Spoke 3: Attacchi e difese (UNICA)

Spoke 3:
Attacchi e difese (UNICA)

Coordinator:
Giorgio GIACINTO
Full Professor, UNICA

L’AT 3 si propone di analizzare le metodologie di attacco emergenti e di sviluppare metodi avanzati per la rilevazione di attacchi e l’individuazione di linee guida per la progettazione di sistemi informatici che garantiscano una ridotta vulnerabilità a nuove categorie di attacco. Gli obiettivi di dettaglio possono essere suddivisi in quattro macro categorie: (i) Sviluppo di strumenti avanzati per l’analisi dei malware e dei software finalizzati all’identificazione delle vulnerabilità che potrebbero essere sfruttate dai malware stessi; (ii) Sviluppo di strumenti per l’analisi del traffico di rete per identificare le comunicazioni relative agli attacchi in corso; (iii) Sviluppo di sistemi di machine learning robusti agli attacchi e attraverso i quali è possibile estrarre conoscenze finalizzate alla creazione di strumenti più avanzati per l’analisi tempestiva e l’individuazione precoce degli attacchi; (iv) Analisi dei “fattori umani” coinvolti in un attacco con lo sviluppo di strumenti per l’analisi e la correlazione di informazioni provenienti da OSINT (open sources intelligence) e per la difesa e prevenzione di attacchi basati su tecniche di social engineering.

Project: In searCh Of eVidence of stEalth cybeR Threats (COVERT)
PI: Giorgio GIACINTO, Full Professor, UNICA

Project GEneralized Real-time On-line National Internet MOnitoring Infrastructure (GERONIMO):
PI: Francesco PALMIERI, Full professor, UNISA

Project Science and engineering Of Security of Artificial Intelligence (SOS_AI)
PI: Fabio ROLI, Full Professor, UNIGE

