oru.sePublications
Change search
Link to record
Permanent link

Direct link
BETA
Publications (10 of 25) Show all publications
Argyriou, M., Dragoni, N. & Spognardi, A. (2018). Analysis and Evaluation of SafeDroid v2.0, a Framework for Detecting Malicious Android Applications. Security and Communication Networks, Article ID UNSP 4672072.
Open this publication in new window or tab >>Analysis and Evaluation of SafeDroid v2.0, a Framework for Detecting Malicious Android Applications
2018 (English)In: Security and Communication Networks, ISSN 1939-0114, E-ISSN 1939-0122, article id UNSP 4672072Article in journal (Refereed) Published
Abstract [en]

Android smartphones have become a vital component of the daily routine of millions of people, running a plethora of applications available in the official and alternative marketplaces. Although there are many security mechanisms to scan and filter malicious applications, malware is still able to reach the devices of many end-users. In this paper, we introduce the SafeDroid v2.0 framework, that is a flexible, robust, and versatile open-source solution for statically analysing Android applications, based on machine learning techniques. The main goal of our work, besides the automated production of fully sufficient prediction and classification models in terms of maximum accuracy scores and minimum negative errors, is to offer an out-of-the-box framework that can be employed by the Android security researchers to efficiently experiment to find effective solutions: the SafeDroid v2.0 framework makes it possible to test many different combinations of machine learning classifiers, with a high degree of freedom and flexibility in the choice of features to consider, such as dataset balance and dataset selection. The framework also provides a server, for generating experiment reports, and an Android application, for the verification of the produced models in real-life scenarios. An extensive campaign of experiments is also presented to show how it is possible to efficiently find competitive solutions: the results of our experiments confirm that SafeDroid v2.0 can reach very good performances, even with highly unbalanced dataset inputs and always with a very limited overhead.

Place, publisher, year, edition, pages
John Wiley & Sons, 2018
National Category
Computer Sciences
Identifiers
urn:nbn:se:oru:diva-69259 (URN)10.1155/2018/4672072 (DOI)000444877600001 ()2-s2.0-85053706618 (Scopus ID)
Available from: 2018-10-04 Created: 2018-10-04 Last updated: 2018-10-04Bibliographically approved
De Donno, M., Dragoni, N., Giaretta, A. & Mazzara, M. (2018). AntibIoTic: Protecting IoT Devices Against DDoS Attacks. In: Ciancarini, P.; Litvinov, S.; Messina, A.; Sillitti, A.; Succi, G. (Ed.), Proceedings of 5th International Conference in Software Engineering for Defence Applications: SEDA 2016. Paper presented at 5th International Conference in Software Engineering for Defence Applications, Rome, Italy, May 10, 2016 (pp. 59-72). Cham: Springer
Open this publication in new window or tab >>AntibIoTic: Protecting IoT Devices Against DDoS Attacks
2018 (English)In: Proceedings of 5th International Conference in Software Engineering for Defence Applications: SEDA 2016 / [ed] Ciancarini, P.; Litvinov, S.; Messina, A.; Sillitti, A.; Succi, G., Cham: Springer, 2018, p. 59-72Conference paper, Published paper (Refereed)
Abstract [en]

The 2016 is remembered as the year that showed to the world how dangerous Distributed Denial of Service attacks can be. Gauge of the disruptiveness of DDoS attacks is the number of bots involved: the bigger the botnet, the more powerful the attack. This character, along with the increasing availability of connected and insecure IoT devices, makes DDoS and IoT the perfect pair for the malware industry. In this paper we present the main idea behind AntibIoTic, a palliative solution to prevent DDoS attacks perpetrated through IoT devices.

Place, publisher, year, edition, pages
Cham: Springer, 2018
Series
Advances in Intelligent Systems and Computing (AISC), ISSN 2194-5357, E-ISSN 2194-5365 ; 717
National Category
Computer Sciences
Identifiers
urn:nbn:se:oru:diva-64665 (URN)10.1007/978-3-319-70578-1_7 (DOI)000434086000007 ()2-s2.0-85041797799 (Scopus ID)978-3-319-70577-4 (ISBN)978-3-319-70578-1 (ISBN)
Conference
5th International Conference in Software Engineering for Defence Applications, Rome, Italy, May 10, 2016
Available from: 2018-01-30 Created: 2018-01-30 Last updated: 2018-06-20Bibliographically approved
De Donno, M., Dragoni, N., Giaretta, A. & Spognardi, A. (2018). DDoS-Capable IoT Malwares: Comparative Analysis and Mirai Investigation. Security and Communication Networks, Article ID 7178164.
Open this publication in new window or tab >>DDoS-Capable IoT Malwares: Comparative Analysis and Mirai Investigation
2018 (English)In: Security and Communication Networks, ISSN 1939-0114, E-ISSN 1939-0122, article id 7178164Article in journal (Refereed) Published
Abstract [en]

