- Ernesto Damiani is Full Professor at Università degli Studi di Milano, President of the Consortium of Italian Compute... moreErnesto Damiani is Full Professor at Università degli Studi di Milano, President of the Consortium of Italian Computer Science Universities (CINI), Senior Director of Artificial Intelligence and Intelligent Systems Institute, Khalifa University, and leader of the Big Data area at Etisalat British Telecom Innovation Center. Within the Computer Science Department of the Università degli Studi di Milano, he leads the Secure Service-oriented Software Research (SESAR) Lab.
Ernesto Damiani’s areas of interest include Big Data Analytics, Edge/Cloud security and performance, and cyber-physical systems. He has been the Principal Investigator of many international projects, including the H2020 TOREADOR project on Big-Data-as-a-Service funded by the EU Commission on the ICT call on Big Data Research.
Ernesto has been a recipient of the Stephen Yau Award from the Service Society, of the Outstanding contributions Award from IFIP TC2, of the Chester-Sall Award from IEEE IES, and of a doctorate honoris causa from INSA – Lyon (France) for his contribution to Big Data teaching and research.edit
Research Interests:
Traditionally, cyber-attack detection relies on reactive, assistive techniques, where pattern-matching algorithms help human experts to scan system logs and network traffic for known virus or malware signatures. Recent research has... more
Traditionally, cyber-attack detection relies on reactive, assistive techniques, where pattern-matching algorithms help human experts to scan system logs and network traffic for known virus or malware signatures. Recent research has introduced effective Machine Learning (ML) models for cyber-attack detection, promising to automate the task of detecting, tracking and blocking malware and intruders. Much less effort has been devoted to cyber-attack prediction, especially beyond the short-term time scale of hours and days. Approaches that can forecast attacks likely to happen in the longer term are desirable, as this gives defenders more time to develop and share defensive actions and tools. Today, long-term predictions of attack waves are mostly based on the subjective perceptiveness of experienced human experts, which can be impaired by the scarcity of cyber-security expertise. This paper introduces a novel ML-based approach that leverages unstructured big data and logs to forecast th...
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Mobile agents are smart programs that migrate from one platform to another to perform the user task. Mobile agents offer flexibility and performance enhancements to systems and service real-time applications. However, security in mobile... more
Mobile agents are smart programs that migrate from one platform to another to perform the user task. Mobile agents offer flexibility and performance enhancements to systems and service real-time applications. However, security in mobile agent systems is a great concern. In this paper, we propose a novel Broadcast based Secure Mobile Agent Protocol (BROSMAP) for distributed service applications that provides mutual authentication, authorization, accountability, nonrepudiation, integrity, and confidentiality. The proposed system also provides protection from man in the middle, replay, repudiation, and modification attacks. We proved the efficiency of the proposed protocol through formal verification with Scyther verification tool.
Research Interests:
Research Interests:
This article aims at introducing a new process-centric, trusted, configurable and multipurpose electronic voting service based on the blockchain infrastructure. The objective is to design an e-voting service using blockchain able to... more
This article aims at introducing a new process-centric, trusted, configurable and multipurpose electronic voting service based on the blockchain infrastructure. The objective is to design an e-voting service using blockchain able to automatically translate service configuration defined by the end-user into a cloud-based deployable bundle, automating business logic definition, blockchain configuration, and cloud service provider selection. The architecture includes process mining by design in order to optimize process performance and configuration. The article depicts all the components of the architecture and discusses the impact of the proposed solution.
Research Interests:
Research Interests:
Abstract Technical enhancements of mobile technologies are paving the way to the definition of high-quality and accurate geolocation solutions based on data collected and managed by GSM/3G networks. We present a technique that provides... more
Abstract Technical enhancements of mobile technologies are paving the way to the definition of high-quality and accurate geolocation solutions based on data collected and managed by GSM/3G networks. We present a technique that provides geolocation and mobility prediction both at network and service level, does not require any change to the existing mobile network infrastructure, and is entirely performed on the mobile network side, making it more robust than other positioning systems with respect to location spoofing and ...
