[CyCon17] Scalable Architecture for Online Prioritisation of Cyber Threats
Conference Pierazzi, F., Apruzzese, G., Colajanni, M., Guido, A., & Marchetti, M., IEEE International Conference on Cyber Conflict, 2017
Oneliner: My very first paper!
Posts by Collection
publications
[NCA17] Identifying Malicious Hosts Involved in Periodic Communications
Conference Apruzzese, G., Marchetti, M., Colajanni, M., Zoccoli, G. G., & Guido, A., IEEE International Symposium on Network Computing and Applications, 2017
Oneliner: Use one to find many (apparently, this paper has been integrated into a real SIEM product!)
[TETC17] Detection and Threat Prioritization of Pivoting Attacks in Large Networks
Journal Apruzzese, G., Pierazzi, F., Colajanni, M., & Marchetti, M., IEEE Transactions on Emerging Topics in Computing, 2017
Oneliner: How to detect lateral movement (through pivoting) using Network Flows.
[CyCon18] On the Effectiveness of Machine and Deep Learning for Cyber Security
Conference Apruzzese, G., Marchetti, M., Colajanni, M., Zoccoli, G. G., IEEE International Conference on Cyber Conflict, 2018
Oneliner: The right paper, at the right time, in the right place?
[NCA18] Evading Botnet Detectors Based on Flows and Random Forest with Adversarial Samples
Conference Apruzzese, G., & Colajanni, M., IEEE International Symposium on Network Computing and Applications [BEST STUDENT PAPER AWARD], 2018
Oneliner: The first paper using adversarial examples against Botnet Detectors (yes, the title has a typo).
[CyCon19] Addressing Adversarial Attacks Against Security Systems based on Machine Learning
Conference Apruzzese, G., Colajanni, M., Ferretti, L., & Marchetti, M., International Conference on Cyber Conflict, 2019
Oneliner: This is not just a review! We also propose an original defense against Poisoning!
[NCA19] Evaluating the effectiveness of Adversarial Attacks against Botnet Detectors
Conference Apruzzese, G., Colajanni, M., & Marchetti, M., IEEE International Symposium on Network Computing and Applications [BEST STUDENT PAPER AWARD], 2019
Oneliner: Previously, in [NCA18], we evaded 1 classifier on 1 dataset. Now, we evade 12 classifiers on 4 datasets!
[Sym20] AppCon: Mitigating Evasion Attacks to ML Cyber Detectors
Journal Apruzzese, G., Andreolini, M., Marchetti, M., Colacino, V. G., & Russo, G., Symmetry, 2020
Oneliner: Ensembling ensembles: each detector focuses on a specific attack against a specific network application!
[TETCI20] Hardening Random Forest Cyber Detectors against Adversarial Attacks
Journal Apruzzese, G., Andreolini, M., Colajanni, M., & Marchetti, M., IEEE Transactions on Emerging Topics in Computational Intelligence, 2020
Oneliner: Applying Defensive Distillation to Random Forest!
[TNSM20] Deep Reinforcement Adversarial Learning Against Botnet Evasion Attacks
Journal Apruzzese, G., Andreolini, M., Marchetti, M., Venturi, A., & Colajanni, M., IEEE Transactions on Network and Service Management, 2020
Oneliner: Offense is the best Defense! At little-to-no performance degradation.
[DiB20] DReLAB - Deep REinforcement Learning Adversarial Botnet: A benchmark dataset for adversarial attacks against botnet Intrusion Detection Systems
Journal Venturi, A., Apruzzese, G., Andreolini, M., Colajanni, M., & Marchetti, M., Data in Brief, 2021
Oneliner: Dataset, code snippet and tutorial for [TNSM20].
[IM21] Towards an Efficient Detection of Pivoting Activity
Workshop Husák, M., Apruzzese, G., Yang, S. J., & Werner, G., IFIP/IEEE International Symposium on Integrated Network Management, 2021
Oneliner: Uh-oh! It appears that detecting pivoting on external traffic is unfeasible!
[DTRAP21] Modeling Realistic Adversarial Attacks against Network Intrusion Detection Systems
Journal Apruzzese, G., Andreolini, M., Ferretti, L., Marchetti, M., & Colajanni, M., ACM Digital Threats: Research and Practice, 2021
Oneliner: Using adversarial examples against ML-NIDS is not a feasible strategy.
[ARES21] On the Evaluation of Sequential Machine Learning for Network Intrusion Detection
Conference Corsini, A., Yang, S. J., & Apruzzese, G., International Conference on Availability, Reliability and Security, 2021
Oneliner: Are temporal patterns useful for ML-NIDS? Let's test this out with a fair comparison between LSTM and traditional FNN.
[TNSM22a] The Cross-evaluation of Machine Learning-based Network Intrusion Detection Systems
Journal Apruzzese, G., Pajola, L., & Conti, M., IEEE Transactions on Network and Service Management, 2022
Oneliner: Let's mix 'n match those datasets!
[DLS22] Concept-based Adversarial Attacks: Tricking Humans and Classifiers Alike
Workshop Schneider, J., & Apruzzese, G., IEEE Symposium on Security and Privacy – Deep Learning and Security Workshop, 2022
Oneliner: What's the point of minimal perturbations if we want to fool humans?
