Nicola Dragoni

Nicola Dragoni
Örebro universitet, Sweden, and Technical University of Denmark

PhD

About

161
Publications
93,741
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
4,159
Citations
Citations since 2017
81 Research Items
3539 Citations
20172018201920202021202220230200400600
20172018201920202021202220230200400600
20172018201920202021202220230200400600
20172018201920202021202220230200400600
Additional affiliations
January 2009 - February 2015
Technical University of Denmark
Position
  • Professor (Associate)

Publications

Publications (161)
Article
Full-text available
With the emerging technology in underwater wireless sensor networks (UWSN), many researchers are undergoing this field since it cannot maintain the batteries and recharge them manually. Network duration should be taken into account because they can easily be recharged by a non-conventional resource like solar energy. When coming to the data collect...
Chapter
Full-text available
In the current decade, the use of cloud storage services is drastically increasing because it provides large data storage with various functionalities. Consequently, it is easier for someone to download, upload, change, and share data on multiple platforms. Meanwhile, cloud storage forensics is of paramount importance for service providers to recti...
Chapter
Full-text available
With the widespread adoption of handheld smartphones, the number of malware targeting them has grown dramatically. Because of the widespread use of cell phones, the quantity of malware has grown dramatically. Because of their ubiquity, android smartphones are the most sought-after targets among smart gadgets. We provide an unique image-based deep l...
Preprint
Full-text available
Internet of Things (IoT) is a network of devices that communicate with each other through the internet and provides intelligence to industry and people. These devices are running in potentially hostile environments, so the need for security is critical. Trust Management aims to ensure the reliability of the network by assigning a trust value in eve...
Article
Full-text available
In 2019, a virus infection, COVID-19, traveled across the oceans, gained foothold in many countries, and started infecting the citizens of those countries. Soon, this virus was labeled a "pandemic" by the World Health Organization and was subsequently dubbed the COVID-19 virus. With the virus spreading across the globe, countries started going into...
Article
Full-text available
Remote attestation (RA) is an effective malware detection mechanism that allows a trusted entity (Verifier) to detect a potentially compromised remote device (Prover). The recent research works are proposing advanced Control-Flow Attestation (CFA) protocols that are able to trace the Prover’s execution flow to detect runtime attacks. Nevertheless,...
Article
Full-text available
Advances in information technology have harnessed the application of Quick Response (QR) codes in day-to-day activities, simplifying information exchange. QR codes are witnessed almost everywhere, on consumables, newspapers, information bulletins, etc. The simplicity of QR code creation and ease of scanning with free software have tremendously infl...
Article
Full-text available
Fifth-generation networks efficiently support and fulfill the demands of mobile broadband and communication services. There has been a continuing advancement from 4G to 5G networks, with 5G mainly providing the three services of enhanced mobile broadband (eMBB), massive machine type communication (eMTC), and ultra-reliable low-latency services (URL...
Article
Full-text available
Named-entity recognition (NER) is one of the primary components in various natural language processing tasks such as relation extraction, information retrieval, question answering, etc. The majority of the research work deals with flat entities. However, it was observed that the entities were often embedded within other entities. Most of the curren...
Chapter
In DevSecOps, development phase advancement goes through various effective solutions, but efficient bug detection, reliability, accurate reports, and user-friendly solution are still lacking. The existing tools raising a false alarm and somewhere no alarm at all at potential threats are no rare sight. Still, there has been no advancement towards a...
Chapter
Full-text available
Remote Attestation (RA) is a security mechanism that allows a centralized trusted entity (Verifier) to check the trustworthiness of a potentially compromised IoT device (Prover). With the tsunami of interconnected IoT devices, the advancement of swarm RA schemes that efficiently attest large IoT networks has become crucial. Recent swarm RA approach...
Conference Paper
Internet of Things (IoT) devices have enveloped our surroundings and have been increasingly deployed in many domains. Even though the IoT has generated unprecedented opportunities, the poorly secured design of IoT devices makes them an easy target for cyber attacks. Aimed at securing IoT devices, Remote Attestation (RA) is a security technique that...
