Professional Documents
Culture Documents
Neural Network Techniques For Proactive Password Cracking
Neural Network Techniques For Proactive Password Cracking
Abstract—This paper deals with the access control problem. We assume that valuable resources need to be protected against
unauthorized users and that, to this aim, a password-based access control scheme is employed. Such an abstract scenario captures
many applicative settings. The issue we focus our attention on is the following: Password-based schemes provide a certain level of
security as long as users choose good passwords, i.e., passwords that are hard to guess in a reasonable amount of time. In order to
force the users to make good choices, a proactive password checker can be implemented as a submodule of the access control
scheme. Such a checker, any time the user chooses/changes his own password, decides on the fly whether to accept or refuse the
new password, depending on its guessability. Hence, the question is: How can we get an effective and efficient proactive password
checker? By means of neural networks and statistical techniques, we answer the above question, developing suitable proactive
password checkers. Through a series of experiments, we show that these checkers have very good performance: Error rates are
comparable to those of the best existing checkers, implemented on different principles and by using other methodologies, and the
memory requirements are better in several cases. It is the first time that neural network technology has been fully and successfully
applied to designing proactive password checkers.
Index Terms—System security, access control, passwords, machine learning, neural networks.
1 INTRODUCTION
nature. Hence, a password is weak if it can be found in a proactive password checking. Instead of using standard
reasonable amount of time, while it is strong if the search computing techniques, the classifier was implemented by
requires unavailable resources of time or space, i.e., it can be means of a perceptron, the simplest example of neural
any element of a big dictionary constructed over a given networks. The extended abstract pointed out the efficiency
alphabet. It follows that a strong password looks like a and efficacy of the approach compared to previous
random string. proposals.
Previous Work on the Subject. Several papers have Our Contribution. In this paper, we fully develop the
addressed the issue of choosing good passwords. In the approach of [6]. We discuss and analyze proactive
literature, different techniques have been proposed in order password checkers based on multilayer neural networks.
to discourage/remove the choice of easy-to-guess pass- We evaluate the performance of several network topolo-
words (see [26] for a recent overview). Proactive password gies and of a combined approach comprising standard
checking is a promising technique. A proactive password preprocessing techniques of the inputs and neural net-
checker is a program that interacts with the user when he works. We compare the performance of our system with
changes his password. It checks the proposed new pass- those obtained by [5], [16]. The results obtained show that
word and the change is allowed only if it is hard to guess. If proactive password checkers based on this technology are
the password is easy to guess, the system asks the user to a suitable alternative to currently available solutions and,
type in another password instead. The philosophy on which for resource-constrained devices (e.g., smart cards), they
these programs are based is that the user has the ability to might represent the best choice.
select a password, but the system enables the selection of
nontrivial ones only. 2 A MATHEMATICAL FRAMEWORK
Proactive Password Checkers. A proactive password
checker is a simple program conceptually. It holds a list of A Model [4]. Let P be the set of all acceptable passwords, let
weak passwords that must be rejected. When the user p be an element chosen from P, and let s be a function used
chooses or wishes to change his password, it checks for to select the password p from P. Then, denote by p0 a guess
membership in the list. If the password is found in the list, for the password p and assume that it takes a constant
the substitution is not enabled and a short justification is amount of time T ¼ tðp0 Þ to determine whether this guess is
given; otherwise, the substitution is allowed. However, a a correct one, i.e., if p0 ¼ p.
We can model the choice of p in P with a random
straightforward implementation of such a program is not
variable G, taking values in P. These values are assumed
suitable for two reasons: The list of weak passwords can be
according to a probability distribution PG over elements of
very long and cannot be kept in the first levels (i.e., cache
P that is induced by the selection function s. Moreover,
and main memories) of the memory hierarchy. Also, the
assuming that s is known, the time to guess p can be
time for checking membership can be high, which implies
represented with a random variable FPG , which assumes
an unacceptably long wait for the user. Therefore, several
real values according to PG .
proactive password checkers that aim at reducing the time
If G is uniformly distributed on P, i.e., PG ¼ U, and no
and space complexities of the trivial approach have been
proposed (see [17], [10], [23], [16]). All these models are an prior knowledge of the authentication function (the func-
improvement over the straightforward scheme. However, tion used by the operating system to check the equality of a
both the straightforward scheme and these checkers have a guess with the true password) is available, then, as pointed
low predictive power when tested on new dictionaries of out in [4], to guess the selected password p, we have to try,
words, i.e., they do not perform well if passwords are on average, jPj
2 passwords from P and the expected running
chosen from dictionaries which have not been considered time is EðFU Þ ¼ T jPj2 .
