from 1st March to 31st May

Publications & Demonstrators

All accepted publications from SPARTA partners under its funding as well as videos presenting some of the work done under SPARTA


Hardware-based Capture-the-Flag Challenges

Gianluca Roascio, Paolo Prinetto, Antonio Varriale

In a world where cybersecurity is becoming increasingly important and where the lack of workforce is estimated in terms of millions of people, gamification is getting a more and more significant role in leading to excellent results in terms of both training and recruitment. Within cybersecurity gamification, the so-called Capture-The-Flag...More>>

Domains: cybersecurity, , education, gamification, capture-the-flag, challenges, hardware, security

Go With the Flow: Clustering Dynamically-Defined NetFlow Features for Network Intrusion Detection with DYNIDS

Luis Dias, Simão Valente and Miguel Correia

The paper presents DYNIDS, a network intrusion detection approach that flags malicious activity without previous knowledge about attacks or training data. DYNIDS dynamically defines and extracts features from network data, and uses clus- tering algorithms to aggregate hosts with similar behavior. All previous clustering-based network intrusion detection approaches use a...More>>

Domains: network, intrusion, detection, clustering, feature, engineering, security, analytics

Evaluating Deep Learning Classification Reliability in Android Malware Family Detection

Giacomo Iadarola, Fabio Martinelli, Francesco Mercaldo, Antonella Santone

Artificial intelligence techniques are nowadays widespread to perform a great number of classification tasks. One of the biggest controversies regarding the adoption of these techniques is related to their use as a “black box” i.e., the security analyst must trust the prediction without the possibility to understand the reason why...More>>

Domains: malware, , deep, learning, reliability, interpretability, explainability, Android, security, artificial, intelligence

Enhanced Privacy and Data Protection using Natural Language Processing and Artificial Intelligence

Fabio Martinelli, Fiammetta Marulli, Francesco Mercaldo, Stefano Marrone, Antonella Santone

Artificial Intelligence systems have enabled significant benefits for users and society, but whilst the data for their feeding are always increasing, a side to privacy and security leaks is offered. The severe vulnerabilities to the right to privacy obliged governments to enact specific regulations to ensure privacy preservation in any...More>>

Domains: Privacy, , Data, Protection, Natural, Language, Processing, Sensitive, Extraction, Artificial, Intelligence, Unsupervised, Machine, Learning

Detecting Colluding Inter-App Communication in Mobile Environment

Rosangela Casolare, Fabio Martinelli, Francesco Mercaldo, Antonella Santone

The increase in computing capabilities of mobile devices has, in the last few years, made possible a plethora of complex operations performed from smartphones and tablets end users, for instance, from a bank transfer to the full management of home automation. Clearly, in this context, the detection of malicious applications...More>>

Domains: colluding, malware, model, checking, formal, methods, security, Android, mobile

Deep Learning for Network Intrusion Detection: An Empirical Assessment

Arnaldo Gouveia and Miguel Correia

The detection of security-related events using machine learning ap- proaches has been extensively investigated in the past. Particularly, machine learning- based network intrusion detection has attracted a lot of attention due to its poten- tial to detect unknown attacks. A number of classification techniques have been used for that purpose,...More>>

Domains: Network, Security, Intrusion, Detection, Systems, Machine, Learn-, ing, Deep, Learning, NIDS, Performance, Evaluation, Data, Mining

CryingJackpot: Network Flows and Performance Counters against Cryptojacking.

Gilberto Gomes, Luis Dias, Miguel Correia

Cryptojacking, the appropriation of users’ computa- tional resources without their knowledge or consent to obtain cryp- tocurrencies, is a widespread attack, relatively easy to implement and hard to detect. Either browser-based or binary, cryptojacking lacks robust and reliable detection solutions. This paper presents a hybrid approach to detect cryptojacking where...More>>

Domains: intrusion, detection, clustering, cryptojacking, net-, work, flows, performance, counters, security, analytics

Call Graph and Model Checking for Fine-Grained Android Malicious Behaviour Detection

Giacomo Iadarola, Fabio Martinelli, Francesco, Antonella Santone

The increasing diffusion of mobile devices, widely used for critical tasks such as the transmission of sensitive and private information, corresponds to an increasing need for methods to detect malicious actions that can undermine our data. As demonstrated in the literature, the signature-based approach provided by antimalware is not able...More>>

Domains: malware, model, checking, formal, methods, security, Android, mobile

C2BID: Cluster Change-Based Intrusion Detection

Tiago Fernandes, Luis Dias, Miguel Correia

The paper presents a network intrusion detection approach that flags malicious activity without previous knowl- edge about attacks or training data. The Cluster Change-Based Intrusion Detection approach (C2BID) detects intrusions by monitoring host behavior changes. For that purpose, C2BID defines and extracts features from network data, aggregates hosts with similar behavior using clustering, then...More>>

Domains: network, intrusion, detection, clustering, behavior, change, security, analytics