Luca Caviglione
Senior Researcher
Luca Caviglione holds a PhD in Electronic and Computer Engineering from the University of Genoa, Italy. In 2007 he was with the Italian National Consortium for Telecommunications. From April 2007 to July 2018 he was with the Institute of Intelligent Systems for Automation of the National Research Council of Italy. His research interests include optimization of Internet-scale infrastructures, wireless and satellite communications and network security, with emphasis on information hiding, covert channels and network steganography. He is author or co-author of more than 130 academic publications and several patents in the field of peer-to-peer. He has been involved in research projects funded by the European Union, the European Space Agency, the Italian Ministry of Research and Siemens COM MN AG. He is involved in the technical program committee of several international conferences and he is in the editorial board of many international journals. He is a work group leader of the Italian IPv6 Task Force, a contract professor in the field of networking and security, and a professional engineer. From June 2016, he is in the steering committee of the Criminal Use of Information Hiding initiative supported by the European Cybercrime Centre.
Research Activity
Information Hiding, Network Steganography, Covert Channels, Energy-Aware Cybersecurity, Optimization of large-scale Internet services, Networking.
Projects
Publications
Analysis of Reversible Network Covert Channels
Przemyslaw Szary, Wojciech Mazurczyk, Steffen Wendzel, Luca Caviglione
In the last years, the utilization of information hiding techniques for empowering modern strains of malware has become a serious concern for security experts. Such an approach allows attackers to act...
CNR@People | DOI: 10.1109/ACCESS.2022.3168018.
2022, Journal article
Code Layering for the Detection of Network Covert Channels in Agentless Systems
M. Zuppelli, M. Repetto, A. Schaffhauser, W. Mazurczyk, L. Caviglione
The growing interest in agentless and serverless environments for the implementation of virtual/container network functions makes monitoring and inspection of network services challenging tasks. A maj...
CNR@People | DOI: 10.1109/TNSM.2022.3176752
2022, Editorial in journal
Guest Editorial: Information Security Methodology and Replication Studies
S. Wendzel, L. Caviglione, A. Mileva, J.-F. Lalande, W. Mazurczyk
N/A
CNR@People | DOI: 10.1515/itit-2022-0016
2022, Editorial in journal
Guest Editorial: Security and Privacy Issues of Home Globalization
Luca Caviglione, Steffen Wendzel, Simon Vrhovec, Aleksandra Mileva
N/A
CNR@People | DOI: 10.1109/MSEC.2021.3127372
2022, Journal article
Information Hiding in the DICOM Message Service and Upper Layer Service with Entropy-Based Detection
Aleksandra Mileva, Aleksandar Velinov, Vesna Dimitrova, Luca Caviglione, Steffen Wendzel
The DICOM (Digital Imaging and COmmunication in Medicine) standard provides a framework for a diagnostically-accurate representation, processing, transfer, storage and display of medical imaging data....
CNR@People | DOI: 10.3390/e24020176
2022, Journal article
IPv6CC: IPv6 Covert Channels for Testing Networks Against Stegomalware and Data Exfiltration
L. Caviglione, A. Schaffhauser, M. Zuppelli, W. Mazurczyk
IPv6CC is a suite of network covert channels targeting the IPv6 protocol. Its main scope is supporting penetration test campaigns to evaluate the security of a system against emerging information-hidi...
CNR@People | DOI: 10.1016/j.softx.2022.100975
2022, Journal article
Never Mind The Malware, Here's The Stegomalware
Luca Caviglione, Wojciech Mazurczyk
In recent years, the use of steganographic techniques has been progressively observed to endow threats with cloaking capabilities and to launch sophisticated attack campaigns. This requires to partial...
CNR@People | DOI: 10.1109/MSEC.2022.3178205
2021, Journal article
Covert Channels in Transport Layer Security: Performance and Security Assessment
Corinna Heinz, Marco Zuppelli, Luca Caviglione
The ability of creating covert channels within network traffic is now largely exploited by malware to elude detection, remain unnoticed while exfiltrating data or coordinating an attack. As a conseque...
