I'm an Assistant Professor at Eurecom Graduate School and Research Center, located in Sophia Antipolis on the French riviera. My research interests include most aspects of system security and in particular the areas of intrusion detection and prevention, binary and malware analysis, reverse engineering, and web security. Before joining Eurecom I spent almost two years in Santa Barbara as a postdoctoral researcher in the Department of Computer Science at UCSB, working in the Computer Security Lab with professor Giovanni Vigna and professor Richard Kemmerer. I received my PhD in Computer Engineering from Politecnico di Milano in 2006.

Office Hours:	e-mail appointment
Email:	Re-capcha protected: click here "Unix" protected: $ echo "daemacsde@iseclab.org" | sed s/emacs/vi/ (pun intended)
Current Address:	Institut Eurecom 2229 Route des Cretes F-06560 Sophia-Antipolis cedex France
Telephone:	+33 4 9300 8156

Program Committee Memberships

WWW 2013 - 22nd International World Wide Web Conference

NDSS 2013 - 20th Annual Network and Distributed System Security Symposium

ESSoS 2013 - International Symposium on Engineering Secure Software and Systems

IMF 2013 - International Conference on IT Security Incident Management and IT Forensics

PC Memberships (Past Events)

NDSS 2012 - 19th Annual Network and Distributed System Security Symposium

RAID 2012 - (PC Chair) 15th Annual Conference on Recent Advances in Intrusion Detection

LEET 2012 - 5th USENIX Workshop on Large-Scale Exploits and Emergent Threats

DIMVA 2012 - 9th Conference on Detection of Intrusions and Malware & Vulnerability Assessment

PST 2012 - 10th Annual Conference on Privacy, Security, and Trust

ESSoS 2012 - International Symposium on Engineering Secure Software and Systems

ARES 2010 - IEEE International Conference on Availability, Reliability, and Security

Program co-Chair RAID 2011 - 14th International Symposium on Recent Advances in Intrusion Detection

BADGERS 2011 - 1st International Workshop on development of large scale security-related data collection and analysis

ARES 2011 - IEEE International Conference on Availability, Reliability, and Security

NTMS 2011 - 4th IFIP International Conference on New Technologies, Mobility and Security

SESOC 2011 - 3rd International Workshop on SECurity and SOCial Networking

SESS 2011 - 7th International Workshop on Software Engineering for Secure Systems

SESOC 2010 - IEEE International Worskshop on SECurity and SOCial Networking

SESS 2010 - 6th International Workshop on Software Engineering for Secure Systems

RAID 2013 - 12th International Symposium on Recent Advances in Intrusion Detection

EC2ND 2009 - 5th European Conference on Computer Network Defense

RAID 2009 - 12th International Symposium on Recent Advances in Intrusion Detection

ICIW 2009 - 4th International Conference on Internet and Web Applications and Services

SESS 2009 - 5th International Workshop on Software Engineering for Secure Systems

ARES 2009 - IEEE International Conference on Availability, Reliability, and Security

SecSE 2009 - Third International Workshop on Secure Software Engineering

ICIMP 2008 - Third International Conference on Internet Monitoring and Protection

SESS 2008 - 4th International Workshop on Software Engineering for Secure Systems

ARES 2008 - IEEE International Conference on Availability, Reliability, and Security

DAWAM 2008 - 3rd International Workshop on Dependability Aspects on Data Warehousing and Mining applications

SESS 2007 - 3rd International Workshop on Software Engineering for Secure Systems

Other Activities

Member of the red team involved in testing the capability and security of the voting machines certiified for use in the State of Ohio. Project Everest (Evaluation & Validation of Election-Related Equipment, Standards & Testing). September - December 2007

Member of the red team in the top-to-bottom review of the electronic voting machines certified for use in California. June - July 2007

Member of ShellPhish, winner team at the DEFCON capture the flag hacking competition, Las Vegas, August 2005

Teaching

Computer Forensics (spring 12)

Secure Programming I (spring 11)

Software Development (fall 09, 10)

Current Funded Projects

Crisalis (security of critical infrastructures) Sponsor: EU Commission Position: Principal Investigator

iCode (Real-time Malicious Code Detection) Sponsor: EU Commission Position: Principal Investigator

