Publications

Research in neural generative models for dynamic networks is constantly evolving, and sophisticated solutions have been exploited to characterize the long-term evolution of temporal graphs. Despite the efforts in the literature, state-of-the-art models face the problem of handling changes in the graph structure by relying on prior knowledge, compromising the model’s flexibility. In this paper, we propose a graph-size invariant probabilistic generative model, named FuDGE, Fully Dynamic Graph Evolution, for predicting the graph evolution through step-wise changes in the graph structure. FuDGE can generate evolving graphs by exploring the whole node space, thus ensuring fast and effective generation. We evaluate FuDGE on real and synthetic benchmark datasets and compare its performance against state-of-the-art competitors. The results demonstrate that our approach offers a competitive advantage in generation and prediction quality compared to existing literature.

The growing adoption of prompt-based generative models has raised concerns over the unauthorized use of proprietary data, as such models may memorize and replicate training content. To address this issue, we introduce ProCAP, a novel Membership Inference Attack approach based on a prompt-driven auditing framework. Given a proprietary dataset and a target generative model, ProCAP trains an auxiliary model to craft prompts that trigger the target model to produce outputs revealing potential violations of the proprietary data. Unlike current literature, ProCAP is automatic, fully black-box, model-agnostic, and designed to operate in settings with limited or no knowledge of the training process. To reduce the computational cost of training the prompt generator, we adopt an optimization strategy that filters high-loss samples, i.e., those less likely to have been memorized. Our approach can then ``specialize'' the learning phase on the most informative data regions. We validate ProCAP across different scenarios, by using both real and synthetic data. Results demonstrate its effectiveness in recognizing unauthorized data usages with strong accuracy-efficiency trade-offs.

The increasing sophistication of cyberattacks targeting companies and organizations continues to challenge the effectiveness of modern defense systems. Among these threats, slow Denial-of-Service (slow DoS) attacks are particularly difficult to detect, as they rely on evasion strategies that add significant complexity to cybersecurity efforts. Modern intrusion detection systems, especially those based on deep learning, have become essential tools in combating such attacks. However, their performance is often hindered by challenges such as limited data availability, noisy inputs, and the presence of out-of-distribution samples. Furthermore, their dependence on large labeled datasets makes detecting subtle or rare attack patterns particularly challenging. To overcome these limitations, this work proposes a novel unsupervised deep learning framework for detecting slow DoS attacks. The proposed approach incorporates a customized preprocessing pipeline to improve input data quality and leverages a sparse variational U-Net-like architecture for robust anomaly identification. Extensive experiments conducted on three real-world datasets demonstrate the framework's ability to accurately and efficiently detect slow DoS attacks, highlighting its robustness, generalizability, and practical suitability for deployment in operational environments.

Misinformation poses a significant challenge in social media, particularly concerning health-related topics such as the COVID-19 pandemic. The spread of unverified information can sway public opinions and influence behaviors, leading to potentially harmful consequences. For instance, misinformation campaigns advocating against vaccinations, often based on partial or misinterpreted data, have succeeded in dissuading individuals from getting vaccinated, thereby increasing their susceptibility to health risks. Artificial Intelligence methods, including Language Models, have emerged as valuable tools for identifying and mitigating the impact of such malicious information. However, the effectiveness of these detectors (especially the ones based on Neural Architectures) can be hindered by the limited availability of labeled training examples. Furthermore, the expertise of domain experts is crucial in verifying the accuracy of information in this context. This research proposes a Neural Active Learning framework with explanation capabilities to fight fake news, including misinformation related to COVID-19. Active Learning allows for enriching the training set by strategically selecting the most informative instances to submit to the expert. Explanation methods serve a dual purpose: aiding operators in the labeling process and guiding the selection of informative instances for Active Learning. Specifically, Explanatory Active Learning is leveraged for the latter objective. Experimental evaluations conducted on real datasets from the health domain focusing on COVID-19 misinformation, demonstrate the effectiveness of the proposed solution in detecting and mitigating the spread of fake news.

Social media have become a key tool for rapidly spreading information worldwide, amplifying the risks of misinformation and fake news. This is also intensified by the fact that fake news covers a wide range of topics across multiple domains. Machine learning, particularly language models, offers a promising solution for detecting fake news. However, a major limitation of existing methods is their inability to classify instances from new or unseen domains. To tackle this issue, we introduce MERMAID, a mixture of experts approach that leverages the knowledge from different specialized models to classify examples from unknown domains. Each expert is initially trained on a specific known domain and then fine-tuned using data from other known domains. A model merging procedure is then applied to combine related experts, reducing the number of models required for predicting instances from unknown domains. In addition, our approach can effectively be used in few-shot learning scenarios, where a small amount of data from the target/unknown domain is available during training. Experiments on five benchmark datasets demonstrate the effectiveness of our method in both zero-shot and few-shot learning settings.

