Abstract
Over the last years, it has become clear that online games are one of the most used applications on the Internet. This increasing popularity has attracted an influx of players, with some of them trying to gain an unfair advantage for economic reasons, e.g., eSports tournaments, through the use of cheats and exploits. From a different perspective, it is of utmost importance to start analyzing attacks from a defensive perspective to create novel mechanisms that can stop such behaviors. In this work, we introduce a novel solution that extends current anti-cheat solutions through Intel SGX. Our solution moves the core cheat detection engine to a secure enclave provided by SGX while making use of a kernel module for the necessary primitives for system-wide protection. With this, we can prevent client-side tampering in both game code and configuration data by creating a trusted execution environment isolated from the hosting operating system. We are making it capable of preventing the attacker from modifying the cheat detection engine and associated game files. This solution blocks known attacks in games such as CS:GO while maintaining the performance, ensuring gameplay integrity and fairness.

Abstract
The ever-increasing number of interconnected devices in smart environments, i.e., homes and cities, is bolstering the amount of data generated and exchanged. These devices can range from small embedded platforms, such as those included in home appliances, to critical operational systems, such as traffic lights. However, this increasing adoption is raising significant security and privacy concerns. Although some researchers have already solved some of these issues, data privacy still lacks a viable solution, especially when considering a flexible, decentralized approach to avoid a central overseer. One of the biggest challenges regarding privacy is the lack of transparency about how data flows are mediated and regulated as, often, these resources share data with external entities without the users' knowledge. We argue that a novel data-sharing control mechanism is required to properly control users' privacy and their respective Internet of Things (IoT) devices. This work focuses on a middleware layer solution for the IoT devices, which allows the control of the data generated by the device by its owner. The platform places the user as an active participant in the data market, behaving as its own data intermediary for potential consumers by monitoring, controlling, and negotiating the usage of their data.

Abstract

Abstract

Abstract
Nowadays the use of container technologies is ubiquitous and thus the need to make them secure arises. Container technologies such as Docker provide several options to better improve container security, one of those is the use of a Seccomp profile. A major problem with these profiles is that they are hard to maintain because of two different factors: they need to be updated quite often and present a complex and time consuming task to determine exactly what to update, therefore not many people use them. The research goal of this paper is to make Seccomp profiles a viable technique in a production environment by proposing a reliable method to generate custom Seccomp profiles for arbitrary containerized application. This research focused on developing a solution with few requirements allowing for an easy integration with any environment with no human intervention. Results show that using a custom Seccomp profile can mitigate several attacks and even some zero day vulnerabilities on containerized applications. This represents a big step forward on using Seccomp in a production environment, which would benefit users worldwide.

Abstract