
Nicola DragoniÖrebro universitet, Sweden, and Technical University of Denmark
Nicola Dragoni
PhD
About
161
Publications
93,741
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
4,159
Citations
Citations since 2017
Introduction
Additional affiliations
January 2009 - February 2015
Publications
Publications (161)
With the emerging technology in underwater wireless sensor networks (UWSN), many researchers are undergoing this field since it cannot maintain the batteries and recharge them manually. Network duration should be taken into account because they can easily be recharged by a non-conventional resource like solar energy. When coming to the data collect...
In the current decade, the use of cloud storage services is drastically increasing because it provides large data storage with various functionalities. Consequently, it is easier for someone to download, upload, change, and share data on multiple platforms. Meanwhile, cloud storage forensics is of paramount importance for service providers to recti...
With the widespread adoption of handheld smartphones, the number of malware targeting them has grown dramatically. Because of the widespread use of cell phones, the quantity of malware has grown dramatically. Because of their ubiquity, android smartphones are the most sought-after targets among smart gadgets. We provide an unique image-based deep l...
Internet of Things (IoT) is a network of devices that communicate with each other through the internet and provides intelligence to industry and people. These devices are running in potentially hostile environments, so the need for security is critical. Trust Management aims to ensure the reliability of the network by assigning a trust value in eve...
In 2019, a virus infection, COVID-19, traveled across the oceans, gained foothold in many countries, and started infecting the citizens of those countries. Soon, this virus was labeled a "pandemic" by the World Health Organization and was subsequently dubbed the COVID-19 virus. With the virus spreading across the globe, countries started going into...
Remote attestation (RA) is an effective malware detection mechanism that allows a trusted entity (Verifier) to detect a potentially compromised remote device (Prover). The recent research works are proposing advanced Control-Flow Attestation (CFA) protocols that are able to trace the Prover’s execution flow to detect runtime attacks. Nevertheless,...
Advances in information technology have harnessed the application of Quick Response (QR) codes in day-to-day activities, simplifying information exchange. QR codes are witnessed almost everywhere, on consumables, newspapers, information bulletins, etc. The simplicity of QR code creation and ease of scanning with free software have tremendously infl...
Fifth-generation networks efficiently support and fulfill the demands of mobile broadband and communication services. There has been a continuing advancement from 4G to 5G networks, with 5G mainly providing the three services of enhanced mobile broadband (eMBB), massive machine type communication (eMTC), and ultra-reliable low-latency services (URL...
Named-entity recognition (NER) is one of the primary components in various natural
language processing tasks such as relation extraction, information retrieval, question answering, etc. The majority of the research work deals with flat entities. However, it was observed that the entities were often embedded within other entities. Most of the curren...
In DevSecOps, development phase advancement goes through various effective solutions, but efficient bug detection, reliability, accurate reports, and user-friendly solution are still lacking. The existing tools raising a false alarm and somewhere no alarm at all at potential threats are no rare sight. Still, there has been no advancement towards a...
Remote Attestation (RA) is a security mechanism that allows a centralized trusted entity (Verifier) to check the trustworthiness of a potentially compromised IoT device (Prover). With the tsunami of interconnected IoT devices, the advancement of swarm RA schemes that efficiently attest large IoT networks has become crucial. Recent swarm RA approach...
Internet of Things (IoT) devices have enveloped our surroundings and have been increasingly deployed in many domains. Even though the IoT has generated unprecedented opportunities, the poorly secured design of IoT devices makes them an easy target for cyber attacks. Aimed at securing IoT devices, Remote Attestation (RA) is a security technique that...
Remote attestation (RA) is a security mechanism that verifies the trustworthiness of remote IoT devices. Traditional RA protocols aim to detect the presence of malicious code in the static memory of a device. In the IoT domain, RA research is currently following two main directions: Dynamic RA and Swarm RA. Dynamic RA schemes intend to detect runti...
In recent years, the Transport Layer Security (TLS) protocol has enjoyed rapid growth as a security protocol for the Internet of Things (IoT). In its newest iteration, TLS 1.3, the Internet Engineering Task Force (IETF) has standardized a zero round-trip time (0-RTT) session resumption sub-protocol, allowing clients to already transmit application...
The Internet of Things (IoT) is evolving our society; however, the growing adoption of IoT devices in many scenarios brings security and privacy implications. Current security solutions are either unsuitable for every IoT scenario or provide only partial security. This paper presents AntibIoTic 2.0, a distributed security system that relies on Fog...
The Internet of Things (IoT) revolutionised the way devices, and human beings, cooperate and interact. The interconnectivity and mobility brought by IoT devices lead to extremely variable networks, as well as unpredictable information flows. In turn, security proved to be a serious issue for the IoT, far more serious than it has been in the past fo...
The migration from monolithic to microservice-based systems have become increasingly popular in the last decade. However, the advantages of this type of migration have not been extensively investigated in the literature, to the best of the authors' knowledge. This paper aims to present a methodology and performance indicators to support better asse...