CNR@People | DOI: 10.22667/JOWUA.2021.12.31.022
2021, Journal article
Cyber Reconnaissance Techniques
Wojciech Mazurczyk and Luca Caviglione
The number of cyber attacks is increasing on a daily basis also due to the availability of many tools to compromise hosts, network appliances and Internet of Things devices in a simple and effective m...
CNR@People | DOI: 10.1145/3418293
2021, Journal article
Deep Adversarial Learning on Google Home Devices
Andrea Ranieri, Davide Caputo, Luca Verderame, Alessio Merlo, Luca Caviglione
Smart speakers and voice-based virtual assistants are core components for the success of the IoT paradigm. Unfortunately, they are vulnerable to various privacy threats exploiting machine learning to ...
CNR@People | DOI: 10.22667/JISIS.2021.11.30.033
2021, Editorial in journal
Emerging Topics in Defending Networked Systems
Steffen Wendzel, Wojciech Mazurczyk, Luca Caviglione, Amir Houmansadr
N/A
CNR@People | DOI: 10.1016/j.future.2021.10.010
2021, Editorial in journal
Guest Editorial: Multidisciplinary Solutions to Modern Cybersecurity Challenges
Luca Caviglione, Steffen Wendzel, Aleksandra Mileva, and Simon Vrhovec
N/A
CNR@People | DOI: 10.22667/JOWUA.2021.12.31.001
2021, Journal article
Kernel-level Tracing for Detecting Stegomalware and Covert Channels in Linux Environments
Luca Caviglione, Wojciech Mazurczyk, Matteo Repetto, Andreas Schaffhauser, and Marco Zuppelli
Modern malware is becoming hard to spot since attackers are increasingly adopting new techniques to elude signature- and rule-based detection mechanisms. Among the others, steganography and informatio...
CNR@People | DOI: 10.1016/j.comnet.2021.108010
2021, Journal article
Multiobjective Placement for Secure and Dependable Smart Industrial Environments
L. Caviglione and M. Gaggero
Cyber-physical systems allow to implement efficient, highly-automated, and green smart industrial environments. To this aim, computation is a critical asset to control machineries, process data, and r...
CNR@People | DOI: 10.1109/TII.2020.2978771
2021, Journal article
Tight Arms Race: Overview of Current Malware Threats and Trends in Their Detection
L. Caviglione, M. Choras, I. Corona, A. Janicki, W. Mazurczyk, M. Pawlicki, K. Wasielewska
Cyber attacks are currently blooming, as the attackers reap significant profits from them and face a limited risk when compared to committing the "classical" crimes. One of the major compone...
CNR@People | DOI: 10.1109/ACCESS.2020.3048319
2021, Journal article
Trends and Challenges in Network Covert Channels Countermeasures
Luca Caviglione
Network covert channels are increasingly used to endow malware with stealthy behaviors, for instance to exfiltrate data or to orchestrate nodes of a botnet in a cloaked manner. Unfortunately, the dete...
CNR@People | DOI: 10.3390/app11041641
2020, Journal article
A Holistic Model for Security of Learning Applications in Smart Cities
L. Caviglione and M. Coccoli
Modern learning frameworks take advantage of the interconnection among individuals, multimedia artifacts, places, events, and physical objects. In this perspective, smart cities are primary providers ...
CNR@People | DOI: 10.20368/1971-8829/1135031
2020, Journal article
Deep Reinforcement Learning for Multi-Objective Placement of Virtual Machines in Cloud Datacenters
Luca Caviglione, Mauro Gaggero, Massimo Paolucci, Roberto Ronco
The ubiquitous diffusion of cloud computing requires suitable management policies to face the workload while guaranteeing quality constraints and mitigating costs. The typical trade-off is between the...
CNR@People | DOI: 10.1007/s00500-020-05462-x
2020, Journal article
Fine-hearing Google Home: why silence will not protect your privacy
Davide Caputo, Luca Verderame, Andrea Ranieri, Alessio Merlo, Luca Caviglione
Smart speakers and voice-based virtual assistants are used to retrieve information, interact with other devices, and command a variety of Internet of Things (IoT) nodes. To this aim, smart speakers an...
