Stefano Zanero

Author’s Email
Author’s Website

LinkedIn
Twitter

Applied Filters

Stefano Zanero
AuthorRemove filter

Clear all

People

Colleagues

Federico Maggi (30)
Michele Carminati (22)
Mario Polino (18)
Andrea Continella (8)
Christopher Kruegel (5)
Marcello Pogliani (5)
Stefano Longari (5)
Davide Quarta (4)
Giovanni Vigna (4)
Tommaso Paladini (4)
Alessandro Frossi (3)
Angelos Dennis Keromytis (3)
Guido Salvaneschi (3)
Iasonas Polakis (3)
Mario D’Onghia (3)
Andrea Lanzi (2)
Giuliano Casale (2)
Matteo Matteucci (2)
Sotiris Ioannidis (2)

Publication

Journal/Magazine Names

Computers and Security (5)
ACM Transactions on Privacy and Security (2)
IEEE Security and Privacy (2)
ACM SIGOPS Operating Systems Review (1)
Communications of the ACM (1)
Computer (1)
IEEE Transactions on Dependable and Secure Computing (1)
IEEE Transactions on Emerging Topics in Computing (1)
Information Fusion (1)
Journal of Computer Security (1)
Procedia Computer Science (1)

Proceedings/Book Names

Cyber Security, Cryptology, and Machine Learning (3)
ACSAC '12: Proceedings of the 28th Annual Computer Security Applications Conference (2)
ACSAC '20: Proceedings of the 36th Annual Computer Security Applications Conference (2)
CPS-SPC'19: Proceedings of the ACM Workshop on Cyber-Physical Systems Security & Privacy (2)
ACSAC '13: Proceedings of the 29th Annual Computer Security Applications Conference (1)
ACSAC '15: Proceedings of the 31st Annual Computer Security Applications Conference (1)
Advances in Information and Computer Security (1)
BADGERS '11: Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (1)
CCS '11: Proceedings of the 18th ACM conference on Computer and communications security (1)
CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (1)
CODASPY '15: Proceedings of the 5th ACM Conference on Data and Application Security and Privacy (1)
CSIIRW '08: Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead (1)
Detection of Intrusions and Malware, and Vulnerability Assessment (1)
Detection of Intrusions and Malware, and Vulnerability Assessment (1)
EUROSEC '08: Proceedings of the 1st European Workshop on System Security (1)
Machine Learning and Knowledge Discovery in Databases: Applied Data Science and Demo Track (1)
SPSM '13: Proceedings of the Third ACM workshop on Security and privacy in smartphones & mobile devices (1)
VizSec '11: Proceedings of the 8th International Symposium on Visualization for Cyber Security (1)
WWW '13: Proceedings of the 22nd international conference on World Wide Web (1)
WWW '14: Proceedings of the 23rd international conference on World wide web (1)

All Publications

Proceedings (55)
Other periodicals (13)
Journals (2)
Books (1)
Magazines (1)
Newsletters (1)

Content Type

Research Article (39)
Poster (2)
Column (1)
Short Paper (1)
Tutorial (1)

Media Formats

PDF (34)
Image (7)
HTML (6)
Video (2)
Fulltext (1)

Publisher

Association for Computing Machinery (33)
Springer-Verlag (16)
IEEE Computer Society (9)
Elsevier Advanced Technology Publications (5)
Elsevier Science Publishers B. V. (2)
IEEE Computer Society Press (2)
IEEE Educational Activities Department (2)
BCS Learning & Development Ltd (1)
IEEE Press (1)
IOS Press (1)
Springer Publishing Company, Incorporated (1)

Publication Date

Upon changing this filter the page will automatically refresh

Past 5 years
Past 2 years
Past year

Export Citations

Select Citation format

Please download or close your previous search result export first before starting a new bulk export.
Preview is not available.
By clicking download,a status dialog will open to start the export process. The process may takea few minutes but once it finishes a file will be downloadable from your browser. You may continue to browse the DL while the export process is in progress.
Download
- Download citation
- Copy citation

Publications

73 Results for: Author: Stefano ZaneroEdit SearchSave SearchFailed to save your search, try again laterSearch has been saved (My Saved Searches)

Save this search

Please login to be able to save your searches and receive alerts for new content matching your search criteria.

Searched The ACM Guide to Computing Literature (3,834,857 records)|Limit your search to The ACM Full-Text Collection (773,110 records)

Results

Showing 1 - 20of73 Results

Filters

Select All

Export Citations Save to Binder

Save to Binder

Create a New Binder

Name

per page:

Sort by: Latest

Recency
Earliest
Most Downloaded
Most Cited

research-article
Open Access
Published By ACM
Published By ACM
You Might Have Known It Earlier: Analyzing the Role of Underground Forums in Threat Intelligence
- Tommaso Paladini
  Politecnico di Milano, Italy
  ,
- Lara Ferro
  Politecnico di Milano, Italy
  ,
- Mario Polino
  Politecnico di Milano, Italy
  ,
- Stefano Zanero
  Politecnico di Milano, Italy
  ,
- Michele Carminati
  Politecnico di Milano, Italy
RAID '24: Proceedings of the 27th International Symposium on Research in Attacks, Intrusions and Defenses•September 2024, pp 368-383• https://doi.org/10.1145/3678890.3678930