In real-world scenarios, numerous phenomena generate a series of events that occur in continuous time. Point processes provide a natural mathematical framework for modeling these event sequences. In this comprehensive survey, we aim to explore probabilistic models that capture the dynamics of event sequences through temporal processes. We revise the notion of event modeling and provide the mathematical foundations that underpin the existing literature on this topic. To structure our survey effectively, we introduce an ontology that categorizes the existing approaches considering three horizontal axes: modeling, inference and estimation, and application. We conduct a systematic review of the existing approaches, with a particular focus on those leveraging deep learning techniques. Finally, we delve into the practical applications where these proposed techniques can be harnessed to address real-world problems related to event modeling. Additionally, we provide a selection of benchmark datasets that can be employed to validate the approaches for point processes.

The rapid spread of misinformation across online platforms poses a major threat to societal trust, public health, and democratic processes. While recent advances in machine learning have improved the accuracy of fake news detection, most existing approaches remain limited to single-domain settings and struggle to generalize across diverse domains or platforms. To address this challenge, we propose DAFNE (Domain-Agnostic Fake NEws detector), a deep learning approach designed to capture cross-domain high-level features for fake news detection. By combining feature-level adversarial learning with self-supervised learning, DAFNE effectively learns domain-invariant representations that enable reliable detection across heterogeneous sources. The proposed approach is evaluated on five real-world benchmark datasets spanning multiple domains, and the results demonstrate superior generalization capabilities compared to state-of-the-art baselines. Specifically, DAFNE outperforms the competitors, with average micro-F1 improvements ranging from 11.3% to 39.9%. In comparison to the second-best model, our approach shows an average improvement of 18% across all domains in terms of the F-Score, reaching up to 25% on the Politifact dataset. These results highlight the capability of DAFNE to mitigate the domain shift problem, enabling more reliable and adaptive misinformation detection in dynamic online environments.

Malware is increasingly endowed with steganographic mechanisms for concealing malicious data to avoid detection or bypass security measures. As a result, an emerging wave of threats named stegomalware has started to rise. Among the various approaches, real-world stegomalware primarily hides information within digital images, for instance, to retrieve additional payloads or configuration data. Unfortunately, developing attack-agnostic mitigation tools is difficult, especially due to the tight relation between the image format and the steganographic technique. Therefore, this paper presents an autoencoder-based approach to perform sanitization, i.e., to disrupt the malicious content hidden in images without altering their visual quality. For this purpose, we used an enhanced U-Net-like neural architecture, and we compared our idea against other mechanisms, including JPG transcoding and simple addition of Gaussian noise. Results obtained by considering different hiding patterns and realistic payloads showcased the effectiveness of our approach. Moreover, the U-Net-based sanitization solution prevents the recovery of the payload while preserving the original image quality and reducing risks arising from side-channel attacks.

The evolution of a parent malware into a family of slightly different mutations may hinder detection mechanisms based on signatures, while the limited number of training examples may reduce the effectiveness of machine learning methods in the early stages of the infection. To address these challenges, we define a framework to improve the ability to generalize the detection of "evolving" malware samples. Specifically, we leverage a Large Language Model (LLM) to map malware instructions into a latent space. The obtained embeddings are then used to train a Variational Autoencoder for generating realistic variants. Experimental results obtained by training a detector on both real and synthetic embeddings demonstrate the effectiveness of our approach, especially when facing three real malware families. Our LLM-based feature extraction approach should be then considered a promising mechanism for pursuing robust malware detection in dynamic threat environments.

Due to the increasing use of advanced offensive techniques, the mitigation of Android malware is an urgent need. An emerging attack trend exploits steganography to conceal malicious payloads within applications to make attacks stealthier. Even if works on “stegomalware” are starting to emerge, they primarily focus on the multimedia part of the attack chain, i.e., on how to detect hidden data in images or videos. Therefore, this work aims at understanding whether the loading stage required for the extraction of cloaked information can generate detection signatures. To this aim, we develop a proof-of-concept implementation, which has been repacked within a real Android application and tested against several malware detection engines provided by VirusTotal. To anticipate possible offensive campaigns, we also performed tests by considering threat actors able to obfuscate the bytecode of the loader or the entire APK. Results indicate that standard tools are not ready to face stegomalware targeting Android applications. Therefore, we provide indications on how to improve forensics and attribution phases for Android malware endowed with information hiding capabilities.

