Research Projects

Curriculum: Data Governance & Protection

Funds: MUR DM 630— scholarship co-funded by a research institution where the student will spend 6 to 18 months of the PhD.

Additional benefits: Full board accommodation

Research Institution: CNR-IIT

Research Institution Contact Person: Marinella Petrocchi

Website: https://sysma.imtlucca.it/, https://marinellapetrocchi.wixsite.com/mysite

Description

The proliferation of large language models (LLMs) such as GPT-3 and GPT-4 has revolutionized natural language processing and various applications ranging from automated customer service to advanced tools for information retrieval. However, their potential to spread disinformation poses significant challenges. This PhD project aims to explore the dual role of LLMs as both enablers and mitigators of disinformation. By examining the mechanisms through which LLMs generate, amplify, and disseminate false information, we seek to understand their impact on public discourse and trust in digital media. The research will employ a multi-disciplinary approach, integrating computational linguistics, machine learning, and social sciences, to analyze large datasets from social media and other digital platforms. Key objectives include identifying patterns in LLM-generated disinformation, evaluating the efficacy of current mitigation strategies, and developing new techniques to enhance model transparency and accountability.

The main outcome of this study is envisioned to be the development of a fine-tuned LLM specifically designed to detect and mitigate disinformation. This model will be trained on a curated dataset containing both accurate information and known disinformation. The fine-tuned LLM will be optimized to recognize and counteract false narratives.

Curriculum: Data Governance & Protection

Funds: University

Website:  https://dawsec.dicom.uninsubria.it/elena.ferrari/

Description

Generative AI is revolutionizing many fields, including the critical ones of access control and privacy protection. The project aims first to: (1) understand how generative AI tools can be used for the strategic tasks of access control and privacy preference enforcement; 2) identify which are the main threats connected to their usage. Then, the project will design novel solutions leveraging generative AI tools to complement traditional access control and privacy protection mechanisms. The developed strategies will have to consider, on one side, the protection requirements of end-users and, on the other side, the data provider’s economic assets (e.g., data utility, costs). The project will target decentralized scenarios to go beyond traditional centralized architectures and application domains characterized by a massive amount of sensitive and personal data (such as edge computing and IoT).

Curriculum: Data Governance & Protection

Funds: MUR DM 630— scholarship co-funded by a research institution where the student will spend 6 to 18 months of the PhD.

Research Institution: CINI - Consorzio Interuniversitario Nazionale per l'Informatica 

Research Institution Contact Person: Ernesto Damiani

Website: https://ardagna.di.unimi.it/, https://www.consorzio-cini.it/index.php/ 

Description

The ongoing evolution of IT (from cloud computing to artificial intelligence) is changing the design, development, and deployment of software/applications and the corresponding IT infrastructures. The main effect of this evolution is the central role of data, which drives application/infrastructure behavior and deployment decisions. Despite IT technologies having become commonplace, there are still significant obstacles to their adoption in critical scenarios. Among these, assurance issues become pressing and introduce the need to rethink assurance and certification approaches to support the evaluation of non-functional properties (e.g., security, robustness, fairness) of cloud-edge, IoT, and AI/ML-based systems. This research project aims to lay the foundation for a new assurance and certification framework that meets the requirements of modern, data-driven distributed systems built on AI and deployed in the cloud-edge continuum. The proposed framework will be integrated within the distributed systems' lifecycle, enabling full system governance, including its data and models, from design to operation. The framework will employ data governance and analysis techniques to boost assurance and certification quality and effectiveness. Proper management of assurance and certification processes can expedite the adoption of applications built on modern systems by i) increasing trust in technologies (including AI and cloud-edge), ii) supporting a balance between costs, performance, and quality, and iii) providing continuous evaluation of system behavior.

Curriculum: Data Governance & Protection

Funds: MUR DM 630— scholarship co-funded by a company where the student will spend 6 to 18 months of the PhD.

Company: Amped Software s.r.l.

Company Contact Person: Marco Fontani

Website: http://clem.dii.unisi.it/~vipp/mbarni.html, https://ampedsoftware.com/

Description

The diffusion of deepfakes and multimedia content altered with the help of AI tools raises increasing concerns about the authenticity and trustworthiness of digital media. To mitigate these concerns, passive image forensics aims at answering questions about the provenance and authenticity of digital images by analyzing the subtle traces left in the images by the image generation process and every subsequent processing step.

One of the most severe threats to image authenticity is the increasing diffusion of deepfakes, either in the form of entirely synthesized visual content generated with diffusion models or other “hybrid” approaches (face-swapping, re-enactment, etc.). On a similar note, recent progress in image acquisition and generation techniques have made the acquisition and editing pipelines more complex than ever, dramatically impacting the performance of attribution methods that used to work well in the past (e.g. sensor noise-based image source identification).

The aim of this research is to develop new image authentication and attribution methods that keep the pace with the tremendous progress of AI technology, while at the same time matching the requirements stemming from investigation and court applications of image forensics, in terms of explainability, trustworthiness and reproducibility of the results. 

