Home > People > federico.maggi > Curriculum Vitae

Federico Maggi : Curriculum Vitae

Conference Papers

[1]

A. Mambretti et al., “Trellis: Privilege Separation for Multi-User Applications Made Easy,” in International Symposium on Research in Attacks, Intrusions and Defenses (RAID), Paris, France, 2016, vol. (to appear).

[2]

C. Zheng, M. Dalla Preda, J. Granjal, S. Zanero, and F. Maggi, “On-Chip System Call Tracing: A Feasibility Study and Open Prototype,” in IEEE Conference on Communications and Network Security (CNS), Philadelphia, US, 2016, vol. (to appear).

[3]

P. Ilia, I. Polakis, E. Athanasopoulos, F. Maggi, and S. Ioannidis, “Face/Off: Preventing Privacy Leakage From Photos in Social Networks,” in Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security, New York, NY, USA, 2015, pp. 781–792.

[4]

A. Coletta, V. Van der Veen, and F. Maggi, “DroydSeuss: A Mobile Banking Trojan Tracker - Short Paper,” in Financial Cryptography and Data Security, 2016.

[5]

M. Polino, A. Scorti, F. Maggi, and S. Zanero, “Jackdaw: Towards Automatic Reverse Engineering of Large Datasets of Binaries,” in Detection of Intrusions and Malware, and Vulnerability Assessment, 2015, pp. 121–143.

[6]

L. Falsina, Y. Fratantonio, S. Zanero, C. Kruegel, G. Vigna, and F. Maggi, “Grab ’n Run: Secure and Practical Dynamic Code Loading for Android Applications,” in Proceedings of the 31st Annual Computer Security Applications Conference, Los Angeles, USA, 2015, vol. (to appear).

[7]

A. Antonini, F. Maggi, and S. Zanero, “A Practical Attack Against a KNX-based Building Automation System,” in Proceedings of the 2Nd International Symposium on ICS & SCADA Cyber Security Research 2014, UK, 2014, pp. 53–60.

[8]

S. Schiavoni, F. Maggi, L. Cavallaro, and S. Zanero, “Phoenix: DGA-Based Botnet Tracking and Intelligence,” in Proceedings of the International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA), 2014, pp. 192–211.

[9]

M. Lindorfer et al., “AndRadar: Fast Discovery of Android Applications in Alternative Markets,” in Detection of Intrusions and Malware, and Vulnerability Assessment, 2014, pp. 51–71.

[10]

M. Carminati, R. Caron, F. Maggi, I. Epifani, and S. Zanero, “BankSealer: An Online Banking Fraud Analysis and Decision Support System,” in ICT Systems Security and Privacy Protection, 2014, pp. 380–394.

[11]

I. Polakis et al., “Faces in the Distorting Mirror: Revisiting Photo-based Social Authentication,” in Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, New York, NY, USA, 2014, pp. 501–512.

[12]

N. Nikiforakis et al., “Stranger Danger: Exploring the Ecosystem of Ad-based URL Shortening Services,” in Proceedings of the 23rd International Conference on World Wide Web, Seoul, Korea, 2014, pp. 51–62.

[13]

G. Bonetti, M. Viglione, A. Frossi, F. Maggi, and S. Zanero, “A Comprehensive Black-box Methodology for Testing the Forensic Characteristics of Solid-state Drives,” in Proceedings of the 29th Annual Computer Security Applications Conference, New York, NY, USA, 2013, pp. 269–278.

[14]

C. Criscione, F. Bosatelli, S. Zanero, and F. Maggi, “Zarathustra: Extracting WebInject Signatures from Banking Trojans,” in Proceedings of the Twelfth Annual International Conference on Privacy, Security and Trust (PST), Toronto, Canada, 2014, pp. 139–148.

[15]

F. Maggi, “A Recognizer of Rational Trace Languages,” in Proceedings of the International Conference on Computer and Information Technology (CIT), 2010, pp. 257–264.

[16]

F. Maggi et al., “Two years of short URLs internet measurement: security threats and countermeasures,” in Proceedings of the 22nd international conference on World Wide Web (WWW), Republic and Canton of Geneva, Switzerland, 2013, pp. 861–872.

