Spoke 6:
Sicurezza del software e delle piattaforme (UNIVE)

Coordinator:
Riccardo FOCARDI
Full Professor, UNIVE

Il primo obiettivo scientifico dell’AT 6 è fornire un ecosistema in cui gli sviluppatori di software possano facilmente ragionare sulla sicurezza del software. Ciò si baserà su nuove primitive di programmazione astratte e centrate sulla sicurezza e su nuovi modelli semantici che permetteranno di formalizzare, verificare e certificare le proprietà di sicurezza puntando al secure-by-design. L’obiettivo è sviluppare nuove tecniche formali basate sulla compilazione sicura e sulla composizione sicura, per ridurre il divario tra i modelli formali, essenziali per fornire piene garanzie di correttezza, e le implementazioni reali. Il secondo obiettivo scientifico è fornire soluzioni innovative per proteggere la catena di fornitura del software, compresi i processi di gestione e sviluppo del software. L’obiettivo è sviluppare nuove tecniche per eseguire test di sicurezza attraverso un’analisi dinamica continua e per proteggere il software, rilevando attività dannose e prevenendone o limitandone l’impatto, secondo un paradigma di autodifesa. Verranno utilizzati scenari di test per validare e valutare sperimentalmente le tecniche proposte.

Project: Supply Chain Attack Avoidance (SCAI)
PI: Flaminia Luccio, Associate Professor, UNIVE

Project: Securing softWare frOm first PrincipleS (SWOPS)
PI: Gabriele Costa, Associate Professor, IMT

  • Gabriele Costa, Marina Ribaudo: Designing a Serious Game for Cybersecurity Education. Software Engineering for Games in Serious Contexts 2023: 265-290
  • Gabriele Costa, Silvia De Francisci, Serenella Valiani, Paolo Prinetto: Why Mary Can Hack: Effectively Introducing High School Girls to Cybersecurity. ARES ’23: Proceedings of the 18th International Conference on Availability, Reliability and Security, 1–8, 2023
  • Christian Catalano, Alessandro Pagano, Antonio Piccinno, Alessandro Stamerra. Cartoons to Improve Cyber Security Education: Snow White in Browser in the Middle (2023). CEUR Workshop Proceedings, Volume 3408, 2023, Joint of the Workshops, Work in Progress Demos and Doctoral Consortium at the 9th International Symposium on End-User Development, WWDD@IS-EUD 2023, Cagliari
  • Fabio Calefato, Luigi Quaranta, Filippo Lanubile, Marcos Kalinowski: Assessing the Use of AutoML for Data-Driven Software Engineering. ESEM’23: Proceedings of the 17th IEEE/ACM International Symposium on Empirical Software Engineering and Measurement, 23 – 27 October 2023
  • Francesco Greco, Giuseppe Desolda and Andrea Esposito (2023). Explaining Phishing Attacks: An XAI Approach to Enhance User Awareness and Trust. Italian Conference on Cybersecurity (ITASEC ’23).
  • Colavito, F. Lanubile, N. Novielli, L. Quaranta. “Impact of Data Quality for Automatic Issue Classification Using Pre-trained Language Models.” Journal of Systems and Software, Volume 210, April 2024, 111838
  • Greco F., Desolda G., Esposito A. (2023). A Human-Centered XAI System for Phishing Detection. ACM CHI 2023 Workshop on Human-Centered Explainable AI (HCXAI).
  • Maria Teresa Baldassarre, Berenice Fernàndez Nieto, Azzurra Ragone. Human Rights education as a Component of the European Union cybersecurity curricula (2023). CEUR Workshop Proceedings, Volume 3408, 2023, Joint of the Workshops, Work in Progress Demos and Doctoral Consortium at the 9th International Symposium on End-User Development, WWDD@IS-EUD 2023, Cagliari
  • Miriana Calvano, Federica Caruso, Antonio Curci, Antonio Piccinno, Veronica Rossano. A Rapid Review on Serious Games for Cybersecurity Education: Are “Serious” and Gaming Aspects Well Balanced? (2023). CEUR Workshop Proceedings, Volume 3408, 2023, Joint of the Workshops, Work in Progress Demos and Doctoral Consortium at the 9th International Symposium on End-User Development, WWDD@IS-EUD 2023, Cagliari
  • Paolo Buono, Giuseppe Desolda, Francesco Greco, and Antonio Piccinno. 2023. Let warnings interrupt the interaction and explain: designing and evaluating phishing email warnings. In Extended Abstracts of the 2023 CHI Conference on Human Factors in Computing Systems (CHI EA ’23). Association for Computing Machinery, New York, NY, USA, Article 197, 1–6.
  • Stefano Cirillo, Domenico Desiato, Michele Scalera, Giandomenico Solimando. A visual privacy tool to help users in preserving social network data (2023). CEUR Workshop Proceedings, Volume 3408, 2023, Joint of the Workshops, Work in Progress Demos and Doctoral Consortium at the 9th International Symposium on End-User Development, WWDD@IS-EUD 2023, Cagliari
  • Vita Santa Barletta, Miriana Calvano, Federica Caruso, Antonio Curci and Antonio Piccinno, 2023. Serious Games for Cybersecurity: How to Improve Perception and Human Factors. 2023 IEEE International Conference on Metrology for eXtended Reality, Artificial Intelligence and Neural Engineering (MetroXRAINE)
  • “F Palmarini, L Veronese, M Busi, R Focardi, F Luccio. A Recipe for Cost-Effective Secure IoT: the SAFE PLACE Project Case Study
  • IEEE International Conference on Cyber Security and Resilience, 2023″
  • De Paoli, Alessia M. Di Campi, F.L. Luccio. Accessible applications to improve the tourist experience. International Conference on Computer-Human Interaction Research and Applications (CHIRA), 2023
  • Breve, B., Desolda, G., Greco, F., & Deufemia, V. (2023). Democratizing cybersecurity in smart environments: investigating the mental models of novices and experts. End-User Development, 145-161.