This research is co-sponsored by the Italian Ministry and a leading company in the development of image forensics tools for Law Enforcement Agencies. Phd candidates are expected to collaborate closely with the above mentioned company and will be asked to spend a six month period in a foreign research institute to enrich their PhD career.

Curriculum: Foundational Aspects of Cybersecurity

Funds: Agenzia per la cybersicurezza nazionale

Additional benefits: Full board accommodation.

Website: https://sysma.imtlucca.it

Description

Security protocols are a fundamental component to ensure the correct functioning of computer networks, particularly when confidentiality and integrity of communications are required. Over the years, various protocols have undergone formal verification to guarantee the desired security properties, and in some cases, this has led to the identification of serious security flaws. Although the verification of protocols using formal methods has reached a certain maturity in terms of theory and applications, there are still areas where appropriate tools to rigorously ensure the required security properties do not exist. The most notable of these areas is likely that concerning zero-knowledge proof (ZKP) protocols. These protocols play a strategic role in many applications, but currently, there is no theory capable of modeling and verifying that a given implementation does not violate ZK security requirements.

The aim of this project is to define and develop new methodologies for the formal verification of ZKP protocols. Furthermore, the project seeks to implement a model checker capable of applying these methodologies to automatically or semi-automatically verify the correctness of a ZKP protocol against its security specifications.

Curriculum: Foundational Aspects in Cybersecurity

Funds:  MUR DM 629

Additional benefits: Full board accommodation.

Website: https://sysma.imtlucca.it

Description

Online Social Networks and other web applications face significant privacy issues when acquiring personal data such as images, videos, and profile information. This data may reveal users' activities, traits, beliefs, and intentions, exposing them to privacy risks. Privacy policies are designed to inform users about data collection, usage, and protection practices. However, these policies are often complex, lengthy, and written in legal jargon, making them difficult for the average user to understand. Furthermore, the ambiguity of natural language can lead to misinterpretations and compliance issues; users often accept the proposed policies without being fully aware of their consent.

This project proposes using a Controlled Natural Language (CNL) to express clear and concise privacy policies, aiming to transform these specifications into formal logical formulae. This transformation will determine the consistency of the proposed rules and test whether new rules strengthen or relax previous ones. Privacy policies in CNL will be easier to understand, increasing user transparency and trust. Formal logical translations will enable automated property checking, ensuring regulatory compliance. Organizations can demonstrate that their policies meet legal requirements, reducing violation risks.

The main steps of the project are:

1. Develop a CNL to rewrite privacy policies, making them comprehensible while retaining legal significance.

2. Transform CNL privacy policies into formal logical representations for automated verification.

3. Prove compliance and data protection properties using formal methods.

Curriculum: Foundational Aspects of Cybersecurity

Funds: University

Additional benefits: Full board accommodation.

Website: https://sysma.imtlucca.it/

Description 

In the contemporary software landscape, applications are built from components written in various programming languages. Programs developed in memory-safe languages like Java, Go, OCaml, Python, Rust, and Swift often use legacy libraries implemented in C. The presence of this unsafe code can jeopardize the guarantees provided by a safe language like Rust. As the complexity of modern software systems increases, understanding and mitigating the security risks arising from the use of multiple languages has become essential. Ensuring the correctness and security of multi-language programs requires analyzing interactions between components and considering issues from the semantic differences of the programming languages used. Languages can vary in value representation (e.g., signed or unsigned integers), semantic features (e.g., structured or unstructured control flow), and memory models, necessitating a holistic approach to address these complexities within a single software ecosystem.

The project aims to develop methodologies, tools, and guidelines to address the security issues of multi-language applications. It seeks to establish a foundational understanding of cross-language security challenges and contribute practical solutions. The candidate will develop techniques and tools to facilitate interoperability between the runtimes of different languages, focusing on reducing security risks in data exchange, function calls, and shared resource access. Furthermore, the candidate will design and develop static/dynamic analysis and formal verification techniques to evaluate the security of multi-language application code.

Curriculum: Foundational Aspects in Cybersecurity

Funds: MUR DM 630— scholarship co-funded by a company/research institution where the student will spend 6 to 18 months of the PhD.

Company: Consorzio Metis 

Company Contact Person: Walter Volpi

Website: https://sites.google.com/unifi.it/rosariopugliese/, https://www.consorziometis.it/

Description

The research activity aims to devise formal languages and methods to specify and reason rigorously about the security properties of computer systems. Relevant to this research are different types of security properties (e.g., authentication, confidentiality, and integrity), approaches (e.g., access control and information flow control), and system abstraction levels (e.g., design, configuration, and implementation). One possible goal is to develop formal languages and methods for specifying and managing authorization policies for access control. Some challenges include proving the correctness of policies with respect to high-level properties, developing formal analysis techniques to estimate the effects of run-time interference between policy evaluation and system behavior, and determining the impact of policy changes on system components.