Project Cyber Social Security (CSS)
PI: Danilo CAIVANO, Full Professor, UNIBA

Trustworthy AI in Video Surveillance: The IMMAGINA Project
Emanuele Ledda, Lorenzo Putzu, Rita Delussu, Giorgio Fumera and Fabio Roli, Ital-IA 2023: 3rd National Conference on Artificial Intelligence, CEUR Workshop Proceedings, 2023
Evaluation of Robustness Metrics for Defense of Machine Learning Systems
Julian DeMarchi, Roel Rijken, John Melrose, Bob Madahar, Giorgio Fumera, Fabio Roli, Emanuele Ledda, Metin Aktas, Frank Kurth, Paul Baggenstoss, Björn Pelzer and Linus Kanestad, International Conference on Military Communication and Information Systems (ICMCIS), 2023
A. E. Cinà, K. Grosse, A. Demontis, S. Vascon, W. Zellinger, B. A. Moser, A. Oprea, B. Biggio, M. Pelillo, and F. Roli. Wild patterns reloaded: A survey of machine learning security against training data poisoning. ACM Comput. Surv., 2023.
Caviglione, L.,Comito, C, Guarascio, M., Manco, G., Emerging challenges and perspectives in Deep Learning model security: A brief survey, Systems and Soft Computing, Elsevier, 2023.
F. Folino, G. Folino, M. Guarascio, L. Pontieri, Data-Efficient Deep Learning Approach for Explainable Process Deviance Discovery, Third International Conference, NUMTA 2023, Pizzo Calabro, Italy, June 14-20, 2023
Angelica Liguori, Simone Mungari, Marco Zuppelli, Carmela Comito, Enrico Cambiaso, Matteo Repetto, Massimo Guarascio, Luca Caviglione, Giuseppe Manco, Using AI to face covert attacks in IoT and softwarized scenarios: challenges and opportunities. Ital-IA, Workshop AI per Cybersecurity, Ceur Proceedings, 29-30 maggio 2023.
Bruno Pala, Lorenzo Pisu, Silvia Lucia Sanna, Davide Maiorca, Giorgio Giacinto: A Targeted Assessment of Cross-Site Scripting Detection Tools, in ITASEC 2023, Bari, CEUR proceedings.
B. Carpentieri, F. Palmieri, Transmission of Digital Data in the 5G Era: Compression and Privacy (2023) Information, 14 (2), art. no. 135, DOI: 10.3390/info14020135
E. Coppolillo, A. Liguori, M. Guarascio, F. S. Pisani, G. Manco: Generative Methods for Out-of-distribution Prediction and Applications for Threat Detection and Analysis: A Short Review. Digital Sovereignty in Cyber Security: New Challenges in Future Vision. Communications in Computer and Information Science, vol. 1807. DOI: https://doi.org/10.1007/978-3-031-36096-1_5
N. Cassavia, L. Caviglione, M. Guarascio, A. Liguori, G. Manco, M. Zuppelli: A Federated Approach for Detecting Data Hidden in Icons of Mobile Applications Delivered via Web and Multiple Stores. Social Network Analysis and Mining 2023, vol. 13, DOI: https://doi.org/10.1007/s13278-023-01121-9
A. Liguori, S. Mungari, M. Zuppelli, C. Comito, E. Cambiaso, M. Repetto, M. Guarascio, L. Caviglione, G. Manco: Using AI to face covert attacks in IoT and softwarized scenarios: challenges and opportunities. Ital-IA 2023: 3rd National Conference on Artificial Intelligence, CEUR Workshop Proceedings, vol. 3486, URL: https://ceur-ws.org/Vol-3486/37.pdf
L. Caviglione, C. Comito, M. Guarascio, G. Manco, F. S. Pisani, M. Zuppelli: ORISHA: Improving Threat Detection through Orchestrated Information Sharing (Discussion Paper). SEBD 2023: 31st Symposium on Advanced Database System. CEUR Workshop Proceedings, vol. 3478, URL: https://ceur-ws.org/Vol-3478/paper59.pdf
L. Caviglione, C. Comito, M. Guarascio, G. Manco: Emerging challenges and perspectives in Deep Learning model security: A brief survey. Systems and Soft Computing 2023, vol. 5, DOI: https://doi.org/10.1016/j.sasc.2023.200050
E. Cambiaso, L. Caviglione. Scamming the Scammers: Using ChatGPT to Reply Mails for Wasting Time and Resources. ITASEC: The Italian Conference on CyberSecurity 2023, CEUR Workshop Proceedings, vol. 3488, URL: https://ceur-ws.org/Vol-3488/paper08.pdf
F. Bergadano and G. Giacinto (eds.). AI for Cybersecurity: Robust models for Authentication, Threat and Anomaly Detection. MDPI, 2023. https://doi.org/10.3390/books978-3-0365-8265-8
G. D’Angelo, E. Farsimadan, M. Ficco, F. Palmieri, A. Robustelli, Privacy-preserving Malware Detection in Android-based IoT Devices Through Federated Markov Chains, Future Generation Computer Systems, 148, pp. 93-105, Elsevier, 2023.
R. Pietrantuono, M. Ficco and F. Palmieri, Survivability Analysis of IoT Systems Under Resource Exhausting Attacks, in IEEE Transactions on Information Forensics and Security, vol. 18, pp. 3277-3288, 2023, doi: 10.1109/TIFS.2023.3278449.
