| [42] |
How Machine Learning Is Solving the Binary Function Similarity Problem
Andrea Marcelli, Mariano Graziano, Xabier Ugarte-Pedrero, Yanick Fratantonio, Mohamad Mansouri, Davide Balzarotti.
In Proceedings of the USENIX Security Symposium (SEC),
2022.
[PDF] [BibTeX]
|
| [41] |
RE-Mind: a First Look Inside the Mind of a Reverse Engineer
Alessandro Mantovani, Simone Aonzo, Yanick Fratantonio, Davide Balzarotti.
In Proceedings of the USENIX Security Symposium (SEC),
2022.
[PDF] [BibTeX]
|
| [40] |
Arbiter: Bridging the Static and Dynamic Divide in Vulnerability Discovery on Binary Programs
Jayakrishna Menon Vadayath, Moritz Eckert, Kyle Zeng, Nicolaas Weideman, Gokulkrishna Praveen Menon, Yanick Fratantonio, Davide Balzarotti, Adam Doupe, Tiffany Bao, Ruoyu Wang, Christophe Hauser, Yan Shoshitaishvili.
In Proceedings of the USENIX Security Symposium (SEC),
2022.
[PDF] [BibTeX]
|
| [39] |
Lost in the Loader: The Many Faces of the Windows PE File Format
Dario Nisi, Mariano Graziano, Yanick Fratantonio, Davide Balzarotti.
In Black Hat Europe,
2021.
[PDF] [BibTeX] [GitHub]
|
| [38] |
Lost in the Loader: The Many Faces of the Windows PE File Format
Dario Nisi, Mariano Graziano, Yanick Fratantonio, Davide Balzarotti.
In Proceedings of the Symposium on Recent Advances in Intrusion Detection (RAID),
2021.
[PDF] [BibTeX] [GitHub]
|
| [37] |
Trust, But Verify: A Longitudinal Analysis Of Android OEM Compliance and Customization
Andrea Possemato, Simone Aonzo, Davide Balzarotti, Yanick Fratantonio.
In Proceedings of the IEEE Symposium on Security and Privacy (S&P),
2021.
[PDF] [BibTeX]
|
| [36] |
Preventing and Detecting State Inference Attacks on Android
Andrea Possemato, Dario Nisi, Yanick Fratantonio.
In Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS),
2021.
[PDF] [BibTeX]
|
| [35] |
On the Insecurity of SMS One-Time Password Messages against Local Attackers in Modern Mobile Devices
Zeyu Lei, Yuhong Nan, Yanick Fratantonio, Antonio Bianchi.
In Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS),
2021.
[PDF] [BibTeX]
|
| [34] |
Towards HTTPS Everywhere on Android: We Are Not There Yet
Andrea Possemato, Yanick Fratantonio.
In Proceedings of the USENIX Security Symposium (SEC),
2020.
[PDF] [BibTeX]
|
| [33] |
Exploring Syscall-Based Semantics Reconstruction of Android Applications
Dario Nisi, Antonio Bianchi, Yanick Fratantonio.
In Proceedings of the Symposium on Recent Advances in Intrusion Detection (RAID),
2019.
[PDF] [BibTeX]
|
| [32] |
Toward the Analysis of Embedded Firmware through Automated Re-hosting
Eric Gustafson, Marius Muench, Chad Spensky, Nilo Redini, Aravind Machiry, Yanick Fratantonio, Davide Balzarotti, Aurelien Francillon, Yung Ryn Choe, Christopher Kruegel, Giovanni Vigna.
In Proceedings of the Symposium on Recent Advances in Intrusion Detection (RAID),
2019.
[PDF] [BibTeX]
|
| [31] |
Using Loops For Malware Classification Resilient to Feature-unaware Perturbations
Aravind Machiry, Nilo Redini, Eric Gustafson, Yanick Fratantonio, Yung Ryn Choe, Christopher Kruegel, Giovanni Vigna.
In Proceedings of the Annual Computer Security Applications Conference (ACSAC),
2018.
[PDF] [BibTeX]
|
| [30] |
ClickShield: Are You Hiding Something? Towards Eradicating Clickjacking on Android
Andrea Possemato, Andrea Lanzi, Pak Chung, Wenke Lee, Yanick Fratantonio.
In Proceedings of the ACM Conference on Computer and Communications Security (CCS),
2018.
[PDF] [BibTeX]
|
| [29] |
Phishing Attacks on Modern Android
Simone Aonzo, Alessio Merlo, Giulio Tavella, Yanick Fratantonio.
In Proceedings of the ACM Conference on Computer and Communications Security (CCS),
2018.
