2017

Analysing the Resilience of the IoT against Physical and Proximity Attacks.
Xu, He; Sgandurra, Daniele; Mayes, Keith; Li, Peng; Wang, Ruchuan. In the 10th International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage. 2017.
[pdf] [bibtex]

A New Security Middleware Architecture Based on Fog Computing and Cloud To Support IoT Constrained Devices.
Razouk, Wissam; Sgandurra, Daniele; Sakurai, Kouichi.. In the International Conference on Internet of Things and Machine Learning. 2017.
[pdf] [bibtex]

Efficient Attack Graph Analysis through Approximate Inference.
Luis Muñoz-González, Daniele Sgandurra, Andrea Paudice, Emil C. Lupu. In ACM Transactions on Transactions on Privacy and Security (TOPS), Volume 20 Issue 3, Article No. 10. July 2017.
[pdf] [bibtex]

Exact Inference Techniques for the Analysis of Bayesian Attack Graphs.
Luis Muñoz-González, Daniele Sgandurra, Martín Barrère, Emil C. Lupu. To appear in IEEE Transactions on Dependable and Secure Computing (TDSC), 2017. DOI: 10.1109/TDSC.2016.2627033.
[pdf (Open Access)] [bibtex]

VSMURF: A Novel Sliding Window Cleaning Algorithm for RFID Networks.
He Xu, Weiwei Shen, Peng Li, Daniele Sgandurra, and Ruchuan Wang. Journal of Sensors, vol. 2017, Article ID 3186482, 11 pages, 2017. doi:10.1155/2017/3186482.
[pdf (Open Access)] [bibtex]

2016

Automated Dynamic Analysis of Ransomware: Benefits, Limitations and use for Detection.
Daniele Sgandurra, Luis Muñoz-González, Rabih Mohsen, Emil C. Lupu
In ArXiv e-prints, arXiv:1609.03020.
[pdf] [bibtex]

Efficient Attack Graph Analysis through Approximate Inference.
Luis Muñoz-González, Daniele Sgandurra, Andrea Paudice, Emil C. Lupu
In ArXiv e-prints, arXiv:1606.07025.
[pdf] [bibtex]

Risk Analysis of Android Applications: A User-Centric Solution.
Gianluca Dini, Fabio Martinelli, Ilaria Matteucci, Marinella Petrocchi, Andrea Saracino, Daniele Sgandurra. In Future Generation Computer Systems, Special issue on Security, Privacy and Trust of the User-centric Solutions, Volume 80, March 2018, Pages 505-518. 10.1016/j.future.2016.05.035
[pdf] [bibtex]

Formalizing Threat Models for Virtualized Systems.
Daniele Sgandurra, Erisa Karafili and Emil Lupu. In proceeding of the 30th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2016).
[pdf] [bibtex]

MADAM: Effective and Efficient Behavior-based Android Malware Detection and Prevention.
Andrea Saracino, Daniele Sgandurra, Gianluca Dini and Fabio Martinelli. To appear in IEEE Transactions on Dependable and Secure Computing (TDSC), 2016. DOI: 10.1109/TDSC.2016.2536605.
[pdf] [bibtex]

Evolution of Attacks, Threat Models, and Solutions for Virtualized Systems.

Daniele Sgandurra, Emil Lupu
In ACM Computing Surveys (CSUR), Volume 48 Issue 3, February 2016, Article No. 46.
[pdf] [bibtex]

2015

Exact Inference Techniques for the Dynamic Analysis of Attack Graphs.
Muñoz-González, Luis; Sgandurra, Daniele; Barrère, Martín; Lupu, Emil
In ArXiv e-prints, arXiv:1510.02427.
[pdf] [bibtex]

AntiCheetah: Trustworthy computing in an outsourced (cheating) environment.
Roberto Di Pietro, Flavio Lombardi, Fabio Martinelli, Daniele Sgandurra.
In Future Generation Computer Systems (2015) pp. 28-38, DOI: 10.1016/j.future.2015.02.004
[pdf] [bibtex]

Sharing Data Through Confidential Clouds: An Architectural Perspective.
Daniele Sgandurra, Francesco Di Cerbo, Slim Trabelsi, Fabio Martinelli, and Emil Lupu.
In proceedings of the 1st International Workshop on TEchnical and LEgal aspects of data pRivacy and SEcurity, 2015 IEEE/ACM, pp. 58-61, DOI: 10.1109/TELERISE.2015.19
[pdf] [bibtex]

Design and Development of a Facebook Application to Raise Privacy Awareness.
Gianpiero Costantino and Daniele Sgandurra.
In proceedings of the 23nd Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP) 2015.
[pdf] [bibtex]