M. Mastroianni, F. Palmieri, M. Ficco, R. Kozik, M. Choras, Privacy risk analysis and metrics in capturing and storing network traffic, Proceedings of The 24rd Conference On Control Systems And Computer Science (CSCS24), Bucharest, 2023
L. Porcelli, M. Ficco, F. Palmieri, Mitigating User Exposure to Dark Patterns in Cookie Banners through Automated Consent, Proceedings of Cyber Intelligence and Applications WS, The 23rd International Conference on Computational Science and Its Applications, Athens, 2023
G. D’Angelo, M. Ficco, A. Robustelli, An association rules-based approach for Anomaly Detection on CAN-bus, Proceedings of Cyber Intelligence and Applications WS, The 23rd International Conference on Computational Science and Its Applications, Athens, 2023
G. D’Angelo, E. Farsimadan, F. Palmieri, Recurrence Plots-based Network Attack Classification using CNN-Autoencoders, Proceedings of Cyber Intelligence and Applications WS, The 23rd International Conference on Computational Science and Its Applications, Athens, 2023
A. Scarfò, C. Piccolo, F. Palmieri, M. Mastroianni, Prevention of cyber-attacks and privacy breaches in healthcare sector, Proceedings of the 3rd Workshop on Privacy in the Cloud/Edge/IoT World, 23rd International Conference on Computational Science and Its Applications, Athens, 2023
Christian Catalano, Alessandro Pagano, Antonio Piccinno, Alessandro Stamerra. Cartoons to Improve Cyber Security Education: Snow White in Browser in the Middle (2023). CEUR Workshop Proceedings, Volume 3408, 2023, Joint of the Workshops, Work in Progress Demos and Doctoral Consortium at the 9th International Symposium on End-User Development, WWDD@IS-EUD 2023, Cagliari
Maria Teresa Baldassarre, Berenice Fernàndez Nieto, Azzurra Ragone. Human Rights education as a Component of the European Union cybersecurity curricula (2023). CEUR Workshop Proceedings, Volume 3408, 2023, Joint of the Workshops, Work in Progress Demos and Doctoral Consortium at the 9th International Symposium on End-User Development, WWDD@IS-EUD 2023, Cagliari
Stefano Cirillo, Domenico Desiato, Michele Scalera, Giandomenico Solimando. A visual privacy tool to help users in preserving social network data (2023). CEUR Workshop Proceedings, Volume 3408, 2023, Joint of the Workshops, Work in Progress Demos and Doctoral Consortium at the 9th International Symposium on End-User Development, WWDD@IS-EUD 2023, Cagliari
Vita Santa Barletta, Danilo Caivano, Domenico Gigante, and Azzurra Ragone. 2023. A Rapid Review of Responsible AI frameworks: How to guide the development of ethical AI. In Proceedings of the 27th International Conference on Evaluation and Assessment in Software Engineering (EASE ’23). Association for Computing Machinery, New York, NY, USA, 358–367.
Maria Teresa Baldassarre, Mirko De Vincentiis, Anibrata Pal, Michele Scalera. Quantum Artificial Intelligence for Cyber Security Education in Software Engineering (2023). CEUR Workshop Proceedings, Volume 3408, 2023, Joint of the Workshops, Work in Progress Demos and Doctoral Consortium at the 9th International Symposium on End-User Development, WWDD@IS-EUD 2023, Cagliari
Saltarella, M., Desolda, G., Lanzilotti, R., & Barletta, V. S. (2023). Translating privacy design principles into human-centered software lifecycle: a literature review. International Journal of Human–Computer Interaction, 1-19.
Mirko De Vincentiis, Anibrata Pal, Azzurra Ragone, Michele Scalera. A Multi-class Intrusion Detection System for Cyber Security Education in Automotive Industry (2023). CEUR Workshop Proceedings, Volume 3408, 2023, Joint of the Workshops, Work in Progress Demos and Doctoral Consortium at the 9th International Symposium on End-User Development, WWDD@IS-EUD 2023, Cagliari
Vita Santa Barletta, Danilo Caivano, Alfred Lako, and Anibrata Pal, 2023. Quantum as a Service Architecture for Security in a Smart City. 16th International Conference on the Quality of Information and Communications Technology September, 11th-13th | Aveiro, Portugal”
Loredana Caruccio, Domenico Desiato, Giuseppe Polese, Genoveffa Tortora, Nicola Zannone. An approach to trade-off privacy and classification accuracy in machine learning processes (4m). 31st Symposium on Advanced Database Systems (SEBD ’23). 2-5 July 2023, Galzignano Terme, Italy
