I'm currently working at Huawei Munich Research Center as Technical Director of the Big Data Threat Analysis Team in the Applied Network Technology Lab.
My research interests are related to practical aspects of software security, by focusing on attacks and defences at various architectural layers. My recent work investigates the arms-race between malware and anti-malware systems.
I hold a PhD in Computer Science from the University of Pisa (2010), supervised by Prof. F. Baiardi. During my PhD studies I've worked on virtualization security. In particular, my research has focused around virtual machine introspection to enable a secure virtual machine to check the state of a monitored virtual machine.
In 2009, I've been a visiting research at IBM Zurich Research Laboratory, collaborating in the security group supervised by Diego Zamboni and Andreas Wespi, by participating in the Phantom project.
From 2010 to 2013 I've been a PostDoc researcher at the Institute of Informatics and Telematics of the Italian National Research Council (CNR), in Pisa (IT), where I've mainly worked in the field of mobile security.
From 2014 to October 2016, I've been a Research Associate at the Department of Computing, Imperial College London, working in the Security Group lead by Emil Lupu. Here, I've focused my research in the field of threat modeling and attack graps for Cloud systems, and I've been involved in the Coco Cloud EU project.
From October 2016 to December 2020, I've been a Lecturer/Senior Lecturer at the Information Security Group at Royal Holloway, where most of my research focused on the arms-race between malware and anti-malware systems. Since September 2018 I lead the Systems and Software Security Lab (S3Lab). I've been the Principal Investigator at RHUL of H2020 Project FutureTPM (2018-2020) on Quantum Resistant Trusted Platform Module (TPM), by leading the virtual TPM activities.
I've been module leader of Computer Security - IY5512 (2016-2019), and of Malicious Software - IY3840 (2018-2020).
Since 2018 I've been involved in the activities of the InterNational CyberSecurity Center of Excellence (INCS-CoE); in particular, I've been the chair of the program committee of the inaugural edition (2020) of the Country-to-Country Capture the Flag (C2C-CTF) competition.
Since 2019, I'm the Program Chair of the Workshop on Cyber-Security Arms Race (CYSARM), which so far has been co-located with CCS 2019, and CCS 2020.
Since December 2020, I'm the Technical Director of the Big Data Threat Analysis Team in the Applied Network Technology Lab at Huawei Munich Research Center.
The paper "Malware vs Anti-Malware Battle - Gotta Evade ‘em All" by Emily J Chaffey and Daniele Sgandurra has been accepted at VizSec 2020 (17th IEEE Symposium on Visualization for Cyber Security)! The workshop is on October 28 2020. For more information visit VizSec Website.
I'm chair of the program committee of the 1st edition of the Country-to-Country (C2C) Capture the Flag (CTF) competition on 6th December 2020. More information about this event can be found at the C2C Website.
The paper "Clust-IT: Clustering-Based Intrusion Detection in IoT Environments" written in collaboration with Robert Markiewicz Sgandurra has been accepted at this year's IOTSECFOR workshop, co-located with ARES 2020!
I'm program chair of the 2nd Workshop on Cyber-Security Arms Race (CYSARM), co-located with the 27th ACM Conference on Computer and Communications Security, November 13, 2020 — Orlando, USA. You can find more information at the website of CYSARM.
Our paper, "A Game of “Cut and Mouse”: Bypassing Antivirus by Simulating User Inputs.", has been accepted at ACSAC 2019! Authors: Ziya Alper Genç, Gabriele Lenzini, Daniele Sgandurra.
Our paper, "On Deception-Based Protection Against Cryptographic Ransomware.", has been accepted at DIMVA 2019! Authors: Ziya Alper Genç, Gabriele Lenzini, Daniele Sgandurra.
Recently, in collaboration with University of University of Luxembourg, we have analyzed existing decoy strategies to detect ransomware measured their effectiveness by defining a set of metrics to measure their robustness. To demonstrate how ransomware can identify existing deception-based detection strategies, we have implemented a proof-of-concept anti-decoy ransomware that successfully bypasses decoys by using a decision engine with few rules. In another work. We have investigated how malware can simulate mouse events to control anti-viruses (AVs) to send them mouse "clicks" to deactivate their protection. We have proven that many AVs can be disabled in this way, and we call this class of attacks Ghost Control. We have also shown ho a ransomware can control a high-integrity white-listed applications, such as Notepad, by sending it keyboard events (such as "copy-and-paste") to perform malicious operations on behalf of the ransomware, as a "puppet", to rewrite the content of protected files as a ransomware would do (we have called this class of attacks "Cut-and-Mouse"). More info can be found here and here.
