Gabriele LenziniUniversity of Luxembourg · Interdisciplinary Centre for Security, Reliability and Trust
Gabriele Lenzini
Professor
About
212
Publications
45,463
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
2,319
Citations
Introduction
Genomic Privacy
Security and Privacy Compliance
Transparency Enhancing Technology
Anti-Ransomware
Skills and Expertise
Publications
Publications (212)
Developing interventions that successfully reduce engagement with misinformation on social media is challenging. One intervention that has recently gained great attention is X/Twitter's Community Notes (previously known as "Birdwatch"). Community Notes is a crowdsourced fact-checking approach that allows users to write textual notes to inform other...
Displaying community fact-checks is a promising approach to reduce engagement with misinformation on social media. However, how users respond to misleading content emotionally after community fact-checks are displayed on posts is unclear. Here, we employ quasi-experimental methods to causally analyze changes in sentiments and (moral) emotions in re...
Community-based fact-checking is a promising approach to verify social media content and correct misleading posts at scale. Yet, causal evidence regarding its effectiveness in reducing the spread of misinformation on social media is missing. Here, we performed a large-scale empirical study to analyze whether community notes reduce the spread of mis...
Organizations adopt a combination of measures to defend against phishing attacks that pass through technical filters. However, employees' engagement with these countermeasures often does not meet security experts' expectations. To explore what motivates and discourages employees from engaging with user-oriented phishing interventions, we conducted...
Remote proctoring technology, a cheating-preventive measure, often raises privacy and fairness concerns that may affect test-takers' experiences and the validity of test results. Our study explores how selectively obfuscating information in video recordings can protect test-takers' privacy while ensuring effective and fair cheating detection. Inter...
Introduction
Artificial Intelligence (AI) is increasingly used as a helper to develop computing programs. While it can boost software development and improve coding proficiency, this practice offers no guarantee of security. On the contrary, recent research shows that some AI models produce software with vulnerabilities. This situation leads to the...
Community-based fact-checking is a promising approach to verify social media content and correct misleading posts at scale. Yet, causal evidence regarding its effectiveness in reducing the spread of misinformation on social media is missing. Here, we performed a large-scale empirical study to analyze whether community notes reduce the spread of mis...
Health misinformation, defined as health-oriented information that contradicts empirically supported scientific findings, has become a significant concern on social media platforms. In response, platforms have implemented diverse design solutions to block such misinformation or alert users about its potential inaccuracies. However, there is limited...
We have an opening for a Ph.D. candidate in a highly interdisciplinary project connecting soft matter physics & chemistry to robotics and computer science: http://emea3.mrted.ly/3j9kd . It is a collaboration with Prof. Holger Voos and Prof. Gabriele Lenzini at SnT, Interdisciplinary Centre for Security, Reliability and Trust of the University of Lu...
Developing interventions that successfully reduce engagement with misinformation on social media is challenging. One intervention that has recently gained great attention is Twitter's Community Notes (previously known as "Birdwatch"). Community Notes is a crowdsourced fact-checking approach that allows users to write textual notes to inform others...
Misinformation has become one of the most pressing social issues in the twenty-first century. How the combinations of emotions and topics trigger the spread of misinformation, however, still remains to be revealed. This study comprehensively examines misinformation and its diffusion by correlating emotions and topics. First, we examine how specific...
There has been a burst of discussions about how to characterize and recognize online dark patterns — i.e., web design strategies that aim to steer user choices towards what favours service providers or third parties like advertisers rather than what is in the best interest of users. Dark patterns are common in cookie banners where they are used to...
A variety of methods and techniques are used in usable privacy and security (UPS) to study users’ experiences and behaviors. When applying empirical methods, researchers in UPS face specific challenges, for instance, to represent risk to research participants. This chapter provides an overview of the empirical research methods used in UPS and highl...
We study coercion-resistance for online exams. We propose two new properties, Anonymous Submission and Single-Blindness which preserve the anonymity of the links between tests, test takers, and examiners even when the parties coerce one another into revealing secrets. The properties are relevant: not even Remark!, a secure exam protocol that satisf...
Sometimes fingerprint-like features are found in a material. The exciting discovery poses new challenges on how to use the features to build an object authentication protocol that could tell customers and retailers equipped with a mobile device whether a good is authentic or fake. We are exactly in this situation with Cholesteric Spherical Reflecto...
