Angelo Spognardi

Angelo Spognardi
Sapienza University of Rome | la sapienza · Department of Computer Science

Phd on Computer Science

About

77
Publications
23,225
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
2,376
Citations
Citations since 2016
37 Research Items
1942 Citations
20162017201820192020202120220100200300400
20162017201820192020202120220100200300400
20162017201820192020202120220100200300400
20162017201820192020202120220100200300400
Introduction
Angelo Spognardi currently works at the Department of Computer Science, Sapienza University of Rome. Angelo does research in Computer Security and Reliability. Their most recent publication is 'Analysis and Evaluation of SafeDroid v2.0, a Framework for Detecting Malicious Android Applications'. Full-text of articles available on request: please request it using the email.
Additional affiliations
March 2017 - present
Sapienza University of Rome
Position
  • Professor (Assistant)
August 2015 - February 2017
Technical University of Denmark
Position
  • Professor (Assistant)
November 2012 - August 2015
Italian National Research Council
Position
  • MyChoice - Fake information in the Social Media era

Publications

Publications (77)
Article
Full-text available
Network Intrusion Detection Systems (NIDS) represent a crucial component in the security of a system, and their role is to continuously monitor the network and alert the user of any suspicious activity or event. In recent years, the complexity of networks has been rapidly increasing and network intrusions have become more frequent and less detectab...
Article
Adversarial examples are inputs to a machine learning system that result in an incorrect output from that system. Attacks launched through this type of input can cause severe consequences: for example, in the field of image recognition, a stop signal can be misclassified as a speed limit indication. However, adversarial examples also represent the...
Preprint
Full-text available
Adversarial examples are inputs to a machine learning system that result in an incorrect output from that system. Attacks launched through this type of input can cause severe consequences: for example, in the field of image recognition, a stop signal can be misclassified as a speed limit indication.However, adversarial examples also represent the f...
Article
Full-text available
Social bots are automated accounts often involved in unethical or illegal activities. Academia has shown how these accounts evolve over time, becoming increasingly smart at hiding their true nature by disguising themselves as genuine accounts. If they evade, bots hunters adapt their solutions to find them: the cat and mouse game. Inspired by advers...
Conference Paper
Full-text available
Security and dependability of devices are paramount for the IoT ecosystem. Message Queuing Telemetry Transport protocol (MQTT) is the de facto standard and the most common alternative for those limited devices that cannot leverage HTTP. However, the MQTT protocol was designed with no security concern since initially designed for private networks of...
Chapter
For a decade now, Academia has been researching refined techniques to detect fake reviews. In this article, rather than proposing a new detection methodology, we propose to contain the consequences of an attack launched by a fake reviewer who attaches arbitrary scores to the review target. We demonstrate that, by simply changing the score aggregato...
Book
This two-volume set of LNCS 12146 and 12147 constitutes the refereed proceedings of the 18th International Conference on Applied Cryptography and Network Security, ACNS 2020, held in Rome, Italy, in October 2020. The conference was held virtually due to the COVID-19 pandemic. The 46 revised full papers presented were carefully reviewed and selecte...
Book
This two-volume set of LNCS 12146 and 12147 constitutes the refereed proceedings of the 18th International Conference on Applied Cryptography and Network Security, ACNS 2020, held in Rome, Italy, in October 2020.The conference was held virtually due to the COVID-19 pandemic. The 46 revised full papers presented were carefully reviewed and selected...
Article
DNA-inspired online behavioral modeling techniques have been proposed and successfully applied to a broad range of tasks. In this paper, we investigate the fundamental laws that drive the occurrence of behavioral similarities among Twitter users, employing a DNA-inspired technique. Our findings are multifold. First, we demonstrate that, despite app...
Conference Paper
Full-text available
The arm race between spambots and spambot-detectors is made of several cycles (or generations): a new wave of spambots is created (and new spam is spread), new spambot filters are derived and old spambots mutate (or evolve) to new species. Recently, with the diffusion of the adversarial learning approach, a new practice is emerging: to manipulate o...
Preprint
Full-text available
The arm race between spambots and spambot-detectors is made of several cycles (or generations): a new wave of spambots is created (and new spam is spread), new spambot filters are derived and old spambots mutate (or evolve) to new species. Recently, with the diffusion of the adversarial learning approach, a new practice is emerging: to manipulate o...