Research Interests: Mathematics, Computer Science, Distributed Computing, Real Time Computing, Mobile Technology, and 15 moreMobile Communication, Geolocation, Kalman Filter, Cellular Network, GSM, Data Collection, Mobility Prediction, Mobile Network, Location Based Service, Electrical And Electronic Engineering, Mobile Computer, Positioning System, Received Signal Strength Indicator, Multipath Propagation, and Received Signal Strength
Research Interests:
Christian Zeidler, Evolaris, Austria Collin Mulliner, Secure Information Technology Fraunhofer, Germany Ernesto Damiani, Universität Milan, Italy Florian Michahelles, Auto-ID Labs, Eidgenössische Technische Hochschule Zürich, Switzerland... more
Christian Zeidler, Evolaris, Austria Collin Mulliner, Secure Information Technology Fraunhofer, Germany Ernesto Damiani, Universität Milan, Italy Florian Michahelles, Auto-ID Labs, Eidgenössische Technische Hochschule Zürich, Switzerland Gerald Madlmayr, FH OÖe, Campus Hagenberg, Austria Gerhard Hancke, Royal Holloway, University of London, United Kingdom Josef Langer, Near Field Communication Research Lab Hagenberg, Austria Josef Scharinger, Computational Perception, Johannes Kepler University, Austria Jürgen Fuß, ...
This book constitutes the thoroughly refereed proceedings of the First International Symposium on Data-Driven Process Discovery and Analysis held in Campione d'Italia, Italy, in June/July 2011. The 11 revised full papers were... more
This book constitutes the thoroughly refereed proceedings of the First International Symposium on Data-Driven Process Discovery and Analysis held in Campione d'Italia, Italy, in June/July 2011. The 11 revised full papers were carefully selected from 31 submissions. In addition to the thorough review process, the lively discussions at the event itself also helped the authors to improve their papers and to foster interesting extensions. The selected papers cover a wide range of topics spanning from theoretical issues related to process ...
Cooperative communications is a core research area in wireless vehicular networks (WVNs), thanks to its capability to mitigate fading and improve spectral efficiency. In a cooperative scenario, the performance of the system is improved by... more
Cooperative communications is a core research area in wireless vehicular networks (WVNs), thanks to its capability to mitigate fading and improve spectral efficiency. In a cooperative scenario, the performance of the system is improved by selecting the best relay for data transmission among a group of available relays. However, due to the mobility of WVNs, the best relay is often selected in practice based on outdated channel state information (CSI), which in turn affects the overall system performance. Therefore, there is a need for a robust relay selection scheme (RSS) that improves the overall achievable performance of an outdated CSI. Motivated by this and considering the advantageous features of autoregressive moving average (ARMA), in the present work we model a cooperative vehicular communication scenario with relay selection as a Markov decision process (MDP) and propose two deep Q-networks (DQNs), namely DQN-RSS and DQN-RSS-ARMA. In the proposed framework, two deep reinforc...
Research Interests:
The application of emerging technologies, such as Artificial Intelligence (AI), entails risks that need to be addressed to ensure secure and trustworthy socio-technical infrastructures. Machine Learning (ML), the most developed subfield... more
The application of emerging technologies, such as Artificial Intelligence (AI), entails risks that need to be addressed to ensure secure and trustworthy socio-technical infrastructures. Machine Learning (ML), the most developed subfield of AI, allows for improved decision-making processes. However, ML models exhibit specific vulnerabilities that conventional IT systems are not subject to. As systems incorporating ML components become increasingly pervasive, the need to provide security practitioners with threat modeling tailored to the specific AI-ML pipeline is of paramount importance. Currently, there exist no well-established approach accounting for the entire ML life-cycle in the identification and analysis of threats targeting ML techniques. In this paper, we propose an asset-centered methodology—STRIDE-AI—for assessing the security of AI-ML-based systems. We discuss how to apply the FMEA process to identify how assets generated and used at different stages of the ML life-cycle...