The Internet of Things (IoT) revolution has not only carried the astonishing promise to interconnect a whole generation of traditionally “dumb” devices, but also brought to the Internet the menace of billions of badly protected and easily hackable objects. Not surprisingly, this sudden flooding of fresh and insecure devices fueled older threats, such as Distributed Denial of Service (DDoS) attacks. In this paper, we first propose an updated and comprehensive taxonomy of DDoS attacks, together with a number of examples on how this classification maps to real-world attacks. Then, we outline the current situation of DDoS-enabled malwares in IoT networks, highlighting how recent data support our concerns about the growing in popularity of these malwares. Finally, we give a detailed analysis of the general framework and the operating principles of Mirai, the most disruptive DDoS-capable IoT malware seen so far.

Place, publisher, year, edition, pages
Hindawi Publishing Corporation, 2018
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:oru:diva-65665 (URN)10.1155/2018/7178164 (DOI)000426639800001 ()2-s2.0-85043390832 (Scopus ID)
Available from: 2018-03-12 Created: 2018-03-12 Last updated: 2018-03-27Bibliographically approved
Bucchiarone, A., Dragoni, N., Dustdar, S., Larsen, S. T. & Mazzara, M. (2018). From Monolithic to Microservices An Experience Report from the Banking Domain. IEEE Software, 35(3), 50-55
Open this publication in new window or tab >>From Monolithic to Microservices An Experience Report from the Banking Domain
Show others...
2018 (English)In: IEEE Software, ISSN 0740-7459, E-ISSN 1937-4194, Vol. 35, no 3, p. 50-55Article in journal (Refereed) Published
Abstract [en]

Microservices have seen their popularity blossoming with an explosion of concrete applications in real-life software. Several companies are currently involved in a major refactoring of their back-end systems in order to improve scalability. This article presents an experience report of a real-world case study, from the banking domain, in order to demonstrate how scalability is positively affected by reimplementing a monolithic architecture into microservices. The case study is based on the FX Core system for converting from one currency to another. FX Core is a mission-critical system of Danske Bank, the largest bank in Denmark and one of the leading financial institutions in Northern Europe.

Place, publisher, year, edition, pages
IEEE Computer Society, 2018
Keywords
microservices, software architecture, scalability, software development, software engineering, Danske Bank, FX Core
National Category
Computer Sciences
Identifiers
urn:nbn:se:oru:diva-67081 (URN)10.1109/MS.2018.2141026 (DOI)000431692500009 ()2-s2.0-85046855472 (Scopus ID)
Available from: 2018-05-24 Created: 2018-05-24 Last updated: 2018-08-31Bibliographically approved
Giaretta, A., Dragoni, N. & Mazzara, M. (2018). Joining Jolie to Docker: Orchestration of Microservices on a Containers-as-a-Service Layer. In: Ciancarini, P.; Litvinov, S.; Messina, A.; Sillitti, A.; Succi, G. (Ed.), Proceedings of 5th International Conference in Software Engineering for Defence Applications: SEDA 2016. Paper presented at 5th International Conference in Software Engineering for Defence Applications, Rome, Italy, May 10, 2016 (pp. 167-175). Cham: Springer
Open this publication in new window or tab >>Joining Jolie to Docker: Orchestration of Microservices on a Containers-as-a-Service Layer
2018 (English)In: Proceedings of 5th International Conference in Software Engineering for Defence Applications: SEDA 2016 / [ed] Ciancarini, P.; Litvinov, S.; Messina, A.; Sillitti, A.; Succi, G., Cham: Springer, 2018, p. 167-175Conference paper, Published paper (Refereed)
Abstract [en]

Cloud computing is steadily growing and, as IaaS vendors have started to offer pay-as-you-go billing policies, it is fundamental to achieve as much elasticity as possible, avoiding over-provisioning that would imply higher costs. In this paper, we briefly analyse the orchestration characteristics of PaaSSOA, a proposed architecture already implemented for Jolie microservices, and Kubernetes, one of the various orchestration plugins for Docker; then, we outline similarities and differences of the two approaches, with respect to their own domain of application. Furthermore, we investigate some ideas to achieve a federation of the two technologies, proposing an architectural composition of Jolie microservices on Docker Container-as-a-Service layer.

