See my full list of publications and citations on Google Scholar
Mechanical Phish: Resilient Autonomous Hacking
Yan Shoshitaishvili, Antonio Bianchi, Kevin Borgolte, Amat Cama, Jacopo Corbetta, Francesco Disperati, Audrey Dutcher, John Grosen, Paul Grosen, Aravind Machiry, Chris Salls, Nick Stephens, Ruoyu Wang, Giovanni Vigna
In IEEE Security & Privacy Magazine — SPSI: Hacking without Humans
Broken Fingers: On the Usage of the Fingerprint API in Android
Antonio Bianchi, Yanick Fratantonio, Aravind Machiry, Christopher Kruegel, Giovanni Vigna, Pak Chung, Wenke Lee
In Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS)
San Diego, CA, February, 2018
[PDF]
Exploitation and Mitigation of Authentication Schemes Based on Device-Public Information
Antonio Bianchi, Eric Gustafson, Yanick Fratantonio, Christopher Kruegel, Giovanni Vigna
In Proceedings of the Annual Computer Security Applications Conference (ACSAC)
Orlando, FL, December 2017
[PDF]
BootStomp: On the Security of Bootloaders in Mobile Devices
Nilo Redini, Aravind Machiry, Dipanjan Das, Yanick Fratantonio, Antonio Bianchi, Eric Gustafson, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna
In Proceedings of the USENIX Security Symposium (Usenix SEC)
[PDF]
BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments
Aravind Machiry, Eric Gustafson, Chad Spensky, Chris Salls, Nick Stephens, Ruoyu Wang, Antonio Bianchi, Yung Ryn Choe, Christopher Kruegel, Giovanni Vigna
In Proceedings of the Network and Distributed System Security Symposium (NDSS)
San Diego, CA, February, 2017
[PDF]
Ramblr: Making Reassembly Great Again
Ruoyu Wang, Yan Shoshitaishvili, Antonio Bianchi, Aravind Machiry, John Grosen, Paul Grosen, Christopher Kruegel, Giovanni Vigna
In Proceedings of the Network and Distributed System Security Symposium (NDSS)
San Diego, CA, February, 2017
Distinguished Paper Award
[PDF]
Cyber Grand Shellphish
Antonio Bianchi, Kevin Borgolte, Jacopo Corbetta, Francesco Disperati, Andrew Dutcher, John Grosen, Paul Grosen, Aravind Machiry, Christopher Salls, Yan Shoshitaishvili, Nick Stephens, Giovanni Vigna, Ruoyu Wang (Authors listed alphabetically)
In Phrack Magazine
[link]
TriggerScope: Towards Detecting Logic Bombs in Android Apps
Going Native: Using a Large-Scale Analysis of Android Apps to Create a Practical Native-Code Sandboxing Policy
In Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS),
San Diego, CA, February, 2016
[PDF]
NJAS: Sandboxing Unmodified Applications in non-rooted Devices Running Stock Android
In Proceedings of the ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM),
Denver, CO, October, 2015
[PDF]
BareDroid: Large-Scale Analysis of Android Apps on Real Devices
In Proceedings of the Annual Computer Security Applications Conference (ACSAC),
Los Angeles, CA, December, 2015
[PDF]
CLAPP: Characterizing Loops in Android Applications
In Proceedings of the Symposium on the Foundations of Software Engineering (FSE),
Bergamo, Italy, August 2015
[PDF]
CLAPP: Characterizing Loops in Android Applications (Invited Talk)
Yanick Fratantonio, Aravind Machiry, Antonio Bianchi, Christopher Kruegel, Giovanni Vigna
In Proceedings of International Workshop on Software Development Lifecycle for Mobile (DeMobile),
Bergamo, Italy, August, 2015
[PDF]
On the Security and Engineering Implications of Finer-Grained Access Controls for Android Developers and Users
In Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA),
Milan, Italy, July 2015
[PDF]
What the App is That? Deception and Countermeasures in the Android User Interface
In Proceedings of the IEEE Symposium on Security and Privacy (S&P),
San Jose, CA, May 2015
Mechanical Phish: Resilient Autonomous Hacking
Yan Shoshitaishvili, Antonio Bianchi, Kevin Borgolte, Amat Cama, Jacopo Corbetta, Francesco Disperati, Audrey Dutcher, John Grosen, Paul Grosen, Aravind Machiry, Chris Salls, Nick Stephens, Ruoyu Wang, Giovanni Vigna
In IEEE Security & Privacy Magazine — SPSI: Hacking without Humans
Broken Fingers: On the Usage of the Fingerprint API in Android
Antonio Bianchi, Yanick Fratantonio, Aravind Machiry, Christopher Kruegel, Giovanni Vigna, Pak Chung, Wenke Lee
In Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS)
San Diego, CA, February, 2018