This paper analyzes 88 million hacker forum posts of a publicly available dataset and 75,000 online articles over a 20-year timespan, studying the potential of hacker forums as a proactive Cyber Threat Intelligence (CTI) source. Using a custom Natural ...
0Citation
327
Downloads
Metrics
Total Citations0
Total Downloads327
Last 12 Months327
Last 6 weeks108
Export Citations
Save to Binder
View online with eReader
PDF
Article
Tarallo: Evading Behavioral Malware Detectors in the Problem Space
- Gabriele Digregorio
  https://ror.org/01nffqt88Politecnico di Milano, Milan, Italy
  ,
- Salvatore Maccarrone
  https://ror.org/01nffqt88Politecnico di Milano, Milan, Italy
  ,
- Mario D’Onghia
  https://ror.org/01nffqt88Politecnico di Milano, Milan, Italy
  ,
- Luigi Gallo
  Cybersecurity Lab, TIM S.p.A., Turin, Italy
  ,
- Michele Carminati
  https://ror.org/01nffqt88Politecnico di Milano, Milan, Italy
  ,
- Mario Polino
  https://ror.org/01nffqt88Politecnico di Milano, Milan, Italy
  ,
- Stefano Zanero
  https://ror.org/01nffqt88Politecnico di Milano, Milan, Italy
Detection of Intrusions and Malware, and Vulnerability Assessment•July 2024, pp 128-149• https://doi.org/10.1007/978-3-031-64171-8_7
Abstract
Machine learning algorithms can effectively classify malware through dynamic behavior but are susceptible to adversarial attacks. Existing attacks, however, often fail to find an effective solution in both the feature and problem spaces. This ...
0Citation
Metrics
Total Citations0
Export Citations
Save to Binder
research-article
Open Access
Published By ACM
Published By ACM
Lookin' Out My Backdoor! Investigating Backdooring Attacks Against DL-driven Malware Detectors
- Mario D'Onghia
  Politecnico di Milano, Milan, Italy
  ,
- Federico Di Cesare
  Politecnico di Milano, Milan, Italy
  ,
- Luigi Gallo
  TIM S.p.A., Turin, Italy
  ,
- Michele Carminati
  Politecnico di Milano, Milan, Italy
  ,
- Mario Polino
  Politecnico di Milano, Milan, Italy
  ,
- Stefano Zanero
  Politecnico di Milano, Milan, Italy
AISec '23: Proceedings of the 16th ACM Workshop on Artificial Intelligence and Security•November 2023, pp 209-220• https://doi.org/10.1145/3605764.3623919

Given their generalization capabilities,deep learning algorithms may represent a powerful weapon in the arsenal of antivirus developers. Nevertheless, recent works in different domains (e.g., computer vision) have shown that such algorithms are ...
2Citation
593
Downloads
Metrics
Total Citations2
Total Downloads593
Last 12 Months542
Last 6 weeks51
1
Supplementary Material
aisec104-video.mp4
Export Citations
Save to Binder
View online with eReader
PDF
research-article
Open Access
Published By ACM
Published By ACM
Fraud Detection under Siege: Practical Poisoning Attacks and Defense Strategies
- Tommaso Paladini
  Dipartimento di Elettronica, Informazione e Bioingegneria (DEIB), Politecnico di Milano, Italy
  ,
- Francesco Monti
  Dipartimento di Elettronica, Informazione e Bioingegneria (DEIB), Politecnico di Milano, Italy
  ,
- Mario Polino
  Dipartimento di Elettronica, Informazione e Bioingegneria (DEIB), Politecnico di Milano, Italy
  ,
- Michele Carminati
  Dipartimento di Elettronica, Informazione e Bioingegneria (DEIB), Politecnico di Milano, Italy
  ,
- Stefano Zanero
  Dipartimento di Elettronica, Informazione e Bioingegneria (DEIB), Politecnico di Milano, Italy
ACM Transactions on Privacy and Security, Volume 26, Issue 4•November 2023, Article No.: 45, pp 1-35 • https://doi.org/10.1145/3613244
Machine learning (ML) models are vulnerable to adversarial machine learning (AML) attacks. Unlike other contexts, the fraud detection domain is characterized by inherent challenges that make conventional approaches hardly applicable. In this article, we ...
0Citation
2,029
Downloads
Metrics
Total Citations0
Total Downloads2,029
Last 12 Months1,339
Last 6 weeks125
Export Citations
Save to Binder
View online with eReader
PDF
Article
Advancing Fraud Detection Systems Through Online Learning
- Tommaso Paladini
  https://ror.org/01nffqt88DEIB, Politecnico di Milano, Milan, Italy
  ,
- Martino Bernasconi de Luca
  https://ror.org/01nffqt88DEIB, Politecnico di Milano, Milan, Italy
  ,
- Michele Carminati
  https://ror.org/01nffqt88DEIB, Politecnico di Milano, Milan, Italy
  ,
- Mario Polino
  https://ror.org/01nffqt88DEIB, Politecnico di Milano, Milan, Italy
  ,
- Francesco Trovò
  https://ror.org/01nffqt88DEIB, Politecnico di Milano, Milan, Italy
  ,
- Stefano Zanero
  https://ror.org/01nffqt88DEIB, Politecnico di Milano, Milan, Italy
Machine Learning and Knowledge Discovery in Databases: Applied Data Science and Demo Track•September 2023, pp 275-292• https://doi.org/10.1007/978-3-031-43427-3_17
Abstract
The rapid increase in digital transactions has led to a consequential surge in financial fraud, requiring an automatic way of defending effectively from such a threat. The past few years experienced a rise in the design and use by financial ...
0Citation
Metrics
Total Citations0
Export Citations
Save to Binder
research-article
BINO: Automatic recognition of inline binary functions from template classes
- Lorenzo Binosi
  Politecnico di Milano - Department of Electronics, Information and Bioengineering, Via Giuseppe Ponzio, 34, Milan, 20133, Italy, Italy
  ,
- Mario Polino
  Politecnico di Milano - Department of Electronics, Information and Bioengineering, Via Giuseppe Ponzio, 34, Milan, 20133, Italy, Italy
  ,
- Michele Carminati
  Politecnico di Milano - Department of Electronics, Information and Bioengineering, Via Giuseppe Ponzio, 34, Milan, 20133, Italy, Italy
  ,
- Stefano Zanero
  Politecnico di Milano - Department of Electronics, Information and Bioengineering, Via Giuseppe Ponzio, 34, Milan, 20133, Italy, Italy
Computers and Security, Volume 132, Issue C•Sep 2023 • https://doi.org/10.1016/j.cose.2023.103312
Highlights

