Publications

Book Chapter

  1. B. Biggio, Corona, I., Nelson, B., Rubinstein, B. I. P., Maiorca, D., Fumera, G., Giacinto, G., and Roli, F., Security Evaluation of Support Vector Machines in Adversarial Environments, in Support Vector Machines Applications, Y. Ma and Guo, G. Springer International Publishing, 2014, pp. 105-153. (687.1 KB)
  2. G. Fumera, Marcialis, G. L., Biggio, B., Roli, F., and Schuckers, S. C., Multimodal Anti-Spoofing in Biometric Recognition Systems, in Handbook of Biometric Anti-Spoofing, S. Marcel, Nixon, M., and Li, S. Z. Springer, 2014, pp. 165-184. (155.83 KB)
  3. G. L. Marcialis, Fumera, G., and Biggio, B., Anti-spoofing: Multimodal, in Encyclopedia of Biometrics, S. Z. Li and Jain, A. K. Springer US, 2014, pp. 1-4.
  4. B. Biggio, Fumera, G., and Roli, F., Evade Hard Multiple Classifier Systems, in Supervised and Unsupervised Ensemble Methods and Their Applications, vol. 245, O. Okun and Valentini, G. Springer Berlin / Heidelberg, 2009, pp. 15-38. (562.89 KB)
  5. B. Biggio, Fumera, G., and Roli, F., Bayesian Linear Combination of Neural Networks, in Innovations in Neural Information Paradigms and Applications, vol. 247, M. Bianchini, Maggini, M., Scarselli, F., and Jain, L. C. Springer Berlin / Heidelberg, 2009, pp. 201-230. (435.32 KB)
Journal Article

  1. F. Crecchi, Melis, M., Sotgiu, A., Bacciu, D., and Biggio, B., FADER: Fast adversarial example rejection, Neurocomputing, vol. 470, pp. 257-268, 2022.
  2. L. Oneto, Navarin, N., Biggio, B., Errica, F., Micheli, A., Scarselli, F., Bianchini, M., Demetrio, L., Bongini, P., Tacchella, A., and Sperduti, A., Towards learning trustworthily, automatically, and with guarantees on graphs: An overview, Neurocomputing, vol. 493, pp. 217-243, 2022.
  3. M. Melis, Scalas, M., Demontis, A., Maiorca, D., Biggio, B., Giacinto, G., and Roli, F., Do Gradient-Based Explanations Tell Anything About Adversarial Robustness to Android Malware?, International Journal of Machine Learning and Cybernetics, vol. 13, pp. 217-232, 2022. (1.2 MB)
  4. M. Pintor, Demetrio, L., Sotgiu, A., Melis, M., Demontis, A., and Biggio, B., secml: A Python Library for Secure and Explainable Machine Learning, SoftwareX, 2022.
  5. L. Demetrio, Coull, S. E., Biggio, B., Lagorio, G., Armando, A., and Roli, F., Adversarial EXEmples: A Survey and Experimental Evaluation of Practical Attacks on Machine Learning for Windows Malware Detection, ACM Trans. Priv. Secur., vol. 24, 2021.
  6. P. Temple, Perrouin, G., Acher, M., Biggio, B., Jézéquel, J. - M., and Roli, F., Empirical Assessment of Generating Adversarial Configurations for Software Product Lines, Empirical Software Engineering, vol. 26, no. 6, 2021. (1.29 MB)
  7. L. Demetrio, Biggio, B., Lagorio, G., Roli, F., and Armando, A., Functionality-Preserving Black-Box Optimization of Adversarial Windows Malware, IEEE Transactions on Information Forensics and Security, vol. 16, pp. 3469-3478, 2021.
  8. H. - Y. Lin and Biggio, B., Adversarial Machine Learning: Attacks From Laboratories to the Real World, Computer, vol. 54, pp. 56-60, 2021.
  9. A. Sotgiu, Demontis, A., Melis, M., Biggio, B., Fumera, G., Feng, X., and Roli, F., Deep Neural Rejection against Adversarial Examples, EURASIP Journal on Information Security, vol. 5, 2020.