Research Interests:
Data download and storage over wireless networks is a popular application for various multimedia such as images, audio, and video files. In such applications, the end-user may listen to or watch the downloaded media in real-time, and/or... more
Data download and storage over wireless networks is a popular application for various multimedia such as images, audio, and video files. In such applications, the end-user may listen to or watch the downloaded media in real-time, and/or will playback the downloaded file multiple times in the future. Consequently, improving the quality of the stored multimedia will be highly desirable by the end-user, even if the initial real-time version had less quality. Therefore, this work proposes a novel technique to improve the throughput of wireless networks that adopt nonorthogonal transmission and automatic repeat request (ARQ). Unlike conventional systems, the proposed scheme stores the dropped data packets for further offline processing where some packets can be recovered by applying successive interfer-ence cancellation (SIC) in a retroactive manner. Consequently, the proposed packet repair and recovery (PRR) scheme can improve the reliability of the received data without additional pa...
Research Interests:
As Android smartphones continue to rise in popularity, the number of malicious programs targeting the platform has increased dramatically. Methods for efficiently detecting and preventing the spread of Android malware have become a... more
As Android smartphones continue to rise in popularity, the number of malicious programs targeting the platform has increased dramatically. Methods for efficiently detecting and preventing the spread of Android malware have become a subject of increasing urgency. The exfiltration of sensitive data from smartphones is one of the sophisticated security threats that need to be addressed. In this paper, we analyzed the 3-grams of system calls, and developed a framework for identifying malicious Android applications that engage in network data exfiltration. Androzoo, a recently made public database, serves as the foundation for our exfiltration dataset. The majority of published works rely on data acquired from Android emulators and user input simulation. As part of our research, we collect data on the behavior of exfiltration attempts only in real-world interaction, as opposed to data from emulators or virtual environments. Using these dynamic variables, we employ cutting-edge machine le...
Continuous monitoring of the well-being state of elderly people is about to become an urgent need in the early future due to population aging. Aiming a unified notion of well-being, we find the Intrinsic Capacity concept in accordance... more
Continuous monitoring of the well-being state of elderly people is about to become an urgent need in the early future due to population aging. Aiming a unified notion of well-being, we find the Intrinsic Capacity concept in accordance with the SMART BEAR project goals. In this study, we mainly focus on the enabling infrastructure, mapping our models to interoperable repositories and to streaming/computing components that can foster monitoring. Our method is also innovative for explicitly combining personalized and risk levels in generating the Intrinsic Capacity score. Leveraging on synthetic data, we represent the outcome trajectories of some sample patients for 1-year continuous monitoring and discuss approaches to characterize them based on the exhibited tendency and evaluate the results from the predictability point of view providing by the entropy of time series concept. At the end, we discuss the possible data quality issues in health care studies using synthetic data.
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Transverse tubule (TT) membranes isolated from chicken skeletal muscle possess a very active magnesium-stimulated ATPase (Mg-ATPase) activity. The Mg-ATPase has been tentatively identified as a 102-kD concanavalin A (Con A)-binding... more
Transverse tubule (TT) membranes isolated from chicken skeletal muscle possess a very active magnesium-stimulated ATPase (Mg-ATPase) activity. The Mg-ATPase has been tentatively identified as a 102-kD concanavalin A (Con A)-binding glycoprotein comprising 80% of the integral membrane protein (Okamoto, V.R., 1985, Arch. Biochem. Biophys., 237:43-54). To firmly identify the Mg-ATPase as the 102-kD TT component and to characterize the structural relationship between this protein and the closely related sarcoplasmic reticulum (SR) Ca-ATPase, polyclonal antibodies were raised against the purified SR Ca-ATPase and the TT 102-kD glycoprotein, and the immunological relationship between the two ATPases was studied by means of Western immunoblots and enzyme-linked immunosorbent assays (ELISA). Anti-chicken and anti-rabbit SR Ca-ATPase antibodies were not able to distinguish between the TT 102-kD glycoprotein and the SR Ca-ATPase. The SR Ca-ATPase and the putative 102-kD TT Mg-ATPase also poss...
