04b Atto di convegno in volume

Ontology-based database access
Counting in anonymous dynamic networks: An experimental perspective
A framework for industrial symbiosis systems for agent-based simulation
SAFE: Self-Attentive Function Embeddings for Binary Similarity

The binary similarity problem consists in determining if two functions are similar by only considering their compiled form. Techniques for binary similarity have an immediate practical impact on several fields such as copyright disputes, malware analysis, vulnerability detection, etc. Current...
Investigating Graph Embedding Neural Networks with Unsupervised Features Extraction for Binary Analysis

In this paper we investigate the use of graph embedding networks, with unsupervised features learning, as neural architecture to learn over binary functions. We propose several ways of automatically extract features from the control ﬂow graph (CFG) and we use the structure2vec graph embedding...
Delay-State Dynamics to Filtering Gaussian Systems with Markovian Delayed Measurements

In this paper we propose a solution to the problems of detecting a stochastic output delay sequence characterized by a Markov chain and estimating the state of a linear system driven by Gaussian noise through an augmented delaystate dynamics. This is the model for uncertain observations resulting...
Oblivious Dimension Reduction fork-Means:Beyond Subspaces and the Johnson-Lindenstrauss Lemma

We show that fornpoints ind-dimensional Euclidean space, a dataoblivious random projection of the columns ontoO(((logk+log logn)/ε^6)log(1/ε)) dimensions is sufficient to approximate the cost of all k-means clusterings up to a multiplicative (1±ε) factor. The previous-bestupper bounds on O(logn/ε^2...
Reconstructing C2 Servers for Remote Access Trojans with Symbolic Execution

The analysis of a malicious piece of software that involves a remote counterpart that instructs it can be troublesome for security professionals, as they may have to unravel the communication protocol in use to figure out what actions can be carried out on the victim’s machine. The possibility to...
The ROP needle: Hiding trigger-based injection vectors via code reuse

In recent years, researchers have come up with proof of concepts of seemingly benign applications such as InstaStock and Jekyll that remain dormant until triggered by an attacker-crafted condition, which activates a malicious behavior, eluding code review and signing mechanisms. In this paper, we...
Static analysis of ROP code

Recent years have witnessed code reuse techniques being employed to craft entire programs such as Jekyll apps, malware droppers, and persistent data-only rootkits. The increased complexity observed in such payloads calls for specific techniques and tools that can help in their analysis. In this...