Match!
Lorenzo Cavallaro
King's College London
Computer securityComputer scienceMalwareAndroid (operating system)Real-time computing
58Publications
21H-index
1,814Citations
What is this?
Publications 66
Newest
May 18, 2020 in S&P (IEEE Symposium on Security and Privacy)
#1Fabio Pierazzi ('KCL': King's College London)H-Index: 6
#2Feargus Pendlebury (RHUL: Royal Holloway, University of London)H-Index: 2
Last. Lorenzo Cavallaro ('KCL': King's College London)H-Index: 21
view all 4 authors...
Recent research efforts on adversarial ML have investigated problem-space attacks, focusing on the generation of real evasive objects in domains where, unlike images, there is no clear inverse mapping to the feature space (e.g., software). However, the design, comparison, and real-world implications of problem-space attacks remain underexplored. This paper makes two major contributions. First, we propose a novel formalization for adversarial ML evasion attacks in the problem-space, which include...
Source
Complex malware samples feature measures to impede automatic and manual analyses, making their investigation cumbersome. While automatic characterization of malware benefits from recently proposed designs for passive monitoring, the subsequent dissection process still sees human analysts struggling with adversarial behaviors, many of which also closely resemble those studied for automatic systems. This gap affects the day-to-day analysis of complex samples and researchers have not yet attempted ...
1 CitationsSource
#1Simon Bell (RHUL: Royal Holloway, University of London)H-Index: 1
#2Kenny Paterson (ETH Zurich)
Last. Lorenzo Cavallaro ('KCL': King's College London)H-Index: 21
view all 3 authors...
With more than 500 million daily tweets from over 330 million active users, Twitter constantly attracts malicious users aiming to carry out phishing and malware-related attacks against its user base. It therefore becomes of paramount importance to assess the effectiveness of Twitter's use of blacklists in protecting its users from such threats. We collected more than 182 million public tweets containing URLs from Twitter's Stream API over a 2-month period and compared these URLs against 3 popula...
Recent research efforts on adversarial ML have investigated problem-space attacks, focusing on the generation of real evasive objects in domains where, unlike images, there is no clear inverse mapping to the feature space (e.g., software). However, the design, comparison, and real-world implications of problem-space attacks remain underexplored. This paper makes two major contributions. First, we propose a general formalization for adversarial ML evasion attacks in the problem-space, which inclu...
#1Feargus Pendlebury (RHUL: Royal Holloway, University of London)H-Index: 2
#2Fabio Pierazzi (RHUL: Royal Holloway, University of London)H-Index: 6
Last. Lorenzo Cavallaro ('KCL': King's College London)H-Index: 21
view all 5 authors...
11 Citations
Jul 2, 2019 in CCS (Computer and Communications Security)
#1Daniele Cono D'Elia (Sapienza University of Rome)H-Index: 5
#2Emilio Coppa (Sapienza University of Rome)H-Index: 6
Last. Lorenzo Cavallaro ('KCL': King's College London)H-Index: 21
view all 5 authors...
Dynamic binary instrumentation (DBI) techniques allow for monitoring and possibly altering the execution of a running program up to the instruction level granularity. The ease of use and flexibility of DBI primitives has made them popular in a large body of research in different domains, including software security. Lately, the suitability of DBI for security has been questioned in light of transparency concerns from artifacts that popular frameworks introduce in the execution: while they do not...
5 CitationsSource
#2Santanu Kumar DashH-Index: 6
Last. Lorenzo CavallaroH-Index: 21
view all 5 authors...
#1Lorenzo Cavallaro ('KCL': King's College London)H-Index: 21
Oct 8, 2018 in CCS (Computer and Communications Security)
#1Feargus Pendlebury (RHUL: Royal Holloway, University of London)H-Index: 2
#2Fabio Pierazzi (RHUL: Royal Holloway, University of London)H-Index: 6
Last. Lorenzo Cavallaro ('KCL': King's College London)H-Index: 21
view all 5 authors...
Machine learning is widely used in security research to classify malicious activity, ranging from malware to malicious URLs and network traffic. However, published performance numbers often seem to leave little room for improvement and, due to a wide range of datasets and configurations, cannot be used to directly compare alternative approaches; moreover, most evaluations have been found to suffer from experimental bias which positively inflates results. In this manuscript we discuss the impleme...
2 CitationsSource
Oct 8, 2018 in CCS (Computer and Communications Security)
#1Lorenzo Cavallaro ('KCL': King's College London)H-Index: 21
Source
1234567