during the setup phase of the checker. Indeed, a desirable Notice that, in this model, there is a correspondence
feature of a proactive password checker is the ability to between the set S of selection functions and the set DP , the
correctly classify passwords which do not appear in the set of all probability distributions on the set P. Therefore,
initial set. To this aim, an interesting approach for designing we can characterize the bad selection functions s to choose p
a proactive password checker is the one applied in [1]. The in P, with those probability distributions PG such that
problem of password classification is therein viewed as a
EðFPG Þ kEðFU Þ: ð1Þ
Machine Learning Problem. The system, in a training phase,
using dictionaries of examples of weak and strong pass- The parameter k 2 ½0; 1 defines a lower bound on the
words, gets the knowledge for distinguishing weak pass- suitability of a given selection function, represented by the
words from strong ones. This knowledge is represented by distribution PG . If p is chosen according to a probability
means of a decision tree. Later on, the decision tree is used distribution PG that satisfies (1), we say that p is easy-to-
for classification. The experimental results reported in [1] guess.
showed a meaningful enhancement of the error rates of A family of bad selection functions is represented by
previous solutions. The same technique was subsequently language dictionaries, where the dictionary can be seen as
applied in [5], where the power of the checker was the image set of a selection function s. The words in the
increased by exploring another key idea of machine dictionary are a small subset of all the strings that can be
learning in the construction of the decision tree: the constructed with the symbols of a given alphabet. Accord-
Minimum Description Length Principle (MDLP). Finally, [6], ing to our model, the distribution induced by languages is
put forward the possibility of using neural networks for skewed on P since they assign nonzero values only to a small
CIARAMELLA ET AL.: NEURAL NETWORK TECHNIQUES FOR PROACTIVE PASSWORD CHECKING 329
X
d
ak ðxÞ ¼ wTk x þ w0k ¼ wik xi þ w0k : ð3Þ
i¼1
TABLE 3
Classification Percentage of Data_Set_1
with Different NNs, no PCA
The training, the validation, and the test sets have been
obtained by collecting the labeled passwords in order to
form two big dictionaries of weak and strong passwords
and by assigning a randomly chosen 60 percent of the two
dictionaries to the training set, a randomly chosen 20 per-
cent to the validation set, and the remaining 20 percent to
the test set.
Our experiments were carried out using algorithms of
the Netlab Toolbox [21]. More precisely, the training
algorithm used for the SLP is the IRLS [21], with activation
functions for the output units given by the logistic Fig. 3. Eigenvalues plot of the training set.
sigmoidal function. Moreover, we have used the quasi-
Newton optimization algorithm as the training algorithm From the analysis of the correlation matrix, we note that
for the MLP with tanh activation functions for the nodes of the first two principal components (see Fig. 3) have
the hidden layer and a linear function for the nodes of the meaningful information (more than 90 percent of informa-
output layer. The number of inputs for both the NNs is four tion). This allows us to use a linear PCA technique to extract
and the number of outputs is one. In the case of the MLP, two features and to obtain a two-dimensional dictionary.
we have considered several instances of the network by More precisely, we have that, from the four features of the
changing the number of hidden nodes from four to 10. training set that we denote as
Performance. In Table 3 we show the classification rates
with respect to Data_Set_1, obtained with different NNs. x1 ¼ Classes;
From these results, it is clear that MLPs achieve better x2 ¼ #Strong Characters;
performance than SLPs, even when the number of hidden
x3 ¼ Upper Lower Distribution;
nodes is small. Since the classification rate is higher when
the number of hidden nodes is eight, we report in Table 4 and
the classification rates of such an NN on all dictionaries we
have constructed. x4 ¼ Digrams;
we obtain two features (y1 and y2 ). These features are a
TABLE 4 linear combination of the four source features and they can
Classification of the Dictionaries of Data_Set_1 be described by the following equation:
Using an Eight-Hidden-Nodes MLP X3
yi ¼ x for i ¼ 1; 2;
j¼1 ij j
ð12Þ
TABLE 5 TABLE 7
Classification Percentage of Data_Set_1 Classification of the Dictionaries of Data_Set_2
with Different NNs, with PCA by Using an MLP with 10 Hidden Nodes
TABLE 8
Classification Percentage of Data_Set_2
with Different NNs, with PCA
Fig. 4. Data visualization and contour plot obtained by using a MLP with
eight hidden nodes with PCA on the whole dictionary Data_Set_1: (.)
