About
202
Publications
114,006
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
3,924
Citations
Introduction
Additional affiliations
February 2015 - September 2018
November 2012 - July 2016
November 2008 - October 2012
Education
November 2003 - March 2007
Publications
Publications (202)
Security Requirements Engineering is an emerging field which lies at the crossroads of Security and Software Engineering.
Much research has focused on this field in recent years, spurred by the realization that security must be dealt with in the
earliest phases of the software development process as these phases cover a broader organizational persp...
Data protection legislation requires personal data to be collected and processed only for lawful and legitimate purposes.
Unfortunately, existing protection mechanisms are not appropriate for purpose control: they only prevent unauthorized actions
from occurring and do not guarantee that the data are actually used for the intended purpose. In this...
Reputation is widely used in many domains, like electronic commerce, as a measure of trustworthiness based on ratings from members in a community. The adoption of reputation systems, however, relies on their ability to capture the actual trustworthiness of a target. Several reputation models have been proposed in the literature to aggregate trust i...
The eXtensible Access Control Markup Language (XACML) has attracted significant attention from both industry and academia, and has become the de facto standard for the specification of access control policies. However, its XML-based verbose syntax and rich set of constructs make the authoring of XACML policies difficult and error-prone. Several aut...
The last decades have seen a growing interest and demand for community-centered collaborative systems and platforms. These systems and platforms aim to provide an environment in which users can collaboratively create, share, and manage resources. While offering attractive opportunities for online collaboration and information sharing, they also ope...
Phishing reporting is emerging as a key defense mechanism against phishing attacks. Whereas large enough organizations have specific policies in place for phishing reporting, user uptake is still limited, and a clear picture of what motivates users to report and which types of emails is still to be drawn. Yet, this is critical to devising better po...
Recently released scan data on Shodan reveals that thousands of Industrial Control Systems (ICSs) worldwide are directly accessible via the Internet and, thus, exposed to cyber-attacks aiming at financial gain, espionage, or disruption and/or sabotage. Executing sophisticated cyber–physical attacks aiming to manipulate industrial functionalities re...
User perception of phishing threats is fundamental for the uptake and effectiveness of many phishing countermeasures, including phishing reporting and awareness. Extant research focused on phishing victimization, but a clear understanding of the drivers influencing users' perception of phishing threats is still missing. This work investigates the r...
Phishing attacks are a critical and escalating cybersecurity threat in the modern digital landscape. As cybercriminals continually adapt their techniques, automated phishing detection systems have become essential for safeguarding Internet users. However, many current systems rely on single-analysis models, making them vulnerable to sophisticated b...
The revolutionary technologies behind Industry 4.0 have opened a new era for manufacturing: connected and autonomous machines, collaborative robotics, and monitoring techniques are spreading to increase productivity and sustainability. From the workers’ perspective, they bring new safety threats but also opportunities to solve old ones, while conce...
The interdisciplinarity of the Social Engineering (SE) domain creates crucial challenges for the development and advancement of empirical SE research, making it particularly difficult to identify the space of open research questions that can be addressed empirically. This space encompasses questions on attack conditions, employed experimental metho...
The recent proliferation of sophisticated threats targeting the plant of Industrial Control Systems (ICSs) has triggered a growing interest in the development of dedicated honeypots/honeynets in which the emulation of Operational Technology (OT) components plays a major role. This work presents a latitudinal study on a dataset comprising both IT an...
Recently published scan data on Shodan shows how 105K Industrial Control Systems (ICSs) around the world are directly accessible from the Internet. In particular, highly sensitive components, such as Programmable Logic Controllers (PLCs), are potentially accessible to attackers who can implement several kinds of attacks. On the other hand, to accom...
Phishing attacks are increasingly more sophisticated, with attackers exploiting publicly available information on their targets to personalize their attacks. Although an increasing body of research has investigated the effectiveness of tailored phishing campaigns, researchers have primarily focused on large enterprises. Company size, composition, a...
Industrial control systems (ICSs) are vulnerable to cyber-physical attacks, i.e., security breaches in cyberspace that adversely affect the underlying physical processes. In this context, honeypots are effective countermeasures both to defend against such attacks and discover new attack strategies. In recent years, honeypots for ICSs have made sign...
Third-Party Unmanned Aerial Vehicle (UAV) Services, a.k.a. Drone-as-a-Service (DaaS), are an increasingly adopted business model, which enables possibly unskilled users, with no background knowledge, to operate drones and run automated drone-based tasks. Although these services provide significant advantages, the resources provided by drones are ty...
