Publications

See my full list of publications and citations on Google Scholar



Exploitation and Mitigation of Authentication Schemes Based on Device-Public Information (to appear)
Antonio Bianchi, Eric Gustafson, Yanick Fratantonio, Christopher Kruegel, Giovanni Vigna
In Proceedings of the Annual Computer Security Applications Conference (ACSAC)

BootStomp: On the Security of Bootloaders in Mobile Devices
Nilo Redini, Aravind Machiry, Dipanjan Das, Yanick Fratantonio, Antonio Bianchi, Eric Gustafson, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna
In Proceedings of the USENIX Security Symposium (Usenix SEC)
Vancouver, Canada, August, 2017
[PDF]

BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments
Aravind Machiry, Eric Gustafson, Chad Spensky, Chris Salls, Nick Stephens, Ruoyu Wang, Antonio Bianchi, Yung Ryn Choe, Christopher Kruegel, Giovanni Vigna
In Proceedings of the Network and Distributed System Security Symposium (NDSS)
San Diego, CA, February, 2017
[PDF]

Ramblr: Making Reassembly Great Again
Ruoyu Wang, Yan Shoshitaishvili, Antonio Bianchi, Aravind Machiry, John Grosen, Paul Grosen, Christopher Kruegel, Giovanni Vigna
In Proceedings of the Network and Distributed System Security Symposium (NDSS)
San Diego, CA, February, 2017 
Distinguished Paper Award
[PDF]

Cyber Grand Shellphish
Antonio Bianchi, Kevin Borgolte, Jacopo Corbetta, Francesco Disperati, Andrew Dutcher, John Grosen, Paul Grosen, Aravind Machiry, Christopher Salls, Yan Shoshitaishvili, Nick Stephens, Giovanni Vigna, Ruoyu Wang (Authors listed alphabetically)
In Phrack Magazine
[link]

TriggerScope: Towards Detecting Logic Bombs in Android Apps 
Yanick Fratantonio, Antonio Bianchi, William Robertson, Engin Kirda, Christopher Kruegel, Giovanni Vigna 
In Proceedings of the IEEE Symposium on Security and Privacy (SP),
San Jose, CA, May, 2016 
[PDF]

Going Native: Using a Large-Scale Analysis of Android Apps to Create a Practical Native-Code Sandboxing Policy
Vitor Afonso, Antonio Bianchi, Yanick Fratantonio, Adam Doupe, Mario Polino, Paulo de Geus, Christopher Kruegel, Giovanni Vigna 
In Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS),
San Diego, CA, February, 2016
[PDF]

NJAS: Sandboxing Unmodified Applications in non-rooted Devices Running Stock Android
Antonio Bianchi, Yanick Fratantonio, Christopher Kruegel, Giovanni Vigna
In
Proceedings of the ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM),
Denver, CO, October, 2015
[PDF]

BareDroid: Large-Scale Analysis of Android Apps on Real Devices 
Simone Mutti, Yanick Fratantonio, Antonio Bianchi, Luca Invernizzi, Jacopo Corbetta, Dhilung Kirat, Christopher Kruegel, Giovanni Vigna 
In Proceedings of the Annual Computer Security Applications Conference (ACSAC),
Los Angeles, CA, December, 2015 
[PDF]

CLAPP: Characterizing Loops in Android Applications
Yanick Fratantonio, Aravind Machiry, Antonio Bianchi, Christopher Kruegel, Giovanni Vigna
In Proceedings of the Symposium on the Foundations of Software Engineering (FSE),

Bergamo, Italy, August 2015
[PDF]

CLAPP: Characterizing Loops in Android Applications (Invited Talk)
Yanick Fratantonio, Aravind Machiry, Antonio Bianchi, Christopher Kruegel, Giovanni Vigna
In Proceedings of International Workshop on Software Development Lifecycle for Mobile (DeMobile),
Bergamo, Italy, August, 2015
[PDF]

On the Security and Engineering Implications of Finer-Grained Access Controls for Android Developers and Users 
Yanick Fratantonio, Antonio Bianchi, William Robertson, Manuel Egele, Christopher Kruegel, Engin Kirda, Giovanni Vigna 
In Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA),
Milan, Italy, July 2015
[PDF]

What the App is That? Deception and Countermeasures in the Android User Interface
Antonio Bianchi, Jacopo Corbetta, Luca Invernizzi, Yanick Fratantonio, Christopher Kruegel, Giovanni Vigna  
In Proceedings of the IEEE Symposium on Security and Privacy (S&P),
San Jose, CA, May 2015
[PDF]

EdgeMiner: Automatically Detecting Implicit Control Flow Transitions through the Android Framework
Yinzhi Cao, Yanick Fratantonio, Antonio Bianchi, Manuel Egele, Christopher Kruegel, Giovanni Vigna, Yan Chen
In Proceedings of the Network and Distributed System Security Symposium (NDSS),
San Diego, CA,
February 2015
 
[PDF]

Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications 
Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel, Giovanni Vigna
In  Proceedings of the Network and Distributed System Security Symposium (NDSS),
San Diego, CA, February 2014
[PDF]

Blacksheep: Detecting Compromised Hosts in Homogeneous Crowds 
Antonio Bianchi, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna  
In Proceedings of the ACM Conference on Computer and Communications Security (CCS),
Raleigh, NC, October 2012
[PDF]