TABLE 6
Classification Percentage of Data_Set_2
with Different NNs, No PCA
Fig. 5. Data visualization and contour plot obtained by using an MLP with
10 hidden nodes with PCA on the whole dictionary Data_Set_2: (.) class
with label 1, (+) class with label 0.
CIARAMELLA ET AL.: NEURAL NETWORK TECHNIQUES FOR PROACTIVE PASSWORD CHECKING 335
Fig. 6. Decision boundary of the RBF model with 10 hidden nodes and Fig. 8. Decision boundary of the FRNN model with 10 hidden nodes and
with PCA on Data_Set_1. with PCA on Data_Set_1.
errors are due to the noise.1.1 dictionary, composed of NN and enables a visual representation of the classification
passwords of the dictionary weak in which a randomly process. For these reasons, in using the RBF and FRNN
chosen character has been substituted with a strong models, we have only considered the two data sets obtained
character and half of the letters have been substituted with by applying the PCA preprocessing.
their uppercase. With respect to Data_Set_1, we obtain, by using an RBF-
Comparison with Other Classification Methods. For based NN with 10 hidden nodes, 92.1818 percent of perfect
the sake of completeness, we have compared the results classification on the training set and 92.2148 percent on the
obtained with MLPs with the following classification test set. With respect to Data_Set_2, we obtain 94.8316 per-
methods: cent of perfect classification on the training set and of
94.8507 percent on the test set.
. Kernel Functions. Radial Basis Functions (RBFs) are
By using an FRNN with 10 hidden nodes on Data_Set_1,
powerful kernel-based techniques for interpolation
we get 95.9108 percent of perfect classification on the
and classification in multidimensional spaces. Basi-
training set and 95.8644 percent on the test set. With respect
cally, an RBF is a function which implements a
distance criterion with respect to a center. Radial to Data_Set_2, we obtain 97.194 percent of perfect classifica-
basis functions have been applied in the area of tion on the training set and 97.2195 percent on the test set.
NNs. Such networks have three layers: the input In Figs. 6, 7, 8, and 9, we plot the decision boundaries
layer, the hidden layer with the RBF functions, and a obtained in the above experiments.
linear output layer. The most popular choices for Notice that the experiments executed with FRNNs have
RBFs are the Gaussian functions. For a complete also shown that a smaller number of hidden nodes are
introduction to NNs based on RBFs, the reader is sufficient to get high classification rates. Indeed, an FRNN
referred to [3]. with five hidden nodes correctly classifies 93.9547 percent
. Fuzzy Models. Fuzzy Relational Neural Networks of the training set and 93.9114 percent on the test set of
(FRNNs) have been introduced in [9]. FRNNs apply Data_Set_1. At the same time it correctly classifies
fuzzy rules in order to classify objects. These fuzzy 97.1391 percent of the training set and 97.1782 percent on
rules are obtained by combining fuzzy relations the test set of Data_Set_2.
learned during the training process. The composi- Comparison with Other Password Checkers. We com-
tion of such relations is accomplished by using pared our password checker with those described in [5] and
suitable norms (e.g., t-Norms). [16]. We chose these proactive password checkers since the
The experiments considered so far show that the system described in [5] outperforms all the previous
percentages of classification obtained with and without solutions described in the literature and the second one is
PCA preprocessing are substantially the same. On the other derived from Crack [15], the most used password cracker.
hand, PCA preprocessing allows one to construct a smaller Both these systems can be adapted to a per-site policy.
Fig. 7. Decision boundary of the RBF model with 10 hidden nodes and Fig. 9. Decision boundary of the FRNN model with 10 hidden nodes and
with PCA on Data_Set_2. with PCA on Data_Set_2.