  • Christian Catalano, Andrea Chezzi, Vita Santa Barletta, Angelo Corallo, 2023. Securing web technology and navigation against phishing through CNN. 2023 IEEE International Conference on Metrology for eXtended Reality, Artificial Intelligence and Neural Engineering (MetroXRAINE)
  • Danilo Caivano, Mirko De Vincentiis, Anibrata Pal and Azzurra Ragone, 2023. Securing Smart Cities: Unraveling Quantum as a Service. 2nd International Workshop on Quantum Programming for Software Engineering (QP4SE’23), co-located with ESEC/FSE 2023, San Francisco, USA
  • Fabrizio Balducci, Bernardo Breve, Giuseppe Desolda, Francesco Greco, Vincenzo Deufemia (2023). Task Automation Systems to Secure Smart Environments. Joint Proceedings of the Workshops, Work in Progress Demos and Doctoral Consortium at the IS-EUD 2023 (WWDD@IS-EUD 2023), Cagliari, Italy, June 6-8, 2023.
  • G Desolda, A Esposito, F Greco, R Lanzilotti, M Saltarella (2023). MATERIALIST: A Web Platform for Guiding Privacy Design Pattern Selection in Software Development. Joint Proceedings of the Workshops, Work in Progress Demos and Doctoral Consortium at the IS-EUD 2023 (WWDD@IS-EUD 2023), Cagliari, Italy, June 6-8, 2023.
  • Loredana Caruccio, Domenico Desiato, Giuseppe Polese, Genoveffa Tortora, Nicola Zannone. An approach to trade-off privacy and classification accuracy in machine learning processes (4m). 31st Symposium on Advanced Database Systems (SEBD ’23). 2-5 July 2023, Galzignano Terme, Italy
  • Maria Teresa Baldassarre, Mirko De Vincentiis, Anibrata Pal, Michele Scalera. Quantum Artificial Intelligence for Cyber Security Education in Software Engineering (2023). CEUR Workshop Proceedings, Volume 3408, 2023, Joint of the Workshops, Work in Progress Demos and Doctoral Consortium at the 9th International Symposium on End-User Development, WWDD@IS-EUD 2023, Cagliari
  • Saltarella, M., Desolda, G., Lanzilotti, R., & Barletta, V. S. (2023). Translating privacy design principles into human-centered software lifecycle: a literature review. International Journal of Human–Computer Interaction, 1-19.
  • “Vita Santa Barletta, Danilo Caivano, Alfred Lako, and Anibrata Pal, 2023. Quantum as a Service Architecture for Security in a Smart City. 16th International Conference on the
  • Quality of Information and Communications Technology September, 11th-13th | Aveiro, Portugal”
  • Vita Santa Barletta, Danilo Caivano, Domenico Gigante, and Azzurra Ragone. 2023. A Rapid Review of Responsible AI frameworks: How to guide the development of ethical AI. In Proceedings of the 27th International Conference on Evaluation and Assessment in Software Engineering (EASE ’23). Association for Computing Machinery, New York, NY, USA, 358–367.
  • Francesca Console​, Giuseppe D’Aquanno, Giuseppe Antonio Di Luna, Leonardo Querzoni. BinBench: a benchmark for x64 portable operating system interface binary function representations. PeerJ Computer Science.
  • Deepanjan Mitra, Agostino Cortesi, Nabendu Chaki. A Two-hop Neighborhood Based Berserk Detection Algorithm for Probabilistic Model of Consensus in Distributed Ledger Systems. 15th International Conference on Computational Collective Intelligence, 27-29 September 2023, Budapest, Hungary. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2023, 14162 LNAI, pp. 379–391
  • Ivan Malakhov, Andrea Marin, Sabina Rosssi. Analysis of the Confirmation Time in Proof-of-Work Blockchains. Future Generation Computer Systems 147 (2023) 275–291.
  • “Mandira Roy, Raunak Bag, Novarun Deb, Agostino Cortesi, Rituparna Chaki, Nabendu Chaki: SCARS: Suturing wounds due to conflicts between non-functional requirements in autonomous and robotic systems. Software: Practice and Experience Volume 54, Issue 5 p. 759-795, 2023.”
  • Raunak Bag, Mandira Roy, Agostino Cortesi, Nabendu Chaki: Eliciting context-oriented NFR constraints and conflicts in robotic systems Innovations Syst Softw Eng (2023). https://doi.org/10.1007/s11334-023-00545-y
  • Emanuele Iannone, Zadia Codabux, Valentina Lenarduzzi, Andrea De Lucia, Fabio Palomba: Rubbing salt in the wound? A large-scale investigation into the effects of refactoring on security. Empirical Software Engineering 28(4):89 (2023)
  • Giulia Sellitto, lexandra Sheykina, Fabio Palomba, Andrea De Lucia: An Empirical Study on the Performance of Vulnerability Prediction Models Evaluated Applying Real-world Labelling. Joint Proceedings of the 32nd International Workshop on Software Measurement (IWSM) and the 17th International Conference on Software Process and Product Measurement (MENSURA). September 14-15, 2023, Rome, Italy. CEUR Workshop Proceedings, Vol-3543, https://ceur-ws.org/Vol-3543/
  • Veronese, L., Palmarini, F., Focardi, R., F. Luccio Design and Implementation of Fast and Cost-Effective FPGA-Based Fuzzy Rainbow Tradeoffs. SN COMPUT. SCI. 4, 330 (2023).
  • Al-Essa, M., Andresini, G., Appice, A. and Malerba, D., 10th IEEE International Conference on Data Science and Advanced Analytics (DSAA 2023), Panacea: A neural model ensemble for cyber-threat detection, pp. 1–2. IEEE (2023)
  • AL-Essa, M., Andresini, G., Appice, A. et al. PANACEA: a neural model ensemble for cyber-threat detection. Mach Learn 113, 5379–5422 (2024).
  • Andresini, G., Appice, A., Gasbarro, R. and Malerba, D., 26th International Conference on Discovery Science (DS 2023), GLORIA: A Graph Convolutional Network-Based Approach for Review Spam Detection, 14276 Springer LNAI, pp. 111-125.
  • Baahmed, A., Andresini, G., Robardet, C. and Appice. A. Using graph neural networks for the detection and explanation of network intrusions. Post-proceedings of ECML PKDD 5th International Workshop on eXplainable Knowledge Discovery in Data Mining (XKDD 2023). Springer Communications in Computer and Information Science (CCIS),volume 2135, 2024
  • Danilo Caivano, Mirko De Vincentiis, Anibrata Pal and Michele Scalera, 2023. Extending Developer Support: Quantum Artificial Intelligence for Automotive Security. 2nd International Workshop on Quantum Programming for Software Engineering (QP4SE’23), co-located with ESEC/FSE 2023, San Francisco, USA
  • Loredana Caruccio, Gaetano Cimino, Stefano Cirillo, Domenico Desiato, Giuseppe Polese, and Genoveffa Tortora. 2023. Malicious Account Identification in Social Network Platforms. ACM Trans. Internet Technol. 23, 4, Article 57 (November 2023), 25 pages.
