Tesi di Dottorato

Permanent URI for this communityTesi di Dottorato

Browse

Filters

20182

Settings

Author: search.filters.author.Pugliese, AndreaSubject: search.filters.subject.Computer security

Search Results

Now showing 1 - 2 of 2
  • No Thumbnail Available
    Item
    Malevolent Activities Detection and Cyber Range Scenarios Orchestration
    (2018-06-08) Piccolo, Antonio; Saccà, Domenico; Pugliese, Andrea; Crupi, Felice
    increasing availability of Internet accessible services driven by the di usion of connected devices. The consequent exposition to cyber-threats demands for suitable methodologies, techniques and tools allowing to adequately handle issues arising in such a complex domain. Most Intrusion Detection Systems are capable of detecting many attacks, but cannot provide a clear idea to the analyst because of the huge number of false alerts generated by these systems. This weakness in the IDS has led to the emergence of many methods in which to deal with these alerts, minimize them and highlight the real attacks. Furthermore, experience shows that the inter- pretation of the alerts usually requires more than the single messages provided by the sensors, so there is a need for techniques that can analyse the alerts within the context in which they have been generated. This might require the ability to correlate them with some other contextual information provided by other devices. Using synthetic data to design, implement and test these techniques its not fair and reliable because the variety and unpredictability of the real world data. On the other hand retrieve these information from real world networks is not easy (and sometimes impossible) due to privacy and con dential restrictions. Virtual Environments, Software De ned Systems and Software De ned Net- work will play a critical role in many cyber-security related aspects like the assessment of newly devised intrusion detection techniques, the generation of real world like logs, the evaluation of skills of cyber-defence team members and the evaluation of the disruptive e ects caused by the di usion of new malware. This thesis proposes, among other things, a novel domain-speci c platform, named SmallWorld, aimed to easily design, build and deploy realistic com- puter network scenarios achieved by the immersion of real systems into a software de ned virtual environment, enriched by Software De ned Agents put in charge of reproducing users or bot behaviours. Additionally, to provide validation and performance evaluation of the proposed platform, a number of Scenarios (including penetration testing laboratories, IoT and domotics net- works and a reproduction of the most common services on Internet like a DNS server, a MAIL server, a booking service and a payment gateway) have been developed inside SmallWorld. Over time the platform has been rewrit- ten and radically improved leading to the birth of Hacking Square. This new version is currently available on-line and freely accessible from anyone. The impact of this research prototype has been demonstrated, above all, during the course of "Metodi e Strumenti per la Sicurezza Informatica" for the mas- ter degree in Cyber Security at DIMES, University of Calabria. In fact, the platform has been employed to build the laboratory of the course as an in cloud service for students (including all the material to conduct exercises and assignments) and to organize a, practical, Capture the Flag (CTF) like nal test. Finally, the platform is under the attention of Consorzio Interuniver- sitario per l'Informatica (CINI), as it could be used to manage and deploy training content for the CyberChallenge 2018.
  • No Thumbnail Available
    Item
    Theoretical and Practical Aspects of Trusted Execution Environments in Information Security and Volunteer Computing
    (2018-08-06) Ianni, Michele; Pugliese, Andrea; Masciari, Elio
    Commodity operating systems, both on desktop and mobile devices, offer rich functionality and consequently a significant attack surface. A compromise of the operating system, however, means that an attacker also has access to any critical assets of the user’s applications. These critical assets include code, which either is part of security-critical functionality, or of commercial value and other sensitive information whose disclosure, even in a minimal part, must be avoided. While many platforms offer support for Trusted Execution Environments (TEEs), these are currently restricted for the use of secure services provided by the operating system or the vendor. Developers have to rely on obfuscation to protect their own code from unauthorized tampering or copying, which only provides an obstacle for an attacker but does not prevent compromise. In collaborative networks, moreover, many problems are usually not handled at all, since it is not possible, in many cases, to hide confidential data from inputs of the subtasks solved by the computers of the network. This thesis proposes to take advantage and extend these TEEs to also offer code protection for arbitrary application and secure data in volunteer computing networks