Alessandra De Benedictis

• MS in Computer Engineering
• PostDoc Position at University of Naples Federico II

Background. Digital Twins (DTs) are dynamic virtual representations of physical systems, enabled by seamless, bidirectional communication between the physical and digital realms. Among the challenges impeding the widespread adoption of DTs is the absence of a universally accepted definition and a standardized DT Reference Architecture (RA). Existin...

Nowadays, the edge-cloud (EC) paradigm is adopted in several domains, including manufacturing, health, and critical infrastructure management. Identifying existing threats and vulnerabilities of an EC system and determining appropriate countermeasures is a costly and time-consuming process due to the inherent system complexity and to the heterogene...

Smart ecosystems today span several sectors, including smart manufacturing, energy management, smart cities, smart healthcare, precision farming, and others. Digital Twins (DTs) are emerging as a powerful technology that can act as the digital backbone of a smart ecosystem, providing the data, insights, and control capabilities needed for real-time...

Digital Twins (DTs) are the novel paradigm for the development of Cyber-Physical systems. The state of art presents several use cases in different domains, and one of the most complex examples is represented by the Urban Digital Twin (UDT), which aims to virtualize urban assets (e.g., buildings, mobility infrastructures, energy grids, waste managem...

Modern cyber-physical systems based on the Industrial Internet of Things (IIoT) can be highly distributed and heterogeneous, and that increases the risk of failures due to misbehavior of interconnected components, or other interaction anomalies. In this paper, we introduce a conceptual architecture for IIoT anomaly detection based on the paradigms...

Modern industries widely rely upon software and IT services, in a context where cybercrime is rapidly spreading in more and more sectors. Unfortunately, despite greater general awareness of security risks and the availability of security tools that can help to cope with those risks, many organizations (especially medium/small-size ones) still lag w...

In the last years, there has been a growing interest in the emerging concept of digital twins (DTs) among software engineers and researchers. DTs not only represent a promising paradigm to improve product quality and optimize production processes, but they also may help enhance the predictability and resilience of cyber-physical systems operating i...

The digital transformation process fostered by the development of Industry 4.0 technologies has largely affected the health sector, increasing diagnostic capabilities and improving drug effectiveness and treatment delivery. The Digital Twin (DT) technology, based on the virtualization of physical assets/processes and on a bidirectional communicatio...

Anomaly-based detection techniques have a high number of false positives, which degrades the detection performance. To address this issue, we propose a distributed intrusion detection system, named ISM-AC, based on anomaly detection using artificial immune system and attack graph correlation. To analyze network traffic, we use negative selection, c...

Cyber-physical systems (CPSs) rely upon the deep integration of computation and physical processes/systems, enabled by Internet of Things (IoT), edge computing, and cloud technologies. Noticeably, cybersecurity is a major concern in CPSs, since attacks may exploit both cyber and physical vulnerabilities and damage significantly physical equipment,...

e-Health applications enable one to acquire, process, and share patient medical data to improve diagnosis, treatment, and patient monitoring. Despite the undeniable benefits brought by the digitization of health systems, the transmission of and access to medical information raises critical issues, mainly related to security and privacy. While sever...

Cloud technologies are currently experiencing a remarkable degree of pervasiveness in most of the applications and services that are consumed daily by both individual users and companies. The sheer volume of sensitive data and operations that are regularly outsourced to the cloud calls for the adoption of adequate measures to fulfill the existing s...

DevOps is becoming one of the most popular software development methodologies, especially for cloud-based applications. In spite of its popularity, it is still difficult to integrate non-functional requirements, such as security, in the full application development life-cycle. In some recent works, security DevOps (or SecDevOps) has been introduced...

Cloud computing, Edge computing and IoT are significantly changing from the original architectural models with a pure provisioning of virtual resources (and services) to a transparent and adaptive hosting environment where cloud providers, as well as “on-premise” resources and end-nodes, fully realize the “everything-as-a-service” provisioning conc...

Recent software development methodologies, as DevOps or Agile, are very popular and widely used, especially for the development of cloud services and applications. They dramatically reduce the time-to-market of developed software but, at the same time, they can be hardly integrated with security design and risk management methodologies. These canno...

Security assessment is a very time- and money-consuming activity. It needs specialized security skills and, furthermore, it is not fully integrated into the software development life-cycle. One of the best solutions for the security testing of an application relies on the use of penetration testing techniques. Unfortunately, penetration testing is...

Security assessment is a very time- and money-consuming activity. It needs specialized security skills and, furthermore, it is not fully integrated into the software development life-cycle. One of the best solutions for the security testing of an application relies on the use of penetration testing techniques. Unfortunately, penetration testing is...

