Research Areas



Publications

Intriguing Properties of Adversarial ML Attacks in the Problem Space
Fabio Pierazzi*, Feargus Pendlebury*, Jacopo Cortellazzi, Lorenzo Cavallaro
IEEE S&P · 41st IEEE Symposium on Security and Privacy, 2020
@inproceedings{pierazzi2020problemspace,
author = {Fabio Pierazzi and Feargus Pendlebury and Jacopo Cortellazzi and Lorenzo Cavallaro},
booktitle = {2020 IEEE Symposium on Security and Privacy (SP)},
title = {Intriguing Properties of Adversarial ML Attacks in the Problem Space},
year = {2020},
volume = {},
issn = {2375-1207},
pages = {1308-1325},
doi = {10.1109/SP40000.2020.00073},
url = {https://doi.ieeecomputersociety.org/10.1109/SP40000.2020.00073},
publisher = {IEEE Computer Society},
}
TESSERACT: Eliminating Experimental Bias in Malware Classification across Space and Time
Feargus Pendlebury*, Fabio Pierazzi*, Roberto Jordaney, Johannes Kinder, and Lorenzo Cavallaro
USENIX Sec · 28th USENIX Security Symposium, 2019
@inproceedings{pendlebury2019tesseract,
author = {Feargus Pendlebury and Fabio Pierazzi and Roberto Jordaney and Johannes Kinder and Lorenzo Cavallaro},
title = {{TESSERACT: Eliminating Experimental Bias in Malware Classification across Space and Time}},
booktitle = {28th USENIX Security Symposium},
year = {2019},
address = {Santa Clara, CA},
publisher = {USENIX Association},
note = {USENIX Sec}
}
BabelView: Evaluating the Impact of Code Injection Attacks in Mobile Webviews
Claudio Rizzo, Lorenzo Cavallaro, and Johannes Kinder
RAID · 21st International Symposium on Research in Attacks, Intrusions and Defenses, 2018
@inproceedings{DBLP:conf/raid/RizzoCK18,
author = {Claudio Rizzo and Lorenzo Cavallaro and Johannes Kinder},
title = {BabelView: Evaluating the Impact of Code Injection Attacks in Mobile Webviews},
booktitle = {{RAID}},
series = {Lecture Notes in Computer Science},
volume = {11050},
pages = {25--46},
publisher = {Springer},
year = {2018}
}
POTUS: Probing Off-The-Shelf USB Drivers with Symbolic Fault Injection
James Patrick-Evans, Lorenzo Cavallaro, and Johannes Kinder
USENIX Sec-WOOT · 11th USENIX Workshop on Offensive Technologies, 2017 · Best Paper Award
@inproceedings{woot2017,
author = {James Patrick-Evans and Lorenzo Cavallaro and Johannes Kinder},
title = {{POTUS}: Probing Off-The-Shelf {USB} Drivers with Symbolic Fault Injection},
booktitle = {11th USENIX Workshop on Offensive Technologies (WOOT)},
note = {USENIX WOOT Best Paper Award},
year = 2017,
}
Transcend: Detecting Concept Drift in Malware Classification Models
Roberto Jordaney, Kumar Sharad, Santanu K. Dash, Zhi Wang, Davide Papini, Ilia Nouretdinov, and Lorenzo Cavallaro
USENIX Sec · 26th USENIX Security Symposium, 2017
@inproceedings {jordaney2017,
author = {Roberto Jordaney and Kumar Sharad and Santanu K. Dash and Zhi Wang and Davide Papini and Ilia Nouretdinov and Lorenzo Cavallaro},
title = {{Transcend: Detecting Concept Drift in Malware Classification Models}},
booktitle = {26th USENIX Security Symposium},
year = {2017},
address = {Vancouver, BC},
url = {https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/jordaney},
publisher = {USENIX Association},
note = {USENIX Sec}
}
Understanding Android App Piggybacking: A Systematic Study of Malicious Code Grafting
