I am Yanick Fratantonio (aka @reyammer), a Senior Research Scientist at Google. Before this position, I have been an Assistant Professor at EURECOM, and a Senior Security Researcher at Cisco Talos. (Why did I leave academia? I wrote a long post about it.)

My research focuses on systems security and privacy, and it covers a wide range of aspects, such as mobile security, reverse engineering, malware analysis, binary analysis, and web security. My research has highlighted systemic flaws in many aspects of mobile devices and developed program analysis techniques to analyze Android, Windows, and Linux malware.

More recently, I have been working on deep learning. I'm the tech lead for Magika, an AI powered file type detection tool. Magika is designed to be working at scale, fast even on a single CPU. Magika is available on GitHub , it is fast and accurate enough to be used at Google, among other things, to scan Gmail attachments, and it has been recently integrated with VirusTotal.

Contact Information

E-mail:yanick (at) fratantonio (dot) me
Public Key:PGP key
Social Links:

Research

My research has highlighted systemic flaws in many aspects of mobile devices, including Graphic User Interfaces (GUI deception, a11y attacks, phishing against password managers, and clickjacking), bootloaders, hardware memory modules, cryptography, dynamic code loading, authentication, and fingerprint API. I also worked on the detection and analysis of malicious logic bombs, native code components, Windows shellcode, and more recently Linux malware. Last I research about privacy aspects, such as data leaks and emerging ultrasound-based cross-device tracking mechanisms. More recently, I've been working on developing and deploying fast and specialized deep learning models, such as Magika.

Teaching

When I was teaching at EURECOM, I have created a new class on Mobile Security (MOBISEC), first taught in Fall 2018. This was designed to be an hands-on course, and it covers topics such as the mobile ecosystem, the design and architecture of mobile operating systems, application analysis, reverse engineering, malware detection, vulnerability assessment, automatic static and dynamic analysis, and exploitation and mitigation techniques. All the material/slides/recordings are available at mobisec.reyammer.io, and all the wargame-like challenges (featuring an APK analysis system!) are available at challs.reyammer.io.

Hacking

I am a big fan of Capture The Flag (CTF) competitions and wargames — that is how I and many friends got into security. I'm a founding member of the Order Of the Overflow (OOO) team, the current now-retired DEF CON CTF organizers. I am also a core member of the Shellphish hacking team with which I played many competitions and organized many editions of the UCSB iCTF. I was also involved with the NOPS team, the EURECOM's hacking team, acting as their hackademic advisor.

Professional Highlights