New Techniques to Improve Network Security

With current technologies it is practically impossible to claim that a distributed application is safe from potential malicious attacks. Vulnerabilities may lay at several levels (criptographic weaknesses, protocol design flaws, coding bugs both in the application and in the host operating system itself, to name a few) and can be extremely hard to find. Moreover, sometimes an attacker does not even need to find a software vulnerability, as authentication credentials might simply “leak” ouside from the network for several reasons. Luckily, literature proposes several approaches that can contain these problems and enforce security, but the applicability of these techniques is often greatly limited due to the high level of expertise required, or simply because of the cost of the required specialized hardware. Aim of this thesis is to focus on two security enforcment techniques, namely formal methods and data analysis, and to present some improvements to the state of the art enabling to reduce both the required expertise and the necessity of specialized hardware

Efficient Multistriding of Large Non-deterministic Finite State Automata for Deep Packet Inspection

Multistride automata speed up input matching because each multistriding transformation halves the size of the input string, leading to a potential 2x speedup. However, up to now little effort has been spent in optimizing the building process of multistride automata, with the result that current algorithms cannot be applied to real-life, large automata such as the ones used in commercial IDSs, because the time and the memory space needed to create the new automaton quickly becomes unfeasible. In this paper, new algorithms for efficient building of multistride NFAs for packet inspection are presented, explaining how these new techniques can outperform the previous algorithms in terms of required time and memory usag

Scalable Algorithms for NFA Multi-Striding and NFA-Based Deep Packet Inspection on GPUs

Finite state automata (FSA) are used by many network processing applications to match complex sets of regular expressions in network packets. In order to make FSA-based matching possible even at the ever-increasing speed of modern networks, multi-striding has been introduced. This technique increases input parallelism by transforming the classical FSA that consumes input byte by byte into an equivalent one that consumes input in larger units. However, the algorithms used today for this transformation are so complex that they often result unfeasible for large and complex rule sets. This paper presents a set of new algorithms that extend the applicability of multi-striding to complex rule sets. These algorithms can transform non-deterministic finite automata (NFA) into their multi-stride form with reduced memory and time requirements. Moreover, they exploit the massive parallelism of graphical processing units for NFA-based matching. The final result is a boost of the overall processing speed on typical regex-based packet processing applications, with a speedup of almost one order of magnitude compared to the current state-of-the-art algorithms

Conspiracy theories and social media platforms

Conspiracy theories proliferate online. We provide an overview of information consumption patterns related to conspiracy content on four mainstream social media platforms (Facebook, Twitter, YouTube, and Reddit), with a focus on niche ones. Opinion polarisation and echo chambers appear as pivotal elements of communication around conspiracy theories. A relevant role may also be played by the content moderation policies enforced by each social media platform. Banning contents or users from a social media could lead to a level of user segregation that goes beyond echo chambers and reaches the entire social media space, up to the formation of 'echo platforms'. The insurgence of echo platforms is a new online phenomenon that needs to be investigated as it could foster many dangerous phenomena that we observe online, including the spreading of conspiracy theories