Picture of Daniele

Daniele Cono D'Elia

I am a postdoctoral researcher and adjunct professor at Sapienza University of Rome. I am part of the cybersecurity research group led by Leonardo Querzoni and member of the CIS Sapienza research center. You can find my resume here.

I obtained my PhD in 2016 with a dissertation on adaptive program optimization techniques, later awarded and published as a book. In 2014 I have been a visiting scholar at Purdue University working with Jan Vitek.

My research involves software and systems security. I play with malware, code reuse attacks, monitoring solutions in presence of adversarial behavior, and program analyses and transformations to make programs more secure (e.g., fuzzing, sanitizers, automatic side channel elimination, code obfuscation).

Out of dumb luck, I often speak at Black Hat (EU 2019, EU 2020, USA 2021). I was also behind CyberChallenge.IT in its early days. I'm a road cyclist and traveler.

Teaching

I enjoy supervising highly motivated students in thesis projects on open research problems. If you are interested in software and systems security topics (non-exhaustive list: malware, ROP, obfuscation, fuzzing, side channels, binary analysis) and you are up for a challenge do not hesitate to drop me a line.

Classes I taught as adjunct professor:

I have also been organizing and teaching an introductory course for PhD students: Thinking outside the box: Adversarial behavior and unconventional attack vectors from security research (2021). The course touches on software and systems security principles and covers a few trending topics.

Since obtaining my PhD I have supervised or co-supervised about 45 candidates. Among my former students, four won awards for their theses: Fabio Rosato (MSc, 2018, CLUSIT 1st prize), Federico Palmaro (MSc, 2019, CLUSIT 5th prize, Award from the Italian intelligence agencies), Cristian Assaiante (BSc, 2020, CLUSIT 1st prize) and Andrea Salvati (MSc, 2020, CLUSIT 5th prize). Eight have co-authored scientific papers on their thesis topics.

Service

I had the honor of serving for:

Publications

  • The Use of Likely Invariants as Feedback for Fuzzers

    A. Fioraldi, D.C. D'Elia, D. Balzarotti. USENIX Security Symposium 2021 [PDF]

  • Constantine: Automatic Side-Channel Resistance Using Efficient Control and Data Flow Linearization

    P. Borrello, D.C. D'Elia, L. Querzoni, C. Giuffrida. ACM CCS 2021 [PDF]

  • Hiding in the Particles: When Return- Oriented Programming Meets Program Obfuscation

    P. Borrello, E. Coppa, D.C. D'Elia. IEEE/IFIP DSN 2021 [PDF]

  • Fuzzing Binaries for Memory Safety Errors with QASan

    A. Fioraldi, D.C. D'Elia, L. Querzoni. IEEE SecDev 2020 [PDF]

  • [B] New Techniques for Adaptive Program Optimization

    D.C. D'Elia. Sapienza University Press. 204 pages, ISBN 9788893771436. Winner of "Prize for PhD Thesis 2016" competition. [PDF]

  • WEIZZ: Automatic Grey-box Fuzzing for Structured Binary Formats

    A. Fioraldi, D.C. D'Elia, E. Coppa. ACM ISSTA 2020 [PDF]

  • [J] On the Dissection of Evasive Malware

    D.C. D'Elia, E. Coppa, F. Palmaro, L. Cavallaro. IEEE Transactions on Information Forensics and Security. TIFS 2020 [PDF]

  • [J] Memory Models in Symbolic Execution: Key Ideas and New Thoughts

    L. Borzacchiello, E. Coppa, D.C. D'Elia, C. Demetrescu. John Wiley & Sons. Journal of Software: Testing, Verification and Reliability. 2019 [PDF]

  • SymNav: Visually Assisting Symbolic Execution

    M. Angelini, G. Blasilli, L. Borzacchiello, E. Coppa, D.C. D'Elia, C. Demetrescu, S. Lenti, S. Nicchi, G. Santucci. IEEE VizSec 2019 [PDF]

  • SoK: Using Dynamic Binary Instrumentation for Security (And How You May Get Caught Red Handed)

    D.C. D'Elia, E. Coppa, S. Nicchi, F. Palmaro, L. Cavallaro. ACM ASIACCS 2019 [PDF]

  • Reconstructing C2 Servers for Remote Access Trojans with Symbolic Execution

    L. Borzacchiello, E. Coppa, D.C. D'Elia, C. Demetrescu. CSCML 2019 [PDF]

  • Static Analysis of ROP Code

    D.C. D'Elia, E. Coppa, A. Salvati, C. Demetrescu. ACM EUROSEC 2019 [PDF]

  • The ROP Needle: Hiding Trigger-based Injection Vectors via Code Reuse

    P. Borrello, E. Coppa, D.C. D'Elia, C. Demetrescu. ACM SAC 2019 [PDF]

  • ROPMate: Visually Assisting the Creation of ROP-based Exploits

    M. Angelini, G. Blasilli, P. Borrello, E. Coppa, D.C. D'Elia, S. Ferracci, S. Lenti, G. Santucci. Best Paper Award. IEEE VizSec 2018 [PDF]

  • On-Stack Replacement, Distilled

    D.C. D'Elia, C. Demetrescu. ACM PLDI 2018 [PDF]

  • [J] A Survey of Symbolic Execution Techniques

    R. Baldoni, E. Coppa, D.C. D'Elia, C. Demetrescu, I. Finocchi. ACM Computing Surveys. CSUR 2018 [PDF]

  • Rethinking Pointer Reasoning in Symbolic Execution

    E. Coppa, D.C. D'Elia, C. Demetrescu. IEEE/ACM ASE 2017 [PDF]

  • Assisting Malware Analysis with Symbolic Execution: A Case Study

    R. Baldoni, E. Coppa, D.C. D'Elia, C. Demetrescu. CSCML 2017 [PDF]

  • Flexible On-Stack Replacement in LLVM

    D.C. D'Elia, C. Demetrescu. IEEE/ACM CGO 2016 [PDF]

  • [J] Mining Hot Calling Contexts in Small Space

    D.C. D'Elia, C. Demetrescu, I. Finocchi. John Wiley & Sons. Software: Practice and Experience. 2015 [PDF]

  • Ball-Larus Path Profiling Across Multiple Loop Iterations

    D.C. D'Elia, C. Demetrescu. ACM OOPSLA 2013 [PDF]

  • Mining Hot Calling Contexts in Small Space

    D.C. D'Elia, C. Demetrescu, I. Finocchi. ACM PLDI 2011 [PDF]

Contact

  • Daniele Cono D'Elia
  • delia at diag dot uniroma1 dot it
  • Dept. of Computer, Control, and Management Engineering
    Room B118
    25 Via Ariosto
    00185 Rome, Italy

Social