Cyber Security | Doctoral Program - Information Engineering and Computer Science

Cyber Security

The University of Trento has performed research and offered courses in Security and Cryptography for many years. This research program represents the fulfilment of this activity as a first class citizen. The research focus spans from classical IT security (mobile systems, web services, etc.), to organizational security (Air Traffic Management, critical infrastructures, etc.).
Our research develops in two main directions: technological research, where we develop security technologies such as intrusion detection systems for keyloggers, on-card checkers of applets on smart card, cryptographic boxes for ciphers; and empirical research, where we experiment how technologies actually work in practice, to find out which vulnerabilities are actually exploited in the wild, how malware markets looks like, and so on. 

In the past years the group has received several high-profile substantial grants for projects in which it participated either as a coordinator or as a scientific coordinator (IP-MASTER, STREP-S3MS, IP-SECURECHANGE, NoE-NESSOS, CP-SECONOMICS, CSA-CAPITAL, CSA_SECCORD, EIT-M-SHIELD, etc.)

The group is currently involved in several EIT Projects in Mobile Security (VAMOSS, OF2CEN, etc.), a large Marie Curie Training Network (NECS), and two projects with EuroControl on Air Traffic Security. It also participates in the CINI National Cyber-Security Lab and has now been entrusted with the organization of training courses in cyber-security for the Italian government.

 

Publications

13 publications for 7 currently enrolled students

Building Cross-language Corpora for Human Understanding of Privacy Policies
Ciclosi, Francesco; Vidor, Silvia; Massacci, Fabio in Digital Sovereignty in Cyber Security: New Challenges in Future Vision, Cham: Springer, 2023, p. 113-131. - (COMMUNICATIONS IN COMPUTER AND INFORMATION SCIENCE). - ISBN: 978-3-031-36095-4. Proceedings of: First International Workshop, CyberSec4Europe 2022, Venezia, 17th April-21April 2022. - Publication URL . - DOI: 10.1007/978-3-031-36096-1_8

Discovery and Identification of Memory Corruption Vulnerabilities on Bare-metal Embedded Devices
Salehi, Majid; Degani, Luca; Roveri, Marco; Hughes, Daniel; Crispo, Bruno in IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, v. 2022, (2022), p. 1-1. - Publication URL . - DOI: 10.1109/TDSC.2022.3149371

PISTIS: Trusted Computing Architecture for Low-end Embedded Systems
Grisafi, Michele; Ammar, Mahmoud; Roveri, Marco; Crispo, Bruno in 31st USENIX Security Symposium (USENIX Security 22), Boston: USENIX Association, 2022, p. 3843-3860. - ISBN: 978-1-939133-31-1. Proceedings of: USENIX Security 22, Boston, 10-12 August 2022. - Publication URL

Rischio digitale innovazione e resilienza. Conoscere, affrontare e mitigare il rischio digitale
Agresti, Elena; Antonelli, Leonardo; Ariu, Davide; Barboni, Stefano; Belluzzo, Giovanni; Bocci, Gianluca; Bosis, Angelo; Bucciarelli, Fabio; Butti, Giancarlo; Caccia, Andrea; Carnelli, Dario; Carnelli, Davide; Castello, Andrea; Ceccon, Marco; Ciclosi, Francesco; Colombo, Luciano; Corona, Igino; Cresci, Rita Eva; Crociani, Marco; Cusello, Giuseppe; Diomede, Nicla Ivana; Dursi, Elenio; Ferretti, Ambrogio; Ferretti, Enrico; Fumagalli, Giustino; Gaia, Cristina; Gatti, Chiara; Guastone, Carlo; Locatelli, Marco; Magri, Massimiliano; Manco, Lorena; Manconi, Davide; Mariotti, Andrea; Mauceli, Carlo; Mauro, Luigi; Menna, Savino; Meroni, Paola; Modena, Riccardo; Mudu, Enzo; Panza, Paolo; Parrinello, Ignazio; Pastore, Maurizio; Perugini, Maria Roberta; Ranza, Riccardo; Ravizza, Alice; Rui, Andrea; Sambucci, Luca; Saulli, Fabio; Sferlazza, Paolo; Sotira, Nicola; Spreafico, Giulio; Tordi, Roberto; Troiano, Guglielmo; Vaciago, Elena; Zammarchi, Luca; Zampetti, Luigi, , Milano: Clusit Associazione Italiana per la Sicurezza Informatica, 2022, 219 p. - ISBN: 9791221007008. - Publication URL . - DOI: 10.979.12210/07008

