Abstract
Byzantine fault tolerant (BFT) protocols are designed to increase system dependability and security. They guarantee liveness and correctness even in the presence of arbitrary faults. However, testing and validating BFT systems is not an easy task. As is the case for most concurrent and distributed applications, the correctness of these systems is not solely dependant on algorithm and protocol correctness. Ensuring the correct behaviour of BFT systems requires exhaustive testing under real-world scenarios. An approach is to use fault injection tools that deliberate introduce faults into a target system to observe its behaviour. However, existing tools tend to be designed for specific applications and systems, thus cannot be used generically. We argue that more advanced and powerful tools and frameworks are needed for testing the security and safety of distributed applications in general, and BFT systems in particular. Specifically, a fault injection framework that can be integrated into both client and server side applications, for testing them exhaustively. We present ZERMIA, a modular and extensible fault injection framework, designed for testing and validating concurrent and distributed applications. We validate ZERMIA’s principles by conduction a series of experiments on a distributed applications and a state of the art BFT library, to show the benefits of ZERMIA for testing and validating applications. © 2021, Springer Nature Switzerland AG.

Abstract
In order to secure wireless communications, we consider the usage of physical-layer security (PLS) mechanisms (i.e., coding for secrecy mechanisms) combined with self-interference generation. We present a prototype implementation of a scrambled coding for secrecy mechanisms with interference generation by the legitimate receiver and the cancellation of the effect of self-interference (SI). Regarding the SI cancellation, four state-of-the-art algorithms were considered: Least mean square (LMS), normalized least mean square (NLMS), recursive least squares (RLS) and QR decomposition recursive least squares (QRDRLS). The prototype implementation is performed in real-world software-defined radio (SDR) devices using GNU-Radio, showing that the LMS outperforms all other algorithms considered (NLMS, RLS and QRDRLS), being the best choice to use in this situation (SI cancellation). It was also shown that it is possible to secure communication using only noise generation by the legitimate receiver, though a variation of the packet loss rate (PLR) and the bit error rate (BER) gaps is observed when moving from the fairest to an advantageous or a disadvantageous scenario. Finally, when noise generation was combined with the adapted scrambled coding for secrecy with a hidden key scheme, a noteworthy security improvement was observed resulting in an increased BER for Eve with minor interference to Bob.

Abstract
Due to the pervasiveness of always connected devices, large amounts of heterogeneous data are continuously being collected. Beyond the benefits that accrue for the users, there are private and sensitive information that is exposed. Therefore, Privacy-Preserving Mechanisms (PPMs) are crucial to protect users' privacy. In this paper, we perform a thorough study of the state of the art on the following topics: heterogeneous data types, PPMs, and tools for privacy protection. Building from the achieved knowledge, we propose a privacy taxonomy that establishes a relation between different types of data and suitable PPMs for the characteristics of those data types. Moreover, we perform a systematic analysis of solutions for privacy protection, by presenting and comparing privacy tools. From the performed analysis, we identify open challenges and future directions, namely, in the development of novel PPMs. (C) 2021 The Authors. Published by Elsevier Inc.

Abstract
Privacy is becoming a crucial requirement in many machine learning systems. In this paper we introduce an efficient and secure distributed K-Means algorithm, that is robust to non-IID data. The base idea of our proposal consists in each client computing the K-Means algorithm locally, with a variable number of clusters. The server will use the resultant centroids to apply the K-Means algorithm again, discovering the global centroids. To maintain the client's privacy, homomorphic encryption and secure aggregation is used in the process of learning the global centroids. This algorithm is efficient and reduces transmission costs, since only the local centroids are used to find the global centroids. In our experimental evaluation, we demonstrate that our strategy achieves a similar performance to the centralized version even in cases where the data follows an extreme non-IID form.

Abstract
In this article, we investigate the secure spectral efficiency of an ultrareliable low-latency communication system, where communications occur with short packets due to delay constraints, so that a finite blocklength formulation is considered. In addition, we assume that no feedback channel is available to implement automatic repeat request schemes, so that packet replication (PR) and interface diversity (ID) strategies are used to improve performance, which are then compared in terms of physical-layer security while considering a Nakagami-m fading channel. Furthermore, we assume no knowledge of the instantaneous channel state information at Alice, neither with respect to Bob nor Eves, while the position of multiple colluding eavesdroppers are specified according to a Poisson point process. Numerical results show that the joint optimization of the blocklength, the transmit power, and the amount of information bits per codeword are crucial to maximize the secure spectral efficiency. In addition, we also show that ID outperforms the PR strategy in most scenarios when the number of replications/interfaces increases.

Abstract
Polar codes have been shown to provide an effective mechanism for achieving physical-layer security over various wiretap channels. A majority of these schemes require channel state information (CSI) at the encoder for both intended receivers and eavesdroppers. In this paper, we consider a polar coding scheme for secrecy over a Gaussian wiretap channel when no CSI is available. We show that the availability of a shared keystream between friendly parties allows polar codes to be used for both secure and reliable communications, even when the eavesdropper knows a large fraction of the keystream. The scheme relies on a predetermined strategy for partitioning the bits to be encoded into a set of frozen bits and a set of information bits. The frozen bits are filled with bits from the keystream, and we evaluate the security gap when the cyclic redundancy check-aided successive cancellation list decoder is used at both receivers in the wiretap channel model.