[continuation of the previous message due to attachment size limit]

Dear Dissemination Committee,

we have about to publish four papers for which we would like to acknowledge the SPARTA project.
Please, find the versions that we plan to submit in attachment and a brief description of the content, the venue and the relation with the activities of WP6 below.
Please let us know if you have any objections or comments.

Best regards

Gabriele Costa

===

Title: Natural Projection as Partial Model Checking
Venue: Journal of Automated Reasoning
Relationship with SPARTA: The paper presents a theoretical result showing that partial model checking and natural projection are equivalent. Based on this result we developed an algorithm and a tool for the automatic synthesis of controllers and sub-modules. This technique is well integrated in WP6 and, in particular, in Task 6.3 as it may serve as for the generation of orchestrators directly from high level security policies.

Title: WAF-A-MoLE: An adversarial tool for assessing ML-based WAFs
Venue: SoftwareX
Relationship with SPARTA: The paper presents a tool for automatically generating adversarial attacks able to bypass ML-based web application firewalls (WAFs). WAFs are often deployed in modern II as a line of protection against injection attacks. This work shows that using ML for this purpose is not secure in general. The activity is related to the identification and evaluation of the state-of-the-art technologies adopted in the IIs.

Title: A Survey on Multi-Factor Authentication for Online Banking in the Wild
Venue: Computers and Security
Relationship with SPARTA: The paper presents a survey on the multi-factor authentication platforms used by a number of banks worldwide. Also, we carried out a systematic review of regulations and guidelines and we evaluated how the MFA solutions cope with them. This activity is strongly related to WP6 as we carried out an in depth evaluation of the service infrastructures used for implementing the authentication of customers in the bank sector.

Title: Building Next Generation Cyber Ranges with CRACK
Venue: Computers and Security
Relationship with SPARTA: The paper introduces a virtual infrastructure implementing a cyber range. Its purpose is to run virtual infrastructures where security training exercises can be executed. The technology developed for this purpose is the same that will support the orchestration framework that CINI will provide in Task 6.3

===