Article
Since decades, genetic algorithms have been used as an effective heuristic to solve optimization problems. However, in order to be applied, genetic algorithms may require a string-based genetic encoding of information, which severely limited their applicability when dealing with online accounts. Remarkably, a behavioral modeling technique inspired...
Chapter
In this paper, we propose and test an approach based on regression models, to predict the review score of an item, across different reviewer categories. The analysis is based on a public dataset with more than 2.5 million hotel reviews, belonging to five specific reviewers’ categories. We first compute the relation between the average scores associ...
Article
Full-text available
Android smartphones have become a vital component of the daily routine of millions of people, running a plethora of applications available in the official and alternative marketplaces. Although there are many security mechanisms to scan and filter malicious applications, malware is still able to reach the devices of many end-users. In this paper, w...
Conference Paper
Full-text available
We envisage a revolutionary change in the approach to spambot detection: instead of taking countermeasures only after having collected evidence of new spambot mischiefs, in a near future techniques will be able to anticipate the ever-evolving spammers.
Conference Paper
Full-text available
In this paper, we analyse a dataset of hotel reviews. In details, we enrich the review dataset, by extracting additional features, consisting of information on the reviewers' profiles and the reviewed hotels. We argue that the enriched data can gain insights on the factors that most influence consumers when composing reviews (e.g., if the appreciat...
Article
Full-text available
The Internet of Things (IoT) revolution has not only carried the astonishing promise to interconnect a whole generation of traditionally “dumb” devices, but also brought to the Internet the menace of billions of badly protected and easily hackable objects. Not surprisingly, this sudden flooding of fresh and insecure devices fueled older threats, su...
Article
Full-text available
In this paper, we focus on online reviews and employ artificial intelligence tools, taken from the cognitive computing field, to help understanding the relationships between the textual part of the review and the assigned numerical score. We move from the intuitions that 1) a set of textual reviews expressing different sentiments may feature the sa...
Conference Paper
Full-text available
Recently, DNA-inspired online behavioral modeling and analysis techniques have been proposed and successfully applied to a broad range of tasks. In this paper, we employ a DNA-inspired technique to investigate the fundamental laws that drive the occurrence of similarities among Twitter users. The achieved results are multifold. First, we demonstrat...
Conference Paper
Full-text available
The burst in smartphone use, handy design in laptops and tablets as well as other smart products, like cars with the ability to drive you around, manifests the exponential growth of network usage and the demand of accessing remote data on a large variety of services. However, users notoriously struggle to maintain distinct accounts for every single...
Conference Paper
Full-text available
Recent studies in social media spam and automation provide anecdotal argumentation of the rise of a new generation of spambots, so-called social spambots. Here, for the first time, we extensively study this novel phenomenon on Twitter and we provide quantitative evidence that a paradigm-shift exists in spambot design. First, we measure current Twit...
Article
Full-text available
Spambot detection in online social networks is a long-lasting challenge involving the study and design of detection techniques capable of efficiently identifying ever-evolving spammers. Recently, a new wave of social spambots has emerged, with advanced human-like characteristics that allow them to go undetected even by current state-of-the-art algo...
Article
More than a personal microblogging site, Twitter has been transformed by common use to an information publishing venue, which public characters, media channels and common people daily rely on for, e.g., news reporting and consumption, marketing, and social messaging. The use of Twitter in a cooperative and interactive setting calls for the precise...
Article
Full-text available
A novel, simple, and effective approach to modeling online user behavior extracts and analyzes digital DNA sequences from user online actions and uses Twitter as a benchmark to test the proposal. Specifically, the model obtains an incisive and compact DNA-inspired characterization of user actions. Then, standard DNA analysis techniques discriminate...
Conference Paper
Automatic quality evaluation of Web information is a task with many fields of applications and of great relevance, especially in critical domains, like the medical one. We move from the intuition that the quality of content of medical Web documents is affected by features related with the specific domain. First, the usage of a specific vocabulary (...
Conference Paper
Strong passwords have been preached since decades. However, lot of the regular users of IT systems resort to simple and repetitive passwords, especially nowadays in the “service era”. To help alleviate this problem, a new class of software grew popular: password managers. Since their introduction, password managers have slowly been migrating into t...
