Dr. Gergely Biczók

Associate Professor

biczok (at) crysys.hu

office: I.E. 430
tel: +36 1 463 2080

Current courses | Student projects | Publications

Short Bio

Gergely is a freshly-minted associate professor at the CrySyS Lab. He received the PhD (2010) and MSc (2003) degrees in Computer Science from the Budapest University of Technology and Economics. He was a postdoctoral fellow at the Norwegian University of Science and Technology from 2011 to 2014. He was a Fulbright Visiting Researcher to Northwestern University between 2007 and 2008. He also held a researcher position at Ericsson Research Hungary from 2003 to 2007.

His research interests are in the economics of networked systems focusing on data privacy, information security and incentives. His Google Scholar profile is here.

Current Courses

Coding and IT Security (VIHIBB01)

This BProf course gives an overview of the different areas of IT security with the aim of increasing the security awareness of computer science students and shaping their attitude towards designing and using secure computing systems. The course also gives an introduction to source software security and channel coding.

Security and Privacy: an Economic Approach (in English) (VIHIAV34)

Information security is as much an economic problem as it is technical. Even given flawless cryptographic protocols and the availability of perfectly secure software, the misaligned economic incentives of different stakeholders in a system often result in a (very) sub-optimal security level. By guiding you through the jungle of asymmetric information, interdependent security, correlated risk and other concepts characteristic for system security, this elective course will enable you to make better decisions in risk management, security investment and policy design on a system level. Furthermore, the course touches upon the economic aspects of data privacy, an emerging area of interest for users and companies in the big data era.

Student Project Proposals

Federated Learning - Security & Privacy & Contribution Scores

Federated learning enables multiple actors to build a common, robust machine learning model without sharing data, thus allowing to address critical issues such as data privacy, data security, data access rights and access to heterogeneous data. Its applications are spread over a number of industries including defense, telecommunications, IoT, and pharmaceutics. Students can work on the following topics:

Required skills: none
Preferred skills: basic programming skills (e.g., python), machine learning (not required)

Economics of (cyber)security and (data)privacy

As evidenced in the last 10-15 years, cybersecurity is not a purely technical discipline. Decision-makers, whether sitting at security providers (IT companies), security demanders (everyone using IT) or the security industry, are mostly driven by economic incentives. Understanding these incentives are vital for designing systems that are secure in real-life scenarios. Parallel to this, data privacy has also shown the same characteristics: proper economic incentives and controls are needed to design systems where sharing data is beneficial to both data subject and data controller. An extreme example to a flawed attempt at such a design is the Cambridge Analytica case.
The prospective student will identify a cybersecurity or data privacy economics problem, and use elements of game theory and other domain-specific techniques and software tools to transform the problem into a model and propose a solution. Potential topics include:

Required skills: model thinking, good command of English
Preferred skills: basic knowledge of game theory, basic programming skills (e.g., python, matlab, NetLogo)

Publications

2023

6G for Connected Sky: A Vision for Integrating Terrestrial and Non-Terrestrial Networks

M. Ozger and I. Gódor and A. Nordlow and T. Heyn and S. Pandi and I. Peterson and A. Viseras and J. Holis and C. Raffelsberger and A. Kercek and B. Mölleryd and L. Toka and G. Biczók and R. de Candido and F. Laimer and U. Tarmann and D. Schupke and C. Cavdar

Proceedings of EuCNC & 6G Summit, 2023.

Bibtex

@inproceedings {
   author = {Mustafa Ozger and István Gódor and Anders Nordlow and Thomas Heyn and Sreekrishna Pandi and Ian Peterson and Alberto Viseras and Jaroslav Holis and Christian Raffelsberger and Andreas Kercek and Bengt Mölleryd and Laszlo Toka and Gergely Biczók and Robby de Candido and Felix Laimer and Udo Tarmann and Dominic A. Schupke and Cicek Cavdar},
   title = {6G for Connected Sky: A Vision for Integrating Terrestrial and Non-Terrestrial Networks},
   booktitle = {Proceedings of EuCNC & 6G Summit},
   year = {2023}
}

Abstract

Privacy pitfalls of releasing in-vehicle network data

A. Gazdag and Sz. Lestyán and M. Remeli and G. Ács and T. Holczer and G. Biczók

Vehicular Communications, 2023.

