About

Sara Rampazzi is an Assistant Professor in the Department of Computer and Information Science and Engineering at the University of Florida. Her research focuses on cyber-physical system security, embedded systems design, modeling, and simulation, with applications spanning Healthcare, Automotive, and the Internet of Things. She investigates security risks to design reliable devices, emphasizing the importance of securing embedded and cyber-physical systems against emerging threats. Rampazzi actively leads a cybersecurity lab at the University of Florida in Gainesville and encourages talented students to join her research efforts. She also welcomes interest from students outside the University of Florida to apply to her program. Additionally, Rampazzi is a proud member of N95Decon.org, a volunteer collective of scientists, engineers, and clinicians across the United States dedicated to disseminating scientific information about N95 mask decontamination during the COVID-19 pandemic. She is committed to mentorship, particularly supporting First Generation Engineering students by offering advice and guidance.

Research topics

• Computer Security
• Computer Science
• Artificial Intelligence
• Remote sensing
• Real-time computing
• Internet privacy
• Computer vision
• Geography
• Telecommunications
• World Wide Web
• Operating system
• Computer hardware

Selected publications

• Reproduction Package for RepliGuard: Policy-Driven Replica Management Framework for Protecting against Acoustic Attacks

  Zenodo (CERN European Organization for Nuclear Research) · 2026-04-02

  otherOpen accessSenior author

  Three different artifacts are zipped into a single file due to file limit. Please unzip the artifacts_package.zip and refer to README.md (juypter notebook for data and graph plots) for review. CRDB run scriptsThis artifact provides the shell scripts used to conduct I/O degradation experiments on a 4-node CockroachDB cluster. It includes scripts for injecting configurable I/O latency via Linux dm-delay on a victim node, running CockroachDB kv workloads, collecting Prometheus metrics, and applying a partial replica migration mitigation strategy using CockroachDB zone configurations and range splits. Intended to reproduce the experimental results reported in the paper. data and graph plotsThis artifact contains the raw experimental data (TSV files) collected from Prometheus during attack and mitigation runs, along with a Jupyter notebook (plotting.ipynb) and helper scripts used to generate all figures in the paper. Data covers single-node and multi-node CockroachDB configurations under varying levels of I/O degradation (0–40 ms injected delay). LSTM artifactThis artifact provides Python scripts and eBPF-collected I/O latency traces for training and evaluating machine-learning classifiers (LSTM and SVM) that detect I/O degradation attacks at the block device level. Input features are sub-latency components (start-to-queue, queue-to-issue, issue-to-complete) extracted from bpfLogs. The artifact includes labeled benign and attack trace data and produces trained model files along with confusion matrix metrics

  PublisherDOI

• The Heat is On: Understanding and Mitigating Vulnerabilities of Thermal Image Perception in Autonomous Systems

  2026-01-01

  articleOpen accessSenior author
  PublisherDOI

• Reproduction Package for RepliGuard: Policy-Driven Replica Management Framework for Protecting against Acoustic Attacks

  Zenodo (CERN European Organization for Nuclear Research) · 2026-04-02

  otherOpen accessSenior author

  Three different artifacts are zipped into a single file due to file limit. Please unzip the artifacts_package.zip and refer to README.md (juypter notebook for data and graph plots) for review. CRDB run scriptsThis artifact provides the shell scripts used to conduct I/O degradation experiments on a 4-node CockroachDB cluster. It includes scripts for injecting configurable I/O latency via Linux dm-delay on a victim node, running CockroachDB kv workloads, collecting Prometheus metrics, and applying a partial replica migration mitigation strategy using CockroachDB zone configurations and range splits. Intended to reproduce the experimental results reported in the paper. data and graph plotsThis artifact contains the raw experimental data (TSV files) collected from Prometheus during attack and mitigation runs, along with a Jupyter notebook (plotting.ipynb) and helper scripts used to generate all figures in the paper. Data covers single-node and multi-node CockroachDB configurations under varying levels of I/O degradation (0–40 ms injected delay). LSTM artifactThis artifact provides Python scripts and eBPF-collected I/O latency traces for training and evaluating machine-learning classifiers (LSTM and SVM) that detect I/O degradation attacks at the block device level. Input features are sub-latency components (start-to-queue, queue-to-issue, issue-to-complete) extracted from bpfLogs. The artifact includes labeled benign and attack trace data and produces trained model files along with confusion matrix metrics

  PublisherDOI

• Breaking Infrared Recapture Detection: Optical-Synthesis Attacks and Depth-Aware In-Sensor Countermeasures

  Zenodo (CERN European Organization for Nuclear Research) · 2026-05-07

  datasetOpen access
  PublisherDOI

• Breaking Infrared Recapture Detection: Optical-Synthesis Attacks and Depth-Aware In-Sensor Countermeasures

  Zenodo (CERN European Organization for Nuclear Research) · 2026-04-23

  datasetOpen access
  PublisherDOI

• Breaking Infrared Recapture Detection: Optical-Synthesis Attacks and Depth-Aware In-Sensor Countermeasures

  Zenodo (CERN European Organization for Nuclear Research) · 2026-05-07

  datasetOpen access
  PublisherDOI

• Active Localization of Close-range Adversarial Acoustic Sources for Underwater Data Center Surveillance