Article
Full-text available
Remote attestation (RA) is a security mechanism that verifies the trustworthiness of remote IoT devices. Traditional RA protocols aim to detect the presence of malicious code in the static memory of a device. In the IoT domain, RA research is currently following two main directions: Dynamic RA and Swarm RA. Dynamic RA schemes intend to detect runti...
Article
Full-text available
In recent years, the Transport Layer Security (TLS) protocol has enjoyed rapid growth as a security protocol for the Internet of Things (IoT). In its newest iteration, TLS 1.3, the Internet Engineering Task Force (IETF) has standardized a zero round-trip time (0-RTT) session resumption sub-protocol, allowing clients to already transmit application...
Article
The Internet of Things (IoT) is evolving our society; however, the growing adoption of IoT devices in many scenarios brings security and privacy implications. Current security solutions are either unsuitable for every IoT scenario or provide only partial security. This paper presents AntibIoTic 2.0, a distributed security system that relies on Fog...
Article
Full-text available
The Internet of Things (IoT) revolutionised the way devices, and human beings, cooperate and interact. The interconnectivity and mobility brought by IoT devices lead to extremely variable networks, as well as unpredictable information flows. In turn, security proved to be a serious issue for the IoT, far more serious than it has been in the past fo...
Article
Full-text available
The migration from monolithic to microservice-based systems have become increasingly popular in the last decade. However, the advantages of this type of migration have not been extensively investigated in the literature, to the best of the authors' knowledge. This paper aims to present a methodology and performance indicators to support better asse...
Article
Full-text available
Botnets, groups of malware-infected hosts controlled by malicious actors, have gained prominence in an era of pervasive computing and the Internet of Things. Botnets have shown a capacity to perform substantial damage through distributed denial-of-service attacks, information theft, spam and malware propagation. In this paper, a systematic literatu...
Conference Paper
Remote Attestation (RA) has gained a broad attention over recent years as an essential security mechanism that enables integrity verification of remote IoT devices. Typically, existing RA protocols aim at detecting malware presence in program memory. Recent RA schemes work towards attesting also data memory and focus mainly on detecting runtime att...
Article
Full-text available
The Internet of Things (IoT) ecosystem comprises billions of heterogeneous Internet-connected devices which are revolutionizing many domains, such as healthcare, transportation, smart cities, to mention only a few. Along with the unprecedented new opportunities, the IoT revolution is creating an enormous attack surface for potential sophisticated c...
Chapter
Full-text available
The tsunami of connectivity brought by the Internet of Things is rapidly revolutionising several sectors, ranging from industry and manufacturing , to home automation, healthcare and many more. When it comes to enforce security within an IoT network such as a smart home, there is a need to automatically recognise the type of each joining devices, i...
Article
Full-text available
We present a review of European master of science programs in cybersecurity and reflect on the presence (and lack) of knowledge and skills needed to build security in.
Article
With the widespread use of smartphones and wearable health sensors, a plethora of mobile health (mHealth) applications to track well-being, run human behavioral studies, and clinical trials have emerged in recent years. However, the design, development, and deployment of mHealth applications is challenging in many ways. To address these challenges,...
Chapter
The Transport Layer Security (TLS) 1.3 protocol supports a fast zero round-trip time (0-RTT) session resumption mechanism, enabling clients to send data in their first flight of messages. This protocol has been designed with Web infrastructure in mind, and requires these first messages to not change any state on the server side, as it is susceptibl...
Article
The expansion of the food industry, within and beyond national borders, has resulted in complex collaborative networks and supply chains. The management culture adopted for food supply chains has an impact on the quality of the end product and the vitality of the businesses involved. In this report, we focus on the use of blockchain technology, and...
Article
Full-text available
A key application of the Internet of Things (IoT) paradigm lies within industrial contexts. Indeed, the emerging Industrial Internet of Things (IIoT), commonly referred to as Industry 4.0, promises to revolutionize production and manufacturing through the use of large numbers of networked embedded sensing devices, and the combination of emerging co...
Conference Paper
Full-text available
Security is a serious, and often neglected, issue in the Internet of Things (IoT). In order to improve IoT security, researchers proposed to use Security-by-Contract (S×C), a paradigm originally designed for mobile application platforms. However, S×C assumes that manufacturers equip their devices with security contracts, which makes hard to integra...
