Roberto Battistoni

Learn More
We propose an intrusion prevention system called WHIPS that controls, entirely in kernel mode, the invocation of the critical system calls for the Windows OS security. WHIPS is implemented as a kernel driver, also called kernel module, by using kernel structures of the Windows OS. It is integrated without requiring changes to either the kernel data(More)
In the juridical domain a huge amount of plain legislative acts have been produced since and before the advent of computers and word processors. The conversion of legacy and plain documents in a standard XML format implies great and numerous benefits. In order to accomplish this task, several automatic and semi-automatic tools have been developed in the(More)
Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) constitute one of the main issues for critical Internet services. The widespread availability and simplicity of automated stressing tools has also promoted the voluntary participation to extensive attacks against known websites. Today the most effective (D)DoS detection schemes are based on(More)
This paper presents FOXP (computer FOrensic eXPerience), an open source project to support network Live Digital Forensics (LDF), where the network nodes run a Windows NT family Operating System (OS). In particular, the FOXP architecture is composed of a set of software sensors, once for every network node, that log node activities and then send these logs(More)
—The malicious alteration of machine time is a big challenge in computer forensics. Detecting such changes and reconstructing the actual timeline of events is of paramount importance. However, this can be difficult since the attacker has many opportunities and means to hide such changes. In particular, cloud computing, host and guest machine time can be(More)
  • 1