Daniele Sgandurra's Homepage

Welcome to my homepage!

I'm a Senior Lecturer at the Information Security Group, Royal Holloway - University of London, where I lead the Systems and Software Security Lab (S3Lab).

My research interests are related to practical aspects of software security, by focusing on attacks and defences at various architectural layers. My recent work investigates the arms-race between malware and anti-malware systems.

Short Bio

I hold a PhD in Computer Science from the University of Pisa (2010), supervised by Prof. F. Baiardi. During my PhD studies I've worked on virtualization security. In particular, my research has focused around virtual machine introspection to enable a secure virtual machine to check the state of a monitored virtual machine. During my PhD I've been a visiting research at IBM Zurich Research Laboratory, collaborating in the security group supervised by Diego Zamboni and Andreas Wespi, by participating in the Phantom project.

From 2010 to 2013 I've been a PostDoc researcher at the Institute of Informatics and Telematics of the Italian National Research Council (CNR), in Pisa (IT), where I've mainly worked in the field of mobile security.

From 2014 to October 2016, I've been a Research Associate at the Department of Computing, Imperial College London, working in the Security Group lead by Emil Lupu. Here, I've focused my research in the field of threat modeling and attack graps for Cloud systems, and I've been involved in the Coco Cloud EU project.

Since October 2016, I'm a Lecturer at the Information Security Group at Royal Holloway, where most of my research focuses on the arms-race between malware and anti-malware systems, and since September 2018 I lead the Systems and Software Security Lab (S3Lab). Currently, I'm the Principal Investigator at RHUL of H2020 Project FutureTPM (2018-2020) on Quantum Resistant Trusted Platform Module (TPM), by leading the virtual TPM activities. I'm also involved in the activities of the InterNational CyberSecurity Center of Excellence (INCS-CoE), in particular with the Country-to-Country Capture the Flag (C2C-CTF) competition. Since 2019, I'm the Program Chair of the Workshop on Cyber-Security Arms Race (CYSARM).

News

I'm program chair of the 2nd Workshop on Cyber-Security Arms Race (CYSARM), co-located with the 27th ACM Conference on Computer and Communications Security, November 13, 2020 — Orlando, USA. You can find more information at the website of CYSARM.

Together with INCS-CoE, I'm organizing the 1st edition of the Country-to-Country (C2C) Capture the Flag (CTF) competition in Winter 2020 (TBC). More information about this event can be found here.

Our paper, "A Game of “Cut and Mouse”: Bypassing Antivirus by Simulating User Inputs.", has been accepted at ACSAC 2019! Authors: Ziya Alper Genç, Gabriele Lenzini, Daniele Sgandurra.

Our paper, "On Deception-Based Protection Against Cryptographic Ransomware.", has been accepted at DIMVA 2019! Authors: Ziya Alper Genç, Gabriele Lenzini, Daniele Sgandurra.

Malware Analysis and Evasion

Recently, in collaboration with University of University of Luxembourg, we have analyzed existing decoy strategies to detect ransomware measured their effectiveness by defining a set of metrics to measure their robustness. To demonstrate how ransomware can identify existing deception-based detection strategies, we have implemented a proof-of-concept anti-decoy ransomware that successfully bypasses decoys by using a decision engine with few rules. In another work. We have investigated how malware can simulate mouse events to control anti-viruses (AVs) to send them mouse "clicks" to deactivate their protection. We have proven that many AVs can be disabled in this way, and we call this class of attacks Ghost Control. We have also shown ho a ransomware can control a high-integrity white-listed applications, such as Notepad, by sending it keyboard events (such as "copy-and-paste") to perform malicious operations on behalf of the ransomware, as a "puppet", to rewrite the content of protected files as a ransomware would do (we have called this class of attacks "Cut-and-Mouse"). More info can be found here and here.

Cut-and-Mouse

At Imperial College we have proposed a machine learning approach for dynamically analysing and classifying ransomware by monitoring a set of actions performed by applications in their first phases of installation checking for characteristics signs of ransomware. Our approach works without requiring that an entire ransomware family is available beforehand. A preliminary version of a paper can be found here: arXiv:1609.03020, 2016. Daniele Sgandurra, Luis Muñoz-González, Rabih Mohsen, Emil C. Lupu. “Automated Analysis of Ransomware: Benefits, Limitations, and use for Detection.”. You can find here the ransomware dataset we collected and analysed, which includes 582 samples of ransomware and 942 good applications. More info on the dataset can be found here.

elderan

During my PostDoc at CNR, in Italy, I've worked in an Android monitoring framework to detect malware that implements a multi-level analysis of the app and system behavior to detect malicious actions (MADAM -- Multi-level Anomaly Detector for Android Malware). MADAM is a host-based malware detection system for Android devices which simultaneously analyzes and correlates features at four levels: kernel, application, user and package, to detect and stop malicious behaviors. MADAM has been specifically designed to take into account those behaviors that are characteristics of almost every real malware which can be found in the wild. MADAM detects and effectively blocks more than 96% of malicious apps, which come from three large datasets with more than 2,800 apps, by exploiting the cooperation of two parallel classifiers and a behavioral signature-based detector. Extensive experiments have been conducted to show the high usability of MADAM, the low false alarm rate, the negligible performance overhead and limited battery consumption. You can find more info here.

madam

Attacks and Defences

During my PhD I've investigated how virtual machine introspection can enable a secure virtual machine to access the status of a monitored machine to check the kernel integrity and the process self. The process self is computed statically by analyzing the source code, and is defined through a context-free grammar, which defines the system call traces that the process may issue during its execution, and a set of invariants each associated with a program point where the process invokes a call. Further examples I've worked on during my partnership at IBM Zurich are the design and implementation of a mechanism to transparently inject and protect a context-agent into a running virtual machine using introspection. This enables a transparent retrieval of reliable high-level information about the internal operation of the monitored virtual machine while having confidence that the in-guest agent has not been compromised. You can find more info here.