CNR@People | DOI: 10.22667/JOWUA.2020.03.31.035
2020, Editorial in journal
Guest Editorial: Information Security Methodology, Replication Studies and Information Security Education
Steffen Wendzel, Luca Caviglione, Alessandro Checco, Aleksandra Mileva, Jean-Francois Lalande, Wojciech Mazurczyk
N/A
CNR@People | Link
2020, Journal article
Not all areas are equal: analysis of citations in information security research
S. Wendzel, C. Lévy-Bencheton, and L. Caviglione
The understanding of the inner workings of a research community is essential to evaluate the impact of an author as well as to decide where and how to publish results. One of the key metrics is the nu...
CNR@People | DOI: 10.1007/s11192-019-03279-6
2020, Journal article
VoIP Network Covert Channels to Enhance Privacy and Information Sharing
J. Saenger, W. Mazurczyk, J. Keller and Luca Caviglione
Information hiding is increasingly used to implement covert channels, to exfiltrate data or to perform attacks in a stealthy manner. Another important usage deals with privacy, for instance, to bypass...
CNR@People | DOI: 10.1016/j.future.2020.04.032
2019, Journal article
Model predictive control for energy-efficient, quality-aware, and secure virtual machine placement
M. Gaggero; L. Caviglione
Modern datacenters rely on virtualization to deliver complex and scalable cloud services. To avoid inflating costs or reducing the perceived service level, suitable resource optimization techniques ar...
CNR@People | DOI: 10.1109/TASE.2018.2826723
2019, Editorial in journal
Recent Advancements in Digital Forensics, Part 2
W. Mazurczyk, L. Caviglione and S. Wendzel
N/A
CNR@People | DOI: 10.1109/MSEC.2019.2896857
2019, Journal article
When time matters: predictive mission planning in cyber-physical scenarios
M. Gaggero, D. Di Paola, A. Petitti, and L. Caviglione
Future cyber-physical systems are expected to exploit autonomous robots to accomplish dangerous or complex missions composed of several tasks. A critical aspect is the availability of suitable mission...
CNR@People | DOI: 10.1109/ACCESS.2019.2892310
2018, Journal article
Exploiting IP telephony with silence suppression for hidden data transfers
S. Schmidt, W. Mazurczyk, R. Kulesza, J. Keller and L. Caviglione
Information hiding is increasingly used by malware for creating covert channels to exfiltrate data, orchestrate attacks, as well as to download additional code for extending its functionalities at run...
CNR@People | DOI: 10.1016/j.cose.2018.08.006
2018, Journal article
IEEE 802.15.4 Air-Ground UAV Communications in Smart Farming Scenarios
Bacco M.; Berton A.; Gotta A.; Caviglione L.
Smart farming is one of the most promising applications showing the benefits of using unmanned aerial vehicles (UAVs). Thus, precision agriculture in rural areas may largely benefit from low-cost and ...
CNR@People | DOI: 10.1109/LCOMM.2018.2855211
2018, Editorial in journal
Security mechanisms and data access protocols in innovative wireless networks
A.S.K. Pathan, S. Azad, R. Khan, and L. Caviglione
N/A
CNR@People | DOI: 10.1177/1550147718801476
2018, Journal article
Smart e-learning systems with big data
L. Caviglione and M. Coccoli
Nowadays, the Internet connects people, multimedia and physical objects leading to a new-wave of services. This includes learning applications, which require to manage huge and mixed volumes of inform...
CNR@People | DOI: 10.24425/123544
2015, Journal article
A survey on energy-aware security mechanisms
Merlo, Alessio; Migliardi, Mauro; Caviglione, Luca
The increasing adoption of mobile devices as the preferred tool to access the Internet imposes to deepen the investigation of security aspects. In parallel, their power constrained nature must be expl...
CNR@People | DOI: 10.1016/j.pmcj.2015.05.005
2015, Journal article
Steganography in Modern Smartphones and Mitigation Techniques
Luca Caviglione, Wojciech Mazurczyk
By offering sophisticated services and centralizing a huge volume of personal data, modern smartphones changed the way we socialize, entertain and work. To this aim, they rely upon complex hardware/so...
CNR@People | DOI: 10.1109/COMST.2014.2350994
Privacy-Leaking and Steganographic Threats in Wireless Connected Environments
Luca Caviglione
Wireless technologies, softwarization of hardware and the increasing diffusion of IoT nodes allow to access and control industrial settings, smart environments and a variety of remote services. This l...