336 IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 3, NO. 4, OCTOBER-DECEMBER 2006
TABLE 9 TABLE 11
Hyppocrates—noise.1.2 Considered Hyppocrates—noise.1.2 Considered
in Training Phase as Strong in Training Phase as Strong
TABLE 10 TABLE 12
Hyppocrates—noise.1.2 Considered Hyppocrates—noise.1.2 Considered
in Training Phase as Strong in Training Phase as Weak
CIARAMELLA ET AL.: NEURAL NETWORK TECHNIQUES FOR PROACTIVE PASSWORD CHECKING 337
TABLE 13 TABLE 15
Hyppocrates—noise.1.2 Considered Classification of the Dictionaries Used to Construct Data Set 1
in Training Phase as Weak and Data Set 2 Provided by Cracklib in Several Experiments
TABLE 16
TABLE 14 Classification of the Dictionaries Used to Construct Data Set 1
Hyppocrates—noise.1.2 Considered and Data Set 2 Provided by Cracklib in Several Experiments
in Training Phase as Weak
338 IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 3, NO. 4, OCTOBER-DECEMBER 2006
5 CONCLUSIONS
We have applied SLP and MLP networks to the design of
proactive password checkers. It is the first time that such
techniques have been fully (and successfully) employed in
this setting. We have evaluated the performance of several
network topologies. For some of them, we have provided a
visualization of the behavior of the network using a
standard preprocessing technique of the inputs. Moreover,
we have compared the MLP networks with kernel-based
and fuzzy-based neural network models. Although such
models obtain very high classification rates, MLP networks
passwords decreases to 0.4 percent and, simultaneously, the still appear to be the best choice. Finally, we have compared
error rate over the strong passwords decreases to 10 percent. the classification rates obtained by our solutions with
For Hyppocrates, we note that Experiments 1, 2, and 3
previously presented proactive password checkers. In all
show a very good classification rate for weak passwords.
cases, the results confirm that proactive password checkers
Indeed, if we consider the dictionary noise.1.2 a strong one,
based on this technology have high efficiency and efficacy.
the percentage of weak passwords that are misclassified is 0
The solution presented has the main advantage that the
for Experiments 2 and 3. Furthermore, the memory
size of information to be stored after the training of the NN
requirements for the pruned tree are almost comparable
to the size of the NN (see Table 17). is independent of the size of the training set and, in our case,
On the other hand, we note that, for Hyppocrates, it is can be as low as 552 bytes. Hence, such checkers might be
hard to classify noise.1.2 as a weak dictionary. The results of easily implemented using the smart card technology.
Experiments 4, 5, and 6 show that, if we consider noise.1.2.
as a weak dictionary, the percentage of misclassified REFERENCES
passwords becomes unacceptable. Only in Experiment 6, [1] F. Bergadano, B. Crispo, and G. Ruffo, “High Dictionary
the percentage of misclassification of weak passwords is Compression for Proactive Password Checking,” ACM Trans.
0.67, but the price we pay is that the size of the pruned tree Information and System Security, vol. 1, no. 1, pp. 3-25, 1998.
[2] S.M. Bellovin and M. Merritt, “Encrypted Key Exchange: Pass-
grows to 76 KB. Hence, the size of a tree that classifies word-Based Protocols Secure against Dictionary Attacks,” Proc.
noise.1.2 as a weak dictionary (and that does not induce IEEE Symp. Research in Security and Privacy, pp. 72-84, 1992.
misclassification on the other weak dictionaries) is quite big. [3] C.M. Bishop, Neural Networks for Pattern Recognition. Oxford Univ.
The results of the experiments for Cracklib show very Press, 1995.
[4] M. Bishop, “Proactive Password Checking,” Proc. Fourth Workshop
poor performance with regard to the classification of weak Computer Security Incident Handling, pp. 1-9, 1992.
passwords (see Tables 15 and 16). Indeed, while it correctly [5] C. Blundo, P. D’Arco, A. De Santis, and C. Galdi, “Hyppocrates: A
classifies almost all the strong passwords, it fails in New Proactive Password Checker,” J. Systems and Software, vol. 71,
nos. 1-2, pp. 163-175, Apr. 2004.
classifying weak passwords, if they have not been used [6] C. Blundo, P. D’Arco, A. De Santis, and C. Galdi, “A Novel
during the training phase. Approach to Proactive Password Checking,” Proc. Infrastructure
Memory Requirement. As a final remark, we would like Security (INFRASEC ’02), pp. 30-39, 2002.