Reverse engineering is a complex process essential to vulnerability detection.
Compiler optimizations such as inlining make the task of reverse engineering significantly harder.
Functions from library template classes, such as the ...
Abstract
In this paper, we propose BINO, a static analysis approach that relieves reverse engineers from the challenging task of recognizing library functions that have been inlined. BINO recognizes inline calls of methods of C++ template classes (even ...
0Citation
Metrics
Total Citations0
Export Citations
Save to Binder
research-article
Open Access
Published By ACM
Published By ACM
DJM-CYBER: A Joint Master in Advanced Cybersecurity
- Yianna Danidou
  Department of Computer Science and Engineering, European University Cyprus, Cyprus
  ,
- Sara Ricci
  Brno University of Technology, Czech Republic
  ,
- Antonio Skarmeta
  Universidad de Murcia, Spain
  ,
- Jiri Hosek
  Brno University of Technology, Czech Republic
  ,
- Stefano Zanero
  Politecnico di Milano, Italy
  ,
- Imre Lendak
  Faculty of Informatics, Eötvös Loránd University, Hungary and Faculty of Technical Sciences, University of Novi Sad, Serbia
ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and Security•August 2023, Article No.: 65, pp 1-10• https://doi.org/10.1145/3600160.3605002

Various publicly available studies show that millions of cybersecurity experts are missing worldwide. One possible way to tackle the workforce gap is with tailored higher education programmes. The goal of this paper is to present the relevant projects ...
1Citation
325
Downloads
Metrics
Total Citations1
Total Downloads325
Last 12 Months255
Last 6 weeks40
Export Citations
Save to Binder
View online with eReader
PDF
Article
The Good, the Bad, and the Binary: An LSTM-Based Method for Section Boundary Detection in Firmware Analysis
- Riccardo Remigio
  Politecnico di Milano, Milan, Italy
  ,
- Alessandro Bertani
  Politecnico di Milano, Milan, Italy
  ,
- Mario Polino
  Politecnico di Milano, Milan, Italy
  ,
- Michele Carminati
  Politecnico di Milano, Milan, Italy
  ,
- Stefano Zanero
  Politecnico di Milano, Milan, Italy
Advances in Information and Computer Security•August 2023, pp 16-35• https://doi.org/10.1007/978-3-031-41326-1_2
Abstract
Static analysis tools need information about the ISA and the boundaries of the code and data sections of the binary they analyze. This information is often not readily available in embedded systems firmware, often provided only in a non-standard ...
0Citation
Metrics
Total Citations0
Export Citations
Save to Binder
column
free
Published By ACM
Published By ACM
Coming of Age
- Stefano Zanero
  NECST Laboratory, Politecnico di Milano, Milan, Italy
Communications of the ACM, Volume 66, Issue 9•September 2023, pp 21-23 • https://doi.org/10.1145/3608965