Large Language Models (LLMs) are increasingly integrated within the software development lifecycle, for instance, to generate code and documentation or to support debugging. As a result, LLMs are expected to become a relevant tool for improving the security posture of modern software supply chains, especially for detecting weaknesses or vulnerabilities, patching code in an automated manner, and explaining runtime behaviors. While LLMs offer substantial productivity benefits, their widespread adoption introduces new security risks. Adversaries can exploit LLM-generated code to introduce or propagate vulnerabilities, potentially compromising the integrity of critical systems. In this paper, we explore how software security can be enhanced by taking advantage of LLMs. Specifically, we outline key research directions focused on source code attribution, malware variant generation for robust detection, and the use of LLMs to support secure coding practices. To showcase part of our ongoing research, we briefly assess the explainability capabilities of LLMs and their potential to bridge the gap between code and comprehension in modern development workflows.

Android malware represents an evolving threat within the modern cybersecurity landscape due to the increasing importance of mobile systems in everyday life. Obfuscation and source code manipulations are systematically employed to bypass security measures and improve the effectiveness of attacks, especially to prevent detection or endanger the privacy of users. However, they represent only a portion of the evasive techniques that can be employed to make malicious software stealthier. In this work, we showcase a prime assessment of the joint use of steganography and repackaging techniques to hide information within Android APK resources. Specifically, we assess the capabilities of real-world antivirus aggregated by VirusTotal to identify payloads cloaked within audio and images of 20 popular Android applications. Our investigation demonstrated that repackaging steganographically modified assets is not always possible. Besides, our results revealed that common antivirus are not able to identify applications containing hidden data, thus highlighting the need for new Indicators of Compromise.

The capability to devise robust outlier and anomaly detection tools is an important research topic in machine learning and data mining. Recent techniques have been focusing on reinforcing detection with sophisticated data generation tools that successfully refine the learning process by generating variants of the data that expand the recognition capabilities of the outlier detector. In this paper, we propose ARN, a semi-supervised anomaly detection and generation method based on adversarial counterfactual reconstruction. ARN exploits a regularized autoencoder to optimize the reconstruction of variants of normal examples with minimal differences that are recognized as outliers. The combination of regularization and counterfactual reconstruction helps to stabilize the learning process, which results in both realistic outlier generation and substantially extended detection capability. In fact, the counterfactual generation enables a smart exploration of the search space by successfully relating small changes in all the actual samples from the true distribution to high anomaly scores. Experiments on several benchmark datasets show that our model improves the current state of the art by valuable margins because of its ability to model the true boundaries of the data manifold.

Containers offer lightweight execution environments for implementing microservices or cloud-native applications. Owing to their ubiquitous diffusion jointly with the complex interplay of hardware, computing, and network resources, effectively enforcing container security is a difficult task. Specifically, runtime detection of threats poses many challenges since container images are often immutable, and many malware deploys obfuscation or elusive mechanisms. Therefore, in this work, we propose a deep-learning-based approach for identifying the presence of two containers colluding to covertly leak secret information. In more detail, we consider a threat actor trying to exfiltrate a 4,096-bit private TLS key via five different covert channels. To decide whether containers are colluding for leaking data, the deep learning model is fed with statistical indicators of the syscalls, which are built starting from simple counters. Results indicate the effectiveness of our approach, even if some adjustments are needed to reduce the number of false positives.

In recent years, social media have become one of the main means to quickly spread information worldwide, but this rapid dissemination also brings significant risks of misinformation and fake news, which can cause widespread confusion, erode public trust, and contribute to social and political instability. This scenario is further exacerbated by the fact that fake news can span various topics across different domains, making it impracticable for a single moderator to manage the massive quantity of data. The use of Machine Learning, particularly language models, is rising as an effective solution to mitigate the risk of misinformation. However, a single model cannot fully capture the complexity and variety of the information it needs to process, often failing to classify examples from new domains. In this work, the aforementioned challenges are addressed by leveraging a novel hierarchical deep-ensemble framework. This framework aims to integrate various domains to offer enhanced predictions for new ones. Specifically, the approach involves learning a distinct model for each domain and refining them through domain-specific adaptation procedures. The predictions of these refined models are hence blended using a Mixture of Experts approach, which allows for selecting the most reliable for predicting the new examples. The proposed approach is fully cross-domain and does not necessitate retraining or fine-tuning when encountering new domains, thus streamlining the adaptation process and ensuring scalability across diverse data landscapes. Experiments conducted on 5 real datasets demonstrate the robustness and effectiveness of our proposal.

