SPUCS

Software architectures for Secure, Private, User-Controlled Smart devices

Project Title

SPUCS: Software architectures for Secure, Private, User-Controlled Smart devices

Project Summary

Smart mobile devices are ubiquitous and critical for our everyday lives. These devices comprise a massive amount of proprietary software from different vendors with limited transparency and user control. SPUCS contributes new software architectures and methods for increased transparency and control over smart devices. Technically, the project focuses on mobile devices running operating systems based on the Linux kernel, like the Android OS, the most popular operating system in the world.

Results

Project Diagram 1

SliceDroid: Low-level kernel tracing for transparency

SliceDroid is a technique for capturing and processing traces from the OS kernel that is agnostic to the semantics of the higher-level proprietary software components of Android. Therefore, it can be used to extract behavioral information and monitor the execution of all apps and system components, offering transparency to end-users. An open-source implementation is available on [Github].

Project Diagram 2

WOOTDroid: eBPF-powered system control

Coming soon.

Project Diagram 2

Security and Privacy assessment of mobile messaging apps

Together with students from AUEB, we investigated the security and privacy characteristics of messaging applications for Android. Via a combination of static and dynamic analysis techniques, including behavior monitoring using SliceDroid, we examined discrepancies in the behavior of the Meta Messenger, Signal, and Telegram apps.

Project Diagram 2

Performance of unlinkable verifiable credentials for the EU Digital Identity Wallet

In this work, we designed and implemented a benchmarking suite for implementations of unlinkable verifiable credentials. Our results showed that BBS signatures can offer increased privacy to end-users of mobile devices while incurring a modest overhead, even in wearable-class devices, such as smartwatches.

Publications

  • Nikolaos Alexopoulos, Simon Althaus, Diomidis Spinellis, “SliceDroid: Towards Reconstructing Android Application I/O Behaviors from Kernel Traces”, Preprint [link], 2025.
  • Ioannis Karyotakis, Foivos-Timotheos Proestakis, Evangelos Talos, Diomidis Spinellis and Nikolaos Alexopoulos, “An Empirical Comparison of Security and Privacy Characteristics of Android Messaging Apps”, ACM SAC 2026, to appear.
  • Angelos Ioannis Lagos, Diomidis Spinellis and Nikolaos Alexopoulos, “Measuring the Performance of Candidate Verifiable Credential Schemes for the EU Digital Identity Wallet”, ACM SAC 2026, to appear.

Open-source tools

  • SliceDroid [Github]
  • WOOTDroid (Coming Soon)

Expected Impact

  • Self-sovereignty
  • Transparency
  • Trust

Contact

Researcher: Nikolaos Alexopoulos
Host Institution: Athens University of Economics and Business
Email: alexopoulos AT aueb.gr