The availability of direct-to-consumer genetic testing services and genome sequencing data bring novel opportunities for applications like genomic risk scoring where a polygenic disease risk score is calculated considering the statistical distribution of the disease associated SNPs. Nowadays, various websites are offering polygenic risk score estim...
We study coercion-resistance for online exams. We propose two properties, Anonymous Submission and Single-Blindness which, if hold, preserve the anonymity of the links between tests, test takers, and examiners even when the parties coerce one another into revealing secrets. The properties are relevant: not even Remark!, a secure exam protocol that...
Social media data is a gold mine for research scientists, but such type of data carries unique legal and ethical implications while there is no checklist that can be followed to effortlessly comply with all the applicable rules and principles. On the contrary, academic researchers need to find their way in a maze of regulations, sectoral and instit...
Cryptographic ransomware, a malware capable of destroying data, is a serious threat if used against providers of critical infrastructures such as healthcare, energy supply chains, banking services, and transport systems. Used as such, ransomware may qualify as cyber weapon, but the current discussion around cyber and information warfare is not suff...
Being asked to consent to data sharing is a ubiquitous experience in digital services-yet it is very rare to encounter a well designed consent experience. Considering the momentum and importance of a European data space where personal information freely and easily flows across organizations, sectors and Member States, solving the long-discussed tho...
An ongoing discussion in the field of usable privacy and security debates whether security mechanisms should be visible to end-users during interactions with technology, or hidden away. This paper addresses this question using a mixed-methods approach, focusing on encryption as a mechanism for confidentiality during data transmission on a smartphon...
Arrays of Cholesteric Spherical Reflectors (CSRs), microscopic cholesteric liquid crystals in a spherical shape, have been argued to become a game-changing technology in anti-counterfeiting. Used to build identifiable tags or coating, called CSR IDs, they can supply objects with unclonable fingerprint-like characteristics, making it possible to aut...
Usable privacy and security researchers have developed a variety of approaches to represent risk to research participants. To understand how these approaches are used and when each might be most appropriate, we conducted a systematic literature review of methods used in security and privacy studies with human participants. From a sample of 633 pape...
We propose the use of password-authenticated key exchange (PAKE) for achieving and enhancing entity authentication (EA) and key management (KM) in the context of decentralized end-to-end encrypted email and secure messaging, i.e., without a public key infrastructure or a trusted third party. This not only simplifies the EA process by requiring user...
Globally, countries have been developing contact tracing applications to control the spread of the Coronavirus (COVID-19) disease. In this work, we present the findings of eight focus groups we conducted with participants living in France and Germany, to explore why they decided to adopt, or not adopt, a contact tracing application as well as under...
We propose the use of PAKE for achieving and enhancing entity authentication (EA) and key management (KM) in the context of decentralized end-to-end encrypted email and secure messaging, i.e., where neither a public key infrastructure nor trusted third parties are used. This approach not only simplifies the EA process by requiring users to share on...
The ability to label and track physical objects that are assets in digital representations of the world is foundational to many complex systems. Simple, yet powerful methods such as bar- and QR-codes have been highly successful, e.g., in the retail space, but the lack of security, limited information content and impossibility of seamless integratio...
The ability to label and track physical objects that are assets in digital representations of the world is foundational to many complex systems. Simple, yet powerful methods such as bar- and QR-codes have been highly successful, e.g. in the retail space, but the lack of security, limited information content and impossibility of seamless integration...
Following GDPR’s Article12.7’s proposal to use standardized icons to inform data subject in “an easily visible, intelligible and clearly legible manner,” several icon sets have been developed. In this paper, we firstly critically review some of those proposals. We then examine the properties that icons and icon sets should arguably fulfill accordin...
Online services pervasively employ manipulative designs (i.e., dark patterns) to influence users to purchase goods and subscriptions, spend more time on-site, or mindlessly accept the harvesting of their personal data. To protect users from the lure of such designs, we asked: are users aware of the presence of dark patterns? If so, are they able to...
From a computer science perspective, addressing on-line hate speech is a challenging task that is attracting the attention of both industry (mainly social media platform owners) and academia. In this chapter, we provide an overview of state-of-the-art data-science approaches – how they define hate speech, which tasks they solve to mitigate the phen...
From a computer science perspective, addressing on-line hate speech is a challenging task that is attracting the attention of both industry (mainly social media platform owners) and academia. In this chapter, we provide an overview of state-of-the-art data-science approaches - how they define hate speech, which tasks they solve to mitigate the phen...
