Stefano Zanero

Simone Formentin

CoRR, 2024

Evaluating the Impact of Privacy-Preserving Federated Learning on CAN Intrusion Detection.

[BibT_eX]

[DOI]

Proceedings of the 99th IEEE Vehicular Technology Conference, 2024

Do You Trust Your Device? Open Challenges in IoT Security Analysis.

[BibT_eX]

[DOI]

Proceedings of the 21st International Conference on Security and Cryptography, 2024

You Might Have Known It Earlier: Analyzing the Role of Underground Forums in Threat Intelligence.

[BibT_eX]

[DOI]

Proceedings of the 27th International Symposium on Research in Attacks, 2024

Tarallo: Evading Behavioral Malware Detectors in the Problem Space.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2024

The Illusion of Randomness: An Empirical Analysis of Address Space Layout Randomization Implementations.

[BibT_eX]

[DOI]

Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024

2023

Fraud Detection under Siege: Practical Poisoning Attacks and Defense Strategies.

[BibT_eX]

[DOI]

ACM Trans. Priv. Secur., November, 2023

BINO: Automatic recognition of inline binary functions from template classes.

[BibT_eX]

[DOI]

Comput. Secur., September, 2023

Coming of Age.

[BibT_eX]

[DOI]

Commun. ACM, September, 2023

CANova: A hybrid intrusion detection framework based on automatic signal classification for CAN.

[BibT_eX]

[DOI]

Alessandro Nichelini

Carlo Alberto Pozzoli

Martino Bernasconi de Luca

Comput. Secur., May, 2023

Quantum Eigenfaces: Linear Feature Mapping and Nearest Neighbor Classification with Outlier Detection.

[BibT_eX]

[DOI]

Proceedings of the IEEE International Conference on Quantum Computing and Engineering, 2023

Advancing Fraud Detection Systems Through Online Learning.

[BibT_eX]

[DOI]

Tommaso Paladini

Proceedings of the Machine Learning and Knowledge Discovery in Databases: Applied Data Science and Demo Track, 2023

The Good, the Bad, and the Binary: An LSTM-Based Method for Section Boundary Detection in Firmware Analysis.

[BibT_eX]

[DOI]

Proceedings of the Advances in Information and Computer Security, 2023

Task Aware Intrusion Detection for Industrial Robots.

[BibT_eX]

[DOI]

Andrea Maria Zanchettin

Mara Tanelli

Proceedings of the Italian Conference on Cyber Security (ITASEC 2023), 2023

Rainfuzz: Reinforcement-Learning Driven Heat-Maps for Boosting Coverage-Guided Fuzzing.

[BibT_eX]

[DOI]

Proceedings of the 12th International Conference on Pattern Recognition Applications and Methods, 2023

Untangle: Aiding Global Function Pointer Hijacking for Post-CET Binary Exploitation.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2023

HAMLET: A Transformer Based Approach for Money Laundering Detection.

[BibT_eX]

[DOI]

Proceedings of the Cyber Security, Cryptology, and Machine Learning, 2023

CANdito: Improving Payload-Based Detection of Attacks on Controller Area Networks.

[BibT_eX]

[DOI]

Carlo Alberto Pozzoli

Alessandro Nichelini

Proceedings of the Cyber Security, Cryptology, and Machine Learning, 2023

Evaluating the Robustness of Automotive Intrusion Detection Systems Against Evasion Attacks.

[BibT_eX]

[DOI]

Proceedings of the Cyber Security, Cryptology, and Machine Learning, 2023

Lookin' Out My Backdoor! Investigating Backdooring Attacks Against DL-driven Malware Detectors.

[BibT_eX]

[DOI]

Proceedings of the 16th ACM Workshop on Artificial Intelligence and Security, 2023

DJM-CYBER: A Joint Master in Advanced Cybersecurity.

[BibT_eX]

[DOI]

Proceedings of the 18th International Conference on Availability, Reliability and Security, 2023

2022

GOLIATH: A Decentralized Framework for Data Collection in Intelligent Transportation Systems.

[BibT_eX]

[DOI]

IEEE Trans. Intell. Transp. Syst., 2022

Quantum algorithms for SVD-based data representation and analysis.