Bibtex | Abstract | PDF | Link

@article {
   author = {András Gazdag and Szilvia Lestyan and Mina Remeli and Gergely Ács and Tamas Holczer and Gergely Biczók},
   title = {Privacy pitfalls of releasing in-vehicle network data},
   journal = {Vehicular Communications},
   year = {2023},
   howpublished = "\url{https://www.sciencedirect.com/science/article/pii/S2214209622001127?via%3Dihub}"
}

Keywords

In-vehicle network data; Privacy attacks; Driver re-identification; Trajectory reconstruction; Anonymization; Differential privacy

Abstract

The ever-increasing volume of vehicular data has enabled different service providers to access and monetize in-vehicle network data of millions of drivers. However, such data often carry personal or even potentially sensitive information, and therefore service providers either need to ask for drivers\' consent or anonymize such data in order to comply with data protection regulations. In this paper, we show that both fine-grained consent control as well as the adequate anonymization of in-network vehicular data are very challenging. First, by exploiting that in-vehicle sensor measurements are inherently interdependent, we are able to effectively i) re-identify a driver even from the raw, unprocessed CAN data with 97% accuracy, and ii) reconstruct the vehicle's complete location trajectory knowing only its speed and steering wheel position. Since such signal interdependencies are hard to identify even for data controllers, drivers' consent will arguably not be informed and hence may become invalid. Second, we show that the non-systematic application of different standard anonymization techniques (e.g., aggregation, suppression, signal distortion) often results in volatile, empirical privacy guarantees to the population as a whole but fails to provide a strong, worst-case privacy guarantee to every single individual. Therefore, we advocate the application of principled privacy models (such as Differential Privacy) to anonymize data with strong worst-case guarantee.

Quality Inference in Federated Learning with Secure Aggregation

B. Pejo and G. Biczók

IEEE Transactions on Big Data, 2023.

Bibtex | Abstract | PDF | Link

@article {
   author = {Balazs Pejo and Gergely Biczók},
   title = {Quality Inference in Federated Learning with Secure Aggregation},
   journal = {IEEE Transactions on Big Data},
   year = {2023},
   howpublished = "\url{https://ieeexplore.ieee.org/document/10138056}"
}

Keywords

Quality Inference , Federated Learning , Secure Aggregation , Misbehavior Detection , Contribution Score

Abstract

Federated learning algorithms are developed both for efficiency reasons and to ensure the privacy and confidentiality of personal and business data, respectively. Despite no data being shared explicitly, recent studies showed that the mechanism could still leak sensitive information. Hence, secure aggregation is utilized in many real-world scenarios to prevent attribution to specific participants. In this paper, we focus on the quality (i.e., the ratio of correct labels) of individual training datasets and show that such quality information could be inferred and attributed to specific participants even when secure aggregation is applied. Specifically, through a series of image recognition experiments, we infer the relative quality ordering of participants. Moreover, we apply the inferred quality information to stabilize training performance, measure the individual contribution of participants, and detect misbehavior.

SECREDAS: Safe and (Cyber-)Secure Cooperative and Automated Mobility

C. Ploeg and J. Sluis and S. Gerres and Sz. Novaczki and A. Wippelhauser and E. Nassor and J. Sevin and A. Gazdag and G. Biczók

Proceedings of IFAC World Congress, 2023.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Chris van der Ploeg and Jacco van de Sluis and Sebastian Gerres and Szabolcs Novaczki and András Wippelhauser and Eric Nassor and Julien Sevin and András Gazdag and Gergely Biczók},
   title = {SECREDAS: Safe and (Cyber-)Secure Cooperative and Automated Mobility},
   booktitle = {Proceedings of IFAC World Congress},
   year = {2023}
}

Abstract

Infrastructure-to-Vehicle (I2V) and Vehicle-to-Infrastructure (V2I) communication is likely to be a key-enabling technology for automated driving in the future. Using externally placed sensors, the digital infrastructure can support the vehicle in perceiving surroundings that would otherwise be difficult to perceive due to, for example, high traffic density or bad weather. Conversely, by communicating on-board vehicle measurements, the environment can more accurately be perceived in locations which are not (sufficiently) covered by digital infrastructure. The security of such communication channels is an important topic, since malicious information on these channels could potentially lead to a reduction in overall safety. Collective perception contributes to raising awareness levels and an improved traffic safety. In this work, a demonstrator is introduced, where a variety of novel techniques have been deployed to showcase an overall architecture for improving vehicle and vulnerable road user safety in a connected environment. The developed concepts have been deployed at the Automotive Campus intersection in Helmond (NL), in a field testing setting.

2022

Games in the Time of COVID-19: Promoting Mechanism Design for Pandemic Response

B. Pejo and G. Biczók

ACM Transactions on Spatial Algorithms and Systems (TSAS), 2022.

Bibtex | Link

@article {
   author = {Balazs Pejo and Gergely Biczók},
   title = {Games in the Time of COVID-19: Promoting Mechanism Design for Pandemic Response},
   journal = {ACM Transactions on Spatial Algorithms and Systems (TSAS)},
   year = {2022},
   howpublished = "\url{https://dl.acm.org/doi/abs/10.1145/3503155}"
}

Abstract

In search of lost utility: private location data

Sz. Lestyán and G. Ács and G. Biczók

Privacy Enhancing Technologies Symposium (PETS), 2022.

