PB_Profile

About Me

Born in Catania (CT) in 1994. Passionate about computer science and cybersecurity. In 2014 I chose to enroll at the faculty of computer science at the University of Catania (UNICT). In 2017 I graduated from a Bachelor's degree. At the moment I'm continuing my Master's Degree in Computer Science with Curriculum: "Network and Security Systems". Meanwhile, I am also a junior research collaborator at the Institute of Informatics and Telematics (IIT) of the National Research Council (CNR) of Pisa.
I have good knowledge of languages: C, C ++, Python, Ruby, Java, JavaScript, HTML, PHP, SQL.

Education

Università di Catania

Master's degree. Computer science, Network and Security Systems 2018-2019

Sheffield Hallam University

Erasmus+ 2018-2019

University of Graz

European Summer School on Information Science (ESSIS 2018) July 2018

Università di Catania

Bachelor's degree. Computer science 2014 - 2017

Work

Researcher Cybersecurity & Privacy.

National Research Council (IIT - CNR) February 2018 - December 2018 - Pisa, Italia

Research and development: "Automotive Security".
Project managers: Dr Gianpiero Costantino (IIT - CNR) , Dott.ssa Ilaria Matteucci (IIT - CNR)

Cloud computing technician, cloud security

National Institute of Nuclear Physics (INFN) June 2017 - July 2017 - Catania, Italia

Internship: cloud computing (OpenStack), networking and security

Organizational secretariat

Google Developer Group Catania December 2016 - July 2017 - Catania, Italia

Mailing, contacts, and relationship with event service providers.

Papers

Demo: Implementing CAN bus security by TOUCAN

Pietro Biondi, Giampaolo Bella, Gianpiero Costantino, Ilaria Matteucci
In ACM Conference on Mobile Ad Hoc Networking and Computing (MobiHoc 2019)

Pages -
(doi:10.1145/3323679.3326614)

Poster: Are you secure in your car?

Giampaolo Bella, Pietro Biondi, Gianpiero Costantino, Ilaria Matteucci
In ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 2019)

Pages 308-309
(doi:10.1145/3317549.3326305)

TOUCAN A proTocol tO secUre Controller Area Network

Giampaolo Bella, Pietro Biondi, Gianpiero Costantino, Ilaria Matteucci
In ACM Workshop on Automotive Cybersecurity (AutoSec 2019)

Pages 3-8
(doi:10.1145/3309171.3309175)

A MapReduce based tool for the analysis and discovery of novel therapeutic targets

Giuseppe Parasiliti, Marzio Pennisi, Pietro Biondi, Giuseppe Sgroi, Giulia Russo, Christian Napoli, Francesco Pappalardo
In 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP 2019)

Pages 323-328
(doi:10.1109/EMPDP.2019.8671609)

Towards an Integrated Penetration Testing Environment for the CAN Protocol

Giampaolo Bella and Pietro Biondi
In 37th International Conference on Computer Safety, Reliability, and Security (SAFECOMP 2018)

Lecture Notes in Computer Science, volume 11094 LNCS, pages 344-352.
(doi:10.1007/978-3-319-99229-7_29)

Projects

Thesis: "Study, design and implementation of a security protocol on CAN bus"

Supervisor: Prof. Giampaolo Bella (UNICT)
Advisors: Dr Gianpiero Costantino (IIT - CNR) , Dott.ssa Ilaria Matteucci (IIT - CNR)

Thesis: "HTTP Strict Transport Security attacks on modern browsers: a comparative analysis"

Study of HTTP Strict Transport Security (HSTS), a policy designed to counter attacks called SSLStrip.
Supervisor: Prof. Giampaolo Bella (UNICT)

CAN Flood post exploitation for CAN on Metasploit-Framework

CAN Flood is a post-exploitation module that floods a CAN interface for a number of rounds. Both the interface and the number of rounds are to be provided as inputs. An example list of frames also is part of the inputs, and sources the flooding at each round. The module therefore is general as it is parametric in the frame list.
Github-Metasploit

Crazy Tachymeter

Crazy-Tachymeter is an exploit that allows you to flood the CAN-Bus with frames of the ECU mapping file.
Github

Distributed dictionary attack

Java program that implements a vulnerable server with an incremental ban system. Within the project there are clients which communicate through the RabbitMQ middleware.
Github

Visibility on the Etsy platform

Study of applicability of techniques to increase visibility on Etsy.

Capture The Flag - UNICT 2017

Capture The Flag is a computer security competition (UNICT) where teams must attack enemy machines with exploits and defend their own by inserting patches.
Website - Github

Food-Classification

This Social Media Management project (UNICT) allow to classificate picture between food and non-food. Github

Linear Regression Tool

Linear regression tool with some statistics parameters.

Zeppelin-Slim-GDGCatania

The Slim Version of Project Zeppelin is a single page edited for GDGCatania. The website contains all information that we need in a small version. Website - Github

Talk

Speaker for NGIoT e-workshop on ETSI IoT Standard

Security of modern vehicles in the IoT world. (24 May 2019) Event - NGIoT