Curriculum:  Foundational Aspects of Cybersecurity

Funds: PNRR Project “SEcurity and RIghts In the CyberSpace”

Website:  https://web.unica.it/unica/page/it/giorgio_giacinto

Description

Machine learning models are currently used in various cyber threat analysis and detection tasks such as network traffic analysis, malware detection, and classification. The availability of large language models (LLMs) opens new research opportunities at different levels of granularity, spanning from vulnerability analysis and detection in source and machine code to the management of threat intelligence feeds. Some preliminary works in the literature explore the impact of LLMs in different aspects of cyber threat management. In this project, an extensive overview of the potential applications will be carried out to focus on those scenarios where LLMs and other advanced machine-learning approaches can significantly impact prevention, early detection, and response time. As modern cyber threats are characterized by a higher degree of obfuscation and the use of covert channels, the combined use of different sources of evidence and different machine learning approaches tailored to model the different data sources will provide more effective and robust detection mechanisms.

Curriculum: Foundational Aspects of Cybersecurity

Funds: MUR DM 629 

Description 

In recent years, Internet of Things (IoT) solutions have been employed in multiple scenarios, with applications targeting both the end users (e.g., home automation), the public administration (e.g., environment monitoring, healthcare), and the industry (e.g., manufacturing process control, data collection for agriculture). This widespread adoption has significant security implications since malware targeting Internet of Things (IoT) devices is becoming increasingly common. In response to this growing threat landscape, this project proposes developing an innovative malware analysis and detection system in mobile and IoT scenarios. The system's primary objective is to investigate different malware analysis and detection approaches, leveraging both static and dynamic analysis to identify and classify emerging malware variants correctly. The system will address the complexities of malware detection in IoT scenarios through its innovative approach, contribute to the safe digitalization of public administration and industrial processes, and preserve users' privacy.

Curriculum: Foundational Aspects of Cybersecurity

Funds: University

Website: https://micheleloreti.com/ 

Description

The goal of this project is to study formal tools for describing the security requirements of Distributed Systems at the local and global levels. 

In the first case, properties are described by considering the behaviour of a single component. At the global level, the focus is on the system as a whole. 

The first goal of this project is to explore a novel logical formalism to specify both local and global security properties. The selected PhD candidate will investigate algorithms to check whether a given set of security requirements is satisfied without considering a detailed description of the system as a whole.

Moreover, a methodology will be developed that, starting from a set of logical requirements, can generate a set of runtime monitors to check the fulfilment of expected properties. The integration of these monitors with Intrusion Detection Systems will be considered and applied to realistic case studies. 

Curriculum: Foundational Aspects of Cybersecurity

Funds: MUR DM 630— scholarship co-funded by a company where the student will spend 6 to 18 months of the PhD.

Company: Next Ingegneria dei Sistemi S.p.A.

Company Contact Person: Giuseppe Palumbo

Website: http://www.univpm.it/marco.baldi, 

Description

The PhD project is aimed at the definition, analysis, and implementation of cryptographic techniques and protocols for network security capable of withstanding both classical and quantum computer-based attacks. The research activity will start from the analysis of the most promising families of post-quantum cryptographic primitives, with a focus on code-based primitives. Post-quantum cryptographic primitives for asymmetric encryption, key exchange, and digital signature will be analyzed in depth, with a focus on those included in the ongoing NIST selection and standardization process, with the aim of finding innovative solutions to improve their efficiency and security. The research activity will then continue towards analyzing the inclusion of these new cryptographic primitives in network security protocols, such as protocols for key distribution and data encryption in network transmissions. Software demonstrators of such protocols will be implemented to experimentally evaluate the impact on efficiency and security due to the transition from currently used cryptographic primitives to new post-quantum cryptographic primitives. The software demonstrators developed will allow simulating the use of these updated protocols in real application scenarios, such as those related to both terrestrial and satellite network communications.

Curriculum: Human, Economic, and Legal Aspects in Cybersecurity

Funds: MUR DM 630— scholarship co-funded by a company where the student will spend 6 to 18 months of the PhD.

Company: TIM TELSY

Company Contact Person: Gabriele Elia

Additional benefits: Additional research contract within the context of active project(s), to be negotiated on an individual base.

Website: https://www.santannapisa.it/it/gaetana-morgante, https://www.telsy.com/en/homepage/ 

Description 

Investigating, preventing, and combating cybercrimes challenges traditional criminal law and procedure. Establishing an efficient legal framework to address cybercrimes at domestic, European, and international levels requires a strong partnership between public and private entities. Private companies - especially those providing “digital” services - play a pivotal role in governing online behavior, enforcing public and private regulations, and contributing to the policing and investigation of cybercrimes. Private companies are increasingly essential in the protective strategy against cybercrime: they contribute to safeguarding national cyberspace, critical infrastructures, businesses and customers from cyberattacks, by adhering to cybersecurity standards, implementing international and European legal framework (e.g. NIS2) and engaging in cyber-compliance. Moreover, Telecom operators have also specific sector regulation, on top of all the European Electronic Communications Code (EECC) and unique position because of their special role in facilitating communication. This public-private integration efforts requires a comprehensive multidisciplinary approach, taking into account legal, ethical, economic, technical, political and social dimensions, including balancing between privacy and security. The PhD project will delve into cybercrime and cybersecurity, focusing on public-private cooperation, including the protection of digital infrastructure, incident response and cooperation with LEAs. The research will explore existing public-private voluntary initiatives and assess the necessary safeguards in terms of substantive and procedural criminal law.