SysSec (Network of Excellence for Networking Systems Security Research in Europe) Sponsor: EU Commission Position: Principal Investigator

2013

Davide Canali, Davide Balzarotti, Aurelien Francillon "The Role of Web Hosting Providers in Detecting Compromised Websites" 22nd International World Wide Web (WWW) Conference, May 2013 [ | ]

Davide Canali, Davide Balzarotti "Behind the Scenes of Online Attacks: an Analysis of Exploitation Behaviors on the Web" 20th Annual Network and Distributed System Security Symposium (NDSS), San Diego - February 2013 [Download | ]

2012

Leyla Bilge, Davide Balzarotti, William Robertson, Engin Kirda, Christopher Kruegel "DISCLOSURE: Detecting Botnet Command and Control Servers Through Large-Scale NetFlow Analysis" Annual Computer Security Applications Conference (ACSAC) 2012 [Download | ] In the press: [ Dark Reading | ]

Mariano Graziano, Corrado Leita, Davide Balzarotti "Towards Network Containment in Malware Analysis Systems" Annual Computer Security Applications Conference (ACSAC) 2012 [Download | ]

Davide Canali, Andrea Lanzi, Davide Balzarotti, Mihai Christoderescu, Christopher Kruegel, Engin Kirda "A Quantitative Study of Accuracy in System Call-Based Malware Detection" International Symposium on Software Testing and Analysis (ISSTA) 2012, Minneapolis, MN, July 2012 [Download | ]

T.Scholte, W.Robertson, D.Balzarotti, E.Kirda "Preventing Input Validation Vulnerabilities in Web Applications through Automated Type Analysis" 36th IEEE Conference on Computers, Software, and Applications (COMPSAC), Izmir, Turkey - July 2012 [Download | ]

Alessandro Armando, Giancarlo Pellegrino, Roberto Carbone, Alessio Merlo, Davide Balzarotti "From model-checking to automated testing of security protocols: Bridging the gap" 6th International Conference on Tests and Proofs (TAP), Prague, Czech Republic, May 2012 [Download| ]

Kaan Onarlioglu, Utku Ozan Yilmaz, Engin Kirda, Davide Balzarotti "Insights into User Behavior in Dealing with Internet Attacks " 19th Annual Network and Distributed System Security Symposium (NDSS), San Diego - February 2012 [Download| ]

Marco Balduzzi, Jonnas Zaddach, Davide Balzarotti, Engin Kirda, and Sergio Loureiro "A Security Analysis of Amazon's Elastic Compute Cloud Service" 27th ACM Symposium On Applied Computing (SAC), Trento, Italy, March 2012 [Download| ]

Theodoor Scholte, Davide Balzarotti, William Robertson, and Engin Kirda "An Empirical Analysis of Input Validation Mechanisms in Web Applications and Languages" 27th ACM Symposium On Applied Computing (SAC), Trento, Italy, March 2012 [Download| ]

Theodoor Scholte, Davide Balzarotti, Engin Kirda "Have things changed now? An empirical study on input validation vulnerabilities in web applications" Elsevier Computer and Security [ download |  bibtex ]

2011

Jelena Isacenkova, Davide Balzarotti "Measurement and Evaluation of a Real World Deployment of a Challenge-Response Spam Filter" Internet Measurement Conference (IMC) 2011 - Berlin, November 2011 [Download | ]

Abhinav Srivastava, Andrea Lanzi, Jonathon Giffin, Davide Balzarotti "Operating System Interface Obfuscation and the Revealing of Hidden Operations" 8th Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA) - Amsterdam, July 2011 [Download | bibtex]

Danesh Irani, Marco Balduzzi, Davide Balzarotti, Engin Kirda, Carlton Pu "Reverse Social Engineering Attacks in Online Social Networks" 8th Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA) - Amsterdam, July 2011 [Download | ] bibtex]

Nick Nikiforakis, Marco Balduzzi, Steven Van Acker, Wouter Joosen, and Davide Balzarotti "Exposing the Lack of Privacy in File Hosting Services" 4th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET) - Boston, March 2011 [Download |  bibtex] In the press: [ The Register | Slashdot]

Leyla Bilge, Andrea Lanzi, Davide Balzarotti "Thwarting Real-Time Dynamic Unpacking" European Workshop on System Security (EUROSEC) - Salzburg, April 2011 [Download |  bibtex]