  • Mirko De Vincentiis, Anibrata Pal, Azzurra Ragone, Michele Scalera. A Multi-class Intrusion Detection System for Cyber Security Education in Automotive Industry (2023). CEUR Workshop Proceedings, Volume 3408, 2023, Joint of the Workshops, Work in Progress Demos and Doctoral Consortium at the 9th International Symposium on End-User Development, WWDD@IS-EUD 2023, Cagliari
  • Vita Santa Barletta, Christian Catalano, Mirko De Vincentiis, Anibrata Pal and Michele Scalera, 2023. Artificial Intelligence for Automotive Security: How to Support Developers in Automotive Solutions. 2023 IEEE International Conference on Metrology for eXtended Reality, Artificial Intelligence and Neural Engineering (MetroXRAINE)
  • Vita Santa Barletta, Danilo Caivano, Mirko De Vincentiis, Anibrata Pal and Francesco Volpe, 2023. Automotive Knowledge Base for supporting Vehicle-SOC analysts. 2023 IEEE International Conference on Metrology for eXtended Reality, Artificial Intelligence and Neural Engineering (MetroXRAINE)
  • “Olivieri Luca, Pasetto Luca: Towards Compliance of Smart Contracts with the European Union Data Act.
  • 5th Workshop on Artificial Intelligence and Formal Verification, Logic, Automata, and Synthesis (OVERLAY 2023 @ AIxIA 2023)
  • November 7, 2023, Roma Tre University, Rome, Italy.”
  • Melgratti, H., Mezzina, C.A., Pinna, G.M. (2023). Relating Reversible Petri Nets and Reversible Event Structures, Categorically. In: Huisman, M., Ravara, A. (eds) Formal Techniques for Distributed Objects, Components, and Systems. FORTE 2023. Lecture Notes in Computer Science, vol 13910. Springer, Cham.
  • “Lorenzo Bettini, Khalid Bourr, Rosario Pugliese, Francesco Tiezzi: Coordinating and Programming Multiple ROS-based Robots with X-KLAIM.
  • International Journal on Software Tools for Technology Transfer, vol. 25, num. 5, pp. 747-764, Springer (2023).”
  • Claudio Antares Mezzina, Francesco Tiezzi, Nobuko Yoshida: Rollback Recovery in Session-Based Programming. In Proc. of COORDINATION 2023, LNCS 13908, 195-213, Springer, 2023.
  • Flavio Corradini, Alessandro Marcelletti, Andrea Morichetta, Andrea Polini, Barbara Re, Francesco Tiezzi: A Flexible Approach to Multi-party Business Process Execution on Blockchain. Future Gener. Comput. Syst. 147: 219-234, Springer, 2023
  • “Lorenzo Bettini, Khalid Bourr, Rosario Pugliese, Francesco Tiezzi: Coordinating and Programming Multiple ROS-based Robots with X-KLAIM.
  • International Journal on Software Tools for Technology Transfer, 25(5): 747-764, Springer (2023).”
  • Pierluigi Plebani, Davide Rossetto, Francesco Tiezzi: Empowering trusted data sharing for data analytics in a federated environment: A blockchain-based approach. Frontiers in Blockchain 6:1141760 (2023)
  • “Ahmad, Casarin, Calzavara: “”An Empirical Analysis of Web Storage and its Applications to Web Tracking””, ACM Transactions on the Web, Volume 18, Issue 1
  • Article No.: 7, Pages 1 – 28″
  • Calzavara, Cazzaro, Pibiri, Prezza. Verifiable Learning for Robust Tree Ensembles. In ACM CCS 2023.
  • Claude Stolze, Marino Miculan, and Pietro Di Gianantonio: Composable partial multiparty session types for open systems. Software and Systems Modeling 22, 473–494, 2023
  • Daria Smuseva, Ivan Malakhov, Andrea Marin, Sabina Rossi. Crisis of Trust: Analyzing the Verifier’s Dilemma in Ethereum’s Proof-of-Stake Blockchain. 6th IEEE International Conference on Blockchain, 2023.
  • “Hantke, Calzavara, Wilhelm, Rabitti, Stock. You Call This Archaeology? Evaluating Web Archives for
  • Reproducible Web Security Measurements. In ACM CCS 2023.”
  • Lorenzo Benetollo, Michele Bugliesi, Silvia Crafa, Sabina Rossi, Alvise Spanò. AlgoMove – A Move Embedding for Algorand. 6th IEEE International Conference on Blockchain, 2023.
  • Luca Olivieri, Luca Negrini, Vincenzo Arceri, Fabio Tagliaferro, Pietro Ferrara, Agostino Cortesi, Fausto Spoto. Information Flow Analysis for Detecting Non-Determinism in Blockchain. 37th European Conference on Object-Oriented Programming, ECOOP 2023, July 17-21, 2023, Seattle, Washington, United States
  • Marino Miculan, Matteo Paier: Assembling Coherent Network Topologies Using Round-Trip Graphs (short paper). ICTCS 2023: CEUR-WS 3587: 110-115
  • Michele Pasqua, and Marino Miculan: AbU: A calculus for distributed event-driven programming with attribute-based interaction. Theoretical Computer Science 958, 113841, 2023
  • Andrea Altarui, Marino Miculan, and Matteo Paier: DBCChecker: a bigraph-based tool for checking security properties of container compositions.ITASEC 2023: The Italian Conference on CyberSecurity, May 03–05, 2023, Bari, Italy, CEUR-WS, 2023
  • Alessandro Bonfiglio, Gabriele Costa, Silvia de Francisci: NIF: Reactive Injection Attack via Nmap Piggybacking. ITASEC 2023
  • Casaril, Francesco, and Letterio Galletta. “Securing SatCom user segment: a study on cybersecurity challenges in view of IRIS2.” Computers & Security (2024): 103799.