Modern software development practices increasingly rely on third-party libraries due to the inherent benefits of reuse. However, libraries may contain security vulnerabilities that can propagate to the dependent applications. To counter this, maintainers of dependent projects should monitor their dependencies and security reports to ensure that onl...
Cyber-Physical Systems are exposed to cyber-physical attacks, i.e., security breaches in cyberspace that alter the underlying physical processes.
We use Uppaal SMC to analyze a non-trivial coordinated multi-engine system equipped with both a tamperproof distributed intrusion detection system (IDS) and a tamperproof supervisor component to mitigate...
New, sophisticated phishing campaigns victimize targets in few hours from attack delivery. Some methods, such as visual similarity-based techniques, can spot these zero-hour attacks, at the cost of additional user intervention. However, more research is needed to investigate the trade-off between automatic detection and user intervention. To enable...
Industrial control systems (ICSs) play a crucial role in modern society, controlling and automating processes in industries ranging from manufacturing to energy production. The increasing connectivity of ICSs with corporate networks has made them vulnerable to cyber attacks that can compromise the controlled physical processes. We present the archi...
We are pleased to highlight the following ten articles which appeared in Frontiers in
Computer Science in 2021. We have chosen to feature contributions from the following
sections of the journal: Computer Security, Computer Vision, Human-Media Interaction
and Mobile and Ubiquitous Computing. Computer science has grown to be a multifaceted
field whe...
The application of machine learning techniques to large and distributed data archives might result in the disclosure of sensitive information about the data subjects. Data often contain sensitive identifiable information, and even if these are protected, the excessive processing capabilities of current machine learning techniques might facilitate t...
In recent years, the design of effective authorization mechanisms for IoT and, in particular, for smart home applications has gained increasing attention from researchers and practitioners. However, very little attention is given to the performance evaluation of those authorization mechanisms. To fill this gap, this paper presents a thorough experi...
Decisional processes are at the basis of most businesses in several application domains. However, they are often not fully transparent and can be affected by human or algorithmic biases that may lead to systematically incorrect or unfair outcomes. In this work, we propose an approach for unveiling biases in decisional processes, which leverages ass...
Internet of Things (IoT) platforms typically require IoT devices and users to provide fine-grained information to determine whether access to resources and services can be granted. However, this information can be sensitive for users and its disclosure can lead to severe privacy threats, forcing users to decide between receiving a service or protec...
Relationship-Based Access Control (ReBAC) is a paradigm to specify access constraints in terms of interpersonal relationships. To express these graph-like constraints, a variety of ReBAC models with varying features and ad-hoc implementations have been proposed. In this work, we investigate the theoretical feasibility of realising ReBAC systems usi...
Recent years have seen an increasing popularity of online collaborative systems like social networks and web-based collaboration platforms. Collaborative systems typically offer their users a digital environment in which they can work together and share resources and information. These resources and information might be sensitive and, thus, they sh...
The problem of protecting datasets from the disclosure of confidential information, while published data remains useful for analysis, has recently gained momentum. To solve this problem, anonymization techniques such as k-anonymity, \(\ell \)-diversity, and t-closeness have been used to generate anonymized datasets for training classifiers. While t...
The attack landscape is evolving, and attackers are employing new techniques to launch increasingly targeted and sophisticated social engineering attacks that exploit human vulnerabilities. Many organizations provide their employees with security awareness training to counter and mitigate such threats. However, recent studies have shown that curren...
IFTTT is a platform that allows users to create applets for connecting smart devices to online services, or to compose online services, in order to provide customized functionalities in Internet of Things scenarios. Despite their flexibility and ease-of-use, IFTTT applets may create privacy risks for users, who might unknowingly share sensitive inf...
The processing of personal data is becoming a key business factor, especially for high-tech system industries such as automotive and healthcare service providers. To protect such data, the European Union (EU) has introduced the General Data Protection Regulation (GDPR), with the aim to standardize and strengthen data protection policies across EU c...
International Revenue Sharing Fraud (IRSF) is the most persistent type of fraud in the telco industry. Hackers try to gain access to an operator’s network in order to make expensive unauthorized phone calls on behalf of someone else. This results in massive phone bills that victims have to pay while number owners earn the money. Current anti-fraud...
Despite the growing interest in Attribute-Based Access Control (ABAC) and the large amount of research devoted to the specification and evaluation of ABAC policies, to date only little work has addressed the issue of attribute management and retrieval. In many modern systems, the attributes needed for policy evaluation are often retrieved from exte...
In recent years, the usage of online banking services has considerably increased. To protect the sensitive resources managed by these services against attackers, banks have started adopting Multi-Factor Authentication (MFA). To date, a variety of MFA solutions have been implemented by banks, leveraging different designs and features and providing a...