  10. D. Maiorca, Demontis, A., Biggio, B., Roli, F., and Giacinto, G., Adversarial Detection of Flash Malware: Limitations and Open Issues, Computers & Security, vol. 96, 2020. (1.08 MB)
  11. A. Demontis, Melis, M., Biggio, B., Maiorca, D., Arp, D., Rieck, K., Corona, I., Giacinto, G., and Roli, F., Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection, IEEE Trans. Dependable and Secure Computing, vol. 16, no. 4, pp. 711-724, 2019. (3.61 MB)
  12. D. Maiorca and Biggio, B., Digital Investigation of PDF Files: Unveiling Traces of Embedded Malware, IEEE Security and Privacy: Special Issue on Digital Forensics, vol. 17, no. 1, pp. 63-71, 2019. (838.95 KB)
  13. D. Maiorca, Biggio, B., and Giacinto, G., Towards Adversarial Malware Detection: Lessons Learned from PDF-based Attacks, ACM Computing Surveys, vol. 52, no. 4, 2019. (1.21 MB)
  14. B. Biggio and Roli, F., Wild Patterns: Ten Years After the Rise of Adversarial Machine Learning, Pattern Recognition, vol. 84, pp. 317-331, 2018. (3.76 MB)
  15. B. Biggio, Fumera, G., Marcialis, G. L., and Roli, F., Statistical Meta-Analysis of Presentation Attacks for Secure Multibiometric Systems, IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 39, no. 3, pp. 561-575, 2017. (5.7 MB)
  16. S. Rota Bulò, Biggio, B., Pillai, I., Pelillo, M., and Roli, F., Randomized Prediction Games for Adversarial Machine Learning, IEEE Transactions on Neural Networks and Learning Systems, vol. 28, no. 11, pp. 2466-2478, 2017. (1.52 MB) (256.21 KB)
  17. F. Zhang, Chan, P. P. K., Biggio, B., Yeung, D. S., and Roli, F., Adversarial Feature Selection Against Evasion Attacks, IEEE Transactions on Cybernetics, vol. 46, no. 3, pp. 766-777, 2016. (2.12 MB)
  18. A. Demontis, Melis, M., Biggio, B., Fumera, G., and Roli, F., Super-sparse Learning in Similarity Spaces, IEEE Computational Intelligence Magazine, vol. 11, no. 4, pp. 36-45, 2016. (555.22 KB)
  19. H. Xiao, Biggio, B., Nelson, B., Xiao, H., Eckert, C., and Roli, F., Support Vector Machines under Adversarial Label Contamination, Neurocomputing, Special Issue on Advances in Learning with Label Noise, vol. 160, pp. 53-62, 2015. (2.8 MB)
  20. B. Biggio, Fumera, G., Russu, P., Didaci, L., and Roli, F., Adversarial Biometric Recognition: A Review on Biometric System Security from the Adversarial Machine Learning Perspective, IEEE Signal Processing Magazine, vol. 32, no. 5, pp. 31-41, 2015. (751.08 KB)
  21. G. Ennas, Biggio, B., and Di Guardo, M. Chiara, Data-driven Journal Meta-ranking in Business and Management, Scientometrics, pp. 1-19, 2015. (896.37 KB)
  22. B. Biggio, Fumera, G., and Roli, F., Pattern Recognition Systems under Attack: Design Issues and Research Challenges, Int'l J. Patt. Recogn. Artif. Intell., vol. 28, no. 7, p. 1460002, 2014. (1.41 MB)
  23. B. Biggio, Fumera, G., and Roli, F., Security evaluation of pattern classifiers under attack, IEEE Transactions on Knowledge and Data Engineering, vol. 26, no. 4, pp. 984-996, 2014. (1.35 MB)
  24. B. Biggio, Akhtar, Z., Fumera, G., Marcialis, G. L., and Roli, F., Security evaluation of biometric authentication systems under real spoofing attacks, IET Biometrics, vol. 1, no. 1, pp. 11-24, 2012. (3.21 MB)
  25. B. Biggio, Fumera, G., Pillai, I., and Roli, F., A survey and experimental evaluation of image spam filtering techniques, Pattern Recognition Letters, vol. 32, pp. 1436 - 1446, 2011. (2.12 MB)
  26. B. Biggio, Fumera, G., and Roli, F., Multiple Classifier Systems for Robust Classifier Design in Adversarial Environments, Journal of Machine Learning and Cybernetics, vol. 1, pp. 27–41, 2010. (844.91 KB)
Conference Paper

  1. A. Sotgiu, Pintor, M., and Biggio, B., Explainability-Based Debugging of Machine Learning for Vulnerability Discovery, in Proc. 17th International Conference on Availability, Reliability and Security, New York, NY, USA, 2022.