  • Calefato, L. Quaranta, F. Lanubile: Security Risks and Best Practices of MLOps: A Multivocal Literature Review. ITASEC 2024, Salerno, Italy, April 8-12, 2024.
  • Fabio Calefato, Luigi Quaranta, Filippo Lanubile. A Lot of Talk and a Badge: An Exploratory Analysis of Personal Achievements in GitHub. Information and Software Technology, Vol. 176, Dec. 2024.
  • Francesco Greco, Giuseppe Desolda, Andrea Esposito and Alessandro Carelli (2024). David versus Goliath: Can Machine Learning Detect LLM-Generated Text? A Case Study in the Detection of Phishing Emails. ITASEC 2024, Salerno, Italy, April 8-12, 2024.
  • Francesco Greco, Giuseppe Desolda, Luca Viganò. Supporting the Design of Phishing Education, Training and Awareness interventions: an LLM-based approach. Proceedings of the 2nd International Workshop on CyberSecurity Education for Industry and Academia (CSE4IA 2024) co-located with the 17th International Conference on Advanced Visual Interfaces (AVI 2024)
  • Francesco Greco, Paolo Buono, Giuseppe Desolda, Domenico Desiato, Rosa Lanzilotti and Grazia Ragone. Unlocking the Potential of Simulated Phishing Campaigns: Measuring the Impact of Interaction among Different Human Factors. DAMOCLES’24: First International Workshop on Detection And Mitigation Of Cyber attacks that exploit human vuLnerabilitiES, AVI ‘24, Arenzano (Genoa), Italy, June 3rd 2024
  • Araujo, M. Kalinowski, M. Endler, F. Calefato. Professional Insights into Benefits and Limitations of Implementing MLOps Principles. Proc. of International Conference on Enterprise Information Systems (ICEIS’24),, Angers, France, 28-30 April 2024.
  • Grazia Ragone, Paolo Buono, Domenico Desiato, Giuseppe Desolda, Francesco Greco, and Rosa Lanzillotti. 2024. Towards a human factors assessment questionnaire for cybersecurity incidents. In Proceedings of the 2024 International Conference on Advanced Visual Interfaces (AVI ’24). Association for Computing Machinery, New York, NY, USA, Article 71, 1–3. https://doi.org/10.1145/3656650.3656720
  • Saltarella, M., Desolda, G., Esposito, A. et al. Bridging the gap between GPDR and software development: the MATERIALIST framework. Multimed Tools Appl (2024). https://doi.org/10.1007/s11042-024-19923-0
  • Buriro, A. Rafi, M. A. Yaqoob and F. L. Luccio: Malware Detection using Anomaly Detection Algorithms, in Proc. of the 15th International Conference on Ubiquitous and Future Networks (ICUFN-2024).
  • Buriro, F.L. Luccio. A Bimodal Behavioral Biometric-based User Authentication Scheme for Smartphones. ITASEC 2024, April 8-12, 2024.
  • Buriro, Z. Akhtar, F. Ricci and F. L. Luccio: Wearable Wisdom: A Bi-Modal Behavioral Biometric Scheme for Smartwatch User Authentication, IEEE Access, publication date: 29/04/2024
  • Di Campi and F.L. Luccio. Understanding how users choose passwords: analysis and best practices. ITASEC 2024, April 8-12, 2024.
  • Angelelli, M., Arima, S., Catalano, C., & Ciavolino, E. (2024). A robust statistical framework for cyber-vulnerability prioritisation under partial information in threat intelligence. Expert Systems With Applications, 255, 124572.
  • Baldassarre, M. T., Gigante, D., Kalinowski, M., & Ragone, A. (2024). POLARIS: A framework to guide the development of Trustworthy AI systems.Proceedings of the IEEE/ACM 3rd International Conference on AI Engineering – Software Engineering for AI, Pages 200 – 210, 2024.
  • Artuso, F., Mormando, M., Di Luna, G. A., & Querzoni, L. (2024). Binbert: Binary code understanding with a fine-tunable and execution-aware transformer. IEEE Transactions on Dependable and Secure Computing, 21(1), 123-135.
  • Capozzi, D. Cono D’Elia, G. Antonio Di Luna and L. Querzoni, “Adversarial Attacks Against Binary Similarity Systems,” in IEEE Access, vol. 12, pp. 161247-161269, 2024, doi: 10.1109/ACCESS.2024.3488204.
  • Viglietta (University of Aizu), G. Di Luna (Sapienza University of Rome). Universal Finite-State and Self-Stabilizing Computation in Anonymous Dynamic Networks. 28th International Conference on Principles of Distributed Systems (OPODIS 2024).
  • Olliaro, G. Casale, A. Marin, S. Rossi: A Product-form Network for Systems with Job Stealing Policies. ACM Trans. Model. Perform. Evaluation Comput. Syst. 9(2): 6:1-6:26 (2024)
  • Ressi, R. Romanello, C. Piazza, S. Rossi: AI-enhanced blockchain technology: A review of advancements and opportunities. J. Netw. Comput. Appl. 225: 103858 (2024)
  • Ressi, D., Romanello, R., Piazza, C., Rossi, S. “AI-enhanced blockchain technology: A review of advancements and opportunities”, Journal of Network and Computer Applications, 2024
  • Smuseva, D., Marin, A., Rossi, S. “Selfish Mining in Public Blockchains: A Quantitative Analysis”. Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST, 2024, 539, pp. 18–32
  • Gabriele Costa and Cosimo Perini Brogi: Toward dynamic epistemic verification of zero-knowledge protocols, ITASEC 2024
  • Busi, R. Focardi, F. Luccio. Bridging the Gap: Automated Analysis of Sancus , 37th IEEE Computer Security Foundations Symposium, July 8-12, 2024
  • Das, N.Deb, A. Cortesi, N. Chaki: “Extracting goal models from natural language requirement specifications”. Journal of Systems and Software Volume 211, May 2024, 111981
  • Malakhov, I., Marin, A., Rossi, S., Menasche, D.S. “Confirmed or Dropped? Reliability Analysis of Transactions in PoW Blockchains”. IEEE Transactions on Network Science and Engineering, 2024
  • Galletta and F. Pinelli. Explainable Ponzi Schemes Detection on Ethereum. In The 39th ACM/SIGAPP Symposium on Applied Computing (SAC ’24), 2024
  • “Atzori, M., Calò, E., Caruccio, L., Cirillo, S., Polese, G., & Solimando, G. (2024) “Evaluating Password
  • Strength Based on Information Spread on Social Networks: A Combined Approach Relying on Data
  • Reconstruction and Generative Models”. Online Social Networks and Media, Elsevier.”