Bibtex | Abstract | PDF | Link

@conference {
   author = {Szilvia Lestyan and Gergely Ács and Gergely Biczók},
   title = {In search of lost utility: private location data},
   booktitle = {Privacy Enhancing Technologies Symposium (PETS)},
   year = {2022},
   howpublished = "\url{https://arxiv.org/pdf/2008.01665.pdf}"
}

Keywords

Location data anonymization, Differential Privacy, Generative Models

Abstract

The unavailability of training data is a permanent source of much frustration in research, especially when it is due to privacy concerns. This is particularly true for location data since previous techniques all suffer from the inherent sparseness and high dimensionality of location trajectories which render most techniques impractical, resulting in unrealistic traces and unscalable methods. Moreover, time information of location visits is usually dropped, or its resolution is drastically reduced. In this paper we present a novel technique for privately releasing a composite generative model and whole high-dimensional location datasets with detailed time information. To generate high-fidelity synthetic data, we leverage several peculiarities of vehicular mobility such as its language-like characteristics ("you should know a location by the company it keeps") or how humans plan their trips from one point to the other. We model the generator distribution of the dataset by first constructing a variational autoencoder to generate the source and destination locations, and the corresponding timing of trajectories. Next, we compute transition probabilities between locations with a feed forward network, and build a transition graph from the output of this model, which approximates the distribution of all paths between the source and destination (at a given time). Finally, a path is sampled from this distribution with a Markov Chain Monte Carlo method. The generated synthetic dataset is highly realistic, scalable, provides good utility and, nonetheless, provably private. We evaluate our model against two state-of-the-art methods and three real-life datasets demonstrating the benefits of our approach.

Incentives for Individual Compliance with Pandemic Response Measures

B. Pejo and G. Biczók

Enabling Technologies for Social Distancing: Fundamentals, concepts and solutions, (IET), 2022.

Bibtex | PDF | Link

@inproceedings {
   author = {Balazs Pejo and Gergely Biczók},
   title = {Incentives for Individual Compliance with Pandemic Response Measures},
   booktitle = {Enabling Technologies for Social Distancing: Fundamentals, concepts and solutions, (IET)},
   year = {2022},
   howpublished = "\url{https://digital-library.theiet.org/content/books/te/pbte104e}"
}

Abstract

2021

Detecting Message Modification Attacks on the CAN Bus with Temporal Convolutional Networks

I. Chiscop and A. Gazdag and J. Bosman and G. Biczók

Proceedings of the 7th International Conference on Vehicle Technology and Intelligent Transport Systems, 2021.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Irina Chiscop and András Gazdag and Joost Bosman and Gergely Biczók},
   title = {Detecting Message Modification Attacks on the CAN Bus with Temporal Convolutional Networks},
   booktitle = {Proceedings of the 7th International Conference on Vehicle Technology and Intelligent Transport Systems},
   year = {2021}
}

Keywords

Vehicle Security, Intrusion Detection, Controller Area Network, Machine Learning, Temporal Convolutional Networks.

Abstract

Multiple attacks have shown that in-vehicle networks have vulnerabilities which can be exploited. Securing the Controller Area Network (CAN) for modern vehicles has become a necessary task for car manufacturers. Some attacks inject potentially large amount of fake messages into the CAN network; however, such attacks are relatively easy to detect. In more sophisticated attacks, the original messages are modified, making the de- tection a more complex problem. In this paper, we present a novel machine learning based intrusion detection method for CAN networks. We focus on detecting message modification attacks, which do not change the timing patterns of communications. Our proposed temporal convolutional network-based solution can learn the normal behavior of CAN signals and differentiate them from malicious ones. The method is evaluated on multiple CAN-bus message IDs from two public datasets including different types of attacks. Performance results show that our lightweight approach compares favorably to the state-of-the-art unsupervised learning approach, achieving similar or better accuracy for a wide range of scenarios with a significantly lower false positive rate.

Impact Assessment of IT Security Breaches in Cyber-Physical Systems

A. Földvári and G. Biczók and I. Kocsis and L. Gönczy and A. Pataricza

2nd Workshop on vAlidation and verification in FuturE cybeR-physical Systems (WAFERS, co-located with LADC 2021), 2021.

Bibtex | Abstract | PDF | Link

@inproceedings {
   author = {A. Földvári and Gergely Biczók and I. Kocsis and László Gönczy and András Pataricza},
   title = {Impact Assessment of IT Security Breaches in Cyber-Physical Systems},
   booktitle = {2nd Workshop on vAlidation and verification in FuturE cybeR-physical Systems (WAFERS, co-located with LADC 2021)},
   year = {2021},
   howpublished = "\url{https://ieeexplore.ieee.org/document/9672582}"
}

Keywords

cyber-physical systems, impact analysis, error propagation analysis

Abstract

The increased cyber-attack surface in cyber-physical systems, the close coupling to vulnerable physical processes, and the potential for human casualties necessitate a careful extension of traditional safety methodologies, e.g., error propagation analysis (EPA), with cybersecurity capabilities. We propose a model-driven Information Technology/Operational Technology impact analysis method that supports identifying vulnerabilities, most critical attack strategies, and most dangerous threat actors by analyzing attack scenarios on an abstract functional model of the system. Our solution extends EPA, initially developed for dependability and safety analysis, with cybersecurity aspects to explore the safety impact of a cyber attack on a cyber-physical system. The paper presents the impact analysis workflow, the threat model, the pilot analysis tool, and a case study.

