is installed on billions of devices and that these files allow the execution of arbitrary VBA code. Recent versions of MS Office prevent the automatic execution of VBA mac...

The technological advance of drone technology has augmented the existing capabilities of flying vehicles rendering them a valuable asset of the modern society. As more drones are expected to occupy the airspace in the near future, security-related incidents, either malicious acts or accidents, will increase as well. The forensics analysis of a secu...

In these last years, we are witnessing the constant evolution of technologies such as artificial intelligence, machine learning, blockchain, IoT, and cloud computing. At the same time, before the COVID-19 crisis, the tourism sector steadily increased its growth yearly, raising to be one of the dominant sectors worldwide, generating a wide number of...

Due to its critical role in cybersecurity, digital forensics has received significant attention from researchers and practitioners alike. The ever increasing sophistication of modern cyberattacks is directly related to the complexity of evidence acquisition, which often requires the use of several technologies. To date, researchers have presented m...

Cybersecurity is a never-ending battle against attackers, who try to identify and exploit misconfigurations and software vulnerabilities before being patched. In this ongoing conflict, it is important to analyse the properties of the vulnerability time series to understand when information systems are more vulnerable. We study computer systems’ sof...

Microsoft Office may be by far the most widely used suite for processing documents, spreadsheets, and presentations. Due to its popularity, it is continuously utilised to carry out malicious campaigns. Threat actors, exploiting the platform’s dynamic features, use it to launch their attacks and penetrate millions of hosts in their campaigns. This w...

Coronavirus has radically changed the world and our lives in many and various ways. During this crisis, the tourism sector was severely damaged globally, as, within some weeks, popular touristic places worldwide changed from over-tourism to non-tourism destinations. In order to address new challenges in this sector, a novel cloud-based framework is...

The InterPlanetary File System (IPFS) is employed extensively nowadays by many blockchain projects to store personal data off-chain in order to comply with the Right to be Forgotten (RtbF) provision of the General Data Protection Regulation (GDPR). Nevertheless, upon an erasure request under the RtbF, the onus of removing the actual personal inform...

In the previous chapter we analysed the impact of implementing the GDPR, and in particular the RtbF, in established IT environments and business processes. However, two advanced technological trends of our times used increasingly nowadays for storing and processing personal data, have been emerged in parallel and independently of the GDPR: the ubiq...

The GDPR, being a legal document, follows a technology-agnostic approach so as not to bind the provisions of the law with current trends and state-of-the-art technologies in computer science and information technology. Yet, the technical challenges of aligning modern systems and processes with the GDPR provisions, and mainly with the Right to be Fo...

The sudden outbreak of COVID-19 at the late 2019 has brought enormous hurdles globally to our everyday lives and to our society. In order to mitigate the impact of the pandemic and to control the dissemination of the coronavirus, governments worldwide have taken extreme surveillance measures which most of the times invade to individuals’ privacy an...

Privacy in blockchains is rather complicated as it contradicts with some highly praised properties of blockchain such as immutability. Immutability is considered a cornerstone of blockchains’ security and, therefore, an indisputable property according to which transactional blockchain data cannot be edited nor deleted. However, blockchain’s immutab...

Privacy nowadays is commonly discussed in the context of data protection. While privacy and data protection are not synonymous, they overlap to a great extent. In consequence, privacy —besides data protection—is always within the scope of contemporary data protection legislations. As both terms derive from well established fundamental human rights...

Mobile sensing applications exploit big data to measure and assess human-behavioural modelling. However, big data profiling and automated decision practices, albeit powerful and pioneering, they are also highly unregulated and thereby unfair and intrusive. Their risk to privacy has been indeed identified as one of the biggest challenges faced by mo...

The enforcement of the GDPR on the 25th of May 2018 has caused prolonged controversy due to the severe impact on the processing of personal data under this new regulation. Of its provisions, the most radical and controversial one is the “Right to be Forgotten” (RtbF). In simple terms, the RtbF—along with the provisions for withdrawing consent—allow...

