NDS Research Group - Networking and Distributed Systems

Cyber Security

Cyber Security is a critical topic in the field of distributed systems. The NDS Research Group faces this subject from different points of view.
In the field of Wireless Sensor Networks (WSN), especially in military applications, it is essential that WSNs support security protocols to prevent intruders from accessing information exchanged among sensor nodes. However, the limitedness of resources prevents the adoption of algorithms and protocols well-established in computer networks and requires the definition of new solutions to find a trade-off between security and efficiency. With respect to classical distributed systems, the research group faces the problem of designing intrusion detection systems through the adoption of artificial intelligence techniques, such as Bayesian networks which allow to model statistical dependencies between observed phenomena and support reasoning with uncertain information.
Moreover, also the classical cryptography is faced by applying techniques and models coming from the artificial intelligence field, with the aim of providing a novel point of view for detecting new vulnerabilities and suggesting new solutions.

NDS is a part of the Cyber Security National Lab

Related Publications

SpADe: Multi-Stage Spam Account Detection for Online Social Networks. F. Concone, G. Lo Re, M. Morana, S. K. Das. In IEEE Transactions on Dependable and Secure Computing (TDSC), 2022, doi: 10.1109/TDSC.2022.3198830
Abstract | PDF | BibTeX | Full Text
In recent years, Online Social Networks (OSNs) have radically changed the way people communicate. The most widely used platforms, such as Facebook, Youtube, and Instagram, claim more than one billion monthly active users each. Beyond these, news-oriented micro-blogging services, e.g., Twitter, are daily accessed by more than 120 million users sharing contents from all over the world. Unfortunately, legitimate users of the OSNs are mixed with malicious ones, which are interested in spreading unwanted, misleading, harmful, or discriminatory content. Spam detection in OSNs is generally approached by considering the characteristics of the account under analysis, its connection with the rest of the network, as well as data and metadata representing the content shared. However, obtaining all this information can be computationally expensive, or even unfeasible, on massive networks. Driven by these motivations, in this paper we propose SpADe, a multi-stage Spam Account Detection algorithm with reject option, whose purpose is to exploit less costly features at the early stages, while progressively extracting more complex information only for those accounts that are difficult to classify. Experimental evaluation shows the effectiveness of the proposed algorithm compared to single-stage approaches, which are much more complex in terms of features processing and classification time.
A Simulation Software for the Evaluation of Vulnerabilities in Reputation Management Systems. V. Agate, A. De Paola, G. Lo Re, M. Morana. In ACM Transactions on Computer Systems (TOCS 2021)
Abstract | PDF | BibTeX | Full Text
Multi-agent distributed systems are characterized by autonomous entities that interact with each other to provide, and/or request, different kind of services. In several contexts, especially when a reward is offered according to the quality of service, individual agents (or coordinated groups) may act in a selfsh way. In order to prevent such behaviours, distributed Reputation Management Systems (RMSs) provide every agent with the capability of computing the reputation of the others according to direct past interactions, as well as indirect opinions reported by their neighborhood. This last point introduces a weakness on gossiped information that makes RMSs vulnerable to malicious agents intent on disseminating false reputation values. Given the variety of application scenarios in which RMSs can be adopted, as well as the multitude of behaviours that agents can implement, designers need RMS evaluation tools that allows to predict the robustness of the system to security attacks, before its actual deployment. To this aim, we present a simulation software for the vulnerability evaluation of RMSs, and illustrate three case studies in which this tool was effectively used to model and assess state-of-the-art RMSs.
Secure e-Voting in Smart Communities. V. Agate, M. Curaba, P. Ferraro, G. Lo Re, and M. Morana. In Proceeding of the Fourth Italian Conference on Cyber Security (ITASEC 2020)
Abstract | PDF | BibTeX | Full Text
Nowadays, digital voting systems are growing in importance. This is an especially sensitive area, because elections can directly affect democratic life of many smart communities. The goal of digital voting systems is to exploit ICT technologies to improve the security and usability of traditional electoral systems. In this work we present a secure electronic voting system that guarantees the secrecy, anonymity, integrity, uniqueness and authenticity of votes, while offering a user-friendly experience to voters, putting them at ease through the use of technologies familiar to them. To ensure these fundamental security requirements, the system fully separates the registration and voting phases and does not collect information on users, making it impossible to determine the identity of whoever cast each vote. Only the electoral supervisor, during the tallying phase, can decipher the electronic ballot papers, which are also totally anonymous. We consider universities to be one of the most representative smart communities, and for this reason we used the case study of university elections held on our campus to test the system. The experiments carried out tested the system in increasingly challenging scenarios, and were carried out by volunteer students and university staff members.
Twitter Spam Account Detection by Effective Labeling. F. Concone, G. Lo Re, M. Morana, C. Ruocco.. In Proceeding of the Third Italian Conference on Cyber Security (ITASEC 2019)
Abstract | PDF | BibTeX | Full Text
In the last years, the widespread diffusion of Online Social Networks (OSNs) has enabled new forms of communications that make it easier for people to interact remotely. Unfortunately, one of the first consequences of such a popularity is the increasing number of malicious users who sign-up and use OSNs for non-legit activities. In this paper we focus on spam detection, and present some preliminary results of a system that aims at speeding up the creation of a large-scale annotated dataset for spam account detection on Twitter. To this aim, two different algorithms capable of capturing the spammer behaviors, i.e., to share malicious urls and recurrent contents, are exploited. Experimental results on a dataset of about 40.000 users show the effectiveness of the proposed approach.
Assisted Labeling for Spam Account Detection on Twitter. F. Concone, G. Lo Re, M. Morana, C. Ruocco. In Proceedings of the 2019 IEEE International Conference on Smart Computing (SMARTCOMP)
