Lorenzo Cavallaro

Home

Menu:

• Home
• Research
• Publications
• Teaching
• Projects
• CTF@DIMVA 2011
• CopperDroid

News

• Mar, 2012. CopperDroid, our VM-based system call-centric dynamic analysis to reconstruct Android malware behaviors goes live!
• Apr, 2010. Our paper Your Botnet is My Botnet: Analysis of a Botnet Takeover has received the UCSB Computer Science Department Outstanding Publication Award!
• Mar, 2010. Our team, the MINIX 3 at Vrije Universiteit, was selected as a project for the 2010 ed. of Google Summer of Code. Check MINIX 3 GSoC 2010 out!
• Dec, 2009. iCTF was super! It was great to participate in the organization!
• Aug, 2009. Our team Shellphish participated to the DefCon CTF in Las Vegas, NV, USA.
• May, 2009. Our report on taking over and analyzing the Torpig botnet was featured on Slashdot an then covered by the international press.
• Dec, 2008. iCTF was great and it was a pleasure to participate in the organization!
• Aug, 2008. Our team Shellphish participated to the DefCon CTF in Las Vegas, NV, USA.

I'm currently a Reader (Associate Professor) in the Information Security Group (ISG) at Royal Holloway, University of London.

From Jan 2010 to Dec 2011, I was a Post-Doctorate researcher in the Systems & Security group of the Computer Systems Section at Vrije Universiteit Amsterdam, The Netherlands, where I joined Prof. Andrew S. Tanenbaum, and his team, working on (operating) systems security. In particular, I'm currently focusing on making OSes more reliable and secure.

From Apr 2008 to Dec 2009, I was a Post-Doctorate researcher in the Computer Security Lab of the Department of Computer Science at the University of California, Santa Barbara (UCSB), CA, USA, working with Profs Christopher Kruegel, and Giovanni Vigna on botnet analysis and detection/mitigation techniques.

From Sep 2006 to Mar 2008, I was a Visiting Ph.D. Scholar in the Department of Computer Science at the State University of New York at Stony Brook (Stony Brook University), NY, USA, joining the Cyber Security/Secure Systems Lab led by Prof. R. Sekar, working on memory error countermeasures, anomaly detection and taint analysis techniques.

Likewise, from Oct 2007 to Mar 2008, I was a Research Foundation Employee at Stony Brook University, working with Prof. R. Sekar on memory error countermeasures, anomaly detection and taint analysis techniques.

Education

• Ph.D. in Computer Science, Feb 2008
  Università degli Studi di Milano (University of Milan), Milan, Italy
  Dipartimento di Informatica e Comunicazione

  Dissertation titled "Comprehensive Memory Error Protection via Diversity and Taint-Tracking"
  Adviser: Prof. R. Sekar (SUNY at Stony Brook, NY, USA)
  co-adviser: Prof. D. Bruschi (University of Milan, Italy)

• M.Sc. (110/110 cum laude) in Computer Science, Oct 2004
  Università degli Studi di Milano (University of Milan), Milan, Italy
  Dipartimento di Informatica e Comunicazione

  Thesis titled "Analysis, Design and Realization of a Trusted Computing Platform Emulator"
  Adviser: Prof. D. Bruschi (University of Milan, Italy)
  co-adviser: Dr. M. Monga (University of Milan, Italy)

I am interested in several areas of operating system and systems security. The following highlight some areas in which I am active and which I would like to keep or start doing research in.

• (Android) malware analysis and detection
• Operating systems reliability and security
• Botnet analysis and mitigation techniques
• Memory corruption attacks and countermeasures
• Taint analysis
• Exploitation techniques
• Reverse engineering

Contact Information

Lorenzo Cavallaro

GPG public key
Fingerprint: 4BFA 0642 F9CE FE31 41B5 6098 1F6E FA2F 3455 FA5C

Tel. +44 (0)1784 414381
Room 231, McCrea Building

Information Security Group
Royal Holloway, University of London
Egham Hill
Egham, Surrey TW20 0EX
United Kingdom

© 2008 Lorenzo Cavallaro
Original design by Andreas Viklund