Stressing the importance of threat models.
0Citation
658
Downloads
Metrics
Total Citations0
Total Downloads658
Last 12 Months476
Last 6 weeks120
Export Citations
Save to Binder
More
View online with eReader
Digital Edition
PDF
Article
Untangle: Aiding Global Function Pointer Hijacking for Post-CET Binary Exploitation
- Alessandro Bertani
  Politecnico di Milano, Milan, Italy
  ,
- Marco Bonelli
  Politecnico di Milano, Milan, Italy
  ,
- Lorenzo Binosi
  Politecnico di Milano, Milan, Italy
  ,
- Michele Carminati
  Politecnico di Milano, Milan, Italy
  ,
- Stefano Zanero
  Politecnico di Milano, Milan, Italy
  ,
- Mario Polino
  Politecnico di Milano, Milan, Italy
Detection of Intrusions and Malware, and Vulnerability Assessment•July 2023, pp 256-275• https://doi.org/10.1007/978-3-031-35504-2_13
Abstract
In this paper, we combine static code analysis and symbolic execution to bypass Intel’s Control-Flow Enforcement Technology (CET) by exploiting function pointer hijacking. We present Untangle, an open-source tool that implements and automates the ...
0Citation
Metrics
Total Citations0
Export Citations
Save to Binder
Article
Evaluating the Robustness of Automotive Intrusion Detection Systems Against Evasion Attacks
- Stefano Longari
  Politecnico di Milano, Milan, Italy
  ,
- Francesco Noseda
  Politecnico di Milano, Milan, Italy
  ,
- Michele Carminati
  Politecnico di Milano, Milan, Italy
  ,
- Stefano Zanero
  Politecnico di Milano, Milan, Italy
Cyber Security, Cryptology, and Machine Learning•June 2023, pp 337-352• https://doi.org/10.1007/978-3-031-34671-2_24
Abstract
This paper discusses the robustness of machine learning-based intrusion detection systems (IDSs) used in the Controller Area Networks context against adversarial samples, inputs crafted to deceive the system. We design a novel methodology to ...
0Citation
Metrics
Total Citations0
Export Citations
Save to Binder
Article
HAMLET: A Transformer Based Approach for Money Laundering Detection
- Maria Paola Tatulli
  DEIB, Politecnico di Milano, Milan, Italy
  ,
- Tommaso Paladini
  DEIB, Politecnico di Milano, Milan, Italy
  ,
- Mario D’Onghia
  DEIB, Politecnico di Milano, Milan, Italy
  ,
- Michele Carminati
  DEIB, Politecnico di Milano, Milan, Italy
  ,
- Stefano Zanero
  DEIB, Politecnico di Milano, Milan, Italy
Cyber Security, Cryptology, and Machine Learning•June 2023, pp 234-250• https://doi.org/10.1007/978-3-031-34671-2_17
Abstract
Money laundering has damaging economic, security, and social consequences, fueling criminal activities like terrorism, human and drug trafficking. Recent technological advancements have increased the complexity of laundering operations, prompting ...
2Citation
Metrics
Total Citations2
Export Citations
Save to Binder
Article
CANdito: Improving Payload-Based Detection of Attacks on Controller Area Networks
- Stefano Longari
  Politecnico di Milano, Milan, Italy
  ,
- Carlo Alberto Pozzoli
  Politecnico di Milano, Milan, Italy
  ,
- Alessandro Nichelini
  Politecnico di Milano, Milan, Italy
  ,
- Michele Carminati
  Politecnico di Milano, Milan, Italy
  ,
- Stefano Zanero
  Politecnico di Milano, Milan, Italy
Cyber Security, Cryptology, and Machine Learning•June 2023, pp 135-150• https://doi.org/10.1007/978-3-031-34671-2_10
Abstract
Over the years, the increasingly complex and interconnected vehicles raised the need for effective and efficient Intrusion Detection Systems against on-board networks. In light of the stringent domain requirements and the heterogeneity of ...
1Citation
Metrics
Total Citations1
Export Citations
Save to Binder
research-article
CANova: A hybrid intrusion detection framework based on automatic signal classification for CAN
- Alessandro Nichelini
  Politecnico di Milano - Dipartimento di Elettronica, Informazione e Bioingegneria, Via Ponzio 34/5, Milan, 20133, Italy
  ,
- Carlo Alberto Pozzoli
  Politecnico di Milano - Dipartimento di Elettronica, Informazione e Bioingegneria, Via Ponzio 34/5, Milan, 20133, Italy
  ,
- Stefano Longari
  Politecnico di Milano - Dipartimento di Elettronica, Informazione e Bioingegneria, Via Ponzio 34/5, Milan, 20133, Italy
  ,
- Michele Carminati
  Politecnico di Milano - Dipartimento di Elettronica, Informazione e Bioingegneria, Via Ponzio 34/5, Milan, 20133, Italy
  ,
- Stefano Zanero
  Politecnico di Milano - Dipartimento di Elettronica, Informazione e Bioingegneria, Via Ponzio 34/5, Milan, 20133, Italy
Computers and Security, Volume 128, Issue C•May 2023 • https://doi.org/10.1016/j.cose.2023.103166
Abstract
Over the years, vehicles have become increasingly complex and an attractive target for malicious adversaries. This raised the need for effective and efficient Intrusion Detection Systemss (IDSs) for onboard networks able to work with the ...
2Citation
Metrics
Total Citations2
Export Citations
Save to Binder
research-article
Open Access
Published By ACM
Published By ACM
CANflict: Exploiting Peripheral Conflicts for Data-Link Layer Attacks on Automotive Networks
- Alvise de Faveri Tron
  Politecnico di Milano & Vrije Universiteit Amsterdam, Milano, Italy
  ,
- Stefano Longari
  Politecnico di Milano, Milan, Italy
  ,
- Michele Carminati
  Politecnico di Milano, Milan, Italy
  ,
- Mario Polino
  Politecnico di Milano, Milan, Italy
  ,
- Stefano Zanero
  Politecnico di Milano, Milan, Italy
CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security•November 2022, pp 711-723• https://doi.org/10.1145/3548606.3560618

