Back to Mauro's Home Page Electronic data and the capability to exchange them quickly and without interruptions is becoming more and more one of the basic requirements of the economy of our modern society. This growing dependency, though, is showing in other fields too, in fact from military to recent developments of e-government, it is of paramount importance to be able to access and tap into the electronic telecommunication grid.
A second important aspect of the recent evolution of our society is the proliferation of wideband connections. If it is certainly true that a generalized availability of high speed connections opens the market to a large number of innovative web-based applications, it is also true that the always-on Internet turns any home PC into a target for intrusions and drafting into botnets [1]. The dimension of this problem is shown by the generation of a new storm of network attacks that every day accounts for a non-negligible amount of network traffic. In fact, recent network monitoring activities suggest that the number of controlled nodes somehow participating to the malicious activities of a botnet is dramatically increasing. Furthermore, the "Connected World" vision that is at the very base both of the Internet of Things and of the Cyber-Physical systems, makes every possible object both a target for an attack and a possible injection point for malware.
These reasons, besides others that are beyond the scope of this brief introduction, make security an extremely hot topic both in research and in every day's practice.
Nonetheless, security is certainly not the only critical aspect of our modern society. In fact, it is also true that our carbon footprint is showing an alarming steadiness in its growth, and that a non-negligible part of this growth is due to computing and networking that are the foundations of the two previously described phenomena.
This fact, as a recent report of the Organization for Economic Co-operation and Development shows [2] , has spurred the growth of a generation of green computing initiatives and has turned green computing and networking into another very hot topic both in research [3] , [4] , [5] and in industrial practices.
However, while Green Computing and Networking are two important topics in the most recent research agenda, security considerations cannot be avoided if we want to devise truly effective measures. In fact, as we have already stated, there is no scenario in our modern society in which security can be considered less than fundamental. From a specular point of view, while the use of security mechanisms very often increases both the computational and the energy demand of a system, this increase is very seldom considered and the modeling of security systems and mechanisms in terms of power consumption is still a largely unexplored field. As an example, the energy requirements of the most popular ( de-jure or de-facto standards) security mechanisms and frameworks are issues almost systematically underestimated. Furthermore, the design of new security solutions on different paradigms (Web, Grid and Cloud) and layers (ranging from network to application) does not usually include a study of energy consumption and demand.
Finally, also attacks to systems and the exploitation of their vulnerabilities lack a clear and analytical modeling in terms of their energy aftermaths. This fact, as the appearance of new security attacks focused on draining battery of mobile devices clearly shows, is rapidly turning into a critical issue because of the explosive growth of such energy-constrained devices.
In this general scenario, we have two main research threads: the first is dedicated to the study of how an aggressive approach to intrusion detection through distributed analysis could lower the amount of energy consumed by routing [6] [7] [8] [9]; the second is dedicated to the study design and implementation of tools capable of defining the energy consumption signatures of the activities on an energy contrained device, so that malicious intrusion could be identified directly in the energetical behavior of the system itself [10].
I recently gave a brief video interview on this topic.
[1] F. Naseem, M. Shafqat, U. Sabir, and A. Shazad, “A Survey of botnet Technology and Detection”, International Journal of Video and Image Processing and Network Security, Vol. 10 No:01.
[2] OECD, Working Party on the Information Economy, Towards Green ICT strategies: Assessing Policies and Programmes on ICTs and the Environment, available online at http://www.oecd.org/dataoecd/47/12/42825130.pdf
[3] Van Heddeghem W., Vereecken W., Pickavet M., Demeester P., Energy in ICT - Trends and research directions, Proc. Of the IEEE 3rd International Symposium on Advanced Networks and Telecommunication Systems (ANTS), New Delhi, 14-16 Dec. 2009.
[4] Bianzino A., Chaudet C., Rossi D., Rougier J., A Survey of Green Networking Research, IEEE Communications Surveys & Tutorials, 2010 , Page(s): 1 – 18.
[5] N. Hardavellas, M. Ferdman, B. Falsafi, A. Ailamaki, Toward Dark Silicon in Servers, IEEE Micro, Volume: 31 Issue 4 pp 6 – 15, July-Aug. 2011
[6] Mauro Migliardi and Gianluca Stringhini, A Distributed Model for Intrusion Detection and Prevention, Proc. of the WWW/Internet 2009 International Conference, Rome, Italy, November, 19-22, 2009.