Interdependent privacy issues are pervasive among third-party applications

S. Liu and B. Herendi and G. Biczók

16th International Workshop on Data Privacy Management (DPM, co-located with ESORICS 2021), 2021.

Bibtex | Abstract | PDF | Link

@inproceedings {
   author = {Shuaishuai Liu and B. Herendi and Gergely Biczók},
   title = {Interdependent privacy issues are pervasive among third-party applications},
   booktitle = {16th International Workshop on Data Privacy Management (DPM, co-located with ESORICS 2021)},
   year = {2021},
   howpublished = "\url{https://link.springer.com/chapter/10.1007/978-3-030-93944-1_5}"
}

Keywords

interdependent privacy, third-party apps, permissions, Android, browser extensions, Google Workspace, risk signal

Abstract

Third-party applications are popular: they improve and ex- tend the features offered by their respective platforms, whether being mobile OS, browsers or cloud-based tools. Although some privacy con- cerns regarding these apps have been studied in detail, the phenomenon of interdependent privacy, when a user shares others’ data with an app without their knowledge and consent. Through careful analysis of per- mission models and multiple platform-specific datasets, we show that interdependent privacy risks are enabled by certain permissions in all platforms studied, and actual apps request these permissions instantiat- ing these risks. We also identify potential risk signals, and discuss solu- tions which could improve transparency and control for users, developers and platform owners.

Measuring Contributions in Privacy-Preserving Federated Learning

G. Ács and G. Biczók and B. Pejo

ERCIM NEWS, vol. 126, 2021, pp. 35-36.

Bibtex | Abstract | Link

@article {
   author = {Gergely Ács and Gergely Biczók and Balazs Pejo},
   title = {Measuring Contributions in Privacy-Preserving Federated Learning},
   journal = {ERCIM NEWS},
   volume = {126},
   year = {2021},
   pages = {35-36},
   howpublished = "\url{https://ercim-news.ercim.eu/en126/special/measuring-contributions-in-privacy-preserving-federated-learning}"
}

Abstract

How vital is each participant’s contribution to a collaboratively trained machine learning model? This is a challenging question to answer, especially if the learning is carried out in a privacy-preserving manner with the aim of concealing individual actions.

Privacy of Aggregated Mobility Data

G. Ács and Sz. Lestyán and G. Biczók

Jajodia S., Samarati P., Yung M. (eds) Encyclopedia of Cryptography, Security and Privacy. Springer, Berlin, Heidelberg., Springer, 2021.

Bibtex | PDF | Link

@inproceedings {
   author = {Gergely Ács and Szilvia Lestyan and Gergely Biczók},
   title = {Privacy of Aggregated Mobility Data},
   booktitle = {Jajodia S., Samarati P., Yung M. (eds) Encyclopedia of Cryptography, Security and Privacy. Springer, Berlin, Heidelberg.},
   publisher = {Springer},
   year = {2021},
   howpublished = "\url{https://doi.org/10.1007/978-3-642-27739-9_1575-1}"
}

Abstract

SafeLib: a practical library for outsourcing stateful network functions securely

E. Marku and G. Biczók and C. Boyd

2021 IEEE 7th International Conference on Network Softwarization (NetSoft 2021), 2021.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Enio Marku and Gergely Biczók and Colin Boyd},
   title = {SafeLib: a practical library for outsourcing stateful network functions securely},
   booktitle = {2021 IEEE 7th International Conference on Network Softwarization (NetSoft 2021)},
   year = {2021}
}

Keywords

virtualization; outsourcing; stateful network function; cloud; security

Abstract

A recent trend is to outsource virtual network functions (VNFs) to a third-party service provider, such as a public cloud. Since the cloud is usually not trusted, redirecting enterprise traffic to such an entity introduces security concerns. In addition to protecting enterprise traffic, it is also desirable to protect VNF code, policies and states. Existing outsourcing solutions fall short in either supporting stateful VNFs, catering for all security requirements, or providing adequate performance. In this paper we present SafeLib, a trusted hardware based outsourcing solution built on Intel SGX. SafeLib provides i) support for stateful VNFs, ii) support for illegal SGX instructions by integrating Graphene-SGX, iii) protection of both packet headers and payload for enterprise user traffic, VNF policies and VNF code, and iv) integration of libVNF for streamlined VNF development. Our performance evaluation shows that SafeLib scales properly for multiple cores, and introduces a reasonable performance overhead. We also outline plans to further improve SafeLib to satisfy even more stringent functional, security and performance requirements.