Curriculum: Human, Economic, and Legal Aspects in Cybersecurity

Funds: MUR DM 630— scholarship co-funded by a company where the student will spend 6 to 18 months of the PhD.

Company: Consorzio Metis 

Company Contact Person: Walter Volpi

Website: https://www.unifi.it/p-doc2-2015-0-A-2b33362d382e-0.html, https://www.consorziometis.it/ 

Description

The grant finances the work of a legal researcher who can identify innovative services that, on the basis of the European and national framework, can be offered by CSIRTs set up at regional or local level. These include managing cyber regulatory testing environments for companies (e.g., regulatory sandboxes on cyber resilience). 

The new services' intended outcomes are to ensure a better response to cyber incident risks and to increase companies' cyber awareness and posture (e.g., cyber security compliance with the NIS 2 Directive and the Cyber Resilience Act).

Curriculum: Human, Economic, and Legal Aspects in Cybersecurity

Funds: University

Website: https://www.unipa.it/persone/docenti/v/giuseppe.verde/ 

Description 

The project aims to develop a new ‘regulatory sandbox’ for cybersecurity using a forward-looking approach to regulation, allowing minimal barriers by creating a controlled regulatory testing environment. The ‘regulatory sandbox’ is a way to connect innovators and regulators, providing a controlled environment for them to cooperate. It facilitates the development, testing and validation of innovative digital tools to ensure compliance with the requirements of existing regulations. The PhD candidate will focus her/his project on studying regulatory sandboxes as a way to co-regulate technological tools and participate in implementing a real regulatory sandbox on cybersecurity in Italy. For these purposes, the candidate will be asked to develop strong state of the art on regulatory sandboxes in Europe and be able to analyse and study relevant European use cases that serve as best practices in operational terms. Activities should also include analysis of legal issues, regulatory compliance and rules on technology. The research activities will be conducted within the Department of Law of the University of Palermo.

Curriculum: Human, Economic, and Legal Aspects in Cybersecurity

Funds: University

Websites: https://www.lex.unict.it/docenti/alfio.guido.grasso 

Description

Cybersecurity is a fundamental mission in our IT society. Ensuring IT security and (more recently but also more urgently) AI systems is a crucial task that must be pursued and implemented. For this reason, it is important to train young legal informatics scholars who are ready to face this challenge. In particular, the perspective of the project is related to governance and data protection. The legal IT expert focuses his or her studies on the data protection background, paying particular attention to the evolving EU data protection regulatory framework, as well as the AI legislative frame of reference that is spreading around the world. He/she will be able to legally ensure IT security by enabling IT systems to comply with the legal framework. In this way, contributing to ensuring both user privacy and data integrity, but also protecting the provider company or organisation from being sued. The research project also fits in well with the research lines of the Catania Law Department, where innovation and sustainable technology are the prevailing feature.

Curriculum: Software, System, and Infrastructure Security

Funds: MUR DM 630— scholarship co-funded by a company where the student will spend 6 to 18 months of the PhD.

Company: Cleverynext

Company Contact Person: Mauro Barella

Additional benefits: Full board accommodation

Websites: https://cs.gssi.it/emilio.tuosto/,  https://marino.miculan.org/ 

Description

Ethernet Consist Networks (ECNs) are an emerging technology for on-board communication on trains subject to stringent security and quality of service (QoS) requirements.

The main goals of this research are: 1) to develop a verification framework to evaluate security properties of ECNs; 2) to assess the security of ECNs against common attacks such as spoofing, reply, and man-in-the-middle attacks; 3) to develop a framework for the verification of QoS properties of ECNs; 4) to assess how ECNs guarantee QoS depending on the kind of traffic such as data traffic, vocal traffic, or video traffic.

Research plan: The activities will be executed in two main phases:

1: Development. This phase will focus on identifying the requirements, design, and implement a prototype verification framework. We foresee that the framework will integrate several testing techniques such as static analysis of source code, testing (test fuzzing, simulation, scenario-based testing, property-based testing), as well as of runtime verification (e.g., runtime monitoring).

2: Validation. The framework will be validated on standard attacker models, and typical QoS requirements.

The interaction with Cleverynext, an industrial partner leader in the railways sector, is crucial for the project. Cleverynext will provide access to their infrastructure and to the software and firmware of their devices. If needed, Cleverynext will also provide real data obtained by deployed systems. The PhD student will have the opportunity to spend research periods at Cleverynext and interact with their staff.

Curriculum: Software, System and Infrastructure Security

Funds: University

Additional benefits: Full board accommodation

Website: https://sysma.imtlucca.it 

Description

Modern technologies increasingly use federated learning, which trains machine learning models across decentralised devices without transferring data to a central server, thereby enhancing privacy. For example, the next-word predictions on Gboard for Android devices are generated using this approach.

