blockchain-based consents management for personal data ...utopia.duth.gr › ~kdemertz › papers...
TRANSCRIPT
Blockchain-based Consents Management for Personal Data Processing inthe IoT Ecosystem
Konstantinos Rantos1, George Drosatos2, Konstantinos Demertzis1, Christos Ilioudis3 andAlexandros Papanikolaou3
1Dept. of Computer and Informatics Engineering, Eastern Macedonia and Thrace Institute of Technology, Kavala, Greece2Dept. of Electrical and Computer Engineering, Democritus University of Thrace, Xanthi, Greece
3Dept. of Information Technology, Alexander Technological Educational Institute of Thessaloniki, Thessaloniki, Greece
Keywords: Privacy, Internet of Things, GDPR, Digital Consents Management, Blockchain, Ontology Matching.
Abstract: In the Internet of Things (IoT) ecosystem the volume of data generated by devices in the user’s environment isconstantly increasing and becoming of particular value. In such an environment the average user is bound toface considerable difficulties in understanding the size and scope of his/her collected data. However, the pro-visions of the European General Data Protection Regulation (GDPR) require data subjects to be able to controltheir personal data, be informed and consent to its processing in an intelligible manner. This paper proposesADVOCATE, a framework that facilitates GDPR-compliant processing of personal data in IoT environments.The present work aims to assist stakeholders, i.e. Data Controllers and Processors, satisfy GDPR require-ments, such as informing data subjects in a transparent and unambiguous manner about the data they willmanage, the processing purposes and periods. Respectively, data subjects will be promptly and comprehen-sively informed about any processing requests addressed to them, create and edit processing policies, exercisetheir rights in access, correction, deletion, restriction and opposition to data processing. Simultaneously, anotary service using blockchain infrastructures will ensure consents’ security and an intelligent service willinform data subjects about the quality of their consents.
1 INTRODUCTION
The rapid and sometimes uncontrolled growth of theInternet of Things (IoT) threatens to a great extentthe users’ privacy. Soon, users will be surroundedby a significant number of devices bearing sensorsand actuators (according to some reports there will bemore than 75 billion such devices by 2025 (Lucero,2016)). These devices will collect data that can beused to monitor users and create user profiles, with orwithout their consent. Moreover, they can make auto-mated decision with questionable, if no at all, techni-cal and organisational measures to protect user rightsand freedoms (Roman et al., 2011; Mendez et al.,2017). It is obvious that most of the users will not beable to cope with this vast amount of data, sufficientlyunderstand the scope of the data collected and the dif-ferent processing methods, and have control over theirpersonal data in accordance with the requirements ofthe General Data Protection Regulation – GDPR (Eu-ropean Parliament and Council, 2016).
Although extensive research work has been car-
ried out in the field of user-centric privacy solutionsthere seems to be a wide space of privacy issues thatneed to be investigated in the IoT ecosystem (Sicariet al., 2015), not to mention those that also considerthe GDPR requirements. The latter aims to protectnatural persons with regards to the processing andmovement of their personal data. In this context,GDPR defines the conditions under which data pro-cessing is lawful which include processing (a) on thebasis of a data subject’s consent, (b) for the needs ofa contract, (c) for compliance with a legal obligation,(d) to protect the vital interests of the data subject,(e) for the needs of the public interest and (f) for thelegitimate interests of the controller.
In the IoT ecosystem, and especially in segmentslike smart health and smart homes, processing ismostly accomplished on the grounds of users’ con-sents and for protecting the vital interests of the datasubject. While for the latter condition there is no needto interact with the user, consents should be grantedonly as a result of a declaration provided by the datacontroller in an easily accessible manner for the data
572Rantos, K., Drosatos, G., Demertzis, K., Ilioudis, C. and Papanikolaou, A.Blockchain-based Consents Management for Personal Data Processing in the IoT Ecosystem.In Proceedings of the 15th International Joint Conference on e-Business and Telecommunications (ICETE 2018) - Volume 2: SECRYPT, pages 572-577ISBN: 978-989-758-319-3Copyright © 2018 by SCITEPRESS – Science and Technology Publications, Lda. All rights reserved
subject. The data controller should use clear and plainlanguage and allow separate consents to be given todifferent data processing operations. Even if consentis not required though, data subjects have the right toknow about any personal data processing and the legalgrounds of it.
ADVOCATE aims to provide an environment thatprotects the privacy of users in the IoT ecosystem,in line with the GDPR requirements. In particular,following a user-centric approach to the developmentof IoT solutions (Roman et al., 2013), this frame-work covers the main principles of GDPR accordingto which data controllers will, among others, be ableto inform the users in a transparent and unambiguousmanner about any information relevant to their per-sonal data.
2 RELATED WORK
The need to provide users with the ability to con-trol their personal data generated by smart devices intheir environment is widely recognised (Russell et al.,2015). The European Research Cluster on the Inter-net of Things (IERC) also highlights this need withan additional emphasis on the GDPR (IERC, 2015).However, preserving user privacy in the IoT is not aneasy task (Zhang et al., 2014). Several research ef-forts have been made in the direction of developingsuitable protocols for security and privacy in the IoT,since this is an area that currently attracts a signif-icant amount of research. One of the ways to dealwith the aforementioned challenges is to devise ap-propriate ways for applying policy management ac-cess control, which has been identified as an impor-tant research opportunity by IERC as well as by otherresearchers in the field (Stankovic, 2014; Sicari et al.,2015).