To protect their digital assets from malware attacks, most users and companies rely on antivirus (AV) software. AVs’ protection is a full-time task against malware: This is similar to a game where malware, e.g., through obfuscation and polymorphism, denial of service attacks, and malformed packets and parameters, tries to circumvent AV defences or...
The DAPRECO knowledge base is the main outcome of the interdisciplinary project bearing the same name (https://www.fnr.lu/projects/data-protection-regulation-compliance). It is a repository of rules written in LegalRuleML, an XML formalism designed to be a standard for representing the semantic and logical content of legal documents. The rules repr...
To send encrypted emails, users typically need to create and exchange keys which later should be manually authenticated, for instance, by comparing long strings of characters. These tasks are cumbersome for the average user. To make more accessible the use of encrypted email, a secure email application named pEp automates the key management operati...
Oftentimes information disclosures describing personal data-gathering research activities are so poorly designed that participants fail to be informed and blindly agree to the terms, without grasping the rights they can exercise and the risks derived from their cooperation. To respond to the challenge, this article presents a series of operational...
The introduction of the General Data Protection Regulation (GDPR) came to further strengthen the need for transparency—one of its main principles—and with it, the users’ empowerment to make service providers more responsible and accountable for processing of personal data. The technological infrastructures are not yet prepared to fully support the...
We revisit the problem of entity authentication in decentralized end-to-end encrypted email and secure messaging to propose a practical and self-sustaining cryptographic solution based on password-authenticated key exchange (PAKE). This not only allows users to authenticate each other via shared low-entropy secrets, e.g., memorable words, without a...
Transparency is a data processing principle enforced by the GDPR but purposely left open to interpretation. As such, the means to adhere to it are left unspecified. Article 29 Working Party provides practical guidance on how to interpret transparency, however there are no defined requirements nor ways to verify the quality of the implementation of...
Since the appearance of ransomware in the cyber crime scene, researchers and anti-malware companies have been offering solutions to mitigate the threat. Anti-malware solutions differ on the specific strategy they implement, and all have pros and cons. However, three requirements concern them all: their implementation must be secure, be effective, a...
To send encrypted emails, users typically need to create and exchange keys which later should be manually authenticated, for instance, by comparing long strings of characters. These tasks are cumbersome for the average user. To make more accessible the use of encrypted email, a secure email application named \(p\equiv p\) automates the key manageme...
To protect their digital assets from malware attacks, most users and companies rely on anti-virus (AV) software. But AVs' protection is a full-time task and AVs are engaged in a cat-and-mouse game where malware, e.g., through obfuscation and polymorphism, denial of service attacks and malformed packets and parameters, try to circumvent AV defences...
Malware is one of the most popular cyber-attack methods in the digital world. According to the independent test company AV-TEST, 350,000 new malware samples are created every day. To analyze all samples by hand to discover whether they are malware does not scale, so antivirus companies automate the process e.g., using sandboxes where samples can be...
The railway sector has been a source of inspiration for generations of researchers challenged to develop models and tools to analyze safety and reliability. Threats were coming mainly from within, due to occasionally faults in hardware components. With the advent of smart trains, the railway industry is venturing into cybersecurity and the railway...
Understanding whether certain technical measures comply with the General Data Protection Regulation's (GDPR's) principles is complex legal work. This article describes a model of the GDPR that allows for a semiautomatic processing of legal text and the leveraging of state-of-the-art legal informatics approaches, which are useful for legal reasoning...
Because of GDPR’s principle of “data protection by design and by default”, organizations who wish to stay lawful have to re-think their data practices. Access Control (AC) can be a technical solution for them to protect access to “personal data by design”, and thus to gain legal compliance, but this requires to have Access Control Policies (ACPs) e...
Password-based authentication is a widespread method to access into systems, thus password files are a valuable resource often target of attacks. To detect when a password file has been stolen, Juels and Rivest introduced the Honeywords System in 2013. The core idea is to store the password with a list of decoy words that are “indistinguishable” fr...
In order to detect malicious file system activity, some commercial and academic anti-ransomware solutions implement deception-based techniques, specifically by placing decoy files among user files. While this approach raises the bar against current ransomware, as any access to a decoy file is a sign of malicious activity, the robustness of decoy st...