Modern technological advancements such as mobile ubiquitous computing and decentralized p2p networks rely on the collection, processing and sharing of vast amount of personal information which—when combined with big data and machine learning techniques—pose significant challenges to the rights of privacy and data protection. The GDPR, seeking to re...

Blockchain DNS has emerged as an alternative solution to traditional DNS to address many of its inherent drawbacks. In this regard, a blockchain DNS approach is decentralised, resilient, provides high availability, and prevents censorship. Unfortunately, despite these desirable features, the major blockchain DNS solutions to date, Namecoin and Emer...

Advanced persistent threats pose a significant challenge for blue teams as they apply various attacks over prolonged periods, impeding event correlation and their detection. In this work, we leverage various diverse attack scenarios to assess the efficacy of EDRs and other endpoint security solutions against detecting and preventing APTs. Our resul...

Due to its critical role in cybersecurity, digital forensics has received much focus from researchers and practitioners. The ever increasing sophistication of modern cyberattacks is directly related to the complexity of evidence acquisition, which often requires the use of different technologies. To date, researchers have presented many surveys and...

Programming errors in Ethereum smart contracts can result in catastrophic financial losses from stolen cryptocurrency. While vulnerability detectors can prevent vulnerable contracts from being deployed, this does not mean that such contracts will not be deployed. Once a vulnerable contract is instantiated on the blockchain and becomes the target of...

Advanced persistent threats pose a significant challenge for blue teams as they apply various attacks over prolonged periods, impeding event correlation and their detection. In this work, we leverage various diverse attack scenarios to assess the efficacy of EDRs against detecting and preventing APTs. Our results indicate that there is still a lot...

As the digitization of information-intensive processes gains momentum in nowadays, the concern is growing about how to deal with the ever-growing problem of cybercrime. To this end, law enforcement officials and security firms use sophisticated digital forensics techniques for analysing and investigating cybercrimes. However, multi-jurisdictional m...

A crucial technical challenge for cybercriminals is to keep control over the potentially millions of infected devices that build up their botnets, without compromising the robustness of their attacks. A single, fixed C&C server, for example, can be trivially detected either by binary or traffic analysis and immediately sink-holed or taken-down by s...

Cybercrime is continuously growing in numbers and becoming more sophisticated. Currently, there are various monetisation and money laundering methods, creating a huge, underground economy worldwide. A clear indicator of these activities is online marketplaces which allow cybercriminals to trade their stolen assets and services. While traditionally...

The technological advance of drone technology has augmented the existing capabilities of flying vehicles rendering them a valuable asset of the modern society. As more drones are expected to occupy the airspace in the near future, security-related incidents, either malicious acts or accidents, will increase as well. The forensics analysis of a secu...

With the continuous rise of malicious campaigns and the exploitation of new attack vectors, it is necessary to assess the efficacy of the defensive mechanisms used to detect them. To this end, the contribution of our work is twofold. First, it introduces a new method for obfuscating malicious code to bypass all static checks of multi-engine scanner...

Nowadays, malware campaigns have reached a high level of sophistication, thanks to the use of cryptography and covert communication channels over traditional protocols and services. In this regard, a typical approach to evade botnet identification and takedown mechanisms is the use of domain fluxing through the use of Domain Generation Algorithms (...

Web applications are widely used, and new ways for easier and cost-effective methods to develop them are constantly introduced. A common omission among the new development and implementation techniques when designing them is security; Node.js is no exception, as Server-Side JavaScript Injection (SSJI) attacks are possible due to the use of vulnerab...

Programming errors in Ethereum smart contracts can result in catastrophic financial losses from stolen cryptocurrency. While vulnerability detectors can prevent vulnerable contracts from being deployed, this does not mean that such contracts will not be deployed. Once a vulnerable contract is instantiated on the blockchain and becomes the target of...