This book constitutes the refereed proceedings of the 32nd IFIP WG 6.1 International Conference on Testing Software and Systems, ICTSS 2020, which was supposed to be held in Naples, Italy, in December 2020, but was held virtually due to the COVID-19 pandemic. The 17 regular papers and 4 short papers presented were carefully reviewed and selected fr...

Internet of Things (IoT) ecosystems are recently experiencing a significant grow in complexity. Most IoT applications in domains like healthcare, industry, automotive and smart energy are composed of several interconnected sub-systems that produce, collect, process and exchange a huge amount of data, and that offer composite services to the end-use...

The wide adoption of the Internet of Things (IoT) paradigm in several application domains has raised new security issues, which should be carefully taken into account to achieve a real benefit from the indisputable innovation potential of IoT. In fact, the heterogeneity of involved technologies, including the integration of different resource-const...

With the exponential growth of generated and processed Internet of Things (IoT) data, the Cloud-Edges (CE) paradigm, which distributes part of the intelligence and computation burden among edge nodes while adopting cloud services only for heavyweight computation, has emerged as a valuable solution to lower latency and improve efficiency. Despite th...

The Internet of Things (IoT) has recently become one of the most relevant emerging technologies in the IT landscape. IoT systems are characterized by the high heterogeneity of involved architectural components (e.g., device platforms, services, networks, architectures) and involve a multiplicity of application domains. In the IoT scenario, the iden...

The widespread diffusion of cloud computing is still slowed down by security and performance concerns. As a matter of fact, issues such as security and confidentiality of data on one hand, fluctuating performance on the other are still limiting factors for the switch from on-premise to cloud-hosted environments. This paper sketches the structure of...

Designing and assessing the security of IoT systems is very challenging, mainly due to the fact that new threats and vulnerabilities affecting IoT devices are continually discovered and published. Moreover, new (typically low-cost) devices are continuously plugged-in into IoT systems, thus introducing unpredictable security issues. This paper propo...

The large adoption of cloud services in many business domains dramatically increases the need for effective solutions to improve the security of deployed services. The adoption of Security Service Level Agreements (Security SLAs) represents an effective solution to state formally the security guarantees that a cloud service is able to provide. Even...

Cloud monitoring and, above all, security monitoring, is of fundamental importance for both providers and consumers. The availability of effective security metrics and related monitoring tools would not only improve the trust of consumers in acquired services and the control of providers over their infrastructures, but it would also enable the adop...

Currently, an increasing number of customers require cloud services with guaranteed security levels. At this aim, the adoption of multi-cloud strategies is spreading in a large number of interesting application domains, since they may potentially improve security and reduce development costs. However, the problem of identifying the optimal distribu...

Physically Unclonable Functions (PUFs) represent a promising security primitive due to their unclonability, uniqueness and tamper-evident properties, and have been recently exploited for device identification and authentication, and for secret key generation and storage purposes. In this paper, we present PHEMAP (Physical Hardware-Enabled Mutual Au...

Security issues are still posing limitations to the full exploitation of the potential of the cloud computing paradigm, and cloud developers are more and more required to take security into account from the very beginning of the development process. Unfortunately, the application of classical security best practices may be not enough due to the inv...

This paper presents a security-by-design methodology for the development of cloud applications, which relies on Security SLAs as a means to express their security requirements. The process followed to build such Security SLAs entails the application of a risk analysis procedure aimed at identifying the main vulnerabilities affecting a cloud applica...

The perception of lack of control over resources deployed in the cloud may represent one of the critical factors for an organization to decide to cloudify or not its own services. The flat security features offered by commercial cloud providers to every customer, from simple practitioners to managers of huge amounts of sensitive data and services,...

Dealing with the provisioning of Cloud services granted by Security SLAs is a very challenging research topic. At the state of the art, the main related issues involve: (i) representing security features so that it is understandable by both customers and providers and measurable (by means of verifiable security-related Service Level Objectives (SLO...

The potential of cloud computing is still underutilised in the scientific computing field. Even if clouds probably are not fit for high-end HPC applications, they could be profitably used to bring the power of low-cost and scalable parallel computing to the masses. But this requires simple and friendly development environments, able to exploit clou...

In cloud computing, possible risks linked to availability, performance and security can be mitigated by the adoption of Service Level Agreements (SLAs) formally agreed upon by cloud service providers and their users. This paper presents the design of services for the management of cloud-oriented SLAs that hinge on the use of a REST-based API. Such...

Mobile traffic is significantly growing, thanks to the increased access capacity provided by 3G and 4G technologies and to the rising computing power of the latest smart devices. Due to the widespread diffusion of mobile applications that require and process sensitive customers' data, mobile traffic is more and more subject to security attacks. Rec...

