Publications

(2020). Detecting Unsafe Code Patterns in Industrial Robot Programs. Proceedings of the 2020 on Asia Conference on Computer and Communications Security.

(2020). Attacks on Smart Manufactururing Systems: A Forward-looking Security Analysis. Trend Micro Research.

PDF

(2020). Caught in the Act: Running a Realistic Factory Honeypot to Capture Real Threats. Trend Micro Research.

PDF

(2019). A Security Evaluation of Industrial Radio Remote Controllers. Proceedings of the 16th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA).

PDF

(2019). Security of controlled manufacturing systems in the connected factory: the case of industrial robots. Journal of Computer Virology and Hacking Techniques.

PDF

(2019). A Security Analysis of Radio Remote Controllers for Industrial Applications. Trend Micro Research.

PDF

(2018). The Fragility of Industrial IoT's Data Backbone: Security and Privacy Issues in MQTT and CoAP Protocols. Trend Micro Research.

PDF

(2018). Investigating Web Defacement Campaigns at Large. Proceedings of the 2018 on Asia Conference on Computer and Communications Security.

PDF

(2018). A Deep Dive into Defacement: How Geopolitical Events Trigger Web Attacks. TrendLabs.

PDF

(2017). Hiding Behind the Shoulders of Giants: Abusing Crawlers for Indirect Web Attacks. Proceedings of the 15th Annual International Conference on Privacy, Security and Trust (PST).

PDF

(2017). Static Exploration of Taint-Style Vulnerabilities Found by Fuzzing. 11th USENIX Workshop on Offensive Technologies USENIX Workshop on Offensive Technologies (WOOT 17).

PDF

(2017). Leveraging Flawed Tutorials for Seeding Large-Scale Web Vulnerability Discovery. Proceedings of the 11th USENIX Workshop on Offensive Technologies (WOOT 17).

PDF

(2017). A Vulnerability in Modern Automotive Standards and How We Exploited It. TrendLabs Security Intelligence Blog.

PDF

(2017). A Stealth, Selective, Link-Layer Denial-of-Service Attack Against Automotive Networks. Proceedings of the 14th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA).

PDF

(2017). Prometheus: Analyzing WebInject-based information stealers. Journal of Computer Security.

(2017). Rogue Robots: Testing the Limits of an Industrial Robot’s Security. TrendLabs.

PDF

(2017). An Experimental Security Analysis of an Industrial Robot Controller. Proceedings of the 38th IEEE Symposium on Security and Privacy.

PDF

(2017). On the Privacy and Security of the Ultrasound Ecosystem. Proceedings of the 17th Privacy Enhancing Technologies Symposium.

PDF

(2016). ShieldFS: A Self-healing, Ransomware-aware Filesystem. Proceedings of the 32nd Annual Computer Security Applications Conference.

PDF

(2016). GreatEatlon: Fast, Static Detection of Mobile Ransomware.

PDF

(2016). On-Chip System Call Tracing: A Feasibility Study and Open Prototype. IEEE Conference on Communications and Network Security (CNS).

PDF

(2016). Testing android malware detectors against code obfuscation: a systematization of knowledge and unified methodology. Journal of Computer Virology and Hacking Techniques.

PDF

(2016). Trellis: Privilege Separation for Multi-User Applications Made Easy. International Symposium on Research in Attacks, Intrusions and Defenses (RAID).

PDF

(2016). DroydSeuss: A Mobile Banking Trojan Tracker - Short Paper. Financial Cryptography and Data Security.

PDF

(2015). Grab 'n Run: Secure and Practical Dynamic Code Loading for Android Applications. Proceedings of the 31st Annual Computer Security Applications Conference.

PDF

(2015). Scalable Testing of Mobile Antivirus Applications. Computer.

PDF

(2015). HelDroid: Dissecting and Detecting Mobile Ransomware. International Symposium on Research in Attacks, Intrusions and Defenses (RAID).

PDF

(2015). Face/Off: Preventing Privacy Leakage From Photos in Social Networks. Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security.

PDF

(2015). Jackdaw: Towards Automatic Reverse Engineering of Large Datasets of Binaries. Detection of Intrusions and Malware, and Vulnerability Assessment.

PDF

(2015). BankSealer: A decision support system for online banking fraud analysis and investigation. Computers & Security.

PDF

(2015). European Cyber-Security Research and Innovation.

PDF

(2014). Faces in the Distorting Mirror: Revisiting Photo-based Social Authentication. Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security.

PDF

(2014). XSS Peeker: A Systematic Analysis of Cross-site Scripting Vulnerability Scanners.

PDF

(2014). Security and Privacy Measurements on Social Networks: Experiences and Lessons Learned. 2014 Third International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS).

PDF

(2014). A Practical Attack Against a KNX-based Building Automation System. Proceedings of the 2Nd International Symposium on ICS & SCADA Cyber Security Research 2014.

PDF

(2014). Zarathustra: Extracting WebInject Signatures from Banking Trojans. Proceedings of the Twelfth Annual International Conference on Privacy, Security and Trust (PST).