Some indicative examples are presented belowthat aim at providing solutions within this scope.However, they focus more on satisfying certain re-quirements of the GDPR and particularly the needfor getting the user consent prior to any data pro-cessing. The framework proposed in (Cha et al.,2018), allows users to set their privacy preferencesfor the IoT devices they interact with. Additionally,Blockchain technology is employed to both protectand manage the privacy preferences that each user ofthe system has set, thus ensuring that no sensitive datahas been accessed without their consent. The use ofBlockchain gateways is also proposed in (Cha et al.,2017), where the setup is tailored for use with IoT sce-narios. Good practices to be considered for obtaininguser consent for IoT applications in the healthcare do-
main are also proposed in (O’Connor et al., 2017).ADVOCATE addresses the challenges related to
privacy protection in the IoT, especially with regardsto the management of consents as GDPR requires andtries to close a significant gap in this area. It al-lows users manage their consents and formulate theirpersonal data disposal policies considering the cor-responding systems recommendations. Similarly, itprovides data controllers with a useful tool for beingGDPR-compliant.
3 PROPOSED ARCHITECTURE
The ADVOCATE approach concerns a set of sensorsin the user environment that collect data related to thedata subject. Such environments are a smart home,a patient health monitoring system, or activity moni-toring sensors. The use of a portable device, such asa mobile phone, provides a user-friendly environmentfor data subjects to interact and manage their personaldata disposal policy and their consents. It also pro-vides a way for data controllers to interact with datasubjects and obtain the necessary consents. The pro-posed architecture focusing, for the sake of simplic-ity, on smart cities and health ecosystems, is depictedin Figure 1. ADVOCATE, visualised as a cloud ser-vices platform, consists of the functional componentsdescribed in the following sections. The main AD-VOCATE components are analysed in the followingsections while their role in consents management isdepicted in Figure 2.
3.1 Consent Management Component
At the core of ADVOCATE is the consent manage-ment component, responsible for managing users’personal data disposal policies and the correspond-ing consents, including generation, updates and with-drawals. Utilising this component, data subjects areable to generate generic, domain-specific, or context-based privacy policies comprising a set of rules thatcorrespond to data subjects’ consents. The latter arethe result of requests placed by data controllers foraccess to specific IoT data, for definite processingpurposes and periods, in line with the GDPR require-ments.
Having an interoperable mechanism for placingrequests, granting permissions and formulating poli-cies requires relying on common rules for definingsets of data, as well as the meaning and the usethereof. The foundations of this mechanism are dataprivacy ontologies which ensure that data controller
Blockchain-based Consents Management for Personal Data Processing in the IoT Ecosystem
573
Industry(ial IoT)Industry(ial IoT)
Policy & Consents
E-Health services
Data Storage & Processing
Data Storage & Processing
Data Storage & Processing
IoT Data FlowConsent Request and RetrievalIoT Data FlowConsent Request and RetrievalIoT Data FlowConsent Request and Retrieval
Data controllersUser-side IoT devices
ADvoCATE core platform
Figure 1: ADVOCATE infrastructure.
access requests are projected to data subjects in a uni-fied and unambiguous manner.
The use of ontologies solves in principle the IoTdevice heterogeneity problems, contributing to thesafety and privacy of users (Mozzaquatro et al., 2015).Ontologies can also provide a unified description forsolving the problem of semantic heterogeneity in thefield of Internet security with user-defined rules (Xuet al., 2017). Moreover, they contribute to the de-scription of threats, attacks, impacts, controls and vul-nerabilities and the definition of relationships amongthem, with many important advantages (Pereira andSantos, 2009). In ADVOCATE they will also facili-tate intelligence policies analysis, as described in Sec-tion 3.3.
Several ontologies have been defined to supportprivacy and allow users to express access controlrules for sharing data. The authors in (Passant et al.,2009) observe that protecting data does not merelymean granting access or not to the full data, but inmost cases users require more fine-grained privacypreferences that define access privileges to specificdata. The ontology that is close to the needs ofADVOCATE is proposed in (Bartolini et al., 2017).Although being a work in progress, the proposedmodel considers an early version of GDPR and de-fines an ontology to model data protection require-ments. Adopting an appropriate ontology for dataprivacy will also facilitate specifying enforceable pri-vacy policies. This implies that the description ofpolicies is based on well-defined policy languages,such as the eXtensible Access Control Markup Lan-guage (XACML), to assist the decision making pro-cess. EnCoRe (EnCoRe Project, 2010) has alsoadopted XACML for enforcing policy based accesscontrol.
The adoption of a single ontology by ADVOCATEthough, does not preclude the use of similar or com-petitive ontologies by participating data controllers.In that case ontology matching mechanisms have tobe deployed to reduce semantic gaps between dif-ferent overlapping representations of the same dataprivacy related information (Otero-Cerdeira et al.,2015). An ontology matching process typically usesseveral and different types of matchers such as la-bels, instances, and taxonomy structures to identifyand calculate the similarity among ontologies. On-tology matching methods based on machine learninghave been proved to provide more accurate and reli-able matching results (Eckert et al., 2009).
In ADVOCATE, we can use ontology matchingbased on a semi-supervised learning approach. Givena small set of validated matching entity pairs, themethod initially exploits the dominant relations in thesimilarity space to enrich positive training examples.After getting more training examples, a graph-basedsemi-supervised learning algorithm is employed toclassify the remaining candidate entity pairs intomatched and non-matched groups (Zhu et al., 2003).