[7] M.K. Boyarsky, “Public-Key Cryptography and Password Proto-
to stress that the space needed to store a NN once it has been cols: The Multi-User Case,” ACM Conf. Computer and Comm.
trained, consists of a few bytes and that it is independent of the Security, pp. 63-72, 1999.
size of the training set. In our case, the PCA matrix consists of [8] V. Boyko, P. MacKenzie, and S. Patel, “Provably Secure Password-
eight real values. An MLP with h hidden nodes, with four Authenticated Key Exchange Using Diffie-Hellman,” Proc. Euro-
crypt 2000, pp. 156-171, 2000.
inputs and one output, requires storing 5h real values for the [9] A. Ciaramella, R. Tagliaferri, W. Pedrycz, and A. Di Nola, “Fuzzy
weights and biases needed to compute the intermediate Relational Neural Network,” Int’l J. Approximate Reasoning, vol. 41,
activation variables and h þ 1 values, for computing the pp. 146-163, 2006.
[10] C. Davies and R. Ganesan, “Bapasswd: A New Proactive
second-layer activation variable, along with the bias for the Password Checker,” Proc. 16th Nat’l Conf. Computer Security,
output unit. pp. 1-15, 1993.
This means that, in an MLP with 10 hidden nodes with [11] N.M. Haller, “The S/KEY One-Time Password System,” Proc.
ISOC Symp. Networks and Distributed Systems Security, 1994.
PCA preprocessing, if a real value is encoded using 8 bytes, [12] N. Haller, C. Metz, P. Nesser, and M. Straw, A One-Time Password
the total number of bytes to be stored is 552, independently of System, Request for Comments 2289, 1998.
the size of the training set. In contrast, previous solutions [13] L.C. Jain, U. Halici, I. Hayashi, S.B. Lee, and S. Tsutsui, Intelligent
presented in [5], [1], [16] require the size of the information Biometric Techniques in Fingerprint and Face Recognition. CRC Press,
1999.
to be stored, once the system has been trained, to be [14] “John the Ripper” password cracker, http://www.openwall.
dependent on the specific training set. In Table 17, we report com/john, 2006.
CIARAMELLA ET AL.: NEURAL NETWORK TECHNIQUES FOR PROACTIVE PASSWORD CHECKING 339
[15] A.D. Muffett, “Crack 5.0,” http://www.crypticide.com/users/ Alfredo De Santis received the laurea degree in
alecm/, 1997. computer science (cum laude) from the Uni-
[16] A.D. Muffett, “Cracklib v2.7: A Proactive Password Sanity versity of Salerno in 1983. Since 1984, he has
Library,” http://www.crypticide.com/users/alecm/, 1997. been with the Dipartimento di Informatica ed
[17] J.B. Nagle, “An Obvious Password Detector,” Usenet News, 1988. Applicazioni of the University of Salerno, in
[18] J. Katz, R. Ostrovsky, and M. Yung, “Efficient Password- 1984-1986 as an instructor in charge of the
Authenticated Key Exchange Using Human-Memorable Pass- computer laboratory, in 1986-1990 as a faculty
words,” Proc. Eurocrypt ’01, pp. 475-495, 2001. researcher, and since November 1990 as a
[19] D.V. Klein, “Foiling the Cracker–A Survey of, and Improvements professor of computer science. From November
to, Password Security,” Proc. Second USENIX Workshop Security, 1991 to October 1995 and November 1998 to
pp. 5-14, 1990. October 2001, he was the chair of the Dipartimento di Informatica ed
[20] R. de Luis-Garcı́a, C. Alberola-López, O. Aghzout, and J. Ruiz- Applicazioni of University of Salerno. He was the chairman of the
Alzola, “Biometric Identification Systems,” Signal Processing, graduate program in computer science at the University of Salerno: ciclo
vol. 83, no. 12, pp. 2539-2557, 2003. XII (1996–2000), ciclo XIII (1997–2001), ciclo XIV (1998–2002), ciclo XV
[21] I.T. Nabney, NETLAB-Algorithms for Pattern Recognition. Springer- (1999–2002), and ciclo XVI (2000–2003). From September 1987 to
Verlag, 2002. February 1990, he was a visiting scientist at the IBM T.J. Watson
[22] C. Schnorr, “Efficient Identification and Signature for Smart- Research Center, Yorktown Heights, New York. He spent August 1994
Cards,” Proc. Eurocrypt ’89, pp. 239-252, 1989. at the International Computer Science Institute (ICSI), Berkeley,
[23] E. Spafford, “Opus: Preventing Weak Password Choices,” California, as a visiting scientist. He was the program chairman of
Computers and Security 3, 1992. Eurocrypt ’94, of the Fifth Italian Conference on Theoretical Computer
[24] R. Stalling, Network and Internetwork Security Principles and Practice. Science, 1995, and of the Security in Communication Networks
Prentice Hall, 1995. Conference, 1996. He was cochair of the Advanced School on
[25] T. Wu, “The Secure Remote Password Protocol,” Proc. ISOC Computational Learning and Cryptography, Vietri sul Mare, Italy, 1993.
