Federico Maggi

I am a Senior Threat Researcher with Trend Micro’s Forward-Looking Threat Research (FTR) team, an elite team of researchers whose mission is to fighting against cyber criminals and scouting the future of emerging technologies, striving to predict and prevent emerging security risks and threats.

My research interests, mainly developed during my MSc and PhD, revolve around various topics under the “cyber security” and “cyber crime” umbrella terms, including threat analysis, malware analysis, mobile security, financial fraud analysis and detection, web- and social-network security and data analysis.

Before joining Trend Micro, I was an Assistant Professor at Dipartimento di Elettronica, Informazione e Bioingegneria (DEIB), Politecnico di Milano in Italy, where I co-directed the system-security group at the NECST Laboratory.

In my career, I collaborate(d) with several research groups (e.g., UCSB, FORTH, NEU, Stony Brook, KU Leven, and RHUL), and I have given several lectures and talks as an invited speaker at international venues and research schools. I also serve in the review or organizing committees of well-known conferences.

More details can be found in my CV or at my LinkedIn profile page.

Selected Publications

On-Chip System Call Tracing: A Feasibility Study and Open PrototypeChenghyu Zheng, Mila Dalla Preda, Jorge Granjal, Stefano Zanero, and Federico Maggi. In IEEE Conference on Communications and Network Security (CNS). Philadelphia, US. (October 2016) [PDF]

Trellis: Privilege Separation for Multi-User Applications Made EasyAndrea Mambretti, Kaan Onarlioglu, Collin Mulliner, William Robertson, Engin Kirda, Federico Maggi, and Stefano Zanero. In International Symposium on Research in Attacks, Intrusions and Defenses (RAID). Paris, France. (September 2016) [PDF]

DroydSeuss: A Mobile Banking Trojan Tracker - Short PaperAlberto Coletta, Victor Van der Veen, and Federico Maggi. In Financial Cryptography and Data Security. Lecture notes in computer science (lncs). Springer Berlin Heidelberg. (February 2016) [PDF]

Grab ’N Run: Secure and Practical Dynamic Code Loading for Android ApplicationsLuca Falsina, Yanick Fratantonio, Stefano Zanero, Christopher Kruegel, Giovanni Vigna, and Federico Maggi. In Proceedings of the 31st Annual Computer Security Applications Conference. ACSAC ’15. Los Angeles, USA: ACM. DOI: http://dx.doi.org/10.1145/2818000.2818042 (December 2015) [PDF]

HelDroid: Dissecting and Detecting Mobile RansomwareNiccolò Andronio, Stefano Zanero, and Federico Maggi. In International Symposium on Research in Attacks, Intrusions and Defenses (RAID). Lecture notes in computer science. Kyoto, Japan, 382–404. DOI: http://dx.doi.org/10.1007/978-3-319-26362-5_18 (October 2015) [PDF]

Got to the full list of publications »

Selected Talks

Talking Behind Your Back: Attacks and Countermeasures of Ultrasonic Cross-Device TrackingMavroudis, Vasilios and Hao, Shuang and Fratantonio, Yanick and Maggi, Federico and Vigna, Giovanni and Kruegel, Christopher. Blackhat Europe (Peer-reviewed Talk), London, UK. (November 3, 2016) - Link: https://www.blackhat.com/eu-16/briefings.html [PDF]

Pocket-sized Badness: Why Ransomware Comes as a Plot Twist in the Cat-Mouse GameFederico Maggi and Stefano Zanero. Blackhat Europe (Peer-reviewed Talk), London, UK. (November 3, 2016) - Link: https://www.blackhat.com/eu-16/briefings.html [PDF]

A Walk Through the Construction of the First Mobile Malware TrackerFederico Maggi. Android Security Symposium (Invited Talk), Vienna, Austria. (September 11, 2015) - Link: https://usmile.at/symposium/program [PDF]

Static Analysis of Android ApplicationsFederico Maggi. 2nd SysSec Summer School (Invited Lecture), Amsterdam, The Netherlands. (September 25, 2014) - Link: http://www.syssec-project.eu/events/summer-school-2014/program/ [PDF]

Phoenix & Cerberus: Botnet Tracking via Precise DGA CharacterizationFederico Maggi. Google Tech Talk (Invited Talk), Google, Mountain View, CA, USA. (May 2014) [PDF]

The Long Story of Short URLsFederico Maggi. ISG Research Seminars (Invited Talk), Royal Holloway University of London. (May 1, 2012) [PDF]

iSnoop: How to Steal Secrets from Touchscreen DevicesFederico Maggi, Alberto Volpatto, and Stefano Zanero. Black Hat Abu Dhabi (Peer-reviewed Talk), Abu Dhabi. (December 2011) - Link: https://www.blackhat.com/html/bh-ad-11/bh-ad-11-archives.html [PDF]

Got to the full list of talks »