Daniele Cono D'Elia
I am a Tenure-track Assistant Professor with the Department of Computer, Control, and Management Engineering (DIAG) "Antonio Ruberti" at Sapienza University of Rome. I am part of the research group led by Leonardo Querzoni and of the CIS Sapienza Research Center of Cyber Intelligence and Information Security.
My work spans several fields of software and systems security, investigating how program analysis can improve accuracy and performance of security policies. I play with malware, monitoring solutions in presence of adversaries, and code analyses and transformations to make software more secure.
I obtained my PhD in 2016 with a thesis on adaptive program optimization later published as a book. In 2014 I was a visiting researcher at Purdue University working with Jan Vitek.
I had a lot of fun giving Black Hat talks (EU '19, EU '20, USA '21).
Teaching
I enjoy supervising highly motivated students. If you are interested in software and systems security research (malware, fuzzing, side channels, binary analysis, obfuscation, general program hardening) and you are up for a challenge, drop me a line.
Classes I taught:
- Malware Analysis and Incident Forensics (Fall 2018-2024)
- Laboratorio di Applicazioni Sofware e Sicurezza Informatica 🇮🇹 (Spring 2023, 2024)
- Sistemi di Elaborazione delle Informazioni (Informatica medica) 🇮🇹 (Spring 2023, 2024)
- Sistemi di Calcolo 🇮🇹 (Fall 2016, Spring 2018, Spring 2024)
- Thinking outside the box: Adversarial behavior and unconventional attack vectors from security research (PhD-level course; editions: 2021, 2022, 2023)
I have worked so far with 60+ students. They rewarded me both on a professional and human level, making me proud of their achievements. Nine of them co-authored scientific papers on their thesis or Honors program topics. Several won thesis awards:
- Fabio Rosato (MSc, 2018, CLUSIT 1st prize)
- Federico Palmaro (MSc, 2019, award from Italian intelligence agencies + CLUSIT 5th prize)
- Cristian Assaiante (BSc, 2020, CLUSIT 1st prize)
- Andrea Salvati (MSc, 2020, CLUSIT 5th prize)
- Riccardo Chiaretti (MSc, 2021, award from Italian intelligence agencies)
- Andrea Fioraldi (MSc, 2021, CLUSIT 2nd prize)
- Lorenzo Invidia (MSc, 2022, CLUSIT 2nd prize)
- Antonella Gioia Rodio (MSc, 2022, CLUSIT 3rd prize)
- Giorgia Di Pietro (MSc, 2023, Camil Demetrescu thesis award)
- Manuel Ivagnes (MSc, 2023, CLUSIT 4th prize)
Service
Recent activities:
- NDSS '25 & '24 (Artifact Evaluation Chair, PC), '23 (PC)
- USENIX Security '24, '23 (PC)
- CCS '24, '23 (PC), '22 (Posters)
- S&P '25 (PC), '21 (Shadow PC)
- DIMVA '24, '23, '22 (PC)
- EuroSys '23 (Artifact Evaluation Chair), '22 (Shadow PC)
- EUROSEC '24, '23, '22, '21, 20 (PC)
- ASSS '23 (PC)
- ICCQ '23, '22 (PC)
- EuroS&P '22 (Publication Chair)
I was humbled to receive the Distinguished Reviewer Award from NDSS '24, USENIX Security '24, and S&P '21 (Shadow PC), and the Noteworthy Reviewer Award from USENIX Security '23.
I am an Associate Editor for ACM Digital Threats: Research and Practice since 2023. I also co-edited with Lorenzo Cavallaro a Special Issue on Benefits and Outlook of Program Analysis for Systems Security with Computers & Security (2023).
Publications
-
[J] With Great Power Comes Great Responsibility: Security and Privacy Issues of Modern Browser Application Programming Interfaces
H. Oz, D.C. D'Elia, G.S. Tuncay, A. Acar, R. Lazzeretti, S. Uluagac. IEEE Security and Privacy Magazine 2024 [preprint]
-
Evading Userland API Hooking, Again: Novel Attacks and a Principled Defense Method
C. Assaiante, S. Nicchi, D.C. D'Elia, L. Querzoni. DIMVA 2024 [preprint]
-
Predictive Context-sensitive Fuzzing
P. Borrello, A. Fioraldi, D.C. D'Elia, D. Balzarotti, L. Querzoni, C. Giuffrida. NDSS 2024 [PDF]
-
UNCONTAINED: Uncovering Container Confusion in the Linux Kernel
J. Koschel, P. Borrello, D.C. D'Elia, H. Bos, C. Giuffrida. USENIX Security Symposium 2023 [PDF]
Distinguished Artifact Award & Pwnie Award Nomination for Best Privilege Escalation
-
Where Did My Variable Go? Poking Holes in Incomplete Debug Information