CNR@People | DOI: 10.1007/978-3-031-04321-5_2
2020, Essay or book chapter
Investigating Traffic of Smart Speakers and IoT Devices: Security Issues and Privacy Threats
D. Caputo, L. Verderame, A. Merlo and L. Caviglione
Smart speakers and voice-based virtual assistants are core building blocks of modern smart homes. For instance, they are used to retrieve information, interact with other devices, and command a variet...
CNR@People
2020, Essay or book chapter
Teaching Cyber Security through Distance Learning with International Students
K. Cabaj, L. Caviglione, P. Georgi, J. Keller, W. Mazurczyk and A. Schaffhauser
Cyber security is one of the most relevant parts of modern information and communications technology (ICT) deploymentsand it will further grow in importance in the future. Therefore it is necessary to...
CNR@People | DOI: 10.1007/978-3-030-50244-7_15
2019, Essay or book chapter
Advanced Information Hiding Techniques for Modern Botnets
Luca Caviglione, Wojciech Mazurczyk, Steffen Wendzel
The chapter discusses the most recent and sophisticated form of steganography and information hiding that can be used to empower botnets. Specifically, it investigates techniques proposed by the acade...
CNR@People
Strumenti Intelligenti per Threat Detection e Response
Francesco Sergio Pisani, Silvia Biasotti, Nunziato Cassavia, Luca Caviglione, Gianluigi Folino, Massimo Guarascio, Giuseppe Manco, Marco Zuppelli
L'identificazione tempestiva di attacchi o software malevoli, la mitigazione del rischio, e la condivi- sione di informazioni per la "threat intelligence", rappresentano temi di estremo inte...
CNR@People | Link
2021, Conference proceedings
A Revised Taxonomy of Steganography Embedding Patterns
S. Wendzel, L. Caviglione, W. Mazurczyk, A. Mileva, J. Dittmann, C. Krätzer, K. Lamshöft, C. Vielhauer, L. Hartmann, J. Keller, T. Neubert
Steganography embraces several hiding techniques which spawn across multiple domains. However, the related terminology is not unified among the different domains, such as digital media steganography, ...
CNR@People | DOI: 10.1145/3465481.3470069
2021, Conference proceedings
bccstego: A Framework for Investigating Network Covert Channels
M. Repetto, L. Caviglione, M. Zuppelli
Modern malware increasingly exploits information hiding to re- main undetected while attacking. To this aim, network covert channels, i.e., hidden communication paths established within legitimate flo...
CNR@People | Link
2021, Conference proceedings
Code Augmentation for Detecting Covert Channels Targeting the IPv6 Flow Label
L. Caviglione, M. Zuppelli, W. Mazurczyk, A. Schaffhauser, M. Repetto
Information hiding is at the basis of a new-wave of malware able to elude common detection mechanisms or remain unnoticed for long periods. To this aim, a key approach exploits network covert channels...
CNR@People | DOI: 10.1109/NetSoft51509.2021.9492661
2021, Conference proceedings
Crème de la Crème: Lessons from Papers in Security Publications
S. Vrhovec, L. Caviglione, S. Wendzel
The number of citations attracted by publications is a key crite- ria for measuring their success. To avoid discriminating newer research, such a metric is usually measured in average yearly ci- tatio...
CNR@People | DOI: 10.1145/3465481.3470027
2021, Conference proceedings
Detecting Covert Channels Through Code Augmentation
M. Zuppelli, L. Caviglione, M. Repetto
Modern malware increasingly exploits information hiding or steganography to elude security frameworks and remain unnoticed for long periods. To this aim, a prime technique relies upon the ability of c...
CNR@People
2021, Conference proceedings
pcapStego: A Tool for Generating Traffic Traces for Experimenting with Network Covert Channels
M. Zuppelli, L. Caviglione
The increasing diffusion of malware endowed with steganographic and cloaking capabilities requires tools and techniques for conducting research activities, testing real deployments and elaborating mit...