[17]

M. Spagnuolo, F. Maggi, and S. Zanero, “BitIodine: Extracting Intelligence from the Bitcoin Network,” in Financial Cryptography and Data Security, Barbados, 2014, pp. 457–468.

[18]

A. Volpatto, F. Maggi, and S. Zanero, “Effective Multimodel Anomaly Detection Using Cooperative Negotiation,” in Proceedings of the Decision and Game Theory for Security (GameSec), 2010, vol. 6442, pp. 180–191.

[19]

F. Roveta, L. Di Mario, F. Maggi, G. Caviglia, S. Zanero, and P. Ciuccarelli, “BURN: Baring Unknown Rogue Networks,” in Proceedings of the 8th International Symposium on Visualization for Cyber Security (VizSec), New York, NY, USA, 2011, pp. 6:1–6:10.

[20]

W. Robertson, F. Maggi, C. Kruegel, and G. Vigna, “Effective Anomaly Detection with Scarce Training Data,” in Proceedings of the Network and Distributed System Security Symposium (NDSS), 2010.

[21]

J. Polakis et al., “All Your Face Are Belong to Us: Breaking Facebook’s Social Authentication,” in Proceedings of the Annual Computer Security Applications Conference (ACSAC), New York, NY, USA, 2012, pp. 399–408.

[22]

F. Maggi and S. Zanero, “Is the future Web more insecure? Distractions and solutions of new-old security issues and measures,” in Proceedings of the Worldwide Cybersecurity Summit, 2011, pp. 1–9.

[23]

F. Maggi and S. Zanero, “On the Use of Different Statistical Tests for Alert Correlation - Short Paper,” in Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID), 2007, pp. 167–177.

[24]

F. Maggi and S. Zanero, “Integrated Detection of Anomalous Behavior of Computer Infrastructures,” in Proceedings of the IEEE/IFIP Network Operations and Management Symposium (NOMS), 2012, pp. 866–871.

[25]

F. Maggi, A. Volpatto, S. Gasparini, G. Boracchi, and S. Zanero, “POSTER: Fast, Automatic iPhone Shoulder Surfing,” in Proceedings of the 18th Conference on Computer and Communication Security (CCS), 2011.

[26]

F. Maggi, A. Volpatto, S. Gasparini, G. Boracchi, and S. Zanero, “A Fast Eavesdropping Attack Against Touchscreens,” in Proceedings of the 7th International Conference on Information Assurance and Security (IAS), 2011, pp. 320–325.

[27]

F. Maggi, W. Robertson, C. Kruegel, and G. Vigna, “Protecting a Moving Target: Addressing Web Application Concept Drift,” in Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID), 2009.

[28]

F. Maggi, A. Bellini, G. Salvaneschi, and S. Zanero, “Finding Non-trivial Malware Naming Inconsistencies,” in Proceedings of the 7th International Conference on Information Systems Security (ICISS), 2011, vol. 7093, pp. 144–159.

[29]

F. Maggi, “Are the Con Artists Back? A Preliminary Analysis of Modern Phone Frauds,” in Proceedings of the International Conference on Computer and Information Technology (CIT), 2010, pp. 824–831.

[30]

M. Lindorfer, A. D. Federico, F. Maggi, P. M. Comparetti, and S. Zanero, “Lines of Malicious Code: Insights Into the Malicious Software Industry,” in Proceedings of the Annual Computer Security Applications Conference (ACSAC), New York, NY, USA, 2012, pp. 349–358.

[31]

A. Frossi, F. Maggi, G. L. Rizzo, and S. Zanero, “Selecting and Improving System Call Models for Anomaly Detection,” in Proceedings of the International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA), 2009.

[32]

C. Criscione, F. Maggi, G. Salvaneschi, and S. Zanero, “Integrated Detection of Attacks Against Browsers, Web Applications and Databases,” in Proceedings of the European Conference on Network Defense (EC2ND), 2009.

Journal Papers

[1]

A. Valdi, E. Lever, S. Benefico, D. Quarta, S. Zanero, and F. Maggi, “Scalable Testing of Mobile Antivirus Applications,” Computer, vol. 48, no. 11, pp. 60–68, Nov. 2015.

