I am currently a Postdoc in the Computer Science Department at UC Santa Barbara working at the SecLab with Giovanni Vigna and Christopher Kruegel. I obtained a PhD cum laude in Computer Science and Engineering at Politecnico di Milano in Italy, where I worked at the NECST Laboratory, supervised by Stefano Zanero and Federico Maggi. During my PhD, I also took part in two research exchanges, working as a visiting researcher at UCSB and at the School of Computer Science of the University of Sydney.
My research activity focuses on different aspects of system security, such as malware analysis, mobile security & privacy, vulnerability discovery, and large-scale measurement of security issues. During my PhD, I worked on analysis and defense mechanisms against advanced threats, including for example the current generation of trojan horses, or the infamous ransomware families (check out ShieldFS). I also developed Agrigento, a tool for detecting obfuscated privacy leaks in Android apps, and contributed to Arancino and crAVe, respectively for analyzing evasive malware and testing Antivirus engines. Recently, I have contributed to angr, a research-oriented binary analysis framework, adding support for Java and Android apps.
I also love Capture The Flag (CTF) competitions, which I currently play with Shellphish (usually ending up in Vegas to play DEFCON Finals), and I co-organized several editions of the PoliCTF and iCTF.
More details can be found in my CV.