Place, publisher, year, edition, pages
Cham: Springer, 2018
Series
Advances in Intelligent Systems and Computing (AISC), ISSN 2194-5357, E-ISSN 2194-5365 ; 717
National Category
Computer Sciences
Identifiers
urn:nbn:se:oru:diva-64667 (URN)10.1007/978-3-319-70578-1_16 (DOI)000434086000016 ()2-s2.0-85041811300 (Scopus ID)978-3-319-70577-4 (ISBN)978-3-319-70578-1 (ISBN)
Conference
5th International Conference in Software Engineering for Defence Applications, Rome, Italy, May 10, 2016
Available from: 2018-01-30 Created: 2018-01-30 Last updated: 2018-06-20Bibliographically approved
Dragoni, N., Giaretta, A. & Mazzara, M. (2018). The Internet of Hackable Things. In: Ciancarini, P.; Litvinov, S.; Messina, A.; Sillitti, A.; Succi, G. (Ed.), Proceedings of 5th International Conference in Software Engineering for Defence Applications: SEDA 2016. Paper presented at 5th International Conference in Software Engineering for Defence Applications, Rome, Italy, May 10, 2016 (pp. 129-140). Cham: Springer
Open this publication in new window or tab >>The Internet of Hackable Things
2018 (English)In: Proceedings of 5th International Conference in Software Engineering for Defence Applications: SEDA 2016 / [ed] Ciancarini, P.; Litvinov, S.; Messina, A.; Sillitti, A.; Succi, G., Cham: Springer, 2018, p. 129-140Conference paper, Published paper (Refereed)
Abstract [en]

The Internet of Things makes possible to connect each everyday object to the Internet, making computing pervasive like never before. From a security and privacy perspective, this tsunami of connectivity represents a disaster, which makes each object remotely hackable. We claim that, in order to tackle this issue, we need to address a new challenge in security: education.

Place, publisher, year, edition, pages
Cham: Springer, 2018
Series
Advances in Intelligent Systems and Computing (AISC), ISSN 2194-5357, E-ISSN 2194-5365 ; 717
National Category
Computer Sciences
Identifiers
urn:nbn:se:oru:diva-64664 (URN)10.1007/978-3-319-70578-1_13 (DOI)000434086000013 ()2-s2.0-85041846777 (Scopus ID)978-3-319-70577-4 (ISBN)978-3-319-70578-1 (ISBN)
Conference
5th International Conference in Software Engineering for Defence Applications, Rome, Italy, May 10, 2016
Available from: 2018-01-30 Created: 2018-01-30 Last updated: 2018-06-20Bibliographically approved
De Donno, M., Giaretta, A., Dragoni, N. & Spognardi, A. (2017). A Taxonomy of Distributed Denial of Service Attacks. In: Charles A. Shoniregun, Galyna A. Akmayeva (Ed.), i-Society 2017: Proceedings. Paper presented at International Conference on Information Society (i-Society 2017), Dublin, Ireland, July 17-19, 2017 (pp. 99-106). Infonomics Society
Open this publication in new window or tab >>A Taxonomy of Distributed Denial of Service Attacks
2017 (English)In: i-Society 2017: Proceedings / [ed] Charles A. Shoniregun, Galyna A. Akmayeva, Infonomics Society, 2017, p. 99-106Conference paper, Published paper (Refereed)
Place, publisher, year, edition, pages
Infonomics Society, 2017
National Category
Computer Sciences
Identifiers
urn:nbn:se:oru:diva-62792 (URN)000435137900016 ()978-1-908320-80-3 (ISBN)
Conference
International Conference on Information Society (i-Society 2017), Dublin, Ireland, July 17-19, 2017
Available from: 2017-11-23 Created: 2017-11-23 Last updated: 2018-08-11Bibliographically approved
De Donno, M., Dragoni, N., Giaretta, A. & Spognardi, A. (2017). Analysis of DDoS-Capable IoT Malwares. In: M. Ganzha, L. Maciaszek, M. Paprzycki (Ed.), Proceedings of the 2017 Federated Conference on Computer Science and Information Systems: . Paper presented at Federated Conference on Computer Science and Information Systems (FedCSIS 2017), Prague, Czech Republic, September 3-6, 2017 (pp. 807-816). Institute of Electrical and Electronics Engineers (IEEE)
Open this publication in new window or tab >>Analysis of DDoS-Capable IoT Malwares
2017 (English)In: Proceedings of the 2017 Federated Conference on Computer Science and Information Systems / [ed] M. Ganzha, L. Maciaszek, M. Paprzycki, Institute of Electrical and Electronics Engineers (IEEE), 2017, p. 807-816Conference paper, Published paper (Refereed)
Abstract [en]

