Login

Fabio Roli

ORCID: 0000-0003-4103-9190
Publications
Citations
Views
---
Saved
---
About
Contact & Profiles
A5065359946
Research Areas
  • Biometric Identification and Security
  • Adversarial Robustness in Machine Learning
  • Advanced Malware Detection Techniques
  • Face and Expression Recognition
  • Anomaly Detection Techniques and Applications
  • Network Security and Intrusion Detection
  • Neural Networks and Applications
  • Face recognition and analysis
  • User Authentication and Security Systems
  • Forensic Fingerprint Detection Methods
  • Remote-Sensing Image Classification
  • Spam and Phishing Detection
  • Advanced Image and Video Retrieval Techniques
  • Video Surveillance and Tracking Methods
  • Digital Media Forensic Detection
  • Machine Learning and Data Classification
  • Evolutionary Algorithms and Applications
  • Fuzzy Logic and Control Systems
  • Forensic and Genetic Research
  • Image Retrieval and Classification Techniques
  • Human Pose and Action Recognition
  • Internet Traffic Analysis and Secure E-voting
  • Spectroscopy and Chemometric Analyses
  • Advanced Steganography and Watermarking Techniques
  • Text and Document Classification Technologies

University of Cagliari
 2015-2025

University of Genoa
 1996-2025

Northwestern Polytechnical University
 2020-2023

Institute of Electrical and Electronics Engineers
 2014-2022

École Polytechnique Fédérale de Lausanne
 2022

Ca' Foscari University of Venice
 2022

Regional Municipality of Niagara
 2022

IEEE Computer Society
 2022

University of Namur
 2022

Institut national de recherche en informatique et en automatique
 2022

 Wild patterns: Ten years after the rise of adversarial machine learning
OPENALEX - Publications 
Battista Biggio Fabio Roli

10.1016/j.patcog.2018.07.023 article EN Pattern Recognition 2018-07-21
 Towards Poisoning of Deep Learning Algorithms with Back-gradient Optimization
OPENALEX - Publications 
Luis Muñoz-González Battista Biggio Ambra Demontis Andrea Paudice Vasin Wongrassamee and 2 more Emil Lupu Fabio Roli

A number of online services nowadays rely upon machine learning to extract valuable information from data collected in the wild. This exposes algorithms threat poisoning, i.e., a coordinate attack which fraction training is controlled by attacker and manipulated subvert process. To date, these attacks have been devised only against limited class binary algorithms, due inherent complexity gradient-based procedure used optimize poisoning points (a.k.a. adversarial examples). In this work, we...

10.1145/3128572.3140451 article EN 2017-11-03
 Design of effective neural network ensembles for image classification purposes
OPENALEX - Publications 
Giorgio Giacinto Fabio Roli

10.1016/s0262-8856(01)00045-2 article EN Image and Vision Computing 2001-08-01
 Security Evaluation of Pattern Classifiers under Attack
OPENALEX - Publications 
Battista Biggio Giorgio Fumera Fabio Roli

Pattern classification systems are commonly used in adversarial applications, like biometric authentication, network intrusion detection, and spam filtering, which data can be purposely manipulated by humans to undermine their operation. As this scenario is not taken into account classical design methods, pattern may exhibit vulnerabilities, whose exploitation severely affect performance, consequently limit practical utility. Extending theory methods settings thus a novel very relevant...

10.1109/tkde.2013.57 article EN IEEE Transactions on Knowledge and Data Engineering 2013-04-05
 Adversarial Malware Binaries: Evading Deep Learning for Malware Detection in Executables
OPENALEX - Publications 
Bojan Kolosnjaji Ambra Demontis Battista Biggio Davide Maiorca Giorgio Giacinto and 2 more Claudia Eckert Fabio Roli

Machine learning has already been exploited as a useful tool for detecting malicious executable files. Data retrieved from malware samples, such header fields, instruction sequences, or even raw bytes, is leveraged to learn models that discriminate between benign and software. However, it also shown machine deep neural networks can be fooled by evasion attacks (also known adversarial examples), i.e., small changes the input data cause misclassification at test time. In this work, we...

