+39 070 675 5776
+39 070 675 5782
igino.corona at diee.unica.it
Igino Corona received the M.Sc. Degree in Electronic Engineering from the University of Cagliari, in October 2006. In his MSc thesis (in Italian), he discussed the design and the implementation (in Python and C++ programming languages) of an anomaly-based, unsupervised Intrusion Detection System for the analysis of the HTTP traffic. The Clusit Association rewarded this work as one of the best Italian research thesis on computer system security.
Since February 2007, he is a member of the Pattern Recognition and Applications Group (Dept. of Electrical and Electronic Engineering). In the period January/June 2009 he worked with the research group headed by Prof. Wenke Lee, Georgia Institute of Technology, Altlanta, USA) as a visiting PhD student. During such a period, Igino Corona and Roberto Perdisci developed Flux Buster, an advanced system which is able to detect fast flux service networks by means of passive analysis of DNS traffic in large networks.
In march 2010 Igino Corona received the PhD degree in Computer Engineering from the University of Cagliari, with the following dissertation: Detection of web-based attacks. Igino Corona is manager of the Computer Security Technical Committee of the GIRPR (Italian Group of Pattern Recognition researchers, affiliated to IAPR) and one of the organizers of the International School on Computer Security & Privacy that will be held in August 2012. Igino Corona is the author of SuStorID, an advanced intrusion detection system for web services based on machine learning, released in January 2012 under open source licence.
Research interests at-large involve all aspects of computer security. In particular, most of interest regards the detection of security violations:
- Web Intrusion Detection
- Detection of Fast Flux Networks and automatic classification of illicit activities supported by such networks
- Ideation, development, and testing of advanced Intrusion Detection Systems (IDS)
- Anomaly Detection paradigm to spot both known and unknown threats
- Pattern Recognition techniques to create IDS based on machine learning
- Multiple Classifier Systems to enhance the reliability and the robustness of IDS
- Learning in Adversarial Environment to provide for a reliable IDS training using real time traffic
In order to ease the comparison of experimental results and allow security administrators to better protect their machines, most of programs ideated and developed by Igino Corona will be offered with open-source licence.
Currently, the following tools are available:
On the other hand, the following tools are currently being developed/improved/documented (they will be available soon):
- D1gg3r: high-performance, active probing and detection of fast flux domain names
- WebInspector: automatic classification of content hosted by fast flux networks