Homepage of Ioannis Krontiris

    ikrontiris@posteo.de
   

    (last updated: June 2019)
 

    Publications / Professional Activities

What's new?
About me

I am currently working as a Privacy Engineer at the European Research Center of Huawei in Munich, Germany.
I hold a Ph.D. Degree in Computer Science from University of Mannheim in Germany, and a M.Sc. Degree in Information Technology from Carnegie Mellon University in USA.
An overview of my current and past positions:


Expertise

My PhD research was focused on Security in Connected Smart Objects. Since then I have broadened my interests to include the following topics:


Projects

Some of the cool projects I have worked on in the recent past:

Cloud

A common objective of attacks targeting cloud resources is to use the compute power of these resources to execute other attacks. For example cryptomining malware makes 90% of remote code execution attacks. The project was to implement threat detection for popular cloud services, which identifies anomalous activities and potentially harmful attempts to exploit these services. This involves collecting IP addresses which is considered as personal data, explicitly so by GDPR. In this project collecting and sharing threat intelligence information was done in a manner compliant to GDPR.

Big Data

Under GDPR, data that cannot be traced back to a particular individual can be kept and used for processing.  However proper data anonymization is no small task and especially in the context of big data, the task is becoming even more challenging. The project was to apply Privacy Enhancing Technologies like Differential Privacy and k-Anonymity to anonymize big data in such a way that their utility is not lost when executing data mining algorithms on them.

Adoption of Privacy Enhancing Technologies

Privacy Design Patterns - This is an ongoing project and a continuous effort to collect and document common practices to solve typical privacy problems. Especially I am interested in formulating such design patterns for engineers who design new services and they adopt the Privacy by Design approach as prescribed by GDPR.

Human Factors of PETs - This project involved a user trial to understand the factors that influence users' intention to use Privacy Enhancing Technologies (PETs) and how they perceive the trade-off between benefits and costs connected with the usage of these tools. The user acceptance of PETs had rarely been studied outside the laboratory and so we are one of the first to present such results.

Identity Management

Minimizing the disclosure of Personally Identifiable Information (PII) is a basic requirement to realize the Privacy by Design (PbD) notions. While technologies such as SAML or OpenID allow a selective disclosure of PII, these approaches are based on the presence of a Trusted Third Party (TTP) that needs to be queried during interaction with the service. One of the most advanced Privacy-Enhancing Technologies today is the Privacy-Preserving Attribute-Based Credentials, which enable users to disclose a minimal set of credential attributes to services, or to perform anonymous proofs of possession of certain credentials or attribute values matching certain criteria, while limiting the linkability of identity-related transactions.

ABC4Trust was an FP7 research project (2010-2015) with the objective to define a common, unified architecture for privacy-respecting ABC systems to allow comparing their respective features and combining them on common platforms. I was involved with the coordination the project as well as the architecture workpackage, dissemination of the results and evaluation of the user trials.

Internet of Things

Connected Vehicles - The C-ITS environment requires a trust element that must, at a minimum, provide cryptomaterial that enables trust, both in the contents of messages, and the protection of data from unintended readers. This can be achieved by building on PKI. However the systems currently under development in the US, Australia and EU are somewhat different in their approach.

Mobile Phones - Mobile phones have very sophisticated sensing capabilities and they are an important building block of the Internet of Things. People and their mobile devices can provide their collected data streams in accessible ways to third parties interested in integrating and remixing the data for a specific purpose. This trend is often named Mobile Crowdsensing. With this important new shift in mobile device usage – from a communication tool to a ubiquitous “experience sharing instrument” – comes a new dimension in trust and privacy challenges. In this project I have worked in designing and implementing a platform that protects the anonymity of both requesters and producers, while at the same time it enables the incorporation of trust frameworks, incentive mechanisms and privacy-respecting reputation schemes.

Wireless Sensor Networks - In this project we have worked in building an attack tool for Wireless Sensor Networks. It can identify common applied protocols and use this information for performing attacks such as Sinkhole attack, Replay attack, or Injecting malicious code in order to take control over the network. On the other hand I have worked extensively in building defensive mechanisms for WSNs, such as intrusion detection and authentication mechanisms.


Selected Recent Publications (Full list here)


Professional Activities (Full list here)
Program Committee Member (Full list here)

Talks and Panels