Pietro Biondi

Pietro Biondi
University of Catania | UNICT · Department of Mathematics and Computer Science (DMI)

Master's degree in Computer Science

About

24
Publications
1,168
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
53
Citations
Additional affiliations
April 2021 - October 2021
Huawei
Position
  • Internship
Description
  • Functional Safety
November 2019 - present
University of Catania
Position
  • PhD Student
Description
  • Automotive Security
February 2018 - November 2019
Italian National Research Council
Position
  • Researcher
Description
  • Automotive Security
Education
September 2017 - July 2019
University of Catania
Field of study
  • Network and Security Systems
September 2014 - September 2017
University of Catania
Field of study
  • Computer Science

Publications

Publications (24)
Article
An increasing number of Electronic Control Units (ECUs) communicate with each other to accomplish the functionalities of modern vehicles. ECUs form an in-vehicle network that is precisely regulated and must be adequately protected from malicious activity, which has had several outbreaks in recent years. Therefore, we present CINNAMON, an AUTOSAR-ba...
Preprint
Printing over a network and calling over VoIP technology are routine at present. This article investigates to what extent these services can be attacked using freeware in the real world if they are not configured securely. In finding out that attacks of high impact, termed the Printjack and Phonejack families, could be mounted at least from insider...
Preprint
IP cameras have always been part of the Internet of Things (IoT) and are among the most widely used devices in both home and professional environments. Unfortunately, the vulnerabilities of IP cameras have attracted malicious activities. For example, in 2016, a massive attack resulted in thousands of cameras and IoT devices being breached and used...
Article
Printing over a network and calling over VoIP technology are routine at present. This article investigates to what extent these services can be attacked using freeware in the real world if they are not configured securely. In finding out that attacks of high impact, termed the Printjack and Phonejack families, could be mounted at least from insider...
Preprint
The Controller Area Network (CAN) is the most common protocol interconnecting the various control units of modern cars. Its vulnerabilities are somewhat known but we argue they are not yet fully explored -- although the protocol is obviously not secure by design, it remains to be thoroughly assessed how and to what extent it can be maliciously expl...
Preprint
Printers are common devices whose networked use is vastly unsecured, perhaps due to an enrooted assumption that their services are somewhat negligible and, as such, unworthy of protection. This article develops structured arguments and conducts technical experiments in support of a qualitative risk assessment exercise that ultimately undermines tha...
Preprint
Modern cars are no longer purely mechanical devices but shelter so much digital technology that they resemble a network of computers. Electronic Control Units (ECUs) need to exchange a large amount of data for the various functions of the car to work, and such data must be made secure if we want those functions to work as intended despite malicious...
Preprint
This paper introduces CINNAMON, a software module that extends and seamlessly integrates with the AUTOSAR "Secure Onboard Communication" (SecOC) module to also account for confidentiality of data in transit. It stands for Confidential, INtegral aNd Authentic on board coMunicatiON (CINNAMON). It takes a resource-efficient and practical approach to e...
Preprint
Modern cars technologies are evolving quickly. They collect a variety of personal data and treat it on behalf of the car manufacturer to improve the drivers' experience. The precise terms of such a treatment are stated within the privacy policies accepted by the user when buying a car or through the infotainment system when it is first started. Thi...
Preprint
VoIP phones are early representatives as well as present enhancers of the IoT. This paper observes that they are still widely used in a traditional, unsecured configuration and demonstrates the Phonejack family of attacks: Phonejack 1 conjectures the exploitation of phone vulnerabilities; Phonejack 2 demonstrates how to mount a denial-of-service at...
Preprint
Modern cars are evolving in many ways. Technologies such as infotainment systems and companion mobile applications collect a variety of personal data from drivers to enhance the user experience. This paper investigates the extent to which car drivers understand the implications for their privacy, including that car manufacturers must treat that dat...
Chapter
Modern cars are evolving in many ways. Technologies such as infotainment systems and companion mobile applications collect a variety of personal data from drivers to enhance the user experience. This paper investigates the extent to which car drivers understand the implications for their privacy, including that car manufacturers must treat that dat...
Conference Paper
Modern cars technologies are evolving quickly. They collect a variety of personal data and treat it on behalf of the car manufacturer to improve the drivers’ experience. The precise terms of such a treatment are stated within the privacy policies accepted by the user when buying a car or through the infotainment system when it is first started. Thi...
Conference Paper
Full-text available
Cyber risks associated with modern cars are often referred to safety. However, modern cars expose a variety of digital services and process a variety of personal data, at least of the driver’s. This paper unfolds the argument that car (cyber-)security and drivers’ privacy are worthy of additional consideration, and does so by advancing “COSCA”, a f...
Conference Paper
Full-text available
This paper introduces CINNAMON, a software module that extends and seamlessly integrates with the AU-TOSAR "Secure Onboard Communication" (SecOC) module [3], [5] to also account for confidentiality of data in transit. It stands for Confidential, INtegral aNd Authentic on board coMunica-tiON (CINNAMON). It takes a resource-efficient and practical ap...
Conference Paper
VoIP phones are early representatives as well as present enhancers of the IoT. This paper observes that they are still widely used in a traditional, unsecured configuration and demonstrates the Phonejack family of attacks: Phonejack 1 conjectures the exploitation of phone vulnerabilities; Phonejack 2 demonstrates how to mount a denial-of-service at...
Conference Paper
Intracellular biochemical reactions emerge from the interaction among multiple extracellular signaling components. Considering the number, type and connections of the signaling components represents a needed step to characterize, identify and describe potential targets for a clinical purpose. However, it is increasingly documented that the presence...
Chapter
Printers are common devices whose networked use is vastly unsecured, perhaps due to an enrooted assumption that their services are somewhat negligible and, as such, unworthy of protection. This article develops structured arguments and conducts technical experiments in support of a qualitative risk assessment exercise that ultimately undermines tha...
Conference Paper
Modern vehicles embed a lot of software that turns them into Cyper-Physical Systems (CPS). Electronic Control Units (ECUs) communicate through the CAN bus protocol, which was not designed to be secure. This paper presents a proof-of-concept of TOUCAN, a new security protocol designed to secure CAN bus communications following the AUTOSAR standard....
Conference Paper
Modern vehicles abound with Electronic Control Units (ECUs) that need to speak with each other. They adopt a binary language and form an in-vehicle network that must be precisely regulated. This was the aim for the inception of "Controller Area Network" protocol, also known as CAN bus [1] and is widespread today. It is standardised in ISO 11898-1:2...
Conference Paper
Modern cars are no longer purely mechanical devices but shelter so much digital technology that they resemble a network of computers. Electronic Control Units (ECUs) need to exchange a large amount of data for the various functions of the car to work, and such data must be made secure if we want those functions to work as intended despite malicious...
Conference Paper
Full-text available
We present here a novel algorithm based on a MapReduce approach to facilitate the discovery of novel therapeutic targets. The proposed algorithm has been enabled to scan a set biological pathways in order to discover non-trivial (less common) routes. Such routes represent a chain of biochemical interactions among different biological actors. These...
Chapter
The Controller Area Network (CAN) is the most common protocol interconnecting the various control units of modern cars. Its vulnerabilities are somewhat known but we argue they are not yet fully explored—although the protocol is obviously not secure by design, it remains to be thoroughly assessed how and to what extent it can be maliciously exploit...

Network

Cited By