Mario Di Mauro

Mario Di Mauro
Università degli Studi di Salerno | UNISA · Department of Information Engineering, Electrical Engineering and Applied Mathematics (DIEM)

Doctor of Philosophy

About

62
Publications
8,328
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
436
Citations
Introduction
Security and Reliability over Networks, Statistical modelling of telco/networked systems, Resource optimization, Queueing Theory, Mobile telecommunication systems
Additional affiliations
February 2013 - present
Università degli Studi di Salerno
Position
  • Professor (Associate)

Publications

Publications (62)
Article
Full-text available
The Network Function Virtualization (NFV) paradigm has been devised as an enabler of next generation network infrastructures by speeding up the provisioning and the composition of novel network services. The latter are implemented via a chain of virtualized network functions, a process known as Service Function Chaining. In this paper, we evaluate...
Article
A network attacker wants to transmit Voice-over-IP (VoIP) traffic streams covertly. He tries to evade the detection system by manipulating the VoIP streams through padding, shifting and splitting operations, so as to conceal them amidst the Internet traffic. A defender wants to detect the manipulated VoIP streams. Tackling this problem from an adve...
Article
Full-text available
Mobile telecommunications are converging towards all-IP solutions. This is the case of the Long Term Evolution (LTE) technology that, having no circuit-switched bearer to support voice traffic, needs a dedicated VoIP infrastructure, which often relies on the IP Multimedia Subsystem architecture. Most telecom operators implement LTE-A, an advanced v...
Article
Full-text available
Nowadays, the Security Information and Event Management (SIEM) systems take on great relevance in handling security issues for critical infrastructures as Internet Service Providers. Basically, a SIEM has two main functions: i) the collection and the aggregation of log data and security information from disparate network devices (routers, firewalls...
Chapter
Full-text available
The Network Function Virtualization (NFV) has been conceived as an enabler of novel network infrastructures and services that can be deployed by combining virtualized network elements. In particular, NFV is suited to boost the deployment flexibility of Service Function Chains (SFCs). In this paper, we address an availability evaluation of a chain o...
Article
Full-text available
Nowadays, most telecommunication services adhere to the Service Function Chain (SFC) paradigm, where network functions are implemented via software. In particular, container virtualization is becoming a popular approach to deploy network functions and to enable resource slicing among several tenants. The resulting infrastructure is a complex system...
Chapter
Full-text available
The advances within the Internet of Things and sensor systems put the focus on the improvement of the data reliability as close to the edge as possible. This work investigates how well-established techniques can be used for the imputation of contaminated data. We look at the performance of four algorithms for different contamination rates and error...
Article
Full-text available
Recent developments in cloud computing and the Internet of Things have enabled smart environments, in terms of both monitoring and actuation. Unfortunately, this often results in unsustainable cloud-based solutions, whereby, in the interest of simplicity, a wealth of raw (unprocessed) data are pushed from sensor nodes to the cloud. Herein, we advoc...
Article
Most softwarized telco services are conveniently framed as service function chains (SFCs). Indeed, being structured as a combination of interconnected nodes, service chains may suffer from the single point of failure problem, meaning that an individual node malfunctioning could compromise the whole chain operation. To guarantee highly available (HA...
Article
In a Distributed Denial of Service (DDoS) attack, a network (botnet) of dispersed agents (bots) sends requests to a website to saturate its resources. Since the requests are sent by automata, the typical way to detect them is to look for some repetition pattern or commonalities between requests of the same user or from different users. For this rea...
Article
This work examines propagation of cyber-threats over networks under an adversarial formulation. Exploiting Kendall’s birth-death-immigration model, we propose an analytical framework to describe the stochastic dynamics of cyber-threat propagation in a collection of heterogeneous sub-networks characterized by different attributes. We propose two for...
Preprint
Full-text available
Service provisioning mechanisms implemented across 5G infrastructures take broadly into use the network service chain concept. Typically, it is coupled with Network Function Virtualization (NFV) paradigm, and consists in defining a pre-determined path traversed by a set of softwarized network nodes to provide specific services. A well known chain-l...
Article
Full-text available
Machine Learning (ML) techniques are becoming an invaluable support for network intrusion detection, especially in revealing anomalous flows, which often hide cyber-threats. Typically, ML algorithms are exploited to classify/recognize data traffic on the basis of statistical features such as inter-arrival times, packets length distribution, mean nu...
Preprint
Full-text available
Most softwarized telco services are conveniently framed as Service Function Chains (SFCs). Indeed, being structured as a combination of interconnected nodes, service chains may suffer from the single point of failure problem, meaning that an individual node malfunctioning could compromise the whole chain operation. To guarantee "highly available" (...
Preprint
Full-text available
Machine Learning (ML) techniques are becoming an invaluable support for network intrusion detection, especially in revealing anomalous flows, which often hide cyber-threats. Typically, ML algorithms are exploited to classify/recognize data traffic on the basis of statistical features such as inter-arrival times, packets length distribution, mean nu...
Article
Full-text available
The failure of a single network element composing a Service Function Chain (SFC) unavoidably leads to some degradation in terms of availability (ability of guaranteeing working conditions), and/or performance (ability of sustaining a certain workload) for the whole SFC. By considering both of these aspects, we propose, as a case study, a joint anal...
Preprint
Full-text available
Anomaly detection is concerned with identifying data patterns that deviate remarkably from the expected behaviour. This is an important research problem, due to its broad set of application domains, from data analysis to e-health, cybersecurity, predictive maintenance, fault prevention, and industrial automation. Herein, we review state-of-the-art...
Preprint
Full-text available
The Network Function Virtualization (NFV) paradigm has been devised as an enabler of next generation network infrastructures by speeding up the provisioning and the composition of novel network services. The latter are implemented via a chain of virtualized network functions, a process known as Service Function Chaining. In this paper, we evaluate...