Botnets, groups of malware-infected hosts controlled by malicious actors, have gained prominence in an era of pervasive computing and the Internet of Things. Botnets have shown a capacity to perform substantial damage through distributed denial-of-service attacks, information theft, spam and malware propagation. In this paper, a systematic literatu...
Remote Attestation (RA) has gained a broad attention over recent years as an essential security mechanism that enables integrity verification of remote IoT devices. Typically, existing RA protocols aim at detecting malware presence in program memory. Recent RA schemes work towards attesting also data memory and focus mainly on detecting runtime att...
The Internet of Things (IoT) ecosystem comprises billions of heterogeneous Internet-connected devices which are revolutionizing many domains, such as healthcare, transportation, smart cities, to mention only a few. Along with the unprecedented new opportunities, the IoT revolution is creating an enormous attack surface for potential sophisticated c...
The tsunami of connectivity brought by the Internet of Things is rapidly revolutionising several sectors, ranging from industry and manufacturing , to home automation, healthcare and many more. When it comes to enforce security within an IoT network such as a smart home, there is a need to automatically recognise the type of each joining devices, i...
We present a review of European master of science programs in cybersecurity and reflect on the presence (and lack) of knowledge and skills needed to build security in.
With the widespread use of smartphones and wearable health sensors, a plethora of mobile health (mHealth) applications to track well-being, run human behavioral studies, and clinical trials have emerged in recent years. However, the design, development, and deployment of mHealth applications is challenging in many ways. To address these challenges,...
The Transport Layer Security (TLS) 1.3 protocol supports a fast zero round-trip time (0-RTT) session resumption mechanism, enabling clients to send data in their first flight of messages. This protocol has been designed with Web infrastructure in mind, and requires these first messages to not change any state on the server side, as it is susceptibl...
The expansion of the food industry, within and beyond national borders, has resulted in complex collaborative networks and supply chains. The management culture adopted for food supply chains has an impact on the quality of the end product and the vitality of the businesses involved. In this report, we focus on the use of blockchain technology, and...
A key application of the Internet of Things (IoT) paradigm lies within industrial contexts. Indeed, the emerging Industrial Internet of Things (IIoT), commonly referred to as Industry 4.0, promises to revolutionize production and manufacturing through the use of large numbers of networked embedded sensing devices, and the combination of emerging co...
Security is a serious, and often neglected, issue in the Internet of Things (IoT). In order to improve IoT security, researchers proposed to use Security-by-Contract (S×C), a paradigm originally designed for mobile application platforms. However, S×C assumes that manufacturers equip their devices with security contracts, which makes hard to integra...
Our transaction history in the current centralized banking system has the ability to reveal a lot of private information for each spender, both to the banking system itself, but also to those entities that surround it (e.g., governments, industry etc). Examples of leaking information constitute the amounts spent, the goods on which the amounts were...
Migrating from a monolith architecture to a microservice architecture in order to modernize a system seems to have become popular in the recent years. However, the benefits of this migration does not appear to have been sufficiently verified. The goal of this article is to present a methodology able to verify whether or not a migration to microserv...
Since Bitcoin’s debut in 2008, blockchain, the technology behind the cryptocurrency, has been gaining increasing scientific and industrial interest. Due to the technology’s innate distributed and immutable features, the adoption of blockchains on supply chains is one of the most promising recent applications. In this survey, we review academic rese...
Looking at today phishing panorama, we are able to identify two diametrically opposed approaches. On the one hand, massive phishing targets as many people as possible with generic and preformed texts. On the other hand, spear phishing targets high-value victims with hand-crafted emails. While nowadays these two worlds partially intersect, we envisi...
The Internet of Things (IoT) is shaping a world where devices are increasingly interconnected, cheaper, and ubiquitous. The more we move toward this world, the more cybersecurity becomes paramount. Nevertheless, we argue that there exists a category of IoT devices which commonly overlooks security, despite dealing with sensitive information. In ord...
- Describes the development of scientific concepts, technologies, engineering techniques and tools for a service-based society built on microservices
- Covers all aspects of the software life-cycle from modeling to development and deployment
- Illustrates presented concepts through several case studies
- Includes also topics like migration from leg...
In the last few years, Internet of Things, Cloud computing, Edge computing, and Fog computing have gained a lot of attention in both industry and academia. However, a clear and neat definition of these computing paradigms and their correlation is hard to find in the literature. This makes it difficult for researchers new to this area to get a concr...
The Internet of Things (IoT) has caused a revolutionary paradigm shift in computer networking. After decades of human-centered routines, where devices were merely tools that enabled human beings to authenticate themselves and perform activities, we are now dealing with a device-centered paradigm: the devices themselves are actors, not just tools fo...
Cybersecurity is one of the biggest challenges in the Internet of Things (IoT) domain, as well as one of its most embarrassing failures. As a matter of fact, nowadays IoT devices still exhibit various shortcomings. For example, they lack secure default configurations and sufficient security configurability. They also lack rich behavioural descripti...
In this chapter we offer an overview of microservices providing the introductory information that a reader should know before continuing reading this book. We introduce the idea of microservices and we discuss some of the current research challenges and real-life software applications where the microservice paradigm play a key role. We have identif...