introspection

At Imperial College London, after completing a survey on more than 200 papers on virtualization security, I've observed that many publications often rely on implicit, and different, assumptions. Threat models are often presented in different ways making it difficult to evaluate the efficacy of solutions: which threats do they address? and under which assumptions? For this reason, I've been working on a definition of an uniform framework to define the threat models, their protection goals and trusted computing base for proposed solutions. called FATHoM (Formalizing Threat Models). The model, a template and some examples can be found here. You can find more info here.

fathom

Attack-Graphs and Risk Management

Attack graphs are used to represent prior knowledge about vulnerabilities and network connectivity and enable system administrators to reason about threats and their risk in a formal way. During my PhD and PostDoc I've worked in collaboration with University of Pisa in a framework to simulate attacks, using a Monte Carlo approach, by generating attack graphs in real-time. This approach enables administrators to focus on the most-effective threats, and to perform a cost-effective selection of countermeasures. More info can be found here and here.

At Imperial College London, I've collaborated in a framework that statically/dynamically computes the (exact/approximate) probabilities of the venues an attacker can exploit to compromise a system. More info can be found here and here.

Bayesian Attack Graphs

Publications
2019

A Game of “Cut and Mouse”: Bypassing Antivirus by Simulating User Inputs.
Ziya Alper Genç, Gabriele Lenzini, Daniele Sgandurra. ACSAC 2019.
[pdf] [bibtex]

On Deception-Based Protection Against Cryptographic Ransomware.
Ziya Alper Genç, Gabriele Lenzini, Daniele Sgandurra. DIMVA 2019.
[pdf] [bibtex]

2018

Towards a Framework for Testing the Security of IoT Devices Consistently.
Gurjan Lally, Daniele Sgandurra. ETAA@ESORICS 2018: 88-102.
[pdf] [bibtex]

A Logic-Based Reasoner for Discovering Authentication Vulnerabilities Between Interconnected Accounts.
Erisa Karafili, Daniele Sgandurra, Emil Lupu. ETAA@ESORICS 2018: 73-87.
[pdf] [bibtex]

Lightweight Classification of IoT Malware Based on Image Recognition.
Su, Jiawei; Vasconcellos Vargas, Danilo; Prasad, Sanjiva; Sgandurra, Daniele; Feng, Yaokai; Sakurai, Kouichi. In the 8th IEEE International Workshop on Network Technologies for Security, Administration, and Protection (NETSAP 2018).
[pdf] [bibtex]

An improved SMURF scheme for cleaning RFID data.
He Xu; Jie Ding; Peng Li; Daniele Sgandurra; Ruchuan Wang. In the International Journal of Grid and Utility Computing (IJGUC), Vol. 9, No. 2, 2018. 10.1504/IJGUC.2018.10012797.
[pdf] [bibtex]

2017

Analysing the Resilience of the IoT against Physical and Proximity Attacks.
Xu, He; Sgandurra, Daniele; Mayes, Keith; Li, Peng; Wang, Ruchuan.
In the 10th International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage. 2017.
[pdf] [bibtex]

A New Security Middleware Architecture Based on Fog Computing and Cloud To Support IoT Constrained Devices.
Razouk, Wissam; Sgandurra, Daniele; Sakurai, Kouichi.
In the International Conference on Internet of Things and Machine Learning. 2017.
[pdf] [bibtex]

Efficient Attack Graph Analysis through Approximate Inference.
Luis Muñoz-González, Daniele Sgandurra, Andrea Paudice, Emil C. Lupu.
In ACM Transactions on Transactions on Privacy and Security (TOPS), Volume 20 Issue 3, Article No. 10. July 2017.
[pdf] [bibtex]

Exact Inference Techniques for the Analysis of Bayesian Attack Graphs.
Luis Muñoz-González, Daniele Sgandurra, Martín Barrère, Emil C. Lupu.
In IEEE Transactions on Dependable and Secure Computing (TDSC), 2017. DOI: 10.1109/TDSC.2016.2627033.
[pdf (Open Access)] [bibtex]

VSMURF: A Novel Sliding Window Cleaning Algorithm for RFID Networks.
He Xu, Weiwei Shen, Peng Li, Daniele Sgandurra, and Ruchuan Wang.
Journal of Sensors, vol. 2017, Article ID 3186482, 11 pages, 2017. doi:10.1155/2017/3186482.
[pdf (Open Access)] [bibtex]

2016

Automated Dynamic Analysis of Ransomware: Benefits, Limitations and use for Detection.
Daniele Sgandurra, Luis Muñoz-González, Rabih Mohsen, Emil C. Lupu
In ArXiv e-prints, arXiv:1609.03020.
[pdf] [bibtex]

Efficient Attack Graph Analysis through Approximate Inference.
Luis Muñoz-González, Daniele Sgandurra, Andrea Paudice, Emil C. Lupu
In ArXiv e-prints, arXiv:1606.07025.
[pdf] [bibtex]

Risk Analysis of Android Applications: A User-Centric Solution.
Gianluca Dini, Fabio Martinelli, Ilaria Matteucci, Marinella Petrocchi, Andrea Saracino, Daniele Sgandurra. In Future Generation Computer Systems, Special issue on Security, Privacy and Trust of the User-centric Solutions, Volume 80, March 2018, Pages 505-518. 10.1016/j.future.2016.05.035
[pdf] [bibtex]

