Federico Maggi

• My curriculum vitæ (PDF)
• A draft of my PhD thesis (PDF) - "Integrated Detection of Anomalous Behavior of Computer Infrastructures". Advisor: Prof. S. Zanero
• My MSc thesis (PDF) - "Efficacia ed integrazione di sistemi di anomaly detection". Advisor: Prof. G. Serazzi, co-advisor: Prof. S. Zanero
• My BSc thesis (PDF) - "Portable DBMS: analysis, specification and prototype implementation of a JDBC layer". Advisor: Prof. C. Bolchini, co-advisor: Prof. L. Tanca

I am currently involved in the WOMBAT international research project. Also I am member of two research project at DEI.

• WOMBAT The WOMBAT project aims at providing new means to understand the existing and emerging threats that are targeting the Internet economy and the net citizens. More information: wombat-project.org
• ULISSE A network based unsupervised IDS based on a novel two-tier architecture to improve tha analysis of network packets. More information: ULISSE Project Page.
• SSAADE A host based unsupervised IDS based on system call arguments and sequences. It implements a set of anomaly detection models for the call parameters, a clustering mechanism to improve model fitting and create inter-relationships among them, and a Markov model to capture sequence relationships and anomalies. SSAADE Project Page

Journal Papers

• F. Maggi and M. Matteucci and S. Zanero Reducing False Positives In Anomaly Detectors Through Fuzzy Alert Aggregation Information Fusion, Elsevier. (preprint). PDF, BibTeX
• F. Maggi and S. Zanero and V. Iozzo Seeing the Invisible - Forensic Uses of Anomaly Detection and Machine Learning ACM Operating Systems Review. (to appear). PDF, BibTeX
• F. Maggi and M. Matteucci and S. Zanero Detecting Intrusions through System Call Sequence and Argument Analysis IEEE Transactions on Dependable and Secure Computing. IEEE Transactions on Dependable and Secure Computing, Vol. 99. PDF (CS DL, Preprint), BibTeX

Conference Publications

• W. Robertson, F. Maggi, C. Kruegel and G. Vigna Effective Anomaly Detection with Scarce Training Data 17th Annual Network and Distributed System Security Symposium, The Dana on Mission Bay, San Diego, California. Feb 28-Mar 3, 2010.. PDF and BibTeX coming soon.
• Claudio Criscione and Federico Maggi and Guido Salvaneschi and Stefano Zanero Integrated Detection of Attacks Against Browsers, Web Applications and Databases European Conference on Computer Network Defense, Milan, Italy. Nov 9-10, 2009. PDF, BibTeX
• F. Maggi, W. Robertson, C. Kruegel and G. Vigna Protecting a Moving Target: Addressing Web Application Concept Drift Recent Advances in Intrusion Detection, 11th International Symposium, RAID 2009, Saint-Malo, Brittany, France, September 2009, Proceedings. PDF, BibTeX
• A. Frossi, F. Maggi, G. Rizzo and S. Zanero Selecting and Improving System Call Models for Anomaly Detection Detection of Intrusions and Malware & Vulnerability Assessment, DIMVA 2009, Milan, Italy, July 9-10, 2009, Proceedings. PDF, BibTeX
• F. Maggi and S. Zanero On the Use of Different Statistical Tests for Alert Correlation - Short Paper Recent Advances in Intrusion Detection, 10th International Symposium, RAID 2007, Gold Goast, Australia, September 5-7, 2007, Proceedings. 4637, 167-177. PDF, BibTeX

Technical Reports

• F. Maggi Specification and Evaluation of an Efficient Recognizer for Rational Trace Languages Politecnico di Milano. TR-2008-23. PDF, BibTeX
• F. Maggi A Survey of Probabilistic Record Matching Models, Techniques and Tools Politecnico di Milano. TR-2008-22. PDF, BibTeX

Al momento, il nostro gruppo di ricerca è interessato ai seguenti progetti. Non sono necessariamente solo tesi o solo progetti. A seconda delle necessità e dell'impegno effettivo si può dare alle tracce la forma più adeguata (es., progetto, tesina, tesi, tesi magistrale).

