Picture of Daniele

Daniele Cono D'Elia

Update: got a position as Assistant Professor starting in 2022! :-)

I am a postdoctoral researcher and adjunct professor at Sapienza University of Rome. I am part of the cybersecurity research group led by Leonardo Querzoni and member of the CIS Sapienza research center. You can find my resume here.

I obtained my PhD in 2016 with a dissertation on adaptive program optimization techniques, later awarded and published as a book. In 2014 I have been a visiting scholar at Purdue University working with Jan Vitek.

My research involves software and systems security. I play with malware, code reuse attacks, monitoring solutions in presence of adversarial behavior, and program analyses and transformations to make programs more secure (e.g., fuzzing, sanitizers, automatic side channel elimination, code obfuscation).

I often speak at Black Hat events (EU 2019, EU 2020, USA 2021). I was also behind CyberChallenge.IT in its early days. I'm a road cyclist and traveler.

Teaching

I enjoy supervising highly motivated students in thesis projects on open research problems. If you are interested in software and systems security topics (non-exhaustive list: malware, ROP, obfuscation, fuzzing, side channels, binary analysis) and you are up for a challenge, do not hesitate to drop me a line.

Classes I taught as adjunct professor:

I have also been organizing and teaching an introductory course for PhD students: Thinking outside the box: Adversarial behavior and unconventional attack vectors from security research (2021). The course touches on software and systems security principles and covers a few trending topics.

Since obtaining my PhD I have supervised or co-supervised about 45 students. They rewarded me both professionally and humanly, making me proud of their achievements. Eight of them have co-authored scientific papers on their thesis or Honors program topics, whereas six have won thesis awards:

  • Fabio Rosato (MSc, 2018, CLUSIT 1st prize)
  • Federico Palmaro(MSc, 2019, award from Italian intelligence agencies and also CLUSIT 5th prize)
  • Cristian Assaiante (BSc, 2020, CLUSIT 1st prize)
  • Andrea Salvati (MSc, 2020, CLUSIT 5th prize)
  • Riccardo Chiaretti (MSc, 2021, award from Italian intelligence agencies)
  • Andrea Fioraldi (MSc, 2021, CLUSIT 2nd prize)

Service

I had the honor of serving for:

and as a reviewer for several distinguished journals in computer security and other fields (list reported in my resume).

Publications

  • Designing Robust API Monitoring Solutions

    D.C. D'Elia, S. Nicchi, M. Mariani, M. Marini, F. Palmaro. IEEE Transactions on Dependable and Secure Computing. TDSC (in press) [preprint]

  • Evaluating Dynamic Binary Instrumentation Systems for Conspicuous Features and Artifacts

    D.C. D'Elia, L. Invidia, F. Palmaro, L. Querzoni. Digital Threats: Research and Practice. ACM DTRAP (in press) [preprint]

  • Rope: Covert Multi-Process Malware Execution with Return-Oriented Programming

    D.C. D'Elia, L. Invidia, L. Querzoni. ESORICS 2021 [preprint] [BHUSA whitepaper]

  • The Use of Likely Invariants as Feedback for Fuzzers

    A. Fioraldi, D.C. D'Elia, D. Balzarotti. USENIX Security Symposium 2021 [PDF]

  • Constantine: Automatic Side-Channel Resistance Using Efficient Control and Data Flow Linearization

    P. Borrello, D.C. D'Elia, L. Querzoni, C. Giuffrida. ACM CCS 2021 [preprint]

  • Hiding in the Particles: When Return- Oriented Programming Meets Program Obfuscation

    P. Borrello, E. Coppa, D.C. D'Elia. IEEE/IFIP DSN 2021 [PDF]

  • Fuzzing Binaries for Memory Safety Errors with QASan

    A. Fioraldi, D.C. D'Elia, L. Querzoni. IEEE SecDev 2020 [PDF]

  • [B] New Techniques for Adaptive Program Optimization

    D.C. D'Elia. Sapienza University Press. 204 pages, ISBN 9788893771436. Winner of "Prize for PhD Thesis 2016" competition. [PDF]