2014

Detection of repackaged mobile applications through a collaborative approach.
Alessandro Aldini, Fabio Martinelli, Andrea Saracino, and Daniele Sgandurra.
In Journal of Concurrency and Computation: Practice and Experience, Volume 27, Issue 11, pages 2818–2838, 10 August 2015. DOI: 10.1002/cpe.3447.
[pdf] [bibtex]

Simulating Attack Plans Against ICT Infrastructures.
Baiardi, F., Corò, F., Tonelli, F., Guidi, L., and Sgandurra, D..
In Vulnerability, Uncertainty, and Risk: pp. 627-637. DOI: 10.1061/9780784413609.064.
[pdf] [bibtex]

Automating the assessment of ICT risk.
Fabrizio Baiardi, Fabio Corò, Federico Tonelli, Daniele Sgandurra.
In Journal of Information Security and Applications, Volume 19, Issue 3, July 2014, Pages 182–193, doi:10.1016/j.jisa.2014.04.002.
[pdf] [bibtex]

A Scenario Method to Automatically Assess ICT Risk.
Fabrizio Baiardi, Fabio Corò, Federico Tonelli, Daniele Sgandurra.
Proceedings of the 22nd Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP) 2014, pp. 544-551, doi:10.1109/PDP.2014.105.
[pdf] [bibtex]

2013

AntiCheetah: an Autonomic Multi-round Approach for Reliable Computing.
Roberto Di Pietro, Flavio Lombardi, Fabio Martinelli and Daniele Sgandurra.
Proceedings of the 10th IEEE International Conference on Autonomic and Trusted Computing (ATC-2013). Best Paper Award
[pdf] [bibtex]

How to Grant Less Permissions to Facebook Applications.
Gianpiero Costantino, Fabio Martinelli and Daniele Sgandurra.
Proceedings of the Ninth International Conference on Information Assurance and Security (IAS'2013).
[pdf] [bibtex]

Towards Enforcing On-The-Fly Policies in BYOD Environments.
Gianpiero Costantino, Fabio Martinelli, Andrea Saracino and Daniele Sgandurra.
Proceedings of the Ninth International Conference on Information Assurance and Security (IAS'2013).
[pdf] [bibtex]

Remote Policy Enforcement for Trusted Application Execution in Mobile Environments.
Fabio Martinelli, Ilaria Matteucci, Andrea Saracino and Daniele Sgandurra.
In proceedings of InTrust 2013: 5th International Conference on Trusted Systems. LNCS 8292, pp. 70-84.
[pdf] [bibtex]

CheR: Cheating Resilience in the Cloud via Smart Resource Allocation
Roberto Di Pietro, Flavio Lombardi, Fabio Martinelli and Daniele Sgandurra.
Proceedings of the Sixth International Symposium on Foundations & Practice of Security (FPS'2013).
[pdf] [bibtex]

Classifying Android Malware through Subgraph Mining.
Fabio Martinelli, Andrea Saracino, Daniele Sgandurra.
Proceedings of The sixth International Workshop on Autonomous and Spontaneous Security (SETOP 2013).
[pdf] [bibtex]

Introducing probabilities in contract-based approaches for mobile application security.
Gianluca Dini, Fabio Martinelli, Ilaria Matteucci, Andrea Saracino and Daniele Sgandurra.
Proceedings of The sixth International Workshop on Autonomous and Spontaneous Security (SETOP 2013).
[pdf] [bibtex]

Assessing ICT risk through a Monte Carlo method.
Fabrizio Baiardi, Daniele Sgandurra.
Journal of Environment Systems and Decisions, Springer US, pp. 1-14.
[pdf] [bibtex]

Probabilistic Contract Compliance for Mobile Applications.
Gianluca Dini, Fabio Martinelli, Andrea Saracino, Daniele Sgandurra.
Proceedings of the Eighth International Conference on Availability, Reliability and Security (ARES 2013).
[pdf] [bibtex]

Evaluating the Trust of Android Applications through an Adaptive and Distributed Multi-Criteria Approach.
Gianluca Dini, Fabio Martinelli, Ilaria Matteucci, Marinella Petrocchi, Andrea Saracino, Daniele Sgandurra.
Proceedings of the 3rd IEEE International Symposium on Trust and Identity in Mobile Internet, Computing and Communications (TrustID 2013).
[pdf] [bibtex]

A Collaborative Framework for Generating Probabilistic Contracts.
Alessandro Aldini, Fabio Martinelli, Andrea Saracino, Daniele Sgandurra.
Proceedings of the 2013 IEEE International Conference on Collaboration Technologies and Systems, May 20-24, 2013, San Diego, California. Editors: Waleed W. Smari & Geoffrey C. Fox. pp. 139-143. Outstanding Paper Award
[pdf] [bibtex]