  2. D. Solans, Biggio, B., and Castillo, C., Poisoning Attacks on Algorithmic Fairness, in Machine Learning and Knowledge Discovery in Databases (ECML PKDD 2020), 2021, p. 162--177. (1.05 MB)
  3. M. Kravchik, Biggio, B., and Shabtai, A., Poisoning Attacks on Cyber Attack Detectors for Industrial Control Systems, in Proceedings of the 36th Annual ACM Symposium on Applied Computing, New York, NY, USA, 2021, pp. 116–125.
  4. A. Emanuele Cinà, Vascon, S., Demontis, A., Biggio, B., Roli, F., and Pelillo, M., The Hammer and the Nut: Is Bilevel Optimization Really Needed to Poison Linear Classifiers?, in International Joint Conference on Neural Networks, (IJCNN) 2021, Shenzhen, China, 2021, pp. 1–8.
  5. M. Pintor, Roli, F., Brendel, W., and Biggio, B., Fast Minimum-norm Adversarial Attacks through Adaptive Norm Constraints, in NeurIPS, 2021.
  6. L. Demetrio, Biggio, B., Lagorio, G., Roli, F., and Armando, A., Explaining Vulnerabilities of Deep Learning to Adversarial Malware Binaries, in 3rd Italian Conference on Cyber Security, ITASEC 2019, Pisa, Italy, 2019, vol. 2315. (801.85 KB)
  7. F. Crecchi, Bacciu, D., and Biggio, B., Detecting Adversarial Examples through Nonlinear Dimensionality Reduction, in 27th European Symposium on Artificial Neural Networks, Computational Intelligence and Machine Learning - ESANN '19, 2019, pp. 483-488. (552.39 KB)
  8. A. Demontis, Melis, M., Pintor, M., Jagielski, M., Biggio, B., Oprea, A., Nita-Rotaru, C., and Roli, F., Why Do Adversarial Attacks Transfer? Explaining Transferability of Evasion and Poisoning Attacks, in 28th Usenix Security Symposium, Santa Clara, California, USA, 2019, vol. 28th {USENIX} Security Symposium ({USENIX} Security 19), p. 321--338. (1.09 MB)
  9. P. Temple, Acher, M., Perrouin, G., Biggio, B., Jezequel, J. - M., and Roli, F., Towards Quality Assurance of Software Product Lines with Adversarial Configurations, in Proceedings of the 23rd International Systems and Software Product Line Conference - Volume A, New York, NY, USA, 2019, pp. 277–288. (2.09 MB)
  10. R. Labaca-Castro, Biggio, B., and Rodosek, G. Dreo, Poster: Attacking Malware Classifiers by Crafting Gradient-Attacks That Preserve Functionality, in Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, New York, NY, USA, 2019, pp. 2565–2567.
  11. B. Kolosnjaji, Demontis, A., Biggio, B., Maiorca, D., Giacinto, G., Eckert, C., and Roli, F., Adversarial Malware Binaries: Evading Deep Learning for Malware Detection in Executables, in 2018 26th European Signal Processing Conference (EUSIPCO), Rome, 2018, pp. 533-537. (674.62 KB)
  12. M. Jagielski, Oprea, A., Biggio, B., Liu, C., Nita-Rotaru, C., and Li, B., Manipulating Machine Learning: Poisoning Attacks and Countermeasures for Regression Learning, in 39th IEEE Symposium on Security and Privacy, 2018. (1.02 MB)
  13. M. Melis, Maiorca, D., Biggio, B., Giacinto, G., and Roli, F., Explaining Black-box Android Malware Detection, in 26th European Signal Processing Conference (EUSIPCO '18), Rome, Italy, 2018, pp. 524-528. (431.78 KB)
  14. D. Maiorca, Russu, P., Corona, I., Biggio, B., and Giacinto, G., Detection of Malicious Scripting Code through Discriminant and Adversary-Aware API Analysis, in 1st Italian Conference on CyberSecurity (ITASEC), 2017, vol. 1816, pp. 96-105. (371.53 KB)
  15. A. Demontis, Biggio, B., Fumera, G., Giacinto, G., and Roli, F., Infinity-norm Support Vector Machines against Adversarial Label Contamination, 1st Italian Conference on CyberSecurity (ITASEC). Venice, Italy , pp. 106-115, 2017. (504.93 KB)