Many malware campaigns use Microsoft (MS) Office documents as droppers to download and execute their malicious payload. Such campaigns often use these documents because MS Office is installed in billions of devices and that these files allow the execution of arbitrary VBA code. Recent versions of MS Office prevent the automatic execution of VBA mac...

Dynamic malware analysis involves the debugging of the associated binary files and the monitoring of changes in sandboxed environments. This allows the investigator to manipulate the code execution path and environment to develop an understanding of the malware’s internal workings, aims and modus operandi. However, the malware may incorporate anti-...

Social networks are evolving to engage their users more by providing them with more functionalities. One of the most attracting ones is streaming. Users may broadcast part of their daily lives to thousands of others world-wide and interact with them in real-time. Unfortunately, this feature is reportedly exploited for grooming. In this work, we pro...

Ubiquitous computing systems are commonplace. They have opened the door to great benefits for society as a whole. However, they have to be used with care, otherwise they can cause serious risks for their users. In this chapter, we analyze the privacy risks of ubiquitous computing systems from a new individual-centred perspective based on five priva...

Mobile devices have become an indispensable part of our daily lives. Practically, most of our everyday communication is performed through mobile devices which host third party apps and provide for various means of interaction with diverse levels of security. Android is by far the most widely used mobile operating system, with a user base in the sca...

In this report, we analyse the latest campaign of Emotet that had a significant impact in several countries worldwide. We leverage the data of a specifically crafted dataset, which contains emails, documents, executables and domains from the latest campaign. The goal is to analyse the attack vector, map the infrastructure used in various stages of...

During the last few years, there has been an upsurge of social media influencers who are part of the adult entertainment industry, referred to as Performers. To monetize their online presence, Performers often engage in practices which violate community guidelines of social media, such as selling subscriptions for accessing their private “premium”...

During the last few years, there has been an upsurge of social media influencers who are part of the adult entertainment industry, referred to as Performers. To monetize their online presence, Performers often engage in practices which violate community guidelines of social media, such as selling subscriptions for accessing their private "premium"...

A crucial technical challenge for cybercriminals is to keep control over the potentially millions of infected devices that build up their botnets, without compromising the robustness of their attacks. A single, fixed C&C server, for example, can be trivially detected either by binary or traffic analysis and immediately sink-holed or taken-down by s...

Smartphone and smart devices, in general, have penetrated modern life, accompanying humans in the majority of their daily activities, realizing the era of IoT. This tight bond between mobile devices and humans has introduced numerous solutions and automation in people’s everyday living, however, it also comes with a cost, since we are more exposed...

The current landscape of the core Internet technologies shows considerable centralisation with the big tech companies controlling the vast majority of traffic and services. This situation has sparked a wide range of decentralisation initiatives with blockchain technology being among the most prominent and successful innovations. At the same time, o...

The InterPlanetary File System (IPFS) is employed extensively nowadays by many blockchain projects to store personal data off-chain to comply with the Right to be Forgotten (RtbF) requirement of the General Data Protection Regulation (GDPR), the new regulatory regime for personal data protection in the EU. In such a way, when a request for content...

The YAKSHA project aims at reinforcing EU-ASEAN cooperation and building partnerships in cybersecurity domain by developing a solution tailored to specific national needs leveraging EU know-how and local knowledge. YAKSHA enhances cybersecurity readiness levels for its end-users, helps better prevent cyber-attacks, reduces cyber-risks and better go...

As the digitization of information-intensive processes gains momentum in nowadays, the concern is growing about how to deal with the ever-growing problem of cybercrime. To this end, law enforcement officials and security firms use sophisticated digital forensics techniques for analyzing and investigating cybercrimes. However, multi-jurisdictional m...

Human beings produce electronic waste (e-waste) at an unprecedented pace. Mobile phones and other inter-connected smart devices make a significant contribution to the generation of e-waste. Reverse logistics (RL) activities play an essential role in managing mobile phones during their end-of-life. However, remanufacturing and/or refurbishing of mob...