10.23919/eusipco.2018.8553214 article EN 2021 29th European Signal Processing Conference (EUSIPCO) 2018-09-01
 Is feature selection secure against training data poisoning?
OPENALEX - Publications 
Xiao Huang Battista Biggio Gavin Brown Giorgio Fumera Claudia Eckert and 1 more Fabio Roli

Learning in adversarial settings is becoming an important task for application domains where attackers may inject malicious data into the training set to subvert normal operation of data-driven technologies. Feature selection has been widely used machine learning security applications improve generalization and computational efficiency, although it not clear whether its use be beneficial or even counterproductive when are poisoned by intelligent attackers. In this work, we shed light on...

10.48550/arxiv.1804.07933 preprint EN other-oa arXiv (Cornell University) 2018-01-01
 Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection
OPENALEX - Publications 
Ambra Demontis Marco Melis Battista Biggio Davide Maiorca Daniel J. Arp and 4 more Konrad Rieck Igino Corona Giorgio Giacinto Fabio Roli

To cope with the increasing variability and sophistication of modern attacks, machine learning has been widely adopted as a statistically-sound tool for malware detection. However, its security against well-crafted attacks not only recently questioned, but it shown that exhibits inherent vulnerabilities can be exploited to evade detection at test time. In other words, itself weakest link in system. this paper, we rely upon previously-proposed attack framework categorize potential scenarios...

10.1109/tdsc.2017.2700270 article EN IEEE Transactions on Dependable and Secure Computing 2017-05-02
 Adversarial Feature Selection Against Evasion Attacks
OPENALEX - Publications 
Fei Zhang Patrick P. K. Chan Battista Biggio Daniel Yeung Fabio Roli

Pattern recognition and machine learning techniques have been increasingly adopted in adversarial settings such as spam, intrusion, malware detection, although their security against well-crafted attacks that aim to evade detection by manipulating data at test time has not yet thoroughly assessed. While previous work mainly focused on devising adversary-aware classification algorithms counter evasion attempts, only few authors considered the impact of using reduced feature sets classifier...

10.1109/tcyb.2015.2415032 article EN IEEE Transactions on Cybernetics 2015-04-21
 Support vector machines under adversarial label contamination
OPENALEX - Publications 
Xiao Huang Battista Biggio Blaine Nelson Han Xiao Claudia Eckert and 1 more Fabio Roli

10.1016/j.neucom.2014.08.081 article EN Neurocomputing 2015-02-10
 Diversified Sensitivity-Based Undersampling for Imbalance Classification Problems
OPENALEX - Publications 
Wing W. Y. Ng Junjie Hu Daniel Yeung Shao-Hua Yin Fabio Roli

Undersampling is a widely adopted method to deal with imbalance pattern classification problems. Current methods mainly depend on either random resampling the majority class or at decision boundary. Random-based undersampling fails take into consideration informative samples in data while boundary sensitive overlapping. Both techniques ignore distribution information of training dataset. In this paper, we propose diversified sensitivity-based method. Samples are clustered capture and enhance...

10.1109/tcyb.2014.2372060 article EN IEEE Transactions on Cybernetics 2014-12-02
 Functionality-Preserving Black-Box Optimization of Adversarial Windows Malware
OPENALEX - Publications 
Luca Demetrio Battista Biggio Giovanni Lagorio Fabio Roli Alessandro Armando

Windows malware detectors based on machine learning are vulnerable to adversarial examples, even if the attacker is only given black-box query access model. The main drawback of these attacks that: (i) they query-inefficient, as rely iteratively applying random transformations input malware; and (ii) may also require executing in a sandbox at each iteration optimization process, ensure that its intrusive functionality preserved. In this paper, we overcome issues by presenting novel family...