  16. I. Corona, Biggio, B., Contini, M., Piras, L., Corda, R., Mereu, M., Mureddu, G., Ariu, D., and Roli, F., DeltaPhish: Detecting Phishing Webpages in Compromised Websites, 22nd European Symposium on Research in Computer Security (ESORICS), vol. 10492. Springer International Publishing, Norway, September 11-15, 2017, pp. 370–388, 2017. (4.13 MB)
  17. M. Melis, Demontis, A., Biggio, B., Brown, G., Fumera, G., and Roli, F., Is Deep Learning Safe for Robot Vision? Adversarial Examples against the iCub Humanoid, in ICCV 2017 Workshop on Vision in Practice on Autonomous Robots (ViPAR), Venice, Italy, 2017, vol. 2017 IEEE International Conference on Computer Vision Workshops (ICCVW), pp. 751-759. (3.16 MB)
  18. P. Piredda, Ariu, D., Biggio, B., Corona, I., Piras, L., Giacinto, G., and Roli, F., Deepsquatting: Learning-based Typosquatting Detection at Deeper Domain Levels, in 16th International Conference of the Italian Association for Artificial Intelligence (AI*IA 2017), 2017, vol. 10640 of LNCS, pp. 347-358. (1.21 MB)
  19. L. Muñoz-González, Biggio, B., Demontis, A., Paudice, A., Wongrassamee, V., Lupu, E. C., and Roli, F., Towards Poisoning of Deep Learning Algorithms with Back-gradient Optimization, in 10th ACM Workshop on Artificial Intelligence and Security, 2017, pp. 27-38. (4.08 MB)
  20. D. M. Freeman, Jain, S., Duermuth, M., Biggio, B., and Giacinto, G., Who Are You? A Statistical Approach to Measuring User Authenticity, in Proc. 23rd Annual Network & Distributed System Security Symposium (NDSS), 2016. (764.14 KB)
  21. B. Biggio, Machine Learning under Attack: Vulnerability Exploitation and Security Measures (Invited Keynote at IH&MMSec '16), in 4th ACM Workshop on Information Hiding & Multimedia Security, Vigo, Spain, 2016, pp. 1-2. (138.98 KB)
  22. M. Ahmadi, Biggio, B., Arzt, S., Ariu, D., and Giacinto, G., Detecting Misuse of Google Cloud Messaging in Android Badware, in 6th Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM), Vienna, Austria, 2016, pp. 103-112. (626.38 KB)
  23. A. Demontis, Russu, P., Biggio, B., Fumera, G., and Roli, F., On Security and Sparsity of Linear Classifiers for Adversarial Settings, in Joint IAPR Int'l Workshop on Structural, Syntactic, and Statistical Pattern Recognition, Merida, Mexico, 2016, vol. 10029 of LNCS, pp. 322-332. (425.68 KB)
  24. P. Russu, Demontis, A., Biggio, B., Fumera, G., and Roli, F., Secure Kernel Machines against Evasion Attacks, in 9th ACM Workshop on Artificial Intelligence and Security, Vienna, Austria, 2016, pp. 59-69. (686.41 KB)
  25. B. Biggio, Melis, M., Fumera, G., and Roli, F., Sparse Support Faces, in Int'l Conf. on Biometrics (ICB), 2015, pp. 208-213. (702.84 KB)
  26. B. Biggio, Corona, I., He, Z. - M., Chan, P. P. K., Giacinto, G., Yeung, D. S., and Roli, F., One-and-a-half-class Multiple Classifier Systems for Secure Learning against Evasion Attacks at Test Time, in Int'l Workshop on Multiple Classifier Systems (MCS), 2015, vol. 9132, pp. 168-180. (467.23 KB)
  27. H. Xiao, Biggio, B., Brown, G., Fumera, G., Eckert, C., and Roli, F., Is Feature Selection Secure against Training Data Poisoning?, in 32nd Int'l Conf. on Machine Learning (ICML) - JMLR W&CP, 2015, vol. 32, pp. 1689-1698. (1.54 MB)
  28. M. Melis, Piras, L., Biggio, B., Giacinto, G., Fumera, G., and Roli, F., Fast Image Classification with Reduced Multiclass Support Vector Machines, in 18th Int'l Conf. on Image Analysis and Processing, Genova, Italy, 2015, vol. Image Analysis and Processing (ICIAP 2015), pp. 78-88. (829.37 KB)
  29. A. Demontis, Biggio, B., Fumera, G., and Roli, F., Super-Sparse Regression for Fast Age Estimation From Faces at Test Time, in 18th Int'l Conf. on Image Analysis and Processing (ICIAP), Genova, Italy, 2015, vol. Image Analysis and Processing (ICIAP 2015), pp. 551-562. (678.7 KB)
