Robust and Secure Distributed Computing

Threat and Anomaly Detection and Mitigation

Threat and anomaly detection play crucial roles in safeguarding systems and networks from potential risks and are essential components of a robust cybersecurity strategy. Threat detection involves identifying and recognising potential cyber threats such as malware, hacking attempts, or other malicious activities that can compromise the security and integrirty of computer systems, networks, or data. Anomaly detection, on the other hand, focuses on discovering abnormal or unusual patterns in data that deviate significantly from the expected behavior. Applications fiels include networks and cloud infrastructure, industrial control systems, automotive, healthcare systems and many others.

Our focus:

  • Monitoring of network and computing devices through software-defined networks and programmable data planes (e.g. eBPF, P4)
  • Design and development of AI-based threat and anomaly detection algorithms
  • Analysis of the effectiveness of the monitoring-detection-mitigation pipeline

Selected Tools

  • FLAD: Adaptive Federated Learning for DDoS Attack Detection [documentation]
  • LUCID: A Practical, Lightweight Deep Learning Solution for DDoS Attack Detection [documentation]

Selected Publications

  • Roberto Doriguzzi Corin, Luis Augusto Dias Knob, Luca Mendozzi, Domenico Siracusa, Marco Savi
    Introducing packet-level analysis in programmable data planes to advance Network Intrusion Detection
    In: Computer Networks (DOI)
  • Roberto Doriguzzi Corin, Luis Augusto Dias Knob, Luca Mendozzi, Domenico Siracusa, Marco Savi
    Introducing packet-level analysis in programmable data planes to advance Network Intrusion Detection
    In: Computer Networks (DOI)
  • Roberto Doriguzzi Corin, Luis Augusto Dias Knob, Luca Mendozzi, Domenico Siracusa, Marco Savi
    Introducing packet-level analysis in programmable data planes to advance Network Intrusion Detection
    In: Computer Networks (DOI)
  • Roberto Doriguzzi Corin, Luis Augusto Dias Knob, Luca Mendozzi, Domenico Siracusa, Marco Savi
    Introducing packet-level analysis in programmable data planes to advance Network Intrusion Detection
    In: Computer Networks (DOI)
  • Roberto Doriguzzi Corin, Luis Augusto Dias Knob, Luca Mendozzi, Domenico Siracusa, Marco Savi
    Introducing packet-level analysis in programmable data planes to advance Network Intrusion Detection
    In: Computer Networks (DOI)