3.2 Consent Notary Component
The consent notary component constitutes an impor-tant and structural component of the proposed archi-tecture responsible for ensuring the validity, integrityand non-repudiation of data subjects’ consents, aswell as the privacy of contracting users. It assures thatthe generated consents (and the corresponding poli-cies) are up-to-date and protected against maliciousor unauthorized attempts to repudiate or alter them.
For the integrity and non-repudiation of consents,both state-of-the-art technologies of the Blockchain
SECRYPT 2018 - International Conference on Security and Cryptography
574
ADVOCATE Activity Diagram
ADVOCATE Core Platform
Data ControllerData Subject
AD
VO
CA
TE C
on
sen
t C
rea
tio
n a
nd
Po
licy
Up
da
te
IoT Device Discovery
Device Registration
Register DeviceRegister Device and Advocate Platform
Place Request
Request Analysis & Recommendations
Format Request /Inform Data Subject
Where is request sent to?
to Data Subject
Forward request for analysis
(Signed) Requestto ADVOCATE
Present to Data Subject
Data Subject Decision
stakeholders' signature
Sign Consent
Prepare Smart Contract
Add to Blockchain
Update User Policy Consent
Management
Consent Notary
IntelligentPolicies
Analysis
Sign data processing purposes, periods
Figure 2: Interaction of ADVOCATE components duringintroduction of new consents.
infrastructures (Nakamoto, 2008) as well as basictechniques of the Public Key Infrastructure (PKI)(Housley et al., 1999) can be utilised. The use ofa blockchain infrastructure, that was firstly intro-duced to secure transactions in Bitcoin cryptocur-rency (Nakamoto, 2008), constitutes a cutting-edgetechnology for data integrity. Blockchain infrastruc-ture is a highly innovative technology with a widerange of applications that extend from cryptocurrencyto IoT, smart contracts, smart property, digital contentdistribution and even to health data management (Yli-Huumo et al., 2016; Conoscenti et al., 2016; Mytis-Gkometh et al., 2018).
In ADVOCATE we focus on the concept of smartcontracts that have been introduced by Ethereum(Buterin, nd), which defines the rules and penaltiesaround an agreement in a similar fashion that a con-ventional contract does, but also automatically en-forces these obligations. In public blockchains, suchas Bitcoin and Ethereum, all the transactions are pub-lic and there is no direct link to the actual user iden-
tities. However, in applications that require non-repudiation, identities should be irrevocably main-tained; this can be ensured by the appropriate useof public key infrastructure solutions (Housley et al.,1999). In the proposed framework, consents would bedigitally signed by contracting parties to ensure thenon-repudiation and the hashed version of the con-sents would be submitted to a blockchain infrastruc-ture to ensure their integrity and anonymity.
The workflow of this component is presented asfollows. First, it takes as input the agreed consentfrom the consent management component. This con-sent might be a new one, an update following changesoccurred in the corresponding policies among the par-ties, or a withdrawal notice. Subsequently, a request issent to both the data controller and the data subject tosign the consent using a public key infrastructure thatwill later allow the verification of their identities. Thissigned consent is then hashed (e.g. using SHA-256,SHA-512 or even Keccak-256 hash algorithm that isused by the Ethereum (Buterin, nd)) and the hash isdeployed in a smart contract of the blockchain infras-tructure.
The smart contract between a data subject and adata controller represents a specific consent (initial,updated or withdrawal) for a specific IoT device, andis only deployed in the blockchain that bears the ini-tial consent. Each update on the initial consent oreven its final withdrawal is managed by the smart con-tract and each data contract represents a different ver-sion of the consent. In this way, it is possible via thesmart contract to validate if a particular consent is thelast version of it. Thus, the usage of a blockchaininfrastructure, apart from the consents’ integrity, en-sures the versioning and the withdrawal notice of con-sents. At the end, the consent notary component re-turns the current version of the signed consent to theconsent management component, accompanied by thesmart contract’s address on the blockchain.
At any time, the data controller and the data sub-ject (or any other representative party) can verify thevalidity of the consent: (1) by validating the dig-ital signatures on the consent, and (2) by retriev-ing the respective data contract (i.e., the last version)from the blockchain infrastructure via the smart con-tract and comparing the retrieved hash with the newhash of the claimed digitally signed consent. Theuse of a blockchain infrastructure is crucial for ourplatform to secure the provided consents in a dis-tributed and public verifiable way without one sin-gle trusted party. The digital consents are kept inthe side of the contracting parties, the blockchain in-frastructure only manages the hashes of them and thesmart contracts are deployed using the proposed plat-
Blockchain-based Consents Management for Personal Data Processing in the IoT Ecosystem
575
form’s private key for signing the transactions in theblockchain. This distribution of information amongthe parties preserves data subjects’ privacy their iden-tity is only known among the contracting parties with-out any leakages from the blockchain infrastructure.Overall, the proposed platform provides a transparentway of storing and processing personal data in the IoTecosystem that ensures the privacy of users.
3.3 Intelligence Component
The intelligence component is responsible for gather-ing and analysing policy data. It is a novel and flexiblehybrid machine learning system that combines an In-telligent Policies Analysis Mechanism (IPAM) to de-tect conflicting rules or policies related to the disposalof personal data and an Intelligent RecommendationMechanism (IReMe) to recommend more personal-ized intelligent rules in real-time for the users privacypolicies.
Intelligent Policies Analysis Mechanism. The In-telligent Policies Analysis Mechanism (IPAM) auto-mates export, analysis and correlation of data sub-jects’ policies. It utilizes intelligent technologies todetect conflicting rules or policies related to the dis-posal of personal data and ensure that they cannot beused for profiling and identification of data subjects.