At Imperial College we have proposed a machine learning approach for dynamically analysing and classifying ransomware by monitoring a set of actions performed by applications in their first phases of installation checking for characteristics signs of ransomware. Our approach works without requiring that an entire ransomware family is available beforehand. A preliminary version of a paper can be found here: arXiv:1609.03020, 2016. Daniele Sgandurra, Luis Muñoz-González, Rabih Mohsen, Emil C. Lupu. “Automated Analysis of Ransomware: Benefits, Limitations, and use for Detection.”. You can find here the ransomware dataset we collected and analysed, which includes 582 samples of ransomware and 942 good applications. More info on the dataset can be found here.
During my PostDoc at CNR, in Italy, I've worked in an Android monitoring framework to detect malware that implements a multi-level analysis of the app and system behavior to detect malicious actions (MADAM -- Multi-level Anomaly Detector for Android Malware). MADAM is a host-based malware detection system for Android devices which simultaneously analyzes and correlates features at four levels: kernel, application, user and package, to detect and stop malicious behaviors. MADAM has been specifically designed to take into account those behaviors that are characteristics of almost every real malware which can be found in the wild. MADAM detects and effectively blocks more than 96% of malicious apps, which come from three large datasets with more than 2,800 apps, by exploiting the cooperation of two parallel classifiers and a behavioral signature-based detector. Extensive experiments have been conducted to show the high usability of MADAM, the low false alarm rate, the negligible performance overhead and limited battery consumption. You can find more info here.
During my PhD I've investigated how virtual machine introspection can enable a secure virtual machine to access the status of a monitored machine to check the kernel integrity and the process self. The process self is computed statically by analyzing the source code, and is defined through a context-free grammar, which defines the system call traces that the process may issue during its execution, and a set of invariants each associated with a program point where the process invokes a call. Further examples I've worked on during my partnership at IBM Zurich are the design and implementation of a mechanism to transparently inject and protect a context-agent into a running virtual machine using introspection. This enables a transparent retrieval of reliable high-level information about the internal operation of the monitored virtual machine while having confidence that the in-guest agent has not been compromised. You can find more info here.
At Imperial College London, after completing a survey on more than 200 papers on virtualization security, I've observed that many publications often rely on implicit, and different, assumptions. Threat models are often presented in different ways making it difficult to evaluate the efficacy of solutions: which threats do they address? and under which assumptions? For this reason, I've been working on a definition of an uniform framework to define the threat models, their protection goals and trusted computing base for proposed solutions. called FATHoM (Formalizing Threat Models). The model, a template and some examples can be found here. You can find more info here.
Attack graphs are used to represent prior knowledge about vulnerabilities and network connectivity and enable system administrators to reason about threats and their risk in a formal way. During my PhD and PostDoc I've worked in collaboration with University of Pisa in a framework to simulate attacks, using a Monte Carlo approach, by generating attack graphs in real-time. This approach enables administrators to focus on the most-effective threats, and to perform a cost-effective selection of countermeasures. More info can be found here and here.
At Imperial College London, I've collaborated in a framework that statically/dynamically computes the (exact/approximate) probabilities of the venues an attacker can exploit to compromise a system. More info can be found here and here.
Malware vs Anti-Malware Battle - Gotta Evade ‘em All.
Emily J Chaffey and Daniele Sgandurra
VizSec 2020.
[pdf] [bibtex]
Clust-IT: clustering-based intrusion detection in IoT environments.
Robert P. Markiewicz, Daniele Sgandurra.
ARES 2020.
[pdf] [bibtex]
A Game of “Cut and Mouse”: Bypassing Antivirus by Simulating User Inputs.
Ziya Alper Genç, Gabriele Lenzini, Daniele Sgandurra.
ACSAC 2019.
[pdf] [bibtex]
On Deception-Based Protection Against Cryptographic Ransomware.
Ziya Alper Genç, Gabriele Lenzini, Daniele Sgandurra.
DIMVA 2019.
[pdf] [bibtex]
Towards a Framework for Testing the Security of IoT Devices Consistently.
Gurjan Lally, Daniele Sgandurra.
ETAA@ESORICS 2018: 88-102.
[pdf] [bibtex]
A Logic-Based Reasoner for Discovering Authentication Vulnerabilities Between Interconnected Accounts.
Erisa Karafili, Daniele Sgandurra, Emil Lupu.
ETAA@ESORICS 2018: 73-87.
[pdf] [bibtex]
Lightweight Classification of IoT Malware Based on Image Recognition.
Su, Jiawei; Vasconcellos Vargas, Danilo; Prasad, Sanjiva; Sgandurra, Daniele; Feng, Yaokai; Sakurai, Kouichi.
In the 8th IEEE International Workshop on Network Technologies for Security, Administration, and Protection (NETSAP 2018).