Formalizing Threat Models for Virtualized Systems.
Daniele Sgandurra, Erisa Karafili and Emil Lupu. In proceeding of the 30th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2016).
[pdf] [bibtex]

MADAM: Effective and Efficient Behavior-based Android Malware Detection and Prevention.
Andrea Saracino, Daniele Sgandurra, Gianluca Dini and Fabio Martinelli. In IEEE Transactions on Dependable and Secure Computing (Volume: 15, Issue: 1, Jan.-Feb. 1 2018). DOI: 10.1109/TDSC.2016.2536605.
[pdf] [bibtex]

Evolution of Attacks, Threat Models, and Solutions for Virtualized Systems.
Daniele Sgandurra, Emil Lupu. In ACM Computing Surveys (CSUR), Volume 48 Issue 3, February 2016, Article No. 46.
[pdf] [bibtex]

2015

Exact Inference Techniques for the Dynamic Analysis of Attack Graphs.
Muñoz-González, Luis; Sgandurra, Daniele; Barrère, Martín; Lupu, Emil
In ArXiv e-prints, arXiv:1510.02427.
[pdf] [bibtex]

AntiCheetah: Trustworthy computing in an outsourced (cheating) environment.
Roberto Di Pietro, Flavio Lombardi, Fabio Martinelli, Daniele Sgandurra.
In Future Generation Computer Systems (2015) pp. 28-38, DOI: 10.1016/j.future.2015.02.004
[pdf] [bibtex]

Sharing Data Through Confidential Clouds: An Architectural Perspective.
Daniele Sgandurra, Francesco Di Cerbo, Slim Trabelsi, Fabio Martinelli, and Emil Lupu.
In proceedings of the 1st International Workshop on TEchnical and LEgal aspects of data pRivacy and SEcurity, 2015 IEEE/ACM, pp. 58-61, DOI: 10.1109/TELERISE.2015.19
[pdf] [bibtex]

Design and Development of a Facebook Application to Raise Privacy Awareness.
Gianpiero Costantino and Daniele Sgandurra.
In proceedings of the 23nd Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP) 2015.
[pdf] [bibtex]

2014

Detection of repackaged mobile applications through a collaborative approach.
Alessandro Aldini, Fabio Martinelli, Andrea Saracino, and Daniele Sgandurra.
In Journal of Concurrency and Computation: Practice and Experience, Volume 27, Issue 11, pages 2818–2838, 10 August 2015. DOI: 10.1002/cpe.3447.
[pdf] [bibtex]

Simulating Attack Plans Against ICT Infrastructures.
Baiardi, F., Corò, F., Tonelli, F., Guidi, L., and Sgandurra, D.
In Vulnerability, Uncertainty, and Risk: pp. 627-637. DOI: 10.1061/9780784413609.064.
[pdf] [bibtex]

Automating the assessment of ICT risk.
Fabrizio Baiardi, Fabio Corò, Federico Tonelli, Daniele Sgandurra.
In Journal of Information Security and Applications, Volume 19, Issue 3, July 2014, Pages 182–193, doi:10.1016/j.jisa.2014.04.002.
[pdf] [bibtex]

A Scenario Method to Automatically Assess ICT Risk.
Fabrizio Baiardi, Fabio Corò, Federico Tonelli, Daniele Sgandurra.
Proceedings of the 22nd Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP) 2014, pp. 544-551, doi:10.1109/PDP.2014.105.
[pdf] [bibtex]

2013

AntiCheetah: an Autonomic Multi-round Approach for Reliable Computing.
Roberto Di Pietro, Flavio Lombardi, Fabio Martinelli and Daniele Sgandurra.
Proceedings of the 10th IEEE International Conference on Autonomic and Trusted Computing (ATC-2013). Best Paper Award
[pdf] [bibtex]

How to Grant Less Permissions to Facebook Applications.
Gianpiero Costantino, Fabio Martinelli and Daniele Sgandurra.
Proceedings of the Ninth International Conference on Information Assurance and Security (IAS'2013).
[pdf] [bibtex]

Towards Enforcing On-The-Fly Policies in BYOD Environments.
Gianpiero Costantino, Fabio Martinelli, Andrea Saracino and Daniele Sgandurra.
Proceedings of the Ninth International Conference on Information Assurance and Security (IAS'2013).
[pdf] [bibtex]

Remote Policy Enforcement for Trusted Application Execution in Mobile Environments.
Fabio Martinelli, Ilaria Matteucci, Andrea Saracino and Daniele Sgandurra.
In proceedings of InTrust 2013: 5th International Conference on Trusted Systems. LNCS 8292, pp. 70-84.
[pdf] [bibtex]

CheR: Cheating Resilience in the Cloud via Smart Resource Allocation
Roberto Di Pietro, Flavio Lombardi, Fabio Martinelli and Daniele Sgandurra.
Proceedings of the Sixth International Symposium on Foundations & Practice of Security (FPS'2013).
[pdf] [bibtex]

Classifying Android Malware through Subgraph Mining.
Fabio Martinelli, Andrea Saracino, Daniele Sgandurra.
Proceedings of The sixth International Workshop on Autonomous and Spontaneous Security (SETOP 2013).
[pdf] [bibtex]

Introducing probabilities in contract-based approaches for mobile application security.
Gianluca Dini, Fabio Martinelli, Ilaria Matteucci, Andrea Saracino and Daniele Sgandurra.
Proceedings of The sixth International Workshop on Autonomous and Spontaneous Security (SETOP 2013).
[pdf] [bibtex]

Assessing ICT risk through a Monte Carlo method.
Fabrizio Baiardi, Daniele Sgandurra.
Journal of Environment Systems and Decisions, Springer US, pp. 1-14.
[pdf] [bibtex]