To achieve this we use Fuzzy Cognitive Maps(FCM), an artificial intelligence technique that incor-porates ideas from recurrent artificial neural networksand fuzzy logic, to create a dynamic model of a de-cision support system. The proposed system controlsthe overall user privacy by creating automated con-trol capabilities. In order to achieve this control, it isneeded to map user’s consent policies and to considerwhether any changes to their privacy statement affectsthe overall privacy.
More specifically, in the proposed FCM, the nodesare linked together by edges and each edge that con-nects two nodes describes the change in the activationvalue. The direction of the edge implies which nodeaffects the others. The causality relationship is posi-tive if there is a direct influence relation, negative ifthere is an inverse influence relation and zero if thetwo nodes are uncorrelated. These relationships aredescribed by the usage of fuzzy linguistics and theyare fuzzified by using membership functions that tak-ing values in the closed interval [-1,1]. Combiningthe theoretical background of fuzzy logic, the FCMcover the comparison and characterization purposesof the reference sets, towards modeling and solvingcomplex problems for which there is no structuredmathematical model (Demertzis et al., 2018).
Intelligent Recommendation Mechanism. The In-telligent Recommendation Mechanism (IReMe) isa computational intelligence and machine learningmechanism that is used to recommend rules for tak-ing decisions. It offers personalized real-time infor-mation for the users privacy policies by utilizing Cog-nitive Filtering (CF) (Yang et al., 2016). The CF rec-ommends items based on a comparison between thecontent of the items and user’s profile. The contentof each item is represented as a set of descriptors orterms. The user’s profile is represented with the sameterms and built up by analyzing the content of itemsthat have been already checked by the user.
In the IReMe, we use a hybrid method consistingof neighborhood-based CF and content-based filteringwhich is a robust model-based method that improvesthe quality of recommendations (Ya-Yueh Shih andDuen-Ren Liu, 2005). The aim of this approach is toachieve more personalized intelligent rules and real-time recommendations for the users privacy policiesin order to avoid any data leakages. Also, this hybridmethod is more versatile, in the sense that it worksbest when the user space is large, it is easy to imple-ment, it scales well with no-correlated items and doesnot require complex tuning of properties.
4 CONCLUSIONS AND FUTUREWORK
In this paper, we proposed a framework that addressesa major emerging need regarding users’ privacy pro-tection in the IoT. Being part of a work in progress,this framework lays the foundations for the establish-ment of trust relationships between data subjects andcontrollers towards a GDPR-compliant IoT ecosys-tem. The aim is to develop a user-centric solution thatwill allow data subjects to formulate and manage theirconsents policies responding to unambiguous accessrequests placed by data controllers. Furthermore, weutilize blockchain technology to support the integrity,the non-repudiation and the versioning of consents ina public verifiable way without any trusted party.
As future work, we intend to investigate furtherthe issues that surround each of the components thatcomprise the proposed framework with an emphasison the development of GDPR-compliant data privacyontologies, the consent notary and the intelligencecomponent. In addition, we aim to study the useof policies, created by our system, in policy-basedaccess control systems, thereby developing an inte-grated personal data management system in the IoT.
SECRYPT 2018 - International Conference on Security and Cryptography
576
REFERENCES
Bartolini, C., Muthuri, R., and Santos, C. (2017). Usingontologies to model data protection requirements inworkflows. In New Frontiers in Artificial Intelligence,volume 10091, pages 233–248. Springer.
Buterin, V. (n.d.). A next-generation smart contractand decentralized application platform. Availableonline at: https://github.com/ethereum/wiki/wiki/White-Paper.
Cha, S. C., Chen, J. F., Su, C., and Yeh, K. H. (2018). Ablockchain connected gateway for ble-based devicesin the internet of things. IEEE Access, PP(99):1–1.
Cha, S. C., Tsai, T. Y., Peng, W. C., Huang, T. C., andHsu, T. Y. (2017). Privacy-aware and blockchain con-nected gateways for users to access legacy iot devices.In 6th Global Conference on Consumer Electronics(GCCE), pages 1–3. IEEE.
Conoscenti, M., Vetro, A., and Martin, J. C. D. (2016).Blockchain for the Internet of Things: A systematicliterature review. In 13th International Conference ofComputer Systems and Applications (AICCSA), pages1–6. IEEE.
Demertzis, K., Iliadis, L. S., and Anezakis, V.-D. (2018).An innovative soft computing system for smart energygrids cybersecurity. Advances in Building Energy Re-search, 12(1):3–24.
Eckert, K., Meilicke, C., and Stuckenschmidt, H. (2009).Improving ontology matching using meta-level learn-ing. In The Semantic Web: Research and Applications,volume 5554, pages 158–172. Springer.
EnCoRe Project (2010). Ensuring Consent and Revocation.www.hpl.hp.com/breweb/encoreproject/.
European Parliament and Council (2016). Regulation (EU)2016/679 of 27 April 2016 on the protection of naturalpersons with regard to the processing of personaldata and on the free movement of such data, and re-pealing Directive 95/46/EC (General Data ProtectionRegulation). Official Journal of the European Union.http://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX\%3A32016R0679.
Housley, R., Ford, W., Polk, W., and Solo, D. (1999). In-ternet X.509 public key infrastructure certificate andCRL profile. RFC 2459, RFC Editor.
IERC (2015). European Research Cluster on the Internet ofThings, Internet of Things: IoT governance, privacyand security issues.
