Quicklinks

Threat Detection and Defenses

Photo by JESHOOTS.COM on Unsplash

Threat Detection and Defenses

Attack-detection mechanisms should be able to reliably detect, predict, and understandably explain both known and novel threats, while also being able to cope with evasion techniques (like obfuscation, polymorphism, or stealth low-volume attacks). They should not just be able to detect any critical incident, but also raise alarms when it matters only; the more false alarms are raised, the higher the risk that users will ignore warnings or even disable the detection permanently. Moreover, to provide a strong line of defense, attack detection methods should be complemented by suitable defensive technologies, ideally selected autonomously by the system under attack, to counter whatever threat it encounters. In this research area we pursue this ideal, currently amongst others by focusing on the detection and analysis of modern malware, on the prevention and attribution of DDoS attacks, and on the identification and mitigation of novel system vulnerabilities.

Members

Most Recent Publications

Title Date Authors Meta
 2020
USENIX-Security
2020
 Stefano Calzavara, Sebastian Roth, Alvise Rabitti, Michael Backes, Ben Stock
 NRA5 , NRA3
 Proceedings of the 29th USENIX Security Symposium
 2020
IEEE S&P
2020
 Qingchuan Zhao, Chaoshun Zuo, Dolan-Gavitt Brendan, Giancarlo Pellegrino, Zhiqiang Lin
 NRA3 , NRA5
 IEEE Symposium on Security and Privacy
 2020
NDSS
2020
 Sebastian Roth, Timothy Barron, Stefano Calzavara, Nick Nikiforakis, Ben Stock
 NRA5 , NRA3
 NDSS 2020
 2020
NDSS
2020
 Giada Stivala, Giancarlo Pellegrino
 NRA5 , NRA3
 27th Annual Network and Distributed System Security symposium
 2020
2020
 Simon Koch, Tim Sauer, Martin Johns, Giancarlo Pellegrino
 NRA5 , NRA3
 The 35th ACM/SIGAPP Symposium On Applied Computing