Probabilistic Contract Compliance for Mobile Applications.
Gianluca Dini, Fabio Martinelli, Andrea Saracino, Daniele Sgandurra.
Proceedings of the Eighth International Conference on Availability, Reliability and Security (ARES 2013).
[pdf] [bibtex]

Evaluating the Trust of Android Applications through an Adaptive and Distributed Multi-Criteria Approach.
Gianluca Dini, Fabio Martinelli, Ilaria Matteucci, Marinella Petrocchi, Andrea Saracino, Daniele Sgandurra.
Proceedings of the 3rd IEEE International Symposium on Trust and Identity in Mobile Internet, Computing and Communications (TrustID 2013).
[pdf] [bibtex]

A Collaborative Framework for Generating Probabilistic Contracts.
Alessandro Aldini, Fabio Martinelli, Andrea Saracino, Daniele Sgandurra.
Proceedings of the 2013 IEEE International Conference on Collaboration Technologies and Systems, May 20-24, 2013, San Diego, California. Editors: Waleed W. Smari & Geoffrey C. Fox. pp. 139-143. Outstanding Paper Award
[pdf] [bibtex]

Are Photos On Social Networks Really Private?
Gianpiero Costantino, Fabio Martinelli, Daniele Sgandurra.
Proceedings of the 2013 IEEE International Conference on Collaboration Technologies and Systems, May 20-24, 2013, San Diego, California. Editors: Waleed W. Smari & Geoffrey C. Fox.
[pdf] [bibtex]

2012

Multi-Criteria-based Evaluation of Android Applications.
Gianluca Dini, Fabio Martinelli, Ilaria Matteucci, Marinella Petrocchi, Andrea Saracino, Daniele Sgandurra.
In proceedings of InTrust 2012: 4th International Conference on Trusted Systems. LNCS 7711, pp. 66-82.
[pdf] [bibtex]

MADAM: a Multi-Level Anomaly Detector for Android Malware.
Andrea Saracino, Fabio Martinelli, Daniele Sgandurra, Gianluca Dini.
In proceedings of the Sixth International Conference 'Mathematical Methods, Models, and Architectures for Computer Network Security' (MMM-ACNS-2012). LNCS 7531, pp. 240-253.
[pdf] [bibtex]

Haruspex: Simulation-driven Risk Analysis for Complex Systems.
Baiardi, F. and Telmon, C. and Sgandurra, D.
ISACA Journal 3 (2012): 46.
[pdf] [bibtex]

A Survey on Security for Mobile Devices.
La Polla, M. and Martinelli, F. and Sgandurra, D.
In Communications Surveys & Tutorials, IEEE, Volume: 13 , Issue: 1, pp. 446-471.
[pdf] [bibtex]

2011

Unbounded impacts and risk mitigation in billing infrastructures.
Baiardi, F., Telmon, C. and Sgandurra, D.
Int. J. Risk Assessment and Management, Vol. 15, Nos. 2/3, pp.186-204, 2011.
[pdf] [bibtex]

An Obfuscation-Based Approach Against Injection Attacks.
Fabrizio Baiardi, Daniele Sgandurra.
In proceedings of the Sixth International Conference on Availability, Reliability and Security (ARES), Vienna, Austria, 2011.
[pdf] [bibtex]

A Simulation-Driven Approach for Assessing Risks of Complex Systems.
Fabrizio Baiardi, Claudio Telmon and Daniele Sgandurra.
In proceedings of the 13th European Workshop on Dependable Computing Pisa, Italy, 11-12 May 2011
[pdf] [bibtex]

Attestation of integrity of overlay networks.
Fabrizio Baiardi, Daniele Sgandurra.
Journal of Systems Architecture - Embedded Systems Design 57(4): 463-473, 2011
[pdf] [bibtex]

2010

Semantic Attestation of Node Integrity in Overlays.
Fabrizio Baiardi, Daniele Sgandurra.
In proceedings of OTM 2010 - Confederated International Conferences: CoopIS, IS, DOA and ODBASE, Hersonissos, Crete, Greece, October 25-29, 2010. LNCS 6426, pp. 656-671.
[pdf] [bibtex]

Securing a Community Cloud.
Fabrizio Baiardi, Daniele Sgandurra.
In proceedings of the first ICDCS Workshop on Security and Privacy in Cloud Computing, 2010, issn 1545-0678, pp. 32-41.
[pdf] [bibtex]

2009

Cloud Security Is Not (Just) Virtualization Security.
Mihai Christodorescu, Reiner Sailer, Douglas Schales, Daniele Sgandurra, Diego Zamboni.
In proceedings of the ACM Cloud Computing Security Workshop. November, 2009.
[pdf] [bibtex]

Introspection-based Context Agent Injection.
Mihai Christodorescu, Reiner Sailer, Douglas Schales, Arvind Seshadri, Daniele Sgandurra, Diego Zamboni.
In IBM AoT (Academy of Technology) Security and Privacy Symposium, June 22-26, 2009.