  • Breve, B., Caruccio, L., Cirillo, S., Deufemia, V., & Polese, G. (2024). Decentralized and Incremental Discovery of Relaxed Functional Dependencies Using Bitwise Similarity. IEEE Transactions on Knowledge and Data Engineering.
  • “Caruccio, L., Cimino, G., Cirillo, S., Desiato, D., Polese, G., & Tortora, G. (2024) “Improving Malicious
  • Accounts Discrimination through a New Feature Engineering Approach Using Relaxed Functional
  • Dependencies” In Proceedings of the 32th Italian Symposium on Advanced Database Systems (SEBD 2024)”
  • Emanuele Iannone, Giulia Sellitto, Emanuele Iaccarino, Filomena Ferrucci, Andrea De Lucia, Fabio Palomba, “Early and Realistic Exploitability Prediction of Just-Disclosed Software Vulnerabilities: How Reliable Can It Be?”, ACM Transacrions on Software Engineering and Methodology 33(6): 146 (2024)
  • Giusy Annunziata, Alexandra Sheykina, Fabio Palomba, Andrea De Lucia, Gemma Catolino, Filomena Ferrucci, “Security Risk Assessment on Cloud: A Systematic Mapping Study”, 28th International Conference on Evaluation and Assessment in Software Engineering, EASE 2024.
  • Marco Blanchini, Michele Cerreta, Davide Di Monda, Matteo Fabbri, Mario Raciti, Hamza Sajjad Ahmad and Gabriele Costa: Supporting Criminal Investigations on the Blockchain: A Temporal Logic-based Approach, ITASEC 2024
  • Faella, M., Garbi, G., La Torre, S. et al. CHC-Based Verification of Programs Through Graph Decompositions. SN COMPUT. SCI. 5, 1062 (2024)
  • Marco Faella, Gennaro Parlato. A Unified Automata-Theoretic Approach to LTLf Modulo Theories. Proceedings of the 24th European Conference on Artificial Intelligence, Santiago de Compostela, Spagna, 2024.
  • Olivieri, L., Spoto, F. Software verification challenges in the blockchain ecosystem. Int J Softw Tools Technol Transfer 26, 431–444 (2024). https://doi.org/10.1007/s10009-024-00758-x
  • Luca Olivieri, Luca Pasetto, Luca Negrini, Pietro Ferrara: “European Union Data Act and Blockchain Technology: Challenges and New Directions” in 6th Distributed Ledger Technology Workshop (DLT 2024)
  • Luca Olivieri, Vincenzo Arceri, Badaruddin Cachar, Luca Negrini, Fabio Tagliaferro, Fausto Spoto, Pietro Ferrara, Agostino Cortesi “General-Purpose Languages for Blockchain Smart Contracts Development: A Comprehensive Study,” in IEEE Access, vol. 12, pp. 166855-166869, 2024
  • Al-Essa, M., Andresini, G., Appice, A. and Malerba, D., Striving for simplicity in deep neural models trained for malware detection. Post-proceedings of ECML PKDD International Workshop on New Frontiers in Mining Complex Patterns (NFMCP 2023), Springer Communications in Computer and Information Science (CCIS),volume 2135, 2024
  • Pasquadibisceglie, A. Appice, G. Castellano and D. Malerba, “JARVIS: Joining Adversarial Training With Vision Transformers in Next-Activity Prediction,” in IEEE Transactions on Services Computing, vol. 17, no. 4, pp. 1593-1606, July-Aug. 2024
  • Baldassarre, M.T., Caivano, D., Fernandez Nieto, B, Gigante, D. and Ragone, A., “Fostering Human Rights in Responsible AI: A Systematic Review for Best Practices in Industry” in IEEE Transactions on Artificial Intelligence, vol. 1, no. 01, pp. 1-15, 5555.
  • De Rose, L.,Andresini, G.,Appice, A., Malerba, D., VINCENT: Cyber-threat detection through vision transformers and knowledge distillation. Computers and Security, 2024, 144, 103926
  • Imran, M., Appice, A., Malerba, D., Evaluating Realistic Adversarial Attacks against Machine Learning Models for Windows PE Malware Detection.Future Internet., 2024, 16(5), 168
  • Maria Teresa Baldassarre, Domenico Gigante, Azzurra Ragone, Sara Tibidò, Marcos Kalinowski. Trustworthy AI in practice: an analysis of practitioners’ needs and challenges. In proc. of e International Conference on Evaluation and Assessment in Software Engineering (EASE) 2024
  • Cortesi (Ed.): Space Data Management. Studies in Big Data, vol. 141. Springer-Nature publ.
  • Talotti, M. Paier, M. Miculan. ECC’s Achilles’ Heel: Unveiling Weak Keys in Standardized Curves. ITASEC 2024, April 8-12, 2024.
  • L. P. Gort, M. Olliaro and A. Cortesi, “Study of the Watermark Source’s Topology Role on Relational Data Watermarking Robustness,” in IEEE Access, vol. 12, pp. 25857-25875, 2024
  • Malakhov, A. Marin, S. Rossi and D. S. Menasché, “Confirmed or Dropped? Reliability Analysis of Transactions in PoW Blockchains,” in IEEE Transactions on Network Science and Engineering, vol. 11, no. 4, pp. 3276-3288, July-Aug. 2024
  • Pérez Gort, M., Cortesi, A. (2024). A Fragile Watermarking Approach for Earth Observation Data Integrity Protection. In: Cortesi, A. (eds) Space Data Management. Studies in Big Data, vol 141. Springer
  • Michele Pasqua, Marino Miculan: Behavioral equivalences for AbU: Verifying security and safety in distributed IoT systems. Theor. Comput. Sci. 998: 114537 (2024)
  • Luca Olivieri, Luca Negrini, Vincenzo Arceri, Thomas Jensen, Fausto Spoto: Design and Implementation of Static Analyses for Tezos Smart Contracts. ACM Journal Distributed Ledger Technologies: Research and Practice. 2024.