2020

Corona Games: Masks, Social Distancing and Mechanism Design

B. Pejo and G. Biczók

Proc. of ACM SIGSPATIAL Workshop on COVID, ACM, 2020.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Balazs Pejo and Gergely Biczók},
   title = {Corona Games: Masks, Social Distancing and Mechanism Design},
   booktitle = {Proc. of ACM SIGSPATIAL Workshop on COVID},
   publisher = {ACM},
   year = {2020}
}

Abstract

Pandemic response is a complex affair. Most governments employ a set of quasi-standard measures to fight COVID-19 including wearing masks, social distancing, virus testing and contact tracing. We argue that some non-trivial factors behind the varying effectiveness of these measures are selfish decision-making and the differing national implementations of the response mechanism. In this paper, through simple games, we show the effect of individual incentives on the decisions made with respect to wearing masks and social distancing, and how these may result in a sub-optimal outcome. We also demonstrate the responsibility of national authorities in designing these games properly regarding the chosen policies and their influence on the preferred outcome. We promote a mechanism design approach: it is in the best interest of every government to carefully balance social good and response costs when implementing their respective pandemic response mechanism.

Securing Outsourced VNFs: Challenges, State of the Art, and Future Directions

E. Marku and G. Biczók and C. Boyd

IEEE Communications Magazine, vol. 58, no. 7, vol. 58, 2020, pp. 1-8.

Bibtex | Abstract | PDF

@article {
   author = {Enio Marku and Gergely Biczók and Colin Boyd},
   title = {Securing Outsourced VNFs: Challenges, State of the Art, and Future Directions},
   journal = {IEEE Communications Magazine, vol. 58, no. 7},
   volume = {58},
   year = {2020},
   pages = {1-8}
}

Keywords

virtualization, security, confidentiality, middlebox, cloud, outsourcing, VNF, SGX, 5G, RAP, LAP

Abstract

It is becoming increasingly common for en- terprises to outsource network functions to a third party provider such as a public cloud. Besides its well- documented benefits in cost and flexibility, outsourcing also introduces security issues. Peeking into or modifying traffic destined to the cloud are not the only threats we have to deal with; it can also be desirable to protect VNF code, input policies and states from a malicious cloud provider. In recent years several solutions have been proposed towards mitigating the threats of outsourcing VNFs, using either cryptographic or trusted hardware- based mechanisms (the latter typically applying SGX). In this paper, we provide an overview of methods for protecting the security of outsourced network functions. We introduce the challenges and emerging requirements, analyze the state-of-the-art, and identify the gaps between the requirements and existing solutions. Furthermore, we outline a potential way to fill these gaps in order to devise a more complete solution.

The cost of having been pwned: a security service provider's perspective

G. Biczók and M. Horváth and Sz. Szebeni and I. Lam and L. Buttyán

3rd International Workshop on Emerging Technologies for Authorization and Authentication (Co-Located with ESORICS 2020) - ETAA 2020, 2020.

Bibtex | Abstract | PDF

@inproceedings {
   author = {Gergely Biczók and Máté Horváth and Szilveszter Szebeni and Istvan Lam and Levente Buttyán},
   title = {The cost of having been pwned: a security service provider's perspective},
   booktitle = {3rd International Workshop on Emerging Technologies for Authorization and Authentication (Co-Located with ESORICS 2020) - ETAA 2020},
   year = {2020}
}

Abstract

Account information from major online providers are getting exposed regularly; this gives rise to PWND services, providing a smart means to check whether a password or username/password tuple has already been leaked, rendering them ``pwned'' and therefore risky to use. However, state-of-the-art PWND mechanisms leak some information themselves. In this paper, we investigate how this minimal leaked information can speed up password cracking attacks of a powerful adversary, when the PWND mechanism is implemented on-premise by a service provider as an additional security measure during registration or password change. We analyze the costs and practicality of these attacks, and investigate simple mitigation techniques. We show that implementing a PWND mechanism can be beneficial, especially for security-focused service providers, but proper care needs to be taken. We also discuss behavioral factors to consider when deploying PWND services.

2019

Automatic Driver Identification from In-Vehicle Network Logs

M. Remeli and Sz. Lestyán and G. Ács and G. Biczók

22th IEEE Intelligent Transportation Systems Conference (ITSC), IEEE, 2019.

Bibtex | Link

@inproceedings {
   author = {Mina Remeli and Szilvia Lestyan and Gergely Ács and Gergely Biczók},
   title = {Automatic Driver Identification from In-Vehicle Network Logs},
   booktitle = {22th IEEE Intelligent Transportation Systems Conference (ITSC)},
   publisher = {IEEE},
   year = {2019},
   howpublished = "\url{https://arxiv.org/pdf/1911.09508.pdf}"
}

Abstract

Extracting vehicle sensor signals from CAN logs for driver re-identification

Sz. Lestyán and G. Ács and G. Biczók and Zs. Szalay

5th International Conference on Information Security and Privacy (ICISSP 2019), SCITEPRESS, 2019, shortlisted for Best Student Paper Award.

