Lorenzo Cavallaro

Publications

Menu:

• Home
• Research
• Publications
• Posters
• Magazines
• Ph.D. & M.Sc
• Technical Reports
• Teaching
• Projects

International Conferences & Workshops

• Practical Automated Vulnerability Monitoring Using Program State Invariants Cristiano Giuffrida, Lorenzo Cavallaro, and Andrew S. Tanenbaum In Proceedings of the 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN '13) June 24-27, 2013, Budapest, Hungary [PDF] [BibTeX]
• A System Call-Centric Analysis and Stimulation Technique to Automatically Reconstruct Android Malware Behaviors Alessandro Reina, Aristide Fattori, and Lorenzo Cavallaro In the Proceedings of the 6th European Workshop on Systems Security (EuroSec) Prague, Czech Republic, April 14, 2013 [PDF] [BibTeX]
• When Hardware Meets Software: a Bulletproof Solution to Forensic Memory Acquisition Alessandro Reina, Aristide Fattori, Fabio Pagani, Lorenzo Cavallaro, and Danilo Bruschi In 28th Annual Computer Security Application Conference (ACSAC) December 3-7, 2012, Orlando, Florida, USA [PDF] [BibTeX]
• Memory Errors: The Past, the Present, and the Future Victor van der Veen, Nitish dutt-Sharma, Lorenzo Cavallaro, and Herbert Bos In the Proceedings of the 15th International Symposium on Research in Attacks Intrusions and Defenses (RAID) September 12-14h, 2012, Amsterdam, The Netherlands [PDF] [BibTeX]
• Taint-Enhanced Anomaly Detection Lorenzo Cavallaro and R. Sekar In the Proceedings of the 7th International Conference on Information Systems Security (ICISS) 15-19 December 2011, Jadavpur University, Kolkata, India [PDF] [BibTeX]
• Systems Security at VU University Amsterdam Herbert J. Bos and Lorenzo Cavallaro In the Proceedings of the 1st SysSec Workshop on Systems Security July 2011, Amsterdam, The Netherlands [PDF] [BibTeX]
• Sandnet: Network Traffic Analysis of Malicious Software Christian Rossow, Christian J. Dietrich, Herbert Bos, Lorenzo Cavallaro, Marteen van Steen, Felix C. Freiling, Norbert Pohlmann In the Proceedings of the 1st Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS) April 10, 2011, Salzburg, Austria [PDF] [BibTeX]
• We Crashed, Now What? Cristiano Giuffrida, Lorenzo Cavallaro, and Andrew S. Tanenbaum In the Proceedings of the 6th Workshop on Hot Topics in System Dependability (HotDep '10) October 3, 2010, Vancouver, BC, Canada [PDF] [BibTeX] [Slide]
• Live and Trustworthy Forensic Analysis of Commodity Production Systems Lorenzo Martignoni, Aristide Fattori, Roberto Paleari, and Lorenzo Cavallaro In the Proceedings of the 13th International Symposium on Recent Advances in Intrusion Detection (RAID) September 15-17h, 2010, Ottawa, Canada [PDF] [BibTeX] [Slide]
• Organizing Large Scale Hacking Competitions Nick Childers, Bryce Boe, Lorenzo Cavallaro, Ludovico Cavedon, Marco Cova, Manuel Egele, and Giovanni Vigna In the Proceedings of the GI SIG SIDAR 7th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA) July 8-9th, 2010 Bonn, Germany [PDF] [BibTeX]
• Take a Deep Breath: a Stealthy, Resilient and Cost-Effective Botnet Using Skype Antonio Nappa, Aristide Fattori, Marco Balduzzi, Matteo Dell'Amico, and Lorenzo Cavallaro In the Proceedings of the GI SIG SIDAR 7th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA) July 8-9th, 2010 Bonn, Germany [PDF] [BibTeX]
• PAriCheck: An Efficient Pointer Arithmetic Checker for C Programs Yves Younan, Pieter Philippaerts, Lorenzo Cavallaro, R. Sekar, Frank Piessens, and Wouter Joosen In the Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security (AsiaCCS) April 13-16 2010, Beijing, China [PDF] [BibTeX]
• Your Botnet is My Botnet: Analysis of a Botnet Takeover Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro, Bob Gilbert, Martin Szydlowski, Richard Kemmerer, Chris Kruegel, and Giovanni Vigna In the Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS), 2009 November 9-13, 2009, Chicago, IL, USA [PDF] [BibTeX]
• A Parallel Architecture for Stateful, High-Speed Intrusion Detection Luca Foschini, Ashish V. Thapliyal, Lorenzo Cavallaro, Christopher Kruegel, and Giovanni Vigna In the Proceedings of the 4th International Conference on Information Systems Security (ICISS) 16-20 December 2008 JNTU, Hyderabad, India [PDF] [BibTeX]
• Anomalous Taint Detection (Extended Abstract) Lorenzo Cavallaro and R. Sekar In the Proceedings of the 11th International Symposium On Recent Advances In Intrusion Detection (RAID) Boston, MA, USA, September 15-17, 2008 [PDF] [BibTeX]
• On the Limits of Information Flow Techniques for Malware Analysis and Containment Lorenzo Cavallaro, Prateek Saxena, and R. Sekar In the Proceedings of the GI SIG SIDAR Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA) July 10-11, 2008, Paris, France [PDF] [BibTeX] [Slide]
• LISABETH: Automated Content-based Signature Generator for Zero-day Polymorphic Worms Lorenzo Cavallaro, Andrea Lanzi, Luca Mayer, and Mattia Monga International Workshop on Software Engineering for Secure Systems (SESS) 2008 [PDF] [BibTeX] [Slide]
• Static Analysis on x86 Executable for Preventing Automatic Mimicry Attacks Danilo Bruschi, Lorenzo Cavallaro, and Andrea Lanzi In the Proceedings of the GI SIG SIDAR Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA) July 12-13, 2007, Lucerne, Switzerland [PDF] [BibTeX]
• Diversified Process Replicae for Defeating Memory Error Exploits Danilo Bruschi, Lorenzo Cavallaro, and Andrea Lanzi In the Proceedings of the 3rd International Workshop on Information Assurance (WIA) April 11-13, 2007, New Orleans, Louisiana, USA [PDF] [BibTeX] [Slide]
• An Efficient Technique for Preventing Mimicry and Impossible Paths Execution Attacks Danilo Bruschi, Lorenzo Cavallaro, and Andrea Lanzi In the Proceedings of the 3rd International Workshop on Information Assurance (WIA) April 11-13, 2007, New Orleans, Louisiana, USA [PDF] [BibTeX]
• Replay Attack in TCG Specification and Solution Danilo Bruschi, Lorenzo Cavallaro, Andrea Lanzi, and Mattia Monga In 21st Annual Computer Security Application Conference (ACSAC) Tucson, AZ, USA [PDF] [BibTeX] [Slide]
• Less harm, less worry or how to improve network security by bounding system offensiveness Danilo Bruschi, Lorenzo Cavallaro, and Emilia Rosti In 16th Annual Computer Security Application Conference (ACSAC) USA, 2000 [PDF] [BibTeX]

