PIETRO LIGUORI

Assistant Professor at the Department of Electrical Engineering and Information Technology (DIETI)

University of Naples Federico II, Naples, Italy

Ph.D. in Information Technologies and Electrical Engineering (ITEE) and member of Dependable and Secure Software Engineering and Real-Time Systems (DESSERT) group at the University of Naples Federico II.
My research activity focuses on the Security and Robustness of AI code generators, and application of LLM in offensive security. My research interests also include fault-injection testing, failure mode analysis and runtime failure detection in cloud computing infrastructures.

Teaching Activities

Local Organizer - National Training Program

CyberChallenge.IT

I serve as the official representative for the University of Naples Federico II, overseeing and coordinating the CyberChallenge.IT program in Naples. CyberChallenge.IT is a national program aimed at training the next generation of cybersecurity professionals through a series of intensive workshops, practical exercises, and competitions in cyber defense and ethical hacking.

2021 - Current

Professor

Laboratorio di Programmazione

MSc course in Biomedical and Electonic Engineering at the University of Naples Federico II, Italy.

2023/24, 2024/25

Adjunct Professor

Affidabilità e Sicurezza Sistemi Software Complessi

MSc course in Computer Engineering at the University of Campania Luigi Vanvitelli, Italy.

2021/22, 2022/23

Teaching Assistant

Impianti di Elaborazione

MSc course in Computer Engineering at the University of Naples Federico II, Italy.

Professor: Domenico Cotroneo

2018/19 - current

Thesis Advisor

At the Univesity of Naples Federico II, I collaborate with Professor Domenico Cotroneo and Professor Roberto Natella on several research topics, including security and robustness testing of AI code generators and the application of code generators for offensive security.
The following is the list of thesis and students I have been advisor.

MSc Thesis:

Thesis Advisor, Impianti di Elaborazione,"Un Metodo per l’Analisi di Bug Residui in Sistemi Python Complessi", Lavinia Russo, M63001479, 2023/2024
Thesis Advisor, Software Security, "Prompt Engineering for Offensive Code Generation", Gianfranco Coppola, M63001194, 2023/2024
Thesis Advisor, Impianti di Elaborazione, "Generazione di Codice VHDL da Linguaggio Naturale: Fine-Tuning di Modelli AI Open-Source e Confronto con Modelli Closed-Source", S.Ten. Carlo Portosalvo, M63001538, 2023/2024
Thesis Advisor, Impianti di Elaborazione, "Valutazione delle Tecnologie di Generazione Automatica di Codice per Firmware: Performance dei Modelli AI Closed-Source", Anna Scala, M63000662, 2023/2024
Thesis Advisor, Software Security, "Generating PowerShell attacks from Natural Language", Christian Marescalco, M63001367, 2022/2023
Thesis Advisor, Impianti di Elaborazione, "Security Testing of AI Code Generators", Alessio Foggia, M63001311, 2022/2023
Thesis Advisor, Impianti di Elaborazione, "Software Vulnerability Analysis for AI-generated code", Roberta De Luca, M63001270, 2022/2023
Thesis Advisor, Software Security, "Analisi di modelli di Neural Machine Translation per Offensive Security", Umberto Pier Rosario Caturano, M63001260, 2021/22
Thesis Co-Advisor, Impianti di Elaborazione, "Context-Aware Generation of Software Exploits via AI-based Code Generators", Martina Russo, M63001128, 2021/22
Thesis Co-Advisor, Software Security, "Emulazione di reti embedded per l’analisi di Intrusion Detection Systems", Luigi Sgambato, M63000942, 2021/22
Thesis Co-Advisor, Impianti di Elaborazione, "Generation of Offensive Python Code with Neural Machine Translation", Nicola Riccio, M63000984, 2021/22
Thesis Co-Advisor, Impianti di Elaborazione, "Towards the Automatic Evaluation of Code Syntax and Semantics", Emiliano Fiorenza, M63000920, 2021/22
Thesis Co-Advisor, Impianti di Elaborazione, "Leveraging Adversarial Training to improve NMT Models Robustness in Code Generation tasks", Cristina Improta, M63001057, 2020/21
Thesis Co-Advisor, Impianti di Elaborazione, "Rilevamento di Anomalie in Sistemi Cloud: un Approccio Automatizzato Basato su Distributed Tracing", Nicola Apa, M63001050, 2020/21
Thesis Co-Advisor, Impianti di Elaborazione, "Analisi Empirica per il Rilevamento delle Anomalie su OpenStack in Scenari Multi-Tenant", Roberto Scarpati, M63001013, 2020/21
Thesis Co-Advisor, Impianti di Elaborazione, "Leveraging Neural Machine Translation to Automatically Generate Software Exploits", Simona De Vivo, M63001022, 2020/21. The thesis was evaluated as one of the three best master's degree theses of the degree courses in Computer Science, Computer Engineering or Data Science of the universities of Campania, on research topics related to Big Data Analytics, Machine Learning and Multimedia in the periodo between 01/07 /2020 and 30/12/2021 (award in memory of “Prof. Antonio Picariello").
Thesis Co-Advisor, Impianti di Elaborazione, "Enhancing Failure Analysis of Cloud Infrastructures by using Deep Learning", Gabriella Karamanolis, M63000754, 2019/20
Thesis Co-Advisor, Impianti di Elaborazione, "Runtime Verification via Stream Processing in Cloud Computing Infrastructures", Angela Scibelli, M63000706, 2019/20