Conference Paper
Search engines and social media keep trace of profile- and behavioral-based distinct signals of their users, to provide them personalized and recommended content. Here, we focus on the level of web search personalization, to estimate the risk of trapping the user into so called Filter Bubbles. Our experimentation has been carried out on news, speci...
Article
Full-text available
Inspired by biological DNA, we model the behavior of online users as “Digital DNA” sequences, introducing a strikingly novel, simple, and effective approach to discriminate between genuine and spambot online accounts.
Conference Paper
Wearable tracking devices have gained widespread usage and popularity because of the valuable services they offer, monitoring human's health parameters and, in general, assisting persons to take a better care of themselves. Nevertheless, the security risks associated with such devices can represent a concern among consumers, because of the sensitiv...
Article
Full-text available
Automatic quality evaluation of Web information is a task with many fields of applications and of great relevance, especially in critical domains like the medical one. We move from the intuition that the quality of content of medical Web documents is affected by features related with the specific domain. First, the usage of a specific vocabulary (D...
Article
Full-text available
Fraglets represent an execution model for communication protocols that resembles the chemical reactions in living organisms. The strong connection between their way of transforming and reacting and formal rewriting systems makes a fraglet program amenable to automatic verification. Grounded on past work, this paper investigates feasibility of adopt...
Conference Paper
In the last decade, the advertisement market spread significantly in the web and mobile app system. Its effectiveness is also due thanks to the possibility to target the advertisement on the specific interests of the actual user, other than on the content of the website hosting the advertisement. In this scenario, became of great value services tha...
Conference Paper
Reviews are a powerful decision-making tool for potential new customers, since they can significantly influence consumer purchase decisions, hence resulting in financial gains or losses for businesses. In striving for trustworthy review systems, validating reviews that could negatively or positively bias new customers is of utmost importance. To th...
Article
Full-text available
In the last decade, the advertisement market spread significantly in the web and mobile app system. Its effectiveness is also due thanks to the possibility to target the advertisement on the specific interests of the actual user, other than on the content of the website hosting the advertisement. In this scenario, became of great value services tha...
Conference Paper
Online social networks are widespread means to enact interactive collaboration among people by, e.g., planning events, diffusing information, and enabling discussions. Twitter provides one of the most illustrative example of how people can effectively interact without resorting to traditional communication media. For example, the platform has acted...
Article
Full-text available
Major search engines deploy personalized Web results to enhance users' experience, by showing them data supposed to be relevant to their interests. Even if this process may bring benefits to users while browsing, it also raises concerns on the selection of the search results. In particular, users may be unknowingly trapped by search engines in prot...
Conference Paper
Product and service reviews can markedly influence consumer purchase decisions, leading to financial gains or losses for businesses. Therefore, there is a growing interest towards techniques for bringing out reviews that could negatively or positively bias new customers. To this goal, we propose a visual analysis of reviews that enables quick elici...
Conference Paper
Fraglets represent an execution model for communication protocols that resembles the chemical reactions in living organisms. The strong connection between their way of transforming and reacting and formal rewriting systems makes a fraglet program amenable to automatic verification. Starting from past work where the model has been enriched and execu...
Conference Paper
The Internet is naturally a simple and immediate mean to retrieve information. However, not everything one can find is equally accurate and reliable. In this paper, we continue our line of research towards effective techniques for assessing the quality of online content. Focusing on the Wikipedia Medicinal Portal, in a previous work we implemented...
Conference Paper
Review-based websites such as, e.g., Amazon, eBay, TripAdvisor, and Booking have gained an extraordinary popularity, with millions of users daily consulting online reviews to choose the best services and products fitting their needs. Some of the most popular review-based websites rank products by sorting them aggregating the single ratings through...
Conference Paper
The analysis of large amount of traffic data is the daily routine of Autonomous Systems and ISP operators. The detection of anomalies like denial-of-service (DoS) or distributed denial-of-service (DDoS) is also one of the main issues for critical services and infrastructures. The suitability of metrics coming from the information theory for detecti...
Conference Paper
Full-text available
Analytic tools are beginning to be largely employed, given their ability to rank, e.g., the visibility of social media users. Visibility that, in turns, can have a monetary value, since social media popular people usually either anticipate or establish trends that could impact the real world (at least, from a consumer point of view). The above rati...