Posters

• Fine-grained OS Behavior Characterization Lorenzo Cavallaro, Cristiano Giuffrida, and Andrew S. Tanenbaum Presented at the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI '10) October 4-6, 2010, Vancouver, BC, Canada [PDF] [Abstract]
• It Wasn't My Fault: Understanding OS Fault Propagation Via Delta Execution Cristiano Giuffrida, Lorenzo Cavallaro, and Andrew S. Tanenbaum Presented at the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI '10) October 4-6, 2010, Vancouver, BC, Canada [PDF] [Abstract]
• Anomalous Taint Detection Lorenzo Cavallaro and R. Sekar Presented at the 11th International Symposium On Recent Advances In Intrusion Detection (RAID) Boston, MA, USA, September 15-17, 2008 [PDF] [Abstract]

Magazines

• Peering into the Muddy Waters of Pastebin Srdjan Matic, Aristide Fattori, Danilo Bruschi and Lorenzo Cavallaro In ERCIM News 2012(90) 2012 [PDF] [BibTex]
• MINIX 3: Status Report and Current Research Andrew Tanenbaum, Raja Appuswamy, Herbert Bos, Lorenzo Cavallaro, Cristiano Giuffrida, Tomas Hruby, Jorrit Herder, Erik van der Kouwe, and David van Moolenbroek In ;login: The USENIX Magazine. June 2010 [PDF] [BibTeX]

Ph.D. & M.Sc.