[7] Mauro Migliardi and Gianluca Stringhini, Travelling Information For Intrusion Prevention Systems, Proc. of the 2010 International Conference on Security and Management, Las Vegas, Nevada, USA, July 12-15, 2010.
[8] Alessio Merlo, Mauro Migliardi, Modeling the energy consumption of an IDS: a step towards Green Security, Proc. of the IEEE Conference on Information Systems Security, Opatija (HR), 23-27 May 2011.
[9] Mauro Migliardi, Alessio Merlo, Energy Consumption Simulation of Different Distributed Intrusion Detection Approaches, Proc. of the First International WorkShop on Energy-Aware Systems, Communications and Security (EASyCoSe 2013), part of the 27th IEEE International Conference on Advanced Information Networking and Applications (AINA-2013), Barcelona (Spain), March 25-28, 2013.
[10] Monica Curti, Alessio Merlo, Mauro Migliardi, Simone Schiappacasse, Towards Energy-Aware Intrusion Detection Systems on Mobile Devices, to be presented at The 8th International Workshop on Security and High Performance Computing Systems, 1-5 July 2013, Helsinki. Finland.
[11] Nicola Gobbo, Alessio Merlo, and Mauro Migliardi, A Denial of Service Attack to GSM Networks via Attach Procedure, Proc. of ARES 2013 Workshops, LNCS 8128, pp. 361--376. IFIP International Federation for Information Processing (2013)
[12] Mauro Migliardi, Alessio Merlo, Improving Energy Efficiency in Distributed Intrusion Detection Systems, Journal of High Speed Networks, IoS Press, pgg. 251-264, Volume 19, Number 3 / 2013, DOI 10.3233/JHS-130476.
[13] Mauro Migliardi, Alessio Merlo, Dispositivi Mobili: Nuovi Problemi di Sicurezza, Mondo Digitale, N. 48, December 2013.
[14] Alessio Merlo, Mauro Migliardi, Nicola Gobbo, Francesco Palmieri, Aniello Castiglione, A Denial of Service Attack to UMTS Networks Using SIM-less Devices, IEEE Transactions on Dependable and Secure Computing, pp. 280-291, Vol. 11, N.3, May-June 2014, http://dx.doi.org/10.1109/TDSC.2014.2315198
[15] Mauro Migliardi, Alessio Merlo and Luca Caviglione, A Survey of Green, Energy-Aware Security and Some of its Recent Developments in Networking and Mobile Computing, Proc. of the Eigth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, Birmingham (UK), July 2-4 2014.
[16] Alessio Merlo, Mauro Migliardi, Diego Raso and Elena Spadacini, Optimizing Network Energy Consumption through Intrusion Detection Systems, Proc of the Seventh International Conference on Computational Intelligence in Security for Information Systems, Bilbao (ES), June 25-27 2014.
[17] Merlo, A.; Migliardi, M.; Fontanelli, P., "On energy-based profiling of malware in Android," High Performance Computing & Simulation (HPCS), 2014 International Conference on , vol., no., pp.535,542, Bologna (IT), 21-25 July 2014 doi: 10.1109/HPCSim.2014.6903732
[18] M. Migliardi, A. Merlo, M. Tettamanti, Reducing Energy Consumption in Prospective Memory Support System through Hierarchical Positioning Algorithm, Proc. of the Second International WorkShop on Energy-Aware Systems, Communications and Security (EASyCoSe 2014), part of the 6-th International Conference on Intelligent Networking and Collaborative Systems (INCoS-2014), Salerno (IT), September 10 - 12, 2014.
[19] S. Al-Haj Baddar, A. Merlo, M. Migliardi, Anomaly Detection in Computer Networks: A State-of-the-Art Review, Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), Volume 5, Number 4 (December 2014).