[BibT_eX]

[DOI]

Armando Bellante

Alessandro Luongo

Quantum Mach. Intell., 2022

A Systematical and longitudinal study of evasive behaviors in windows malware.

[BibT_eX]

[DOI]

Comput. Secur., 2022

Apícula: Static detection of API calls in generic streams of bytes.

[BibT_eX]

[DOI]

Mario D'Onghia

Matteo Salvadore

Benedetto Maria Nespoli

Mario Polino

Marcus Markland-Montgomery

Comput. Secur., 2022

Amaretto: An Active Learning Framework for Money Laundering Detection.

[BibT_eX]

[DOI]

Danilo Labanca

Luca Primerano

Mario Polino

Javier Fernández Rodríguez

IEEE Access, 2022

A Natural Language Processing Approach for Financial Fraud Detection.

[BibT_eX]

[DOI]

Michele Papale

Proceedings of the Italian Conference on Cybersecurity (ITASEC 2022), 2022

CANflict: Exploiting Peripheral Conflicts for Data-Link Layer Attacks on Automotive Networks.

[BibT_eX]

[DOI]

Alvise de Faveri Tron

Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022

2021

CANnolo: An Anomaly Detection System Based on LSTM Autoencoders for Controller Area Network.

[BibT_eX]

[DOI]

Daniel Humberto Nova Valcarcel

Mattia Zago

IEEE Trans. Netw. Serv. Manag., 2021

Quantum Algorithms for Data Representation and Analysis.

[BibT_eX]

[DOI]

Armando Bellante

Alessandro Luongo

CoRR, 2021

SyML: Guiding Symbolic Execution Toward Vulnerable States Through Pattern Learning.

[BibT_eX]

[DOI]

Proceedings of the RAID '21: 24th International Symposium on Research in Attacks, 2021

2020

Evasion Attacks against Banking Fraud Detection Systems.

[BibT_eX]

[DOI]

Proceedings of the 23rd International Symposium on Research in Attacks, 2020

Smart Factory Security: A Case Study on a Modular Smart Manufacturing System.

[BibT_eX]

[DOI]

Proceedings of the 2nd International Conference on Industry 4.0 and Smart Manufacturing (ISM 2020), 2020

Detecting Insecure Code Patterns in Industrial Robot Programs.

[BibT_eX]

[DOI]

Proceedings of the ASIA CCS '20: The 15th ACM Asia Conference on Computer and Communications Security, 2020

NoSQL Breakdown: A Large-scale Analysis of Misconfigured NoSQL Services.

[BibT_eX]

[DOI]

Proceedings of the ACSAC '20: Annual Computer Security Applications Conference, 2020

Constrained Concealment Attacks against Reconstruction-based Anomaly Detectors in Industrial Control Systems.

[BibT_eX]

[DOI]

Proceedings of the ACSAC '20: Annual Computer Security Applications Conference, 2020

2019

Security of controlled manufacturing systems in the connected factory: the case of industrial robots.

[BibT_eX]

[DOI]

J. Comput. Virol. Hacking Tech., 2019

Real-time Evasion Attacks with Physical Constraints on Deep Learning-based Anomaly Detectors in Industrial Control Systems.

[BibT_eX]

[DOI]

CoRR, 2019

A Secure-by-Design Framework for Automotive On-board Network Risk Analysis.

[BibT_eX]

[DOI]

Proceedings of the 2019 IEEE Vehicular Networking Conference, 2019

CopyCAN: An Error-Handling Protocol based Intrusion Detection System for Controller Area Network.

[BibT_eX]

[DOI]

Proceedings of the ACM Workshop on Cyber-Physical Systems Security & Privacy, 2019

Characterizing Background Noise in ICS Traffic Through a Set of Low Interaction Honeypots.

[BibT_eX]

[DOI]

Pietro Ferretti

Marcello Pogliani

Proceedings of the ACM Workshop on Cyber-Physical Systems Security & Privacy, 2019

2018

Security Evaluation of a Banking Fraud Analysis System.

[BibT_eX]

[DOI]

ACM Trans. Priv. Secur., 2018

When Cyber Got Real: Challenges in Securing Cyber-Physical Systems.