• Comprehensive Memory Error Protection via Diversity and Taint-Tracking Lorenzo Cavallaro Ph.D. Dissertation Università degli Studi di Milano (University of Milan), Italy, Feb 2008 [PDF] [BibTeX] [Slide]
• Analysis, Design and Realization of a Trusted Computing Platform Emulator Lorenzo Cavallaro M.Sc. Thesis Università degli Studi di Milano (University of Milan), Italy, Feb 2008 [PDF] [BibTeX]

Technical Reports

• Memory Errors: The Past, the Present, and the Future Victor van der Veen, Nitish dutt-Sharma, Lorenzo Cavallaro, and Herbert Bos Technical Report IR-CS-73 Department of Computer Science, Vrije Universiteit Amsterdam, Nov 2011 [PDF] [BibTeX]
• Mining the Network Behavior of Bots Lorenzo Cavallaro, Christopher Kruegel, and Giovanni Vigna Technical Report 2009-12 Department of Computer Science, University of California, Santa Barbara (UCSB), Jul 2009 [PDF] [BibTeX]
• PAriCheck: An efficient pointer arithmetic checker for C programs Yves Younan, Pieter Phillipaerts, Lorenzo Cavallaro, R. Sekar, Frank Piessens, and Wouter Joosen Technical Report CW 554 Department of Computer Science, Katholieke Universiteit Leuven, Belgium, Jun 2009 [PDF] [BibTeX]
• Your Botnet is My Botnet: Analysis of a Botnet Takeover Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro, Bob Gilbert, Martin Szydlowski, Richard Kemmerer, Chris Kruegel, and Giovanni Vigna Technical Report Department of Computer Science, University of California at Santa Barbara (UCSB), USA, Apr 2009 [PDF] [BibTeX]
• Anomalous Taint Detection Lorenzo Cavallaro, and R. Sekar Technical Report SECLAB08-06 Department of Computer Science, Stony Brook University, USA, Jun 2008 [PDF] [BibTeX]
• Anti-Taint-Analysis: Practical Evasion Techniques Against Information Flow Based Malware Defense Lorenzo Cavallaro, Prateek Saxena, and R. Sekar Technical Report SECLAB07-03 Department of Computer Science, Stony Brook University, USA, November 2007 [PDF] [BibTeX]
• LISABETH: Automated Content-based Signature Generator for Zero-day Polymorphic Worms Lorenzo Cavallaro, Andrea Lanzi, Luca Mayer, and Mattia Monga Technical Report RT 18-07 Department of Computer Science, University of Milan, Italy, 2007 [PDF] [BibTeX]
• Diversified Process Replicae for Defeating Memory Error Exploits Danilo Bruschi, Lorenzo Cavallaro, and Andrea Lanzi Technical Report RT 14-06 Department of Computer Science, University of Milan, Italy, 2006 [PDF] [BibTeX]
• Syscalls Obfuscation for Preventing Mimicry and Impossible Paths Execution Attacks Danilo Bruschi, Lorenzo Cavallaro, and Andrea Lanzi Technical Report RT 10-06 Department of Computer Science, University of Milan, Italy, 2006 [PDF] [BibTeX]
• Attacking a Trusted Computing Platform [Improving the Security of TCG Specification] Danilo Bruschi, Lorenzo Cavallaro, and Andrea Lanzi Technical Report RT 05-05 Department of Computer Science, University of Milan, Italy, 2005 [PDF] [BibTeX]

© 2008 Lorenzo Cavallaro
Original design by Andreas Viklund