[DTRAP22] The Role of Machine Learning in Cybersecurity
Journal Apruzzese, G., Laskov, P., de Oca, E. M., Mallouli, W., Rapa, L. B., Grammatopoulos, A. V., & Franco, F. D., ACM Digital Threats: Research and Practice, 2022
Oneliner: Explaining ML & Cybersecurity in a notation-free way -- a joint effort involving Researchers, Practitioners and Regulatory Bodies.
[EuroSP22] SoK: The Impact of Unlabelled Data in Cyberthreat Detection
Conference Apruzzese, G., Laskov, P., & Tastemirova, A., IEEE European Symposium on Security and Privacy [OUTSTANDING PRESENTATION AWARD], 2022
Oneliner: How to properly evaluate semisupervised learning methods.
[TNSM22b] Wild Networks: Exposure of 5G Network Infrastructures to Adversarial Examples
Journal Apruzzese, G., Vladimirov, R., Tastemirova, A., & Laskov, P., IEEE Transactions on Network and Service Management, 2022
Oneliner: Introducing the "myopic" threat model for adversarial ML attacks.
[TDSC22] Mitigating Adversarial Gray-Box Attacks against Phishing Detectors
Journal Apruzzese, G., & Subrahmanian, V.S., IEEE Transactions on Dependable and Secure Computing, 2022
Oneliner: A new phishing dataset, and a new defensive mechanism based on feature randomization.
[ACSAC22] SpacePhish: The Evasion-space of Adversarial Attacks against Phishing Website Detectors using Machine Learning
Conference Apruzzese, G., Conti, M., & Yuan, Y., Annual Computer Security Applications Conference, 2022
Oneliner: Revisiting adversarial attacks against phishing website detectors—even real ones. (Artifact: Reusable)
[ICSS22] Cybersecurity in the Smart Grid: Practitioners` Perspective
Workshop Meyer, J. & Apruzzese, G., Industrial Control System Security Workshop (co-located with ACSAC), 2022
Oneliner: Elucidating the disconnection between Research and Practice.
[SaTML23] Real Attackers Don`t Compute Gradients: Bridging the Gap Between Adversarial ML Research and Practice
Conference Apruzzese, G., Anderson, H. S., Dambra, S., Freeman, D., Pierazzi, F., & Roundy, K. A., IEEE Conference on Secure and Trustworthy Machine Learning, 2023
Oneliner: Let's change the domain of adversarial ML. For real.
[CODASPY23] Attribute Inference Attacks in Online Multiplayer Video Games: a Case Study on Dota2
Conference Tricomi, P. P., Facciolo, L., Apruzzese, G., & Conti, M., ACM Conference on Data and Application Security and Privacy, 2023
Oneliner: We discovered a privacy issue affecting millions of video gamers!
talks
Evading Botnet Detectors based on Flows and Random Forest with Adversarial Samples
Published:My first conference presentation!
Cybersecurity & Machine Learning
Published:I briefly presented my research to the other lab members of DSAIL!
Big Data Security Analytics
Published:The beginning of my future…
Evaluating the Effectiveness of Adversarial Attacks against Botnet Detectors
Published:After not even two months, I am back to Boston…
ASGARD Hackatons
Published:An intriguing research project I participated in during my PhD.
Big Data Security Analytics: Opportunities and Issues
Published:Data Analytics and Cybersecurity for dummies.
Cybersecurity: Machine Learning and Industry 5.0
Published:I was the Moderator between Academia and Industry!
Adversarial Attacks against ML Agents
Published:Addressing the resilience of AICA against adversarial ML attacks.
Exposure of 5G Network Infrastructures to Adversarial Examples
Published:Anticipation of the [TNSM22b] paper at Huawei!
The relationship between Machine Learning & Cybersecurity
Published:Teaching some MSc. students the link between ML and Cybersecurity
Some Pragmatic Relationships between Machine Learning & Cybersecurity
Published:Anticipation of [DLS22] and [EuroSP22] @ TU Delft!
Concept-based Adversarial Attacks: Tricking Humans and Classifiers Alike
Published:The only presentation done physically at [DLS22]!
SoK: The Impact of Unlabelled Data in Cyberthreat Detection
Published:Once upon a time…
So good that it is bad. On the (re)use of Datasets in Machine Learning Security
Published:A very negative (informal) talk!
Cybersecurity and Machine Learning: Facts and Myths
Published:Going back (close) to my origin!
Doing Practical Research on Machine Learning & Cybersecurity
Published:Revealing some overlooked aspects of ML & Cybersecurity research
Cybersecurity in the Smart Grid: Practitioners` Perspective
Published:These findings are thanks to an excellent BSc. student.
SpacePhish: The Evasion-space of Adversarial Attacks against Phishing Website Detectors using Machine Learning
Published:A joint effort with UniPD, casting light on some overlooked aspects of adversarial ML in the context of phishing website detection.
Real Attackers Don`t Compute Gradients: Bridging the Gap Between Adversarial ML Research and Practice
Published:Besides the content of the paper, the talk has a meta-message.