[2]

M. Carminati, R. Caron, F. Maggi, I. Epifani, and S. Zanero, “BankSealer: A decision support system for online banking fraud analysis and investigation,” Computers & Security, Apr. 2015.

[3]

F. Maggi, S. Zanero, and V. Iozzo, “Seeing the invisible: forensic uses of anomaly detection and machine learning,” Operating Systems Review of the ACM Special Interest Group on Operating Systems (SIGOPS), vol. 42, no. 3, pp. 51–58, Apr. 2008.

[4]

A. Nacci et al., “Adaptive and Flexible Smartphone Power Modeling,” Mobile Networks and Applications, pp. 1–10, Oct. 2013.

[5]

F. Maggi, M. Matteucci, and S. Zanero, “Reducing false positives in anomaly detectors through fuzzy alert aggregation,” Information Fusion, vol. 10, no. 4, pp. 300–311, Oct. 2009.

[6]

F. Maggi, M. Matteucci, and S. Zanero, “Detecting Intrusions through System Call Sequence and Argument Analysis,” IEEE Transactions on Dependable and Secure Computing (TODS), vol. 7, no. 4, pp. 381–395, Nov. 2008.

[7]

A. Dardanelli et al., “A Security Layer for Smartphone-to-Vehicle Communication over Bluetooth,” Embedded Systems Letters, vol. 5, no. 3, pp. 34–37, Jun. 2013.

Workshop Papers

[1]

F. Maggi, A. Valdi, and S. Zanero, “AndroTotal: A Flexible, Scalable Toolbox and Service for Testing Mobile Malware Detectors,” in Proceedings of the Third ACM Workshop on Security and Privacy in Smartphones & Mobile Devices, New York, NY, USA, 2013, pp. 49–54.

[2]

I. Polakis, F. Maggi, S. Zanero, and A. D. Keromytis, “Security and Privacy Measurements on Social Networks: Experiences and Lessons Learned,” in Proceedings of the 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, Wroclaw, Poland, 2014, vol. (to appear).

[3]

F. Maggi and S. Zanero, “System Security research at Politecnico di Milano,” in Proceedings of the 1st SysSec Workshop (SysSec), 2011.

[4]

F. Maggi, A. Sisto, and S. Zanero, “A social-engineering-centric data collection initiative to study phishing,” in Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS), New York, NY, USA, 2011, pp. 107–108.

Technical Reports

[1]

F. Maggi, S. Zanero, and E. Markatos, “European Cyber-Security Research and Innovation,” 43, Jan. 2015.

[2]

E. Bazzoli, C. Criscione, F. Maggi, and S. Zanero, “XSS Peeker: A Systematic Analysis of Cross-site Scripting Vulnerability Scanners,” arXiv, Oct. 2014.

[3]

A. Gianazza, F. Maggi, A. Fattori, L. Cavallaro, and S. Zanero, “PuppetDroid: A User-Centric UI Exerciser for Automatic Dynamic Analysis of Similar Android Applications,” arXiv, 2014.

[4]

S. Schiavoni, F. Maggi, L. Cavallaro, and S. Zanero, “Tracking and Characterizing Botnets Using Automatically Generated Domains,” arXiv, Nov. 2013.

[5]

F. Maggi and S. Zanero, “Rethinking security in a cloudy world,” Politecnico di Milano, 2010-11, Nov. 2010.

[6]

F. Maggi, A. Volpatto, S. Gasparini, G. Boracchi, and S. Zanero, “Don’t touch a word! A practical input eavesdropping attack against mobile touchscreen devices,” Politecnico di Milano, 2010-59, Nov. 2010.

[7]

F. Maggi, “Specification and Evaluation of an Efficient Recognizer for Rational Trace Languages,” Politecnico di Milano, 2008-23, Jun. 2008.

[8]

F. Maggi, “A Survey of Probabilistic Record Matching Models, Techniques and Tools,” Politecnico di Milano, 2008-22, Apr. 2008.

[9]

R. Kochanek et al., “Secure Integration of Mobile Devices for Automotive Services,” Politecnico di Milano, 2012-09, Jun. 2012.