I use these pages to keep a copy of the material presented or related to class and tutorial lessons of the following courses. Unluckily, I have no time to keep internatiolized copies of these pages, thus you may find a mixture of English and Italian, even in the same page. I apologize.

• Sistemi Informativi - 085630 (per allievi di Ing. Gestionale)
• Impianti di Elaborazione - 061187 (per allievi di Ing. Gestionale)
• Impianti Informatici (per il settore dell'informazione) - 070728

Here is a short list of applications, tools, concepts, ideas that I couldn't live without.

• a Mac - if you've never used a Mac before, you simply cannot understand how fast your work could be: if you think you're highly productive with your computer, you may wanna know that you can work even faster! ;-)
• Google - don't ask your friend, just ******* Google it!
• Quicksilver - the developers motto is "act without doing": I'd rather say "act without mouse", really! Quicksilver has a fast substring parsing algorithm that works perfectly even with incomplete strings or wrong-typed words: and it just guesses in the right way! It's the first application I install on a new Mac.
• Emacs - here is the second app. Remote editing, *-mode, mail, chat, interactive commands, and virtually anything you can imagine. Anyone should use this powerful editor. Try this amazing, packaged version for Mac OS X or the standard release for any other POSIX system using X11. You may also be interested in this useful Emacs Wiki.

LaTeX "template" for thesis

If you like the formatting and the layout of my thesis you may want to use this "template" for your own works. Please note that, this is not a real template, but a simple LaTeX file along with additional stuff (such as: bibliography styles, custom classes, etc.). Beware: this work is not ready to use (it may take minutes for you to figure out how to use it) and it is not meant to be complete nor correct; thus, feel free to send me comments or improvements (download the archive). If you hate the look of my thesis, another good template is provided by the AIRLab.

Quick Exam Typesetting

• Downloads
• TODO

Here I release a LaTeX package thay might help you to quickly typeset an exam just by following a very simple layout. The package is optimized for Politecnico di Milano courses, but it is highly customizable to fit other institutions needs.

The package I called polimi-exam is based upon the great exam document class by Philip Hirschhorn. The class is very well documented and already part of all the standard LaTeX distribution, although I reccommend to take a deep breath and switch to the modern texlive.

Most of the work is done by polimi-exam.sty so all you have to do is to

\documentclass[a4paper]{exam}
%Packages graphicx, color, tikz, geometry, palatino, listings are already included
\includepackage{polimi-exam}
%The package is set up for Italian but you may want to switch
\includepackage[english]{babel}
%And it does not set any encoding by default
\usepackage[latin1]{inputenc}

%Academic year
\ayear{2007/2008}
%Grades table orientation is 'h'orizontal or 'v'ertical
\gradestableorientation{h}
%Something before the date?
\beforedate{Spring session}
\date{13/06/2008}
\title{Exam title}
%Do you need to prepare variants of the same exam?
\variant{Test variant}
\author{Prof. First Professor (A-L)\\ Prof. Second Professor (M-Z)}
%A logo
\logo{figure/polimi}
\notice{
  \textbf{Instructions}
  \begin{itemize}
  \item you should not copy,
  \item you cannot use books nor notes,
  \item do not write out of the squared boxes,
  \item ...
  \end{itemize}
}

%Here you can insert customizations provided by exam.cls.
%For instance you may want to overwrite some self-explaining names:
\firstpagefooter{\sffamily All rights reserved.}{\sffamily Politecnico di Milano}{}
\runningfooter{}{}{\sffamily Page \thepage\ of \numpages}
\qformat{{\bfseries Question \thequestion}~(\totalpoints~\points)~\hfill}
\pointpoints{point}{points}
\hqword{Question:}
\vqword{Question} 
\hpgword{Page:}
\vpgword{Page}
\gradetablestretch{1.5}
\hpword{Scores:}
\vpword{Scores}
\hsword{Points:}
\vsword{Ponints}
\htword{Total}
	

The distribution includes a sample source file and the resulting PDF. I suggest to use PdfLaTeX instead of LaTeX.

Note: you need to compile the source twice

Bugs: please contact me if you find bugs or possible improvements.

Downloads

• Release 0.1.5 (28th Sept, 2008) - polimiexam-0.1.5.tgz
• Sample TeX - sample-polimi-exam.tex
• Sample PDF - sample-polimi-exam.pdf

TODO

• Nothing, so far.