CNR@People | Link
2021, Conference communications
Rilevamento Efficiente di Covert Channel Preservando la Riservatezza del Traffico
Marzo Zuppelli, Luca Caviglione, Corrado Pizzi, Matteo Repetto
Sempre più spesso, i malware sfruttano i covert channel di rete per agire indisturbati ed aggirare i sistemi standard di rilevazione. Identificare questo tipo di comunicazioni richiede la racco...
CNR@People | Link
2021, Conference proceedings
Risks and Opportunities for Information Hiding in DICOM Standard
A. Mileva, L. Caviglione, A. Velinov, S. Wendzel, V. Dimitrova
The increasing application of ICT technologies to medicine opens new usage patterns. Among the various standards, the Digital Imaging and COmmunication in Medicine (DICOM) has been gaining momentum, m...
CNR@People | Link
2021, Conference proceedings
Sanitization of Images Containing Stegomalware via Machine Learning Approaches
M. Zuppelli, G. Manco, L. Caviglione, M. Guarascio
In recent years, steganographic techniques have become increasingly exploited by malware to avoid detection and remain unnoticed for long periods. Among the various approaches observed in real attacks...
CNR@People
2020, Conference proceedings
Are you (Google) Home? Detecting Users Presence through Traffic Analysis of Smart Speakers
D. Caputo, L. Verderame, A. Merlo, A. Ranieri and L. Caviglione
Smart speakers and voice-based virtual assistants are core building blocks of modern smart homes. For instance, they are used to retrieve information, interact with other devices, and command a variet...
CNR@People | Link
2020, Conference proceedings
Covert Channels in Transport Layer Security
Corinna Heinz, Wojciech Mazurczyk, Luca Caviglione
Network covert channels living within network conversations are becoming widely adopted to enforce privacy of users or bypass censorship attempts as well as by malware to remain unnoticed while exfilt...
CNR@People | DOI: 10.1145/3424954.3424962
2020, Conference proceedings
Design and Performance Evaluation of Reversible Network Covert Channels
Przemyslaw Szary, Wojciech Mazurczyk, Steffen Wendzel, Luca Caviglione
Covert channels nested within network traffic are becoming important tools for allowing malware to act unnoticed or to stealthily exchange and exfiltrate information. Thus, understanding how to detect...
CNR@People | DOI: 10.1145/3407023.3409215
2020, Conference proceedings
Programmable Data Gathering for Detecting Stegomalware
A. Carrega, L. Caviglione, M. Repetto and M. Zuppelli
The "arm race" against malware developers re- quires to collect a wide variety of performance measurements, for instance to face threats leveraging information hiding and steganography. Unfo...
CNR@People
2020, Conference proceedings
Stegomalware Detection Through Structural Analysis of Media Files
Damian Puchalski, Luca Caviglione, Rafal Kozik, Adrian Marzecki, Slawomir Krawczyk, Michal Choras
The growing diffusion of malware is causing non-negligible economic and social costs. Unfortunately, modern attacks evolve and adapt to defensive mechanisms, and many threats are designed for the opti...
CNR@People | DOI: 10.1145/3407023.3409187
2019, Conference proceedings
IPv6 Covert Channels in the Wild
W. Mazurczyk, K. Powójski, and L. Caviglione
The increasing diffusion of malware endowed with steganographic techniques requires to carefully identify and evaluate a new set of threats. The creation of a covert channel to hide a communication wi...
CNR@People | DOI: 10.1145%2F3360664
2019, Conference proceedings
Towards reversible storage network covert channels
W. Mazurczyk, P. Szary, S. Wendzel and L. Caviglione
The use of network covert channels to improve privacy or support security threats has been widely discussed in the literature. As today, the totality of works mainly focuses on how to not disrupt the ...
CNR@People | DOI: 10.1145/3339252.3341493
Modellazione di servizi informatici di elaborazione in Piattaforme Informatiche di elaborazione virtualizzate e delocalizzate - Metodi e strategie per il deployment e l'integrazione efficiente e sicura di servizi in ambito Cloud
Andrea Clematis, Alfonso Quarati, Mauro Gaggero, Luca Caviglione, Angelo Corana, Maurizio Mongelli, Enrico Cambiaso
Le diverse attività di ricerca presentate in questo deliverable sono tra loro complementari ed integrate. In particolare, esse sono finalizzate a migliorare l'efficacia e l'efficienza delle pia...
CNR@People