The Internet of Things (IoT) is rapidly changing our society to a world where every "thing" is connected to the Internet, making computing pervasive like never before. This tsunami of connectivity and data collection relies more and more on the Cloud, where data analytics and intelligence actually reside. Cloud computing has indeed revolutionized t...
Disbursement registration has always been a cumbersome, opaque, and inefficient process, up to the point that most businesses perform cash‐flow evaluations only on a quarterly basis. We believe that automatic cash‐flow evaluations can actively mitigate these issues. In this paper, we present BitFlow, a blockchain‐based architecture that provides co...
The Internet of Things (IoT) has caused a revolutionary paradigm shift in computer networking. After decades of human-centered routines, where devices were merely tools that enabled human beings to authenticate themselves and perform activities, we are now dealing with a device-centered paradigm: the devices themselves are actors, not just tools fo...
The Internet of Things (IoT) is rapidly changing our society to a world where every "thing" is connected to the Internet, making computing pervasive like never before. This tsunami of connectivity and data collection relies more and more on the Cloud, where data analytics and intelligence actually reside. Cloud computing has indeed revolutionized t...
In this chapter we offer an overview of microservices providing the introductory information that a reader should know before continuing reading this book. We introduce the idea of microservices and we discuss some of the current research challenges and real-life software applications where the microservice paradigm play a key role. We have identif...
Nowadays, 1375 different cryptocurrencies exist, and their market value totals up to $444.8 billion, at the time of writing. The interest revolving around cryptocurrencies is constantly growing, and this hype caused an increase of criminal attacks on various cryptocurrencies. In this paper, we cover the main aspects that concern cryptocurrencies vu...
An increasing interest is growing around the idea of microservices and the promise of improving scalability when compared to monolithic systems. Several companies are evaluating pros and cons of a complex migration. In particular, financial institutions are positioned in a difficult situation due to the economic climate and the appearance of agile...
Android smartphones have become a vital component of the daily routine of millions of people, running a plethora of applications available in the official and alternative marketplaces. Although there are many security mechanisms to scan and filter malicious applications, malware is still able to reach the devices of many end-users. In this paper, w...
The rise of connectivity, digitalization, robotics, and artificial intelligence (AI) is rapidly changing our society and shaping its future development. During this technological and societal revolution, security has been persistently neglected, yet a hacked robot can act as an insider threat in organizations, industries, public spaces, and private...
The rise of connectivity, digitalisation, and robotics, combined with the race for bringing artificial intelligence into every aspect of our daily life, is rapidly changing our society and shaping its future development. During this technological and societal revolution, security has been persistently neglected, yet a hacked robot can act as an ins...
Microservices have seen their popularity blossoming with an explosion of concrete applications in real-life software. Several companies are currently involved in a major refactoring of their back-end systems in order to improve scalability. This article presents an experience report of a real-world case study, from the banking domain, in order to d...
The Internet of Things (IoT) revolution has not only carried the astonishing promise to interconnect a whole generation of traditionally “dumb” devices, but also brought to the Internet the menace of billions of badly protected and easily hackable objects. Not surprisingly, this sudden flooding of fresh and insecure devices fueled older threats, su...
The microservice architecture is a style inspired by service-oriented computing that has recently started gaining popularity and that promises to change the way in which software is perceived, conceived and designed. In this paper, we describe the main features of microservices and highlight how these features improve scalability.
The Internet of Things makes possible to connect each everyday object to the Internet, making computing pervasive like never before. From a security and privacy perspective, this tsunami of connec-tivity represents a disaster, which makes each object remotely hackable. We claim that, in order to tackle this issue, we need to address a new challenge...
The Internet of Things makes possible to connect each everyday object to the Internet, making computing pervasive like never before. From a security and privacy perspective, this tsunami of connectivity represents a disaster, which makes each object remotely hackable. We claim that, in order to tackle this issue, we need to address a new challenge...
Cloud computing is steadily growing and, as IaaS vendors have started to offer pay-as-you-go billing policies, it is fundamental to achieve as much elasticity as possible, avoiding over-provisioning that would imply higher costs. In this paper, we briefly analyse the orchestration characteristics of PaaSSOA, a proposed architecture already implemen...
The 2016 is remembered as the year that showed to the world how dangerous Distributed Denial of Service attacks can be. Gauge of the disruptiveness of DDoS attacks is the number of bots involved: the bigger the botnet, the more powerful the attack. This character, along with the increasing availability of connected and insecure IoT devices, makes D...
Cloud computing is steadily growing and, as IaaS vendors have started to offer pay-as-you-go billing policies, it is fundamental to achieve as much elasticity as possible, avoiding over-provisioning that would imply higher costs. In this paper, we briefly analyse the orchestration characteristics of PaaSSOA, a proposed architecture already implemen...
Microservices is an architectural style inspired by service-oriented computing that has recently started gaining popularity. Before presenting the current state-of-the-art in the field, this chapter reviews the history of software architecture, the reasons that led to the diffusion of objects and services first, and microservices later. Finally, op...