[pdf] [bibtex]
An improved SMURF scheme for cleaning RFID data.
He Xu; Jie Ding; Peng Li; Daniele Sgandurra; Ruchuan Wang.
In the International Journal of Grid and Utility Computing (IJGUC), Vol. 9, No. 2, 2018. 10.1504/IJGUC.2018.10012797.
[pdf] [bibtex]
Analysing the Resilience of the IoT against Physical and Proximity Attacks.
Xu, He; Sgandurra, Daniele; Mayes, Keith; Li, Peng; Wang, Ruchuan.
In the 10th International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage. 2017.
[pdf] [bibtex]
A New Security Middleware Architecture Based on Fog Computing and Cloud To Support IoT Constrained Devices.
Razouk, Wissam; Sgandurra, Daniele; Sakurai, Kouichi.
In the International Conference on Internet of Things and Machine Learning. 2017.
[pdf] [bibtex]
Efficient Attack Graph Analysis through Approximate Inference.
Luis Muñoz-González, Daniele Sgandurra, Andrea Paudice, Emil C. Lupu.
In ACM Transactions on Transactions on Privacy and Security (TOPS), Volume 20 Issue 3, Article No. 10. July 2017.
[pdf] [bibtex]
Exact Inference Techniques for the Analysis of Bayesian Attack Graphs.
Luis Muñoz-González, Daniele Sgandurra, Martín Barrère, Emil C. Lupu.
In IEEE Transactions on Dependable and Secure Computing (TDSC), 2017. DOI: 10.1109/TDSC.2016.2627033.
[pdf (Open Access)] [bibtex]
VSMURF: A Novel Sliding Window Cleaning Algorithm for RFID Networks.
He Xu, Weiwei Shen, Peng Li, Daniele Sgandurra, and Ruchuan Wang.
Journal of Sensors, vol. 2017, Article ID 3186482, 11 pages, 2017. doi:10.1155/2017/3186482.
[pdf (Open Access)] [bibtex]
Automated Dynamic Analysis of Ransomware: Benefits, Limitations and use for Detection.
Daniele Sgandurra, Luis Muñoz-González, Rabih Mohsen, Emil C. Lupu
In ArXiv e-prints, arXiv:1609.03020.
[pdf] [bibtex]
Efficient Attack Graph Analysis through Approximate Inference.
Luis Muñoz-González, Daniele Sgandurra, Andrea Paudice, Emil C. Lupu
In ArXiv e-prints, arXiv:1606.07025.
[pdf] [bibtex]
Risk Analysis of Android Applications: A User-Centric Solution.
Gianluca Dini, Fabio Martinelli, Ilaria Matteucci, Marinella Petrocchi, Andrea Saracino, Daniele Sgandurra.
In Future Generation Computer Systems, Special issue on Security, Privacy and Trust of the User-centric Solutions, Volume 80, March 2018, Pages 505-518. 10.1016/j.future.2016.05.035
[pdf] [bibtex]
Formalizing Threat Models for Virtualized Systems.
Daniele Sgandurra, Erisa Karafili and Emil Lupu.
In proceeding of the 30th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2016).
[pdf] [bibtex]
MADAM: Effective and Efficient Behavior-based Android Malware Detection and Prevention.
Andrea Saracino, Daniele Sgandurra, Gianluca Dini and Fabio Martinelli.
In IEEE Transactions on Dependable and Secure Computing (Volume: 15, Issue: 1, Jan.-Feb. 1 2018). DOI: 10.1109/TDSC.2016.2536605.
[pdf] [bibtex]
Evolution of Attacks, Threat Models, and Solutions for Virtualized Systems.
Daniele Sgandurra, Emil Lupu.
In ACM Computing Surveys (CSUR), Volume 48 Issue 3, February 2016, Article No. 46.
[pdf] [bibtex]
Exact Inference Techniques for the Dynamic Analysis of Attack Graphs.
Muñoz-González, Luis; Sgandurra, Daniele; Barrère, Martín; Lupu, Emil
In ArXiv e-prints, arXiv:1510.02427.
[pdf] [bibtex]
AntiCheetah: Trustworthy computing in an outsourced (cheating) environment.
Roberto Di Pietro, Flavio Lombardi, Fabio Martinelli, Daniele Sgandurra.
In Future Generation Computer Systems (2015) pp. 28-38, DOI: 10.1016/j.future.2015.02.004
[pdf] [bibtex]
Sharing Data Through Confidential Clouds: An Architectural Perspective.
Daniele Sgandurra, Francesco Di Cerbo, Slim Trabelsi, Fabio Martinelli, and Emil Lupu.