Cooperative Intelligent Transport Systems (C-ITS) aims to enhance the existing transportation infrastructure through the use of sensing capabilities and advanced communication technologies. While improving the safety, efficiency and comfort of driving, C-ITS introduces several security and privacy challenges. Among them, a main challenge is the pro...
Deviance mining is an emerging area in the field of Process Mining, with the aim of explaining the differences between normal and deviant process executions. Deviance mining approaches typically extract representative subprocesses characterizing normal/deviant behaviors from an event log and use these subprocesses as features for classification. Ex...
The motivation for this article arises from the security, complexity and interoperability challenges in cyber-physical systems (CPS) especially in energy and mobility domains. Handling peak consumption hours and balancing power levels in the energy grids are becoming more and more expensive for the energy sector, energy intensive industry and consu...
A main challenge of attribute-based access control (ABAC) is the handling of missing information. Several studies have shown that the way standard ABAC mechanisms, e.g. based on XACML, handle missing information is flawed, making ABAC policies vulnerable to attribute-hiding attacks. Recent work has addressed the problem of missing information in AB...
Multi-party access control has been proposed to enable collaborative decision making for the protection of co-owned resources. In particular, multi-party access control aims to reconcile conflicts arising from the evaluation of policies authored by different stakeholders for jointly-managed resources, thus determining whether access to those resour...
In this study, we provide extensive analysis of the (unique) characteristics of phishing and spear-phishing attacks, argue that spear-phishing attacks cannot be well captured by current countermeasures, identify ways forward, and analyze an advanced spear-phishing campaign targeting white-collar workers in 32 countries.
The Internet of Things (IoT) is an emerging technology that is revolutionizing the global economy and society. IoT enables a collaborative environment where different entities – devices, people and applications – exchange information for service provision. Despite the benefits that IoT technology brings to individuals, society and industry, its wid...
Decisional processes are at the basis of several security and privacy applications. However, they are often not transparent and can be affected by human or algorithmic biases that may lead to systematically misleading or unfair outcomes. To unveil these biases, one has to identify which information was used to make the decision and to quantify to w...
Big Data offers opportunities for in-depth data analytics and advanced personalized services. Yet, while valuable, data analytics might rely on data that should not have been used due to, e.g., privacy constraints from the data subject or regulations. As decision makers and data controllers often act outside any control mechanism and with no requir...
Organizations need to monitor the execution of their processes to ensure they comply with a set of constraints derived, e.g., by internal managerial choices or by external legal requirements. However, preventive systems that enforce users to adhere to the prescribed behavior are often too rigid for real-world processes, where users might need to de...
In the context of cooperative systems, data coming from multiple, autonomous, heterogeneous information sources, is processed and fused into new pieces of information that can be further processed by other entities participating in the cooperation. Controlling the access to such evolving and variegated data, often under the authority of different e...
Mining local patterns of process behavior is a vital tool for the analysis of event data that originates from flexible processes, which in general cannot be described by a single process model without overgeneralizing the allowed behavior. Several techniques for mining local patterns have been developed over the years, including Local Process Model...
Software applications play an important role in vehicle innovation, aiming at improved safety, efficiency, and comfort, and creating the new areas of cooperative intelligent transport systems and autonomous vehicles. To accommodate modern applications, vehicles have become increasingly computerized and connected. Despite the benefits that the adopt...
Conformance checking allows organizations to compare process executions recorded by the IT system against a process model representing the normative behavior. Most of the existing techniques, however, are only able to pinpoint where individual process executions deviate from the normative behavior, without considering neither possible correlations...
Access control systems are nowadays the first line of defence of modern IT systems. However, their effectiveness is often compromised by policy miscofigurations that can be exploited by insider threats. In this paper, we present an approach based on machine learning to refine attribute-based access control policies in order to reduce the risks of u...
Security-by-design is an emerging paradigm that aims to deal with security concerns from the early phases of the system development. Although this paradigm can provide theoretical guarantees that the designed system complies with the defined processes and security policies, in many application domains users are allowed to deviate from them to face...
The Internet of Things (IoT) is receiving considerable attention from both industry and academia because of the new business models that it enables and the new security and privacy challenges that it generates. Major Cloud Service Providers (CSPs) have proposed platforms to support IoT by combining cloud and edge computing. However, the security me...
Multi-party access control is gaining attention and prominence within the community, as access control models and systems are faced with complex, jointly-owned and jointly-managed content. Traditional single-user approaches lack the richness and flexibility to accommodate these scenarios, resulting in undesired disclosure of sensitive data and reso...
A main challenge of attribute-based access control (ABAC) is the handling of missing information. Several studies show that the way standard ABAC mechanisms (e.g., XACML) hand