Recent years have shown a dramatic increase in the both number and sophistication of cyber-attacks. One of the main drivers of such trend is the appearance of more and more complex types of malwares. I’m currently involved in the study of advanced techniques for malware analysis and detection.
Blockchain and Smart Contracts
Thanks to the success of Bitcoin and the promising emergence of Ethereum, novel technologies of blockchain and smart contracts are having a great momentum. Their fascinating properties about availability and integrity are stimulating the interest of main businesses, such as financial institutions. Among the others, a research topic really worth to investigate regards the improvement of the performances (i.e., latency and throughput) provided by systems based on these technologies.
Anonymization and Privacy Preservation
Sharing data has become a key factor for having at disposal larger datasets to process and consequently mining more valuable information. Some of these data might be confidential, and proper privacy-preserving methods have to be applied to enable their sharing. Furthermore, there are cases where the identity of the party sharing information should be hided, which call for the usage of effective anonymization techniques.
Distributed Event Processing
The distribution of the computation allows parallelizing the work in order to both achieve better performance and support the elaboration of massive data volumes, which is becoming a common requirement for today’s applications. My research activities in this field regard adaptive scheduling and scaling for frameworks supporting continuous queries, such as Apache Storm.
Intrusion Detection/Prevention Systems
As more and more systems are connected to the Internet, many security threats arise that would compromise both the operation of provided services and the reputation of service providers, as well as undermine finances and privacy of service customers. Such worrying situation requires the development of proper solutions for detecting, preventing and mitigating present cyber attacks.
A collaborative environment is aimed to support interactions among distinct parties interested in achieving a common goal. A typical form of collaboration is the sharing of information, which entails relevant issues to address like interoperability and privacy. An interesting case study I have investigated regards the collaboration of different financial institutions for improving their own defenses against cyber attacks.
De Angelis, Stefano, Aniello, Leonardo, Baldoni, Roberto, Lombardi, Federico, Margheri, Andrea and Sassone, Vladimiro
PBFT vs proof-of-authority: applying the CAP theorem to permissioned blockchain
, Venice, Italy.
17 - 20 Jan 2017.