2 code implementations • 19 Jun 2024 • Christian Scano, Giuseppe Floris, Biagio Montaruli, Luca Demetrio, Andrea Valenza, Luca Compagna, Davide Ariu, Luca Piras, Davide Balzarotti, Battista Biggio
However, we argue that this strategy is largely ineffective against web attacks, as detection is only based on heuristics and not customized on the application to protect.
no code implementations • 14 Jun 2024 • Zhang Chen, Luca Demetrio, Srishti Gupta, Xiaoyi Feng, Zhaoqiang Xia, Antonio Emanuele Cinà, Maura Pintor, Luca Oneto, Ambra Demontis, Battista Biggio, Fabio Roli
Relevant literature has claimed contradictory remarks in support of and against the robustness of over-parameterized networks.
no code implementations • 23 May 2024 • Andrea Ponte, Dmitrijs Trizna, Luca Demetrio, Battista Biggio, Ivan Tesfai Ogbu, Fabio Roli
As a result of decades of research, Windows malware detection is approached through a plethora of techniques.
no code implementations • 23 May 2024 • Marco Rando, Luca Demetrio, Lorenzo Rosasco, Fabio Roli
Machine learning malware detectors are vulnerable to adversarial EXEmples, i. e. carefully-crafted Windows programs tailored to evade detection.
no code implementations • 1 May 2024 • Daniel Gibert, Luca Demetrio, Giulio Zizzo, Quan Le, Jordi Planes, Battista Biggio
As a consequence, the injected content is confined to an integer number of chunks without tampering the other chunks containing the real bytes of the input examples, allowing us to extend our certified robustness guarantees to content insertion attacks.
no code implementations • 30 Apr 2024 • Antonio Emanuele Cinà, Jérôme Rony, Maura Pintor, Luca Demetrio, Ambra Demontis, Battista Biggio, Ismail Ben Ayed, Fabio Roli
While novel attacks are continuously proposed, each is shown to outperform its predecessors using different experimental setups, hyperparameter settings, and number of forward and backward calls to the target models.
no code implementations • 28 Feb 2024 • Dmitrijs Trizna, Luca Demetrio, Battista Biggio, Fabio Roli
The living-off-the-land (LOTL) offensive methodologies rely on the perpetration of malicious actions through chains of commands executed by legitimate applications, identifiable exclusively by analysis of system logs.
no code implementations • 27 Feb 2024 • Daniele Angioni, Luca Demetrio, Maura Pintor, Luca Oneto, Davide Anguita, Battista Biggio, Fabio Roli
In this work, we show that this problem also affects robustness to adversarial examples, thereby hindering the development of secure model update practices.
1 code implementation • 4 Oct 2023 • Biagio Montaruli, Luca Demetrio, Maura Pintor, Luca Compagna, Davide Balzarotti, Battista Biggio
Machine-learning phishing webpage detectors (ML-PWD) have been shown to suffer from adversarial manipulations of the HTML code of the input webpage.
1 code implementation • 19 Sep 2023 • Dmitrijs Trizna, Luca Demetrio, Battista Biggio, Fabio Roli
Dynamic analysis enables detecting Windows malware by executing programs in a controlled environment, and storing their actions in log reports.
no code implementations • 13 Sep 2023 • Yang Zheng, Luca Demetrio, Antonio Emanuele Cinà, Xiaoyi Feng, Zhaoqiang Xia, Xiaoyue Jiang, Ambra Demontis, Battista Biggio, Fabio Roli
We empirically show that this defense improves the performances of RGB-D systems against adversarial examples even when they are computed ad-hoc to circumvent this detection mechanism, and that is also more effective than adversarial training.
no code implementations • 9 Aug 2023 • Biagio Montaruli, Luca Demetrio, Andrea Valenza, Luca Compagna, Davide Ariu, Luca Piras, Davide Balzarotti, Battista Biggio
To overcome these issues, we design a robust machine learning model, named AdvModSec, which uses the CRS rules as input features, and it is trained to detect adversarial SQLi attacks.
no code implementations • 12 Dec 2022 • Ambra Demontis, Maura Pintor, Luca Demetrio, Kathrin Grosse, Hsiao-Ying Lin, Chengfang Fang, Battista Biggio, Fabio Roli
Reinforcement learning allows machines to learn from their own experience.
no code implementations • 10 Aug 2022 • Giorgio Piras, Maura Pintor, Luca Demetrio, Battista Biggio
One of the most common causes of lack of continuity of online systems stems from a widely popular Cyber Attack known as Distributed Denial of Service (DDoS), in which a network of infected devices (botnet) gets exploited to flood the computational capacity of services through the commands of an attacker.
no code implementations • 12 Jul 2022 • Luca Demetrio, Battista Biggio, Fabio Roli
While machine learning is vulnerable to adversarial examples, it still lacks systematic procedures and tools for evaluating its security in different application contexts.
1 code implementation • 26 May 2022 • Avishag Shapira, Alon Zolfi, Luca Demetrio, Battista Biggio, Asaf Shabtai
Adversarial attacks against deep learning-based object detectors have been studied extensively in the past few years.
1 code implementation • 7 Mar 2022 • Maura Pintor, Daniele Angioni, Angelo Sotgiu, Luca Demetrio, Ambra Demontis, Battista Biggio, Fabio Roli
We showcase the usefulness of this dataset by testing the effectiveness of the computed patches against 127 models.
no code implementations • ICML Workshop AML 2021 • Luca Demetrio, Battista Biggio, Giovanni Lagorio, Alessandro Armando, Fabio Roli
Windows malware classifiers that rely on static analysis have been proven vulnerable to adversarial EXEmples, i. e., malware samples carefully manipulated to evade detection.
2 code implementations • ICML Workshop AML 2021 • Maura Pintor, Luca Demetrio, Angelo Sotgiu, Ambra Demontis, Nicholas Carlini, Battista Biggio, Fabio Roli
Evaluating robustness of machine-learning models to adversarial examples is a challenging problem.
2 code implementations • 17 Aug 2020 • Luca Demetrio, Scott E. Coull, Battista Biggio, Giovanni Lagorio, Alessandro Armando, Fabio Roli
Recent work has shown that adversarial Windows malware samples - referred to as adversarial EXEmples in this paper - can bypass machine learning-based detection relying on static code analysis by perturbing relatively few input bytes.
2 code implementations • 30 Mar 2020 • Luca Demetrio, Battista Biggio, Giovanni Lagorio, Fabio Roli, Alessandro Armando
Windows malware detectors based on machine learning are vulnerable to adversarial examples, even if the attacker is only given black-box query access to the model.
Cryptography and Security
2 code implementations • 20 Dec 2019 • Maura Pintor, Luca Demetrio, Angelo Sotgiu, Marco Melis, Ambra Demontis, Battista Biggio
We present \texttt{secml}, an open-source Python library for secure and explainable machine learning.
2 code implementations • 11 Jan 2019 • Luca Demetrio, Battista Biggio, Giovanni Lagorio, Fabio Roli, Alessandro Armando
Based on this finding, we propose a novel attack algorithm that generates adversarial malware binaries by only changing few tens of bytes in the file header.
Cryptography and Security