Lucero, S. (2016). Iot platforms: Enabling the Internet ofThings. White paper, IHS Technology.
Mendez, D. M., Papapanagiotou, I., and Yang, B. (2017).Internet of Things: Survey on security and privacy.arXiv:1707.01879v2 [cs.CR].
Mozzaquatro, B. A., Jardim-Goncalves, R., and Agostinho,C. (2015). Towards a reference ontology for secu-rity in the Internet of Things. In International Work-shop on Measurements Networking (M&N), pages 1–6. IEEE.
Mytis-Gkometh, P., Drosatos, G., Efraimidis, P. S., andKaldoudi, E. (2018). Notarization of knowledge re-trieval from biomedical repositories using blockchain
technology. In Precision Medicine Powered bypHealth and Connected Health, volume 66 of IFMBE,pages 69–73. Springer.
Nakamoto, S. (2008). Bitcoin: A peer-to-peer electroniccash system. https://bitcoin.org/bitcoin.pdf.
O’Connor, Y., Rowan, W., Lynch, L., and Heavin, C.(2017). Privacy by design: Informed consent and in-ternet of things for smart health. Procedia ComputerScience, 113:653–658.
Otero-Cerdeira, L., Rodrguez-Martnez, F. J., and Gmez-Rodrguez, A. (2015). Ontology matching: A literaturereview. Expert Systems with Applications, 42(2):949–971.
Passant, A., Laublet, P., Breslin, J. G., and Decker, S.(2009). A URI is worth a thousand tags: From taggingto linked data with MOAT. International Journal onSemantic Web and Information Systems, 5(3):71–94.
Pereira, T. and Santos, H. (2009). An Ontology BasedApproach to Information Security. In Metadataand Semantic Research, volume 46, pages 183–192.Springer.
Roman, R., Najera, P., and Lopez, J. (2011). Securing theInternet of Things. Computer, 44(9):51–58.
Roman, R., Zhou, J., and Lopez, J. (2013). On the featuresand challenges of security and privacy in distributedinternet of things. Computer Networks, 57(10):2266–2279.
Russell, B., Garlat, C., and Lingenfelter, D. (2015). Se-curity guidance for early adopters of the Internet ofThings (IoT). White paper, Cloud Security Alliance.
Sicari, S., Rizzardi, A., Grieco, L. A., and Coen-Porisini,A. (2015). Security, privacy and trust in Internetof Things: The road ahead. Computer Networks,76:146–164.
Stankovic, J. A. (2014). Research directions for the Internetof Things. IEEE Internet of Things Journal, 1(1):3–9.
Xu, G., Cao, Y., Ren, Y., Li, X., and Feng, Z. (2017). Net-work security situation awareness based on semanticontology and user-defined rules for Internet of Things.IEEE Access, 5:21046–21056.
Ya-Yueh Shih and Duen-Ren Liu (2005). Hybrid rec-ommendation approaches: Collaborative filtering viavaluable content information. pages 217b–217b.IEEE.
Yang, Z., Wu, B., Zheng, K., Wang, X., and Lei, L.(2016). A survey of collaborative filtering-based rec-ommender systems for mobile internet applications.IEEE Access, 4:3273–3287.
Yli-Huumo, J., Ko, D., Choi, S., Park, S., and Smolander,K. (2016). Where is current research on blockchaintechnology? – A systematic review. PLOS ONE,11(10):e0163477.
Zhang, Z.-K., Cho, M. C. Y., Wang, C.-W., Hsu, C.-W.,Chen, C.-K., and Shieh, S. (2014). IoT security: On-going challenges and research opportunities. In 7thInternational Conference on Service-Oriented Com-puting and Applications, pages 230–234. IEEE.
Zhu, X., Ghahramani, Z., and Lafferty, J. (2003). Semi-supervised learning using gaussian fields and har-monic functions. In IN ICML, pages 912–919.
Blockchain-based Consents Management for Personal Data Processing in the IoT Ecosystem
577
My Publications
Cyber Security informatics
1. Demertzis, K., Iliadis, L., 2018. A Computational Intelligence System Identifying Cyber-
Attacks on Smart Energy Grids, in: Daras, N.J., Rassias, T.M. (Eds.), Modern Discrete
Mathematics and Analysis: With Applications in Cryptography, Information Systems
and Modeling, Springer Optimization and Its Applications. Springer International
Publishing, Cham, pp. 97–116. https://doi.org/10.1007/978-3-319-74325-7_5
2. Demertzis, K., Iliadis, L., 2017. Computational intelligence anti-malware framework
for android OS. Vietnam J Comput Sci 4, 245–259. https://doi.org/10/gdp86x
3. Demertzis, K., Iliadis, L., 2016. Bio-inspired Hybrid Intelligent Method for Detecting
Android Malware, in: Kunifuji, S., Papadopoulos, G.A., Skulimowski, A.M.J., Kacprzyk,
J. (Eds.), Knowledge, Information and Creativity Support Systems, Advances in
Intelligent Systems and Computing. Springer International Publishing, pp. 289–304.
4. Demertzis, K., Iliadis, L., 2015. A Bio-Inspired Hybrid Artificial Intelligence Framework
for Cyber Security, in: Daras, N.J., Rassias, M.T. (Eds.), Computation, Cryptography,
and Network Security. Springer International Publishing, Cham, pp. 161–193.
https://doi.org/10.1007/978-3-319-18275-9_7
5. Demertzis, K., Iliadis, L., 2015. Evolving Smart URL Filter in a Zone-Based Policy Firewall
for Detecting Algorithmically Generated Malicious Domains, in: Gammerman, A.,
Vovk, V., Papadopoulos, H. (Eds.), Statistical Learning and Data Sciences, Lecture
Notes in Computer Science. Springer International Publishing, pp. 223–233.
