Lorenzo Cavallaro
A little bit about myself...
I received my Ph.D. in
Computer Science on February 2008
at the Università degli Studi
di Milano (University of Milan, Italy) with a Dissertation titled
"Comprehensive Memory Error
Protection via Diversity and Taint-Tracking"
I got my M.Sc. degree
in Computer Science on
October 2004 at
the Università degli Studi
di Milano (University of Milan, Italy) with a final grade of
110/110 cum laude with a thesis titled
"Analysis, Design and
Realization of a Trusted Computing Platform Emulator";
unfortunately it is only available in Italian language, it's
full of typos and actually the emulator is still a work in
progress :-)
News
I'm spending a period as a Post Doctorate in the Computer Security Lab of the
Department of Computer Science of
University of California, Santa
Barbara (UCSB), CA, USA, working with Profs Christopher Kruegel, Giovanni Vigna, and Richard A. Kemmerer
I spent from September 2006 to February 2008 a period in
the Computer Science
Department of Stony Brook University
(State University of New York (SUNY) at Stony Brook),
NY, USA, as a visiting PhD student joining the lab led by Prof.
R. Sekar.
Research Interest
Currently I am interested in several areas of Computer Security,
even if this doesn't mean that I am fluent on those areas (the
other way around, probably) :-). I am just trying to figure out
how this wonderful "thing" we call world works out!
Huh, am I exaggerating? Yes, maybe a little bit ;-) However,
this is what turns me on, more or less, periodically (I am a
libra, after all).
- Memory Corruption Attacks and Countermeasures
- Taint Analysis
- Intrusion Detection, both Network and Host based
- Operating Systems Protection Techniques
- Exploitation Techniques
- Trusted Computing Platforms
- Reverse Engineering
Here below you can just find few works I have been involved in
recently and in the past. Please, consider this page as
a real work in progress... even if I don't actually know
when I'll be able to write down something that will look more
beautiful and smart than this :-)
Publications
-
"A Parallel Architecture for Stateful, High-Speed
Intrusion Detection"
Luca Foschini, Ashish V. Thapliyal, Lorenzo Cavallaro
Christopher Kruegel, and Giovanni Vigna
In the Proceedings of the 4th International Conference on
Information Systems Security (ICISS 2008), 16-20 December 2008
JNTU, Hyderabad, India, To Appear
[pdf]-->
[bibtex]
[slide]
-
"Anomalous Taint Detection (Extended Abstract)"
Lorenzo Cavallaro and R. Sekar
In the Proceedings of the 11th International Symposium On
Recent Advances In Intrusion Detection (RAID),
Boston, MA, USA, September 15-17, 2008, To Appear
[pdf]-->
[bibtex]
[poster]
-
"On the Limits of Information Flow Techniques for Malware
Analysis and Containment"
Lorenzo Cavallaro, Prateek Saxena, and R. Sekar
In the Proceedings of the GI SIG SIDAR Conference on
Detection of Intrusions and Malware & Vulnerability
Assessment (DIMVA), July 10-11, 2008, Paris, France.
[pdf]
[bibtex]
[slide]
-
"LISABETH: Automated Content-based Signature Generator for
Zero-day Polymorphic Worms"
Lorenzo Cavallaro, Andrea Lanzi, Luca Mayer, and Mattia Monga
International Workshop on Software Engineering for Secure Systems
(SESS'08).
[pdf]
[bibtex]
[slide]
-
"Static Analysis on x86 Executable for Preventing Automatic
Mimicry Attacks"
Danilo Bruschi, Lorenzo Cavallaro, and Andrea
Lanzi
In the Proceedings of the GI SIG SIDAR Conference on
Detection of Intrusions and Malware & Vulnerability Assessment
(DIMVA), July 12-13, 2007, Lucerne, Switzerland.
[pdf]
[bibtex]
-
"Diversified Process Replicae for Defeating Memory
Error Exploits"
Danilo Bruschi, Lorenzo Cavallaro, and Andrea
Lanzi
In the Proceedings of the 3rd International
Workshop on Information Assurance (WIA 2007), April
11-13, 2007, New Orleans, Louisiana, USA.
[pdf]
[bibtex]
[slide]
-
"An Efficient Technique for Preventing Mimicry and
Impossible Paths Execution Attacks"
Danilo Bruschi, Lorenzo Cavallaro, and Andrea
Lanzi
In the Proceedings of the 3rd International
Workshop on Information Assurance (WIA 2007), April
11-13, 2007, New Orleans, Louisiana, USA.
[pdf]
[bibtex]
-
"Replay Attack in TCG Specification and Solution"
Danilo Bruschi, Lorenzo Cavallaro, Andrea Lanzi and
Mattia Monga
In 21th Annual Computer Security Application Conference
(ACSAC), Tucson, AZ, USA, 2005.
[pdf]
[bibtex]
[slide]
-
"Less harm, less worry or how to
improve network security by bounding system
offensiveness"
Danilo Bruschi, Lorenzo Cavallaro and Emilia Rosti
In 16th Annual Computer Security Application Conference
(ACSAC), USA, 2000 (as undergraduate Computer Science
student).