Are Photos On Social Networks Really Private?
Gianpiero Costantino, Fabio Martinelli, Daniele Sgandurra.
Proceedings of the 2013 IEEE International Conference on Collaboration Technologies and Systems, May 20-24, 2013, San Diego, California. Editors: Waleed W. Smari & Geoffrey C. Fox.
[pdf] [bibtex]

2012

Multi-Criteria-based Evaluation of Android Applications.
Gianluca Dini, Fabio Martinelli, Ilaria Matteucci, Marinella Petrocchi, Andrea Saracino, Daniele Sgandurra.
In proceedings of InTrust 2012: 4th International Conference on Trusted Systems. LNCS 7711, pp. 66-82.
[pdf] [bibtex]

MADAM: a Multi-Level Anomaly Detector for Android Malware.
Andrea Saracino, Fabio Martinelli, Daniele Sgandurra, Gianluca Dini.
In proceedings of the Sixth International Conference 'Mathematical Methods, Models, and Architectures for Computer Network Security' (MMM-ACNS-2012). LNCS 7531, pp. 240-253.
[pdf] [bibtex]

Haruspex: Simulation-driven Risk Analysis for Complex Systems.
Baiardi, F. and Telmon, C. and Sgandurra, D.
ISACA Journal 3 (2012): 46.
[pdf] [bibtex]

A Survey on Security for Mobile Devices.
La Polla, M. and Martinelli, F. and Sgandurra, D.
In Communications Surveys & Tutorials, IEEE, Volume: 13 , Issue: 1, pp. 446-471.
[pdf] [bibtex]

2011

Unbounded impacts and risk mitigation in billing infrastructures.
Baiardi, F., Telmon, C. and Sgandurra, D.
Int. J. Risk Assessment and Management, Vol. 15, Nos. 2/3, pp.186-204, 2011.
[pdf] [bibtex]

An Obfuscation-Based Approach Against Injection Attacks.
Fabrizio Baiardi, Daniele Sgandurra.
In proceedings of the Sixth International Conference on Availability, Reliability and Security (ARES), Vienna, Austria, 2011.
[pdf] [bibtex]

A Simulation-Driven Approach for Assessing Risks of Complex Systems.

Fabrizio Baiardi, Claudio Telmon, Daniele Sgandurra
EWDC '11 Proceedings of the 13th European Workshop on Dependable Computing, 2011
[pdf] [bibtex]

Attestation of integrity of overlay networks.
Fabrizio Baiardi, Daniele Sgandurra.
Journal of Systems Architecture - Embedded Systems Design 57(4): 463-473, 2011
[pdf] [bibtex]

2010

Semantic Attestation of Node Integrity in Overlays.
Fabrizio Baiardi, Daniele Sgandurra.
In proceedings of OTM 2010 - Confederated International Conferences: CoopIS, IS, DOA and ODBASE, Hersonissos, Crete, Greece, October 25-29, 2010. LNCS 6426, pp. 656-671.
[pdf] [bibtex]

Securing a Community Cloud.
Fabrizio Baiardi, Daniele Sgandurra.
In proceedings of the first ICDCS Workshop on Security and Privacy in Cloud Computing, 2010, issn 1545-0678, pp. 32-41.
[pdf] [bibtex]

2009

Cloud Security Is Not (Just) Virtualization Security.

Mihai Christodorescu, Reiner Sailer, Douglas Lee Schales, Daniele Sgandurra, Diego Zamboni
CCSW '09 Proceedings of the 2009 ACM workshop on Cloud computing security, 2009.

Introspection-based Context Agent Injection.
Mihai Christodorescu, Reiner Sailer, Douglas Schales, Arvind Seshadri, Daniele Sgandurra, Diego Zamboni.
In IBM AoT (Academy of Technology) Security and Privacy Symposium, June 22-26, 2009.

Invariant Evaluation through Introspection for Proving Security Properties.
Fabrizio Baiardi, Dario Maggiari and Daniele Sgandurra.
Journal of Information Assurance and Security, Volume 4, Issue 2. pp 124-132, Dynamic Publisher Inc, issn 1554-1010, 2009.
[pdf] [bibtex]

Modeling and Managing Risk in Billing Infrastructures.
Fabrizio Baiardi, Claudio Telmon and Daniele Sgandurra.
In proceedings of the Third Annual IFIP Working Group 11.10 International Conference on Critical Infrastructure Protection, ISBN 978-3-642-04797-8, pp. 51-64, Springer Boston.
[pdf] [bibtex]

