Picture of Daniele

Daniele Cono D'Elia

I am a Tenure-track Assistant Professor in the Department of Computer, Control, and Management Engineering (DIAG) "Antonio Ruberti" at Sapienza University of Rome.

My work spans several fields of software and systems security, investigating how program analysis can improve the accuracy and efficiency of security policies. I specialize in special-purpose techniques for adversarial code (e.g., malware) and in code analyses and transformations to make software more secure.

I obtained my PhD in 2016 with a thesis on adaptive program optimization later published as a book. In 2014 I spent time as a visiting researcher at Purdue University working with Jan Vitek.

I had fun giving Black Hat talks (EU '19, EU '20, USA '21).

Teaching & Supervision

I enjoy working with highly motivated students at all stages of their academic career (BSc, MSc, PhD).

If you are interested in software and systems security research (malware, fuzzing, side channels, binary analysis, obfuscation, general program hardening) and you are up for a challenge, drop me a line. Some thesis project opportunities are listed in the Classroom page for the Malware Analysis course (if you are not enrolled, email me to receive the link to their descriptions).

Classes I taught recently:

I am currently (co-)supervising six PhD students in security and software analysis research: Cristian Assaiante, Nicola Bottura, Tiziano Colagrossi, Giorgia Di Pietro, Matteo Marini, and Giacomo Priamo. So far, I have worked with over 60 BSc and MSc students, an experience that rewarded me both professionally and personally. Several of them have received thesis awards:

  • Fabio Rosato (MSc, 2018, CLUSIT 1st prize)
  • Federico Palmaro (MSc, 2019, award from Italian intelligence agencies + CLUSIT 5th prize)
  • Cristian Assaiante (BSc, 2020, CLUSIT 1st prize)
  • Andrea Salvati (MSc, 2020, CLUSIT 5th prize)
  • Riccardo Chiaretti (MSc, 2021, award from Italian intelligence agencies)
  • Andrea Fioraldi (MSc, 2021, CLUSIT 2nd prize)
  • Lorenzo Invidia (MSc, 2022, CLUSIT 2nd prize)
  • Antonella Gioia Rodio (MSc, 2022, CLUSIT 3rd prize)
  • Giorgia Di Pietro (MSc, 2023, Camil Demetrescu thesis award)
  • Manuel Ivagnes (MSc, 2023, CLUSIT 4th prize)
  • Elia Boninsegna (MSc, 2024, CLUSIT 1st prize)

Service

Recent activities:

  • NDSS '25 & '24 (Artifact Evaluation Chair, PC), '23 (PC)
  • USENIX Security '24, '23 (PC)
  • CCS '24, '23 (PC), '22 (Posters)
  • S&P '26 (Associate Chair), '25 (PC), '21 (Shadow PC)
  • DIMVA '25, '24, '23, '22 (PC)
  • EuroSys '23 (Artifact Evaluation Chair), '22 (Shadow PC)
  • EUROSEC '25, '24, '23, '22, '21, 20 (PC)
  • ASSS '23 (PC)
  • ICCQ '23, '22 (PC)
  • EuroS&P '22 (Publication Chair)

I was humbled to receive the Distinguished Reviewer Award from NDSS '25 & '24, USENIX Security '24, and S&P '21 (Shadow PC), and the Noteworthy Reviewer Award from USENIX Security '23.

I am an Associate Editor for ACM Digital Threats: Research and Practice since 2023. I also co-edited with Lorenzo Cavallaro a Special Issue on Benefits and Outlook of Program Analysis for Systems Security with Computers & Security (2023).

Publications

  • Pfuzzer: Practical, Sound, and Effective Multi-path Analysis of Environment-sensitive Malware with Coverage-guided Fuzzing

    N. Bottura, D.C. D'Elia, L. Querzoni. IEEE EuroS&P 2025

  • QMSan: Efficiently Detecting Uninitialized Memory Errors During Fuzzing

    M. Marini, D.C. D'Elia, M. Payer, L. Querzoni. NDSS 2025 [PDF]

  • [J] Adversarial Attacks against Binary Similarity Systems

    G. Capozzi, D.C. D'Elia, G.A. Di Luna, L. Querzoni. IEEE Access 2024 [PDF]

  • [J] With Great Power Comes Great Responsibility: Security and Privacy Issues of Modern Browser Application Programming Interfaces

    H. Oz, D.C. D'Elia, G.S. Tuncay, A. Acar, R. Lazzeretti, S. Uluagac. IEEE Security and Privacy Magazine 2024 [preprint]

  • Evading Userland API Hooking, Again: Novel Attacks and a Principled Defense Method

    C. Assaiante, S. Nicchi, D.C. D'Elia, L. Querzoni. DIMVA 2024 [preprint]

  • Predictive Context-sensitive Fuzzing

    P. Borrello, A. Fioraldi, D.C. D'Elia, D. Balzarotti, L. Querzoni, C. Giuffrida. NDSS 2024 [PDF]

  • UNCONTAINED: Uncovering Container Confusion in the Linux Kernel

    J. Koschel, P. Borrello, D.C. D'Elia, H. Bos, C. Giuffrida. USENIX Security Symposium 2023 [PDF]

    Distinguished Artifact Award & Pwnie Award Nomination for Best Privilege Escalation

  • Where Did My Variable Go? Poking Holes in Incomplete Debug Information

    C. Assaiante, D.C. D'Elia, G.A. Di Luna, L. Querzoni. ACM ASPLOS 2023 [extended PDF]

  • Principled Composition of Function Variants for Dynamic Software Diversity and Program Protection

