Luca Giacometti

Luca Giacometti

he/him

PhD candidate in IT @ Politecnico di Milano

Publications

You can also find my articles on my Google Scholar profile.

Conference Papers

An Investigation on Packet Sampling between Kernel and User Space for NIDS

Published in International Symposium on Networks, Computers and Communications (ISNCC), Paris, France, 2025

We assess the feasibility of a partially in-kernel anomaly-based intrusion detection system that uses machine learning and a packet sampling policy to keep pace with network traffic. Using the same dataset as the inference stage, we identify a sampling threshold that maintains high precision and recall. Throughput tests on a two-middlebox testbed stressed with iperf3 show that the proposed system performs efficiently and is suitable for deployment.

Recommended citation: L. Giacometti, D. Crippa, S. Miano and G. Verticale, "An Investigation on Packet Sampling between Kernel and User Space for NIDS," 2025 International Symposium on Networks, Computers and Communications (ISNCC), Paris, France, 2025, pp. 1-6, doi: 10.1109/ISNCC66965.2025.11250446.
Download Paper | Download Bibtex

A MARL Approach to Employ Intelligent Traffic Steering in SD-WAN

Published in IEEE Conference on Standards for Communications and Networking (CSCN), Bologna, Italy, 2025

In this work, we study an SD-WAN scenario where traffic is carried over multiple overlay tunnels and dynamically rerouted to the best-performing channel to improve availability. Using a multi-agent reinforcement learning environment with Double Deep Q-Network agents that learn from real-time telemetry, we show that this approach outperforms an RTT-based greedy policy in both uncoordinated and coordinated settings.

Recommended citation: L. Giacometti et al., "A MARL Approach to Employ Intelligent Traffic Steering in SD-WAN," 2025 IEEE Conference on Standards for Communications and Networking (CSCN), Bologna, Italy, 2025, pp. 1-6, doi: 10.1109/CSCN67557.2025.11230744.
Download Paper | Download Bibtex

Authorizing Access to Edge Resources at Wire Speed using 5G Device Authentication

Published in IEEE 25th International Conference on High Performance Switching and Routing (HPSR), Pisa, Italy, 2024

We introduce a protocol that embeds device authentication data into packets leaving the 5G network and entering MEC resources, enabling a P4-based Customer Edge Switch to authorize per-user and per-service traffic under zero-trust principles. In an emulated 5G and Function-as-a-Service setup, our prototype shows low processing delay, and we provide a model estimating the maximum number of devices supportable at wire speed.

Recommended citation: L. Giacometti, F. Battagin and G. Verticale, "Authorizing Access to Edge Resources at Wire Speed using 5G Device Authentication," 2024 IEEE 25th International Conference on High Performance Switching and Routing (HPSR), Pisa, Italy, 2024, pp. 67-72, doi: 10.1109/HPSR62440.2024.10635919.
Download Paper | Download Bibtex