Human memory is the basis of most superior cognitive faculties. As such, it has been the subject of study in biology, cognitive science and psychology. Although clear separation and a precise discontinuity between different types of memory are still controversial, there is a general agreement that different functions exist and that memory related functions vary according to emotional states and age and tend to deteriorate with age. Among memory functions very important element is prospective memory. Prospective memory is a multi-componential ability combining strategic and automatic processes to form action plans and intentions that need to be accomplished at some appropriate time or location or in response to specific events; as such it is sometime defined as a memory of the future. When a subject experiences difficulty with perspective memory, he suffers a disruption of his capability to efficiently follow an activity plan. Things to do tend to come to mind unordered, in the wrong moment and in the wrong place. This reduces personal efficiency and generates frustration that worsens the situation. Furthermore, a general feature of many everyday prospective memory tasks is that the accomplishment of the planned actions or intentions must be delayed or maintained in memory until the appropriate conditions are actually met. In most cases, perceptual information signaling that the appropriate conditions have been met can act as retrieval cues triggering the intended actions. With declining cognitive abilities in the elderlies, such perceptual cues can become ineffective, due to some failures of orchestrated executive functions (e.g. working memory, attention, task switching) in putting them in relation to the intended plans, or to interfering background tasks, thus leading to a loss of the associated prospective memory.
Thus, in a society where life expectancy is bound to increase sharply and stress level tends to be high, perspective memory disfunctions may become a serious social problem.
In this project, we plan to leverage the recent advancement in mobile and pervasive computing, context aware systems and computer vision to produce a system capable of supporting reduced memory abilities in aging (or otherwise memory impaired) subjects to enhance their daily efficiency to a level sufficient for independent living.
In past works, we have prototyped a similar system aimed at generic users and composed by an android smartphone and e server side engine. This prototype provides a generic service platform capable of collecting task descriptions, track the user movements, investigate his surroundings and generate notifications when a place for efficient completion of one task is nearby [1] [2] [3] [4] [5] [6] [7] [10]. However, in order to reach a state where all the building blocks needed to develop an efficient prosthetic system for subjects with memory impairments can be developed, several aspects need further research. This project focuses on four of these aspects.
The first aspect is related to the optimization of resources usage on the mobile component of the system. As an example, contextualization of the hints requires tracking the user's position. At present this is usually achieved through the GPS, however continuous use of the GPS system is too costly in terms of client resources. In this project we will investigate how to leverage the interaction between client side and server side to optimize usage of client side resources. This goal will be pursued by adopting intelligent algorithms capable to predict user behavior so that in most cases it will be sufficient to check for prediction errors thus increasing the granularity of actual client side measurements.
The second aspect is related to optimization of hints to the user. The capability to identify POIs provided by the system tends to generate a continuous flow of hints that rapidly make the system output degenerate into noise for the user. Thus, it is necessary to have the system learn the user's habits to optimize when to provide hints. As an example it is counterproductive to keep suggesting to the user that he may buy the bread while he is working or during a meeting, while it would be best to remind him during lunch break or when he leave after the meeting. To achieve this goal we plan to study an interactive system that will i) trace the user's feedback to system's cues, ii) trace the user's movements, iii) ask him to identify spots where he spends significant amounts of time and iv) interact with his calendar and other device provided data to create an activity context and leverage it to filter hints output.
The third aspect is related to the dependency of the system on availability and completeness of GIS. In order to investigate the whereabouts of the user, the current system queries a GIS to look for categories of POIs. Any POI not currently in the GIS will never be suggested to the user. To overcome this problem, in this project we will investigate the use of computer vision to recognize POIs and to add them to a personal/local database.
The fourth aspect is related to security both related to the sensitivity of the data managed by the system and to the availability of the system itself. Security in mobile systems presents several new challenges both in the traditional sense (e.g. the usage of location awareness to refine Access Control Policies) and in completely new directions such as denial of device by depleting one of the most critical resource: energy. Furthermore, while the security models for traditional operating systems are mature, the interaction between traditional OS layers (i.e. the Linux kernel) and new layers (i.e. the Android layer) is still largely unmapped. In his project we will investigate a model for the inter-layer interaction [8] [11], power consumption of security and power related attacks [9].
[1] Mauro Migliardi, Giorgio Ravera, A Support System for Memory Impaired Subjects, Proc. of the 2009 International Conference on Information and Knowledge Engineering, Las Vegas, Nevada, USA, July 13-16, 2009.