C. Assaiante, D.C. D'Elia, G.A. Di Luna, L. Querzoni. ACM ASPLOS 2023 [extended PDF]
-
Principled Composition of Function Variants for Dynamic Software Diversity and Program Protection
G. Priamo, D.C. D'Elia, L. Querzoni. IEEE/ACM ASE 2022 [PDF]
-
Evaluating Dynamic Binary Instrumentation Systems for Conspicuous Features and Artifacts
D.C. D'Elia, L. Invidia, F. Palmaro, L. Querzoni. Digital Threats: Research and Practice. ACM DTRAP (2022) [PDF]
-
Designing Robust API Monitoring Solutions
D.C. D'Elia, S. Nicchi, M. Mariani, M. Marini, F. Palmaro. IEEE Transactions on Dependable and Secure Computing. TDSC (2021) [preprint]
-
Rope: Covert Multi-Process Malware Execution with Return-Oriented Programming
D.C. D'Elia, L. Invidia, L. Querzoni. ESORICS 2021 [preprint] [BHUSA whitepaper]
-
The Use of Likely Invariants as Feedback for Fuzzers
A. Fioraldi, D.C. D'Elia, D. Balzarotti. USENIX Security Symposium 2021 [PDF]
-
Constantine: Automatic Side-Channel Resistance Using Efficient Control and Data Flow Linearization
P. Borrello, D.C. D'Elia, L. Querzoni, C. Giuffrida. ACM CCS 2021 [preprint]
-
Hiding in the Particles: When Return- Oriented Programming Meets Program Obfuscation
P. Borrello, E. Coppa, D.C. D'Elia. IEEE/IFIP DSN 2021 [PDF]
-
Fuzzing Binaries for Memory Safety Errors with QASan
A. Fioraldi, D.C. D'Elia, L. Querzoni. IEEE SecDev 2020 [PDF]
-
[B] New Techniques for Adaptive Program Optimization
D.C. D'Elia. Sapienza University Press. 204 pages, ISBN 9788893771436. Winner of "Prize for PhD Thesis 2016" competition. [PDF]
-
WEIZZ: Automatic Grey-box Fuzzing for Structured Binary Formats
A. Fioraldi, D.C. D'Elia, E. Coppa. ACM ISSTA 2020 [PDF]
-
[J] On the Dissection of Evasive Malware
D.C. D'Elia, E. Coppa, F. Palmaro, L. Cavallaro. IEEE Transactions on Information Forensics and Security. TIFS 2020 [PDF]
-
[J] Memory Models in Symbolic Execution: Key Ideas and New Thoughts
L. Borzacchiello, E. Coppa, D.C. D'Elia, C. Demetrescu. John Wiley & Sons. Journal of Software: Testing, Verification and Reliability. 2019 [PDF]
-
SymNav: Visually Assisting Symbolic Execution
M. Angelini, G. Blasilli, L. Borzacchiello, E. Coppa, D.C. D'Elia, C. Demetrescu, S. Lenti, S. Nicchi, G. Santucci. IEEE VizSec 2019 [PDF]
-
SoK: Using Dynamic Binary Instrumentation for Security (And How You May Get Caught Red Handed)
D.C. D'Elia, E. Coppa, S. Nicchi, F. Palmaro, L. Cavallaro. ACM ASIACCS 2019 [PDF]
-
Reconstructing C2 Servers for Remote Access Trojans with Symbolic Execution
L. Borzacchiello, E. Coppa, D.C. D'Elia, C. Demetrescu. CSCML 2019 [PDF]
-
Static Analysis of ROP Code
D.C. D'Elia, E. Coppa, A. Salvati, C. Demetrescu. ACM EUROSEC 2019 [PDF]
-
The ROP Needle: Hiding Trigger-based Injection Vectors via Code Reuse
P. Borrello, E. Coppa, D.C. D'Elia, C. Demetrescu. ACM SAC 2019 [PDF]
-
ROPMate: Visually Assisting the Creation of ROP-based Exploits
M. Angelini, G. Blasilli, P. Borrello, E. Coppa, D.C. D'Elia, S. Ferracci, S. Lenti, G. Santucci. Best Paper Award. IEEE VizSec 2018 [PDF]
-
On-Stack Replacement, Distilled
D.C. D'Elia, C. Demetrescu. ACM PLDI 2018 [PDF]
-
[J] A Survey of Symbolic Execution Techniques
R. Baldoni, E. Coppa, D.C. D'Elia, C. Demetrescu, I. Finocchi. ACM Computing Surveys. CSUR 2018 [PDF]
-
Rethinking Pointer Reasoning in Symbolic Execution
E. Coppa, D.C. D'Elia, C. Demetrescu. IEEE/ACM ASE 2017 [PDF]
-
Assisting Malware Analysis with Symbolic Execution: A Case Study
R. Baldoni, E. Coppa, D.C. D'Elia, C. Demetrescu. CSCML 2017 [PDF]
-
Flexible On-Stack Replacement in LLVM
D.C. D'Elia, C. Demetrescu. IEEE/ACM CGO 2016 [PDF]
-
[J] Mining Hot Calling Contexts in Small Space
D.C. D'Elia, C. Demetrescu, I. Finocchi. John Wiley & Sons. Software: Practice and Experience. 2015 [PDF]
-
Ball-Larus Path Profiling Across Multiple Loop Iterations
D.C. D'Elia, C. Demetrescu. ACM OOPSLA 2013 [PDF]
-
Mining Hot Calling Contexts in Small Space
D.C. D'Elia, C. Demetrescu, I. Finocchi. ACM PLDI 2011 [PDF]
Contact
- Daniele Cono D'Elia
- delia at diag dot uniroma1 dot it
-
Dept. of Computer, Control, and Management Engineering
Room B111
25 Via Ariosto
00185 Rome, Italy