Current research in the automotive domain has proven the limitations of the Controller Area Network (CAN) protocol from a security standpoint. Application-layer attacks, which involve the creation of malicious packets, are deemed feasible from remote ...
10Citation
1,560
Downloads
Metrics
Total Citations10
Total Downloads1,560
Last 12 Months428
Last 6 weeks51
Export Citations
Save to Binder
View online with eReader
PDF
research-article
Apícula: Static detection of API calls in generic streams of bytes
- Mario D’Onghia
  Dipartimento di Elettronica, Informazione e Bioingengeria, Milan, Italy
  ,
- Matteo Salvadore
  Dipartimento di Elettronica, Informazione e Bioingengeria, Milan, Italy
  ,
- Benedetto Maria Nespoli
  Dipartimento di Elettronica, Informazione e Bioingengeria, Milan, Italy
  ,
- Michele Carminati
  Dipartimento di Elettronica, Informazione e Bioingengeria, Milan, Italy
  ,
- Mario Polino
  Dipartimento di Elettronica, Informazione e Bioingengeria, Milan, Italy
  ,
- Stefano Zanero
  Dipartimento di Elettronica, Informazione e Bioingengeria, Milan, Italy
Computers and Security, Volume 119, Issue C•Aug 2022 • https://doi.org/10.1016/j.cose.2022.102775
Abstract
API functions often require the crafting of specific inputs and may return some output that is usually processed by the code that immediately follows their invocation. In this work, we claim that - for some APIs - those two stages are ...
0Citation
Metrics
Total Citations0
Export Citations
Save to Binder
research-article
A Systematical and longitudinal study of evasive behaviors in windows malware
- Nicola Galloro
  Politecnico di Milano, Dipartimento di Elettronica, Informazione e Bioingegneria (DEIB), Via Ponzio 34/5, Milano, 20133 , Italy
  ,
- Mario Polino
  Politecnico di Milano, Dipartimento di Elettronica, Informazione e Bioingegneria (DEIB), Via Ponzio 34/5, Milano, 20133 , Italy
  ,
- Michele Carminati
  Politecnico di Milano, Dipartimento di Elettronica, Informazione e Bioingegneria (DEIB), Via Ponzio 34/5, Milano, 20133 , Italy
  ,
- Andrea Continella
  University of Twente, Faculty of Electrical Engineering, Mathematics and Computer Science (EEMCS), Zilverling building, Drienerlolaan 5, 7522 NB, Enschede, The Netherlands
  ,
- Stefano Zanero
  Politecnico di Milano, Dipartimento di Elettronica, Informazione e Bioingegneria (DEIB), Via Ponzio 34/5, Milano, 20133 , Italy
Computers and Security, Volume 113, Issue C•Feb 2022 • https://doi.org/10.1016/j.cose.2021.102550
Abstract
Malware is one of the prevalent security threats. Sandboxes and, more generally, instrumented environments play a crucial role in dynamically analyzing malware samples, providing key threat intelligence results and critical information ...
15Citation
Metrics
Total Citations15
Export Citations
Save to Binder
research-article
Open Access
Published By ACM
Published By ACM
SyML: Guiding Symbolic Execution Toward Vulnerable States Through Pattern Learning
- Nicola Ruaro
  UC Santa Barbara, US
  ,
- Kyle Zeng
  Arizona State University & The Chinese University of Hong Kong, US, China
  ,
- Lukas Dresel
  UC Santa Barbara, US
  ,
- Mario Polino
  Politecnico di Milano, Italy
  ,
- Tiffany Bao
  Arizona State University, US
  ,
- Andrea Continella
  University of Twente, Netherland
  ,
- Stefano Zanero
  Politecnico di Milano, Italy
  ,
- Christopher Kruegel
  University of California, Santa Barbara, US
  ,
- Giovanni Vigna
  UC Santa Barbara, US
RAID '21: Proceedings of the 24th International Symposium on Research in Attacks, Intrusions and Defenses•October 2021, pp 456-468• https://doi.org/10.1145/3471621.3471865