Bibtex | Abstract

@inproceedings {
   author = {Szilvia Lestyan and Gergely Ács and Gergely Biczók and Zsolt Szalay},
   title = {Extracting vehicle sensor signals from CAN logs for driver re-identification},
   booktitle = {5th International Conference on Information Security and Privacy (ICISSP 2019)},
   publisher = {SCITEPRESS},
   year = {2019},
   note = {shortlisted for Best Student Paper Award}
}

Abstract

Data is the new oil for the car industry. Cars generate data about how they are used and who’s behind the wheel which gives rise to a novel way of profiling individuals. Several prior works have successfully demonstrated the feasibility of driver re-identification using the in-vehicle network data captured on the vehicle’s CAN bus. However, all of them used signals (e.g., velocity, brake pedal or accelerator position) that have already been extracted from the CAN log which is itself not a straightforward process. Indeed, car manufacturers intentionally do not reveal the exact signal location within CAN logs. Nevertheless, we show that signals can be efficiently extracted from CAN logs using machine learning techniques. We exploit that signals have several distinguishing statistical features which can be learnt and effectively used to identify them across different vehicles, that is, to quasi ”reverse-engineer” the CAN protocol. We also demonstrate that the extracted signals can be successfully used to re-identify individuals in a dataset of 33 drivers. Therefore, hiding signal locations in CAN logs per se does not prevent them to be regarded as personal data of drivers.

Together or Alone: The Price of Privacy in Collaborative Learning

B. Pejo and Q. Tang and G. Biczók

Proceedings on Privacy Enhancing Technologies (PETS 2019), De Gruyter, 2019.

Bibtex | Abstract

@inproceedings {
   author = {Balazs Pejo and Q. Tang and Gergely Biczók},
   title = {Together or Alone: The Price of Privacy in Collaborative Learning},
   booktitle = {Proceedings on Privacy Enhancing Technologies (PETS 2019)},
   publisher = {De Gruyter},
   year = {2019}
}

Abstract

Machine learning algorithms have reached mainstream status and are widely deployed in many applications. The accuracy of such algorithms depends significantly on the size of the underlying training dataset; in reality a small or medium sized organization often does not have the necessary data to train a reasonably accurate model. For such organizations, a realistic solution is to train their machine learning models based on their joint dataset (which is a union of the individual ones). Unfortunately, privacy concerns prevent them from straightforwardly doing so. While a number of privacy-preserving solutions exist for collaborating organizations to securely aggregate the parameters in the process of training the models, we are not aware of any work that provides a rational framework for the participants to precisely balance the privacy loss and accuracy gain in their collaboration. In this paper, by focusing on a two-player setting, we model the collaborative training process as a two-player game where each player aims to achieve higher accuracy while preserving the privacy of its own dataset. We introduce the notion of Price of Privacy, a novel approach for measuring the impact of privacy protection on the accuracy in the proposed framework. Furthermore, we develop a game-theoretical model for different player types, and then either find or prove the existence of a Nash Equilibrium with regard to the strength of privacy protection for each player. Using recommendation systems as our main use case, we demonstrate how two players can make practical use of the proposed theoretical framework, including setting up the parameters and approximating the non-trivial Nash Equilibrium.

Towards protected VNFs for multi-operator service delivery

E. Marku and G. Biczók and C. Boyd

1st International Workshop on Cyber-Security Threats, Trust and Privacy Management in Software-defined and Virtualized Infrastructures (SecSoft), IEEE, 2019, co-located with IEEE NetSoft 2019.

Bibtex

@inproceedings {
   author = {Enio Marku and Gergely Biczók and Colin Boyd},
   title = {Towards protected VNFs for multi-operator service delivery},
   booktitle = {1st International Workshop on Cyber-Security Threats, Trust and Privacy Management in Software-defined and Virtualized Infrastructures (SecSoft)},
   publisher = {IEEE},
   year = {2019},
   note = {co-located with IEEE NetSoft 2019}
}

Abstract

Towards Systematic Specification of Non-Functional Requirements for Sharing Economy Services

I. Symeonidis and J. Schroers and M. A. Mustafa and G. Biczók

1st International Workshop on Smart Circular Economy (co-located with IEEE DCOSS), IEEE, 2019.

Bibtex

@inproceedings {
   author = {Iraklis Symeonidis and J. Schroers and M. A. Mustafa and Gergely Biczók},
   title = {Towards Systematic Specification of Non-Functional Requirements for Sharing Economy Services},
   booktitle = {1st International Workshop on Smart Circular Economy (co-located with IEEE DCOSS)},
   publisher = {IEEE},
   year = {2019}
}

Abstract

2018

Collateral damage of Facebook third-party applications: a comprehensive study

I. Symeonidis and G. Biczók and F. Shirazi and C. Perez-Sola and J. Schroers and B. Preneel

Computers & Security, vol. 77, 2018, pp. 179-208.