In proceedings of the 1st International Workshop on TEchnical and LEgal aspects of data pRivacy and SEcurity, 2015 IEEE/ACM, pp. 58-61, DOI: 10.1109/TELERISE.2015.19
[pdf] [bibtex]
Design and Development of a Facebook Application to Raise Privacy Awareness.
Gianpiero Costantino and Daniele Sgandurra.
In proceedings of the 23nd Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP) 2015.
[pdf] [bibtex]
Detection of repackaged mobile applications through a collaborative approach.
Alessandro Aldini, Fabio Martinelli, Andrea Saracino, and Daniele Sgandurra.
In Journal of Concurrency and Computation: Practice and Experience, Volume 27, Issue 11, pages 2818–2838, 10 August 2015. DOI: 10.1002/cpe.3447.
[pdf] [bibtex]
Simulating Attack Plans Against ICT Infrastructures.
Baiardi, F., Corò, F., Tonelli, F., Guidi, L., and Sgandurra, D.
In Vulnerability, Uncertainty, and Risk: pp. 627-637. DOI: 10.1061/9780784413609.064.
[pdf] [bibtex]
Automating the assessment of ICT risk.
Fabrizio Baiardi, Fabio Corò, Federico Tonelli, Daniele Sgandurra.
In Journal of Information Security and Applications, Volume 19, Issue 3, July 2014, Pages 182–193, doi:10.1016/j.jisa.2014.04.002.
[pdf] [bibtex]
A Scenario Method to Automatically Assess ICT Risk.
Fabrizio Baiardi, Fabio Corò, Federico Tonelli, Daniele Sgandurra.
Proceedings of the 22nd Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP) 2014, pp. 544-551, doi:10.1109/PDP.2014.105.
[pdf] [bibtex]
AntiCheetah: an Autonomic Multi-round Approach for Reliable Computing.
Roberto Di Pietro, Flavio Lombardi, Fabio Martinelli and Daniele Sgandurra.
Proceedings of the 10th IEEE International Conference on Autonomic and Trusted Computing (ATC-2013). Best Paper Award
[pdf] [bibtex]
How to Grant Less Permissions to Facebook Applications.
Gianpiero Costantino, Fabio Martinelli and Daniele Sgandurra.
Proceedings of the Ninth International Conference on Information Assurance and Security (IAS'2013).
[pdf] [bibtex]
Towards Enforcing On-The-Fly Policies in BYOD Environments.
Gianpiero Costantino, Fabio Martinelli, Andrea Saracino and Daniele Sgandurra.
Proceedings of the Ninth International Conference on Information Assurance and Security (IAS'2013).
[pdf] [bibtex]
Remote Policy Enforcement for Trusted Application Execution in Mobile Environments.
Fabio Martinelli, Ilaria Matteucci, Andrea Saracino and Daniele Sgandurra.
In proceedings of InTrust 2013: 5th International Conference on Trusted Systems. LNCS 8292, pp. 70-84.
[pdf] [bibtex]
CheR: Cheating Resilience in the Cloud via Smart Resource Allocation
Roberto Di Pietro, Flavio Lombardi, Fabio Martinelli and Daniele Sgandurra.
Proceedings of the Sixth International Symposium on Foundations & Practice of Security (FPS'2013).
[pdf] [bibtex]
Classifying Android Malware through Subgraph Mining.
Fabio Martinelli, Andrea Saracino, Daniele Sgandurra.
Proceedings of The sixth International Workshop on Autonomous and Spontaneous Security (SETOP 2013).
[pdf] [bibtex]
Introducing probabilities in contract-based approaches for mobile application security.
Gianluca Dini, Fabio Martinelli, Ilaria Matteucci, Andrea Saracino and Daniele Sgandurra.
Proceedings of The sixth International Workshop on Autonomous and Spontaneous Security (SETOP 2013).
[pdf] [bibtex]
Assessing ICT risk through a Monte Carlo method.
Fabrizio Baiardi, Daniele Sgandurra.
Journal of Environment Systems and Decisions, Springer US, pp. 1-14.
[pdf] [bibtex]
Probabilistic Contract Compliance for Mobile Applications.
Gianluca Dini, Fabio Martinelli, Andrea Saracino, Daniele Sgandurra.
Proceedings of the Eighth International Conference on Availability, Reliability and Security (ARES 2013).
[pdf] [bibtex]
Evaluating the Trust of Android Applications through an Adaptive and Distributed Multi-Criteria Approach.
Gianluca Dini, Fabio Martinelli, Ilaria Matteucci, Marinella Petrocchi, Andrea Saracino, Daniele Sgandurra.
Proceedings of the 3rd IEEE International Symposium on Trust and Identity in Mobile Internet, Computing and Communications (TrustID 2013).
[pdf] [bibtex]
A Collaborative Framework for Generating Probabilistic Contracts.