6. Demertzis, K., Iliadis, L., 2015. SAME: An Intelligent Anti-malware Extension for
Android ART Virtual Machine, in: Núñez, M., Nguyen, N.T., Camacho, D., Trawiński, B.
(Eds.), Computational Collective Intelligence, Lecture Notes in Computer Science.
Springer International Publishing, pp. 235–245.
7. Demertzis, K., Iliadis, L., 2014. A Hybrid Network Anomaly and Intrusion Detection
Approach Based on Evolving Spiking Neural Network Classification, in: Sideridis, A.B.,
Kardasiadou, Z., Yialouris, C.P., Zorkadis, V. (Eds.), E-Democracy, Security, Privacy and
Trust in a Digital World, Communications in Computer and Information Science.
Springer International Publishing, pp. 11–23.
8. Demertzis, K., Iliadis, L., 2014. Evolving Computational Intelligence System for
Malware Detection, in: Iliadis, L., Papazoglou, M., Pohl, K. (Eds.), Advanced
Information Systems Engineering Workshops, Lecture Notes in Business Information
Processing. Springer International Publishing, pp. 322–334.
9. Demertzis, K., Iliadis, L., Anezakis, V., 2018. MOLESTRA: A Multi-Task Learning
Approach for Real-Time Big Data Analytics, in: 2018 Innovations in Intelligent Systems
and Applications (INISTA). Presented at the 2018 Innovations in Intelligent Systems
and Applications (INISTA), pp. 1–8. https://doi.org/10.1109/INISTA.2018.8466306
10. Demertzis, Konstantinos, Iliadis, L., Anezakis, V.-D., 2018. A Dynamic Ensemble
Learning Framework for Data Stream Analysis and Real-Time Threat Detection, in:
Kůrková, V., Manolopoulos, Y., Hammer, B., Iliadis, L., Maglogiannis, I. (Eds.), Artificial
Neural Networks and Machine Learning – ICANN 2018, Lecture Notes in Computer
Science. Springer International Publishing, pp. 669–681.
11. Demertzis, Konstantinos, Iliadis, L., Spartalis, S., 2017. A Spiking One-Class Anomaly
Detection Framework for Cyber-Security on Industrial Control Systems, in: Boracchi,
G., Iliadis, L., Jayne, C., Likas, A. (Eds.), Engineering Applications of Neural Networks,
Communications in Computer and Information Science. Springer International
Publishing, pp. 122–134.
12. Demertzis, Konstantinos, Iliadis, L.S., Anezakis, V.-D., 2018. An innovative soft
computing system for smart energy grids cybersecurity. Advances in Building Energy
Research 12, 3–24. https://doi.org/10/gdp862
13. Demertzis, Konstantinos, Kikiras, P., Tziritas, N., Sanchez, S.L., Iliadis, L., 2018. The
Next Generation Cognitive Security Operations Center: Network Flow Forensics Using
Cybersecurity Intelligence. Big Data and Cognitive Computing 2, 35.
https://doi.org/10/gfkhpp
14. Rantos, K., Drosatos, G., Demertzis, K., Ilioudis, C., Papanikolaou, A., 2018. Blockchain-
based Consents Management for Personal Data Processing in the IoT Ecosystem.
Presented at the International Conference on Security and Cryptography, pp. 572–
577.
15. Demertzis, Konstantinos, Iliadis, L.S., 2018. Real-time Computational Intelligence
Protection Framework Against Advanced Persistent Threats. Book entitled "Cyber-
Security and Information Warfare", Series: Cybercrime and Cybersecurity Research,
NOVA science publishers, ISBN: 978-1-53614-385-0, Chapter 5.
16. Demertzis, Konstantinos, Iliadis, L.S., 2016. Ladon: A Cyber Threat Bio-Inspired
Intelligence Management System. Journal of Applied Mathematics & Bioinformatics,
vol.6, no.3, 2016, 45-64, ISSN: 1792-6602 (print), 1792-6939 (online), Scienpress Ltd,
2016.
17. Demertzis, K.; Tziritas, N.; Kikiras, P.; Sanchez, S.L.; Iliadis, L. The Next Generation
Cognitive Security Operations Center: Adaptive Analytic Lambda Architecture for
Efficient Defense against Adversarial Attacks. Big Data Cogn. Comput. 2019, 3, 6.
18. Rantos K., Drosatos G., Demertzis K., Ilioudis C., Papanikolaou A., Kritsas A. (2019)
ADvoCATE: A Consent Management Platform for Personal Data Processing in the IoT
Using Blockchain Technology. In: Lanet JL., Toma C. (eds) Innovative Security Solutions
for Information Technology and Communications. SECITC 2018. Lecture Notes in
Computer Science, vol 11359. Springer, Cham.
19. Demertzis, K.; Iliadis, L.. Cognitive Web Application Firewall to Critical Infrastructures
Protection from Phishing Attacks, Journal of Computations & Modelling, vol.9, no.2,
2019, 1-26, ISSN: 1792-7625 (print), 1792-8850 (online), Scienpress Ltd, 2019.