    G. Priamo, D.C. D'Elia, L. Querzoni. IEEE/ACM ASE 2022 [PDF]

  • Evaluating Dynamic Binary Instrumentation Systems for Conspicuous Features and Artifacts

    D.C. D'Elia, L. Invidia, F. Palmaro, L. Querzoni. Digital Threats: Research and Practice. ACM DTRAP (2022) [PDF]

  • Designing Robust API Monitoring Solutions

    D.C. D'Elia, S. Nicchi, M. Mariani, M. Marini, F. Palmaro. IEEE Transactions on Dependable and Secure Computing. TDSC (2021) [preprint]

  • Rope: Covert Multi-Process Malware Execution with Return-Oriented Programming

    D.C. D'Elia, L. Invidia, L. Querzoni. ESORICS 2021 [preprint] [BHUSA whitepaper]

  • The Use of Likely Invariants as Feedback for Fuzzers

    A. Fioraldi, D.C. D'Elia, D. Balzarotti. USENIX Security Symposium 2021 [PDF]

  • Constantine: Automatic Side-Channel Resistance Using Efficient Control and Data Flow Linearization

    P. Borrello, D.C. D'Elia, L. Querzoni, C. Giuffrida. ACM CCS 2021 [preprint]

  • Hiding in the Particles: When Return- Oriented Programming Meets Program Obfuscation

    P. Borrello, E. Coppa, D.C. D'Elia. IEEE/IFIP DSN 2021 [PDF]

  • Fuzzing Binaries for Memory Safety Errors with QASan

    A. Fioraldi, D.C. D'Elia, L. Querzoni. IEEE SecDev 2020 [PDF]

  • [B] New Techniques for Adaptive Program Optimization

    D.C. D'Elia. Sapienza University Press. 204 pages, ISBN 9788893771436. Winner of "Prize for PhD Thesis 2016" competition. [PDF]

  • WEIZZ: Automatic Grey-box Fuzzing for Structured Binary Formats

    A. Fioraldi, D.C. D'Elia, E. Coppa. ACM ISSTA 2020 [PDF]

  • [J] On the Dissection of Evasive Malware

    D.C. D'Elia, E. Coppa, F. Palmaro, L. Cavallaro. IEEE Transactions on Information Forensics and Security. TIFS 2020 [PDF]

  • [J] Memory Models in Symbolic Execution: Key Ideas and New Thoughts

    L. Borzacchiello, E. Coppa, D.C. D'Elia, C. Demetrescu. John Wiley & Sons. Journal of Software: Testing, Verification and Reliability. 2019 [PDF]

  • SymNav: Visually Assisting Symbolic Execution

    M. Angelini, G. Blasilli, L. Borzacchiello, E. Coppa, D.C. D'Elia, C. Demetrescu, S. Lenti, S. Nicchi, G. Santucci. IEEE VizSec 2019 [PDF]

  • SoK: Using Dynamic Binary Instrumentation for Security (And How You May Get Caught Red Handed)

    D.C. D'Elia, E. Coppa, S. Nicchi, F. Palmaro, L. Cavallaro. ACM ASIACCS 2019 [PDF]

  • Reconstructing C2 Servers for Remote Access Trojans with Symbolic Execution

    L. Borzacchiello, E. Coppa, D.C. D'Elia, C. Demetrescu. CSCML 2019 [PDF]

  • Static Analysis of ROP Code

    D.C. D'Elia, E. Coppa, A. Salvati, C. Demetrescu. ACM EUROSEC 2019 [PDF]

  • The ROP Needle: Hiding Trigger-based Injection Vectors via Code Reuse

    P. Borrello, E. Coppa, D.C. D'Elia, C. Demetrescu. ACM SAC 2019 [PDF]

  • ROPMate: Visually Assisting the Creation of ROP-based Exploits

    M. Angelini, G. Blasilli, P. Borrello, E. Coppa, D.C. D'Elia, S. Ferracci, S. Lenti, G. Santucci. Best Paper Award. IEEE VizSec 2018 [PDF]

  • On-Stack Replacement, Distilled

    D.C. D'Elia, C. Demetrescu. ACM PLDI 2018 [PDF]

  • [J] A Survey of Symbolic Execution Techniques

    R. Baldoni, E. Coppa, D.C. D'Elia, C. Demetrescu, I. Finocchi. ACM Computing Surveys. CSUR 2018 [PDF]

  • Rethinking Pointer Reasoning in Symbolic Execution

    E. Coppa, D.C. D'Elia, C. Demetrescu. IEEE/ACM ASE 2017 [PDF]

  • Assisting Malware Analysis with Symbolic Execution: A Case Study

    R. Baldoni, E. Coppa, D.C. D'Elia, C. Demetrescu. CSCML 2017 [PDF]

  • Flexible On-Stack Replacement in LLVM

    D.C. D'Elia, C. Demetrescu. IEEE/ACM CGO 2016 [PDF]

  • [J] Mining Hot Calling Contexts in Small Space

    D.C. D'Elia, C. Demetrescu, I. Finocchi. John Wiley & Sons. Software: Practice and Experience. 2015 [PDF]

  • Ball-Larus Path Profiling Across Multiple Loop Iterations

    D.C. D'Elia, C. Demetrescu. ACM OOPSLA 2013 [PDF]

  • Mining Hot Calling Contexts in Small Space

    D.C. D'Elia, C. Demetrescu, I. Finocchi. ACM PLDI 2011 [PDF]

Contact

  • Daniele Cono D'Elia
  • delia at diag dot uniroma1 dot it
  • Dept. of Computer, Control, and Management Engineering
    Room B111
    25 Via Ariosto
    00185 Rome, Italy

Social