Federico Maggi

Federico Maggi

Research Expert

AI4Sec, Huawei

I enjoy working on various cyber-security topics. I’ve done offensive and defensive research on web applications, network protocols and devices, embedded systems, radio-frequency control systems, industrial robots, cars, and mobile devices.

I work with Huawei’s AI4Sec Research Team, which is focused on detection of sophisticated threats via graphs analysis, clustering of user’s behaviors for detecting anomalies, ML-based malware analysis and detection, and automatic cyber-threat intelligence extraction.

After more than 10 years, I concluded that I’m still around in the infosec area because it gives me so many opportunities to solve new exciting problems every day.

Interests

  • Systems Security
  • Applied Security
  • Data Analysis
  • Psychology

Education

  • PhD in Computer Engineering, 2010

    Politecnico di Milano

  • MSc in Computer Engineering, 2007

    Politecnico di Milano

Recent Posts

Scalable, Hand-curated Newsletters: A Data-centric, Automatic Workflow

I guess it’s not unique to the cyber-security world, but research and media move pretty fast here, so it’s easy to end up with hundreds of seemingly interestingly articles or blog posts to read every day. Of course, that’s not humanly possible. Let me tell you how I deal with this.

Masked Emotions

Despite this little beast known as COVID-19 pandemic is about to turn 1 year old, many people still feel strange when wearing masks. While wearing a face mask we can’t speak properly and we can’t see others’ mouth, so our experience of a conversation can change, especially if speaking is central in our lives (think of any public figure).

Reading Aloud

Reading long texts has always been a daunting task to me. A rocky mountain I seldom find myself brave enough to start climbing (unless forced to). I’ve never had good reading habits, except for a few, very intriguing novels with a powerful storyline, which I could actually read quite fast.

Smart Manufacturing Security

How do we secure a smart manufacturing system, or a smart factory? Recent incidents such as the ransomware infection that halted production at a major semiconductor foundry in 2018 have already shown the impact of IT-to-OT lateral movement. Moreover, while smart manufacturing systems are isolated from other networks, there is a trend toward less isolation between IT and OT systems.

Smart working, figli, tecnologia e didattica: il racconto e i consigli di un papà che lavora da casa da 4 anni e più

Ci voleva il termine “smart working,” perché “lavoro da casa” in Italia, per molti, proprio non va giù. Sarà cultura, sarà mentalità, sarà la scarsa alfabetizzazione digitale, sta di fatto che è ancora guardato con sospetto da molti datori di lavoro, e con ammirazione e un pizzico di divertimento—quasi ironico (“ah ah ah, guardami lavoro dal divano!

Recent & Upcoming Talks

The Data Distribution Service (DDS) Protocol is Critical: Let's Use it Securely!

We discovered and disclosed vulnerabilities in most of the OMG Data Distribution Service (DDS) implementations. DDS enables crucial …

Small Wonder: Uncovering Planned Obsolescence Practices in Robotics and What This Means for Cybersecurity

Security in robotics is nothing really new if one considers modern OT and IT approaches, and most security practices translate directly …

Hidden Attack Surfaces of Modern Industrial Automation Systems

Last year we performed a security analysis on a testbed smart manufacturing system using a variety of “unconventional” …

Guarding the Factory Floor: Catching Insecure Industrial Robot Programs

What if a perfectly patched industrial manufacturing machine can still harbor for vulnerabilities where no one is looking? What if the …

OTRazor: Static Code Analysis for Vulnerability Discovery in Industrial Automation Scripts

In this talk, we delve into industrial robot programming, focusing on the security issues arising from the design and implementation …

Recent Publications

RFQuack: A Universal Hardware-Software Toolkit for Wireless Protocol (Security) Analysis and Research

Software-defined radios (SDRs) are indispensable for signal reconnaissance and physical-layer dissection, but despite we have advanced …

Smart Factory Security: A Case Study on a Modular SmartManufacturing System

Smart manufacturing systems are an attractive target for cyber attacks, because they embed valuable data andcritical equipment. Despite …

Detecting Unsafe Code Patterns in Industrial Robot Programs

To appear

Rogue Automation: Vulnerable and Malicious Code in Industrial Programming

In this research paper, we reveal previously unknown design flaws that malicious actors could exploit to hide malicious functionalities …

Attacks on Smart Manufactururing Systems: A Forward-looking Security Analysis

This research presents a systematic security analysis that we performed to explore a variety of attack vectors on a real smart …

Experience

Also check the CV section and my LinkedIn profile.

 
 
 
 
 

Research Expert

Huawei AI4Sec

Mar 2022 – Present Milano, Italy
Malware analysis research.
 
 
 
 
 

Senior Researcher

Trend Micro, Inc.

Jul 2016 – Feb 2022 Anywhere on Earth
R&D in the cyber-security area.
 
 
 
 
 

Adjunct (a.k.a. Contract) Professor

Politecnico di Milano

Jun 2016 – Jun 2017 Milano, Italy
Teaching (Computer Security).
 
 
 
 
 

Visiting Professor

UC Santa Barbara

Oct 2015 – Feb 2016 California, United States
Scientific research in the cyber-security area.
 
 
 
 
 

Assistant Professor

Politecnico di Milano

Jan 2014 – Jun 2016 Milano, Italy
Scientific research in the cyber-security area, teaching (Computer Security), research management.
 
 
 
 
 

Post-doctoral Researcher

Politecnico di Milano

Jan 2010 – Dec 2014 Milano, Italy
Scientific research in the cyber-security area, teaching (Computer Security, Computer Forensics, Programming).
 
 
 
 
 

Visiting Research Scholar

UC Santa Barbara

Sep 2008 – Jun 2009 California, United States
Scientific research in the cyber-security area.
 
 
 
 
 

Junior Penetration-testing Consultant

SecureNetwork s.r.l.

Jan 2005 – Dec 2016 Northern Italy
R&D, teaching (Information Security, Malware Analysis), web penetration testing, and vulnerability assessment.
 
 
 
 
 

IT Consultant

B.M.S. s.r.l.

Jan 2002 – Dec 2006 Northern Italy
IT and network engineering, deployment, and administration.
 
 
 
 
 

IT Consultant

Freelance

Jan 2000 – Jun 2016 Northern Italy

Contacts

The best way to contact me is via e-mail. Guess what the address might be? I usually answer within 1 day. If that doesn’t happen, feel free to ping me via instant messaging, Slack or IRC (mainly on Freenode), where I go by “phretor”.

If you need to communicate with my privately, use my Keybase GPG public key (fingerprint: C42B 0CC7 6191 5B69 2C68 E88F 9693 4CDE C0BB EBCF 1F80 C968 F718 D6A1 BC7B 30EA BA2E DAFB 4F24 86BC). If you prefer modern alternatives, yes, I use Signal (and you should, too), and Twitter.

Postal Office Address

Huawei Technologies Italia s.r.l. c/o Federico Maggi
Palazzo Verrocchio, Centro Direzionale Milano 2
Via Andrea Verrocchio 2
20129 Milano, Italy