I am a Research Engineer at HP Labs, Bristol, UK working in the area of machine learning and systems security.
I completed my PhD in 2019 in the S2Lab at the ISG department of Royal Holloway, University of London. My research was supervised by Prof Lorenzo Cavallaro, now Chair in Cybersecurity at King’s College London.
My interests are broad ranging and expanding, lying in the area of applying machine learning techniques to computer security problems.
I did my undergraduate degree in Engineering in Computer Science (BSc) at the Polytechnic of Turin (Italy).
During my undergrad, I won a scholarship to attend an academic year in Shanghai (China) with the Politong Project.
I continued to study in Polytechnic of Turin for the Master’s degree and won another scholarship to attend EURECOM for a double degree program. This institution is a branch of Télécom ParisTech University and a research centre located in Sophia Antipolis (France).
After the completion of my Master’s degree, I started to work at SAP Labs France for a year. During the first 6 months, I worked for an internal project that aimed to provide security during the early stages of the development lifecycle, identifying potential security violations and providing mitigations. In the second half of my time in France, I worked for the European project PoSecCo that aimed to establish and maintain a link between high-level requirements and low-level technical configuration settings.
After SAP, I went back to Italy where I worked for few months for Reply SPA, a consultancy company that provided services for the Italian automotive firm FIAT. The project involved the technological upgrade of FIAT environment regarding the management of its sensitive data. My role in this project was to study and test the impact of the newly introduced technologies in Turin’s headquarters (1,200 people affected).
Now I am working in HP Labs as Research Engineer.
My PhD research focused on applying statistical learning methods in the field of systems security to understand and detect malicious threats.
Of particular interest, I studied concept drift, i.e., the change in the statistical properties of a certain phenomenon over a period of time and I focused on how to identify it on pre-existing models.
Core of my work led to the development of a novel framework to evaluate machine learning tasks with statistical confidence and identify concept drift. Such evaluation represents a first step forward in providing a more scientific understanding of machine learning and in providing insights to help the design of new and better machine learning models.
Capture The Flag. In my spare time, I like to play CTFs. With some friends at my University we created the University Team to play online and onsite. I won the Responsible Disclosure Award at Sasakawa USA CTF 2018 for reporting a vulnerability in the platform (article). I acted as Assessor for Cyber Security Challenge UK 2018 where I judged contestants during a 3 days CTF event. With my university team, we won the 2nd place at the London Metropolitan University CTF 2017 and the 3rd place at the Deloitte CTF 2016.
System Administrator. When I was studying at the Royal Holloway, University of London, I acted as System Administrator for the virtual environment of the System Security Research Lab (S2Lab), including website, research/production VMs and networks. The system, comprised of 4 hosts with 64 cores each, hosted more than 50 VMs for PhD students and staff and more than 300 VMs for Bachelor’s and Master’s students.
Hackathons & Summer Schools. I participated in the Data Study Group (DSG) at Alan Turing Institute in 2018, Cyber Hack in 2015, Build the News in 2015, UbiCrypt in 2015 (that focused on systems security and code-reuse attacks) and Advanced Statistics and Data Mining Summer School in 2016 (that focused on theory of various machine learning models such as SVM, decision trees and neural networks).
Languages. My mother tongue is Italian. I have professional working knowledge of English and French and basic knowledge of Chinese and German.
TESSERACT: Eliminating Experimental Bias in Malware Classification across Space and Time.
Pendlebury F, Pierazzi F, Jordaney R, Kinder J, Cavallaro L. TESSERACT: Eliminating Experimental Bias in Malware Classification across Space and Time. To appear in 28th USENIX Security Symposium (USENIX Security 19), USENIX Association.
Transcend: Detecting Concept Drift in Malware Classification Models.
Jordaney R, Sharad K, Dash K S, Wang Z, Papini D, Nouretdinov I, and Cavallaro L. Transcend: Detecting concept drift in malware classification models. In 26th USENIX Security Symposium (USENIX Security 17), pages 625-642, USENIX Association.
Conformal Clustering and its Application to Botnet Traffic.
Cherubin G, Nouretdinov I, Gammerman A, Jordaney R, Wang Z, Papini D, Cavallaro L. Conformal clustering and its application to botnet traffic. In International Symposium on Statistical Learning and Data Sciences 2015, pages 313-322, Springer, Cham.
POSTER: Misleading Metrics: On Evaluating ML for Malware with Confidence.
Jordaney R, Wang Z, Papini D, Nouretdinov I, Sharad K, Cavallaro L. Enabling Fair ML Evaluations for Security. In IEEE Symposium on Security and Privacy (IEEE S&P) 2016.
POSTER: Enabling Fair ML Evaluations for Security.
Pendlebury F, Pierazzi F, Jordaney R, Kinder J, Cavallaro L. POSTER: Enabling Fair ML Evaluations for Security. In Proceedings _ACM SIGSAC Conference on Computer and Communications Security 2018.