Research Interests: Biology, Cell Biology, Medicine, Biological Sciences, Magnesium, and 15 moreATPase, Chicken, Animals, Muscles, Membrane, Fluorescent Antibody Technique, Skeletal Muscle, Chickens, Amino Acid Sequence, Membrane Protein, Enzyme Linked Immunosorbent Assay, Molecular Structure, Sarcoplasmic reticulum, Amino acid composition, and Medical and Health Sciences
The highly dynamic nature of cognitive radio (CR) systems and their stringent latency requirements pose a major challenge in the realization of efficient intelligent transport systems (ITS). In this paper, we investigate relay selection... more
The highly dynamic nature of cognitive radio (CR) systems and their stringent latency requirements pose a major challenge in the realization of efficient intelligent transport systems (ITS). In this paper, we investigate relay selection and opportunistic spectrum access in conjunction with blockchain technology in a secure manner. Specifically, we propose a cross-layer method for secure relay selection, where secondary relays (SRs) are granted access to available spectrum bands based on the balance of their respective virtual wallets. These virtual wallets, which are built based on the SRs' secrecy capacity and their behavior in the network, are the predominant factors that allow SRs to participate in an auction model. To quantify the trustworthiness of the SRs, we formulate a mathematical framework to evaluate the trust value of each SR, which is then leveraged for rewarding or penalizing the SR. Furthermore, we develop an offline blockchain framework to store the information o...
Research Interests:
Research Interests:
Process mining is an emerging discipline that aims to analyze business processes using event data logged by IT systems. In process mining, the focus is on how to effectively and efficiently predict the next process/trace to be activated... more
Process mining is an emerging discipline that aims to analyze business processes using event data logged by IT systems. In process mining, the focus is on how to effectively and efficiently predict the next process/trace to be activated among all the possible processes/traces that are available in the process schema (usually modeled as a graph). Most of the existing process mining techniques assume that there is a one-to-one mapping between process model activities and the events that are recorded during process execution. However, event logs and process model activities are at different level of granularity. In this paper, we present a machine learning-based approach to map low-level event logs to high-level activities. With this work, we can bridge the abstraction levels when the high-level labels of the low-level events are not available. The proposed approach consists of two main phases: automatic labeling and machine learning-based classification. In automatic labeling a modifi...
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Web services’ (WS) emphasis on open standards provides substantial benefits over previous application integration techniques. A major WS feature is SOAP, a simple, robust and extensible XML-based protocol for the exchange of messages. For... more
Web services’ (WS) emphasis on open standards provides substantial benefits over previous application integration techniques. A major WS feature is SOAP, a simple, robust and extensible XML-based protocol for the exchange of messages. For this reason, SOAP WS on virtual hosts are now widely used to provide shared functionalities on clouds. Unfortunately, SOAP has two major performance-related drawbacks: i) verbosity, related to XML, that leads to increased network traffic, and ii) high computational burden of XML parsing and processing, that leads to high latency. In this paper, we address these two issues and present new results regarding our framework for Differential SOAP Multicasting (DSM). The main idea behind our framework is identifying the common pattern and differences between SOAP messages, modeled as trees, so as to multicast similar messages together. Our method is based on the well known concept of Tree Edit Distance, built upon a novel filter-differencing architecture ...
Research Interests:
Research Interests:
Abstract. Location-based Access Control (LBAC) techniques allow the definition of users' access rights based on location predicates that exploit the users' physical location. However, evaluating the physical location of a user... more
Abstract. Location-based Access Control (LBAC) techniques allow the definition of users' access rights based on location predicates that exploit the users' physical location. However, evaluating the physical location of a user is a specialized activity that is unlikely to be performed by ...
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Research Interests:
Trace clustering has been extensively used to preprocess event logs. By grouping similar behavior, these techniques guide the identification of sub-logs, producing more understandable models and conformance analytics. Nevertheless, little... more
Trace clustering has been extensively used to preprocess event logs. By grouping similar behavior, these techniques guide the identification of sub-logs, producing more understandable models and conformance analytics. Nevertheless, little attention has been posed to the relationship between event log properties and clustering quality. In this work, we propose an Automatic Machine Learning (AutoML) framework to recommend the most suitable pipeline for trace clustering given an event log, which encompasses the encoding method, clustering algorithm, and its hyperparameters. Our experiments were conducted using a thousand event logs, four encoding techniques, and three clustering methods. Results indicate that our framework sheds light on the trace clustering problem and can assist users in choosing the best pipeline considering their scenario.