• School on Security of Wireless Networking SWING focused on cutting-edge research in the area of security of wireless networking. The school was truly international, open to PhD students, researchers, and practitioners willing to know the challenges in the future of this exciting area of computer science and to understand the new ideas that are being developed to solve them. 2007, 2008
• My del.icio.us Check out my favourite links!
• GNU Emacs Anyone should use this powerful editor. Don't be shy: try this amazing, packaged version for Mac OS X or the standard release for any other POSIX system using X11. You may also be interested in this useful Emacs Wiki.
• Model checking vs. Theorem Proving Written (in Italian) for "Agebra e Logica 2" course, this work briefly overviews and compares the current set of tools for the verification of TRIO specifications. Maily inspired by and based upon this thesis, it compares the two major approaches without going into deep so almost anyone should be able to read it, thought! (download the full-text PDF of the work)
• EzTextism extension for eZpublish Released under GNU GPL, this is extension adds basic phrase Textism/ile modificators to other eZpublish template operators. Have fun and, please, report me bugs! (download a beta version).
• Semantic XHTML 1.0 (custom DTD) This is just an experiment and it could be called "SXHTML". The result should be nothing but a custom DTD; more or less a modification of the XHTML 1.0 Strict DTD. I would like to summarize all the claims about the so called "semantic markup", "modular markup", and related topics from the Web standard activists (this is a working draft of the DTD).
• CTF 2005/winter I participated to the Capture The Flag International, a security contest between students around the globe, organized by the University of Santa Barbara California; a german team named Old Europe won this edition! We conquered the 5^th position only :-\ (read more: official page, team page)
• Fuzzy Forensic Source code analysis is a widely used technique for software forensic, especially for authorship analyzing. This work aims at show the feasibility of a “fuzzy approach” to the problem; basically, it show how to use fuzzy measures and fuzzy logic for such a purpose. It has been written by Luca Carettoni and me (read more: article (in Italian))
• ASS (Audio Style Sheet) An annotation-based language to add the necessary semantic to a Web page and open the way to audio-browsers (read more: documentation (in Italian)).
• KAOS (Keep All Objectives Satisfied) a recent and very powerful RE methodology/framework for goal-based requirements elicitation, analysis and management (read more: slides, official page).
• CTF 2005/spring I participated to the Capture The Flag International, a security contest between students around the globe, organized by the University of Santa Barbara California; our team won the 2005 edition! (read more: official page, team page)
• CTF 2004 I participated to the Capture The Flag International, a security contest between students around the globe, organized by the University of Santa Barbara California; our team won the 2004 edition! (read more: official page, team page)
• legGoo A distributed to support a phono-web browser, to open the Web to blind people (read more: demo page).

I've received a "Laurea Specialistica" (M.Sc.) degree from Politecnico di Milano in Dec 2006: my thesis is about the performance evaluation of anomaly detectors and investigates novel approaches for IDS alert fusion.

I'm a PhD candidate at DEI. I work under the supervision of Prof. S. Zanero in the team of Prof. G. Serazzi at the VPLAB and my research interests are mainly focused on computer security and data analysis.

I was a Visiting Research Scholar at the Computer Security Laboratory of the Department of Computer Science at UC Santa Barbara, working with the team of Prof. G. Vigna.

I'm Student Member of the IEEE, member of ISSA (AIPSI), and member of IEEE Computer Society Italy.

My e-mail box is the quickest way to contact me: f<last name> at elet.polimi.it (sorry but I hate spam, too). If you need to communicate with me privately, please use my GPG/PGP public key (Fingerprint: E309 8B59 2B77 B203 61AB 9106 98A7 6EAA 0C68 C522).

You can reach my office at 3491 (room 157, 1^st floor @ DEI, Via Ponzio 34/5 - 20133 Milano) or send me a FAX at 3411. You can also reach me at Performance Evaluation Lab. (a.k.a. VPLAB), located at room T12, or call 3660.

These pages are released under . I edit and maintain them remotely using Carbon Emacs Pakcage, GNU TRAMP and the nice nXhtml-mode.