Article
Full-text available
Our transaction history in the current centralized banking system has the ability to reveal a lot of private information for each spender, both to the banking system itself, but also to those entities that surround it (e.g., governments, industry etc). Examples of leaking information constitute the amounts spent, the goods on which the amounts were...
Preprint
Full-text available
Migrating from a monolith architecture to a microservice architecture in order to modernize a system seems to have become popular in the recent years. However, the benefits of this migration does not appear to have been sufficiently verified. The goal of this article is to present a methodology able to verify whether or not a migration to microserv...
Article
Full-text available
Since Bitcoin’s debut in 2008, blockchain, the technology behind the cryptocurrency, has been gaining increasing scientific and industrial interest. Due to the technology’s innate distributed and immutable features, the adoption of blockchains on supply chains is one of the most promising recent applications. In this survey, we review academic rese...
Chapter
Looking at today phishing panorama, we are able to identify two diametrically opposed approaches. On the one hand, massive phishing targets as many people as possible with generic and preformed texts. On the other hand, spear phishing targets high-value victims with hand-crafted emails. While nowadays these two worlds partially intersect, we envisi...
Chapter
The Internet of Things (IoT) is shaping a world where devices are increasingly interconnected, cheaper, and ubiquitous. The more we move toward this world, the more cybersecurity becomes paramount. Nevertheless, we argue that there exists a category of IoT devices which commonly overlooks security, despite dealing with sensitive information. In ord...
Book
- Describes the development of scientific concepts, technologies, engineering techniques and tools for a service-based society built on microservices - Covers all aspects of the software life-cycle from modeling to development and deployment - Illustrates presented concepts through several case studies - Includes also topics like migration from leg...
Article
Full-text available
In the last few years, Internet of Things, Cloud computing, Edge computing, and Fog computing have gained a lot of attention in both industry and academia. However, a clear and neat definition of these computing paradigms and their correlation is hard to find in the literature. This makes it difficult for researchers new to this area to get a concr...
Chapter
Full-text available
The Internet of Things (IoT) has caused a revolutionary paradigm shift in computer networking. After decades of human-centered routines, where devices were merely tools that enabled human beings to authenticate themselves and perform activities, we are now dealing with a device-centered paradigm: the devices themselves are actors, not just tools fo...
Article
Full-text available
Cybersecurity is one of the biggest challenges in the Internet of Things (IoT) domain, as well as one of its most embarrassing failures. As a matter of fact, nowadays IoT devices still exhibit various shortcomings. For example, they lack secure default configurations and sufficient security configurability. They also lack rich behavioural descripti...
Chapter
Full-text available
In this chapter we offer an overview of microservices providing the introductory information that a reader should know before continuing reading this book. We introduce the idea of microservices and we discuss some of the current research challenges and real-life software applications where the microservice paradigm play a key role. We have identif...
Article
Full-text available
The Internet of Things (IoT) is rapidly changing our society to a world where every "thing" is connected to the Internet, making computing pervasive like never before. This tsunami of connectivity and data collection relies more and more on the Cloud, where data analytics and intelligence actually reside. Cloud computing has indeed revolutionized t...
Article
Disbursement registration has always been a cumbersome, opaque, and inefficient process, up to the point that most businesses perform cash‐flow evaluations only on a quarterly basis. We believe that automatic cash‐flow evaluations can actively mitigate these issues. In this paper, we present BitFlow, a blockchain‐based architecture that provides co...
Preprint
Full-text available
The Internet of Things (IoT) has caused a revolutionary paradigm shift in computer networking. After decades of human-centered routines, where devices were merely tools that enabled human beings to authenticate themselves and perform activities, we are now dealing with a device-centered paradigm: the devices themselves are actors, not just tools fo...
Preprint
Full-text available
The Internet of Things (IoT) is rapidly changing our society to a world where every "thing" is connected to the Internet, making computing pervasive like never before. This tsunami of connectivity and data collection relies more and more on the Cloud, where data analytics and intelligence actually reside. Cloud computing has indeed revolutionized t...
Preprint
Full-text available
In this chapter we offer an overview of microservices providing the introductory information that a reader should know before continuing reading this book. We introduce the idea of microservices and we discuss some of the current research challenges and real-life software applications where the microservice paradigm play a key role. We have identif...