[BibT_eX]

[DOI]

Proceedings of the 2018 IEEE SENSORS, New Delhi, India, October 28-31, 2018, 2018

Extended Abstract: Toward Systematically Exploring Antivirus Engines.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2018

ELISA: ELiciting ISA of Raw Binaries for Fine-Grained Code and Data Separation.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2018

FraudBuster: Temporal Analysis and Detection of Advanced Financial Frauds.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2018

SysTaint: Assisting Reversing of Malicious Network Communications.

[BibT_eX]

[DOI]

Proceedings of the 8th Software Security, 2018

There's a Hole in that Bucket!: A Large-scale Analysis of Misconfigured S3 Buckets.

[BibT_eX]

[DOI]

Proceedings of the 34th Annual Computer Security Applications Conference, 2018

2017

Prometheus: Analyzing WebInject-based information stealers.

[BibT_eX]

[DOI]

J. Comput. Secur., 2017

Cyber-Physical Systems.

[BibT_eX]

[DOI]

Computer, 2017

An Experimental Security Analysis of an Industrial Robot Controller.

[BibT_eX]

[DOI]

Andrea Maria Zanchettin

Proceedings of the 2017 IEEE Symposium on Security and Privacy, 2017

Measuring and Defeating Anti-Instrumentation-Equipped Malware.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2017

A Stealth, Selective, Link-Layer Denial-of-Service Attack Against Automotive Networks.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2017

A Supervised Auto-Tuning Approach for a Banking Fraud Detection System.

[BibT_eX]

[DOI]

Luca Valentini

Proceedings of the Cyber Security Cryptography and Machine Learning, 2017

2016

Editorial.

[BibT_eX]

[DOI]

Giorgio Di Natale

IEEE Trans. Emerg. Top. Comput., 2016

GreatEatlon: Fast, Static Detection of Mobile Ransomware.

[BibT_eX]

[DOI]

Proceedings of the Security and Privacy in Communication Networks, 2016

XSS PEEKER: Dissecting the XSS Exploitation Techniques and Fuzzing Mechanisms of Blackbox Web Application Scanners.

[BibT_eX]

[DOI]

Proceedings of the ICT Systems Security and Privacy Protection, 2016

Trellis: Privilege Separation for Multi-user Applications Made Easy.

[BibT_eX]

[DOI]

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2016

On-chip system call tracing: A feasibility study and open prototype.

[BibT_eX]

[DOI]

Proceedings of the 2016 IEEE Conference on Communications and Network Security, 2016

ShieldFS: a self-healing, ransomware-aware filesystem.

[BibT_eX]

[DOI]

Proceedings of the 32nd Annual Conference on Computer Security Applications, 2016

2015

European Cyber-Security Research and Innovation.

[BibT_eX]

[DOI]

Evangelos P. Markatos

ERCIM News, 2015

Scalable Testing of Mobile Antivirus Applications.

[BibT_eX]

[DOI]

Computer, 2015

BankSealer: A decision support system for online banking fraud analysis and investigation.

[BibT_eX]

[DOI]

Comput. Secur., 2015

HelDroid: Dissecting and Detecting Mobile Ransomware.

[BibT_eX]

[DOI]

Nicoló Andronio

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2015

Jackdaw: Towards Automatic Reverse Engineering of Large Datasets of Binaries.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2015

Practical Exploit Generation for Intent Message Vulnerabilities in Android.

[BibT_eX]

[DOI]

Daniele Gallingani

Rigel Gjomemo

V. N. Venkatakrishnan

Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, 2015

Grab 'n Run: Secure and Practical Dynamic Code Loading for Android Applications.

[BibT_eX]

[DOI]

Proceedings of the 31st Annual Computer Security Applications Conference, 2015

2014

Black-box forensic and antiforensic characteristics of solid-state drives.

[BibT_eX]

[DOI]

J. Comput. Virol. Hacking Tech., 2014

Why Offensive Security Needs Engineering Textbooks: Or, How to Avoid a Replay of "Crypto Wars" in Security Research.

[BibT_eX]

[DOI]

PuppetDroid: A User-Centric UI Exerciser for Automatic Dynamic Analysis of Similar Android Applications.

[BibT_eX]

[DOI]

CoRR, 2014

XSS Peeker: A Systematic Analysis of Cross-site Scripting Vulnerability Scanners.

[BibT_eX]

[DOI]

CoRR, 2014

Stranger danger: exploring the ecosystem of ad-based URL shortening services.