Invariant Evaluation through Introspection for Proving Security Properties.
Fabrizio Baiardi, Dario Maggiari and Daniele Sgandurra.
Journal of Information Assurance and Security, Volume 4, Issue 2. pp 124-132, Dynamic Publisher Inc, issn 1554-1010, 2009.
[pdf] [bibtex]

Modeling and Managing Risk in Billing Infrastructures.
Fabrizio Baiardi, Claudio Telmon and Daniele Sgandurra.
In proceedings of the Third Annual IFIP Working Group 11.10 International Conference on Critical Infrastructure Protection, ISBN 978-3-642-04797-8, pp. 51-64, Springer Boston.
[pdf] [bibtex]

Measuring Semantic Integrity for Remote Attestation.
Fabrizio Baiardi, Diego Cilea, Daniele Sgandurra and Francesco Ceccarelli.
In proceedings of the 2nd International Conference on Trusted Computing Technical Strand (Trust 2009), Oxford, UK, LNCS 5471, pp. 81-100.
[pdf] [bibtex]

PsycoTrace: Virtual and Transparent Monitoring of a Process Self.
Fabrizio Baiardi, Dario Maggiari, Daniele Sgandurra and Francesco Tamberi.
In proceedings of the 17th Euromicro International Conference on Parallel, Distributed and network-based Processing (PDP 2009), Weimar, Germany, IEEE Computer Society Press, pp. 393-397, 2009.
[pdf] [bibtex]

Securing Health Information Infrastructures through Overlays.
Fabrizio Baiardi, Dario Maggiari and Daniele Sgandurra.
In proceedings of HEALTHINF 2009 - Second International Conference on Health Informatics, L. Azevedo and A. R. Londral, eds., Porto, Portugal: INSTICC Press, pp. 123-128, 2009, ISBN: 978-989-811-63-0.
[bibtex]

Hierarchical, Model-Based Risk Management of Critical Infrastructures.
Fabrizio Baiardi, Claudio Telmon, Daniele Sgandurra
Journal of Reliability Engineering & System Safety Volume 94, Issue 9, September 2009, Pages 1403-1415.
[pdf] [bibtex]

2008

Transparent Process Monitoring in a Virtual Environment.
Daniele Sgandurra, Fabrizio Baiardi, Dario Maggiari, and Francesco Tamberi.
In Electronic Notes in Theoretical Computer Science, volume 236, pp. 85-100, 2009. Proceedings of the Third International Workshop on Views On Designing Complex Architectures (VODCA 2008), Bertinoro (Italy).
[pdf] [bibtex]

Semantics-Driven Introspection in a Virtual Environment.
Francesco Tamberi, Dario Maggiari, Daniele Sgandurra, Fabrizio Baiardi.
In proceedings of the Fourth IEEE International Conference on Information Assurance and Security (IAS 2008), Naples (Italy), pp 299-302.
[pdf] [bibtex]

Secure Sharing of an ICT Infrastructure Through Vinci.
Fabrizio Baiardi and Daniele Sgandurra.
In Proceedings of the 2nd International Conference on Autonomous Infrastructure, Management and Security Resilient Networks and Services (AIMS 2008), Bremen (Germany), LNCS 5127, pp. 65-78.
[pdf] [bibtex]

Virtual Interacting Network Community: Exploiting Multi-Core Architectures to Increase Security.
Fabrizio Baiardi and Daniele Sgandurra.
In proceedings of the 2008 Computing Frontiers Conference, ACM, 2008, Ischia (Italy), p. 111.
[pdf] [bibtex]

2007

Protezione del Kernel Tramite Macchine Virtuali.
Fabio Campisi, Daniele Sgandurra.
Net&System Security 2007, Pisa (Italy). Best Student Paper Award.

Towards High Assurance Networks of Virtual Machines.
Fabrizio Baiardi and Daniele Sgandurra.
In Proceedings of the 3rd European Conference on Computer Network Defense (EC2ND 2007), Heraklion (Greece), Lecture Notes in Electrical Engineering, Vol. 30 Siris, pp. 21-34.
[pdf] [bibtex]

Managing Critical Infrastructures through Virtual Network Communities.
Fabrizio Baiardi, Gaspare Sala, and Daniele Sgandurra.
In proceedings of 2nd International Workshop on Critical Information Infrastructures Security (CRITIS 2007), Malaga (Spain), LNCS 5141, pp. 71-82.
[pdf] [bibtex]

Security and Integrity of a Distributed File Storage in a Virtual Environment.
Gaspare Sala, Daniele Sgandurra, and Fabrizio Baiardi.
In proceedings of 4th International IEEE Security in Storage Workshop (SISW 07), San Diego (USA), pp. 58-69.
[pdf] [bibtex]

Building Trustworthy Intrusion Detection through VM Introspection.
Fabrizio Baiardi and Daniele Sgandurra.
In proceedings of the Third IEEE International Symposium on Information Assurance and Security (IAS 07), 2007, Manchester (UK), pp. 209-214.
[pdf] [bibtex]

Ongoing Projects
InterNational Cyber Security Center of Excellence (INCS-CoE)

I'm involved in the activities of the InterNational Cyber Security Center of Excellence (INCS-CoE), in particular in WG1 and WG3, and the Country-to-Country Capture-the-Flag (C2C-CTF). More information about this event can be found here.

C2C

FutureTPM

FutureTPM (Future Proofing the Connected World: A Quantum-Resistant Trusted Platform Module). The goal of FutureTPM is to create a Quantum-Resistant (QR) Trusted Platform Module (TPM) by designing and developing QR algorithms suitable for inclusion in a TPM. The algorithm design will be accompanied by implementation and performance evaluation, as well as formal security analyses in the full range of TPM environments: i.e. hardware, software and virtualization environments. Use cases in online banking, activity tracking and device management will provide environments and applications to validate the FutureTPM framework. FutureTPM will provide robust and provably-secure QR algorithms for a new generation of TPMs. A key strategic objective of FutureTPM is to contribute to standardization efforts at EU level within TCG, ISO/IEC and ETSI. Because the TPM shares many functions in common with other widely-used devices, such as HSMs and TEEs, the FutureTPM solution is expected to benefit them as well.

