Abstract
Changing mobility behaviors in academia - such as encouraging the use of bicycles - can help to reduce CO2 emissions since trips made by car or motorbikes tend to effectively reduce. Additionally, by obtaining mobility-related data we can infer patterns, optimize mobility and strengthen more sustainable habits within academia. In this paper, we propose a secure LoRa-based tracking system for the BIRA bicycle. The BIRA bicycle is an initiative of Instituto Politecnico de Viana do Castelo (IPVC) that aims to promote bicycle usage on campus, by encouraging the adoption of more sustainable mobility habits within the institution. The proposed system consists of BIRA bicycles equipped with low-cost GPS trackers. The collected data is then transmitted using a LoRaWAN infrastructure to an application server, which is responsible for storing and serving the client application with several contextual information, such as location, route, speed, and battery level. The results have shown that the proposed system is a viable low-cost solution for tracking bicycles and users' habits at a campus or even a city level.

Abstract
Wireless, sensor and actuator technologies are often central to sensing or communication critical systems [...]

Abstract
The process of building and deploying Machine Learning (ML) models includes several phases and the training phase is taken as one of the most time-consuming. ML models with time series datasets can be used to predict users positions, behaviours or mobility patterns, which implies paths crossing by well-defined positions, and thus, in these cases, syntactic similarity can be used to reduce these models training time. This paper uses the case study of a Mobile Network Operator (MNO) where users mobility are predicted through ML and the use of syntactic similarity withWord2Vec (W2V) framework is tested with Recurrent Neural Network (RNN), Gate Recurrent Unit (GRU), Long Short-Term Memory (LSTM) and Convolutional Neural Network (CNN) models. Experimental results show that by using framework W2V in these architectures, the training time task is reduced in average between 22% to 43%. Also an improvement on the validation accuracy of mobility prediction of about 3 percentage points in average is obtained.

Abstract
The digital contact tracing applications are one of the many initiatives to fight the COVID-19 virus. Some of these Apps use the Exposure Notification (EN) system available on Google and Apple's operating systems. However, EN-based contact tracing Apps depend on the availability of Bluetooth interfaces to exchange proximity identifiers, which, if compromised, directly impact their effectiveness. This paper discloses and details the Advertising Overflow attack, a novel internal Denial of Service (DoS) attack targeting the EN system on Android devices. The attack is performed by a malicious App that occupies all the Bluetooth advertising slots in an Android device, effectively blocking any advertising attempt of EN or other Apps. The impact of the disclosed attack and other previously disclosed DoS-based attacks, namely Battery Exhaustion and Storage Drain, were tested using two target smartphones and other six smartphones as attackers. The results show that the Battery Exhaustion attack imposes a battery discharge rate 1.95 times higher than in the normal operation scenario. Regarding the Storage Drain, the storage usage increased more than 30 times when compared to the normal operation scenario results. The results of the novel attack reveal that a malicious App can prevent any other App to place their Bluetooth advertisements, for any chosen time period, thus canceling the operation of the EN system and compromising the efficiency of any COVID contact tracing App using this system.

Abstract
Cyberattacks exploiting Universal Serial Bus (USB) interfaces may have a high impact on individual and corporate systems. The BadUSB is an attack where a USB device's firmware is spoofed and, once mounted, allows attackers to execute a set of malicious actions in a target system. The countermeasures against this type of attack can be grouped into two strategies: phyiscal blocking of USB ports and software blocking. This paper proposes a distributed architecture that uses software blocking to enhance system protection against BadUSB attacks. This architecture is composed of multiple agents and external databases, and it is designed for personal or corporate computers using Microsoft Windows Operating System. When a USB device is connected, the agent inspects the device, provides filtered information about its functionality and presents a threat assessment to the user, based on all previous user choices stored in external databases. By providing valuable information to the user, and also threat assessments from multiple users, the proposed distributed architecture improves system protection.

Abstract
The Implanted Medical Devices (IMD) industry has grown over the past few decades and is expected to grow in the coming ones. Being an asset for the health and quality of life of a patient, the availability of IMD-related products, their increasing complexity and advances in communication capabilities do not seem to have been seamlessly accompanied by cybersecurity concerns. Recent IMD can be integrated in the concept of IoT (Internet of Things) and thus, they are also exposed to attacks impacting on privacy and, above all, on the health and even the life of the device users. While in an early stage of the IMD development, the security procedures were based on the existing classic protocols and models and their functional capabilities were the focus of development, recent efforts have been made to address security from the start. In this paper we review the most recent contributions on the cybersecurity of IMD products and we highlight innovative ideas that represent new design and development paradigms of these devices next generations. In this review it is reinforced that the technological evolution and the progressive access of attackers to resources capable of exploiting multiple vulnerabilities can have a crucial impact in the IMD already implanted in the patient's body, designed to remain in operation for many years. Also, it brings the need to develop novel and robust protocols to guarantee security compatible with constrained computing resources and extremely low energy requirements to be feasible. Finally, the security and privacy concerns regarding this kind of devices should be addressed in the design phase and policies must move from damage mitigation to threat prevention.