[BibT_eX]

[DOI]

Proceedings of the 23rd International World Wide Web Conference, 2014

BankSealer: An Online Banking Fraud Analysis and Decision Support System.

[BibT_eX]

[DOI]

Proceedings of the ICT Systems Security and Privacy Protection, 2014

ZARATHUSTRA: Extracting Webinject signatures from banking trojans.

[BibT_eX]

[DOI]

Proceedings of the 2014 Twelfth Annual International Conference on Privacy, 2014

A Practical Attack Against a KNX-based Building Automation System.

[BibT_eX]

[DOI]

Alessio Antonini

Proceedings of the 2nd International Symposium for ICS & SCADA Cyber Security Research 2014, 2014

BitIodine: Extracting Intelligence from the Bitcoin Network.

[BibT_eX]

[DOI]

Michele Spagnuolo

Proceedings of the Financial Cryptography and Data Security, 2014

Phoenix: DGA-Based Botnet Tracking and Intelligence.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2014

AndRadar: Fast Discovery of Android Applications in Alternative Markets.

[BibT_eX]

[DOI]

Martina Lindorfer

Stamatis Volanis

Alessandro Sisto

Matthias Neugschwandtner

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2014

Faces in the Distorting Mirror: Revisiting Photo-based Social Authentication.

[BibT_eX]

[DOI]

Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014

Security and Privacy Measurements in Social Networks: Experiences and Lessons Learned.

[BibT_eX]

[DOI]

Proceedings of the Third International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, 2014

2013

A Security Layer for Smartphone-to-Vehicle Communication Over Bluetooth.

[BibT_eX]

[DOI]

IEEE Embed. Syst. Lett., 2013

Tracking and Characterizing Botnets Using Automatically Generated Domains.

[BibT_eX]

[DOI]

CoRR, 2013

Two years of short URLs internet measurement: security threats and countermeasures.

[BibT_eX]

[DOI]

Proceedings of the 22nd International World Wide Web Conference, 2013

AndroTotal: a flexible, scalable toolbox and service for testing mobile malware detectors.

[BibT_eX]

[DOI]

Andrea Valdi

Proceedings of the SPSM'13, 2013

A comprehensive black-box methodology for testing the forensic characteristics of solid-state drives.

[BibT_eX]

[DOI]

Proceedings of the Annual Computer Security Applications Conference, 2013

2012

i-Code: Real-Time Malicious Code Identification.

[BibT_eX]

[DOI]

Sotiris Ioannidis

Evangelos P. Markatos

ERCIM News, 2012

Integrated detection of anomalous behavior of computer infrastructures.

[BibT_eX]

[DOI]

Proceedings of the 2012 IEEE Network Operations and Management Symposium, 2012

Context-Based File Block Classification.

[BibT_eX]

[DOI]

Luigi Sportiello

Proceedings of the Advances in Digital Forensics VIII, 2012

All your face are belong to us: breaking Facebook's social authentication.

[BibT_eX]

[DOI]

Proceedings of the 28th Annual Computer Security Applications Conference, 2012

Lines of malicious code: insights into the malicious software industry.

[BibT_eX]

[DOI]

Martina Lindorfer

Alessandro Di Federico

Paolo Milani Comparetti

Proceedings of the 28th Annual Computer Security Applications Conference, 2012

2011

BURN: baring unknown rogue networks.

[BibT_eX]

[DOI]

Proceedings of the 8th International Symposium on Visualization for Cyber Security, 2011

Finding Non-trivial Malware Naming Inconsistencies.

[BibT_eX]

[DOI]

Proceedings of the Information Systems Security - 7th International Conference, 2011

Systems Security Research at Politecnico di Milano.

[BibT_eX]

[DOI]

Proceedings of the First SysSec Workshop 2011, 2011

Poster: fast, automatic iPhone shoulder surfing.

[BibT_eX]

[DOI]

Proceedings of the 18th ACM Conference on Computer and Communications Security, 2011

A social-engineering-centric data collection initiative to study phishing.

[BibT_eX]

[DOI]

Alessandro Sisto

Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, 2011

File Block Classification by Support Vector Machine.

[BibT_eX]

[DOI]

Luigi Sportiello

Proceedings of the Sixth International Conference on Availability, 2011

2010

Detecting Intrusions through System Call Sequence and Argument Analysis.