Partners: TECHNIKON, University of Surrey, UBITECH, Royal Holloway, IBM Research, The University of Birmingham, Infineon, Université du Luxembourg, Suite5 Data Intelligence Solutions, INESC-ID, University of Piraeus Research Center, Huawei Technologies, VIVA Payment Services SA

FutureTPM Logo

Past Projects
Coco Cloud

Coco Cloud (Confidential and Compliant Clouds) is an FP7 project that aims to facilitate data sharing in cloud environments by providing end-to-end data centric security from the client to the cloud based on the (semi-)automated enforcement ofData Sharing Agreements. These agreements may reflect legal, contractual or user defined preferences, which may be conflicting and thus an appropriate balance and model for their enforcement must be found.

Partners: Hewlett-Packard, The Italian National Research Council, Imperial College London, University of Oslo, SAP, Atos, AGID, Bird & Bird, and Grupo Hospitalario Quirón.

CIPART

CIPART (Cloud Intelligent Protection at Run-Time) aims to develop novel techniques for intelligent cloud protection by advancing the state of the art in system modelling at run time, attack scenarios based analysis, novel techniques for selecting countermeasures and remedial actions and novel techniques for re-perimeterisation of the cloud environment. The methodology adopted combines fundamental research on knowledge representation, probabilistic analysis and machine learning with empirical and experimental studies in an industrial test-bed environment. Additionally, the project also aims to achieve a better understanding of the business models and incentives involved in the relationships between cloud tenants and hosting organisations in the provision of security services based on measures of cost, risk and value and to propose new models that facilitate sharing of risk and exchange of security relevant information, which would in turn allow to simplify security management and provide better protection.

MSP

MSP (Mobile Security and Privacy) is an EIT ICT LAB project whose goal is to design and develop a set of mechanisms for the protection of the application execution in the mobile devices. This entails run-time enforcement mechanisms for application specific security policies.

Phook

Phook stands for "Photo-book" and is a free Social Photo Search Engine. It allows users to search inside thousands of social photos of friends very easily. The user goes on www.myphook.com and logs in using his/her social network credential. Then, from the Phook homepage he/she inserts one or more keywords: at this point, Phook searches inside the social photo database and shows to the user those ones that better matche the user search. For example, by searching the words "beach" or "Halloween", Phook shows all the photos that include beaches or halloween as their topics. In addition, all albums that contain those words are visualised as well. Finally, also the name of people or cities can be searched inside Phook so that the user is able to see all the pictures of those people or cities, both tagged or not. Phook is Web application designed and developed by Daniele Sgandurra and Gianpiero Costantino.

screenshot1

screenshot2

screenshot3

MAETROID

MAETROID (Multi-criteria App Evaluator of TRust in AndrOID) is a framework to evaluate the trustworthiness of Android apps, i.e. the amount of risk they pose to the users, e.g. in terms of confidentiality and integrity. The framework performs a multi-criteria analysis of an app at deploy-time and returns a single easy-to-understand evaluation on the app's risk level, aimed at driving the user decision on whether installing or not a new app. The used criteria include the set of requested permissions and a further set of metadata retrieved from the marketplace, which denote the app quality and popularity. We have classified 11,000 Android apps coming from Google Play and from a database of known malware. In particular, MAETROID has recognized as dangerous all the apps belonging to the database of malicious apps, while about 20% of apps from Google Play have been classified as medium risk.

maetroid

iCareMobile

iCareMobile is a framework to apply security policies for parental control on Smartphones.

Introspection-based Context Agent Injection

Work developed during an internship at IBM Zurich Research Lab. More info can be found here.

PsycoTrace

PsycoTrace is a virtualization-based monitoring system that protects a process P from attacks that alter the process self as specified by the program source code. P self is described by traces of system calls and invariants paired with invocations. The traces are described by a context-free grammar computed by a static analysis of the code of P. At run-time, PsycoTrace pauses and resumes P execution each time P invokes a system call to check that the trace of the calls it issues is coherent with the grammar. To increase the robustness of the monitoring system, PsycoTrace relies on two virtual machines, the monitored and the monitoring ones that, respectively, run P and the monitoring system. In this way, the machine that applies the security checks is strongly separated from the monitored one.

psycotrace

This is the source code for the hijacking module (HiMod, by Francesco Tamberi), and this is the source code for the Analyst (parser and Introspection Library, by Dario Maggiari), a test process and an exploit for it. Finally, Syscall Checker Analysis Tool (joint work with Carlo Casta, Marco Fais, Michele Onnis and Dario Maggiari) includes cparser, which processes .c files to generate an AST in xml format that can then be processed by ast2grammar to generate a scanner and a parser for the system call grammar. All the programs have been tested on Xen 3.1.0 (compiled from source code) with Linux kernel 2.6.18-xen (both on domain 0 and domain U).

This is the full listing of the Himod:


reader.c
writer.c

This is the full listing of the Analyst:


gen_grammar_nflex.sh
grammar-test.y
reader.c
README
tv_checker.c
tv_mm_intros_fun.c
tv_mm_intros_fun.h
tv_page_macro.h
domu/trova-ind.c
domu/daemon-exp.c
domu/daemon.c
domu/README

PsycoTrace, together with other tools, was developed during my PhD, and this is the PhD thesis: "Measuring the Semantic Integrity of a Process Self". pdf

