Abstract
The process of building and deploying Machine Learning (ML) models includes several phases and the training phase is taken as one of the most time-consuming. ML models with time series datasets can be used to predict users positions, behaviours or mobility patterns, which implies paths crossing by well-defined positions, and thus, in these cases, syntactic similarity can be used to reduce these models training time. This paper uses the case study of a Mobile Network Operator (MNO) where users mobility are predicted through ML and the use of syntactic similarity withWord2Vec (W2V) framework is tested with Recurrent Neural Network (RNN), Gate Recurrent Unit (GRU), Long Short-Term Memory (LSTM) and Convolutional Neural Network (CNN) models. Experimental results show that by using framework W2V in these architectures, the training time task is reduced in average between 22% to 43%. Also an improvement on the validation accuracy of mobility prediction of about 3 percentage points in average is obtained.

Abstract
The digital contact tracing applications are one of the many initiatives to fight the COVID-19 virus. Some of these Apps use the Exposure Notification (EN) system available on Google and Apple's operating systems. However, EN-based contact tracing Apps depend on the availability of Bluetooth interfaces to exchange proximity identifiers, which, if compromised, directly impact their effectiveness. This paper discloses and details the Advertising Overflow attack, a novel internal Denial of Service (DoS) attack targeting the EN system on Android devices. The attack is performed by a malicious App that occupies all the Bluetooth advertising slots in an Android device, effectively blocking any advertising attempt of EN or other Apps. The impact of the disclosed attack and other previously disclosed DoS-based attacks, namely Battery Exhaustion and Storage Drain, were tested using two target smartphones and other six smartphones as attackers. The results show that the Battery Exhaustion attack imposes a battery discharge rate 1.95 times higher than in the normal operation scenario. Regarding the Storage Drain, the storage usage increased more than 30 times when compared to the normal operation scenario results. The results of the novel attack reveal that a malicious App can prevent any other App to place their Bluetooth advertisements, for any chosen time period, thus canceling the operation of the EN system and compromising the efficiency of any COVID contact tracing App using this system.

Abstract
Cyberattacks exploiting Universal Serial Bus (USB) interfaces may have a high impact on individual and corporate systems. The BadUSB is an attack where a USB device's firmware is spoofed and, once mounted, allows attackers to execute a set of malicious actions in a target system. The countermeasures against this type of attack can be grouped into two strategies: phyiscal blocking of USB ports and software blocking. This paper proposes a distributed architecture that uses software blocking to enhance system protection against BadUSB attacks. This architecture is composed of multiple agents and external databases, and it is designed for personal or corporate computers using Microsoft Windows Operating System. When a USB device is connected, the agent inspects the device, provides filtered information about its functionality and presents a threat assessment to the user, based on all previous user choices stored in external databases. By providing valuable information to the user, and also threat assessments from multiple users, the proposed distributed architecture improves system protection.

Abstract
The Implanted Medical Devices (IMD) industry has grown over the past few decades and is expected to grow in the coming ones. Being an asset for the health and quality of life of a patient, the availability of IMD-related products, their increasing complexity and advances in communication capabilities do not seem to have been seamlessly accompanied by cybersecurity concerns. Recent IMD can be integrated in the concept of IoT (Internet of Things) and thus, they are also exposed to attacks impacting on privacy and, above all, on the health and even the life of the device users. While in an early stage of the IMD development, the security procedures were based on the existing classic protocols and models and their functional capabilities were the focus of development, recent efforts have been made to address security from the start. In this paper we review the most recent contributions on the cybersecurity of IMD products and we highlight innovative ideas that represent new design and development paradigms of these devices next generations. In this review it is reinforced that the technological evolution and the progressive access of attackers to resources capable of exploiting multiple vulnerabilities can have a crucial impact in the IMD already implanted in the patient's body, designed to remain in operation for many years. Also, it brings the need to develop novel and robust protocols to guarantee security compatible with constrained computing resources and extremely low energy requirements to be feasible. Finally, the security and privacy concerns regarding this kind of devices should be addressed in the design phase and policies must move from damage mitigation to threat prevention.

Abstract
The Malware Information Sharing Platform (MISP) enables the sharing of cyberthreat information within a community, company or organisation. However, this platform presents limitations if its information is deemed as classified or shared only for a given period of time. This implies that this information should to be handled only in encrypted form. One solution is to use MISP with searchable encryption techniques to impose greater control over the sharing of information. In this paper, we propose a controlled information sharing functionality that features a synchronisation procedure that enables classified data exchange between MISP instances, based on policies and ensuring the required confidentiality and integrity of the shared data. Sequence charts are presented validating the configuration, the data synchronisation, and the data searching between multiple entities.

Abstract
The actual learning process in a school, college or university should take full advantage of the digital transformation. Computers, mobile phones, tablets or other electronic devices can be used in learning environments to improve learning experience and students performance. However, in a university campus, there are some activities where the use of connected devices, might be discouraged or even forbidden. Students should be discouraged to use their own devices in classes where they may become alienated or when their devices may cause any disturbance. Ultimately, their own devices should be forbidden in activities such as closed-book exams. This paper proposes a system architecture to detect or block unwanted wireless signals by students' mobile phones in a classroom. This architecture focuses on specific wireless signals from Wi-Fi and Bluetooth interfaces, and it is based on Software-Defined Radio (SDR) modules and a set of antennas with two configuration modes: detection mode and blocking mode. When in the detection mode, the architecture processes signals from the antennas, detects if there is any signal from Wi-Fi or Bluetooth interfaces and infers a position of the unwanted mobile device. In the blocking mode, the architecture generates noise in the same frequency range of Wi-Fi or Bluetooth interfaces, blocking any possible connection. The proposed architecture is designed to be used by professors to detect or block unwanted wireless signals from student devices when supervising closed-book exams, during specific periods of time. © Daniel Barros, Paulo Barros, Emanuel Lomba, Vítor Ferreira, and Pedro Pinto; licensed under Creative Commons License CC-BY 4.0 Second International Computer Programming Education Conference (ICPEC 2021).