BSc Thesis:

Thesis Advisor, Laboratorio di Programmazione, "Generazione automatica di Codice nella Software Security", Antonio Ferraioli, N46003715, 2023/2024
Thesis Advisor, Laboratorio di Programmazione, "Valutazione della Sicurezza dei Dataset per l'addestramento dei modelli di Code Generation", Eros Cribello, N46004376, 2022/2023
Thesis Advisor, Laboratorio di Programmazione, "Evaluating Software Vulnerabilities in Public AI Code Generators", Francesco Balassone, N46005679, 2022/2023
Thesis Advisor, Laboratorio di Programmazione, "Simulazione e Analisi di Attacchi Informatici verso Sistemi IoT mediante Anomaly Detection", Raffaele Imperato, N46005552, 2022/2023
Thesis Advisor, Laboratorio di Programmazione, "Generazione Automatica di Codice Utilizzando Hugging Face", Federico Mirra, N46005468, 2022/2023

Publications

Journal Articles

Enhancing robustness of AI offensive code generators via data augmentation

Improta, I., Liguori, P., Natella, R., Cukic, B., and Cotroneo, D.

Empirical Software Engineering.

DOI: https://doi.org/10.1007/s10664-024-10569-y

October 19, 2024

DeVAIC: A tool for security assessment of AI-generated code

Cotroneo, D., De Luca, R., and Liguori, P.

Information and Software Technology.

DOI: 10.1016/j.infsof.2024.107572

September 16, 2024

Automating the correctness assessment of AI-generated code for security contexts

Cotroneo, D., Foggia, A., Improta, C., Liguori, P., and Natella, R.

The Journal of Systems & Software.

DOI: 10.1016/j.jss.2024.112113

May 23, 2024

AI Code Generators for Security: Friend or Foe?

Natella, R., Liguori, P., Improta, C., Cukic, B., and Cotroneo, D.

IEEE Security & Privacy.

DOI: 10.1109/MSEC.2024.3355713

February 1, 2024

Who evaluates the evaluators? On automatic metrics for assessing AI-based offensive code generators

Liguori, P., Improta, C., Natella, R., Cukic, B., and Cotroneo, D.

Expert Systems with Applications.

DOI: 10.1016/j.eswa.2023.120073

April 13, 2023

Run-time failure detection via non-intrusive event analysis in a large-scale cloud computing platform

Cotroneo, D., De Simone, L., Liguori, P., and Natella, R.