Loredana Caruccio, Gaetano Cimino, Stefano Cirillo, Domenico Desiato, Giuseppe Polese, and Genoveffa Tortora. 2023. Malicious Account Identification in Social Network Platforms. ACM Trans. Internet Technol. (September 2023).
Vita Santa Barletta, Miriana Calvano, Federica Caruso, Antonio Curci and Antonio Piccinno, 2023. Serious Games for Cybersecurity: How to Improve Perception and Human Factors. 2023 IEEE International Conference on Metrology for eXtended Reality, Artificial Intelligence and Neural Engineering (MetroXRAINE)
Christian Catalano, Andrea Chezzi, Vita Santa Barletta, Angelo Corallo, 2023. Securing web technology and navigation against phishing through CNN. 2023 IEEE International Conference on Metrology for eXtended Reality, Artificial Intelligence and Neural Engineering (MetroXRAINE)
Danilo Caivano, Mirko De Vincentiis, Anibrata Pal and Azzurra Ragone, 2023. Securing Smart Cities: Unraveling Quantum as a Service. 2nd International Workshop on Quantum Programming for Software Engineering (QP4SE’23), co-located with ESEC/FSE 2023, San Francisco, USA
Vita Santa Barletta, Danilo Caivano, Mirko De Vincentiis, Anibrata Pal and Francesco Volpe, 2023. Automotive Knowledge Base for supporting Vehicle-SOC analysts. 2023 IEEE International Conference on Metrology for eXtended Reality, Artificial Intelligence and Neural Engineering (MetroXRAINE)
Vita Santa Barletta, Christian Catalano, Mirko De Vincentiis, Anibrata Pal and Michele Scalera, 2023. Artificial Intelligence for Automotive Security: How to Support Developers in Automotive Solutions. 2023 IEEE International Conference on Metrology for eXtended Reality, Artificial Intelligence and Neural Engineering (MetroXRAINE)
Danilo Caivano, Mirko De Vincentiis, Anibrata Pal and Michele Scalera, 2023. Extending Developer Support: Quantum Artificial Intelligence for Automotive Security. 2nd International Workshop on Quantum Programming for Software Engineering (QP4SE’23), co-located with ESEC/FSE 2023, San Francisco, USA
Danilo Caivano, Christian Catalano, Mirko De Vincentiis, Alfred Lako, and Alessandro Pagano, 2023. MaREA: Multi-class Random Forest for Automotive Intrusion Detection. 2nd International Workshop on 2nd Workshop on Computational Intelligence and Software Engineering (CISE’23), co-located with the International Conference on Focused Software Process Improvement – PROFES 2023
Ficco, M., Guerriero, A., Milite, E., Palmieri, F., Pietrantuono, R., Russo, S., Federated learning for IoT devices: Enhancing TinyML with on-board training. (2024) Information Fusion, 104, art. no. 102189.
Kozik, R., Ficco, M., Pawlicka, A., Pawlicki, M., Palmieri, F., Choraś, M., When explainability turns into a threat – using xAI to fool a fake news detection method. (2024) Computers and security, 137, art. no. 103599.
Al-Essa, M., Andresini, G., Appice, A. and Malerba, D., Machine Learning Journal, Panacea: A neural model ensemble for cyber-threat detection, Accepted for publication
Pasquadibisceglie V., Appice A., Castellano G. and Malerba D., IEEE Transactions on Services Computing, JARVIS: Joining Adversarial Training with Vision Transformers in Next-Activity Prediction, Accepted for Publication
Franco, D. and D’Amato, V. S. and Pasa, L. and Navarin, N. and Oneto, L., Neurocomputing, Pag:-, Fair graph representation learning: Empowering NIFTY via Biased Edge Dropout and Fair Attribute Preprocessing, Vol:563, 2023.
Graziano, D. and Ucci, D. and Bisio, F. and Oneto, L., International Conference on Optimization, Learning Algorithms and Applications (AL2A), PhishVision: a Deep Learning based Visual Brand Impersonation Detector for Identifying Phishing Attacks, 2023.
N. Cassavia, L. Caviglione, M. Guarascio, A, Liguori, M. Zuppelli: Learning Autoencoder Ensembles for Detecting Malware Hidden Communications in IoT Ecosystems. Journal of Intelligent Information Systems 2023

Spoke 3:
Attacchi e difese (UNICA)

Altri Spoke

Spoke 1:
Aspetti umani, sociali e legali (CNR)

Spoke 2:
Disinformazione e Fake News (UNISA)

Spoke 4:
Sicurezza dei Sistemi Operativi e della Virtualizzazione (UNIGE)

Spoke 5:
Crittografia e sicurezza dei sistemi distribuiti (UNICAL)

Spoke 6:
Sicurezza del software e delle piattaforme (UNIVE)

Spoke 7:
Sicurezza delle infrastrutture (POLITO)

Spoke 8:
Gestione del rischio e governance (UNIBO)

Spoke 9:
Mettere in sicurezza la trasformazione digitale (UNIROMA1)

Spoke 10:
Governance e protezione dei dati (UNIMI)