Article
Among security challenges raised by mobile Wireless Sensor Networks, clone attack is particularly dreadful since it makes an adversary able to subvert the behavior of a network just leveraging a few replicas of some previously compromised sensors. In this work, we provide several contributions: first, we introduce two novel realistic adversary mode...
Conference Paper
Recent studies report that Internet users are growingly looking for health information through the Wikipedia Medicine Portal, a collaboratively edited multitude of articles with contents often comparable with professionally edited material. Automatic quality assessment of the Wikipedia medical articles has not received much attention by Academia an...
Article
Full-text available
It is generally recognized that the traffic generated by an individual connected to a network acts as his biometric signature. Several tools exploit this fact to fingerprint and monitor users. Often, though, these tools assume to access the entire traffic, including IP addresses and payloads. This is not feasible on the grounds that both performanc...
Article
Full-text available
Machine Learning (ML) algorithms are used to train computers to perform a variety of complex tasks and improve with experience. Computers learn how to recognize patterns, make unintended decisions, or react to a dynamic environment. Certain trained machines may be more effective than others because they are based on more suitable ML algorithms or b...
Conference Paper
Full-text available
Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) constitute one of the main issues for critical Internet services. The widespread availability and simplicity of automated stressing tools has also promoted the voluntary participation to extensive attacks against known websites. Today the most effective (D)DoS detection schemes are ba...
Conference Paper
Lack of security mechanisms expose the Border Gateway Protocol (BGP) to a wide range of threats that are constantly undermining security of the Internet. Most prominent attacks include prefix hijacking and announcement of false routes to maliciously attract or divert traffic. A number of cryptographic solutions to prevent both attacks have been pro...
Conference Paper
Full-text available
Wireless Sensor Networks (WSNs) pose a few unique security challenges due to the fact that they (often) run unattended, do not rely on tamper-resistant hardware, and are severely resource constrained—to name a few. In this context, a particularly dreadful attack is the replica attack. That is, sensors are captured and their state seized, and replic...
Article
Full-text available
We leverage RFID tag cooperation to enforce tampering detection. That is, we provide a set of probabilistic protocols that detect the absence of a tag from a system composed of a set of tags and a reader. Our proposals are able to detect which tag and for how long it has been taken away from the system. The grain of the detection can be tuned with...
Conference Paper
Unattended Wireless Sensors Networks (UWSNs) are emerging Wireless Sensor Networks (WSNs) characterized by periodic absence of trusted entities, like the Sink Collectors. The time periods with no sink attendance, force the network sensors to locally store collected data until the next sink visit. This means that data collection is not performed in...
Article
Unattended Wireless Sensor Networks (UWSNs) operate in autonomous or disconnected mode: sensed data is collected periodically by an itinerant sink. Between successive sink visits, sensor-collected data is subject to some unique vulnerabilities. In particular, while the network is unattended, a mobile adversary (capable of subverting up to a fractio...
Conference Paper
Unattended Wireless Sensor Networks (UWSNs) are networks that operate without on-line data collection entities (Sink Collectors). This configuration enriches their flexibility but, at the same time, introduces new security issues. A challenging issue is data survival: in absence of the sink, in fact, data sensed by network sensors cannot be kept cl...
Chapter
In recent years, the growing improvements of the computational capability of the mobile and desktop devices, jointly to the potentialities of the current fast network connections have allowed the wide spread of advanced and complex applications and services belonging to the social computing area. The most current approaches used to interact with th...
Article
Full-text available
In recent years, wireless sensor networks (WSNs) have been a very popular research topic, offering a treasure trove of systems, networking, hardware, security, and application-related problems. Much of prior research assumes that the WSN is supervised by a constantly present sink and sensors can quickly offload collected data. In this paper, we foc...
Article
Some sensor network settings involve disconnected or unattended operation with periodic visits by a mobile sink. An unattended sensor network operating in a hostile environment can collect data that represents a high-value target for the adversary. Since an unattended sensor can not immediately off-load sensed data to a safe external entity (such a...
Article
In RFID systems addressing security issues, many authentication techniques require the tag to keep some sort of synchronization with the reader. In particular, this is true in those proposals that leverage hash chains. When the reader and the tag get de-synchronized, possibly by an attacker, this paves the way to several denial of service (DoS) att...