Li Li, Daoyuan Li, Tegawende F. Bissyande, Jacques Klein, Yves Le Traon, David Lo, and Lorenzo Cavallaro
IEEE T-IFS · IEEE Trans. Information Forensics and Security, 2017
@article{DBLP:journals/tifs/0029LBKTLC17,
author = {Li Li and Daoyuan Li and Tegawende F. Bissyande and Jacques Klein and Yves Le Traon and David Lo and Lorenzo Cavallaro},
title = {{Understanding Android App Piggybacking: A Systematic Study of Malicious Code Grafting}},
journal = {{IEEE Trans. Information Forensics and Security}},
volume = {12},
number = {6},
pages = {1269--1284},
year = {2017},
url = {https://doi.org/10.1109/TIFS.2017.2656460},
doi = {10.1109/TIFS.2017.2656460},
timestamp = {Sun, 28 May 2017 13:17:25 +0200},
biburl = {http://dblp.uni-trier.de/rec/bib/journals/tifs/0029LBKTLC17},
bibsource = {dblp computer science bibliography, http://dblp.org},
note = {IEEE TIFS}
}
Modular Synthesis of Heap Exploits
Dusan Repel, Johannes Kinder, and Lorenzo Cavallaro
ACM CCS-PLAS · ACM SIGSAC Workshop on Programming Languages and Analysis for Security, 2017
@inproceedings{plas2017,
author = {Dusan Repel and Johannes Kinder and Lorenzo Cavallaro},
title = {Modular Synthesis of Heap Exploits},
booktitle = {Proc. ACM SIGSAC Workshop on Programming Languages and Analysis for Security (PLAS 2017)},
year = 2017,
note = {ACM CCS-PLAS}
}
Stack Object Protection with Low Fat Pointers
Gregory Duck, Roland Yap, and Lorenzo Cavallaro
NDSS · 24th Annual Network and Distributed System Security Symposium, 2017
@InProceedings{lowfatstack-ndss2017,
author = {Gregory Duck and Roland Yap and Lorenzo Cavallaro},
title = {{Stack Object Protection with Low Fat Pointers}},
booktitle = {24th Annual Network and Distributed System Security Symposium, San Diego, California, USA},
year = 2017,
month = {February},
note = {NDSS}
}
Euphony: Harmonious Unification of Cacophonous Anti-Virus Vendor Labels for Android Malware
Mederic Hurier, Guillermo Suarez-Tangil, Santanu Kumar Dash, Tegawende F. Bissyande, Yves Le Traon, Jacques Klein, and Lorenzo Cavallaro
MSR · 14th International Conference on Mining Software Repositories, 2017
@inproceedings{DBLP:conf/msr/HurierSDBTKC17,
author = {Mederic Hurier and Guillermo Suarez-Tangil and Santanu Kumar Dash and Tegawende F. Bissyande and Yves Le Traon and Jacques Klein and Lorenzo Cavallaro},
title = {{Euphony: Harmonious Unification of Cacophonous Anti-Virus Vendor Labels for Android Malware}},
booktitle = {Proceedings of the 14th International Conference on Mining Software Repositories, {MSR} 2017, Buenos Aires, Argentina, May 20-28},
pages = {425--435},
year = {2017},
doi = {10.1109/MSR.2017.57},
timestamp = {Fri, 07 Jul 2017 14:06:35 +0200},
biburl = {http://dblp.uni-trier.de/rec/bib/conf/msr/HurierSDBTKC17},
bibsource = {dblp computer science bibliography, http://dblp.org},
note = {MSR}
}
Flipping 419 Cybercrime Scams: Targeting the Weak and the Vulnerable
Gibson Mba, Jeremiah Onaolapo, Gianluca Stringhini, and Lorenzo Cavallaro
ACM WWW-CyberSafety · 26th International Conference on World Wide Web Companion, 2017
@inproceedings{Mba:2017:FCS:3041021.3053892,
author = {Gibson Mba and Jeremiah Onaolapo and Gianluca Stringhini and Lorenzo Cavallaro},