Steganography is used by threat actors to avoid detection or bypass blockages. Among the various approaches, hiding data within digital images is now the preferred offensive technique. Alas, developing attack-agnostic mitigation mechanisms is difficult, especially due to the tight relation between the images and the steganographic approach. Therefore, this paper takes advantage of autoencoders for sanitization, i.e., to disrupt the malicious information hidden in images without altering the visual quality. To this aim, we used an enhanced U-Net-like neural architecture. Results obtained with realistic threats showcased that our approach can effectively disrupt cloaked data and prevent the recovery of the payload while preserving the original image quality.

In industrial production systems, detecting malfunctions or unexpected behavior in devices early is crucial to avoid critical situations for both production plants and workers. In this context, we propose an unsupervised anomaly detection model that analyzes streaming data from IoT sensors installed on critical devices to identify abnormal behavior. Our model is based on a Siamese neural network, which embeds time series windows into a latent space, generating distance-based clusters representing normal behavior. We evaluate our model in a real case study focused on the predictive maintenance of elevators, where sensors measure lift oscillations during daily use. Experiments demonstrate that the model successfully isolates anomalous oscillations, correlating them with potential malfunctions and preventing possible faults.

Large Language Models (LLMs) are now a relevant part of the daily experience of many individuals. For instance, they can be used to generate text or to support working duties, such as programming tasks. However, LLMs can also lead to a multifaceted array of security issues. This paper discusses the research activity on LLMs carried out by the ICAR-IMATI group. Specifically, within the framework of three funded projects, it addresses our ideas on how to understand whether data has been generated by a human or a machine, track the use of information ingested by models, combat misinformation and disinformation, and boost cybersecurity via LLM-capable tools.

Modern IoT ecosystems are the preferred target of threat actors wanting to incorporate resource-constrained devices within a botnet or leak sensitive information. A major research effort is then devoted to create countermeasures for mitigating attacks, for instance, hardware-level verification mechanisms or effective network intrusion detection frameworks. Unfortunately, advanced malware is often endowed with the ability of cloaking communications within network traffic, e.g., to orchestrate compromised IoT nodes or exfiltrate data without being noticed. Therefore, this paper showcases how different autoencoder-based architectures can spot the presence of malicious communications hidden in conversations, especially in the TTL of IPv4 traffic. To conduct tests, this work considers IoT traffic traces gathered in a real setting and the presence of an attacker deploying two hiding schemes (i.e., naive and “elusive” approaches). Collected results showcase the effectiveness of our method as well as the feasibility of deploying autoencoders in production-quality IoT settings.

An increasing volume of malicious software exploits information hiding techniques to cloak additional attack stages or bypass frameworks enforcing security. This trend has intensified with the growing diffusion of mobile ecosystems, and many threat actors now conceal scripts or configuration data within high-resolution icons. Even if machine learning has proven to be effective in detecting various hidden payloads, modern mobile scenarios pose further challenges in terms of scalability and privacy. In fact, applications can be retrieved from multiple stores or directly from the Web or social media. Therefore, this paper introduces an approach based on federated learning to reveal information hidden in high-resolution icons bundled with mobile applications. Specifically, multiple nodes are used to mitigate the impact of different privacy regulations, the lack of comprehensive datasets, or the computational burden arising from distributed stores and unofficial repositories. Results collected through simulations indicate that our approach achieves performances similar to those of centralized blueprints. Moreover, federated learning demonstrated its effectiveness in coping with simple “obfuscation” schemes like Base64 encoding and zip compression used by attackers to avoid detection.

Recently, the number of attacks aiming at breaching networked and softwarized environments has been growing exponentially. In particular, information hiding methods and covert attacks have been proven to be able to elude traditional detection systems and exfiltrate sensitive data without producing visible network flows or data exchanges. In this context, Artificial Intelligence techniques can play a key role in detecting these new emerging attacks, owing to their capability of quickly processing huge amounts of data without the necessity of expert intervention. In this work, we discuss the main challenges to face covert attacks in IoT and softwarized environments and we describe some preliminary results obtained by adopting Deep Learning architectures.

Twitter, Facebook, and Instagram are just some examples of social media currently used by people to share news with other users worldwide. However, the information widespread through these channels is typically unverified and/or interpreted according to the user’s point of view. Accordingly, those means represent the perfect tool to hack user opinions with misleading or false news and make fake news viral. Identifying this malicious information is a crucial but challenging task since fake news can concern different topics. Indeed, the detection models learned against a specific domain will exhibit poor performances when tested on a different one. In this work, we propose a novel deep learning-based architecture able to mitigate this problem by yielding cross-domain high-level features for addressing this task. Preliminary experimentation conducted on two benchmarks demonstrated the validity of the proposed solution.

