WEBLab


  

System security

The complexity of modern networked information systems, which combines heterogeneous devices with different kind of connectivity, requires defensive solutions exploiting the cooperation of multiple components. In order to improve the security of these information systems, our research group focuses on three main areas: fault tolerant distributed systems, cooperative intrusion detection and security in mobile networks. In particular, the experience achieved on the cooperative intrusion detection area leads us to important results mainly concerning the exchange of state information among distributed NIDSs. We are exploiting the flexibility and powerfulness of this solution in order to tackle new emerging threats, including new NIDS evasion techniques.

People

Selected publications

  • Mirco Marchetti, Michele Colajanni, Fabio Manganiello, "Identification of correlated network security alerts", in Proc. of the 3rd International Workshop on Cyberspace Safety and Security (CSS 2011), Milan, Italy, September 2011.
  • Fabio Manganiello, Mirco Marchetti, Michele Colajanni, "Multistep Attack Detection and Alert Correlation in Intrusion Detection Systems", in Proc. of the 5th International Conference on Information Security and Assurance (ISA 2011), Brno, Czech Republic, August 2011.
  • Michele Colajanni, Luca Dal Zotto, Mirco Marchetti, Michele Messori, "Defeating NIDS evasion in Mobile IPv6 networks", in Proc. of the 12th IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM 2011), Lucca, Italy, June 2011. [ Download PDF, BibTeX entry ]
  • Michele Colajanni, Luca Dal Zotto, Mirco Marchetti, Michele Messori, "The problem of NIDS evasion in mobile networks", in Proc. of the 4th IFIP International Conference on New Technologies, Mobility and Security (NTMS 2011), Paris, France, February 2011. [ Download PDF, BibTeX entry ]
  • Michele Colajanni, Mirco Marchetti, Michele Messori, "Selective and early threat detection in large networked systems", in Proc. of the 10th IEEE International Conference on Computer and Information Technology (CIT 2010), Bradford, UK, June 2010. [ Download PDF, BibTeX entry ]
  • Mirco Marchetti, Michele Messori, Michele Colajanni, "Peer-to-peer Architecture for Collaborative Intrusion and Malware Detection on a Large Scale", Proc. of the 12th Information Security Conference (ISC 2009), Pisa, Italy, September 2009. [ Download PDF, BibTeX entry ]
  • Allen Clement, Edmund Wong, Lorenzo Alvisi, Mike Dahlin, Mirco Marchetti, "Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults", Proc. of the 6th USENIX Symposium on Networked Systems Design and Implementation (NSDI 09), Boston, MA, USA, April 2009. [ Download PDF , BibTeX entry ] (Tech. report also available online pdf)
  • Giorgia Lodi, Leonardo Querzoni, Roberto Baldoni, Mirco Marchetti, Michele Colajanni, Vita Bortnikov, Gregory Chockler, Eliezer Dekel, Gennady Laventman, Alexey Roytman, "Defending financial infrastructures through early warning systems: the intelligence cloud approach", Proc. of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies (CSIIRW09), Oak Ridge, TN, USA, April 2009. [ Download PDF , BibTeX entry ]
  • Mirco Marchetti, "Distributed architectures and algorithms for network security", PhD. Thesis, International Doctorate School in Information and Communication Technologies -- Computer Engineering and Science, University of Modena and Reggio Emilia, February 2009. [ Download PDF , BibTeX entry ]
  • Harry Li, Allen Clement, Mirco Marchetti, Manos Kapritsos, Luke Robison, Lorenzo Alvisi, Mike Dahlin, "FlightPath: Obedience vs. Choice in Cooperative Services", Proc. of the Usenix Symposium on Operating Systems Desing and Implementation 2008 (OSDI 2008), San Diego, California, December 2008. [ Download PDF , BibTeX entry ]
  • Mirco Marchetti, Michele Colajanni, "Adaptive traffic filtering for efficient and secure IP-mobility", Proc. of the 4th ACM International Workshop on QoS and Security for Wireless Networking (Q2SWinet 2008), Vancouver, British Columbia, Canada, October 2008. [ Download PDF , BibTeX entry ]
  • Allen Clement, Mirco Marchetti, Edmund Wong, Lorenzo Alvisi, Mike Dahlin, "BFT: The time is now", Proc. of Large-scale Distributed Systems and Middelware (LADIS 2008), Newark, NY, USA, September 2008. [ Download PDF , BibTeX entry ]
  • Michele Colajanni, Daniele Gozzi, Mirco Marchetti, "Collaborative architecture for malware detection and analysis", Proc. of the 23rd International Information Security Conference (SEC 2008), Milano, Italy, September 2008. [ Download PDF , BibTeX entry ]
  • Michele Colajanni, Daniele Gozzi, Mirco Marchetti, "Selective alerts for the run-time protection of distributed systems", Proc. of the Ninth International Conference on Data Mining, Protection, Detection and other Security Technologies (DATAMINING 2008), Cadiz, Spain, May 2008. [ Download PDF , BibTeX entry ]
  • Michele Colajanni, Daniele Gozzi, Mirco Marchetti, "Enhancing interoperability and stateful analysis of cooperative network intrusion detection systems", Proc. of the ACM/IEEE Symposium on Architectures for Networking and Communication Systems (ACM/IEEE ANCS 2007), Orlando, FL, USA, December 2007. [ Download PDF , BibTeX entry ]
  • Mauro Andreolini, Sara Casolari, Michele Colajanni, Mirco Marchetti, "Dynamic load balancing for network intrusion detection systems based on distributed architectures", Proc. of the 6th IEEE International Symposium on Network Computing and Applications (IEEE NCA07), Cambridge, MA, USA, July 2007. [ Download PDF , BibTeX entry ]
  • Michele Colajanni, Mirco Marchetti, "A Parallel Architecture for Stateful Intrusion Detection in High Traffic Networks", Proc. of the IEEE/IST Workshop on Monitoring, Attack Detection and Mitigation (MonAM 2006), Tubingen, Germany, September 2006 (best paper award). [ Download PDF , BibTeX entry ]
Mirco Marchetti