Luca Caviglione

Luca Caviglione

Senior Research Scientist

Selected Research Works

This is a collection of selected papers that I wrote during the years on security aspects, mainly network security and information hiding. Such works can be helpful to study a new topic or to have an introduction on my research interests. Many papers are open access or have a pre-print version in major repositories (e.g., arXiv or ResearchGate). If needed, drop me an email and I will be glad to provide the manuscript. A full list of my papers is available on Google Scholar.

Network Covert Channels

The papers deal with covert channels targeting netwotk traffic and Internet protocols and can serve as an introduction to the topic. They provide an investigation on the real quantification of security risks arising by the use of information hiding techniques in real scenarios. They also address the challenge of preventing covert channels from the early design stages, as their mitigation a-posteriori is inherently poorly-generalizable and hard.

L. Caviglione, W. Mazurczyk, You Can’t Do That on Protocols Anymore: Analysis of Covert Channels in IETF Standards, IEEE Network, Vol. 38, No. 5, pp. 255-263, September 2024. [PAPER].

P. Żórawski, L. Caviglione, W. Mazurczyk, A Long-Term Perspective of the Internet Susceptibility to Covert Channels, IEEE Communications Magazine, Vol. 61, No. 10, pp. 171-177, October 2023. [PAPER].

Steganogprahic Malware (Stegomalware)

The following works form the trilogy that I contributed to prepare on steganographic malware (oftend defined as stegomalware). The research here provides a clear definition of the menace, a widely-used classification of the various threats observed “in the wild”, and a discussion of the major research steps that are needed to mitigate the impact of malicious software endowed with steganographic capabilities.

L. Caviglione, W. Mazurczyk, Never Mind the Malware, Here’s the Stegomalware, IEEE Security & Privacy, Vol. 20, No. 5, pp. 101-106, September-October 2022. [PAPER].

K. Cabaj, L. Caviglione, W. Mazurczyk, S. Wendzel, A. Woodward and S. Zander, The New Threats of Information Hiding: The Road Ahead, IT Professional, Vol. 20, No. 3, pp. 31-39, May-June 2018. [PAPER].

W. Mazurczyk, L. Caviglione, Information Hiding as a Challenge for Malware Detection, IEEE Security & Privacy, Vol. 13, No. 2, pp. 89-93, March-April 2015. [PAPER].

Introductions to Various Security Topics

This series of works are surveys or introductory material that can be used as a starting point for investigating various security problems. Some works have been done within the framework of funded projects or to shed new light on well-known topics when integrated within new offensive mechanisms (e.g., the use of side channels fo reconnaissance operations).

S. Wendzel, L. Caviglione, W. Mazurczyk, A. Mileva, J. Dittmann, C. Krätzer, K. Lamshöft, C. Vielhauer, L. Hartmann, J. Keller, T. Neubert, S. Zillien, A Generic Taxonomy for Steganography Methods, ACM Computing Surveys, Vol. 57, No. 9, pp.23:1-23:37, September 2025. [PAPER].

M. T. Ahvanooey, W. Mazurczyk, J. Zhao, L. Caviglione, K.-K. R. Choo, M. Kilger, M. Conti, R. Misoczki, Future of Cyberspace: A Critical Review of Standard Security Protocols in the Post-quantum Era, Computer Science Review, Vol. 57, pp. 1-19, August 2025. [PAPER].

L. Caviglione, C. Comito, M. Guarascio, G. Manco, Emerging Challenges and Perspectives in Deep Learning Model Security: A Brief Survey, Systems and Soft Computing, Vol. 5, pp. 1 - 7, December 2023. [PAPER].

W. Mazurczyk, L. Caviglione, Cyber Reconnaissance Techniques, Communications of the ACM, Vol. 64, No. 3, pp. 86–95, March 2021. [PAPER].

L. Caviglione, M. Choras, I. Corona, A. Janicki, W. Mazurczyk, M. Pawlicki, K. Wasielewska, Tight Arms Race: Overview of Current Malware Threats and Trends in Their Detection, IEEE Access, Vol. 9, pp. 5371-5396, January 2021. [PAPER].

A. Merlo, M. Migliardi, L. Caviglione, A Survey on Energy-aware Scurity Mechanisms, Pervasive and Mobile Computing, Vol. 24, pp. 77-90, December 2015. [PAPER].

W. Mazurczyk, L. Caviglione, Steganography in Modern Smartphones and Mitigation Techniques, IEEE Communications Surveys & Tutorials, Vol. 17, No. 1, pp. 334-357, First Quarter 2015. [PAPER].

AI and Cybersecurity

The works contain the main results on the use of AI to mitigate various types of offensive techniques that aim at dropping a malicious payload within digital images and deploying a covert channel for command & control actitives.

A. Liguori, M. Zuppelli, D. Gallo, M. Guarascio, L. Caviglione, A Deep Learning-based Approach for Stegomalware Sanitization in Digital Images, Journal of Intelligent Information Systems, pp. 1-24, April 2025. [PAPER].

N. Cassavia, L. Caviglione, M. Guarascio, A. Liguori, M. Zuppelli, Learning Autoencoder Ensembles for Detecting Malware Hidden Communications in IoT Ecosystems, Journal of Intelligent Information Systems, Vol. 62, No. 4, pp. 925-949, August 2024. [PAPER].

N. Cassavia, L. Caviglione, M. Guarascio, A. Liguori, G. Manco, M. Zuppelli, A Federated Approach for Detecting Data Hidden in Icons of Mobile Applications Delivered via Web and Multiple Stores, Social Network Analysis and Mining, Vol. 13, pp. 114:1-114:15, September 2023. [PAPER].