Network and Distributed System Security Symp., pp. 97-111, 1998. He served on the scientific program committee of several international
[26] J. Yan, “A Note on Proactive Password Checking,” Proc. ACM New conferences. He was the editor of the Proceedings of the Fifth Italian
Security Paradigms Workshop, Sept. 2001. Conference on Theoretical Computer Science, World Scientific, 1996.
He was the editor of the volume Advances in Cryptology—Eurocrypt ’94
and coeditor of the volume Sequences II: Methods in Communication,
Security and Computer Science (Springer-Verlag, 1993). His research
Angelo Ciaramella received the laurea degree interests include algorithms, data security, cryptography, communica-
(cum laude) and PhD degree in computer tion networks, information theory, and data compression.
science from the University of Salerno, Italy, in
1998 and 2002, respectively. He is currently a Clemente Galdi received the laurea degree
postdoctoral researcher with the Department of (cum laude) and the PhD degree in computer
Mathematics and Computer Science at the science from the University of Salerno (Italy) in
University of Salerno. He works on nonlinear 1997 and 2002, respectively. From May to
PCA for periodicities detection and independent September 2001, he visited Telcordia Tecnolo-
component analysis in blind source separation gies, New Jersey. From November 2001 to
for linear, convolutive, and single channel October 2004 he was a postdoctoral fellow with
mixtures. He also works on fuzzy and neurofuzzy systems. He is the the Department of Computer Engineering and
author of several publications in the area of soft computing and signal Informatics of the University of Patras and the
processing. Computer Technology Institute, Patras, Greece.
Since April 2006, he has been assistant professor at the University of
Paolo D’Arco received the PhD degree in Napoli “Federico II.” His research interests include cryptography, data
computer science from the University of Salerno security and algorithms.
in February 2002. From November 2001 to
September 2002, he was a postdoctoral fellow Roberto Tagliaferri received the laurea degree
at the Centre for Applied Cryptographic Re- in computer science from the University of
search, Department of Combinatorics and Opti- Salerno, Italy, in 1984. From 1986 to 1999, he
mization, University of Waterloo (Canada). was a researcher with the Department of
Since December 2003, he has been an assistant Computer Science at the University of Salerno.
professor at the University of Salerno. His Since 2000, he has been an associate professor
research interests include cryptography and with the Department of Mathematics and Infor-
data security. matics of the University of Salerno. His research
covers the area of neural nets: neural dynamics,
fuzzy neural nets, clustering and data visualiza-
tion techniques and their applications to signal and image processing
with astronomical and geological data, bioinformatics, and medical
computer-aided diagnosis. He has been cochairman of special sessions
at AMSE ISIS ’97, at IJCNN ’99, IJCNN ’01, IJCNN ’03, WILF ’03,
IJCNN ’04, IJCNN ’05, WILF ’05, and IJCNN ’06, and coeditor of a
special issue of Neural Networks. He presented tutorials on “Learning
with Multiple Machines: ECOC models versus Bayesian Framework” at
IJCNN ’03 and on “Visualization of High Dimensional Scientific Data” at
IJCNN ’05. He is the author of more than 100 publications in the area of
neural networks. Since 1995, he has been coeditor of the Proceedings
of the Italian Workshops on Neural Nets (WIRN). He was Secretary of
SIREN (Societá Italiana Reti Neuroniche) from 1994 to 2005. Currently,
he is a cochair of the Bioinformatics SIG of the INNS, a member of the
Director Council of the IIASS (International Institute for Advanced
Scientific Studies) E.R. Caianiello, a senior member of the IEEE, and a
member of INFN, INFM, and AIIA.