[PDF] [BibTeX] [Project Website]
|
| [28] |
GuardION: Practical Mitigation of DMA-based Rowhammer Attacks on ARM
Victor van der Veen, Martina Lindorfer, Yanick Fratantonio, Harikrishnan Padmanabha Pillai, Giovanni Vigna, Christopher Kruegel, Herbert Bos, Kaveh Razavi.
In Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA),
2018.
[PDF] [BibTeX] [Project Website] [GitHub]
[Press: SlashDot, Ars Technica, Threat Post, Others]
|
| [27] |
Understanding Linux Malware
Emanuele Cozzi, Mariano Graziano, Yanick Fratantonio, Davide Balzarotti.
In Proceedings of the IEEE Symposium on Security and Privacy (S&P),
2018.
[PDF] [BibTeX]
|
| [26] |
Broken Fingers: On the Usage of the Fingerprint API in Android
Antonio Bianchi, Yanick Fratantonio, Aravind Machiry, Christopher Kruegel, Giovanni Vigna, Pak Chung, Wenke Lee.
In Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS),
2018.
[PDF] [BibTeX]
|
| [25] |
Exploitation and Mitigation of Authentication Schemes Based on Device-Public Information
Antonio Bianchi, Eric Gustafson, Yanick Fratantonio, Christopher Kruegel, Giovanni Vigna.
In Proceedings of the Annual Computer Security Applications Conference (ACSAC),
2017.
[PDF] [BibTeX]
|
| [24] |
BootStomp: On the Security of Bootloaders in Mobile Devices
Nilo Redini, Aravind Machiry, Dipanjan Das, Yanick Fratantonio, Antonio Bianchi, Eric Gustafson, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna.
In Proceedings of the USENIX Security Symposium (SEC),
2017.
[PDF] [BibTeX] [GitHub]
[Press: SlashDot, The Hacker News, Bleeping Computer, Others]
|
| [23] |
Cloak and Dagger: From Two Permissions to Complete Control of the UI Feedback Loop
Yanick Fratantonio, Chenxiong Qian, Pak Chung, Wenke Lee.
In Black Hat USA,
2017.
[PDF] [BibTeX] [Website & Demos] [Slides] [Talk]
|
| [21] |
On the Privacy and Security of the Ultrasound Ecosystem
Vasilios Mavroudis, Shuang Hao, Yanick Fratantonio, Federico Maggi, Giovanni Vigna, Christopher Kruegel.
In Proceedings of the Privacy Enhancing Technologies Symposium (PETS),
2017.
[PDF] [BibTeX] [Project Website]
[Press: SlashDot, Fortune, WIRED, Others]
|
| [20] |
Obfuscation-Resilient Privacy Leak Detection for Mobile Apps Through Differential Analysis
Andrea Continella, Yanick Fratantonio, Martina Lindorfer, Alessandro Puccetti, Ali Zand, Christopher Kruegel, Giovanni Vigna.
In Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS),
2017.
[PDF] [BibTeX] [GitHub]
|
| [19] |
Talking Behind Your Back: Attacks and Countermeasures of Ultrasonic Cross-device Tracking
Vasilios Mavroudis, Shuang Hao, Yanick Fratantonio, Federico Maggi, Giovanni Vigna, Christopher Kruegel.
In Black Hat Europe,
2016.
[BibTeX] [Project Website] [Slides]
[Press: SlashDot, Fortune, WIRED, Others]
|
| [18] |
Drammer: Deterministic Rowhammer Attacks on Mobile Platforms
Victor van der Veen, Yanick Fratantonio, Martina Lindorfer, Daniel Gruss, Clementine Maurice, Giovanni Vigna, Herbert Bos, Kaveh Razavi, Cristiano Giuffrida.
In Proceedings of the ACM Conference on Computer and Communications Security (CCS),
2016.
[PDF] [BibTeX] [Project Website]
[Press: SlashDot, WIRED, Ars Technica, Others]
|
| [17] |
TriggerScope: Towards Detecting Logic Bombs in Android Apps
Yanick Fratantonio, Antonio Bianchi, William Robertson, Engin Kirda, Christopher Kruegel, Giovanni Vigna.
In Proceedings of the IEEE Symposium on Security and Privacy (S&P),
2016.
[PDF] [BibTeX] [Slides] [Talk]
|
| [16] |
RETracer: Triaging Crashes by Reverse Execution from Partial Memory Dumps
Weidong Cui, Marcus Peinado, Sang Kil Cha, Yanick Fratantonio, Vasileios Kemerlis.
In Proceedings of the International Conference on Software Engineering (ICSE),
2016.
[PDF] [BibTeX]
|
| [15] |
Going Native: Using a Large-Scale Analysis of Android Apps to Create a Practical Native-Code Sandboxing Policy
Vitor Afonso, Antonio Bianchi, Yanick Fratantonio, Adam Doupe, Mario Polino, Paulo de Geus, Christopher Kruegel, Giovanni Vigna.
In Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS),
2016.
[PDF] [BibTeX]
|
| [14] |
Grab'n Run: Secure and Practical Dynamic Code Loading for Android Applications
Luca Falsina, Yanick Fratantonio, Stefano Zanero, Christopher Kruegel, Giovanni Vigna, Federico Maggi.
In Proceedings of the Annual Computer Security Applications Conference (ACSAC),
2015.
[PDF] [BibTeX] [GitHub]
|
| [13] |
BareDroid: Large-Scale Analysis of Android Apps on Real Devices
Simone Mutti, Yanick Fratantonio, Antonio Bianchi, Luca Invernizzi, Jacopo Corbetta, Dhilung Kirat, Christopher Kruegel, Giovanni Vigna.
In Proceedings of the Annual Computer Security Applications Conference (ACSAC),
2015.
[PDF] [BibTeX] [GitHub]
|
| [12] |
NJAS: Sandboxing Unmodified Applications in non-rooted Devices Running Stock Android
Antonio Bianchi, Yanick Fratantonio, Christopher Kruegel, Giovanni Vigna.
In Proceedings of the ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM),
2015.
[PDF] [BibTeX]
|
| [11] |
CLAPP: Characterizing Loops in Android Applications
Yanick Fratantonio, Aravind Machiry, Antonio Bianchi, Christopher Kruegel, Giovanni Vigna.
In Proceedings of the ACM Symposium on the Foundations of Software Engineering (FSE),
2015.
[PDF] [BibTeX]
|
| [10] |
CLAPP: Characterizing Loops in Android Applications (Invited Talk)
Yanick Fratantonio, Aravind Machiry, Antonio Bianchi, Christopher Kruegel, Giovanni Vigna.
In Proceedings of International Workshop on Software Development Lifecycle for Mobile (DeMobile),
2015.
[PDF] [BibTeX]
|
| [9] |
On the Security and Engineering Implications of Finer-Grained Access Controls for Android Developers and Users
Yanick Fratantonio, Antonio Bianchi, William Robertson, Manuel Egele, Christopher Kruegel, Engin Kirda, Giovanni Vigna.
In Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA),
2015.
[PDF] [BibTeX]
|
| [8] |
What the App is That? Deception and Countermeasures in the Android User Interface
Antonio Bianchi, Jacopo Corbetta, Luca Invernizzi, Yanick Fratantonio, Christopher Kruegel, Giovanni Vigna.
In Proceedings of the IEEE Symposium on Security and Privacy (S&P),
2015.
[PDF] [BibTeX] [GitHub]
|
| [7] |
EdgeMiner: Automatically Detecting Implicit Control Flow Transitions through the Android Framework
Yinzhi Cao, Yanick Fratantonio, Antonio Bianchi, Manuel Egele, Christopher Kruegel, Giovanni Vigna, Yan Chen.
In Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS),
2015.
[PDF] [BibTeX]
|
| [6] |
Andrubis - 1,000,000 Apps Later: A View on Current Android Malware Behaviors
Martina Lindorfer, Matthias Neugschwandtner, Lukas Weichselbaum, Yanick Fratantonio, Victor van der Veen, Christian Platzer.
In Proceedings of the International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS),
2014.
[PDF] [BibTeX]
|
| [5] |
Ten Years of iCTF: The Good, The Bad, and The Ugly
Giovanni Vigna, Kevin Borgolte, Jacopo Corbetta, Adam Doupe, Yanick Fratantonio, Luca Invernizzi, Dhilung Kirat, Yan Shoshitaishvili.
In Proceedings of the USENIX Summit on Gaming, Games, and Gamification in Security Education (3GSE),
2014.
[PDF] [BibTeX] [Project Website]
|
| [4] |
Andrubis: Android Malware Under The Magnifying Glass
Lukas Weichselbaum, Matthias Neugschwandtner, Martina Lindorfer, Yanick Fratantonio, Victor van der Veen, Christian Platzer.
In Technical Report TR-ISECLAB-0414-001,
2014.
[PDF] [BibTeX]
|
| [3] |
Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications
Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel, Giovanni Vigna.
In Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS),
2014.
[PDF] [BibTeX]
|
| [2] |
An Empirical Study of Cryptographic Misuse in Android Applications
Manuel Egele, David Brumley, Yanick Fratantonio, Christopher Kruegel.
In Proceedings of the ACM Conference on Computer and Communications Security (CCS),
2013.
[PDF] [BibTeX]
|
| [1] |
Shellzer: A Tool for the Dynamic Analysis of Malicious Shellcode
Yanick Fratantonio, Christopher Kruegel, Giovanni Vigna.
In Proceedings of the Symposium on Recent Advances in Intrusion Detection (RAID),
2011.
[PDF] [BibTeX]
|