Bibtex | Abstract

@article {
   author = {Iraklis Symeonidis and Gergely Biczók and Fatemeh Shirazi and Cristina Perez-Sola and J. Schroers and Bart Preneel},
   title = {Collateral damage of Facebook third-party applications: a comprehensive study},
   journal = {Computers & Security},
   volume = {77},
   year = {2018},
   pages = {179-208}
}

Abstract

Third-party applications on Facebook can collect personal data of the users who install them, but also of their friends. This raises serious privacy issues as these friends are not notified by the applications nor by Facebook and they have not given consent. This paper presents a detailed multi-faceted study on the collateral information collection of the applications on Facebook. To investigate the views of the users, we designed a questionnaire and collected the responses of 114 participants. The results show that participants are concerned about the collateral information collection and in particular about the lack of notification and of mechanisms to control the data collection. Based on real data, we compute the likelihood of collateral information collection affecting users: we show that the probability is significant and greater than 80% for popular applications such as TripAdvisor. We also demonstrate that a substantial amount of profile data can be collected by applications, which enables application providers to profile users. To investigate whether collateral information collection is an issue to users’ privacy we analysed the legal framework in light of the General Data Protection Regulation. We provide a detailed analysis of the entities involved and investigate which entity is accountable for the collateral information collection. To provide countermeasures, we propose a privacy dashboard extension that implements privacy scoring computations to enhance transparency toward collateral information collection. Furthermore, we discuss alternative solutions highlighting other countermeasures such as notification and access control mechanisms, cryptographic solutions and application auditing. To the best of our knowledge this is the first work that provides a detailed multi-faceted study of this problem and that analyses the threat of user profiling by application providers.

POSTER: The Price of Privacy in Collaborative Learning

B. Pejo and Q. Tang and G. Biczók

CCS 2018 Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, ACM, 2018.

Bibtex | Abstract

@inproceedings {
   author = {Balazs Pejo and Q. Tang and Gergely Biczók},
   title = {POSTER: The Price of Privacy in Collaborative Learning},
   booktitle = {CCS 2018 Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security},
   publisher = {ACM},
   year = {2018}
}

Abstract

Machine learning algorithms have reached mainstream status and are widely deployed in many applications. The accuracy of such algorithms depends significantly on the size of the underlying training dataset; in reality a small or medium sized organization often does not have enough data to train a reasonably accurate model. For such organizations, a realistic solution is to train machine learning models based on a joint dataset (which is a union of the individual ones). Unfortunately, privacy concerns prevent them from straightforwardly doing so. While a number of privacy-preserving solutions exist for collaborating organizations to securely aggregate the parameters in the process of training the models, we are not aware of any work that provides a rational framework for the participants to precisely balance the privacy loss and accuracy gain in their collaboration. In this paper, we model the collaborative training process as a two-player game where each player aims to achieve higher accuracy while preserving the privacy of its own dataset. We introduce the notion of Price of Privacy, a novel approach for measuring the impact of privacy protection on the accuracy in the proposed framework. Furthermore, we develop a game-theoretical model for different player types, and then either find or prove the existence of a Nash Equilibrium with regard to the strength of privacy protection for each player.

Privacy-Preserving Release of Spatio-Temporal Density

G. Ács and G. Biczók and C. Castelluccia

A. Gkoulalas-Divanis and Claudio Bettini (Eds.), Handbook of Mobile Data Privacy, pp. 307-335, Springer, 2018.

Bibtex | Abstract

@inbook {
   author = {Gergely Ács and Gergely Biczók and Claude Castelluccia},
   editor = {A. Gkoulalas-Divanis and Claudio Bettini (Eds.)},
   title = {Privacy-Preserving Release of Spatio-Temporal Density},
   chapter = {Handbook of Mobile Data Privacy},
   pages = {307-335},
   publisher = {Springer},
   year = {2018}
}

Abstract

In today’s digital society, increasing amounts of contextually rich spatio-temporal information are collected and used, e.g., for knowledge-based decision making, research purposes, optimizing operational phases of city management, planning infrastructure networks, or developing timetables for public transportation with an increasingly autonomous vehicle fleet. At the same time, however, publishing or sharing spatio-temporal data, even in aggregated form, is not always viable owing to the danger of violating individuals’ privacy, along with the related legal and ethical repercussions. In this chapter, we review some fundamental approaches for anonymizing and releasing spatio-temporal density, i.e., the number of individuals visiting a given set of locations as a function of time. These approaches follow different privacy models providing different privacy guarantees as well as accuracy of the released anonymized data. We demonstrate some sanitization (anonymization) techniques with provable privacy guarantees by releasing the spatio-temporal density of Paris, in France. We conclude that, in order to achieve meaningful accuracy, the sanitization process has to be carefully customized to the application and public characteristics of the spatio-temporal data.

2017

Manufactured by software: SDN-enabled multi-operator composite services with the 5G Exchange

H Lønsethagen and P Heegaard and L. Toka and M Dramitinos and G. Biczók

IEEE Communications Magazine, vol. 55, no. 4, 2017.