[pdf] [bibtex]
Technical Reports
"LISABETH: Automated Content-Based Signatures Generator for
Zero-day Polymorphic Worms"
Lorenzo Cavallaro, Andrea Lanzi, Luca Mayer, and Mattia Monga
Technical Report RT 18-07, Università degli
Studi di Milano, Italy, 2007.
[pdf]
[bibtex]
"Diversified Process Replicae for Defeating
Memory Error Exploits"
Danilo Bruschi, Lorenzo Cavallaro and Andrea Lanzi
Technical Report RT 14-06, Università degli
Studi di Milano, Italy, 2006.
[pdf]
[bibtex]
"Syscalls Obfuscation for Preventing Mimicry and Impossible
Paths Execution Attacks"
(formerly known as
"Syscalls Obfuscation to Prevent Automatic Mimicry and
Impossible Paths Execution Attacks")
Danilo Bruschi, Lorenzo Cavallaro and Andrea Lanzi
Technical Report RT 10-06, Università degli
Studi di Milano, Italy, 2006.
[pdf]
[bibtex]
"Attacking a Trusted Computing Platform [Improving
the Security of TCG Specification]"
Danilo Bruschi, Lorenzo Cavallaro, Andrea Lanzi and
Mattia Monga
Technical Report RT 05-05, Università degli
Studi di Milano, Italy, 2005.
[pdf]
[bibtex]
Teaching Experiences
Since May 2003 I have had the luck of being involved as
teaching assistant, lecturer or something like that in the
following courses:
... as Teaching Assistant
- Teaching Assistant for the course "ICT
Security"
at the Università degli Studi di
Milano, 2005-2006, Italy.
[site]
- Teaching Assistant for the course "ICT
Security"
at the Università degli Studi di
Milano, 2004-2005, Italy.
[site]
- Teaching Assistant for the course
"Security in Operating Systems"
at the III (3rd) University
Master in Computer Security, 2004, Italy.
- Teaching Assistant for the course
"Intrusion Techniques and Incident Handling"
at
the II (2nd) University Master in Computer Security, 2003, Italy.
- Teaching Assistant for the course
"Security in Operating Systems (Lab for
UNIX)"
at the II (2nd) University Master in
Computer Security, 2003, Italy.
... as Lecturer
- Lecturer for the seminar "Intrusion Detection using Sequences
of System Calls"
at the Università degli Studi di
Milano, 2005, Italy.
[pdf]
- Lecturer for the seminar "Stack-based Buffer
Overflow and Shellcode (v2)"
(a slightly modified version of what I gave on 2004; still
incomplete, a mere introduction on the matter)
at the
Università degli Studi di Milano, 2005, Italy.
[pdf]
- Lecturer for the course "Intrusion
Techniques"
at the IV (4th) University Master
in Computer Security, 2005, Italy.
(topics includes [more or less deeply]: TCP/IP Security
Problems, Man in The Middle Attacks, Stack-based Buffer Overflow,
Format String Vulnerabilities)
[pdf(s) as soon as possible]
- Lecturer for the seminar "Introduction to the
TCG-based Trusted Computing Platforms"
at the
Università degli Studi di Milano, 2004, Italy.
[pdf]
- Lecturer for the seminar "Stack-based Buffer
Overflow and Shellcode"
at the Università degli
Studi di Milano, 2004, Italy.
[pdf]
- Lecturer for the seminar "Buffer Overflow and
Protection Technology"
at the Second International
Summer School on Information and System Security, 2004,
Italy.
[pdf]
- Lecturer for the seminar "Stack-based Buffer
Overflow""
at the First International Summer School
on Information and System Security, 2003, Italy.
[ppt]
Summer Schools
I have been one of the lucky people who have attended
the Second Summer School Applied IT Security 2005
at the RWTH-Aachen University, 2005, Germany.
I have been one of the lucky people who have attended
the Lugano Summer School on Dependable Software
Systems at the University of Lugano, Switzerland July
17-22, 2006.
Talks
There are also few talks I gave over
the time, even if the majority are in italian language only
:-\ and few of them overlap to what I did in my teaching
experiences (however, take a look at them :-))
Miscellanea
What else? Well, plenty of stuff to say I guess... better, I hope
as everyone out there. But you know, I am an incredible
lazy man when dealing with my personal page (huh, this is against me I
know :-)) so I think I'll stop writing "soft thoughts" and
boring you, leaving just a few final notes.
I used to love playing guitar even if I still love doing it
currently, but due to laziness and mainly lack of time I
hardly play it anymore :-(. As the majority of Italian
people I like eating good food and sometime I try to do it
by myself... yes, sometime :-).
Last but really not least,
I love you, Simona... you know who you are, darling...
Huh, I was forgetting to show you some I-hope-nice
pictures :-) about
- New Orleans, LA, USA (2007)
- Boston, MA, USA (2007)
- New York, NY, USA (2006-2007)
- SUNY (State University of New York) at Stony Brook,
Long Island, NY, USA (2006-2007)
- ACSAC 2005, Tucson and Grand Canyon pictures, Tucson,
AZ, 2005, USA
- Lugano Summer School on Dependable Software Systems pictures,
Lugano, Switzerland, 2006
- Summer School Applied IT Security 2005 pictures,
Aachen, Germany, 2005
- What the Hack pictures, Liempde, 2005, The Netherland
... but they are not ready for presentation yet :-\