Theses developed within CSecLab, listed in reverse chronological order.


Loris Piana. Provision of web security training services through per-user sandboxing. 2017

Supervisors: Alessio Merlo


Gianluca Barbera. Building behavioural models for the security analysis of iOS applications. 2017

Supervisors: Alessio Merlo


Luca Lorrai. TEA - Enabling THCE on Android devices. 2016

Supervisors: Alessio Merlo

Publications

  1. A. Merlo, L. Lorrai, L. Verderame, “Efficient trusted host-based card emulation on TEE-enabled Android devices”, in Proc. of HPCS 2016.

Hamidreza Aria. Android Malware Detection Using Network Behavior Analysis And Machine Learning Classifiers. 2017

Supervisors: Gabriele Costa


Hossein Ghodrati. A Framework for Designing Attack Strategies in Cyber Range Scenarios. 2017

Supervisors: Gabriele Costa


Giulio Puri. Dynamic verification of access permissions in an extension of the Android Security Framework. 2014

Supervisors: Alessandro Armando, Gabriele Costa, Alessio Merlo

Publications

  1. A. Armando, R. Carbone, G. Costa, A. Merlo, “Android Permissions Unleashed”, in Proc. of CSF 2015.

Marco Malvasio. Development of a framework for Symbolic Partial Model Checking. 2014

Supervisors: Alessandro Armando, Gabriele Costa, Alessio Merlo

Publications

  1. A. Armando, G. Costa, A. Merlo, L. Verderame, “Formal modeling and automatic enforcement of Bring Your Own Device policies”, in Int. J. of Information Security, 14(2) 123-140 (2015).

Paolo Macco. Certifying Android devicesin BYOD environments. 2015

Supervisors: Giovanni Lagorio, Alessio Merlo

Publications

  1. A. Merlo, “BYODCert - Toward a Cross-Organizational BYOD Paradigm”, in Proc. of GPC 2017.

Luca Lorrai. TEA: Enabling THCE on Android devices. 2016

Supervisors: Alessio Merlo

Publications

  1. A. Merlo, L. Lorrai, L. Verderame, “Efficient trusted host-based card emulation on TEE-enabled Android devices”, in Proc. of HPCS 2016.

Gabriel Claudiu Georgiu. RiskInDroid: Risk Analysis for Android applications. 2016

Supervisors: Alessio Merlo

Publications

  1. A. Merlo, G. C. Georgiu, “RiskInDroid - Machine Learning-Based Risk Analysis on Android”, in Proc. of IFIP SEC 2017.

Paolo Fontanelli. Energy-Aware Security: Tools and Analytic models to estimate energetic consumption in the Android operating systems. 2014

Supervisors: Alessio Merlo, Mauro Migliardi

Publications

  1. A. Merlo, M. Migliardi, P. Fontanelli, “On energy-based profiling of malware in Android”, Proc. of HPCS 2014.

  2. A. Merlo, M. Migliardi, P. Fontanelli, “Measuring and estimating power consumption in Android to support energy-based intrusion detection”, J. of Computer Security, 23(5), pp. 611-637 (2015).


Diego Raso, Elena Spadacini. Energy Optimisation Strategies through Intrusion Prevention Systems. 2014

Supervisors: Alessio Merlo, Mauro Migliardi

Publications

  1. A. Merlo, M. Migliardi, D. Raso, E. Spadacini, “Optimizing Network Energy Consumption through Intrusion Prevention Systems”, in Proc. of CISIS 2014.

  2. A. Merlo, M. Migliardi, E. Spadacini, “Balancing Delays and Energy Consumption in IPS-Enabled Networks”, in Proc. of AINA 2016.

  3. A. Merlo, E. Spadacini, M. Migliardi, “IPS-based reduction of network energy consumption”, in Logic J. of the IGPL (2016).


Gabriele De Maglie, Fabio Tollini. A Centralized Approach for the Management of Mobile Code Security Policies. 2013

Supervisors: Alessandro Armando, Gabriele Costa, Alessio Merlo


Daniele Fiori, Fabio Brizzolara. Inlined Reference Monitor for Android Platforms. 2013

Supervisors: Alessandro Armando, Gabriele Costa, Alessio Merlo


Luca Roverelli, Gabriele Zereik, Nicolò Zereik. EveC: an object-oriented programming language for efficient computation. 2013

Supervisors: Alessio Merlo, Mauro Migliardi


Monica Curti, Simone Schiappacasse. Energy-Aware Security: tools and analytic models for energy consumption in the Android OS. 2013

Supervisors: Alessio Merlo, Mauro Migliardi

Publications

  1. M. Curti, A. Merlo, M. Migliardi, S. Schiappacasse, “Towards energy-aware intrusion detection systems on mobile devices”, in Proc. of HPCS 2013.

Luca Verderame. Security Analysis of the Android Operating System. 2012

Supervisors: Alessandro Armando, Alessio Merlo

Publications

  1. A. Armando, A. Merlo, M. Migliardi, L. Verderame, “Would You Mind Forking This Process? A Denial of Service Attack on Android (and Some Countermeasures)”, in Proc. od SEC 2012.

  2. A. Armando, A. Merlo, M. Migliardi, L. Verderame, “Breaking and Fixing the Android Launching Flow”, in Computers and Security, 39 104-115 (2013).