  • WEIZZ: Automatic Grey-box Fuzzing for Structured Binary Formats

    A. Fioraldi, D.C. D'Elia, E. Coppa. ACM ISSTA 2020 [PDF]

  • [J] On the Dissection of Evasive Malware

    D.C. D'Elia, E. Coppa, F. Palmaro, L. Cavallaro. IEEE Transactions on Information Forensics and Security. TIFS 2020 [PDF]

  • [J] Memory Models in Symbolic Execution: Key Ideas and New Thoughts

    L. Borzacchiello, E. Coppa, D.C. D'Elia, C. Demetrescu. John Wiley & Sons. Journal of Software: Testing, Verification and Reliability. 2019 [PDF]

  • SymNav: Visually Assisting Symbolic Execution

    M. Angelini, G. Blasilli, L. Borzacchiello, E. Coppa, D.C. D'Elia, C. Demetrescu, S. Lenti, S. Nicchi, G. Santucci. IEEE VizSec 2019 [PDF]

  • SoK: Using Dynamic Binary Instrumentation for Security (And How You May Get Caught Red Handed)

    D.C. D'Elia, E. Coppa, S. Nicchi, F. Palmaro, L. Cavallaro. ACM ASIACCS 2019 [PDF]

  • Reconstructing C2 Servers for Remote Access Trojans with Symbolic Execution

    L. Borzacchiello, E. Coppa, D.C. D'Elia, C. Demetrescu. CSCML 2019 [PDF]

  • Static Analysis of ROP Code

    D.C. D'Elia, E. Coppa, A. Salvati, C. Demetrescu. ACM EUROSEC 2019 [PDF]

  • The ROP Needle: Hiding Trigger-based Injection Vectors via Code Reuse

    P. Borrello, E. Coppa, D.C. D'Elia, C. Demetrescu. ACM SAC 2019 [PDF]

  • ROPMate: Visually Assisting the Creation of ROP-based Exploits

    M. Angelini, G. Blasilli, P. Borrello, E. Coppa, D.C. D'Elia, S. Ferracci, S. Lenti, G. Santucci. Best Paper Award. IEEE VizSec 2018 [PDF]

  • On-Stack Replacement, Distilled

    D.C. D'Elia, C. Demetrescu. ACM PLDI 2018 [PDF]

  • [J] A Survey of Symbolic Execution Techniques

    R. Baldoni, E. Coppa, D.C. D'Elia, C. Demetrescu, I. Finocchi. ACM Computing Surveys. CSUR 2018 [PDF]

  • Rethinking Pointer Reasoning in Symbolic Execution

    E. Coppa, D.C. D'Elia, C. Demetrescu. IEEE/ACM ASE 2017 [PDF]

  • Assisting Malware Analysis with Symbolic Execution: A Case Study

    R. Baldoni, E. Coppa, D.C. D'Elia, C. Demetrescu. CSCML 2017 [PDF]

  • Flexible On-Stack Replacement in LLVM

    D.C. D'Elia, C. Demetrescu. IEEE/ACM CGO 2016 [PDF]

  • [J] Mining Hot Calling Contexts in Small Space

    D.C. D'Elia, C. Demetrescu, I. Finocchi. John Wiley & Sons. Software: Practice and Experience. 2015 [PDF]

  • Ball-Larus Path Profiling Across Multiple Loop Iterations

    D.C. D'Elia, C. Demetrescu. ACM OOPSLA 2013 [PDF]

  • Mining Hot Calling Contexts in Small Space

    D.C. D'Elia, C. Demetrescu, I. Finocchi. ACM PLDI 2011 [PDF]

Contact

  • Daniele Cono D'Elia
  • delia at diag dot uniroma1 dot it
  • Dept. of Computer, Control, and Management Engineering
    Room B118
    25 Via Ariosto
    00185 Rome, Italy

Social