Journal of Systems and Software.

DOI: 10.1016/j.jss.2023.111611

January 3, 2023

Can We Generate Shellcodes via Natural Language? An Empirical Study

Liguori, P., Al-Hossami, E., Cotroneo, D., Natella, R., Cukic, B., and Shaikh, S.

Automated Software Engineering.

DOI: 10.1007/s10515-022-00331-3

March 5, 2022

Enhancing the Analysis of Software Failures in Cloud Computing Systems with Deep Learning

Cotroneo, D., De Simone, L., Liguori, P., and Natella, R.

Journal of Systems and Software.

DOI: 10.1016/j.jss.2021.111043

July 12, 2021

Fault Injection Analytics: A Novel Approach to Discover Failure Modes in Cloud-Computing Systems

Cotroneo, D., De Simone, L., Liguori, P. and Natella, R.

IEEE Transactions on Dependable and Secure Computing.

DOI: 10.1109/TDSC.2020.3025289

September 21, 2020, IEEE

Conference Papers

Vulnerabilities in AI Code Generators: Exploring Targeted Data Poisoning Attacks

Cotroneo, D., Improta, C., Liguori, P., and Natella, R.

32nd IEEE/ACM International Conference on Program Comprehension (ICPC 2024).

DOI: 10.1145/3643916.3644416

June 13, 2024, Lisbon, Portugal

EVIL: Exploiting Software via Natural Language

Liguori, P., Al-Hossami, E., Orbinato, V., Natella, R., Shaikh, S., Cotroneo, D., and Cukic, B.

32nd International Symposium on Software Reliability Engineering (ISSRE 2021)

DOI: 10.1109/ISSRE52982.2021.00042

October 25-28, 2021, Virtual

ProFIPy: Programmable Software Fault Injection as-a-Service

Cotroneo, D., De Simone, L., Liguori, P. and Natella, R.

50th International Conference on Dependable Systems and Networks (DSN).

DOI: 10.1109/DSN48063.2020.00052

June 29 - July 2,2020, Valencia, Spain

Enhancing Failure Propagation Analysis in Cloud Computing Systems

Cotroneo, D., De Simone, L., Liguori, P., Natella, R. and Bidokhti, N.

30th International Symposium on Software Reliability Engineering (ISSRE).

DOI: 10.1109/ISSRE.2019.00023

28-31 Oct. 2019, Berlin, Germany

FailViz: A Tool for Visualizing Fault Injection Experiments in Distributed Systems

Cotroneo, D., De Simone, L., Liguori, P., Natella, R. and Bidokhti, N.

15th European Dependable Computing Conference.

DOI: 10.1109/EDCC.2019.00036

17-20 September 2019, Naples, Italy

How Bad Can a Bug Get? An Empirical Analysis of Software Failures in the OpenStack Cloud Computing Platform

Cotroneo, D., De Simone, L., Liguori, P., Natella, R. and Bidokhti, N.

27th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE).

DOI: 10.1145/3338906.3338916

26-30 Aug. 2019, Tallin, Estonia

Workshop Papers

Neural Fault Injection: Generating Software Faults from Natural Language

Cotroneo, D., and Liguori, P.

2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks - Supplemental Volume (DSN-S).

DOI: 10.1109/DSN-S60304.2024.00016

June, 2024, Brisbane, Australia

DDoShield-IoT: A Testbed for Simulating and Lightweight Detection of IoT Botnet DDoS Attacks

De Vivo, S., Obaidat, I., Dai, D., and Liguori, P.

2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks - Supplemental Volume (DSN-S).

DOI: 10.1109/DSN-W60302.2024.00014

June, 2024, Brisbane, Australia

Simulation Environment for the Evaluation of Lightweight Intrusion Detection Systems

De Vivo, S., and Liguori, P.

34th International Symposium on Software Reliability Engineering Workshops (ISSREW).