title = {{Flipping 419 Cybercrime Scams: Targeting the Weak and the Vulnerable}},
booktitle = {Proceedings of the 26th International Conference on World Wide Web Companion},
series = {WWW '17 Companion},
year = {2017},
numpages = {10},
url = {https://doi.org/10.1145/3041021.3053892},
doi = {10.1145/3041021.3053892},
publisher = {International World Wide Web Conferences Steering Committee},
keywords = {419, cybercrime, scam},
note = {ACM WWW-CyberSafety}
}
The Evolution of Android Malware and Android Analysis Techniques
Kimberly Tam, Ali Feizollah, Badrul Nor Anuar, Rosli Salleh, and Lorenzo Cavallaro
ACM CSUR · ACM Computing Surveys, 2017
@article{Tam:2017:EAM:3022634.3017427,
author = {Kimberly Tam and Ali Feizollah and Badrul Nor Anuar and Rosli Salleh and Lorenzo Cavallaro},
title = {{The Evolution of Android Malware and Android Analysis Techniques}},
journal = {ACM Compututing Surveys},
issue_date = {February 2017},
volume = {49},
number = {4},
month = {January},
year = {2017},
issn = {0360-0300},
pages = {76:1--76:41},
articleno = {76},
numpages = {41},
url = {http://doi.acm.org/10.1145/3017427},
doi = {10.1145/3017427},
acmid = {3017427},
publisher = {ACM},
address = {New York, NY, USA},
keywords = {Android, classification, detection, dynamic analysis, malware, static analysis},
note = {ACM CSUR}
}
DroidSieve: Fast and Accurate Classification of Obfuscated Android Malware
Guillermo Suarez-Tangil, Santanu Kumar Dash, Mansour Ahmadi, Johannes Kinder, Giorgio Giacinto, and Lorenzo Cavallaro
ACM CODASPY · 7th ACM Conference on Data and Application Security and Privacy, 2017
@inproceedings{codaspy17,
author = {Guillermo Suarez-Tangil and Santanu Kumar Dash and Mansour Ahmadi and Johannes Kinder and Giorgio Giacinto and Lorenzo Cavallaro},
title = {{DroidSieve: Fast and Accurate Classification of Obfuscated Android Malware}},
booktitle = {{Proceedings of the Seventh ACM Conference on Data and Application Security and Privacy}},
year = {2017},
month = {March},
url = {http://dx.doi.org/10.1145/3029806.3029825},
doi = {10.1145/3029806.3029825},
note = {ACM CODASPY}
}
Misleading Metrics: On Evaluating Machine Learning for Malware with Confidence
Roberto Jordaney, Zhi Wang, Davide Papini, Ilia Nouretdinov, and Lorenzo Cavallaro
TR@RHUL · Technical Report, 2016
@TechReport{RHUL2016,
author = {Roberto Jordaney and Zhi Wang and Davide Papini and Ilia Nouretdinov and Lorenzo Cavallaro},
title = {{Misleading Metrics: On Evaluating Machine Learning for Malware with Confidence}},
institution = {Royal Holloway, University of London},
year = {2016},
number = {2016-1},
note = {TR@RHUL}
}
DroidScribe: Classifying Android Malware Based on Runtime Behavior
Santanu Kumar Dash, Guillermo Suarez-Tangil, Salahuddin Khan, Kimberly Tam, Mansour Ahmadi, Johannes Kinder, and Lorenzo Cavallaro
IEEE S&P-MoST · IEEE Security and Privacy Workshops: Mobile Security Technologies, 2016
@inproceedings{most16-droidscribe,
author = {Santanu Kumar Dash and Guillermo Suarez-Tangil and Salahuddin Khan and Kimberly Tam and Mansour Ahmadi and Johannes Kinder and Lorenzo Cavallaro},
title = {DroidScribe: Classifying Android Malware Based on Runtime Behavior},
booktitle = {IEEE Security and Privacy Workshops: Mobile Security Technologies},
