Simon Pietro Romano

Antonio Russo, Antonio Fernández Anta, Maria Isabel González Vasco et al.

In this paper we propose a comprehensive and scalable framework to build secure-by-design e-voting systems. Decentralization, transparency, determinism, and untamperability of votes are granted by dedicated smart contracts on a blockchain, while voter authenticity and anonymity are achieved through (provable secure) linkable ring signatures. These, in combination with suitable smart contract constraints, also grant protection from double voting. Our design is presented in detail, focusing on its security guarantees and the design choices that allow it to scale to a large number of voters. Finally, we present a proof-of-concept implementation of the proposed framework, made available as open source.

Antonio Bevilacqua, Paolo Saviano, Alessandro Amirante et al.

Large general-purpose transformer models have recently become the mainstay in the realm of speech analysis. In particular, Whisper achieves state-of-the-art results in relevant tasks such as speech recognition, translation, language identification, and voice activity detection. However, Whisper models are not designed to be used in real-time conditions, and this limitation makes them unsuitable for a vast plethora of practical applications. In this paper, we introduce Whispy, a system intended to bring live capabilities to the Whisper pretrained models. As a result of a number of architectural optimisations, Whispy is able to consume live audio streams and generate high level, coherent voice transcriptions, while still maintaining a low computational cost. We evaluate the performance of our system on a large repository of publicly available speech datasets, investigating how the transcription mechanism introduced by Whispy impacts on the Whisper output. Experimental results show how Whispy excels in robustness, promptness, and accuracy.

Diego Antonelli, Roberta Cascella, Gaetano Perrone et al.

Dirbusting is a technique used to brute force directories and file names on web servers while monitoring HTTP responses, in order to enumerate server contents. Such a technique uses lists of common words to discover the hidden structure of the target website. Dirbusting typically relies on response codes as discovery conditions to find new pages. It is widely used in web application penetration testing, an activity that allows companies to detect websites vulnerabilities. Dirbusting techniques are both time and resource consuming and innovative approaches have never been explored in this field. We hence propose an advanced technique to optimize the dirbusting process by leveraging Artificial Intelligence. More specifically, we use semantic clustering techniques in order to organize wordlist items in different groups according to their semantic meaning. The created clusters are used in an ad-hoc implemented next-word intelligent strategy. This paper demonstrates that the usage of clustering techniques outperforms the commonly used brute force methods. Performance is evaluated by testing eight different web applications. Results show a performance increase that is up to 50% for each of the conducted experiments.

Flavio Cirillo, Nicola Capuano, Simon Pietro Romano et al.

Internet-of-Things has entered all the fields where data are produced and processed, resulting in a plethora of IoT platforms, typically cloud-based, centralizing data and services management. This has brought to many disjoint IoT silos. Significant efforts have been devoted to integration, recurrently resulting into bigger centralized infrastructures. Such an approach often stumbles upon the reluctance of IoT system owners to loose the dominion over data. We introduce a secured and privacy-safe infrastructure where a federation overlay is distributed among parties and the data control is kept locally. This establishes a league of peers each sovereign of their IoT system and data: League of IoT Sovereignties (LIoTS). LIoTS is scalable by design, allowing iterative formation of domains levels due to the transparency of its federation. Tests show that the overhead is minimal when exchanged data is hefty, and that LIoTS performs better in large IoT deployments than centralized approaches.