Currently, most multimedia users choose to purchase items through e-commerce. Nevertheless, one of the main concerns of online shopping is the possibility of obtaining counterfeit products. Therefore, it is crucial to monitor the authenticity of the product, thus adopting an automatic mechanism to validate the similarity between the purchased item and the delivered one. To overcome this issue, we propose a Siamese Network model for detecting forged items. Preliminary experimentation on a publicly available dataset proves the effectiveness of our solution.

Predictive maintenance plays a key role in the core business of the industry due to its potential in reducing unexpected machine downtime and related cost. To avoid such issues, it is crucial to devise artificial intelligence models that can effectively predict failures. Predictive maintenance current approaches have several limitations that can be overcome by exploiting hybrid approaches such as Neuro-Symbolic techniques. Neuro-symbolic models combine neural methods with symbolic ones leading to improvements in efficiency, robustness, and explainability. In this work, we propose to exploit hybrid approaches by investigating their advantage over classic predictive maintenance approaches.

In recent times, Machine Learning has played an important role in developing novel advanced tools for threat detection and mitigation. Intrusion Detection, Misinformation, Malware, and Fraud Detection are just some examples of cybersecurity fields in which Machine Learning techniques are used to reveal the presence of malicious behaviors. However, Out-of-Distribution, i.e., the potential distribution gap between training and test set, can heavily affect the performances of the traditional Machine Learning based methods. Indeed, they could fail in identifying out-of-samples as possible threats, therefore devising robust approaches to cope with this issue is a crucial and relevant challenge to mitigate the risk of undetected attacks. Moreover, a recent emerging line proposes to use generative models to yield synthetic likely examples to feed the learning algorithms. In this work, we first survey recent Machine Learning and Deep Learning based solutions to face both the problems, i.e., outlier detection and generation; then we illustrate the main cybersecurity application scenarios in which these approaches have been adopted successfully.

An increasing number of threat actors takes advantage of information hiding techniques to prevent detection or to drop payloads containing attack routines. With the ubiquitous diffusion of mobile appli- cations, high-resolution icons should be considered a very attractive carrier for cloaking malicious information via steganographic mechanisms. Despite machine learning approaches proven to be effective to detect hidden payloads, the mobile scenario could challenge their deployment in realistic use cases, for instance due to scalability constraints. Therefore, this paper introduces an approach based on federated learning able to prevent hazards characterizing production-quality scenarios, including different privacy regulations and lack of comprehensive datasets. Numerical results indicate that our approach achieves performances similar to those of centralized solutions.

Network covert channels are becoming exploited by a wide-range of threats to avoid detection. Such offensive schemes are expected to be also used against IoT deployments, for instance to exfiltrate data or to covertly orchestrate botnets composed of simple devices. Therefore, we illustrate a solution based on Deep Learning for the detection of covert channels targeting the TTL field of IPv4 datagrams. To this aim, we take advantage of an Autoencoder ensemble to reveal anomalous traffic behaviors. An experimentation on realistic traffic traces demonstrates the effectiveness of our approach.

We propose ARN, a semisupervised anomaly detection and generation method based on adversarial reconstruction. ARN exploits a regularized autoencoder to optimize the reconstruction of variants of normal examples with minimal differences, that are recognized as outliers. The combination of regularization and adversarial reconstruction helps to stabilize the learning process, which results in both realistic outlier generation and substantial detection capability. Experiments on several benchmark datasets show that our model improves the current state-of-the-art by valuable margins because of its ability to model the true boundaries of the data manifold.

We propose an unsupervised anomaly detection model that is able to identify abnormal behavior by analysing streaming data coming from IoT sensors installed on critical devices. The proposed model is based on a Siamese neural network which embeds time series windows in a latent space, thus generating distance-based clusters of normal behavior

We propose a novel convolution-based deep learning approach to the prediction of the next activity which relies on: (i) extracting high-level features (at dif- ferent levels of abstraction) through the computation of time-oriented dilated convolutions over traces, and (ii) exploiting residual-like con- nections to make the training of the predictive model more robust and faster.

We propose an Ensemble Deep Learning approach to detect deviant behaviors on Blockchain where the base learner, an encoder-decoder model, is strengthened by iteratively learning and aggregating multiple instances, to compute an outlier score for each observation.

We define an anomaly detection system based on a encoder-decoder deep learning model, that is trained exploiting aggregate information extracted by monitoring blockchain activities.