  • Michele Cerreta and Gabriele Costa: Automating Penetration Testing with MeTeOr, OSVS@Euro S&P 2024
  • Michele Boreale, Luisa Collodi, Daniele Gorla. Products, Polynomials and Differential Equations in the Stream Calculus. ACM Trans. Comput. Log. 25(1): 7:1-7:26 (2024)
  • Michele Boreale, Luisa Collodi. Guaranteed inference for probabilistic programs: a parallelisable, small-step operational approach. Proc. of VMCAI 2024, vol. 2, pp. 141-162, 2024
  • Greta Dolcetti, Caterina Urban, Agostino Cortesi, Enea Zaffanella. Towards a High Level Linter for Data Science. 10th ACM SIGPLAN International Workshop on Numerical and Symbolic Abstract Domains (NSAD 2024)
  • Luca Negrini, Sofia Presotto, Pietro Ferrara, Enea Zaffanella, Agostino Cortesi. Stability: an Abstract Domain for the Trend of Variation of Numerical Variables. 10th ACM SIGPLAN International Workshop on Numerical and Symbolic Abstract Domains (NSAD 2024)
  • Luca Negrini, Vincenzo Arceri, Agostino Cortesi, Pietro Ferrara: Tarsis: an effective automata-based abstract domain for string analysis.Journal of Software: Evolution and Process Volume 36, Issue 8, 2024
  • Luca Negrini, Vincenzo Arceri, Luca Olivieri, Agostino Cortesi and Pietro Ferrara. Teaching through Practice: Advanced Static Analysis with LiSA. Formal Methods Teaching Workshop (FMTea 2024)
  • Olivieri, L. Negrini, V. Arceri, B. Chachar, P. Ferrara and A. Cortesi, “Detection of Phantom Reads in Hyperledger Fabric,” in IEEE Access, vol. 12, pp. 80687-80697, 2024
  • Ferrara, P., Arceri, V. & Cortesi, A. Challenges of software verification: the past, the present, the future. Int J Softw Tools Technol Transfer 26, 421–430 (2024).
  • Falcarin, F. Dainese. Building a Cybersecurity Knowledge Graph with CyberGraph. Proc. of the Joint 5th International Workshop on Engineering and Cybersecurity of Critical Systems and 2nd International Workshop on Software Vulnerability Management (EnCyCriS/SVM 2024), 15 April 2024, Lisbon, Portugal, IEEE.
  • “Hernán Melgratti, Claudio A. Mezzina, G. Michele Pinna. A Truly Concurrent Semantics for Reversible CCS, Logical Methods in Computer Science
  • Volume 20, Issue 4, 2024, pp. 20:1–20:37″
  • “Massimo Bartoletti, Riccardo Marchesin, Roberto Zunino:
  • Secure compilation of rich smart contracts on poor UTXO blockchains. 2024 IEEE 9th European Symposium on Security and Privacy (EuroS&P) Vienna, Austria, 2024, pp. 235-267″
  • Lorenzo Ceragioli, Letterio Galletta, Pierpaolo Degano, David A. Basin: Specifying and Verifying Information Flow Control in SELinux Configurations. ACM Trans. Priv. Secur. 27(4): 31:1-31:35 (2024)
  • Lorenzo Ceragioli, Pierpaolo Degano, Letterio Galletta, Luca Viganò: A Logic for Policy Based Resource Exchanges in Multiagent Systems. ECAI 2024: 1405-1412
  • Renieri, L. Galletta, A. L. Lafuente, J. Hsin-yu Chiang: A Netting Protocol for Liquidity-saving Automated Market Makers. DLT Workshop 2024
  • Renieri, M., Galletta, L. (2025). A Policy Framework for Regulating External Calls in Smart Contracts. In: Madeira, A., Knapp, A. (eds) Software Engineering and Formal Methods. SEFM 2024.
  • Dal Pio Luogo, F., Mezzina, C.A., Pinna, G.M. (2024). Model Checking Reversible Systems: Forwardly. In: Mogensen, T.Æ., Mikulski, Ł. (eds) Reversible Computation. RC 2024. Lecture Notes in Computer Science, vol 14680. Springer, Cham
  • Daniele Pusceddu, Massimo Bartoletti: Formalizing Automated Market Makers in the Lean 4 Theorem Prover. FMBC 2024
  • Massimo Bartoletti, Angelo Ferrando, Enrico Lipparini, Vadim Malvone. Solvent: liquidity verification of smart contracts. Integrated Formal Methods: 19th International Conference, IFM 2024, Manchester, UK, November 13–15, 2024, Proceedings Pages 256 – 266
  • Massimo Bartoletti, Fabio Fioravanti, Giulia Matricardi, Roberto Pettinau, Franco Sainas: Towards benchmarking of Solidity verification tools. 5th International Workshop on Formal Methods for Blockchains (FMBC 2024) Open Access Series in Informatics (OASIcs), Volume 118, pp. 6:1-6:15, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2024)
  • Flavio Corradini, Jessica Piccioni, Barbara Re, Lorenzo Rossi, Francesco Tiezzi. On the Interplay Between BPMN Collaborations and the Physical Environment (BPM 2024)
  • Nawaz Abdullah Malla, Alessandro Marcelletti, Andrea Morichetta, Francesco Tiezzi. Unveiling Algorand Storage Peculiarities (DLT 2024, CEUR-WS.org)
  • Tania Bruno, Ettore Etenzi, Luca Gualandi, Eraldo Katra, Rosario Pugliese, Alessio Taranto, Francesco Tiezzi. A Blockchain-based Platform for Incentivizing Customer Reviews in the Grocery Industry . Blockchain: Research and Applications. Volume 5, Issue 4, December 2024, 100226
  • Davide Bresolin , Pieter Collins , Luca Geretti , Roberto Segala , Tiziano Villa. Recent results on computable and compositional semantics for hybrid systems. Proc. of 6th International Workshop on Artificial Intelligence and fOrmal VERification, Logic, Automata, and sYnthesis OVERLAY 2024 28 and 29 November, Bolzano (Italy)
  • Chiara Bodei, Marco De Vincenzi, and Ilaria Matteucci. Formal analysis of an AUTOSAR-based basic software module. In International Journal on Software Tools for Technology Transfer (2024) 26:495–508.
