Visible to the public Biblio

Filters: Author is Serra, Edoardo  [Clear All Filters]
2020-09-18
Rasapour, Farhad, Serra, Edoardo, Mehrpouyan, Hoda.  2019.  Framework for Detecting Control Command Injection Attacks on Industrial Control Systems (ICS). 2019 Seventh International Symposium on Computing and Networking (CANDAR). :211—217.

This paper focuses on the design and development of attack models on the sensory channels and an Intrusion Detection system (IDS) to protect the system from these types of attacks. The encoding/decoding formulas are defined to inject a bit of data into the sensory channel. In addition, a signal sampling technique is utilized for feature extraction. Further, an IDS framework is proposed to reside on the devices that are connected to the sensory channels to actively monitor the signals for anomaly detection. The results obtained based on our experiments have shown that the one-class SVM paired with Fourier transformation was able to detect new or Zero-day attacks.

2018-06-07
Rullo, Antonino, Midi, Daniele, Serra, Edoardo, Bertino, Elisa.  2017.  A Game of Things: Strategic Allocation of Security Resources for IoT. Proceedings of the Second International Conference on Internet-of-Things Design and Implementation. :185–190.
In many Internet of Thing (IoT) application domains security is a critical requirement, because malicious parties can undermine the effectiveness of IoT-based systems by compromising single components and/or communication channels. Thus, a security infrastructure is needed to ensure the proper functioning of such systems even under attack. However, it is also critical that security be at a reasonable resource and energy cost, as many IoT devices may not have sufficient resources to host expensive security tools. In this paper, we focus on the problem of efficiently and effectively securing IoT networks by carefully allocating security tools. We model our problem according to game theory, and provide a Pareto-optimal solution, in which the cost of the security infrastructure, its energy consumption, and the probability of a successful attack, are minimized. Our experimental evaluation shows that our technique improves the system robustness in terms of packet delivery rate for different network topologies.
2017-04-03
Kang, Chanhyun, Park, Noseong, Prakash, B. Aditya, Serra, Edoardo, Subrahmanian, V. S..  2016.  Ensemble Models for Data-driven Prediction of Malware Infections. Proceedings of the Ninth ACM International Conference on Web Search and Data Mining. :583–592.

Given a history of detected malware attacks, can we predict the number of malware infections in a country? Can we do this for different malware and countries? This is an important question which has numerous implications for cyber security, right from designing better anti-virus software, to designing and implementing targeted patches to more accurately measuring the economic impact of breaches. This problem is compounded by the fact that, as externals, we can only detect a fraction of actual malware infections. In this paper we address this problem using data from Symantec covering more than 1.4 million hosts and 50 malware spread across 2 years and multiple countries. We first carefully design domain-based features from both malware and machine-hosts perspectives. Secondly, inspired by epidemiological and information diffusion models, we design a novel temporal non-linear model for malware spread and detection. Finally we present ESM, an ensemble-based approach which combines both these methods to construct a more accurate algorithm. Using extensive experiments spanning multiple malware and countries, we show that ESM can effectively predict malware infection ratios over time (both the actual number and trend) upto 4 times better compared to several baselines on various metrics. Furthermore, ESM's performance is stable and robust even when the number of detected infections is low.