Send email Copy Email Address

Threat Detection and Defenses

Attack-detection mechanisms should be able to reliably detect, predict, and understandably explain both known and novel threats, while also being able to cope with evasion techniques (like obfuscation, polymorphism, or stealth low-volume attacks). They should not just be able to detect any critical incident, but also raise alarms when it matters only; the more false alarms are raised, the higher the risk that users will ignore warnings or even disable the detection permanently. Moreover, to provide a strong line of defense, attack detection methods should be complemented by suitable defensive technologies, ideally selected autonomously by the system under attack, to counter whatever threat it encounters. In this research area we pursue this ideal, currently amongst others by focusing on the detection and analysis of modern malware, on the prevention and attribution of DDoS attacks, and on the identification and mitigation of novel system vulnerabilities.

Tagged Publications

Year 2022

Conference / Medium

ACSAC
Proceedings of the Annual Computer Security Applications Conference (ACSAC)Proceedings of the Annual Computer Security Applications Conference (ACSAC)

Conference / Medium

CCS
Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security29th ACM Conference on Computer and Communications Security (CCS)

Conference / Medium

ESEC/FSE
ESEC/FSE 2022ESEC/FSE 2022

Conference / Medium

RAID
25th International Symposium on Research in Attacks, Intrusions and Defenses25th International Symposium on Research in Attacks, Intrusions and Defenses

Conference / Medium

VTC
Proceedings of 2022 IEEE 96th Vehicular Technology Conference2022 IEEE 96th Vehicular Technology Conference

Conference / Medium

ESEC/FSE
DemonstrationsESEC/FSE 2022