Xen VMI

Xen VMI is a host intrusion detection system that exploits virtual machine introspection to check the integrity of a kernel running inside a virtual machine. Joint work with Fabio Campisi and Fabrizio Baiardi. The source code for this project is available here. It contains a set of introspection functions for the Linux Kernel running on Xen, i.e. for checking the integrity of the Linux kernel running inside a domU. It works on Xen 3.0.2 and 3.1.0 and with Linux 2.6.16-xen and 2.6.18-xen. Thanks to Dario Maggiari for the memory introspection functions.
This is the full listing of the archive:


xen_vmi/Makefile
xen_vmi/mm_intros_fun.c
xen_vmi/mm_intros_fun.h
xen_vmi/page_macro.h
xen_vmi/xen_check_dom.c
xen_vmi/xen_hash.c
xen_vmi/xen_vmi.c
xen_vmi/xen_vmi.h
xen_vmi/xen_vmi_private.h

Xen VMI was developed during my MSc project, and this is the MSc thesis: "Architetture di sicurezza e tecnologie di virtualizzazione: rilevamento delle intrusioni tramite introspezione" ("Intrusion Detection through Virtual Machine Introspection"). pdf

Privacy-Preserving Distributed Data Mining Library (PPDDM-Lib)

PPDDM-Lib is an open source ANSI C/C++ library of functions and protocols useful to exchange sensible information while computing Data Mining Models from several servers. The OpenSSL Toolkit is required. Joint work with Maurizio Atzori, developed at ISTI-CNR, Pisa. Here is the source code.

PPDDM-Lib was developed during my BSc project, and this is the BSc thesis: "Sviluppo di strumenti privacy preserving per data mining distribuito" ("Development of privacy-preserving tools for distributed data-mining"). pdf

Dark Medieval Labyrinth

Dark Medieval Labyrinth is an OpenGL 3D game written in C++ that runs on both Windows and Linux. The game together with the editor were developed by me and Francesco Tamberi for our final project of Costruzione di Interfacce course (2003/2004).

Program Committee
Editorial board for The Computer Journal - Oxford Academic.

CYSARM 2020: 2nd Workshop on Cyber-Security Arms Race (CYSARM) -- Program Chair.

STM 2020: 16th International Workshop on Security and Trust Management.

ARES 2020: The 15th International Conference on Availability, Reliability and Security.

SecSoft 2020: 2nd International Workshop on Cyber-Security Threats, Trust and Privacy Management in Software-defined and Virtualized Infrastructures.

Secrypt 2020: 17th International Conference on Security and Cryptography.

STRIVE 2020: The 3rd International Workshop on Safety, securiTy, and pRivacy In automotiVe systEms.

CYSARM 2019: 1st Workshop on Cyber-Security Arms Race (CYSARM) -- Program Chair.

STRIVE 2019: The 2nd International Workshop on Safety, securiTy, and pRivacy In automotiVe systEms.

ARES 2019: The 14th International Conference on Availability, Reliability and Security.

ANT 2019: The 10th International Conference on Ambient Systems, Networks and Technologies.

Telerise 2018: 4th International Workshop on TEchnical and LEgal aspects of data pRIvacy and SEcurity.

STRIVE 2018: First International Workshop on Safety, securiTy, and pRivacy In automotiVe systEms.

EUSPN-2018: The 9th International Conference on Emerging Ubiquitous Systems and Pervasive Networks.

SPCLOUD 2018: The 7th International Workshop on Security, Privacy and Performance in Cloud Computing.

Secrypt 2018: 15th International Conference on Security and Cryptography.

AIMS 2018: 12th International Conference on Autonomous Infrastructure, Management and Security.

C&TC 2018: Cloud and Trusted Computing 2018.

ARES 2018: The 13th International Conference on Availability, Reliability and Security.

ANT 2018: The 9th International Conference on Ambient Systems, Networks and Technologies.

ICICS 2017: The 19th International Conference on Information and Communications Security.

STM 2017: 13th International Workshop on Security and Trust Management.

C&TC 2017: Cloud and Trusted Computing 2017.

Telerise 2017: 3rd International Workshop on TEchnical and LEgal aspects of data pRIvacy and SEcurity.

Secrypt 2017: 14th International Conference on Security and Cryptography.

ARES 2017: The 12th International Conference on Availability, Reliability and Security.

EUSPN-2017: The 8th International Conference on Emerging Ubiquitous Systems and Pervasive Networks.

AIMS 2017: 11th International Conference on Autonomous Infrastructure, Management and Security.

EUSPN-2016: The 7th International Conference on Emerging Ubiquitous Systems and Pervasive Networks.

Secrypt 2016: 13th International Conference on Security and Cryptography.

ANT 2016: The 7th International Conference on Ambient Systems, Networks and Technologies.

AIMS 2016: 10th International Conference on Autonomous Infrastructure, Management and Security.

Telerise 2016: 2nd International Workshop on TEchnical and LEgal aspects of data pRIvacy and SEcurity.

MOBIMEDIA 2016: 9th EAI International Conference on Mobile Multimedia Communications.

TrustCom 2015: 14th IEEE International Conferenceon Trust, Security and Privacy in Computing and Communications.

Secrypt 2015: 12th International Conference on Security and Cryptography.

Telerise 2015: 1st International Workshop on TEchnical and LEgal aspects of data pRIvacy and SEcurity.

AIMS 2015: 9th International Conference on Autonomous Infrastructure, Management and Security.

CSS 2014: The 6th International Symposium on Cyberspace Safety and Security.

SETOP 2014: 7th International Workshop on Autonomous and Spontaneous Security.

Talks
Invited talk: Country-to-Country Capture the Flag.
9th International Cybersecurity Symposium, Keio University, December 11, 2019.

Panel Discussion: The UK’s Cybersecurity Ecosystem and Nurturing Cyber Talent.
9th International Cybersecurity Symposium, Keio University, December 12, 2019.

Invited talk: Future Proofing the Connected World: A Quantum-Resistant Trusted Platform Module.
Cybersecurity Workshop at Kyushu University, on 19th Apr 2019.