Exploring many execution paths in a binary program is essential to discover new vulnerabilities. Dynamic Symbolic Execution (DSE) is useful to trigger complex input conditions and enables an accurate exploration of a program while providing extensive ...
9Citation
1,422
Downloads
Metrics
Total Citations9
Total Downloads1,422
Last 12 Months566
Last 6 weeks55
Export Citations
Save to Binder
View online with eReader
PDF
research-article
Smart Factory Security: A Case Study on a Modular Smart Manufacturing System
- Federico Maggi
  Trend Micro Italy, Viale T. Edison 110, 20099 Sesto S. Giovanni, Italy
  ,
- Marco Balduzzi
  Trend Micro Italy, Viale T. Edison 110, 20099 Sesto S. Giovanni, Italy
  ,
- Rainer Vosseler
  Trend Micro Italy, Viale T. Edison 110, 20099 Sesto S. Giovanni, Italy
  ,
- Martin Rösler
  Trend Micro Italy, Viale T. Edison 110, 20099 Sesto S. Giovanni, Italy
  ,
- Walter Quadrini
  Politecnico di Milano, Piazza Leonardo Da Vinci 32, 20133 Milan, Italy
  ,
- Giacomo Tavola
  Politecnico di Milano, Piazza Leonardo Da Vinci 32, 20133 Milan, Italy
  ,
- Marcello Pogliani
  Politecnico di Milano, Piazza Leonardo Da Vinci 32, 20133 Milan, Italy
  ,
- Davide Quarta
  Politecnico di Milano, Piazza Leonardo Da Vinci 32, 20133 Milan, Italy
  ,
- Stefano Zanero
  Politecnico di Milano, Piazza Leonardo Da Vinci 32, 20133 Milan, Italy
Procedia Computer Science, Volume 180, Issue C•2021, pp 666-675 • https://doi.org/10.1016/j.procs.2021.01.289
Abstract
Smart manufacturing systems are an attractive target for cyber attacks, because they embed valuable data and critical equipment. Despite the market is driving towards integrated and interconnected factories, current smart manufacturing systems are ...
2Citation
Metrics
Total Citations2
Export Citations
Save to Binder
research-article
Published By ACM
Published By ACM
Constrained Concealment Attacks against Reconstruction-based Anomaly Detectors in Industrial Control Systems
- Alessandro Erba
  CISPA Helmholtz Center for Information Security, Germany
  ,
- Riccardo Taormina
  Delft University of Technology, Netherlands
  ,
- Stefano Galelli
  Singapore University of Technology and Design, Singapore
  ,
- Marcello Pogliani
  Politecnico di Milano, Italy
  ,
- Michele Carminati
  Politecnico di Milano, Italy
  ,
- Stefano Zanero
  Politecnico di Milano, Italy
  ,
- Nils Ole Tippenhauer
  CISPA Helmholtz Center for Information Security, Germany
ACSAC '20: Proceedings of the 36th Annual Computer Security Applications Conference•December 2020, pp 480-495• https://doi.org/10.1145/3427228.3427660

Recently, reconstruction-based anomaly detection was proposed as an effective technique to detect attacks in dynamic industrial control networks. Unlike classical network anomaly detectors that observe the network traffic, reconstruction-based ...
43Citation
693
Downloads
Metrics
Total Citations43
Total Downloads693
Last 12 Months112
Last 6 weeks9
Export Citations
Save to Binder
Get Access

Author Profile Pages

Description: The Author Profile Page initially collects all the professional information known about authors from the publications record as known by the ACM bibliographic database, the Guide. Coverage of ACM publications is comprehensive from the 1950's. Coverage of other publishers generally starts in the mid 1980's. The Author Profile Page supplies a quick snapshot of an author's contribution to the field and some rudimentary measures of influence upon it. Over time, the contents of the Author Profile page may expand at the direction of the community.
Please see the following 2007 Turing Award winners' profiles as examples:
History: Disambiguation of author names is of course required for precise identification of all the works, and only those works, by a unique individual. Of equal importance to ACM, author name normalization is also one critical prerequisite to building accurate citation and download statistics. For the past several years, ACM has worked to normalize author names, expand reference capture, and gather detailed usage statistics, all intended to provide the community with a robust set of publication metrics. The Author Profile Pages reveal the first result of these efforts.
Normalization: ACM uses normalization algorithms to weigh several types of evidence for merging and splitting names.
These include:
- co-authors: if we have two names and cannot disambiguate them based on name alone, then we see if they have a co-author in common. If so, this weighs towards the two names being the same person.
- affiliations: names in common with same affiliation weighs toward the two names being the same person.
- publication title: names in common whose works are published in same journal weighs toward the two names being the same person.
- keywords: names in common whose works address the same subject matter as determined from title and keywords, weigh toward being the same person.
The more conservative the merging algorithms, the more bits of evidence are required before a merge is made, resulting in greater precision but lower recall of works for a given Author Profile. Many bibliographic records have only author initials. Many names lack affiliations. With very common family names, typical in Asia, more liberal algorithms result in mistaken merges.

Automatic normalization of author names is not exact. Hence it is clear that manual intervention based on human knowledge is required to perfect algorithmic results. ACM is meeting this challenge, continuing to work to improve the automated merges by tweaking the weighting of the evidence in light of experience.
Bibliometrics: In 1926, Alfred Lotka formulated his power law (known as Lotka's Law) describing the frequency of publication by authors in a given field. According to this bibliometric law of scientific productivity, only a very small percentage (~6%) of authors in a field will produce more than 10 articles while the majority (perhaps 60%) will have but a single article published. With ACM's first cut at author name normalization in place, the distribution of our authors with 1, 2, 3..n publications does not match Lotka's Law precisely, but neither is the distribution curve far off. For a definition of ACM's first set of publication statistics, see Bibliometrics
Future Direction: The initial release of the Author Edit Screen is open to anyone in the community with an ACM account, but it is limited to personal information. An author's photograph, a Home Page URL, and an email may be added, deleted or edited. Changes are reviewed before they are made available on the live site.
ACM will expand this edit facility to accommodate more types of data and facilitate ease of community participation with appropriate safeguards. In particular, authors or members of the community will be able to indicate works in their profile that do not belong there and merge others that do belong but are currently missing.