Preprint
Mobile telecommunications are converging towards all-IP solutions. This is the case of the Long Term Evolution (LTE) technology that, having no circuit-switched bearer to support voice traffic, needs a dedicated VoIP infrastructure, which often relies on the IP Multimedia Subsystem architecture. Most telecom operators implement LTE-A, an advanced v...
Preprint
Full-text available
The use of Machine Learning (ML) techniques in Intrusion Detection Systems (IDS) has taken a prominent role in the network security management field, due to the substantial number of sophisticated attacks that often pass undetected through classic IDSs. These are typically aimed at recognising attacks based on a specific signature, or at detecting...
Article
Full-text available
Mobile telecommunications are converging towards all-IP solutions. This is the case of the Long Term Evolution (LTE) technology that, having no circuit-switched bearer to support voice traffic, needs a dedicated VoIP infrastructure, which often relies on the IP Multimedia Subsystem architecture. Most telecom operators implement LTE-A, an advanced v...
Preprint
Full-text available
The Next Generation 5G Networks can greatly benefit from the synergy between virtualization paradigms, such as the Network Function Virtualization (NFV), and service provisioning platforms such as the IP Multimedia Subsystem (IMS). The NFV concept is evolving towards a lightweight solution based on containers that, by contrast to classic virtual ma...
Article
Full-text available
Thanks to advances in Internet of Things and crowd-sensing, it is possible to collect vast amounts of urban data, to better understand how citizens interact with cities and, in turn, improve human well-being in urban environments. This is a scientifically challenging proposition, as it requires new methods to fuse objective (heterogeneous) data (e....
Conference Paper
Full-text available
Network Function Virtualization (NFV) is considered one of the most influencing concepts in modern telecommunication frameworks, since it has the merit of transposing (and adapting) the virtualization paradigms from the computer world to the networking context. An instance of NFV is known as a Virtual Network Function (VNF), and represents a virtua...
Chapter
Full-text available
The Network Function Virtualization (NFV) has been conceived as an enabler of novel network infrastructures and services that can be deployed by combining virtualized network elements. In particular, NFV is suited to boost the deployment flexibility of Service Function Chains (SFCs). In this paper, we address an availability evaluation of a chain o...
Chapter
Full-text available
In the era of fifth generation (5G) telecommunication systems, a flexible, cost saving and reliable deployment of the network infrastructures appears to be a crucial issue. The European Telecommunications Standard Institute jointly with a group of telecom providers, proposed a novel networking paradigm considered as an enabler for future 5G network...
Conference Paper
Full-text available
Object Storage Systems (OSSs) have been conceived to manage a bulk of highly unstructured data (videos, images, social resources etc.) by storing them in the form of objects accessible via REST APIs. An interesting implementation of OSS is based on Swift, a component of OpenStack, the most important platform exploited to deploy the Infrastructure a...
Conference Paper
Full-text available
Recent variants of Distributed Denial-of-Service (DDoS) attacks leverage the flexibility of application-layer protocols to disguise malicious activities as normal traffic patterns, while concurrently overwhelming the target destination with a large request rate. New countermeasures are necessary, aimed at guaranteeing an early and reliable identifi...
Article
Distributed Denial-of-Service (DDoS) attacks are usually launched through the $botnet$, an "army" of compromised nodes hidden in the network. Inferential tools for DDoS mitigation should accordingly enable an early and reliable discrimination of the normal users from the compromised ones. Unfortunately, the recent emergence of attacks performed at...
Conference Paper
Full-text available
The detection of encrypted streamed traffic (like VoIP or Video) is an increasingly important issue for authorities involved in lawful interception. Aside from well established technologies like Skype, Facetime and MSN Messenger a new one is recently spreading: Web Real-Time Communication (WebRTC), which, with the support of powerful encryption met...
Conference Paper
Full-text available
The classification of data sessions on the Internet is a crucial issue for Authorities involved in lawful interception. Some Internet Service Providers (ISP) can provide a panel of IP nodes that, tuned to detect specific data patterns, are able to send an alert when a data session in a targeted class is found. Unluckily, several applications genera...
Conference Paper
Full-text available
Nowadays, the Internet Service Providers have to keep track of and in some cases to analyze for legal issues, a great amount of Internet data. Real-time big data processing and analysis introduce new challenges that must be addressed by system engineers. This is because: 1) traditional technologies exploiting databases are not designed to process a...
Conference Paper
Full-text available
The paper presents an architectural proposal that integrates a vehicle parking system, which offers a series of specific services (billing, targeted marketing, etc.), into the 3GPP IP Multimedia Subsystem (IMS), with a specific focus on the localization of the vehicle in indoor areas. The vehicle is equipped with a device hosting an ad-hoc software...
Article
Full-text available
The growing of mobile communication market is attracting the prospects of "cyber-criminals" to eavesdrop personal and financial data through mobile devices. Typically, such devices do not have enough hardware resources to provide a secure environment against phishing attacks, spywares, malwares, identity theft and so on. In this paper, we propose a...
Conference Paper
Full-text available
One of the most important values deriving from WLAN (Wireless Local Access Network) technology is the possibility to provide a huge amount of mobility services based on a very cheap infrastructure. In this paper we propose a WLAN-based network architecture implementing an advanced location-determination service. The testing area is an indoor parkin...
Conference Paper
Full-text available
Nowadays, provisioning of advanced multimedia services represents one of the most important research fields in Telecommunications world. The 3GPP Ip Multimedia Subsystem (IMS) infrastructure is the best choice to implement new multimedia services based on the SIP protocol and addressed to converged environment of fixed and mobile devices. IMS allow...
Conference Paper
Full-text available
Wireless Local Access Network (WLAN) technology provides mobility services to network users. In this paper a significant value was added to this technology, by proposing an inexpensive framework providing advanced location determination services. Our target environment is an indoor parking area. For this area a comprehensive architecture and infras...