Alessandro Aldini, Fabio Martinelli, Andrea Saracino, Daniele Sgandurra.
Proceedings of the 2013 IEEE International Conference on Collaboration Technologies and Systems, May 20-24, 2013, San Diego, California. Editors: Waleed W. Smari & Geoffrey C. Fox. pp. 139-143. Outstanding Paper Award
[pdf] [bibtex]
Are Photos On Social Networks Really Private?
Gianpiero Costantino, Fabio Martinelli, Daniele Sgandurra.
Proceedings of the 2013 IEEE International Conference on Collaboration Technologies and Systems, May 20-24, 2013, San Diego, California. Editors: Waleed W. Smari & Geoffrey C. Fox.
[pdf] [bibtex]
Multi-Criteria-based Evaluation of Android Applications.
Gianluca Dini, Fabio Martinelli, Ilaria Matteucci, Marinella Petrocchi, Andrea Saracino, Daniele Sgandurra.
In proceedings of InTrust 2012: 4th International Conference on Trusted Systems. LNCS 7711, pp. 66-82.
[pdf] [bibtex]
MADAM: a Multi-Level Anomaly Detector for Android Malware.
Andrea Saracino, Fabio Martinelli, Daniele Sgandurra, Gianluca Dini.
In proceedings of the Sixth International Conference 'Mathematical Methods, Models, and Architectures for Computer Network Security' (MMM-ACNS-2012). LNCS 7531, pp. 240-253.
[pdf] [bibtex]
Haruspex: Simulation-driven Risk Analysis for Complex Systems.
Baiardi, F. and Telmon, C. and Sgandurra, D.
ISACA Journal 3 (2012): 46.
[pdf] [bibtex]
A Survey on Security for Mobile Devices.
La Polla, M. and Martinelli, F. and Sgandurra, D.
In Communications Surveys & Tutorials, IEEE, Volume: 13 , Issue: 1, pp. 446-471.
[pdf] [bibtex]
Unbounded impacts and risk mitigation in billing infrastructures.
Baiardi, F., Telmon, C. and Sgandurra, D.
Int. J. Risk Assessment and Management, Vol. 15, Nos. 2/3, pp.186-204, 2011.
[pdf] [bibtex]
An Obfuscation-Based Approach Against Injection Attacks.
Fabrizio Baiardi, Daniele Sgandurra.
In proceedings of the Sixth International Conference on Availability, Reliability and Security (ARES), Vienna, Austria, 2011.
[pdf] [bibtex]
A Simulation-Driven Approach for Assessing Risks of Complex Systems.
Fabrizio Baiardi, Claudio Telmon and Daniele Sgandurra.
In proceedings of the 13th European Workshop on Dependable Computing Pisa, Italy, 11-12 May 2011
[pdf] [bibtex]
Attestation of integrity of overlay networks.
Fabrizio Baiardi, Daniele Sgandurra.
Journal of Systems Architecture - Embedded Systems Design 57(4): 463-473, 2011
[pdf] [bibtex]
Semantic Attestation of Node Integrity in Overlays.
Fabrizio Baiardi, Daniele Sgandurra.
In proceedings of OTM 2010 - Confederated International Conferences: CoopIS, IS, DOA and ODBASE, Hersonissos, Crete, Greece, October 25-29, 2010. LNCS 6426, pp. 656-671.
[pdf] [bibtex]
Securing a Community Cloud.
Fabrizio Baiardi, Daniele Sgandurra.
In proceedings of the first ICDCS Workshop on Security and Privacy in Cloud Computing, 2010, issn 1545-0678, pp. 32-41.
[pdf] [bibtex]
Cloud Security Is Not (Just) Virtualization Security.
Mihai Christodorescu, Reiner Sailer, Douglas Schales, Daniele Sgandurra, Diego Zamboni.
In proceedings of the ACM Cloud Computing Security Workshop. November, 2009.
[pdf] [bibtex]
Introspection-based Context Agent Injection.
Mihai Christodorescu, Reiner Sailer, Douglas Schales, Arvind Seshadri, Daniele Sgandurra, Diego Zamboni.
In IBM AoT (Academy of Technology) Security and Privacy Symposium, June 22-26, 2009.
Invariant Evaluation through Introspection for Proving Security Properties.
Fabrizio Baiardi, Dario Maggiari and Daniele Sgandurra.
Journal of Information Assurance and Security, Volume 4, Issue 2. pp 124-132, Dynamic Publisher Inc, issn 1554-1010, 2009.
[pdf] [bibtex]
Modeling and Managing Risk in Billing Infrastructures.
Fabrizio Baiardi, Claudio Telmon and Daniele Sgandurra.