However, Implementing federated and distributed machine learning systems has introduced new challenges and opportunities in the cybersecurity landscape. These systems enable collaboration among different nodes, allowing models to be trained on distributed data without centralising the data themselves. However, this decentralisation introduces potential security vulnerabilities that must be effectively addressed to ensure data integrity and confidentiality.

The objective of the thesis is to address the following challenges and goals:

- Vulnerability Analysis: Conduct a detailed analysis of existing vulnerabilities in federated and distributed machine learning systems, including privacy threats, model manipulation attacks, and potential data security breaches.

- Development of Defence Techniques: Design and develop new defence techniques to mitigate the identified vulnerabilities, using approaches such as homomorphic encryption, secure and robust aggregation methods, and other advanced methods. The effectiveness of these defence techniques is evaluated through a series of case studies and practical experiments. 

- Integration: This also requires integrating the proposed solutions into existing federated learning frameworks and scenarios correlating the theoretical and practical aspects of the identified problems. 

Curriculum: Software, System and Infrastructure Security

Funds: Agenzia per la cybersicurezza nazionale

Additional benefits: Full board accommodation.

Website: https://sysma.imtlucca.it/

Description

The need to ensure predefined security levels and the constant growth in the complexity of systems and critical infrastructures of the national system necessitates the development of methodologies, methods, and tools to support Cybersecurity Risk Management and Risk Assessment processes. Security teams, in particular, must manage and correlate security data (e.g., vulnerabilities and threats) with the infrastructure architecture to be protected to identify vulnerable points and plan an effective risk management strategy to mitigate them.

The proposed thesis aims to support analysts by automating as much as possible the extraction of information related to critical infrastructures and their security, as well as the correlation and analysis of the collected information to identify threats, assess risks, and plan management activities. Specifically, it will be necessary to define and experiment with suitable formalisms capable of supporting the entire risk assessment process. This will facilitate automation integration and improve results' shareability, reproducibility, and comparability. The activities will also include (a) defining a knowledge base on cybersecurity and the related metamodel, (b) designing and developing methodologies for automating threat modeling and risk assessment of identified threats, and (c) supporting the risk management process.

Finally, strong integration with various types of Cyber Ranges is considered particularly important, as these systems can be very useful in supporting companies and enterprises to sustain and train their security teams, both for testing and discovering vulnerabilities and for improving incident management strategies.

Curriculum: Software, System and Infrastructure Security

Funds: University

Additional benefits: Full board accommodation

Website: https://sysma.imtlucca.it/

Description

This PhD programme trains researchers in digital infrastructure security, focusing on 6G telecommunications networks. It combines cutting-edge security solutions, using Physical Layer Security (PLS) and artificial intelligence (AI) to enhance cyber resilience in essential sectors like energy and communication.

Candidates will engage in research projects to improve the security and resilience of emerging network infrastructures crucial for future communication technologies. They will develop advanced AI-based security mechanisms, including the latest wireless technology standards and protocols for detecting and mitigating cyber attacks. Emphasis will be on PLS in satellite communications and 6G networks, vital for next-generation Internet of Everything (IoE) infrastructures. The research includes jamming and anti-jamming techniques and other PLS methods to protect diverse communications, ensuring security and resilience in applications from telemedicine to industrial automation.

The programme is committed to sustainable development by reducing environmental impact through efficient security algorithms and analyzing next-generation communications to build cyber-attack-resistant national and European networks. Students will participate in interdisciplinary projects and international collaborations, including a mandatory six-month period at a leading European university specializing in PLS, fostering knowledge exchange and in-depth study of 6G network security.

Students will publish research results in prestigious academic journals and present at international conferences to promote advancements in digital infrastructure and telecommunications network security.

Curriculum: Software, System, and Infrastructure Security 

Funds: MUR DM 630— scholarship co-funded by a research institution where the student will spend 6 to 18 months of the PhD.

Research Institution: CNR-IIT

Research Institution Contact Persons: Marco Conti, Claudio Cicconetti

Websites: https://sysma.imtlucca.it, https://www.iit.cnr.it/en/   

Description

The potential of quantum computing is currently limited by the technological evolution of quantum computers, which still persists within the 'Noisy Intermediate-Scale Quantum (NISQ)' period. The parallel use of distributed quantum computers may make it possible to overcome the current limitations of individual quantum computers in terms of qubits, coherence and processing capacity. The use of Distributed Quantum Computing techniques has recently been proposed as a way to increase the security and privacy levels of conventional distributed computing problems, such as Federated Learning. By exploiting Quantum Computing techniques, together with intrinsically secure communications enabled by Quantum Key Distribution, it is indeed possible to substantially mitigate known privacy problems in such contexts. The research topic therefore lies at the intersection of new Distributed Quantum Computing paradigms, and their use to guarantee privacy and security for distributed applications. These algorithms must be designed to coordinate and synchronise operations between quantum nodes, optimising communication and minimising errors. Furthermore, it is expected that integration with classical computing infrastructures will need to be investigated, in order to utilise the strengths of both worlds and improve overall performance, through the development of algorithmic solutions and frameworks that facilitate this integration. Finally, a related research challenge is the identification and development of practical applications of such approaches in areas such as optimisation, cryptography, artificial intelligence and large-scale data processing.