Web Cache Deception Escalates!
Mirheidari, Seyed Ali; Golinelli, Matteo; Onarlioglu, Kaan; Kirda, Engin; Crispo, Bruno in 31st USENIX Security Symposium (USENIX Security 22), Boston: USENIX Association, 2022, p. 179-195. - ISBN: 978-1-939133-31-1. Proceedings of: Usenix Security 22, Boston, 10th -12th Aug 2022. - Publication URL

Generative adversarial networks for subdomain enumeration
Degani, L.; Bergadano, F.; Mirheidari, S. A.; Martinelli, F.; Crispo, B. in Proceedings of the 37th ACM/SIGAPP Symposium on Applied Computing, New York, USA: Association for Computing Machinery, 2022, p. 1636-1645. - ISBN: 9781450387132. Proceedings of: The 37th ACM/SIGAPP Symposium On Applied Computing, Virtual, 25 - 29 April, 2022. - Publication URL . - DOI: 10.1145/3477314.3506967

MPI: Memory Protection for Intermittent Computing
Grisafi, M.; Ammar, M.; Yildirim, K. S.; Crispo, B. in IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, v. 17, (2022), p. 3597-3610. - DOI: 10.1109/TIFS.2022.3210866

The Data Protection Officer: A Ubiquitous Role That No One Really Knows
Ciclosi, Francesco; Massacci, Fabio in IEEE SECURITY & PRIVACY, v. 2022, (2022), p. 2-13. - Publication URL . - DOI: 10.1109/MSEC.2022.3222115

On the feasibility of detecting injections in malicious npm packages
Scalco, Simone; Paramitha, Ranindya; Vu Duc, Ly; Massacci, Fabio in ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security (IWCSEC 2022), New York, NY, USA: Association for Computing Machinery, 2022, p. 1151-1158. - ISBN: 9781450396707. Proceedings of: ARES, Vienna, Austria, 23 - 26 August 2022. - Publication URL . - DOI: 10.1145/3538969.3543815

Lightweight Parsing and Slicing for Bug Identification in C
Mecenero, Luca; Paramitha, Ranindya; Pashchenko, Ivan; Massacci, Fabio in ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security (IWCSEC 2022), New York, NY, USA: Association for Computing Machinery, 2022, p. 1-10. - ISBN: 9781450396707. Proceedings of: ARES, Vienna, Austria, 23- 26 August 2022. - Publication URL . - DOI: 10.1145/3538969.3543828

Using Linguistic Typology to Enrich Multilingual Lexicons: the Case of Lexical Gaps in Kinship
Khishigsuren, Temuulen; Bella, Gabor; Batsuren, Khuyagbaatar; Freihat, Abed Alhakim Ali Kayed; Chandran Nair, Nandu; Ganbold, Amarsanaa; Khalilia, Hadi; Chandrashekar, Yamini; Giunchiglia, Fausto in Proceedings of the Thirteenth Language Resources and Evaluation Conference, Marseille, France: European Language Resources Association, 2022. Proceedings of: LREC, Marseille, France, June 2022. - Publication URL
[other topics: Data Intelligence

The Quality of Lexical Semantic Resources: A Survey
Khalilia, Hadi; Freihat, Abed Alhakim; Giunchiglia, Fausto in Proceedings of The Fourth International Conference on Natural Language and Speech Processing (ICNLSP 2021), Stroudsburg, USA: ACL Anthology, 2021, p. 117-129. - ISBN: 978-1-955917-18-6. Proceedings of: ICNLSP 2021, Trento, 12th - 13th November 2021. - Publication URL
[other topics: Data Intelligence

The Dimensions of Lexical Semantic Resource Quality
Khalilia, Hadi; Freihat, Abed Alhakim; Giunchiglia, Fausto in Proceedings of the Second International Workshop on NLP Solutions for Under Resourced Languages (NSURL 2021) co-located with ICNLSP 2021, USA: ACL Anthology, 2021, p. 15-21. - ISBN: 978-1-955917-19-3. Proceedings of: NSURL 2021, Trento, 12th - 13th November 2021. - Publication URL
[other topics: Data Intelligence

 

Students

Ciclosi, Francescofrancesco.ciclosi [at] unitn.itwebpage
Degani, Lucaluca.degani [at] unitn.itwebpage
Feng, Yuanyuan.feng [at] unitn.itwebpage
Golinelli, Matteomatteo.golinelli [at] unitn.itwebpage
Grisafi, Michelemichele.grisafi [at] unitn.itwebpage
Khalilia, Hadi M Yhadi.khalilia [at] unitn.itwebpage
Paramitha, Ranindyaranindya.paramitha [at] unitn.itwebpage