In proceedings of the Third Annual IFIP Working Group 11.10 International Conference on Critical Infrastructure Protection, ISBN 978-3-642-04797-8, pp. 51-64, Springer Boston.
[pdf] [bibtex]
Measuring Semantic Integrity for Remote Attestation.
Fabrizio Baiardi, Diego Cilea, Daniele Sgandurra and Francesco Ceccarelli.
In proceedings of the 2nd International Conference on Trusted Computing Technical Strand (Trust 2009), Oxford, UK, LNCS 5471, pp. 81-100.
[pdf] [bibtex]
PsycoTrace: Virtual and Transparent Monitoring of a Process Self.
Fabrizio Baiardi, Dario Maggiari, Daniele Sgandurra and Francesco Tamberi.
In proceedings of the 17th Euromicro International Conference on Parallel, Distributed and network-based Processing (PDP 2009), Weimar, Germany, IEEE Computer Society Press, pp. 393-397, 2009.
[pdf] [bibtex]
Securing Health Information Infrastructures through Overlays.
Fabrizio Baiardi, Dario Maggiari and Daniele Sgandurra.
In proceedings of HEALTHINF 2009 - Second International Conference on Health Informatics, L. Azevedo and A. R. Londral, eds., Porto, Portugal: INSTICC Press, pp. 123-128, 2009, ISBN: 978-989-811-63-0.
[bibtex]
Hierarchical, Model-Based Risk Management of Critical Infrastructures.
Fabrizio Baiardi, Claudio Telmon, Daniele Sgandurra
Journal of Reliability Engineering & System Safety Volume 94, Issue 9, September 2009, Pages 1403-1415.
[pdf] [bibtex]
Transparent Process Monitoring in a Virtual Environment.
Daniele Sgandurra, Fabrizio Baiardi, Dario Maggiari, and Francesco Tamberi.
In Electronic Notes in Theoretical Computer Science, volume 236, pp. 85-100, 2009. Proceedings of the Third International Workshop on Views On Designing Complex Architectures (VODCA 2008), Bertinoro (Italy).
[pdf] [bibtex]
Semantics-Driven Introspection in a Virtual Environment.
Francesco Tamberi, Dario Maggiari, Daniele Sgandurra, Fabrizio Baiardi.
In proceedings of the Fourth IEEE International Conference on Information Assurance and Security (IAS 2008), Naples (Italy), pp 299-302.
[pdf] [bibtex]
Secure Sharing of an ICT Infrastructure Through Vinci.
Fabrizio Baiardi and Daniele Sgandurra.
In Proceedings of the 2nd International Conference on Autonomous Infrastructure, Management and Security Resilient Networks and Services (AIMS 2008), Bremen (Germany), LNCS 5127, pp. 65-78.
[pdf] [bibtex]
Virtual Interacting Network Community: Exploiting Multi-Core Architectures to Increase Security.
Fabrizio Baiardi and Daniele Sgandurra.
In proceedings of the 2008 Computing Frontiers Conference, ACM, 2008, Ischia (Italy), p. 111.
[pdf] [bibtex]
Protezione del Kernel Tramite Macchine Virtuali.
Fabio Campisi, Daniele Sgandurra.
Net&System Security 2007, Pisa (Italy). Best Student Paper Award.
Towards High Assurance Networks of Virtual Machines.
Fabrizio Baiardi and Daniele Sgandurra.
In Proceedings of the 3rd European Conference on Computer Network Defense (EC2ND 2007), Heraklion (Greece), Lecture Notes in Electrical Engineering, Vol. 30 Siris, pp. 21-34.
[pdf] [bibtex]
Managing Critical Infrastructures through Virtual Network Communities.
Fabrizio Baiardi, Gaspare Sala, and Daniele Sgandurra.
In proceedings of 2nd International Workshop on Critical Information Infrastructures Security (CRITIS 2007), Malaga (Spain), LNCS 5141, pp. 71-82.
[pdf] [bibtex]
Security and Integrity of a Distributed File Storage in a Virtual Environment.
Gaspare Sala, Daniele Sgandurra, and Fabrizio Baiardi.
In proceedings of 4th International IEEE Security in Storage Workshop (SISW 07), San Diego (USA), pp. 58-69.
[pdf] [bibtex]
Building Trustworthy Intrusion Detection through VM Introspection.
Fabrizio Baiardi and Daniele Sgandurra.
In proceedings of the Third IEEE International Symposium on Information Assurance and Security (IAS 07), 2007, Manchester (UK), pp. 209-214.
[pdf] [bibtex]
I'm involved in the activities of the InterNational Cyber Security Center of Excellence (INCS-CoE), in particular in WG1 and WG3, and the Country-to-Country Capture-the-Flag (C2C-CTF). More information about this event can be found here.