[2] Petrus Prasetyo Anggono and Mauro Migliardi, A Mobile, Context Aware System For Memory Support And Planning, Proc. of the 2010 International Conference on Information and Knowledge Engineering, Las Vegas, Nevada, USA, July 12-15, 2010.
[3] Mauro Migliardi, Marco Gaudina, A mobile platform for the improvement of personal efficiency, Proc. of the IEEE Conference on Intelligent Systems, Opatija (HR), 23-27 May 2011.
[4] Mauro Migliardi, Marco Gaudina, Active Personal Information Manager: a System for Human Memory Support, Proc. of the 4th International Conference on Intelligent Interfaces for Human-Computer Interaction, Korean Bible University, Seoul (S. Korea), June 30th - July 2nd, 2011.
[5] Mauro Migliardi, Marco Gaudina, Andrea Brogni, Enhancing personal efficiency with pervasive services, Proc. of the Sixth International Conference on Broadband and Wireless Computing, Communication and Applications, October 26-28, 2011, Technical University of Catalonia, Barcelona, Spain, DOI: http://dx.doi.org/10.1109/BWCCA.2011.27 .
[6] Mauro Migliardi, Marco Gaudina, The 4W (What-Where-When-Who) Project Goes Social, Proc. of The Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012, Palermo (IT), July 4-6 2012.
[7] Mauro Migliardi, Marco Gaudina, Andrea Brogni, Pervasive Services and Mobile Devices May Support Human Memory and Enhance Daily Efficiency, International Journal of Space-Based and Situated Computing (IJSSC), Vol. 2, No. 3, 2012.
[8] A. Armando, A. Merlo, M. Migliardi, and L. Verderame,“Would You Mind Forking This Process? A Denial of Service Attack on Android (and Some Countermeasures)” in IFIP SEC 2012 27th International Information Security and Privacy Conference, D. Gritzalis, S. Furnell, and M. Theoharidou (Eds.), pp. 13-24, June 2012, Heraklion, Greece, IFIP Advances in Information and Communication Technology (AICT), Vol. 376, Springer, 2012.
[9] Monica Curti, Alessio Merlo, Mauro Migliardi, Simone Schiappacasse, Towards Energy-Aware Intrusion Detection Systems on Mobile Devices, to be presented at The 8th International Workshop on Security and High Performance Computing Systems, 1-5 July 2013, Helsinki. Finland.
[10] Mauro Migliardi, Marco Gaudina, Memory Support through Pervasive and Mobile Systems, in Inter-Cooperative Collective Intelligence: Techniques and Applications, SPRINGER SERIES: Studies in Computational Intelligence, 2013, ISBN 978-3-642-35015-3
[11] Alessandro Armando, Alessio Merlo, Mauro Migliardi, Luca Verderame, Breaking and fixing the Android Launching Flow, Computers & Security, (2013), http://dx.doi.org/10.1016/j.cose.2013.03.009
[12] Mauro Migliardi, Marco Gaudina, Memory Support through Pervasive and Mobile Systems, in Inter-Cooperative Collective Intelligence: Techniques and Applications, SPRINGER SERIES: Studies in Computational Intelligence, 2013, ISBN 978-3-642-35015-3
[13] Mauro Migliardi, Alberto Servetti, A Survey of Recent Advancement in Prospective Memory Support Systems, Proc. of The Seventh International Conference on Complex, Intelligent, and Software Intensive Systems, CISIS 2013, Taichung (TW), July 3-5, 2013.
[14] M. Migliardi, A. Merlo, M. Tettamanti, Reducing Energy Consumption in Prospective Memory Support System through Hierarchical Positioning Algorithm, Proc. of the Second International WorkShop on Energy-Aware Systems, Communications and Security (EASyCoSe 2014), part of the 6-th International Conference on Intelligent Networking and Collaborative Systems (INCoS-2014), Salerno (IT), September 10 - 12, 2014.
[15] M. Migliardi, C. Degano and M. Tettamanti. "Fostering Independent Living in the Aging Population through Proactive Paging." Advanced Technological Solutions for E-Health and Dementia Patient Monitoring. IGI Global, 2015. 239-271. Web. 13 Apr. 2015. doi:10.4018/978-1-4666-7481-3.ch010