[BibT_eX]

[DOI]

Matteo Matteucci

IEEE Trans. Dependable Secur. Comput., 2010

Identifying Dormant Functionality in Malware Programs.

[BibT_eX]

[DOI]

Paolo Milani Comparetti

Proceedings of the 31st IEEE Symposium on Security and Privacy, 2010

Effective Multimodel Anomaly Detection Using Cooperative Negotiation.

[BibT_eX]

[DOI]

Alberto Volpatto

Proceedings of the Decision and Game Theory for Security, 2010

2009

Reducing false positives in anomaly detectors through fuzzy alert aggregation.

[BibT_eX]

[DOI]

Matteo Matteucci

Inf. Fusion, 2009

Wireless Malware Propagation: A Reality Check.

[BibT_eX]

[DOI]

IEEE Secur. Priv., 2009

BlueBat: Towards Practical Bluetooth Honeypots.

[BibT_eX]

[DOI]

Antonio Galante

Ary Kokos

Proceedings of IEEE International Conference on Communications, 2009

Selecting and Improving System Call Models for Anomaly Detection.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, 2009

2008

GIVS: integrity validation for grid security.

[BibT_eX]

[DOI]

Giuliano Casale

Int. J. Crit. Infrastructures, 2008

Unsupervised learning algorithms for intrusion detection.

[BibT_eX]

[DOI]

Giuseppe Serazzi

Proceedings of the IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubioquitous Networks and Services, 2008

Integrating Partial Models of Network Normality via Cooperative Negotiation: An Approach to Development of Multiagent Intrusion Detection Systems.

[BibT_eX]

[DOI]

Proceedings of the 2008 IEEE/WIC/ACM International Conference on Intelligent Agent Technology, 2008

A methodology for the repeatable forensic analysis of encrypted drives.

[BibT_eX]

[DOI]

Cory Altheide

Claudio Merloni

Proceedings of the First European Workshop on System Security, 2008

ULISSE, a network intrusion detection system.

[BibT_eX]

[DOI]

Proceedings of the 4th annual workshop on Cyber security and information intelligence research, 2008

2007

Studying Bluetooth Malware Propagation: The BlueBag Project.

[BibT_eX]

[DOI]

Luca Carettoni

Claudio Merloni

IEEE Secur. Priv., 2007

On the Use of Different Statistical Tests for Alert Correlation - Short Paper.

[BibT_eX]

[DOI]

Proceedings of the Recent Advances in Intrusion Detection, 10th International Symposium, 2007

2006

Unsupervised learning algorithms for intrusion detection.

[BibT_eX]

[DOI]

PhD thesis, 2006

Open Problems in Computer Virology.

[BibT_eX]

[DOI]

Eric Filiol

Marko Helenius

J. Comput. Virol., 2006

2005

Security and Trust in the Italian Legal Digital Signature Framework.

[BibT_eX]

[DOI]

Proceedings of the Trust Management, Third International Conference, 2005

Analyzing TCP Traffic Patterns Using Self Organizing Maps.

[BibT_eX]

[DOI]

Proceedings of the Image Analysis and Processing, 2005

Performance Issues in Video Streaming Environments.

[BibT_eX]

[DOI]

Proceedings of the FIRB-Perf Workshop on Techniques, 2005

2004

Lessons learned from the Italian law on privacy - Part II.

[BibT_eX]

[DOI]

Pierluigi Perri

Comput. Law Secur. Rev., 2004

Lessons learned from the Italian law on privacy - Part I.

[BibT_eX]

[DOI]

Pierluigi Perri

Comput. Law Secur. Rev., 2004

Unsupervised learning techniques for an intrusion detection system.

[BibT_eX]

[DOI]

Sergio M. Savaresi

Proceedings of the 2004 ACM Symposium on Applied Computing (SAC), 2004

Optimal Number of Nodes for Computation in Grid Environments.

[BibT_eX]

[DOI]

Proceedings of the 12th Euromicro Workshop on Parallel, 2004

Behavioral Intrusion Detection.

[BibT_eX]

[DOI]

Proceedings of the Computer and Information Sciences, 2004

2003

Computer Virus Propagation Models.

[BibT_eX]

[DOI]

Giuseppe Serazzi