Theodoor Scholte, Davide Balzarotti, Engin Kirda "Quo Vadis? A Study of the Evolution of Input Validation Vulnerabilities in Web Applications" Financial Cryptography and Data Security (FC), St. Lucia - February 2011 [Download |  bibtex]

Marco Balduzzi, Carmen Torrano Gimenez, Davide Balzarotti, Engin Kirda "Automated Discovery of Parameter Pollution Vulnerabilities in Web Applications" 18th Annual Network and Distributed System Security Symposium (NDSS), San Diego - February 2011 * Distinguished Paper Award * [Download  |  bibtex] In the press: [ Forbes | ]

2010

Kaan Onarlioglu, Leyla Bilge, Andrea Lanzi, Davide Balzarotti, Engin Kirda "G-Free: Defeating Return-Oriented Programming through Gadget-less Binaries" Annual Computer Security Applications Conference (ACSAC), Austin, December 2010 [Download  |  bibtex]

Andrea Lanzi, Davide Balzarotti , Christopher Kruegel, Mihai Christodorescu, Engin Kirda "AccessMiner: Using System-Centric Models for Malware Protection" ACM Conference on Computer and Communications Security (CCS), Chicago, October 2010 [Download |  bibtex]

Marco Balduzzi, Christian Platzer, Thorsten Holz, Engin Kirda, Davide Balzarotti, Christopher Kruegel "Abusing Social Networks for Automated User Profiling" Recent Advance in Intrusion Detection (RAID), Ottawa, Canada, September 2010 [ Download  | bibtex  ]

Tobias Lauinger, Veikko Pankakoski, Davide Balzarotti, Engin Kirda "Honeybot, Your Man in the Middle for Automated Social Engineering " 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), San Jose, April 2010 [ Download |  bibtex ] In the press: [ DarkReading |  SlashDot]

M.Balduzzi, M.Egele, E.Kirda, D.Balzarotti, C.Kruegel "A Solution for the Automated Detection of Clickjacking Attacks" AsiaCCS - Beijing, China, April 13-16 2010 [ download |  bibtex ]

D.Balzarotti, M.Cova, C.Karlberger, E.Kirda, C.Kruegel, G.Vigna "Efficient Detection of Split Personalities in Malware" Symposium on Network and Distributed System Security (NDSS) - San Diego, USA, March 1-2 2010 [ download |  bibtex ]

D. Balzarotti, G. Banks, M. Cova, V. Felmetsger, R. Kemmerer, W. Robertson, F. Valeur, and G. Vigna "An Experience in Testing the Security of Real-world Electronic Voting Systems" In IEEE Transactions on Software Engineering 2010 [ download |  bibtex ]

2009 and Before

G. Vigna, F. Valeur, D. Balzarotti, W. Robertson, C. Kruegel, E. Kirda "Reducing Errors in the Anomaly-based Detection of Web-based Attacks Through the Combined Analysis of Web Requests and SQL Queries" Journal of Computer Security - Volume 17, Issue 3 (August 2009) [ bibtex ]

L. Bilge, T. Strufe, D. Balzarotti, E. Kirda "All Your Contacts Are Belong to Us: Automated Identity Theft" 18th International World Wide Web Conference (WWW) - Madrid, Spain, April 20-24 2009 [ download |  bibtex ] In the press: [ Nature ]

U. Bayer, I. Habibi, D. Balzarotti, E. Kirda, C. Kruegel "A View on Current Malware Behavior" 2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET) - Boston, MA, April 21 2009 [ download ]

D. Balzarotti, G. Banks, M. Cova, V. Felmetsger, R. Kemmerer, W. Robertson, F. Valeur, G. Vigna "Are Your Votes Really Counted? Testing the Security of Real-world Electronic Voting Systems" International Symposium on Software Testing and Analysis (ISSTA) - Seattle, WA, July 20-24 2008 [ download |  bibtex ]

D. Balzarotti, M. Cova, V. Felmetsger, N. Jovanovic, E. Kirda, C. Kruegel, G. Vigna "Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications" Proceedings of the 29th IEEE Symposium on Security and Privacy - Oakland, California, May 18-21, 2008 [ download |  bibtex ]