FutureTPM (Future Proofing the Connected World: A Quantum-Resistant Trusted Platform Module). The goal of FutureTPM is to create a Quantum-Resistant (QR) Trusted Platform Module (TPM) by designing and developing QR algorithms suitable for inclusion in a TPM. The algorithm design will be accompanied by implementation and performance evaluation, as well as formal security analyses in the full range of TPM environments: i.e. hardware, software and virtualization environments. Use cases in online banking, activity tracking and device management will provide environments and applications to validate the FutureTPM framework. FutureTPM will provide robust and provably-secure QR algorithms for a new generation of TPMs. A key strategic objective of FutureTPM is to contribute to standardization efforts at EU level within TCG, ISO/IEC and ETSI. Because the TPM shares many functions in common with other widely-used devices, such as HSMs and TEEs, the FutureTPM solution is expected to benefit them as well.
Partners: TECHNIKON, University of Surrey, UBITECH, Royal Holloway, IBM Research, The University of Birmingham, Infineon, Université du Luxembourg, Suite5 Data Intelligence Solutions, INESC-ID, University of Piraeus Research Center, Huawei Technologies, VIVA Payment Services SA
Coco Cloud (Confidential and Compliant Clouds) is an FP7 project that aims to facilitate data sharing in cloud environments by providing end-to-end data centric security from the client to the cloud based on the (semi-)automated enforcement ofData Sharing Agreements. These agreements may reflect legal, contractual or user defined preferences, which may be conflicting and thus an appropriate balance and model for their enforcement must be found.
Partners: Hewlett-Packard, The Italian National Research Council, Imperial College London, University of Oslo, SAP, Atos, AGID, Bird & Bird, and Grupo Hospitalario Quirón.
CIPART (Cloud Intelligent Protection at Run-Time) aims to develop novel techniques for intelligent cloud protection by advancing the state of the art in system modelling at run time, attack scenarios based analysis, novel techniques for selecting countermeasures and remedial actions and novel techniques for re-perimeterisation of the cloud environment. The methodology adopted combines fundamental research on knowledge representation, probabilistic analysis and machine learning with empirical and experimental studies in an industrial test-bed environment. Additionally, the project also aims to achieve a better understanding of the business models and incentives involved in the relationships between cloud tenants and hosting organisations in the provision of security services based on measures of cost, risk and value and to propose new models that facilitate sharing of risk and exchange of security relevant information, which would in turn allow to simplify security management and provide better protection.
MSP (Mobile Security and Privacy) is an EIT ICT LAB project whose goal is to design and develop a set of mechanisms for the protection of the application execution in the mobile devices. This entails run-time enforcement mechanisms for application specific security policies.
Phook
Phook stands for "Photo-book" and is a free Social Photo Search Engine. It allows users to search inside thousands of social photos of friends very easily. The user goes on www.myphook.com and logs in using his/her social network credential. Then, from the Phook homepage he/she inserts one or more keywords: at this point, Phook searches inside the social photo database and shows to the user those ones that better matche the user search. For example, by searching the words "beach" or "Halloween", Phook shows all the photos that include beaches or halloween as their topics. In addition, all albums that contain those words are visualised as well. Finally, also the name of people or cities can be searched inside Phook so that the user is able to see all the pictures of those people or cities, both tagged or not. Phook is Web application designed and developed by Daniele Sgandurra and Gianpiero Costantino.
MAETROID (Multi-criteria App Evaluator of TRust in AndrOID) is a framework to evaluate the trustworthiness of Android apps, i.e. the amount of risk they pose to the users, e.g. in terms of confidentiality and integrity. The framework performs a multi-criteria analysis of an app at deploy-time and returns a single easy-to-understand evaluation on the app's risk level, aimed at driving the user decision on whether installing or not a new app. The used criteria include the set of requested permissions and a further set of metadata retrieved from the marketplace, which denote the app quality and popularity. We have classified 11,000 Android apps coming from Google Play and from a database of known malware. In particular, MAETROID has recognized as dangerous all the apps belonging to the database of malicious apps, while about 20% of apps from Google Play have been classified as medium risk.
iCareMobile is a framework to apply security policies for parental control on Smartphones.
Introspection-based Context Agent Injection
Work developed during an internship at IBM Zurich Research Lab. More info can be found here.
PsycoTrace is a virtualization-based monitoring system that protects a process P from attacks that alter the process self as specified by the program source code. P self is described by traces of system calls and invariants paired with invocations. The traces are described by a context-free grammar computed by a static analysis of the code of P. At run-time, PsycoTrace pauses and resumes P execution each time P invokes a system call to check that the trace of the calls it issues is coherent with the grammar. To increase the robustness of the monitoring system, PsycoTrace relies on two virtual machines, the monitored and the monitoring ones that, respectively, run P and the monitoring system. In this way, the machine that applies the security checks is strongly separated from the monitored one.