A direct search interface for Author Profiles will be built.

An institutional view of works emerging from their faculty and researchers will be provided along with a relevant set of metrics.

It is possible, too, that the Author Profile page may evolve to allow interested authors to upload unpublished professional materials to an area available for search and free educational use, but distinct from the ACM Digital Library proper. It is hard to predict what shape such an area for user-generated content may take, but it carries interesting potential for input from the community.

Bibliometrics

The ACM DL is a comprehensive repository of publications from the entire field of computing.

It is ACM's intention to make the derivation of any publication statistics it generates clear to the user.

Average citations per article = The total Citation Count divided by the total Publication Count.
Citation Count = cumulative total number of times all authored works by this author were cited by other works within ACM's bibliographic database. Almost all reference lists in articles published by ACM have been captured. References lists from other publishers are less well-represented in the database. Unresolved references are not included in the Citation Count. The Citation Count is citations TO any type of work, but the references counted are only FROM journal and proceedings articles. Reference lists from books, dissertations, and technical reports have not generally been captured in the database. (Citation Counts for individual works are displayed with the individual record listed on the Author Page.)
Publication Count = all works of any genre within the universe of ACM's bibliographic database of computing literature of which this person was an author. Works where the person has role as editor, advisor, chair, etc. are listed on the page but are not part of the Publication Count.
Publication Years = the span from the earliest year of publication on a work by this author to the most recent year of publication of a work by this author captured within the ACM bibliographic database of computing literature (The ACM Guide to Computing Literature, also known as "the Guide".
Available for download = the total number of works by this author whose full texts may be downloaded from an ACM full-text article server. Downloads from external full-text sources linked to from within the ACM bibliographic space are not counted as 'available for download'.
Average downloads per article = The total number of cumulative downloads divided by the number of articles (including multimedia objects) available for download from ACM's servers.
Downloads (cumulative) = The cumulative number of times all works by this author have been downloaded from an ACM full-text article server since the downloads were first counted in May 2003. The counts displayed are updated monthly and are therefore 0-31 days behind the current date. Robotic activity is scrubbed from the download statistics.
Downloads (12 months) = The cumulative number of times all works by this author have been downloaded from an ACM full-text article server over the last 12-month period for which statistics are available. The counts displayed are usually 1-2 weeks behind the current date. (12-month download counts for individual works are displayed with the individual record.)
Downloads (6 weeks) = The cumulative number of times all works by this author have been downloaded from an ACM full-text article server over the last 6-week period for which statistics are available. The counts displayed are usually 1-2 weeks behind the current date. (6-week download counts for individual works are displayed with the individual record.)

ACM Author-Izer Service

Summary Description

ACM Author-Izer is a unique service that enables ACM authors to generate and post links on both their homepage and institutional repository for visitors to download the definitive version of their articles from the ACM Digital Library at no charge.

Downloads from these sites are captured in official ACM statistics, improving the accuracy of usage and impact measurements. Consistently linking to definitive version of ACM articles should reduce user confusion over article versioning.

ACM Author-Izer also extends ACM’s reputation as an innovative “Green Path” publisher, making ACM one of the first publishers of scholarly works to offer this model to its authors.

To access ACM Author-Izer, authors need to establish a free ACM web account. Should authors change institutions or sites, they can utilize the new ACM service to disable old links and re-authorize new links for free downloads from a different site.

How ACM Author-Izer Works

Authors may post ACM Author-Izer links in their own bibliographies maintained on their website and their own institution’s repository. The links take visitors to your page directly to the definitive version of individual articles inside the ACM Digital Library to download these articles for free.

The Service can be applied to all the articles you have ever published with ACM.

Depending on your previous activities within the ACM DL, you may need to take up to three steps to use ACM Author-Izer.

For authors who do not have a free ACM Web Account:

Go to the ACM DL http://dl.acm.org/ and click SIGN UP. Once your account is established, proceed to next step.

For authors who have an ACM web account, but have not edited their ACM Author Profile page:

Sign in to your ACM web account and go to your Author Profile page. Click "Add personal information" and add photograph, homepage address, etc. Click ADD AUTHOR INFORMATION to submit change. Once you receive email notification that your changes were accepted, you may utilize ACM Author-izer.

For authors who have an account and have already edited their Profile Page:

Sign in to your ACM web account, go to your Author Profile page in the Digital Library, look for the ACM Author-izer link below each ACM published article, and begin the authorization process. If you have published many ACM articles, you may find a batch Authorization process useful. It is labeled: "Export as: ACM Author-Izer Service"

ACM Author-Izer also provides code snippets for authors to display download and citation statistics for each “authorized” article on their personal pages. Downloads from these pages are captured in official ACM statistics, improving the accuracy of usage and impact measurements. Consistently linking to the definitive version of ACM articles should reduce user confusion over article versioning.