Network

Cited By

Projects

Projects (3)
Project
Dear Colleagues, Security aspects are becoming of crucial importance across the hyperconnected technological world. In this context, 5G (and its evolution, 6G) represents a key network enabler for a plethora of paradigms, including Internet of Things (IoT), cyber-physical systems (CPSs), multi-access edge computing (MEC), network function virtualization (NFV), software-defined networking (SDN), and many others. Due to the growing interest both of academia and industry in the broad field of security, for this Special Issue we encourage high-quality research contributions—both theoretical and experimental—and timely survey papers that pinpoint future research directions in this field. Topics of interest include, but are not limited to, the following: Security protocols in 5G/6G architectures; Privacy issues in 5G/6G architectures; Security aspects in cloud/edge/fog computing; Security aspects in multi-access edge computing (MEC); Security aspects in the Internet of Things and/or cyber-physical systems; Security management in modern virtualized networks (NFV, SDN, network slicing); Access control mechanisms in modern networks; Machine learning/artificial intelligence for 5G/6G network security; Intrusion detection systems in 5G/6G networks; Traffic analysis applied to 5G/6G networks; Analytics and big data for network security; Optimization techniques to improve 5G/6G network security; Resilience strategies to improve 5G/6G network security; Security aspects in 5G/6G vehicular communications; Security aspects in millimeter-wave communications; Security aspects in radio access networks (RANs); Security aspects in 5G-oriented hardware (e.g., FPGA); Security aspects in smart environments and industrial systems. Finally, I would like to thank Dr. Giovanni Galatro and his valuable work for assisting me with this Special Issue. Dr. Mario Di Mauro Dr. Marco Tambasco Dr. Francesco Pascale Guest Editors https://www.mdpi.com/journal/futureinternet/special_issues/5G_Security
Project
Characterizing mechanisms underlying cybersecurity issues by exploiting methods derived from signal processing