  30. B. Biggio, Rota Bulò, S., Pillai, I., Mura, M., Zemene Mequanint, E., Pelillo, M., and Roli, F., Poisoning complete-linkage hierarchical clustering, in Joint IAPR Int'l Workshop on Structural, Syntactic, and Statistical Pattern Recognition (LNCS), Joensuu, Finland, 2014, vol. 8621, pp. 42-52. (388.31 KB)
  31. B. Biggio, Rieck, K., Ariu, D., Wressnegger, C., Corona, I., Giacinto, G., and Roli, F., Poisoning Behavioral Malware Clustering, in AISec'14: Proceedings of the 2014 ACM Workshop on Artificial Intelligence and Security, co-located with CCS '14, Scottsdale, Arizona, USA, 2014, pp. 27-36. (375.58 KB)
  32. B. Biggio, On Learning and Recognition of Secure Patterns (Invited keynote at AISec '14), in AISec'14: Proceedings of the 2014 ACM Workshop on Artificial Intelligence and Security, co-located with CCS '14, Scottsdale, Arizona, USA, 2014, pp. 1-2. (110.67 KB)
  33. B. Biggio, Pillai, I., Rota Bulò, S., Ariu, D., Pelillo, M., and Roli, F., Is Data Clustering in Adversarial Settings Secure?, in AISec'13: Proceedings of the 2013 ACM Workshop on Artificial Intelligence and Security, Berlin, 2013, pp. 87-98. (300.52 KB)
  34. F. Roli, Biggio, B., and Fumera, G., Pattern Recognition Systems Under Attack, in Progress in Pattern Recognition, Image Analysis, Computer Vision, and Applications, Proc. of the 18th Iberoamerican Congress on Pattern Recognition (CIARP 2013), LNCS, Havana, Cuba, 2013, vol. 8258, pp. 1-8. (314.35 KB)
  35. B. Biggio, Corona, I., Maiorca, D., Nelson, B., Srndic, N., Laskov, P., Giacinto, G., and Roli, F., Evasion attacks against machine learning at test time, in European Conference on Machine Learning and Principles and Practice of Knowledge Discovery in Databases (ECML PKDD), 2013, vol. 8190, pp. 387-402. (473.78 KB)
  36. B. Biggio, Didaci, L., Fumera, G., and Roli, F., Poisoning attacks to compromise face templates, in 6th IAPR Int'l Conf. on Biometrics (ICB), Madrid, Spain, 2013. (844.61 KB)
  37. B. Biggio, Fumera, G., and Roli, F., Learning Sparse Kernel Machines with Biometric Similarity Functions for Identity Recognition, in IEEE 5th International Conference on Biometrics: Theory, Applications and Systems (BTAS 2012), Washington DC (USA), 2012, pp. 325 -330. (336.11 KB)
  38. B. Biggio, Nelson, B., and Laskov, P., Poisoning attacks against support vector machines, in 29th Int'l Conf. on Machine Learning (ICML), 2012, pp. 1807–1814. (452.94 KB)
  39. B. Biggio, Fumera, G., Roli, F., and Didaci, L., Poisoning adaptive biometric systems, in 9th Int'l Workshop on Statistical Techniques in Pattern Recognition (SPR 2012), 2012, vol. 7626, pp. 417-425. (637.79 KB)
  40. B. Biggio, Corona, I., Fumera, G., Giacinto, G., and Roli, F., Bagging classifiers for fighting poisoning attacks in adversarial classification tasks, in Multiple Classifier Systems (MCS 2011), 2011, vol. 6713, pp. 350-359. (231.43 KB)
  41. B. Biggio, Fumera, G., and Roli, F., Design of Robust Classifiers for Adversarial Environments, in IEEE International Conference on Systems, Man, and Cybernetics (SMC 2011), Anchorage, Alaska, USA, 2011, pp. 977–982. (328.68 KB)
  42. B. Nelson, Biggio, B., and Laskov, P., Microbagging Estimators: An Ensemble Approach to Distance-weighted Classifiers, in Journal of Machine Learning Research - Proc. 3rd Asian Conference on Machine Learning (ACML 2011), Taoyuan, Taiwan, 2011, vol. 20, pp. 63-79. (481.46 KB)
