I am a Senior Threat Researcher with Trend Micro’s Forward-Looking Threat Research (FTR) team, an elite team of researchers whose mission is to fighting against cyber criminals and scouting the future of emerging technologies, striving to predict and prevent emerging security risks and threats.
My research interests, mainly rooted in MSc and PhD, revolve around various topics under the “cyber security” and “cyber crime” umbrella terms, including threat analysis, malware analysis, mobile security, financial fraud analysis and detection, web- and social-network security and data analysis.
Before joining Trend Micro, I was an Assistant Professor at Dipartimento di Elettronica, Informazione e Bioingegneria (DEIB), Politecnico di Milano in Italy, where I co-directed the system-security group at the NECST Laboratory.
In my career, I collaborate(d) with several research groups (e.g., UCSB, FORTH, NEU, Stony Brook, KU Leven, and RHUL), and I have given several lectures and talks as an invited speaker at international venues and research schools. I also serve in the review or organizing committees of well-known conferences.
More details can be found in my CV or at my LinkedIn profile page.
An Experimental Security Analysis of an Industrial Robot ControllerDavide Quarta, Marcello Pogliani, Mario Polino, Federico Maggi, Andrea Maria Zanchettin, and Stefano Zanero. In Proceedings of the 38th IEEE symposium on security and privacy. S&P ’17. San Jose, CA: ACM. DOI: http://dx.doi.org/10.1109/SP.2017.20 (May 2017) [PDF]
ShieldFS: A Self-Healing, Ransomware-Aware FilesystemAndrea Continella, Alessandro Guagnelli, Giovanni Zingaro, Giulio De Pasquale, Alessandro Barenghi, Stefano Zanero, and Federico Maggi. In Proceedings of the 32nd Annual Computer Security Applications Conference. ACSAC ’16. Los Angeles, USA: ACM. (December 2016) [PDF]
Trellis: Privilege Separation for Multi-User Applications Made EasyAndrea Mambretti, Kaan Onarlioglu, Collin Mulliner, William Robertson, Engin Kirda, Federico Maggi, and Stefano Zanero. In International Symposium on Research in Attacks, Intrusions and Defenses (RAID). Paris, France. (September 2016) [PDF]
Got to the full list of publications »
Breaking the Laws of Robotics: Attacking Industrial Robots
Quarta, Davide and Pogliani, Marcello and Polino, Mario and Maggi, Federico and Zanero Stefano. Black Hat Briefings USA (Peer-reviewed Talk), Las Vegas, US. (July 27, 2017) - Link: https://www.blackhat.com/us-17/briefings.html#breaking-the-laws-of-robotics-attacking-industrial-robots [PDF]
ShieldFS: The Last Word in Ransomware-Resilient File Systems
Continella, Andrea and Guagnelli, Alessandro and Zingaro, Giovanni and De Pasquale, Giulio and Barenghi, Alessandro and Zanero, Stefano and Maggi, Federico. Black Hat Briefings USA (Peer-reviewed Talk), Las Vegas, US. (July 27, 2017) - Link: https://www.blackhat.com/us-17/briefings.html#shieldfs-the-last-word-in-ransomware-resilient-file-systems [PDF]
DefPloreX: A Machine Learning Toolkit for Large-Scale E-Crime Forensics
Balduzzi, Marco and Maggi, Federico and Ciancaglini, Vincenzo and Flores, Ryan and Gu, Lion. Black Hat Arsenal USA (Peer-reviewed Demo), Las Vegas, US. (July 27, 2017) - Link: https://www.blackhat.com/us-17/arsenal.html#defplorex-a-machine-learning-toolkit-for-large-scale-ecrime-forensics [PDF]
Talking Behind Your Back: Attacks and Countermeasures of Ultrasonic Cross-Device Tracking
Mavroudis, Vasilios and Hao, Shuang and Fratantonio, Yanick and Maggi, Federico and Vigna, Giovanni and Kruegel, Christopher. Black Hat Briefings Europe (Peer-reviewed Talk), London, UK. (November 3, 2016) - Link: https://www.blackhat.com/eu-16/briefings.html [PDF]
Pocket-sized Badness: Why Ransomware Comes as a Plot Twist in the Cat-Mouse Game
Federico Maggi and Stefano Zanero. Black Hat Briefings Europe (Peer-reviewed Talk), London, UK. (November 3, 2016) - Link: https://www.blackhat.com/eu-16/briefings.html [PDF]
Phoenix & Cerberus: Botnet Tracking via Precise DGA Characterization
Federico Maggi. Google Tech Talk (Invited Talk), Google, Mountain View, CA, USA. (May 2014) [PDF]
Got to the full list of talks »