20. Demertzis K., Iliadis L., Kikiras P., Tziritas N. (2019) Cyber-Typhon: An Online Multi-
task Anomaly Detection Framework. In: MacIntyre J., Maglogiannis I., Iliadis L.,
Pimenidis E. (eds) Artificial Intelligence Applications and Innovations. AIAI 2019. IFIP
Advances in Information and Communication Technology, vol 559. Springer, Cham
21. Xing, L., Demertzis, K. & Yang, J. Neural Comput & Applic (2019).
https://doi.org/10.1007/s00521-019-04288-5.
Environmental informatics
22. Anezakis, V., Mallinis, G., Iliadis, L., Demertzis, K., 2018. Soft computing forecasting of
cardiovascular and respiratory incidents based on climate change scenarios, in: 2018
IEEE Conference on Evolving and Adaptive Intelligent Systems (EAIS). Presented at the
2018 IEEE Conference on Evolving and Adaptive Intelligent Systems (EAIS), pp. 1–8.
https://doi.org/10.1109/EAIS.2018.8397174
23. Anezakis, V.-D., Demertzis, K., Iliadis, L., 2018. Classifying with fuzzy chi-square test:
The case of invasive species. AIP Conference Proceedings 1978, 290003.
https://doi.org/10/gdtm5q
24. Anezakis, V.-D., Demertzis, K., Iliadis, L., Spartalis, S., 2018. Hybrid intelligent modeling
of wild fires risk. Evolving Systems 9, 267–283. https://doi.org/10/gdp863
25. Anezakis, V.-D., Demertzis, K., Iliadis, L., Spartalis, S., 2016. A Hybrid Soft Computing
Approach Producing Robust Forest Fire Risk Indices, in: Iliadis, L., Maglogiannis, I.
(Eds.), Artificial Intelligence Applications and Innovations, IFIP Advances in
Information and Communication Technology. Springer International Publishing, pp.
191–203.
26. Anezakis, V.-D., Dermetzis, K., Iliadis, L., Spartalis, S., 2016. Fuzzy Cognitive Maps for
Long-Term Prognosis of the Evolution of Atmospheric Pollution, Based on Climate
Change Scenarios: The Case of Athens, in: Nguyen, N.-T., Iliadis, L., Manolopoulos, Y.,
Trawiński, B. (Eds.), Computational Collective Intelligence, Lecture Notes in Computer
Science. Springer International Publishing, pp. 175–186.
27. Anezakis, V.-D., Iliadis, L., Demertzis, K., Mallinis, G., 2017. Hybrid Soft Computing
Analytics of Cardiorespiratory Morbidity and Mortality Risk Due to Air Pollution, in:
Dokas, I.M., Bellamine-Ben Saoud, N., Dugdale, J., Díaz, P. (Eds.), Information Systems
for Crisis Response and Management in Mediterranean Countries, Lecture Notes in
Business Information Processing. Springer International Publishing, pp. 87–105.
28. Bougoudis, I., Demertzis, K., Iliadis, L., 2016. Fast and low cost prediction of extreme
air pollution values with hybrid unsupervised learning. Integrated Computer-Aided
Engineering 23, 115–127. https://doi.org/10/f8dt4t
29. Bougoudis, I., Demertzis, K., Iliadis, L., 2016. HISYCOL a hybrid computational
intelligence system for combined machine learning: the case of air pollution modeling
in Athens. Neural Comput & Applic 27, 1191–1206. https://doi.org/10/f8r7vf
30. Bougoudis, I., Demertzis, K., Iliadis, L., Anezakis, V.-D., Papaleonidas, A., 2018.
FuSSFFra, a fuzzy semi-supervised forecasting framework: the case of the air pollution
in Athens. Neural Comput & Applic 29, 375–388. https://doi.org/10/gc9bbf
31. Bougoudis, I., Demertzis, K., Iliadis, L., Anezakis, V.-D., Papaleonidas, A., 2016. Semi-
supervised Hybrid Modeling of Atmospheric Pollution in Urban Centers, in: Jayne, C.,
Iliadis, L. (Eds.), Engineering Applications of Neural Networks, Communications in
Computer and Information Science. Springer International Publishing, pp. 51–63.
32. Demertzis, Konstantinos, Anezakis, V.-D., Iliadis, L., Spartalis, S., 2018. Temporal
Modeling of Invasive Species’ Migration in Greece from Neighboring Countries Using
Fuzzy Cognitive Maps, in: Iliadis, L., Maglogiannis, I., Plagianakos, V. (Eds.), Artificial
Intelligence Applications and Innovations, IFIP Advances in Information and
Communication Technology. Springer International Publishing, pp. 592–605.
33. Demertzis, K., Iliadis, L., 2018. The Impact of Climate Change on Biodiversity: The
Ecological Consequences of Invasive Species in Greece, in: Leal Filho, W., Manolas, E.,
Azul, A.M., Azeiteiro, U.M., McGhie, H. (Eds.), Handbook of Climate Change
Communication: Vol. 1: Theory of Climate Change Communication, Climate Change
Management. Springer International Publishing, Cham, pp. 15–38.
https://doi.org/10.1007/978-3-319-69838-0_2
34. Demertzis, K., Iliadis, L., 2017. Adaptive Elitist Differential Evolution Extreme Learning
Machines on Big Data: Intelligent Recognition of Invasive Species, in: Angelov, P.,
Manolopoulos, Y., Iliadis, L., Roy, A., Vellasco, M. (Eds.), Advances in Big Data,
Advances in Intelligent Systems and Computing. Springer International Publishing, pp.
333–345.