[PDF]
Exploitation and Mitigation of Authentication Schemes Based on Device-Public Information
Antonio Bianchi, Eric Gustafson, Yanick Fratantonio, Christopher Kruegel, Giovanni Vigna
In Proceedings of the Annual Computer Security Applications Conference (ACSAC)
Orlando, FL, December 2017
[PDF]
BootStomp: On the Security of Bootloaders in Mobile Devices
Nilo Redini, Aravind Machiry, Dipanjan Das, Yanick Fratantonio, Antonio Bianchi, Eric Gustafson, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna
In Proceedings of the USENIX Security Symposium (Usenix SEC)
Vancouver, Canada, August, 2017
BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments
Aravind Machiry, Eric Gustafson, Chad Spensky, Chris Salls, Nick Stephens, Ruoyu Wang, Antonio Bianchi, Yung Ryn Choe, Christopher Kruegel, Giovanni Vigna
In Proceedings of the Network and Distributed System Security Symposium (NDSS)
San Diego, CA, February, 2017
[PDF]
Ramblr: Making Reassembly Great Again
Ruoyu Wang, Yan Shoshitaishvili, Antonio Bianchi, Aravind Machiry, John Grosen, Paul Grosen, Christopher Kruegel, Giovanni Vigna
In Proceedings of the Network and Distributed System Security Symposium (NDSS)
San Diego, CA, February, 2017
Distinguished Paper Award
[PDF]
Cyber Grand Shellphish
Antonio Bianchi, Kevin Borgolte, Jacopo Corbetta, Francesco Disperati, Andrew Dutcher, John Grosen, Paul Grosen, Aravind Machiry, Christopher Salls, Yan Shoshitaishvili, Nick Stephens, Giovanni Vigna, Ruoyu Wang (Authors listed alphabetically)
In Phrack Magazine
[link]
TriggerScope: Towards Detecting Logic Bombs in Android Apps
In Proceedings of the IEEE Symposium on Security and Privacy (SP),
San Jose, CA,
May, 2016
[PDF]
Going Native: Using a Large-Scale Analysis of Android Apps to Create a Practical Native-Code Sandboxing Policy
In Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS),
San Diego, CA, February, 2016
[PDF]
NJAS: Sandboxing Unmodified Applications in non-rooted Devices Running Stock Android
In Proceedings of the ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM),
Denver, CO, October, 2015
[PDF]
BareDroid: Large-Scale Analysis of Android Apps on Real Devices
In Proceedings of the Annual Computer Security Applications Conference (ACSAC),
Los Angeles, CA, December, 2015
[PDF]
CLAPP: Characterizing Loops in Android Applications
In Proceedings of the Symposium on the Foundations of Software Engineering (FSE),
Bergamo, Italy, August 2015
[PDF]
CLAPP: Characterizing Loops in Android Applications (Invited Talk)
Yanick Fratantonio, Aravind Machiry, Antonio Bianchi, Christopher Kruegel, Giovanni Vigna
In Proceedings of International Workshop on Software Development Lifecycle for Mobile (DeMobile),
Bergamo, Italy, August, 2015
[PDF]
On the Security and Engineering Implications of Finer-Grained Access Controls for Android Developers and Users
In Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA),
Milan, Italy, July 2015
[PDF]
What the App is That? Deception and Countermeasures in the Android User Interface
In Proceedings of the IEEE Symposium on Security and Privacy (S&P),
San Jose, CA, May 2015
[PDF]
EdgeMiner: Automatically Detecting Implicit Control Flow Transitions through the Android Framework
Yinzhi Cao, Yanick Fratantonio, Antonio Bianchi, Manuel Egele, Christopher Kruegel, Giovanni Vigna, Yan Chen
In Proceedings of the Network and Distributed System Security Symposium (NDSS),
San Diego, CA, February 2015
[PDF]
Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications
EdgeMiner: Automatically Detecting Implicit Control Flow Transitions through the Android Framework
Yinzhi Cao, Yanick Fratantonio, Antonio Bianchi, Manuel Egele, Christopher Kruegel, Giovanni Vigna, Yan Chen
In Proceedings of the Network and Distributed System Security Symposium (NDSS),
San Diego, CA, February 2015
[PDF]
Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications
Proceedings of the Network and Distributed System
Security Symposium (NDSS),
San Diego, CA, February 2014
San Diego, CA, February 2014
[PDF]
Blacksheep: Detecting Compromised Hosts in Homogeneous Crowds
In Proceedings of the ACM Conference on Computer and Communications Security (CCS),
Raleigh, NC, October 2012
Raleigh, NC, October 2012
[PDF]