year = 2016,
month = {May},
note = {IEEE S&P-MoST}
}
You Can't Touch This: Consumer-centric Android Application Repackaging Detection
Iakovos Gurulian, Konstantinos Markantonakis, Lorenzo Cavallaro, and Keith Mayes
FGCS · Future Generation Computer Systems, 2016
@Article{gurulian16:_you_cant_touch_this,
author = {Iakovos Gurulian and Konstantinos Markantonakis and Lorenzo Cavallaro and Keith Mayes},
title = {{You Can't Touch This: Consumer-centric Android Application Repackaging Detection}},
journal = {Future Generation Computer Systems},
year = 2016,
volume = 65,
pages = {1-9},
month = {December},
note = {FGCS}
}
Prescience: Probabilistic Guidance on the Retraining Conundrum for Malware Detection
Amit Deo, Santanu Kumar Dash, Guillermo Suarez-Tangil, Volodya Vovk, and Lorenzo Cavallaro
ACM CCS-AISec · 9th ACM CCS Workshop on Artificial Intelligence and Security, 2016
@inproceedings{aisec16,
author = {Amit Deo and Santanu Kumar Dash and Guillermo Suarez-Tangil and Volodya Vovk and Lorenzo Cavallaro},
title = {{Prescience: Probabilistic Guidance on the Retraining Conundrum for Malware Detection}},
booktitle = {9th ACM CCS Workshop on Artificial Intelligence and Security},
year = {2016},
note = {ACM CCS-AISec}
}
Conformal Clustering and Its Application to Botnet Traffic
Giovanni Cherubin, Ilia Nouretdinov, Alexander Gammerman, Roberto Jordaney, Zhi Wang, Davide Papini, and Lorenzo Cavallaro
SLDS · 3rd International Symposium of Statistical Learning and Data Science, 2015
@inproceedings{cherubin,
author = {Giovanni Cherubin and Ilia Nouretdinov and Alexander Gammerman and Roberto Jordaney and Zhi Wang and Davide Papini and Lorenzo Cavallaro},
title = {{Conformal Clustering and Its Application to Botnet Traffic}},
booktitle = {Statistical Learning and Data Sciences, 3rd International Symposium},
year = {2015},
note = {SLDS}
}
CopperDroid: Automatic Reconstruction of Android Malware Behaviors
Kimberly Tam, Salahuddin J. Khan, Aristide Fattori, and Lorenzo Cavallaro
NDSS · 22nd Annual Network and Distributed System Security Symposium, 2015
@InProceedings{copperdroid-ndss2015,
author = {Kimberly Tam, Salahuddin J. Khan, Aristide Fattori, and Lorenzo Cavallaro},
title = {{CopperDroid: Automatic Reconstruction of Android Malware Behaviors}},
booktitle = {22nd Annual Network and Distributed System Security Symposium, San Diego, California, USA},
year = 2015,
month = {February},
note = {NDSS}
}
PuppetDroid: A User-Centric UI Exerciser for Automatic Dynamic Analysis of Similar Android Applications
Andrea Gianazza, Federico Maggi, Aristide Fattori, Lorenzo Cavallaro, and Stefano Zanero
CoRR · arXiv CoRR, 2014
@article{DBLP:journals/corr/GianazzaMFCZ14,
author = {Andrea Gianazza and Federico Maggi and Aristide Fattori and Lorenzo Cavallaro and Stefano Zanero},
title = {{PuppetDroid: A User-Centric UI Exerciser for Automatic Dynamic Analysis of Similar Android Applications}},
journal = {arXiv CoRR},
year = {2014},
volume = {abs/1402.4826},
url = {http://arxiv.org/abs/1402.4826},
timestamp = {Wed, 10 Sep 2014 17:05:02 +0200},
biburl = {http://dblp.uni-trier.de/rec/bib/journals/corr/GianazzaMFCZ14},
bibsource = {dblp computer science bibliography, http://dblp.org},
note = {arXiv CoRR}
}