Abstract
Recent research on online censorship has provided valuable insights into common censorship strategies and censors' tolerance for collateral damage. A consistent finding across these studies is that censors tend to favour cost-effective techniques such as proxy enumeration, active probing, and deep packet inspection (DPI), rather than more complex and non-deterministic methods such as deep learning-based traffic analysis. For example, a recent study on the Snowflake censorship evasion system reinforced this finding by demonstrating that authoritarian regimes primarily relied on DPI to target the system. However, as censorship techniques continue to evolve, two critical questions arise: (1) What future attack vectors are likely to emerge based on current research and observed censor capabilities? (2) How can these emerging threats, along with previously utilised censorship methods, be effectively mitigated? In this paper, we present Obscura, a censorship evasion system designed to resist cost-effective, historically grounded censorship techniques while also defending against a class of plausible future attacks within a cost-effective threat model targeting WebRTC-based censorship evasion systems. Obscura is built upon four core features: (1) encapsulation of traffic within WebRTC media streams, (2) the use of a reliability layer, (3) support for both browser-based and Pion-based clients and proxy instances, and (4) the use of ephemeral proxies. Each feature is intended to mitigate either a known attack observed in the wild or a theoretically plausible attack consistent with the capabilities of a cost-effective censor. We provide a security analysis to justify our design choices and a performance evaluation to demonstrate that Obscura maintains reasonable throughput for typical online activities.

Abstract
In recent years, code-reuse attacks have been used to exploit software vulnerabilities and gain control of numerous software programs and embedded devices. Several measures have been put in place to prevent this type of attack, such as Control-Flow Integrity (CFI) systems, and some of these systems have already been integrated into hardware. Nevertheless, Function-Oriented Programming (FOP) attacks, a form of code-reuse that chains functions to carry out malicious actions, continue to persist. In this work, we present the first analysis of the implications and feasibility of FOP attacks on microcontrollers, focusing on ARM Cortex-M processors that support PACBTI, that is, a hardware feature designed for CFI system implementation. During this process, we identified multiple dispatch gadgets in two common Real-time Operating System (RTOS). Since these gadgets reside within core OS functionalities, they are inherently included in a broad range of embedded operating systems. Furthermore, we also present CortexMFopper - a tool specially built to identify FOP gadgets in embedded devices and to raise awareness of this technique.

Abstract
With the proliferation of Internet of Things (IoT) devices, there is an increasing need to prioritize their security, especially in the context of identity and authentication mechanisms. However, IoT devices have unique limitations in terms of computational capabilities and susceptibility to hardware attacks, which pose significant challenges to establishing strong identity and authentication systems. Paradoxically, the very hardware constraints responsible for these challenges can also offer potential solutions. By incorporating hardware-based identity implementations, it is possible to overcome computational and energy limitations, while bolstering resistance against both hardware and software attacks. This research addresses these challenges by investigating the vulnerabilities and obstacles faced by identity and authentication systems in the IoT context, while also exploring potential technologies to address these issues. Each identified technology underwent meticulous investigation, considering known security attacks, implemented countermeasures, and an assessment of their pros and cons. Furthermore, an extensive literature survey was conducted to identify instances where these technologies have effectively supported device identity. The research also includes a demonstration that evaluates the effectiveness of hardware trust anchors in mitigating various attacks on IoT identity. This empirical evaluation provides valuable insights into the challenges developers encounter when implementing hardware-based identity solutions. Moreover, it underscores the substantial value of these solutions in terms of mitigating attacks and developing robust identity frameworks. By thoroughly examining vulnerabilities, exploring technologies, and conducting empirical evaluations, this research contributes to understanding and promoting the adoption of hardware-based identity and authentication systems in secure IoT environments. The findings emphasize the challenges faced by developers and highlight the significance of hardware trust anchors in enhancing security and facilitating effective identity solutions.

Abstract
Anonymity networks like Tor significantly enhance online privacy but are vulnerable to correlation attacks by state-level adversaries. While covert channels encapsulated in media protocols, particularly WebRTC-based encapsulation, have demonstrated effectiveness against passive traffic correlation attacks, their resilience against active correlation attacks remains unexplored, and their compatibility with Tor has been limited. This paper introduces TorKameleon, a censorship evasion solution designed to protect Tor users from both passive and active correlation attacks. TorKameleon employs K-anonymization techniques to fragment and reroute traffic through multiple TorKameleon proxies, while also utilizing covert WebRTC-based channels or TLS tunnels to encapsulate user traffic.

Abstract
As the digital world grows, data is being collected at high speed on a continuous and real-time scale. Hence, the imposed imbalanced and evolving scenario that introduces learning from streaming data remains a challenge. As the research field is still open to consistent strategies that assess continuous and evolving data properties, this paper proposes an unsupervised, online, and incremental anomaly detection ensemble of influence trees that implement adaptive mechanisms to deal with inactive or saturated leaves. This proposal features the fourth standardized moment, also known as kurtosis, as the splitting criteria and the isolation score, Shannon's information content, and the influence function of an instance as the anomaly score. In addition to improving interpretability, this proposal is also evaluated on publicly available datasets, providing a detailed discussion of the results.