Curriculum: Software, System, and Infrastructure Security

Funds: MUR DM 630— scholarship co-funded by a research institution where the student will spend 6 to 18 months of the PhD.

Research Institution: CINI - Consorzio Interuniversitario Nazionale per l'Informatica

Research Institution Contact Person: Paolo Prinetto

Website: https://sysma.imtlucca.it, https://cybersecnatlab.it/ 

Description

The increasing adoption of smart devices that provide voice recognition interaction capabilities poses significant challenges in terms of protecting users' privacy and confidentiality. Indeed, these devices are, by default, always listening and could potentially record personal and sensitive information. Although there is an effort in trying to avoid these issues, protection against malicious use of these kinds of devices is still required. 

The objective of this thesis is to design and develop innovative solutions to inhibit (i.e., jamming) the operation of MEMS-based microphones, present in the majority of today devices, considering the scenario in which the user has no control over the recording device. 

The use of ultrasound has shown promising results; while it is imperceptible to the human ear, it can affect the audible spectrum after it is captured by microphones and disrupt the recording. However, the use of ultrasound still has several limitations in a real-world case study: e.g., possible interference between the ultrasound generators and any materials interposed between the jammer and target device; room conformation and space coverage for the jammerm, and many others.

An initial detailed analysis of the state of the art concerning both MEMS microphone technologies and solutions capable of inhibiting their operation will be followed by experiments aimed at the characterization of the selected devices and their disturbances. Following, the candidate, on the one hand should identify and analyze the sources of "interference" that can make jamming ineffective and, on the other hand, to propose effective approaches aimed at minimizing their effects.

Curriculum: Software, System, and Infrastructure Security

Funds: MUR DM 630— scholarship co-funded by a company/research institution where the student will spend 6 to 18 months of the PhD.

Company/Research Institution: CINI - Consorzio Interuniversitario Nazionale per l'Informatica  

Company/Research Institution Contact Person: Alessandro Armando

Websites: https://sysma.imtlucca.it/, https://www.consorzio-cini.it/index.php/en/ 

Description

Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) play crucial roles in assessing the security of applications. However, they face significant challenges in effectively identifying context-specific vulnerabilities and adapting to evolving attack vectors. Traditional SAST techniques struggle to comprehensively analyze the intricate runtime behaviors of apps, while DAST may overlook certain vulnerabilities due to its reliance on dynamic execution environments. As a result, there is a pressing need for more adaptive and intelligent security assessment methodologies that can keep pace with the dynamic nature of app development and their tight interactions with other domains. 

Moreover, the widespread utilization of third-party software libraries, software development kits (SDKs), and vendors in the supply chain of apps introduces additional complexities in security and privacy concerns. 

The candidate will be asked to develop a research line focused on developing automatic or semi-automatic methodologies for evaluating the exposure to the cyber risk of application ecosystems in emerging scenarios, e.g., Mobile, Cloud, IoT, and their possible combinations.

Curriculum: Software, System, and Infrastructure Security

Funds: MUR DM 630— scholarship co-funded by a company where the student will spend 6 to 18 months of the PhD.

Company: 10Sec S.r.l.

Company Contact Person: Francesco Palmarini

Website: https://secgroup.dais.unive.it/ 

Description

The rapid evolution of Industry 4.0 has led to a significant integration of embedded devices into industrial infrastructures, enhancing efficiency, productivity, and automation. However, this advancement also introduces substantial cybersecurity challenges, as these embedded systems are often targets for malicious attacks due to their critical role in industrial operations. This research project aims to analyze the security vulnerabilities of embedded devices within Industry 4.0 infrastructures and develop robust protection mechanisms to safeguard them against potential threats.

We will develop innovative solutions to assess the security of industrial infrastructures and embedded devices, configuring and deploying suitable solutions and mitigations. Our approach will consider usability and flexibility, ensuring practical application in real-world settings. In particular, we will explore innovative authentication and authorization mechanisms that enable tracking and accounting for fine-grained access to devices.

By addressing the security challenges of embedded devices and Industry 4.0 infrastructures, this research aims to contribute to the creation of a safer, more secure industrial environment. The findings and solutions developed through this project will be disseminated through conferences, publications, and collaborations with industry partners, promoting the adoption of best practices in cybersecurity for embedded systems. Notably, the research is co-funded by the university spin-off 10Sec, which develops innovative solutions for embedded-system security.