Process discovery methods have obtained remarkable achievements in Process Mining, delivering comprehensible process models to enhance management capabilities. However, selecting the suitable method for a specific event log highly relies... more
Process discovery methods have obtained remarkable achievements in Process Mining, delivering comprehensible process models to enhance management capabilities. However, selecting the suitable method for a specific event log highly relies on human expertise, hindering its broad application. Solutions based on Meta-learning (MtL) have been promising for creating systems with reduced human assistance. This paper presents a MtL solution for recommending process discovery methods that maximize model quality according to complementary dimensions. Thanks to our MtL pipeline, it was possible to recommend a discovery method with 92% of accuracy using light-weight features that describe the event log. Our experimental analysis also provided significant insights on the importance of log features in generating recommendations, paving the way to a deeper understanding of the discovery algorithms.
Research Interests:
Mobile payment systems are increasingly used to simplify the way in which money transfers and transactions can be performed. We argue that, to achieve their full potential as economic boosters in developing countries, mobile payment... more
Mobile payment systems are increasingly used to simplify the way in which money transfers and transactions can be performed. We argue that, to achieve their full potential as economic boosters in developing countries, mobile payment systems need to rely on new metaphors suitable for the business models, lifestyle, and technology availability conditions of the targeted communities. The Pay-with-a-Group-Selfie (PGS) project, funded by the Melinda & Bill Gates Foundation, has developed a micro-payment system that supports everyday small transactions by extending the reach of, rather than substituting, existing payment frameworks. PGS is based on a simple gesture and a readily understandable metaphor. The gesture - taking a selfie - has become part of the lifestyle of mobile phone users worldwide, including non-technology-savvy ones. The metaphor likens computing two visual shares of the selfie to ripping a banknote in two, a technique used for decades for delayed payment in cash-only m...
Compte tenu de l'évolution rapide des Technologies de l'Information, la création de nouvelles méthodes d'enseignement s'impose afin de permettre aux étudiants de maitriser les contours difficiles du programme... more
Compte tenu de l'évolution rapide des Technologies de l'Information, la création de nouvelles méthodes d'enseignement s'impose afin de permettre aux étudiants de maitriser les contours difficiles du programme d'enseignement. De nos jours, dans le soucis d'amélioration de l'enseignement des Technologies de l'Information et de la Communication (TIC), plusieurs Universités et Institutions voudraient mettre à la disposition des étudiants une solution basée sur les environnements virtuels d'étude pour leur permettre d'acquérir des aptitudes pratiques suite à la théorie acquise dans l'environnement classique d'enseignement. Mais elles sont limitées par le coût onéreux des environnements virtuels commerciaux qui sont proposés sur le marché. Cet article a pour but de décrire OVL (Open Virtual Lab), l'environnement virtuel « open source » mis en place par l'Université de Milan et qui est utilisé à distance par des Institutions d'out...
Research Interests:
This report documents the program and the outcomes of Dagstuhl Seminar 13481 "Unleashing Operational Process Mining". Process mining is a young research discipline connecting computational intelligence and data mining on the one... more
This report documents the program and the outcomes of Dagstuhl Seminar 13481 "Unleashing Operational Process Mining". Process mining is a young research discipline connecting computational intelligence and data mining on the one hand and process modeling and analysis on the other hand. The goal of process mining is to discover, monitor, diagnose and improve real processes by extracting knowledge from event logs readily available in today's information systems. Process mining bridges the gap between data mining and business process modeling and analysis. The seminar that took place November 2013 was the first in its kind. About 50 process mining experts joined forces to discuss the main process mining challenges and present cutting edge results. This report aims to describe the presentations, discussions, and findings.