Note: You still retain the right to post your author-prepared preprint versions on your home pages and in your institutional repositories with DOI pointers to the definitive version permanently maintained in the ACM Digital Library. But any download of your preprint versions will not be counted in ACM usage statistics. If you use these AUTHOR-IZER links instead, usage by visitors to your page will be recorded in the ACM Digital Library and displayed on your page.

FAQ

Q. What is ACM Author-Izer?
A. ACM Author-Izer is a unique, link-based, self-archiving service that enables ACM authors to generate and post links on either their home page or institutional repository for visitors to download the definitive version of their articles for free.
Q. What articles are eligible for ACM Author-Izer?
A. ACM Author-Izer can be applied to all the articles authors have ever published with ACM. It is also available to authors who will have articles published in ACM publications in the future.

Q. Are there any restrictions on authors to use this service?
A. No. An author does not need to subscribe to the ACM Digital Library nor even be a member of ACM.

Q. What are the requirements to use this service?
A. To access ACM Author-Izer, authors need to have a free ACM web account, must have an ACM Author Profile page in the Digital Library, and must take ownership of their Author Profile page.

Q. What is an ACM Author Profile Page?
A. The Author Profile Page initially collects all the professional information known about authors from the publications record as known by the ACM Digital Library. The Author Profile Page supplies a quick snapshot of an author's contribution to the field and some rudimentary measures of influence upon it. Over time, the contents of the Author Profile page may expand at the direction of the community. Please visit the ACM Author Profile documentation page for more background information on these pages.

Q. How do I find my Author Profile page and take ownership?
A. You will need to take the following steps:
- Create a free ACM Web Account
- Sign-In to the ACM Digital Library
- Find your Author Profile Page by searching the ACM Digital Library for your name
- Find the result you authored (where your author name is a clickable link)
- Click on your name to go to the Author Profile Page
- Click the "Add Personal Information" link on the Author Profile Page
- Wait for ACM review and approval; generally less than 24 hours

Q. Why does my photo not appear?
A. Make sure that the image you submit is in .jpg or .gif format and that the file name does not contain special characters

Q. What if I cannot find the Add Personal Information function on my author page?
A. The ACM account linked to your profile page is different than the one you are logged into. Please logout and login to the account associated with your Author Profile Page.

Q. What happens if an author changes the location of his bibliography or moves to a new institution?
A. Should authors change institutions or sites, they can utilize ACM Author-Izer to disable old links and re-authorize new links for free downloads from a new location.

Q. What happens if an author provides a URL that redirects to the author’s personal bibliography page?
A. The service will not provide a free download from the ACM Digital Library. Instead the person who uses that link will simply go to the Citation Page for that article in the ACM Digital Library where the article may be accessed under the usual subscription rules.

However, if the author provides the target page URL, any link that redirects to that target page will enable a free download from the Service.

Q. What happens if the author’s bibliography lives on a page with several aliases?
A. Only one alias will work, whichever one is registered as the page containing the author’s bibliography. ACM has no technical solution to this problem at this time.

Q. Why should authors use ACM Author-Izer?
A. ACM Author-Izer lets visitors to authors’ personal home pages download articles for no charge from the ACM Digital Library. It allows authors to dynamically display real-time download and citation statistics for each “authorized” article on their personal site.

Q. Does ACM Author-Izer provide benefits for authors?
A. Downloads of definitive articles via Author-Izer links on the authors’ personal web page are captured in official ACM statistics to more accurately reflect usage and impact measurements.

Authors who do not use ACM Author-Izer links will not have downloads from their local, personal bibliographies counted. They do, however, retain the existing right to post author-prepared preprint versions on their home pages or institutional repositories with DOI pointers to the definitive version permanently maintained in the ACM Digital Library.

Q. How does ACM Author-Izer benefit the computing community?
A. ACM Author-Izer expands the visibility and dissemination of the definitive version of ACM articles. It is based on ACM’s strong belief that the computing community should have the widest possible access to the definitive versions of scholarly literature. By linking authors’ personal bibliography with the ACM Digital Library, user confusion over article versioning should be reduced over time.

In making ACM Author-Izer a free service to both authors and visitors to their websites, ACM is emphasizing its continuing commitment to the interests of its authors and to the computing community in ways that are consistent with its existing subscription-based access model.

Q. How do authors access ACM Author-Izer?
A. See How to Use

Q. Why can’t I find my most recent publication in my ACM Author Profile Page?
A. There is a time delay between publication and the process which associates that publication with an Author Profile Page. Right now, that process usually takes 4-8 weeks.

Q. How does ACM Author-Izer expand ACM’s “Green Path” Access Policies?
A. ACM Author-Izer extends the rights and permissions that authors retain even after copyright transfer to ACM, which has been among the “greenest” publishers. ACM enables its author community to retain a wide range of rights related to copyright and reuse of materials. They include:
- Posting rights that ensure free access to their work outside the ACM Digital Library and print publications
- Rights to reuse any portion of their work in new works that they may create
- Copyright to artistic images in ACM’s graphics-oriented publications that authors may want to exploit in commercial contexts
- All patent rights, which remain with the original owner