Curriculum: Software, System, and Infrastructure Security

Funds: PNRR Project  “FAIR-Future AI Research” + University

Website: https://kdde.di.uniba.it/people/annalisa-appice/ 

Description

The recent progress in the areas of machine learning (ML) and deep learning (DL) has led to a generation of cybersecurity solutions, which uses ML and DL models to discover and manage cyber-threats. These solutions commonly use both ML and DL to improve the accuracy and, in general, the effectiveness, of the cyber-threat management systems. Although the primary objective of defense systems against cyber-threats remains the ability to correctly and promptly identify cyber-threats, a growing attention has been recently devoted towards the use of eXplainable AI (XAI) to obtain the explainability of decisions yielded with complex, black-box models such as neural models. However, recent developments in the field of Adversarial Learning (AL) have shown the vulnerability of models learned with ML or DL , as well as the vulnerability of multiple XAI techniques. XAI vulnerabilities can reduce the trust of stakeholders in decision explanations. At present, the Adversarial XAI research has been mainly developed in the field of computer vision, by formalizing some attacks on XAI techniques and exploring how to obtain robust and reliable explanations. The Adversarial XAI topic is still little investigated in cyber-threat detection problems. This project will investigate the offensive side of Adversarial XAI to formulate a defensive approach by focusing the evaluation of the developed solutions in cyber intelligence applications including detection of malware, spams or intrusions.

Curriculum: Software, System and Infrastructure Security

Funds: PNRR Project “SEcurity and RIghts In the CyberSpace” + University

Website: https://www.csec.it/ 

Description

Cyber ranges and the scenarios they support have become established over time as state-of-the-art tools for training. While these tools are also recognized for their strong capabilities in supporting security testing, many details in this area still require further study and development. 

The candidate will be asked to develop a research line focused explicitly on enhancing the security testing functionalities that current cyber ranges can support, particularly in the context of cyber-physical systems. There are several key aspects of interest in this research. These include studying techniques for describing tests, automating them, and collecting results. Additionally, it is essential to understand how to make scenarios that include cyber-physical elements more representative, enabling the development of targeted cyber-attacks that can be transformed into systematic tests for specific components and defense systems. In this regard, it is also crucial to investigate integration strategies with simulators, addressing issues related to standards for model exchange, representing discrete events, and ensuring time consistency in simulations.

Curriculum: Software, system, and infrastructure security

Funds: MUR DM 630— scholarship co-funded by a company where the student will spend 6 to 18 months of the PhD.

Company: Leonardo S.p.A.

Company Contact Person: Davide Roggero

Websites: https://www.docenti.unina.it/simonpietro.romano, https://www.leonardo.com/en/home 

Description

An open field of research is how to efficiently protect secrets when in use. As an example, we might be interested in protecting collaborative computations over secret inputs or even computations in cloud-based environments under the control of third parties. While traditional isolation and virtualization technologies have proved helpful in the past, the current trend toward a prevalence of cloud-enabled distributed computations has exposed software systems to new security vulnerabilities. As a result, Confidential Computing architectures and platforms have emerged as new promising research topics. Current avenues of investigation include cryptographic primitives, hardened security and isolation techniques, empowered formal methods and verification methodologies, and hardware-enabled isolation mechanisms. While each of these technologies brings in its own peculiarities, a few common facets can be identified. First, isolation against a privileged attacker through hardware support has inspired research about so-called Trusted Execution Environments. Second, efforts have been devoted to defining Trusted Computing Bases that are as small as possible. Third, several works have focused on providing cryptographic evidence that a legitimate isolated execution environment is created on either a remote or a local machine trough procedures like, e.g., the root of trust, measurement, and remote attestation. The objective of this PhD program is to provide a concrete contribution to advancing the current state of the art in the above depicted scenario. The selected PhD candidate will focus on defining means for safely delegating tasks to untrusted third-parties, in order to arrive at an architecture in which computations are distributed and scheduled to be run where it is most convenient. The research items will include topics like sheltering from unprotected leakage, behavioural measurement and attestation, sandboxing, and process compartmentalization.

Curriculum: Software, System, and Infrastructure Security

Funds: MUR DM 630— scholarship co-funded by a company where the student will spend 6 to 18 months of the PhD.

Company: Topcall srl

Company Contact Person: Luigi Iervasi

Description

The aim of this research project is to explore the potential of Machine Learning (ML) and Artificial Intelligence (AI) techniques to enhance the security of virtualization systems and platforms and of cloud services. Moreover, an additional goal is to exploit ML and AI to automate the building of Cyber Range (CR) scenarios on the basis of  the characterization of the specific application domain.

In particular, state-of-art ML and AI tools and technologies should be employed in the following fields: (i) Vulnerability Detection: build ML models to analyze virtualization platforms and identify potential vulnerabilities and scoring the risk of exploitation; (ii) Automated Threat Analysis and Response design AI-powered systems to automatically analyze suspicious activities and perform appropriate mitigation strategies in real-time, such as blocking malicious attempts or isolating compromised systems; (iii) Automated CR scenario building: Utilize AI, eg. by exploiting Large Language Models (LLM)  to automate the generation of CR scenarios for specific application domains; (iv) Automated log analysis: the data collected in the logs of intercepted attacks will be used to extract, through artificial intelligence, machine learning, and data mining techniques, models of malicious entity behavior. These models will then be used to identify them in real time and to harness possible countermeasures. 

Curriculum: Software, System, and Infrastructure Security

Funds: University

Website: https://www.uniba.it/it/ricerca/dipartimenti/informatica 

Description

The identification of threats and the response time following the analysis of various factors contributing to mitigation play a fundamental role in preserving civilian and military activities. The need to ensure the security of critical infrastructures requires not working exclusively within a single domain but in a 'Multidomain' dimension.