35. Demertzis, K., Iliadis, L., 2015. Intelligent Bio-Inspired Detection of Food Borne
Pathogen by DNA Barcodes: The Case of Invasive Fish Species Lagocephalus
Sceleratus, in: Iliadis, L., Jayne, C. (Eds.), Engineering Applications of Neural Networks,
Communications in Computer and Information Science. Springer International
Publishing, pp. 89–99.
36. Demertzis, K., Iliadis, L., Anezakis, V., 2017. A deep spiking machine-hearing system
for the case of invasive fish species, in: 2017 IEEE International Conference on
INnovations in Intelligent SysTems and Applications (INISTA). Presented at the 2017
IEEE International Conference on INnovations in Intelligent SysTems and Applications
(INISTA), pp. 23–28. https://doi.org/10.1109/INISTA.2017.8001126
37. Demertzis, Konstantinos, Iliadis, L., Anezakis, V.-D., 2017. Commentary: Aedes
albopictus and Aedes japonicus—two invasive mosquito species with different
temperature niches in Europe. Front. Environ. Sci. 5. https://doi.org/10/gdp865
38. Demertzis, K., Iliadis, L., Avramidis, S., El-Kassaby, Y.A., 2017. Machine learning use in
predicting interior spruce wood density utilizing progeny test information. Neural
Comput & Applic 28, 505–519. https://doi.org/10/gdp86z
39. Demertzis, Konstantinos, Iliadis, L.S., Anezakis, V.-D., 2018. Extreme deep learning in
biosecurity: the case of machine hearing for marine species identification. Journal of
Information and Telecommunication 2, 492–510. https://doi.org/10/gdwszn
40. Dimou, V., Anezakis, V.-D., Demertzis, K., Iliadis, L., 2018. Comparative analysis of
exhaust emissions caused by chainsaws with soft computing and statistical
approaches. Int. J. Environ. Sci. Technol. 15, 1597–1608. https://doi.org/10/gdp864
41. Iliadis, L., Anezakis, V.-D., Demertzis, K., Mallinis, G., 2017. Hybrid Unsupervised
Modeling of Air Pollution Impact to Cardiovascular and Respiratory Diseases.
IJISCRAM 9, 13–35. https://doi.org/10/gfkhpm
42. Iliadis, L., Anezakis, V.-D., Demertzis, K., Spartalis, S., 2018. Hybrid Soft Computing for
Atmospheric Pollution-Climate Change Data Mining, in: Thanh Nguyen, N., Kowalczyk,
R. (Eds.), Transactions on Computational Collective Intelligence XXX, Lecture Notes in
Computer Science. Springer International Publishing, Cham, pp. 152–177.
https://doi.org/10.1007/978-3-319-99810-7_8
43. Demertzis, K., Iliadis, L., 2017. Detecting invasive species with a bio-inspired semi-
supervised neurocomputing approach: the case of Lagocephalus sceleratus. Neural
Comput & Applic 28, 1225–1234. https://doi.org/10/gbkgb7
44. Κωνσταντίνος Δεμερτζής, Λάζαρος Ηλιάδης, 2015, Γενετική Ταυτοποίηση
Χωροκατακτητικών Ειδών με Εξελιγμένες Μεθόδους Τεχνητής Νοημοσύνης: Η
Περίπτωση του Ασιατικού Κουνουπιού Τίγρης (Aedes Αlbopictus). Θέματα
Δασολογίας & Διαχείρισης Περιβάλλοντος & Φυσικών Πόρων, 7ος τόμος, Κλιματική
Αλλαγή: Διεπιστημονικές Προσεγγίσεις, ISSN: 1791-7824, ISBN: 978-960-9698-11-5,
Eκδοτικός Oίκος: Δημοκρίτειο Πανεπιστήμιο Θράκης
45. Βαρδής-Δημήτριος Ανεζάκης, Κωνσταντίνος Δεμερτζής, Λάζαρος Ηλιάδης. Πρόβλεψη
Χαλαζοπτώσεων Μέσω Μηχανικής Μάθησης. 3o Πανελλήνιο Συνέδριο Πολιτικής
Προστασίας «SafeEvros 2016: Οι νέες τεχνολογίες στην υπηρεσία της Πολιτικής
Προστασίας», Proceedings, ISBN : 978-960-89345-7-3, Ιούνιος 2017, Eκδοτικός Oίκος:
∆ημοκρίτειο Πανεπιστήμιο Θράκης.
46. Demertzis K., Iliadis L., Anezakis VD. (2019) A Machine Hearing Framework for Real-
Time Streaming Analytics Using Lambda Architecture. In: Macintyre J., Iliadis L.,
Maglogiannis I., Jayne C. (eds) Engineering Applications of Neural Networks. EANN
2019. Communications in Computer and Information Science, vol 1000. Springer,
Cham
Other
47. Κωνσταντίνος Δεμερτζής. Ενίσχυση της Διοικητικής Ικανότητας των Δήμων Μέσω της
Ηλεκτρονικής Διακυβέρνησης: Η Στρατηγική των «Έξυπνων Πόλεων» με Σκοπό την
Αειφόρο Ανάπτυξη. Θέματα Δασολογίας και Διαχείρισης Περιβάλλοντος και
Φυσικών Πόρων, 10ος Τόμος: Περιβαλλοντική Πολιτική: Καλές Πρακτικές,
Προβλήματα και Προοπτικές, σελ. 84 - 100, ISSN: 1791-7824, ISBN: 978-960-9698-14-
6, Νοέμβριος 2018, Eκδοτικός Oίκος: Δημοκρίτειο Πανεπιστήμιο Θράκης.