DOI: 10.1109/ISSREW60843.2023.00061

October 12, 2023, Florence, Italy

Can NMT Understand Me? Towards Perturbation-based Evaluation of NMT Models for Code Generation

Liguori, P., Improta, C., De Vivo, S., Natella, R., Cukic, B., and Cotroneo, D.

1st International Workshop on Natural Language-Based Software Engineering (NLBSE).

DOI: 10.1145/3528588.3528653

May 8, 2022, Virtual

Shellcode_IA32: A Dataset for Automatic Shellcode Generation

Liguori, P., Al-Hossami, E., Cotroneo, D., Natella, R., Cukic, B., and Shaikh, S.

NLP4Prog Workshop co-located with ACL-IJCNLP 2021.

DOI: 10.18653/v1/2021.nlp4prog-1.7

August 6, 2021, Virtual

Towards Runtime Verification via Event Stream Processing in Cloud Computing Infrastructures

Cotroneo, D., De Simone, L., Liguori, P., Natella, R., and Scibelli, A.

International Workshop on Artificial Intelligence for IT Operations (AIOPS 2020).

DOI: 10.1007/978-3-030-76352-7_19

December 14, 2020, Virtual

Enhancing the Analysis of Error Propagation and Failure Modes in Cloud Systems

Cotroneo, D., De Simone, L., Di Martino, A., Liguori, P. and Natella, R.

2018 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW).

DOI: 10.1109/ISSREW.2018.00-13

October, 2018

Activities in Scientific and Editorial Committees

Invited Member at the IFIP Working Group 10.4 Meeting on Dependable Computing and Fault Tolerance

86th meeting of the IFIP Working Group 10.4, Gold Coast, Australia, June 2024.
85th meeting of the IFIP Working Group 10.4, Saint Simon Island, Georgia, USA, February 2024.

Editor for journal special issues:

Reliable and Secure Large Language Models for Software Engineering, Journal of Systems and Software.
Reliable and Secure AI-based Code Generators , Automated Software Engineering journal.

Program Chair for:

2nd IEEE International Workshop on Reliable and Secure AI for Software Engineering, co-located with ISSRE 2024.
1st IEEE International Workshop on Reliable and Secure AI for Software Engineering, co-located with ISSRE 2023.

Program Committee Member for:

The 13th International Symposium on Information and Communication Technology (SOICT 2024).
The 35th International Symposium on Software Reliability Engineering (ISSRE 2024).
The 19th European Dependable Computing Conference (EDCC 2024).
The 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2023), Doctoral Forum.
The 12th Latin-American Symposium on Dependable and Secure Computing (LADC 2023).
The 2nd International Workshop on Dependability Modeling and Design (WDMD 2023).
The 3rd International Workshop on Artificial Intelligence for Software Engineering and IT Operations (AIOPS 2023).
The 2nd International Workshop on Artificial Intelligence for IT Operations (AIOPS 2021).

Publication Chair for ISSRE 2023

Publication Chair for the 34th IEEE International Symposium on Software Reliability Engineering (ISSRE 2023).

Session Chair for:

The 54th IEEE International Symposium on Software Reliability Engineering (ISSRE 2024).
The 34th IEEE International Symposium on Software Reliability Engineering (ISSRE 2023).
The 11th IEEE International Workshop on Software Certification (WoSoCer 2021)

Publicity Chair for WoSAR 2023

Publicity Co-Chairs for the 15th International Workshop On Software Aging And Rejuvenation, co-located with ISSRE 2023.

Artifact Evaluation Committee Member for EuroSys 2023

Artifact Evaluation Committee Member of the 18th European Systems Conference.