Reducing the decision-making time (at the strategic level) on the response to specific types of threats allows for the proper management of the impact of that threat on a particular asset and consequently on the surrounding environment.

Therefore, in line with the needs of current cyber scenarios, the following proposal aims to analyze, through the use of emerging and disruptive technologies, the possibility of reducing the information processing times coming from different assets in order to support decision-making processes, planning, and execution of cybersecurity operations. The result would allow us to evaluate an attack by considering different dimensions integrating the technological side and the strategies and modes of conducting the attack.

Curriculum: Software, System, and Infrastructure Security

Funds:  MUR DM 630— scholarship co-funded by a company where the student will spend 6 to 18 months of the PhD.

Company: CeRICT

Company Contact Person: Luigi Romano

Websites: https://www.cerict.it/it/ 

Description

Building an ecosystem where IoT, edge and cloud converge towards a computing continuum is one of Europe’s key policy lines for digital autonomy and the Green Deal. While important results have been achieved (e.g. in terms of increased computing capabilities at the edge and orchestration with cloud services), security is still - to a large extent - an open issue. The open challenge is to develop solutions which can effectively improve the security level of Computing Continuum (CC) setups under realistic assumptions. The research will take a “best effort” approach to security, meaning it will design mechanisms and techniques for virtually any CC scenario of the real world, i.e. one where the security-enhancing features available on individual participating devices are extremely diverse. As importantly, to favour the adoption of the proposed solutions, project mechanisms and techniques will be implemented in a set of tools which are: i) compliant to the relevant accredited/emerging standards, ii) based on mature and widely used enabling technologies, and iii) fully integrated with Data Space support. The proposed solutions will be validated in the context of realistic use cases. 

Curriculum: Software, system and infrastructure security

Funds: University

Websites: https://www.disa.unisa.it/ 

Description

This project aims to develop and validate multimodal fact-checking methods designed to detect and counteract false content, including AI-generated content, by leveraging open-source intelligence (OSINT) and advanced analysis techniques. The innovative aspect of this project lies in its integration of explainability techniques and generative AI technologies, such as large language models, to address the challenges of countering disinformation by assessing content reliability and detecting and filtering bias. While vulnerable to generating misleading information, generative AI can also be exploited to automate fact-checking. The project will create a comprehensive dataset of verified and false content by aggregating data from open sources such as social media, news outlets, and official records. Furthermore, the project will explore Retrieval-Augmented Generation (RAG) architectures and task-oriented intelligent agents to enhance fact-checking capabilities by integrating real-time data retrieval mechanisms, with the aim of improving the accuracy and reliability of the models. The outcomes will include the development of practical tools for journalists, researchers, and policymakers, ultimately enhancing societal resilience against cognitive warfare and safeguarding information integrity.

Curriculum: Software, system and infrastructure security

Funds: University

Websites: http://www.disa.unisa.it/

Description

Despite its rapid transformation of various sectors, AI must address substantial security and ethical challenges, including adversarial attacks, data poisoning, and bias. Information disorder—misinformation, disinformation, and malinformation—exacerbates these issues by distorting training data and compromising AI integrity. Analogously, generative AI can be exploited to generate misleading information. Addressing these vulnerabilities is crucial for maintaining AI reliability.

This project focused on identifying challenges and implementing comprehensive protective measures to defend AI systems from threats. The commitment is to ensuring integrity, availability, and confidentiality. The strategies include securing training data, protecting AI models from manipulation, and improving transparency and explainability of AI decisions. 

The main aim is to develop robust AI technologies that are secure, fair, and transparent. By ensuring data accuracy and trustworthiness, the outcomes of this project, including practical tools and frameworks, will enhance societal resilience against information disorder and safeguard AI integrity across various domains. 

Curriculum: Software, System, and Infrastructure Security

Funds: MUR DM 630— scholarship co-funded by a company where the student will spend 6 to 18 months of the PhD.

Company: V-Research

Company Contact Person: Marco Rocchetto

Additional benefits: Board; possibility for extra contract for the company supporting the project; support in accommodation for the first year.

Website: https://www.v-research.it/ 

Description

1. Definition of the technical-scientific challenges for risk analysis in the industrial sector, in the context of Cybersecurity Governance, Risk, Compliance. In cooperation with the industry partner identification of the key use cases such as business processes, IT infrastructures /OT, or secure development processes.

2. Definition of a novel methodology extending the cybersecurity standards and frameworks (such as ISO 27001, ISO 27002, ISO 27005, NIST SP 800-53, CIS Control v8) to cope with international and industrial guidelines for the use of AI in cybersecurity field (such as OWASP AI Top Ten, NIST AI 100-2 E2023).

3. Definition of a novel automatic or semi-automatic process that uses automated learning (e.g., machine learning) and automated reasoning (e.g., model checker) techniques and technologies for the secure development of IT/OT/IoT engineering systems, which adopt the principle of secure-by-design.