Chapter
Full-text available
Nowadays, 1375 different cryptocurrencies exist, and their market value totals up to $444.8 billion, at the time of writing. The interest revolving around cryptocurrencies is constantly growing, and this hype caused an increase of criminal attacks on various cryptocurrencies. In this paper, we cover the main aspects that concern cryptocurrencies vu...
Article
An increasing interest is growing around the idea of microservices and the promise of improving scalability when compared to monolithic systems. Several companies are evaluating pros and cons of a complex migration. In particular, financial institutions are positioned in a difficult situation due to the economic climate and the appearance of agile...
Article
Full-text available
Android smartphones have become a vital component of the daily routine of millions of people, running a plethora of applications available in the official and alternative marketplaces. Although there are many security mechanisms to scan and filter malicious applications, malware is still able to reach the devices of many end-users. In this paper, w...
Conference Paper
The rise of connectivity, digitalization, robotics, and artificial intelligence (AI) is rapidly changing our society and shaping its future development. During this technological and societal revolution, security has been persistently neglected, yet a hacked robot can act as an insider threat in organizations, industries, public spaces, and private...
Preprint
Full-text available
The rise of connectivity, digitalisation, and robotics, combined with the race for bringing artificial intelligence into every aspect of our daily life, is rapidly changing our society and shaping its future development. During this technological and societal revolution, security has been persistently neglected, yet a hacked robot can act as an ins...
Article
Full-text available
Microservices have seen their popularity blossoming with an explosion of concrete applications in real-life software. Several companies are currently involved in a major refactoring of their back-end systems in order to improve scalability. This article presents an experience report of a real-world case study, from the banking domain, in order to d...
Article
Full-text available
The Internet of Things (IoT) revolution has not only carried the astonishing promise to interconnect a whole generation of traditionally “dumb” devices, but also brought to the Internet the menace of billions of badly protected and easily hackable objects. Not surprisingly, this sudden flooding of fresh and insecure devices fueled older threats, su...
Chapter
Full-text available
The microservice architecture is a style inspired by service-oriented computing that has recently started gaining popularity and that promises to change the way in which software is perceived, conceived and designed. In this paper, we describe the main features of microservices and highlight how these features improve scalability.
Conference Paper
Full-text available
The Internet of Things makes possible to connect each everyday object to the Internet, making computing pervasive like never before. From a security and privacy perspective, this tsunami of connec-tivity represents a disaster, which makes each object remotely hackable. We claim that, in order to tackle this issue, we need to address a new challenge...
Conference Paper
Full-text available
The Internet of Things makes possible to connect each everyday object to the Internet, making computing pervasive like never before. From a security and privacy perspective, this tsunami of connectivity represents a disaster, which makes each object remotely hackable. We claim that, in order to tackle this issue, we need to address a new challenge...
Conference Paper
Full-text available
Cloud computing is steadily growing and, as IaaS vendors have started to offer pay-as-you-go billing policies, it is fundamental to achieve as much elasticity as possible, avoiding over-provisioning that would imply higher costs. In this paper, we briefly analyse the orchestration characteristics of PaaSSOA, a proposed architecture already implemen...
Conference Paper
Full-text available
The 2016 is remembered as the year that showed to the world how dangerous Distributed Denial of Service attacks can be. Gauge of the disruptiveness of DDoS attacks is the number of bots involved: the bigger the botnet, the more powerful the attack. This character, along with the increasing availability of connected and insecure IoT devices, makes D...
Conference Paper
Full-text available
Cloud computing is steadily growing and, as IaaS vendors have started to offer pay-as-you-go billing policies, it is fundamental to achieve as much elasticity as possible, avoiding over-provisioning that would imply higher costs. In this paper, we briefly analyse the orchestration characteristics of PaaSSOA, a proposed architecture already implemen...
Chapter
Full-text available
Microservices is an architectural style inspired by service-oriented computing that has recently started gaining popularity. Before presenting the current state-of-the-art in the field, this chapter reviews the history of software architecture, the reasons that led to the diffusion of objects and services first, and microservices later. Finally, op...
Conference Paper
Full-text available