Speaker and Invited Talks

Invited Lecturer at The Summer School ARTISAN (Role and effects of ARTificial Intelligence in Secure ApplicatioNs) 2024

Generative AI in Cybersecurity: Generating Offensive Code from Natural Language
Valance, France

July 16, 2024

Research Paper Presentation at DCCS 2024

DDOSHIELD-IoT: A Testbed for Simulating and Lightweight Detection of IoT Botnet DDoS Attacks
Research Paper Presentation at The 3rd International Workshop on Dependable Computing for Complex Systems, co-located with DSN 2024.
Brisbane, Australia

June 24, 2024

Research Paper Presentation at ReSAISE 2023

Simulation Environment for the Evaluation of Lightweight Intrusion Detection Systems
Research Paper Presentation at The 1st IEEE International Workshop on Reliable and Secure AI for Software Engineering, co-located with ISSRE 2023.
Florence, Italy

October 12, 2023

Research Paper Presentation at ITASEC 2023

AI Code Generators for Security: Friend or Foe?
Research Paper Presentation at The Italian Conference on CyberSecurity (ITASEC).
Bari, Italy

May 3, 2023

Invited Speaker at CRIT SRL

L’AI Generativa e il futuro della scrittura di codice
Speaker of the seminar organized by CRIT SRL.
Virtual

April 4, 2023

Journal Paper Presentation at ISSRE 2021 (J1C2 Track)

Enhancing the Analysis of Software Failures in Cloud Computing Systems with Deep Learning
Journal Paper Presentation at The 32nd International Symposium on Software Reliability Engineering (ISSRE 2021).
Virtual

October 28, 2021

Research Paper Presentation at ISSRE 2021

EVIL: Exploiting Software via Natural Language
Research Paper Presentation at The 32nd International Symposium on Software Reliability Engineering (ISSRE 2021).
Virtual

October 27, 2021

Research Paper Presentation at AIOPS 2020

Towards Runtime Verification via Event Stream Processing in Cloud Computing Infrastructures
Research Paper Presentation at International Workshop on Artificial Intelligence for IT Operations (AIOPS 2020)
Virtual

December 14, 2020

Invited Speaker at the University of Chicago, Chicago, USA

How Bad Can a Bug Get? An Empirical Analysis of Software Failures in the OpenStack Cloud Computing Platform
Invited speaker, hosted by Dr. Haryadi Gunawi, for the talk
University of Chicago, Chicago, USA

July 30, 2020

Student Forum Presentation at the EDCC 2019

Analyzing Fault Injection Data with Machine Learning, Student Forum Presentation at the 15th European Dependable Computing Conference
Naples, Italy

September, 2019

Reseach Paper Presentation at the ESEC/FSE 2019

How Bad Can a Bug Get? An Empirical Analysis of Software Failures in the OpenStack Cloud Computing Platform, Research Paper Presentation at ESEC/FSE 2019.
Tallin, Estonia

August, 2019

Artficact awarded at the ESEC/FSE 2019

OpenStack Fault-Injection Tool, Artifact at ESEC/FSE 2019 awarded with Available and Reusable badges.
URL: https://github.com/dessertlab/OpenStack-Fault-Injection-Environment

June, 2019

Education

Invited Research Scholar at the University of North Carolina at Charlotte, North Carolina, USA

Invited Research Scholar at the University of North Carolina at Charlotte (UNCC) under the supervision of Dr. Bojan Cukic.
University of North Carolina at Charlotte, NC, USA

January 2020 - December 2020

Ph.D. in Information Technology and Electrical Engineering

Department of Electrical Engineering and Information Technology
University of Naples Federico II, Naples, Italy.

Ph.D. Thesis Title: Fault Injection For Cloud Computing Systems: From Failure Mode Analysis To Run-Time Failure Detection

November, 2018 - May 2022

Master Degree

Master of Engineering cum laude in Computer Engineering.
University of Naples Federico II, Naples, Italy.

Master Thesis Title: An Approach to Failure Mode Analysis of Cloud Computing Infrastructures

July, 2018

Bachelor Degree

Bachelor of Engineering in Computer Engineering.
University of Naples Federico II, Naples, Italy.

Bachelor Thesis Title: Development of an Installation Package of the EFIT++ Code on Linux Distributions

December, 2014

CONTACTS

Email: pietro.liguori@unina.it