In this paper we present a monitoring architecture that is automatically configured and activated based on a signed Security SLA. Such monitoring architecture integrates different security-related monitoring tools (either developed ad-hoc or already available as open-source or commercial products) to collect measurements related to specific metrics...

Can security be provided as-a-Service? Is it possible to cover a security service by a proper Service Level Agreement? This paper tries to reply to these questions by presenting some ongoing research activities from standardization bodies and academia, trying to cope with the open issues in the management of Security Service Level Agreement in its...

Recently, traffic analysis and measurements have been used to characterize, from a security point of view, applications' and network behavior to avoid intrusion attempts, malware injections and data theft. Since most of the generated data traffic is from the embedded mobile devices, the analysis techniques have to cope on the one hand with the scar...

As the popularity of Cloud computing has grown during the last years, the choice of Cloud Service Provider (CSP) has become an important issue from user’s perspective. Although the Cloud users are more and more concerned about their security in the Cloud and might have some specific security requirements, currently this choice is based on requireme...

As the popularity of Cloud computing has grown during the last years, the choice of Cloud Service Provider (CSP) has become an important issue from user’s perspective. Although the Cloud users are more and more concerned about their security in the Cloud and might have some specific security requirements, currently this choice is based on requireme...

The potential of cloud computing is still underutilized in the scientific computing field. Even if clouds probably are not fit for high-end HPC applications, they could be profitably used to bring the power of economic and scalable parallel computing to the masses. But this requires simple and friendly development environments, able to exploit clou...

The capability of making sensor infrastructures accessible by authorised users is a desirable property in many application scenarios. The integration of sensors into the cloud enables users to easily search, access, process and share large amounts of sensor data from different applications. Most of the current solutions model sensor networks as a p...

Cloud computing is an emerging paradigm, widely adopted in distributed and business computing. Nevertheless, the biggest issue with the large adoption of cloud computing is the perception of loss of security and control over resources that are dynamically acquired in the cloud and that reside on remote providers, and the strong integration of secur...

The integration of sensing infrastructures into the Cloud gives a number of advantages in providing sensor data as a service over the Internet. Many solutions are now available in the literature, and most of them focus on modeling sensor networks as part of the infrastructure to be offered as a service (IaaS), directly managed by means of the Cloud...

Mechanisms for continuously changing or shifting a system's attack surface are emerging as game-changers in cyber security. In this paper, we propose a novel defense mechanism for protecting the identity of nodes in Mobile Ad Hoc Networks and defeat the attacker's reconnaissance efforts. The proposed mechanism turns a classical attack mechanism - S...

Mobile Ad-hoc Networks (MANETs) are frequently exposed to a wide range of cyber threats due to their unique characteristics. The lack of a centralized monitoring and management infrastructure and the dynamic nature of their topology pose new and interesting challenges for the design of effective security mechanisms. While conventional methods prima...

Techniques aimed at continuously changing a system's attack surface, usually referred to as Moving Target Defense (MTD), are emerging as powerful tools for thwarting cyber attacks. Such mechanisms increase the uncertainty, complexity, and cost for attackers, limit the exposure of vulnerabilities, and ultimately increase overall resiliency. In this...

In recent years, the interest in monitoring infrastructures has spread in many application domains, even because of the number of natural disasters and terrorist attacks. This important activity can be seen in the general context of critical infrastructure protection, such as the freight trains meant for hazardous materials transportation. The desi...

In recent years the interest in monitoring infrastructures has spread in many application domains, even because of the number of natural disasters and terrorist attacks. This important activity can be seen in the general context of critical infrastructure protection such as the freight train meant for hazardous materials transportation. The design...

Mobile Ad Hoc Networks (MANETs) represent an attractive and cost effective solution for providing connectivity in areas where a fixed infrastructure is not available or not a viable option. However, given their wireless nature and the lack of a stable infrastructure, MANETs are susceptible to a wide range of attacks waged by malicious nodes physica...

Wireless sensor networks are widely used in several application domains thanks to their data acquisition and processing capabilities and their decentralized and self-organizing nature. A widely distributed monitoring system is typically characterized by different security requirements that should be addressed by means of specific security protocols...

Wireless sensor networks are widely used in several application domains thanks to their data acquisition and processing capabilities and their decentralized and self-organizing nature. A widely distributed monitoring system is typically characterized by the need to integrate a large amount of data; if considering complex critical environments such...

Sensor Networks are considered a high-innovation potential branch in the field of network computing and are widely used in several application domains thanks to their cost effectiveness, flexibility and ease of deployment. They are well suited to a multitude of monitoring and surveillance applications and are often involved in mission-critical task...

Sensor Networks are widely used in several application domains thanks to their data acquisition and data processing capabilities. They are well suited to a multitude of monitoring and surveillance applications and are often involved in mission-critical tasks, thus making security a primary concern. Many architectures and protocols have been propose...