This is the source code for the hijacking module (HiMod, by Francesco Tamberi), and this is the source code for the Analyst (parser and Introspection Library, by Dario Maggiari), a test process and an exploit for it. Finally, Syscall Checker Analysis Tool (joint work with Carlo Casta, Marco Fais, Michele Onnis and Dario Maggiari) includes cparser, which processes .c files to generate an AST in xml format that can then be processed by ast2grammar to generate a scanner and a parser for the system call grammar. All the programs have been tested on Xen 3.1.0 (compiled from source code) with Linux kernel 2.6.18-xen (both on domain 0 and domain U).
This is the full listing of the Himod:
reader.c
writer.c
This is the full listing of the Analyst:
gen_grammar_nflex.sh
grammar-test.y
reader.c
README
tv_checker.c
tv_mm_intros_fun.c
tv_mm_intros_fun.h
tv_page_macro.h
domu/trova-ind.c
domu/daemon-exp.c
domu/daemon.c
domu/README
PsycoTrace, together with other tools, was developed during my PhD, and this is the PhD thesis: "Measuring the Semantic Integrity of a Process Self". Xen VMI is a host intrusion detection system that exploits virtual machine introspection to check the integrity of a kernel running inside a virtual machine. Joint work with Fabio Campisi and Fabrizio Baiardi. The source code for this project is available here. It contains a set of introspection functions for the Linux Kernel running on Xen, i.e. for checking the integrity of the Linux kernel running inside a domU. It works on Xen 3.0.2 and 3.1.0 and with Linux 2.6.16-xen and 2.6.18-xen. Thanks to Dario Maggiari for the memory introspection functions.
This is the full listing of the archive:
xen_vmi/Makefile
xen_vmi/mm_intros_fun.c
xen_vmi/mm_intros_fun.h
xen_vmi/page_macro.h
xen_vmi/xen_check_dom.c
xen_vmi/xen_hash.c
xen_vmi/xen_vmi.c
xen_vmi/xen_vmi.h
xen_vmi/xen_vmi_private.h
Xen VMI was developed during my MSc project, and this is the MSc thesis: "Architetture di sicurezza e tecnologie di virtualizzazione: rilevamento delle intrusioni tramite introspezione" ("Intrusion Detection through Virtual Machine Introspection"). PPDDM-Lib is an open source ANSI C/C++ library of functions and protocols useful to exchange sensible information while computing Data Mining Models from several servers. The OpenSSL Toolkit is required. Joint work with Maurizio Atzori, developed at ISTI-CNR, Pisa. Here is the source code.
PPDDM-Lib was developed during my BSc project, and this is the BSc thesis: "Sviluppo di strumenti privacy preserving per data mining distribuito" ("Development of privacy-preserving tools for distributed data-mining").
Dark Medieval Labyrinth is an OpenGL 3D game written in C++ that runs on both Windows and Linux. The game together with the editor were developed by me and Francesco Tamberi for our final project of Costruzione di Interfacce course (2003/2004).
Lecturer of Malicious Software - IY3840: BSc in Computer Science, Royal Holloway, First Term 2020-2021.
Lecturer of Malicious Software - IY3840: BSc in Computer Science, Royal Holloway, Second Term 2019-2020.
Lecturer of Malicious Software - IY3840: BSc in Computer Science, Royal Holloway, Second Term 2018-2019.
Lecturer of Computer Security (Operating Systems) - IY5512: MSc in Information Security, Royal Holloway, First Term 2018-2019.
Lecturer of Computer Security (Operating Systems) - IY5512: MSc in Information Security, Royal Holloway, First Term 2017-2018.
Lecturer of Computer Security (Operating Systems) - IY5512: MSc in Information Security, Royal Holloway, First Term 2016-2017.
Co-lecturer (with Emil Lupu) of Computer Networks and Distributed Systems: BEng, MEng, MSc Computing, Imperial College London, Second Term 2016.
Lecturer of Programming Languages: BSc in Computer Science, University of Pisa - Polo Marconi La Spezia, First Term 2011.
Lecturer of Programming Languages: BSc in Computer Science, University of Pisa - Polo Marconi La Spezia, First Term 2010.
Teaching assistant for Operating Systems Programming Laboratory: Computer Science, University of Pisa, Third Term 2010.
Teaching assistant for Network Programming Laboratory: Computer Science, University of Pisa, First Term 2009.
Teaching assistant for Network Programming Laboratory: Computer Science, University of Pisa, First Term 2008.
Teaching assistant for Network Programming Laboratory: Computer Science, University of Pisa, First Term 2007.