Bibtex | Abstract

@article {
   author = {Håkon Lønsethagen and Poul E. Heegaard and Laszlo Toka and Manos Dramitinos and Gergely Biczók},
   title = {Manufactured by software: SDN-enabled multi-operator composite services with the 5G Exchange},
   journal = {IEEE Communications Magazine},
   volume = {55},
   number = {4},
   year = {2017}
}

Abstract

Bla

2016

Collateral Damage of Facebook Apps: Friends, Providers, and Privacy Interdependence

B. Preneel and C. Perez-Sola and G. Biczók and F. Shirazi and I. Symeonidis

IFIP International Conference on ICT Systems Security and Privacy Protection (IFIP SEC), Springer, 2016.

Bibtex | Abstract

@inproceedings {
   author = {Bart Preneel and Cristina Perez-Sola and Gergely Biczók and Fatemeh Shirazi and Iraklis Symeonidis},
   title = {Collateral Damage of Facebook Apps: Friends, Providers, and Privacy Interdependence},
   booktitle = {IFIP International Conference on ICT Systems Security and Privacy Protection (IFIP SEC)},
   publisher = {Springer},
   year = {2016}
}

Abstract

Third-party apps enable a personalized experience on social networking platforms; however, they give rise to privacy interdependence issues. Apps installed by a user’s friends can collect and potentially misuse her personal data inflicting collateral damage on the user while leaving her without proper means of control. In this paper, we present a multi-faceted study on the collateral information collection of apps in social networks. We conduct a user survey and show that Facebook users are concerned about this issue and the lack of mechanisms to control it. Based on real data, we compute the likelihood of collateral information collection affecting users; we show that the probability is significant and depends on both the friendship network and the popularity of the app. We also show its significance by computing the proportion of exposed user attributes including the case of profiling, when several apps are offered by the same provider. Finally, we propose a privacy dashboard concept enabling users to control the collateral damage.

Private VNFs for collaborative multi-operator service delivery: An architectural case

C. Boyd and N. Bereczky and B. Sonkoly and G. Biczók

IEEE/IFIP Network Operations and Management Symposium (NOMS), IEEE, 2016.

Bibtex | Abstract

@inproceedings {
   author = {Colin Boyd and Nikolett Bereczky and Balázs Sonkoly and Gergely Biczók},
   title = {Private VNFs for collaborative multi-operator service delivery: An architectural case},
   booktitle = {IEEE/IFIP Network Operations and Management Symposium (NOMS)},
   publisher = {IEEE},
   year = {2016}
}

Abstract

Flexible service delivery is a key requirement for 5G network architectures. This includes the support for collaborative service delivery by multiple operators, when an individual operator lacks the geographical footprint or the available network, compute or storage resources to provide the requested service to its customer. Network Function Virtualisation is a key enabler of such service delivery, as network functions (VNFs) can be outsourced to other operators. Owing to the (partial lack of) contractual relationships and co-opetition in the ecosystem, the privacy of user data, operator policy and even VNF code could be compromised. In this paper, we present a case for privacy in a VNF-enabled collaborative service delivery architecture. Specifically, we show the promise of homomorphic encryption (HE) in this context and its performance limitations through a proof of concept implementation of an image transcoder network function. Furthermore, inspired by application-specific encryption techniques, we propose a way forward for private, payload-intensive VNFs.

Sharing is Power: Incentives for Information Exchange in Multi-Operator Service Delivery

L. Toka and G. Biczók and P Heegaard

IEEE Global Communications Conference (GLOBECOM), IEEE, 2016.

Bibtex

@inproceedings {
   author = {Laszlo Toka and Gergely Biczók and Poul E. Heegaard},
   title = {Sharing is Power: Incentives for Information Exchange in Multi-Operator Service Delivery},
   booktitle = {IEEE Global Communications Conference (GLOBECOM)},
   publisher = {IEEE},
   year = {2016}
}

Abstract

2015

On pricing online data backup

G. Biczók and L. Toka

IEEE INFOCOM Smart Data Pricing WS, IEEE, 2015.

Bibtex

@inproceedings {
   author = {Gergely Biczók and Laszlo Toka},
   title = {On pricing online data backup},
   booktitle = {IEEE INFOCOM Smart Data Pricing WS},
   publisher = {IEEE},
   year = {2015}
}

Abstract

2013

Interdependent Privacy: Let Me Share Your Data

P. Chia and G. Biczók

Financial Cryptography & Data Security, Springer, 2013.

Bibtex | Abstract

@inproceedings {
   author = {Pern Hui Chia and Gergely Biczók},
   title = {Interdependent Privacy: Let Me Share Your Data},
   booktitle = {Financial Cryptography & Data Security},
   publisher = {Springer},
   year = {2013}
}

Abstract

Users share massive amounts of personal information and opinion with each other and different service providers every day. In such an interconnected setting, the privacy of individual users is bound to be affected by the decisions of others, giving rise to the phenomenon which we term as interdependent privacy. In this paper we define online privacy interdependence, show its existence through a study of Facebook application permissions, and model its impact through an Interdependent Privacy Game (IPG). We show that the arising negative externalities can steer the system into equilibria which are inefficient for both users and platform vendor. We also discuss how the underlying incentive misalignment, the absence of risk signals and low user awareness contribute to unfavorable outcomes.