PDF

(2014). Phoenix: DGA-Based Botnet Tracking and Intelligence. Proceedings of the International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA).

PDF

(2014). AndRadar: Fast Discovery of Android Applications in Alternative Markets. Detection of Intrusions and Malware, and Vulnerability Assessment.

PDF

(2014). BankSealer: An Online Banking Fraud Analysis and Decision Support System. ICT Systems Security and Privacy Protection.

PDF

(2014). Stranger Danger: Exploring the Ecosystem of Ad-based URL Shortening Services. Proceedings of the 23rd International Conference on World Wide Web.

PDF

(2014). BitIodine: Extracting Intelligence from the Bitcoin Network. Financial Cryptography and Data Security.

PDF

(2014). PuppetDroid: A User-Centric UI Exerciser for Automatic Dynamic Analysis of Similar Android Applications.

PDF

(2013). A Comprehensive Black-box Methodology for Testing the Forensic Characteristics of Solid-state Drives. Proceedings of the 29th Annual Computer Security Applications Conference.

PDF

(2013). Tracking and Characterizing Botnets Using Automatically Generated Domains.

PDF

(2013). AndroTotal: A Flexible, Scalable Toolbox and Service for Testing Mobile Malware Detectors. Proceedings of the Third ACM Workshop on Security and Privacy in Smartphones & Mobile Devices.

PDF

(2013). Adaptive and Flexible Smartphone Power Modeling. Mobile Networks and Applications.

PDF

(2013). A Security Layer for Smartphone-to-Vehicle Communication over Bluetooth. Embedded Systems Letters.

PDF

(2013). Two years of short URLs internet measurement: security threats and countermeasures. Proceedings of the 22nd international conference on World Wide Web (WWW).

PDF

(2012). Lines of Malicious Code: Insights Into the Malicious Software Industry. Proceedings of the Annual Computer Security Applications Conference (ACSAC).

PDF

(2012). All Your Face Are Belong to Us: Breaking Facebook's Social Authentication. Proceedings of the Annual Computer Security Applications Conference (ACSAC).

PDF

(2012). Secure Integration of Mobile Devices for Automotive Services.

PDF

(2012). Integrated Detection of Anomalous Behavior of Computer Infrastructures. Proceedings of the IEEE/IFIP Network Operations and Management Symposium (NOMS).

PDF

(2011). Finding Non-trivial Malware Naming Inconsistencies. Proceedings of the 7th International Conference on Information Systems Security (ICISS).

PDF

(2011). A Fast Eavesdropping Attack Against Touchscreens. Proceedings of the 7th International Conference on Information Assurance and Security (IAS).

PDF

(2011). POSTER: Fast, Automatic iPhone Shoulder Surfing. Proceedings of the 18th Conference on Computer and Communication Security (CCS).

PDF

(2011). System Security research at Politecnico di Milano. Proceedings of the 1st SysSec Workshop (SysSec).

PDF

(2011). BURN: Baring Unknown Rogue Networks. Proceedings of the 8th International Symposium on Visualization for Cyber Security (VizSec).

PDF

(2011). Is the future Web more insecure? Distractions and solutions of new-old security issues and measures. Proceedings of the Worldwide Cybersecurity Summit.

PDF

(2011). A social-engineering-centric data collection initiative to study phishing. Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS).

PDF

(2010). Effective Multimodel Anomaly Detection Using Cooperative Negotiation. Proceedings of the Decision and Game Theory for Security (GameSec).

PDF

(2010). Rethinking security in a cloudy world.

PDF

(2010). Don't touch a word! A practical input eavesdropping attack against mobile touchscreen devices.

PDF

(2010). Are the Con Artists Back? A Preliminary Analysis of Modern Phone Frauds. Proceedings of the International Conference on Computer and Information Technology (CIT).

PDF

(2010). A Recognizer of Rational Trace Languages. Proceedings of the International Conference on Computer and Information Technology (CIT).

PDF

(2010). Effective Anomaly Detection with Scarce Training Data. Proceedings of the Network and Distributed System Security Symposium (NDSS).

PDF

(2009). Integrated Detection of Attacks Against Browsers, Web Applications and Databases. Proceedings of the European Conference on Network Defense (EC2ND).

PDF

(2009). Reducing false positives in anomaly detectors through fuzzy alert aggregation. Information Fusion.

PDF

(2009). Protecting a Moving Target: Addressing Web Application Concept Drift. Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID).

PDF

(2009). Selecting and Improving System Call Models for Anomaly Detection. Proceedings of the International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA).

PDF

(2008). Detecting Intrusions through System Call Sequence and Argument Analysis. IEEE Transactions on Dependable and Secure Computing (TODS).

PDF

(2008). Seeing the invisible: forensic uses of anomaly detection and machine learning. Operating Systems Review of the ACM Special Interest Group on Operating Systems (SIGOPS).

PDF

(2007). On the Use of Different Statistical Tests for Alert Correlation - Short Paper. Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID).

PDF