Posts By Erisa Karafili

Blockchain Technology as a Cyber Threat Intelligence Sharing Platform

In the CyberKit4SME project, we are using Blockchain technology for the Cyber Threat Intelligence sharing platform.   Chosen Blockchain Technology We are using Service Ledger (SL) that is a blockchain-as-a-service platform offering programmable blockchain-enabled services that can be adapted to several application scenarios. In the CyberKit4SME project, SL enables the sharing of Cyber Threat Intelligence […]

Private Data Harvesting on Alexa using Third-Party Skills

Abstract: We are currently seeing an increase in the use of voice assistants which are used for various purposes. These assistants have a wide range of inbuilt functionalities with the possibility of installing third-party applications. In this work, we will focus on analyzing and identifying vulnerabilities that are introduced by these third-party applications. In particular, we will build third-party applications (called Skills) for Alexa, the voice assistant developed by Amazon. We will analyze existing exploits, identify accessible data and propose an adversarial framework that deceives users into disclosing private information. For this purpose, we developed four different malicious Skills that harvest different pieces of private information from users. We perform a usability analysis on the Skills and feasibility analysis on the publishing pipeline for one of the Skills.

Cyberkit logo
International study of cybersecurity awareness in small and medium-sized enterprises (SMEs)

You are invited to take part in a survey about awareness of cybersecurity risks in SMEs (companies with fewer than 250 employees). Your participation will contribute to building up a knowledge base for developing tools to assist SMEs in cybersecurity management. Who should attend? All employees in SMEs across all industry sectors (no prior knowledge […]