Measuring Semantic Integrity for Remote Attestation.
Fabrizio Baiardi, Diego Cilea, Daniele Sgandurra and Francesco Ceccarelli.
In proceedings of the 2nd International Conference on Trusted Computing Technical Strand (Trust 2009), Oxford, UK, LNCS 5471, pp. 81-100.
[pdf] [bibtex]

PsycoTrace: Virtual and Transparent Monitoring of a Process Self.
Fabrizio Baiardi, Dario Maggiari, Daniele Sgandurra and Francesco Tamberi.
In proceedings of the 17th Euromicro International Conference on Parallel, Distributed and network-based Processing (PDP 2009), Weimar, Germany, IEEE Computer Society Press, pp. 393-397, 2009.
[pdf] [bibtex]

Securing Health Information Infrastructures through Overlays.
Fabrizio Baiardi, Dario Maggiari and Daniele Sgandurra.
In proceedings of HEALTHINF 2009 - Second International Conference on Health Informatics, L. Azevedo and A. R. Londral, eds., Porto, Portugal: INSTICC Press, pp. 123-128, 2009, ISBN: 978-989-811-63-0.
[bibtex]

Hierarchical, Model-Based Risk Management of Critical Infrastructures.
Fabrizio Baiardi, Claudio Telmon, Daniele Sgandurra
Journal of Reliability Engineering & System Safety Volume 94, Issue 9, September 2009, Pages 1403-1415.
[pdf] [bibtex]

2008

Transparent Process Monitoring in a Virtual Environment.
Daniele Sgandurra, Fabrizio Baiardi, Dario Maggiari, and Francesco Tamberi.
In Electronic Notes in Theoretical Computer Science, volume 236, pp. 85-100, 2009. Proceedings of the Third International Workshop on Views On Designing Complex Architectures (VODCA 2008), Bertinoro (Italy).
[pdf] [bibtex]

Semantics-Driven Introspection in a Virtual Environment.
Francesco Tamberi, Dario Maggiari, Daniele Sgandurra, Fabrizio Baiardi.
In proceedings of the Fourth IEEE International Conference on Information Assurance and Security (IAS 2008), Naples (Italy), pp 299-302.
[pdf] [bibtex]

Secure Sharing of an ICT Infrastructure Through Vinci.
Fabrizio Baiardi and Daniele Sgandurra.
In Proceedings of the 2nd International Conference on Autonomous Infrastructure, Management and Security Resilient Networks and Services (AIMS 2008), Bremen (Germany), LNCS 5127, pp. 65-78.
[pdf] [bibtex]

Virtual Interacting Network Community: Exploiting Multi-Core Architectures to Increase Security.

Fabrizio Baiardi, Daniele Sgandurra
CF '08 Proceedings of the 5th conference on Computing frontiers, 2008

2007

Protezione del Kernel Tramite Macchine Virtuali.
Fabio Campisi, Daniele Sgandurra.
Net&System Security 2007, Pisa (Italy). Best Student Paper Award.
[pdf]

Towards High Assurance Networks of Virtual Machines.
Fabrizio Baiardi and Daniele Sgandurra.
In Proceedings of the 3rd European Conference on Computer Network Defense (EC2ND 2007), Heraklion (Greece), Lecture Notes in Electrical Engineering, Vol. 30 Siris, pp. 21-34.
[pdf] [bibtex]

Managing Critical Infrastructures through Virtual Network Communities.
Fabrizio Baiardi, Gaspare Sala, and Daniele Sgandurra.
In proceedings of 2nd International Workshop on Critical Information Infrastructures Security (CRITIS 2007), Malaga (Spain), LNCS 5141, pp. 71-82.
[pdf] [bibtex]

Security and Integrity of a Distributed File Storage in a Virtual Environment.
Gaspare Sala, Daniele Sgandurra, and Fabrizio Baiardi.
In proceedings of 4th International IEEE Security in Storage Workshop (SISW 07), San Diego (USA), pp. 58-69.
[pdf] [bibtex]

Building Trustworthy Intrusion Detection through VM Introspection.
Fabrizio Baiardi and Daniele Sgandurra.
In proceedings of the Third IEEE International Symposium on Information Assurance and Security (IAS 07), 2007, Manchester (UK), pp. 209-214.
[pdf] [bibtex]

Thesis

PhD Thesis

Measuring the Semantic Integrity of a Process Self. pdf

MSc Thesis

Architetture di sicurezza e tecnologie di virtualizzazione: rilevamento delle intrusioni tramite introspezione (Intrusion Detection through Virtual Machine Introspection). pdf

BSc Thesis

Sviluppo di strumenti privacy preserving per data mining distribuito (Development of privacy-preserving tools for distributed data-mining). pdf