Invited talk: Country-to-Country Capture the Flag.
7th International Cybersecurity Symposium, Keio University, November 28 - 29, 2018.

All-Party Parliamentary Group on Cyber Security. Ransomware and Machine Learning.
Palace of Westminster. 18th December 2017.

Invited talk: Threat Modelling for IoT Devices.
Workshop on Cybersecurity for IoT "Towards Secure Smart Buildings", Kyushu University, 10 July 2017.

Panel discussion: Mobile Security.
Innovations in Mobile Privacy & Security (IMPS) Workshop. Paris, France. 29 April 2017.

Invited talk: Dissecting Ransomware for Fun and (Cyber-Criminals') Profit.
WSF'15. Catania, Italy. 1 December 2015

Sharing Data Through Confidential Clouds: An Architectural Perspective.
The 1st International Workshop on TEchnical and LEgal aspects of data pRIvacy and SEcurity 2015, 18th May 2015. pdf

CheR: Cheating Resilience in the Cloud via Smart Resource Allocation.
The Sixth International Symposium on Foundations & Practice of Security (FPS'2013), 22th October 2013. pdf

Invited talk: Secure Applications for Smartphones.
Internet Festival. Pisa, Italy. 11 October 2013.

Classifying Android Malware through Subgraph Mining.
The sixth International Workshop on Autonomous and Spontaneous Security, Egham (SETOP), 12th September 2013. pdf

Probabilistic Contract Compliance for Mobile Applications.
The Second International Workshop on Security of Mobile Applications (IWSMA 2013), Regensburg, 6th September 2013. pdf

Invited talk: Smartphone Security.
Internet Festival. Pisa, Italy, 5 October 2012.

Invited talk: Security and privacy in Online Social Networks.
Psicologia e sicurezza informatica: l'ultima sfida di Assosecurity. Torino, Italy, 20 October 2011. pdf

A Simulation-Driven Approach for Assessing Risks of Complex Systems.
13th European Workshop on Dependable Computing Pisa, Italy, 11-12 May 2011. pdf

Securing a Community Cloud.
ICDCS Workshop on Security and Privacy in Cloud Computing, Genova (Italy), 2010.

Measuring the Semantic Integrity of a Process Self.
PhD Thesis Defense, Pisa, 24th June 2010. pdf

Invited talk: A Survey of Intrusion Detection Systems.
Seminar@IIT-CNR, Pisa, 22th March 2010. pdf

An Introduction to Cellular Automata.
Bio-inspired Models of Computation Seminar, Pisa, 16th October 2009. pdf

A Sense of Self through Semantic Integrity and Virtual Introspection.
PhD Research Seminars, Pisa, 14th September 2009. pdf

Introspection-based Context Agent Injection.
IBM AoT (Academy of Technology) Security and Privacy Symposium, Zurich (CH), 2009

Measuring Semantic Integrity for Remote Attestation.
Trust International Conference in Oxford (UK), 2009. pdf

Securing Health Information Infrastructures through Overlays.
Healthinf Conference in Porto (Portugal), 2009.

Software Verification with BLAST.
PhD Seminar on Rigorous Software Development via Model Checking, Pisa, 2008. pdf

Semantics-Driven Introspection in a Virtual Environment.
IAS Conference in Napoli, 2008. pdf

Secure Sharing of an ICT Infrastructure through Vinci.
AIMS Conference in Bremen (Germany), 2008. pdf

Transparent Monitoring of a Process Self in a Virtual Environment.
PhD Lunchtime Seminar in Pisa, 2008. pdf

Protezione del Kernel Tramite Macchine Virtuali.
Net&System Security Conference in Pisa, 2007. pdf

Towards High Assurance Networks of Virtual Machines.
EC2ND Conference in Heraklion (Greece), 2007. pdf

Security and Integrity of a Distributed File Storage in a Virtual Environment.
SISW Workshop in San Diego (USA), 2007. pdf

Building Trustworthy Intrusion Detection through VM Introspection.
IAS Conference in Manchester (UK), 2007. pdf

Defining the Semantics of Object-Oriented Languages Using Graph Transformations.
PhD Seminar on Rewriting in Pisa, 2007. pdf

Teaching Activities

Lecturer of Malicious Software - IY3840: BSc in Computer Science, Royal Holloway, Second Term 2019-2020.

Lecturer of Malicious Software - IY3840: BSc in Computer Science, Royal Holloway, Second Term 2018-2019.

Lecturer of Computer Security (Operating Systems) - IY5512: MSc in Information Security, Royal Holloway, First Term 2018-2019.

Lecturer of Computer Security (Operating Systems) - IY5512: MSc in Information Security, Royal Holloway, First Term 2017-2018.

Lecturer of Computer Security (Operating Systems) - IY5512: MSc in Information Security, Royal Holloway, First Term 2016-2017.

Co-lecturer (with Emil Lupu) of Computer Networks and Distributed Systems: BEng, MEng, MSc Computing, Imperial College London, Second Term 2016.

Lecturer of Programming Languages: BSc in Computer Science, University of Pisa - Polo Marconi La Spezia, First Term 2011.

Lecturer of Programming Languages: BSc in Computer Science, University of Pisa - Polo Marconi La Spezia, First Term 2010.

Teaching assistant for Operating Systems Programming Laboratory: Computer Science, University of Pisa, Third Term 2010.

Teaching assistant for Network Programming Laboratory: Computer Science, University of Pisa, First Term 2009.

Teaching assistant for Network Programming Laboratory: Computer Science, University of Pisa, First Term 2008.

Teaching assistant for Network Programming Laboratory: Computer Science, University of Pisa, First Term 2007.

Contacts