  • Francesco Rubino, Chiara Bodei, Gian-Luigi Ferrari: Riding the Data Storms: Specifying and Analysing IoT Security Requirements with SURFING. ISoLA (1) 2024, Leveraging Applications of Formal Methods, Verification and Validation. LNCS, 15219, 2024
  • Marco De Vincenzi, Chiara Bodei and Ilaria Matteucci. Vehicles, we have a problem: V2I Authentication without Physis-Location-Memory. Poster at QUATIC2024 (17th International Conference on the Quality of Information and Communications Technology, Pisa, Italy, September 11-13, 2024).
  • Ahmad, Calzavara, Casarin, Stock: “Information flow control for comparative privacy analyses”, in International Journal on Information Security 2024.
  • Bernardo, Veronese, Dalla Valle, Calzavara, Squarcina, Adao, Maffei: “Web Platform Threats: Automated Detection of Web Security Issues With WPT”, USENIX Security 2024
  • Piazza, S. Rossi, D. Smuseva: Efficient Algorithm for Proportional Lumpability and Its Application to Selfish Mining in Public Blockchains. Algorithms 17(4): 159 (2024)
  • Paier, R. Van Eeden, M. Miculan. “Formal Analysis of Multi-Factor Authentication Schemes in Digital Identity Cards”. Proc. 22nd International Conference on Software Engineering and Formal Methods (SEFM 2024).
  • Pizzolitto, GL Foresti, M. Paier, M. Miculan. Netstaldi: A Modular Distributed Architecture for Incremental Network Discovery. ITASEC 2024, April 8-12, 2024.
  • Michele Pasqua, Marino Miculan, “Local Reasoning and Attribute-based Memory Updates for Enforcing Global Invariants in Collective Adaptive Systems”. Proc. 13th International Symposium On Leveraging Applications of Formal Methods, Verification and Validation (ISoLA 2024).
  • Mastroeni, I. Abstract domain adequacy. Int J Softw Tools Technol Transfer 26, 747–765 (2024).
  • Canaia and M. Dalla Preda. On the role of cognizance in responsibility. 31st Static Analysis Symposium SAS 2024.
  • Barletta, V. S., Balzano, N., Colelli, L., Pagano, A., Piccinno, A., & Sohail, Q. (2024). CTI4RA: Cyber threat intelligence for risk assessment. In 2024 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT), November 20-21, 2024, University of Bahrain, Bahrain.
  • Barletta, V. S., Caivano, D., Catalano, C., del Vescovo, S. (2024). Black-Box Adversarial ML Attacks on IDS and Multi-Domain Impact Analysis for Threat Intelligence in Automotive Scenarios. In 2024 IEEE International Workshop on Technologies for Defense and Security (TechDefense), November 11-13, 2024, Naples, Italy.
  • Barletta, V. S., Calvano, M., & Sciacovelli, A. L. (2024). Cyber social security in multi-domain operations. In 2024 IEEE International Workshop on Technologies for Defense and Security (TechDefense), November 11-13, 2024, Naples, Italy.
  • Barletta, V. S., Catalano, C., Colucci, M., De Vincentiis, M., & Piccinno, A. (2024). Measuring the risk of evasion and poisoning attacks on a traffic sign recognition system. In 2024 IEEE International Workshop on Technologies for Defense and Security (TechDefense), November 11-13, 2024, Naples, Italy.
  • Caivano, D. and Fernández Nieto, B. and Gigante, D. and Ragone, A. and Tibidò, S. Ensuring Child Rights in the Age of AI: A Multidimensional Analysis of Existing Frameworks. In Proceeding of International Conference on Information Technology for Social Good (GoodIT ’24).
  • Basile, M. de Gemmis, M. Polignano, G. Semeraro, L. Siciliani, V. Tamburrano, F. Battista and R. Scardigno. LLaMAntino against Cyber Intimate Partner Violence, Proceedings of the Tenth Italian Conference on Computational Linguistics (CLiC-it 2024)
  • Scardigno, R., Gambarrota, R., & Centonze, L. (2024). Social Representation of Mental Health Disorders in the Italian Big Brother VIP Edition. Behavioral Sciences, 14(11), 1030.
  • Sciacovelli, A. L. (2024). Malicious cyberoperations committed by state and non-state actors: The international legal landscape. In P. Gargiulo, D. Giovannelli, & A. L. Sciacovelli (Eds.), Cybersecurity governance and normative frameworks: Non-Western countries and international organizations perspectives (Quaderno 29). La Comunità Internazionale Rivista Trimestrale della Società Italiana per l’Organizzazione Internazionale.
  • Gabriele Costa, Silvia de Francisci, Margherita Renieri, Serenella Valiani: Tackling the Gender Gap in Cybersecurity Education. SIGCSE (1) 2025: 234-240
  • Greco, F., Desolda, G., Buono, P., Piccinno, A. (2025). Enhancing Phishing Defenses: The Impact of Timing and Explanations in Warnings for Email Clients. In Computer Standards & Interfaces, 93, 103982. https://doi.org/10.1016/j.csi.2025.103982
  • A Buriro, FL Luccio, R Focardi: EUAS-GAN: Enhancing User Authentication on Smartphones through GAN-Based Swiping Data Augmentation, 39th International Conference on Advanced Information Networking and Applications (AINA-2025)
  • AM Di Campi, FL Luccio: Accessible Authentication Methods for Persons with Diverse Cognitive Abilities, Universal Access in the Information Society, (2025). https://doi.org/10.1007/s10209-025-01189-4
  • Baqir, A., Chen, Y., Diaz-Diaz, F. et al. Unveiling the drivers of active participation in social media discourse. Sci Rep 15, 4906 (2025).
  • Santa Barletta, V., Caivano, D., Pal, A., Scalera, M., & Serrano Martin, M. A. (2025). Enabling Quantum Privacy and Security by Design:: Imperatives for Contemporary State‐of‐the‐Art in Quantum Software Engineering. Journal of Software: Evolution and Process, 37(2), e70005.
  • Bag, R., Chaki, N., Cortesi, A. (2025). Contextual Correlation Inference in Multi-fleet Robotic Systems. In: Chaki, N., Cortesi, A., Chaki, R., Saeed, K. (eds) Applied Computing for Software and Smart Systems. ACSS 2024. Lecture Notes in Networks and Systems, vol 980. Springer, Singapore.