The Internet of Things (IoT) revolution promises to make our lives easier by providing cheap and always connected smart embedded devices, which can interact on the Internet and create added values for human needs. But all that glitters is not gold. Indeed, the other side of the coin is that, from a security perspective, this IoT revolution represents a potential disaster. This plethora of IoT devices that flooded the market were very badly protected, thus an easy prey for several families of malwares that can enslave and incorporate them in very large botnets. This, eventually, brought back to the top Distributed Denial of Service (DDoS) attacks, making them more powerful and easier to achieve than ever. This paper aims at provide an up-to-date picture of DDoS attacks in the specific subject of the IoT, studying how these attacks work and considering the most common families in the IoT context, in terms of their nature and evolution through the years. It also explores the additional offensive capabilities that this arsenal of IoT malwares has available, to mine the security of Internet users and systems. We think that this up-to-date picture will be a valuable reference to the scientific community in order to take a first crucial step to tackle this urgent security issue.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2017
Series
Annals of computer science and information systems, E-ISSN 2300-5963 ; 11
National Category
Computer Sciences
Identifiers
urn:nbn:se:oru:diva-62795 (URN)10.15439/2017F288 (DOI)000417412800118 ()2-s2.0-85039904613 (Scopus ID)978-83-946253-7-5 (ISBN)
Conference
Federated Conference on Computer Science and Information Systems (FedCSIS 2017), Prague, Czech Republic, September 3-6, 2017
Available from: 2017-11-23 Created: 2017-11-23 Last updated: 2018-01-19Bibliographically approved
Dragoni, N., Lanese, I., Thordal Larsen, S., Mazzara, M., Mustafin, R. & Safina, L. (2017). Microservices: How To Make Your Application Scale. In: Proceedings of the 11th A.P. Ershov Informatics Conference, 2017, LNCS: . Paper presented at 11th A.P. Ershov Informatics Conference (PSA 17), Moscow, Russia, June 27-29, 2017. Springer
Open this publication in new window or tab >>Microservices: How To Make Your Application Scale
Show others...
2017 (English)In: Proceedings of the 11th A.P. Ershov Informatics Conference, 2017, LNCS, Springer, 2017Conference paper, Published paper (Refereed)
Abstract [en]

The microservice architecture is a style inspired by service-oriented computing that has recently started gaining popularity and that promises to change the way in which software is perceived, conceived and designed. In this paper, we describe the main features of microservices and highlight how these features improve scalability.

Place, publisher, year, edition, pages
Springer, 2017
National Category
Computer Sciences
Identifiers
urn:nbn:se:oru:diva-62793 (URN)
Conference
11th A.P. Ershov Informatics Conference (PSA 17), Moscow, Russia, June 27-29, 2017
Available from: 2017-11-23 Created: 2017-11-23 Last updated: 2018-08-11Bibliographically approved
Dragoni, N., Giallorenzo, S., Lluch-Lafuente, A., Mazzara, M., Montesi, F., Mustafin, R. & Safina, L. (2017). Microservices: Yesterday, Today, and Tomorrow. In: M. Mazzara and B. Meyer (Ed.), Present and Ulterior Software Engineering: (pp. 195-216). Springer
Open this publication in new window or tab >>Microservices: Yesterday, Today, and Tomorrow
Show others...
2017 (English)In: Present and Ulterior Software Engineering / [ed] M. Mazzara and B. Meyer, Springer, 2017, p. 195-216Chapter in book (Refereed)
Abstract [en]

Microservices is an architectural style inspired by service-oriented computing that has recently started gaining popularity. Before presenting the current state of the art in the field, this chapter reviews the history of software architecture, the reasons that led to the diffusion of objects and services first, and microservices later. Finally, open problems and future challenges are introduced. This survey primarily addresses newcomers to the discipline, while offering an academic viewpoint on the topic. In addition, we investigate some practical issues and point out a few potential solutions.

Place, publisher, year, edition, pages
Springer, 2017
National Category
Computer Sciences
Identifiers
urn:nbn:se:oru:diva-62796 (URN)978-3-319-67425-4 (ISBN)978-3-319-67424-7 (ISBN)
Available from: 2017-11-23 Created: 2017-11-23 Last updated: 2018-01-13Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0001-9575-2990

Search in DiVA

Show all publications