  ArXiv.org · 2025-10-23

  preprintOpen access

  Underwater data infrastructures offer natural cooling and enhanced physical security compared to terrestrial facilities, but are susceptible to acoustic injection attacks that can disrupt data integrity and availability. This work presents a comprehensive surveillance framework for localizing and tracking close-range adversarial acoustic sources targeting offshore infrastructures, particularly underwater data centers (UDCs). We propose a heterogeneous receiver configuration comprising a fixed hydrophone mounted on the facility and a mobile hydrophone deployed on a dedicated surveillance robot. While using enough arrays of static hydrophones covering large infrastructures is not feasible in practice, off-the-shelf approaches based on time difference of arrival (TDOA) and frequency difference of arrival (FDOA) filtering fail to generalize for this dynamic configuration. To address this, we formulate a Locus-Conditioned Maximum A-Posteriori (LC-MAP) scheme to generate acoustically informed and geometrically consistent priors, ensuring a physically plausible initial state for a joint TDOA-FDOA filtering. We integrate this into an unscented Kalman filtering (UKF) pipeline, which provides reliable convergence under nonlinearity and measurement noise. Extensive Monte Carlo analyses, Gazebo-based physics simulations, and field trials demonstrate that the proposed framework can reliably estimate the 3D position and velocity of an adversarial acoustic attack source in real time. It achieves sub-meter localization accuracy and over 90% success rates, with convergence times nearly halved compared to baseline methods. Overall, this study establishes a geometry-aware, real-time approach for acoustic threat localization, advancing autonomous surveillance capabilities of underwater infrastructures.

  PublisherOA PDFDOI

• SrFTL: Leveraging Storage Semantics for Effective Ransomware Defense in Flash-based SSDs

  ACM Transactions on Storage · 2025-09-17

  article

  Ransomware attacks have become increasingly frequent and high-profile, resulting in billions of dollars in data and operational losses annually. Current mechanisms typically deploy defenses in vulnerable operating systems, making them susceptible to advanced adversaries capable of compromising the OS. While implementing defense mechanisms within storage devices can address this vulnerability, they lack detection accuracy due to their inability to access data semantics, such as file system metadata. Moreover, these methods only expose block-level interfaces without file-level information, limiting the usability and practicality of data recovery management. Therefore, we develop SrFTL , a novel ransomware defense framework that allows leveraging data semantics for accurate ransomware detection and effective file-level data recovery against data compromise. Specifically, SrFTL employs defense enforcement within the flash translation layer (FTL) of SSDs. Then, SrFTL combines the secure enclave with the modified FTL through a secure channel to enable flexible ransomware defenses within the enclave. Finally, SrFTL deploys ransomware classification and data recovery defenses in the enclave, providing high detection accuracy and low-cost data recovery. Our evaluation demonstrates that SrFTL achieves zero false positives and negatives when detecting our collected real-world ransomware samples and benign applications, outperforming current FTL-level solutions (e.g., MimosaFTL). Moreover, SrFTL introduces on average a trivial performance overhead of 1.5% compared with a regular SSD. Finally, evaluating against multiple real-world ransomware samples, SrFTL enables fast data recovery with an average time of 9.3 seconds. SrFTL thus bridges the semantic gap between the FTL and OS-level file information to stop ransomware while maintaining the integrity and authenticity of employed defenses.

  PublisherDOI

• EM-Flow: Advanced Electromagnetic Control Flow Verification for Embedded Systems

  2025-12-08

  article

  Embedded devices play a major role in supporting critical infrastructure, but lack many of the security pro-tections of sophisticated systems. Determining whether these devices are compromised is, therefore, a challenge. In this work, we describe a novel control flow verification methodology via electromagnetic (EM) emanations. We design a framework that incorporates signal processing and training to detect subtle control flow deviations as small as three clock cycles, the minimum required to execute a return with malicious activity on modern embedded hardware. Our methodology leverages basic block detection, enabling the discovery of these subtle control flow deviations that escape conventional detection approaches. We evaluate our framework's ability to detect insertion and modification control flow attacks on six different case studies of real-world critical operations and two processors featuring different architectures. Our results show 96.6% detection accuracy across all tested programs and attacks. Finally, we show the transferability of our methodology to different instances of our evaluated processors, reaching up to 98.7% convergence with our baseline models while requiring a third of the collected EM samples compared to standard retraining. In doing so, we reveal the feasibility of fine-grained EM-based control flow monitoring for low-power microcontrollers.

  PublisherDOI

• Poster: Recapture Detection Using Disparity Map Obtained from Dual-Pixel Image Sensors

  2025-11-19

  article

  Recapturing computer monitors with a camera is a common threat to cryptographic techniques designed to verify the origin of images and prevent AI-generated deepfakes. Although depth information can help distinguish a real-world scene from a flat computer monitor, incorporating additional depth sensors is often cost-prohibitive. To address this challenge, we explore the use of dual-pixel (DP) image sensors commonly found in still and smartphone cameras for fast autofocus, as a means to extract depth information for distinguishing real scenes from recaptured ones, without requiring additional hardware. Our signal processing pipeline is composed of (i) a stereo matching algorithm to obtain a disparity map using a pair of images generated from a DP image sensor and (ii) plane fitting to evaluate the flatness of the scene. Our proof-of-concept evaluation on a real-world DP image dataset demonstrates that the proposed method detects recaptured images at 100% accuracy. Similarly, it successfully distinguishes real-world scenes from recaptured deepfake images with >98% accuracy.

  PublisherDOI

Frequent coauthors

• Kevin Fu

  Universidad del Noreste

  20 shared

• Takeshi Sugawara

  University of Electro-Communications

  12 shared

• Kevin Butler

  7 shared

• Xiali Hei

  University of Louisiana at Lafayette

  7 shared

• Yazhou Tu

  University of Louisiana at Lafayette

  7 shared

• Sri Hrushikesh Varma Bhupathiraju

  University of Florida

  6 shared

• Michael Clifford

  5 shared

• Yulong Cao

  5 shared

Labs

• CPSecLabPI

Awards & honors

• Medtronic Outstanding Research Contributor Recognition