10.1109/tifs.2021.3082330 article EN IEEE Transactions on Information Forensics and Security 2021-01-01
 A theoretical and experimental analysis of linear combiners for multiple classifier systems
OPENALEX - Publications 
Giorgio Fumera Fabio Roli

In this paper, a theoretical and experimental analysis of linear combiners for multiple classifier systems is presented. Although are the most frequently used combining rules, many important issues related to their operation pattern classification tasks lack basis. After critical review framework developed in works by Tumer Ghosh on which our based, we focus simplest widely implementation combiners, consists assigning nonnegative weight each individual classifier. Moreover, consider ideal...

10.1109/tpami.2005.109 article EN IEEE Transactions on Pattern Analysis and Machine Intelligence 2005-04-25
 Dynamic classifier selection based on multiple classifier behaviour
OPENALEX - Publications 
Giorgio Giacinto Fabio Roli

10.1016/s0031-3203(00)00150-3 article EN Pattern Recognition 2001-09-01
 An extension of the Jeffreys-Matusita distance to multiclass cases for feature selection
OPENALEX - Publications 
Lorenzo Bruzzone Fabio Roli Sebastiano B. Serpico

The problem of extending the Jeffreys-Matusita distance to multiclass cases for feature-selection purposes is addressed and a solution equivalent Bhattacharyya bound presented. This extension compared with widely used weighted average both by examining respective formulae experimenting on an optical remote-sensing data set.

10.1109/36.477187 article EN IEEE Transactions on Geoscience and Remote Sensing 1995-01-01
 Intrusion detection in computer networks by a modular ensemble of one-class classifiers
OPENALEX - Publications 
Giorgio Giacinto Roberto Perdisci Mauro Del Rio Fabio Roli

10.1016/j.inffus.2006.10.002 article EN Information Fusion 2006-12-02
 Adversarial attacks against intrusion detection systems: Taxonomy, solutions and open issues
OPENALEX - Publications 
Igino Corona Giorgio Giacinto Fabio Roli

10.1016/j.ins.2013.03.022 article EN Information Sciences 2013-03-21
 Fusion of multiple classifiers for intrusion detection in computer networks
OPENALEX - Publications 
Giorgio Giacinto Fabio Roli Luca Didaci

10.1016/s0167-8655(03)00004-7 article EN Pattern Recognition Letters 2003-04-30
 An approach to the automatic design of multiple classifier systems
OPENALEX - Publications 
Giorgio Giacinto Fabio Roli

10.1016/s0167-8655(00)00096-9 article EN Pattern Recognition Letters 2001-01-01
 Multiple classifier systems for robust classifier design in adversarial environments
OPENALEX - Publications 
Battista Biggio Giorgio Fumera Fabio Roli

10.1007/s13042-010-0007-7 article EN International Journal of Machine Learning and Cybernetics 2010-10-12
 LivDet 2013 Fingerprint Liveness Detection Competition 2013
OPENALEX - Publications 
Luca Ghiani David Yambay Valerio Mura Simona Tocco Gian Luca Marcialis and 2 more Fabio Roli Stephanie Schuckcrs

A spoof or fake is a counterfeit biometric that used in an attempt to circumvent sensor Liveness detection distinguishes between live and traits. based on the principle additional information can be garnered above beyond data procured by standard verification system, this verify if measure authentic. The Fingerprint Detection Competition (LivDet) goal compare both software-based (Part 1) hardware-based 2) fingerprint liveness methodologies open all academic industrial institutions....

10.1109/icb.2013.6613027 article EN 2013-06-01
 LivDet 2011 — Fingerprint liveness detection competition 2011
OPENALEX - Publications 
David Yambay Luca Ghiani Paolo Denti Gian Luca Marcialis Fabio Roli and 1 more Stephanie Schuckers

"Liveness detection", a technique used to determine the vitality of submitted biometric, has been implemented in fingerprint scanners recent years. The goal for LivDet 2011 competition is compare software-based liveness detection methodologies (Part 1), as well systems which incorporate capabilities 2), using standardized testing protocol and large quantities spoof live images. This was open all academic industrial institutions have solution either or system-based problem. Five submissions...

10.1109/icb.2012.6199810 article EN 2012-03-01
Coming Soon ...