  43. B. Biggio, Akhtar, Z., Fumera, G., Marcialis, G. L., and Roli, F., Robustness of multi-modal biometric verification systems under realistic spoofing attacks, in Int’l Joint Conference on Biometrics (IJCB), Washington DC, USA, 2011. (2.25 MB)
  44. Z. Akhtar, Biggio, B., Fumera, G., and Marcialis, G. L., Robustness of Multi-modal Biometric Systems under Realistic Spoof Attacks against All Traits, in IEEE Workshop on Biometric Measurements and Systems for Security and Medical Applications (BioMS), Milan, Italy, 2011, pp. 5-10. (954 KB)
  45. B. Biggio, Nelson, B., and Laskov, P., Support Vector Machines Under Adversarial Label Noise, in Journal of Machine Learning Research - Proc. 3rd Asian Conference on Machine Learning (ACML 2011), Taoyuan, Taiwan, 2011, vol. 20, pp. 97-112. (533.74 KB)
  46. B. Nelson, Biggio, B., and Laskov, P., Understanding the Risk Factors of Learning in Adversarial Environments, in 4th ACM Workshop on Artificial Intelligence and Security (AISec 2011), Chicago, IL, USA, 2011, pp. 87–92. (132.42 KB)
  47. B. Biggio, Fumera, G., and Roli, F., Multiple Classifier Systems under Attack, in 9th Int. Workshop on Multiple Classifier Systems (MCS 2010), Cairo, Egypt, 2010, vol. 5997, pp. 74–83. (231.42 KB)
  48. B. Biggio, Fumera, G., and Roli, F., Multiple Classifier Systems for Adversarial Classification Tasks, in 8th Int. Workshop on Multiple Classifier Systems (MCS 2009), Reykjavik, Iceland, 2009, vol. 5519, pp. 132-141. (459.88 KB)
  49. B. Biggio, Fumera, G., and Roli, F., Adversarial Pattern Classification Using Multiple Classifiers and Randomisation, in 12th Joint IAPR International Workshop on Structural and Syntactic Pattern Recognition (SSPR 2008), Orlando, Florida, USA, 2008. (395.38 KB)
  50. B. Biggio, Fumera, G., and Roli, F., Evade Hard Multiple Classifier Systems, in Workshop on Supervised and Unsupervised Ensemble Methods and Their Applications (SUEMA 2008), Patras, Greece, 2008. (185.01 KB)
  51. B. Biggio, Fumera, G., Pillai, I., and Roli, F., Improving Image Spam Filtering Using Image Text Features, in Fifth Conference on Email and Anti-Spam (CEAS 2008), Mountain View, CA, USA, 2008. (154.27 KB)
  52. B. Biggio, Fumera, G., and Roli, F., Bayesian Analysis of Linear Combiners, in 7th Int. Workshop on Multiple Classifier Systems (MCS 2007), Prague, Czech Republic, 2007, vol. 4472, pp. 292-301. (149.24 KB)
  53. G. Fumera, Pillai, I., Roli, F., and Biggio, B., Image spam filtering using textual and visual information, in MIT Spam Conference 2007, Cambridge, MA, USA, 2007. (513.42 KB)
  54. B. Biggio, Fumera, G., Pillai, I., and Roli, F., Image Spam Filtering Using Visual Information, in 14th Int. Conf. on Image Analysis and Processing (ICIAP 2007), Modena, Italy, 2007, pp. 105–110. (173.32 KB)
  55. B. Biggio, Fumera, G., Pillai, I., and Roli, F., Image Spam Filtering by Content Obscuring Detection, in Fourth Conference on Email and Anti-Spam (CEAS 2007), Microsoft Research Silicon Valley, Mountain View, California, 2007. (486.14 KB)
  56. F. Roli, Biggio, B., Fumera, G., Pillai, I., and Satta, R., Image Spam Filtering by Detection of Adversarial Obfuscated Text, in NIPS Workshop on Machine Learning in Adversarial Environments for Computer Security, Whistler, British Columbia, Canada, 2007. (361.97 KB)
Miscellaneous / Others

  1. B. Biggio, Fumera, G., Marcialis, G. L., and Roli, F., Security of pattern recognition systems in adversarial environments. 2012. (235.41 KB)
  2. B. Biggio, Fumera, G., Pillai, I., Roli, F., and Satta, R., Evading SpamAssassin with obfuscated text images, Virus Bulletin, no. 11-2007, 2007. (689 KB)
Thesis

  1. B. Biggio, Adversarial Pattern Classification, University of Cagliari, Cagliari (Italy), 2010. (2.65 MB)