-
Pfuzzer: Practical, Sound, and Effective Multi-path Analysis of Environment-sensitive Malware with Coverage-guided Fuzzing
N. Bottura, D.C. D'Elia, L. Querzoni. IEEE EuroS&P 2025
-
QMSan: Efficiently Detecting Uninitialized Memory Errors During Fuzzing
M. Marini, D.C. D'Elia, M. Payer, L. Querzoni. NDSS 2025 [PDF]
-
[J] Adversarial Attacks against Binary Similarity Systems
G. Capozzi, D.C. D'Elia, G.A. Di Luna, L. Querzoni. IEEE Access 2024 [PDF]
-
[J] With Great Power Comes Great Responsibility: Security and Privacy Issues of Modern Browser Application Programming Interfaces
H. Oz, D.C. D'Elia, G.S. Tuncay, A. Acar, R. Lazzeretti, S. Uluagac. IEEE Security and Privacy Magazine 2024 [preprint]
-
Evading Userland API Hooking, Again: Novel Attacks and a Principled Defense Method
C. Assaiante, S. Nicchi, D.C. D'Elia, L. Querzoni. DIMVA 2024 [preprint]
-
Predictive Context-sensitive Fuzzing
P. Borrello, A. Fioraldi, D.C. D'Elia, D. Balzarotti, L. Querzoni, C. Giuffrida. NDSS 2024 [PDF]
-
UNCONTAINED: Uncovering Container Confusion in the Linux Kernel
J. Koschel, P. Borrello, D.C. D'Elia, H. Bos, C. Giuffrida. USENIX Security Symposium 2023 [PDF]
Distinguished Artifact Award & Pwnie Award Nomination for Best Privilege Escalation
-
Where Did My Variable Go? Poking Holes in Incomplete Debug Information
C. Assaiante, D.C. D'Elia, G.A. Di Luna, L. Querzoni. ACM ASPLOS 2023 [extended PDF]
-
Principled Composition of Function Variants for Dynamic Software Diversity and Program Protection
G. Priamo, D.C. D'Elia, L. Querzoni. IEEE/ACM ASE 2022 [PDF]
-
Evaluating Dynamic Binary Instrumentation Systems for Conspicuous Features and Artifacts
D.C. D'Elia, L. Invidia, F. Palmaro, L. Querzoni. Digital Threats: Research and Practice. ACM DTRAP (2022) [PDF]
-
Designing Robust API Monitoring Solutions
D.C. D'Elia, S. Nicchi, M. Mariani, M. Marini, F. Palmaro. IEEE Transactions on Dependable and Secure Computing. TDSC (2021) [preprint]
-
Rope: Covert Multi-Process Malware Execution with Return-Oriented Programming
D.C. D'Elia, L. Invidia, L. Querzoni. ESORICS 2021 [preprint] [BHUSA whitepaper]
-
The Use of Likely Invariants as Feedback for Fuzzers
A. Fioraldi, D.C. D'Elia, D. Balzarotti. USENIX Security Symposium 2021 [PDF]
-
Constantine: Automatic Side-Channel Resistance Using Efficient Control and Data Flow Linearization
P. Borrello, D.C. D'Elia, L. Querzoni, C. Giuffrida. ACM CCS 2021 [preprint]
-
Hiding in the Particles: When Return- Oriented Programming Meets Program Obfuscation
P. Borrello, E. Coppa, D.C. D'Elia. IEEE/IFIP DSN 2021 [PDF]
-
Fuzzing Binaries for Memory Safety Errors with QASan
A. Fioraldi, D.C. D'Elia, L. Querzoni.
IEEE SecDev 2020 [PDF]
-
[B] New Techniques for Adaptive Program Optimization
D.C. D'Elia.
Sapienza University Press. 204 pages, ISBN 9788893771436. Winner of "Prize for PhD Thesis 2016" competition. [PDF]
-
WEIZZ: Automatic Grey-box Fuzzing for Structured Binary Formats
A. Fioraldi, D.C. D'Elia, E. Coppa.
ACM ISSTA 2020 [PDF]
-
[J] On the Dissection of Evasive Malware
D.C. D'Elia, E. Coppa, F. Palmaro, L. Cavallaro.
IEEE Transactions on Information Forensics and Security. TIFS 2020 [PDF]
-
[J] Memory Models in Symbolic Execution: Key Ideas and New Thoughts
L. Borzacchiello, E. Coppa, D.C. D'Elia, C. Demetrescu.
John Wiley & Sons. Journal of Software: Testing, Verification and Reliability. 2019 [PDF]
-
SymNav: Visually Assisting Symbolic Execution
M. Angelini, G. Blasilli, L. Borzacchiello, E. Coppa, D.C. D'Elia, C. Demetrescu, S. Lenti, S. Nicchi, G. Santucci.
IEEE VizSec 2019 [PDF]
-
SoK: Using Dynamic Binary Instrumentation for Security (And How You May Get Caught Red Handed)
D.C. D'Elia, E. Coppa, S. Nicchi, F. Palmaro, L. Cavallaro. ACM ASIACCS 2019 [PDF]
-
Reconstructing C2 Servers for Remote Access Trojans with Symbolic Execution
L. Borzacchiello, E. Coppa, D.C. D'Elia, C. Demetrescu. CSCML 2019 [PDF]
-
Static Analysis of ROP Code
D.C. D'Elia, E. Coppa, A. Salvati, C. Demetrescu. ACM EUROSEC 2019 [PDF]
-
The ROP Needle: Hiding Trigger-based Injection Vectors via Code Reuse
P. Borrello, E. Coppa, D.C. D'Elia, C. Demetrescu. ACM SAC 2019 [PDF]
-
ROPMate: Visually Assisting the Creation of ROP-based Exploits
M. Angelini, G. Blasilli, P. Borrello, E. Coppa, D.C. D'Elia, S. Ferracci, S. Lenti, G. Santucci.
Best Paper Award. IEEE VizSec 2018 [PDF]
-
On-Stack Replacement, Distilled
D.C. D'Elia, C. Demetrescu. ACM PLDI 2018 [PDF]
-
[J] A Survey of Symbolic Execution Techniques
R. Baldoni, E. Coppa, D.C. D'Elia, C. Demetrescu, I. Finocchi. ACM Computing Surveys. CSUR 2018 [PDF]
-
Rethinking Pointer Reasoning in Symbolic Execution
E. Coppa, D.C. D'Elia, C. Demetrescu. IEEE/ACM ASE 2017 [PDF]
-
Assisting Malware Analysis with Symbolic Execution: A Case Study
R. Baldoni, E. Coppa, D.C. D'Elia, C. Demetrescu. CSCML 2017 [PDF]
-
Flexible On-Stack Replacement in LLVM
D.C. D'Elia, C. Demetrescu. IEEE/ACM CGO 2016 [PDF]
-
[J] Mining Hot Calling Contexts in Small Space
D.C. D'Elia, C. Demetrescu, I. Finocchi. John Wiley & Sons. Software: Practice and Experience. 2015 [PDF]
-
Ball-Larus Path Profiling Across Multiple Loop Iterations
D.C. D'Elia, C. Demetrescu. ACM OOPSLA 2013 [PDF]
-
Mining Hot Calling Contexts in Small Space
D.C. D'Elia, C. Demetrescu, I. Finocchi. ACM PLDI 2011 [PDF]