Abstract | PDF | BibTeX | Full Text
A Platform for the Evaluation of Distributed Reputation Algorithms. V. Agate, A. De Paola, G. Lo Re, M. Morana. In Proceedings of the 22nd IEEE/ACM International Symposium on Distributed Simulation and Real-Time Applications (DS-RT 2018)
Abstract | PDF | BibTeX | Full Text
In distributed environments, where unknown entities cooperate to achieve complex goals, intelligent techniques for estimating agents? truthfulness are required. Distributed Reputation Management Systems (RMSs) allow to accomplish this task without the need for a central entity that may represent a bottleneck and a single point of failure. The design of a distributed RMS is a challenging task due to a multitude of factors that could impact on its performances. In order to support the researcher in evaluating the RMS robustness against security attacks since its beginning design phase, in this work we present a distributed simulation environment that allows to model both the agent?s behaviors and the logic of the RMS itself. Moreover, in order to compare at simulation time the performance of the designed distributed RMS with a baseline obtained by an ideal RMS, we introduce an omniscient process called truth- holder which owns a global knowledge all involved entities. The effectiveness of our platform was proved by a set of experiments aimed at measuring the vulnerability of a RMS to a common set of security attacks.
A Hybrid System for Malware Detection on Big Data. A. De Paola, S. Gaglio, G. Lo Re and M. Morana. In Proceedings of the IEEE INFOCOM 2018 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)
Abstract | PDF | BibTeX | Full Text
In recent years, the increasing diffusion of malicious software has encouraged the adoption of advanced machine learning algorithms to timely detect new threats. A cloud-based approach allows to exploit the big data produced by client agents to train such algorithms, but on the other hand, poses severe challenges on their scalability and performance. We propose a hybrid cloud-based malware detection system in which static and dynamic analyses are combined in order to find a good tradeoff between response time and detection accuracy. Our system performs a continuous learning process of its models, based on deep networks, by exploiting the growing amount of data provided by clients. The preliminary experimental evaluation confirms the suitability of the approach proposed here.
Secure random number generation in wireless sensor networks. G. Lo Re, F. Milazzo, M. Ortolani. In Journal of Concurrency and Computation: Practice and Experience, DOI: 10.1002/cpe.3311
Abstract | PDF | BibTeX | Full Text
The increasing adoption of wireless sensor networks as a flexible and inexpensive tool for the most diverse applications, ranging from environmental monitoring to home automation, has raised more and more attention to the issues related to the design of specifically customized security mechanisms. The scarcity of computational, storage, and bandwidth resources cannot definitely be disregarded in such context, and this makes the implementation of security algorithms particularly challenging. This paper proposes a security framework for the generation of true random numbers, which are paramount as the core building block for many security algorithms; the intrinsic nature of wireless sensor nodes and their capability of reliably providing measurements of environmental quantities make them natural candidates as true random number generators. In order to provide robustness to common attacks, we additionally devised a protocol aimed at obscuring the actual source of data, by making nodes cooperate with their neighbors. Furthermore, we describe an enhanced version of our framework consisting in an optimization for use in the context of resource-constrained systems.
Bayesian System for Differential Cryptanalysis of DES. A. De Paola, L. Gagliano, G. Lo Re. In Proceedings of 2013 International Conference on Applied Computing, Computer Science, and Computer Engineering
Abstract | PDF | BibTeX | Full Text
This paper proposes a new formalization for the differential cryptanalysis of DES (Data Encryption Standard) based on Bayesian Networks (BN), an artificial intelligence framework used for reasoning on data affected by uncertainty. Through the proposed approach it is possible to analyze DES from a novel point of view, thus paving the way for the development of a new class of cryptanalysis methods.
Secure random number generation in wireless sensor networks. G. Lo Re, F. Milazzo, M. Ortolani. In Proceedings of the 4th international conference on Security of information and networks, 2011, pp. 175-182
Abstract | PDF | BibTeX | Full Text
Reliable random number generation is crucial for many available security algorithms, and some of the methods presented in literature proposed to generate them based on measurements collected from the physical environment, in order to ensure true randomness. However the effectiveness of such methods can be compromised if an attacker is able to gain access to the measurements thus inferring the generated random number. In our paper, we present an algorithm that guarantees security for the generation process, in a real world scenario using wireless sensor nodes as the sources of the physical measurements. The proposed method uses distributed leader election for selecting a random source of data. We prove the robustness of the algorithm by discussing common security attacks, and we present theoretical and experimental evaluation regarding its complexity in terms of time and exchanged messages.
A TRNG exploiting multi-source physical data. V. Gaglio, A. De Paola, M. Ortolani, G. Lo Re. In Proceedings of the 6th ACM workshop on QoS and security for wireless and mobile networks, 2010, pp. 82-89
Abstract | PDF | BibTeX | Full Text
In recent years, the considerable progress of miniaturization and the consequent increase of the efficiency of digital circuits has allowed a great diffusion of the wireless sensor network technology. This has led to the growth of applications and protocols for applying these networks to several scenarios, such as the military one, where it is essential to deploy security protocols in order to prevent opponents from accessing the information exchanged among sensor nodes. This paper analyzes security issues of data processed by the WSN and describes a system able to generate sequences of random numbers, which can be used by security algorithms and protocols. The proposed True Random Number Generator (TRNG) exploits measurements obtained from sensor nodes, in order to allow every node to produce random data upon request, without involving a trusted third party. The proposed TRNG behavior has been tested by carrying out the NIST tests, and the obtained experimental results indicate the high degree of randomness of the produced numbers.