In a world where cybersecurity is becoming increasingly important and where the lack of workforce is estimated in terms of millions of people, gamification is getting a more and more significant role in leading to excellent results in terms of both training and recruitment. Within cybersecurity gamification, the so-called Capture-The-Flag...More>>
Publications & Demonstrators
All accepted publications from SPARTA partners under its funding as well as videos presenting some of the work done under SPARTA
Publications
Go With the Flow: Clustering Dynamically-Defined NetFlow Features for Network Intrusion Detection with DYNIDS
Luis Dias, Simão Valente and Miguel Correia
The paper presents DYNIDS, a network intrusion detection approach that flags malicious activity without previous knowledge about attacks or training data. DYNIDS dynamically defines and extracts features from network data, and uses clus- tering algorithms to aggregate hosts with similar behavior. All previous clustering-based network intrusion detection approaches use a...More>>
Domains: Network intrusion detection, Clustering, Feature engineering, Security analytics
Evaluating Deep Learning Classification Reliability in Android Malware Family Detection
Giacomo Iadarola, Fabio Martinelli, Francesco Mercaldo, Antonella Santone
Artificial intelligence techniques are nowadays widespread to perform a great number of classification tasks. One of the biggest controversies regarding the adoption of these techniques is related to their use as a “black box” i.e., the security analyst must trust the prediction without the possibility to understand the reason why...More>>
Domains: Malware, Deep learning, Reliability, Interpretability, Explainability, Android, Security, Artificial intelligence
Enhanced Privacy and Data Protection using Natural Language Processing and Artificial Intelligence
Fabio Martinelli, Fiammetta Marulli, Francesco Mercaldo, Stefano Marrone, Antonella Santone
Artificial Intelligence systems have enabled significant benefits for users and society, but whilst the data for their feeding are always increasing, a side to privacy and security leaks is offered. The severe vulnerabilities to the right to privacy obliged governments to enact specific regulations to ensure privacy preservation in any...More>>
Domains: Privacy, Data Protection, Natural Language Processing, Sensitive Data Extraction, Artificial Intelligence, Unsupervised Machine Learning
Detecting Colluding Inter-App Communication in Mobile Environment
Rosangela Casolare, Fabio Martinelli, Francesco Mercaldo, Antonella Santone
The increase in computing capabilities of mobile devices has, in the last few years, made possible a plethora of complex operations performed from smartphones and tablets end users, for instance, from a bank transfer to the full management of home automation. Clearly, in this context, the detection of malicious applications...More>>
Domains: Colluding, Malware, Model checking, Formal methods, Security, Android, Mobile
Deep Learning for Network Intrusion Detection: An Empirical Assessment
Arnaldo Gouveia and Miguel Correia
The detection of security-related events using machine learning ap- proaches has been extensively investigated in the past. Particularly, machine learning- based network intrusion detection has attracted a lot of attention due to its poten- tial to detect unknown attacks. A number of classification techniques have been used for that purpose,...More>>
Domains: Network Security, Network Intrusion Detection Systems, Machine Learn- ing, Deep Learning, NIDS Performance Evaluation, Data Mining
CryingJackpot: Network Flows and Performance Counters against Cryptojacking.
Gilberto Gomes, Luis Dias, Miguel Correia
Cryptojacking, the appropriation of users’ computa- tional resources without their knowledge or consent to obtain cryp- tocurrencies, is a widespread attack, relatively easy to implement and hard to detect. Either browser-based or binary, cryptojacking lacks robust and reliable detection solutions. This paper presents a hybrid approach to detect cryptojacking where...More>>
Domains: Intrusion detection, Clustering, Cryptojacking, Network flows, Performance counters, Security analytics
Call Graph and Model Checking for Fine-Grained Android Malicious Behaviour Detection
Giacomo Iadarola, Fabio Martinelli, Francesco, Antonella Santone
The increasing diffusion of mobile devices, widely used for critical tasks such as the transmission of sensitive and private information, corresponds to an increasing need for methods to detect malicious actions that can undermine our data. As demonstrated in the literature, the signature-based approach provided by antimalware is not able...More>>
Domains: Malware, Model checking, Formal methods, Security, Android, Mobile
C2BID: Cluster Change-Based Intrusion Detection
Tiago Fernandes, Luis Dias, Miguel Correia
The paper presents a network intrusion detection approach that flags malicious activity without previous knowl- edge about attacks or training data. The Cluster Change-Based Intrusion Detection approach (C2BID) detects intrusions by monitoring host behavior changes. For that purpose, C2BID defines and extracts features from network data, aggregates hosts with similar behavior using clustering, then...More>>
Domains: Network intrusion detection, Clustering, Behavior change, Security analytics