  • Barletta, V. S., Caivano, D., Catalano, C., del Vescovo, S., & Scalera, M., Towards the Responsible/Trustworthy AI in Multi-Domain Operations for Cyber Social Security: A Black-Box AML Case Study in the CAN Bus Frame Detection Task. Joint National Conference on Cybersecurity (ITASEC & SERICS 2025), Bologna, Italy.
  • Massimo Bartoletti, Lorenzo Benetollo, Michele Bugliesi, Silvia Crafa, Giacomo Dal Sasso, Roberto Pettinau, Andrea Pinna, Mattia Piras, Sabina Rossi, Stefano Salis, Alvise Spanò, Viacheslav Tkachenko, Roberto Tonelli, Roberto Zunino. Smart contract languages: A comparative analysis, Future Generation Computer Systems, Volume 164,2025
  • Attaullah Buriro, Flaminia Luccio and Muhammad Azfar Yaqub. Balancing the Scales: Using GANs and Class Balance for Superior Malware Detection. The 40th ACM/SIGAPP Symposium On Applied Computing, Catania, Italy, March 31 – April 4, 2025.
  • Maikel Lázaro Pérez Gort, Agostino Cortesi: A robust scheme for securing relational data incremental watermarking. International Journal of Information Management Data Insights, Volume 5, Issue 1, June 2025, 100320
  • Subhasish Ghosh, Amit Kr Mandal, Agostino Cortesi, Enhancing Deep Learning Model Privacy Against Membership Inference Attacks Using Privacy-Preserving Oversampling. SN Computer Science, Volume 6, Issue 4, April 2025, Article number 316.
  • Zanatta, G. Caiazza, P. Ferrara, L. Negrini: “Inference of Access Policies through Static Analysis”, International Journal on Software Tools for Technology Transfer, 2025
  • Luca Olivieri, Luca Negrini, Vincenzo Arceri, Pietro Ferrara and Agostino Cortesi, “Detection of Read-Write Issues in Hyperledger Fabric Smart Contracts”. 40th ACM/SIGAPP Symposium On Applied Computing 2025
  • Luca Olivieri, Luca Negrini, Vincenzo Arceri, Pietro Ferrara, Agostino Cortesi and Fausto Spoto, “Static Detection of Untrusted Cross-Contract Invocations in Go Smart Contracts”. 40th ACM/SIGAPP Symposium On Applied Computing 2025
  • Oindrilla Ghosh, Rituparna Chaki, Nabendu Chaki, Agostino Cortesi, Risk Assessment in Agile Software Development , Lecture Notes in Networks and Systems Volume 980, LNNS, Pages 295 – 307, 11th International Symposium on Applied Computing for Software and Smart Systems, ACSS 2024
  • Raunak Bag, Nabendu Chaki, Agostino Cortesi, Contextual Correlation Inference in Multi-fleet Robotic Systems, Lecture Notes in Networks and SystemsVolume 980 LNNS, Pages 275 – 294, 11th International Symposium on Applied Computing for Software and Smart Systems, ACSS 2024
  • Massimo Bartoletti, Lorenzo Benetollo, Michele Bugliesi, Silvia Crafa, Giacomo Dal Sasso, Roberto Pettinau, Andrea Pinna, Mattia Piras, Sabina Rossi, Stefano Salis, Alvise Spanò, Viacheslav Tkachenko, Roberto Tonelli, Roberto Zunino. Smart Contract Languages: a comparative analysis. Future Generation Computer Systems 164, 2025
  • Bartoletti, M., Marchesin, R., Zunino, R. (2025). DeFi Composability as MEV Non-interference. In: Clark, J., Shi, E. (eds) Financial Cryptography and Data Security. FC 2024. Lecture Notes in Computer Science, vol 14745. Springer, Cham.
  • Bozzolan, Olliaro, Calzavara, Marin, Balbo, Sereno: “Stochastic models for remote timing attacks”, Privacy Enhancing Technologies Symposium 2025.
  • Calzavara, Casarin, Focardi: “Dynamic analysis of JavaScript: are we there yet?”, The Web Conference 2025.
  • Calzavara, Cazzaro, Lucchese, Pibiri: “Verifiable boosted tree ensembles”, IEEE Symposium on Security and Privacy 2025
  • Caiazza, T. Lisovenko, P. Ferrara, F. Berti, F. Ferrari, A. Zaupa, G. Zhang: “From Legacy to Intelligent IIoT Systems: Automation, Scalability and Elasticity”, Proceedings of the IEEE 22nd International Conference on Software Architecture (ICSA 2025), Odense, Denmark, April 3‑5, 2025
  • Ghosh, O., Chaki, R., Chaki, N., Cortesi, A. (2025). Risk Assessment in Agile Software Development. In: Chaki, N., Cortesi, A., Chaki, R., Saeed, K. (eds) Applied Computing for Software and Smart Systems. ACSS 2024. Lecture Notes in Networks and Systems, vol 980. Springer, Singapore. https://doi.org/10.1007/978-981-97-9762-2_18
  • Calvano, G. Teaching Respect and Responsibility to Young People Through Artificial Intelligence: The Italian Case of LLAmAntino, in International Technology, Education and Development Conference 2025
  • Raciti M., Giampaolo Bella (2025). The SPADA Methodology for Threat Modelling. In Springer’s International Journal of Information Security, 24(86), 2025.
  • Claudio Antares Mezzina, Francesco Tiezzi, Nobuko Yoshida. Checkpoint-based rollback recovery in session programming. Logical Methods in Computer Science, 21(1), 2025.
  • Sara Belluccini, Rocco De Nicola, Marlon Dumas, Pille Pullonen-Raudvere, Barbara Re, Francesco Tiezzi. Model-based verification of data protection mechanisms in collaborative business processes. Journal of Software and Systems Modeling, Springer, 24, 489–521, 2025.
  • Luca Olivieri, Aradhita Mukherjee, Nabendu Chaki, Agostino Cortesi: “Blockchain Interoperability through Bridges: A Token Transfer Perspective”. In 6th International Conference on Blockchain Computing and Applications (BCCA’24)
  • Isabella Mastroeni. Abstract Local Completeness: a Local Form of Abstract Non-Interference. 26th International Conference on Verification, Model Checking, and Abstract Interpretation VMCAI 2025.
  • Nicola Assolini, Alessandra Di Pierro, Isabella Mastroeni. A Static Analysis of Entanglement. 26th International Conference on Verification, Model Checking, and Abstract Interpretation VMCAI 2025.