D. Balzarotti, M. Cova, G. Vigna "ClearShot: Eavesdropping on Keyboard Input from Video" Proceedings of the 29th IEEE Symposium on Security and Privacy - Oakland, California, May 18-21, 2008 [ download |  bibtex ] In the press: [ Scientific American |  PCWorld  |  Geeks are sexy  |  IntelFusion ]

C. Kruegel, D. Balzarotti, W. Robertson, G. Vigna "Improving Signature Testing Through Dynamic Data Flow Analysis" Proceedings of the Annual Computer Security Applications Conference (ACSAC 23) [ download |  bibtex ]

D. Balzarotti, M. Cova, V. Felmetsger, G. Vigna "Multi-Module Vulnerability Analysis of Web-based Applications" Proceedings of the ACM Conference on Computer and Communication Security (CCS) 2007 [ download |  bibtex ]

M. Cova, D. Balzarotti, V. Felmetsger, G. Vigna "Swaddler: An Approach for the Anomaly-based Detection of State Violations in Web Applications" Recent Advance in Intrusion Detection (RAID) 2007 [ download |  bibtex ]

M. Van Gundy, D. Balzarotti, G. Vigna "Catch Me, If You Can: Evading Network Signatures with Web-based Polymorphic Worms" First USENIX Workshop on Offensive Technologies (WOOT) 2007 [ download |  bibtex ]

D. Balzarotti, M. Monga, S. Sicari "Assessing the risk of using vulnerable components" Quality of protection: security measurements and metrics, Advances in Information Security 23 Springer New York,2006 [ download |  bibtex ]

G.P. Picco, D. Balzarotti, P. Costa "LighTS: A Lightweight, Customizable Tuple Space Supporting Context-Aware Applications" Proceedings of the 20th Annual ACM Symposium on Applied Computing (SAC 2005) [ download |  bibtex ]

D. Balzarotti, A. Castaldo D'Ursi, L. Cavallaro, M. Monga "Slicing AspectJ Woven Code" Proceedings of Foundations Of Aspect-Oriented Languages (FOAL 2005) [ download |  bibtex ]

G. Vigna, W. Robertson, and D. Balzarotti "Testing Network-based Intrusion Detection Signatures Using Mutant Exploits" Proceedings of the ACM Conference on Computer and Communication Security (CCS) 2004 [ download |  bibtex ]

D. Balzarotti, M. Monga "Using Program Slicing to Analyze Aspect Composition" Proceedings of Foundations Of Aspect-Oriented Languages (FOAL 2004) [ download |  bibtex ]

D. Balzarotti, C. Ghezzi, and M. Monga "Support Configuration Management for Virtual Workgroups in a Peer-to-Peer Setting" Proceedings of international conference on Software Engineering and Knowledge Engineering (SEKE 2002) [ download |  bibtex ]

D. Balzarotti, C. Ghezzi, and M. Monga "Freeing Cooperation from Servers Tyranny" Web engineering and peer-to-peer computing, LNCS 2376 Springer-Verlag [ download |  bibtex ]

D. Balzarotti, P. Costa, G.P. Picco "The LighTS Tuple Space Framework and Its Customization for Context-Aware Applications" Journal of Web Intelligence and Agent Systems, Volume 5, Number 2,2007 - pages 215-231 [ download |  bibtex ]

D. Balzarotti, C. Ghezzi, M. Monga "Supporting cooperative software processes in a decentralized and nomadic world" IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans 36(6) 11/2006 [ download |  bibtex ]

Technical Reports

P. McDaniel, M. Blaze, G. Vigna, et al. "EVEREST: Evaluation and Validation of Election-Related Equipment, Standards and Testing" In Ohio Secretary of State's EVEREST Report - December 2007 [ download |  bibtex |  Ohio Secretary of State Page |  More info ]

G. Vigna, R. Kemmerer, D. Balzarotti, G. Banks, M. Cova, V. Felmetsger, W. Robertson, and F. Valeur "Security Evaluation of the Sequoia Voting System" Report commissioned as part of the California Secretary of State's Top-To-Bottom Review of California Voting Systems. July 20, 2007 [ download |  bibtex |  California Secretary of State Page |  More info ]

D. Balzarotti "Testing Network Intrusion Detection Systems" Ph.D Dissertation, 2006 [ download |  bibtex ]