Modelling in a knowledge base of logic formulæ the articles
of the GDPR enables a semi-automatic reasoning of the Regulation. To
be legally substantiated, it requires that the formulæ express validly the
legal meaning of the Regulation’s articles. But legal experts are usually
not familiar with logic, and this calls for an interdisciplinary validat...
It is possible to model the meaning of articles of the GDPR
in logic formulæ and this enables a semi-automatic reasoning over the
Regulation, e.g., to build an argument of compliance. However, any formal reasoning requires that the formulæ are validly expressing the legal
meaning(s) of the articles, including potential disagreements between legal e...
The General Data Protection Regulation (GDPR)’s sixth principle, Integrity and Confidentiality, dictates that personal data must be protected from unauthorised or unlawful processing. To this aim, we propose a systematic approach for authoring access control policies that are by-design aligned with the provisions of the GDPR. We exemplify it by con...
To achieve its goals, ransomware needs to employ strong encryption, which in turn requires access to high-grade encryption keys. Over the evolution of ransomware, various techniques have been observed to accomplish the latter. Understanding the advantages and disadvantages of each method is essential to develop robust defense strategies. In this pa...
We are assisting at an evolution in the ecosystem of cryptoware —the malware that encrypts files and makes them unavailable unless the victim pays up. New variants are taking the place once dominated by older versions; incident reports suggest that forthcoming ransomware will be more sophisticated, disruptive, and targeted. Can we anticipate how su...
We discuss a password-based authentication protocol that we argue to be robust against password-guessing and off-line dictionary attacks. The core idea is to hash the passwords with a seed that comes from an OTP device, making the resulting identity token unpredictable for an adversary. We believe that the usability of this new protocol is the same...
Cholesteric liquid crystal shells provide omnidirectional reflection with selectivity in wavelength and polarization. By tuning the reflection wavelength from the infrared to the ultraviolet, via the visible, numerous applications can be envisaged, as summarized by Mathew Schwartz, Gabriele Lenzini, Jan P. F. Lagerwall, and co‐workers in article nu...
The authentication of a web server is a crucial procedure in the security of web browsing. It relies on certificate validation, a process that may require the participation of the user. Thus, the security of certificate validation is socio-technical as it depends on traditional security technology as well as on social elements such as cultural valu...
Concerned about the technical and social aspects at the root causes of security incidents and how they can hide security vulnerabilities we propose a methodology compatible with the Information Security Management life-cycle. Retrospectively, it supports analysts to reason about the socio-technical causes of observed incidents; prospectively, it he...
To be effective, ransomware has to implement strong encryption, and strong encryption in turn requires a good source of random numbers. Without access to true randomness, ransomware relies on the pseudo random number generators that modern Operating Systems make available to applications. With this insight, we propose a strategy to mitigate ransomw...
The responsive and dynamic character of liquid crystals (LCs), arising from their ability to self‐organize into long‐range ordered structures while maintaining fluidity, has given them a role as key enabling materials in the information technology that surrounds us today. Ongoing research hints at future LC‐based technologies of entirely different...
Since generally legal regulations do not provide clear parameters to determine when their requirements are met, achieving legal compliance is not trivial. The adoption of standards could help create an argument of compliance in favour of the implementing party, provided there is a clear correspondence between the provisions of a specific standard a...
Transparency, a principle advocated by the General Data Protection Regulation, is usually defined in terms of properties such as availability, auditability and accountability and for this reason it is not straightforwardly measurable. In requirement engineering, measuring a quality is usually implemented by defining a set of metrics for its composi...
The papers in this special issue focus on insider threats to information security, counter-intelligence, digital espionage, cyber-security, and cryptography.
Historically, exam security has mainly focused on threats ascribed to candidate cheating. Such threats have been normally mitigated by invigilation and anti-plagiarism methods. However, as recent exam scandals confirm, also invigilators and authorities may pose security threats. The introduction of computers into the different phases of an exam, su...
Transparency is described as the quality to be open about policies and practices. It is intended to inform end users of what happens to their data. It promotes good quality of service and is believed to sustain people’s demand for privacy. However, at least for medical data systems, a clear definition of the property is missing and there is no agre...
A crucial question for an ICT organization wishing to improve its security is whether a security policy together with physical access controls protects from socio-technical threats. We study this question formally. We model the information flow defined by what the organization’s employees do (copy, move, and destroy information) and propose an algo...