BIO

I'm a Research at Eurecom Graduate School and Research Center, located in Sophia Antipolis on the French riviera. I am interested in several aspects of Computer Security. In particular, my main area of research deals with Host Intrusion Detection Systems (HIDS), memory error exploits, reverse engineering and malware. In the last two years I mainly studied the application of emulation/virtualization and compiler techniques for malware analysis and detection. I’m currently working on designing systems to analyze and detect rootkit malware and reversing emulator techniques. I'm also interested on a new security aspects regard smartphone devices and web security.
Here's my Google Scholar Profile.

Research Activities

    Researcher Since Apr 2010, I am a Researcher in the Computer Security Lab of the Eurecom Institute, Sophia Antipolis , France EU
    Post Doctoral Fellow 2009 Since Apr 2010, I am a Post Doctoral Researcher in the Computer Security Lab of the Eurecom Institute, Sophia Antipolis , French EU, working with Prof. Engin Kirda.
    Employed as a Visiting Ph.D student at Georgia Tech 2008 Since February 2009 I’m employed as visiting PhD student at Georgia Tech University GATech (GA) USA, In the GTISC Lab lead by Prof. Wenke Lee.
    Visiting Ph.D student at Georgia Tech 2007 In 2008 I have been visiting PhD student at Georgia Tech University GATech (GA) USA, In the GTISC Lab lead by Prof. Wenke Lee.
    Ph.D. degree in computer science 2008 Ph.D. degree in Computer Science at Dipartimento di Informatica e Comunicazione (DICO) – Universita` degli Studi di Milano. Advisor Prof. Wenke Lee

Professional Activities

Member Program Committee of International Conferences

    16th International Symposium On Research in Attacks, Intrusions and Defenses (RAID) 2013
    10th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA) 2013
    European Workshop on System Security (EUROSEC) 2013
    15th International Symposium On Research in Attacks, Intrusions and Defenses (RAID) 2012
    9th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA) 2012
    7th International Conference on Availability, Reliability and Security (ARES) 2012
    European Workshop on System Security (EUROSEC) 2012
    European Workshop on System Security (EUROSEC) 2011
    European Workshop on System Security (EUROSEC) 2010
    EC2ND 2011 the Sixth European Conference on Computer Network Defense
    EC2ND 2010 the Sixth European Conference on Computer Network Defense
    SecSE 2010 Fourth International Workshop on Secure Software Engineering
    CIW 2010 The Fifth International Conference on Internet and Web Applications and Services.

Reviewing for Journals

    ACM Transactions on Embedded Computing Systems (TECS)
    IEEE Transactions on Dependable and Secure Computing (TDSC)
    ACM Transactions on Internet Technology (TOIT)

Publications & Journals

    [22] Mariano Graziano, Andrea Lanzi and Davide Balzarotti."Hypervisor Memory Forensics" 16th Conference Research in Attacks, Intrusions and Defenses, RAID 2013, St. Lucia
    [ Download |  bibtex]
    [21] Babak Rahbarinia, Roberto Perdisci, Andrea Lanzi, Kang Li. "PeerRush: Mining for Unwanted P2P Traffic". 10th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, DIMVA 2013, Berlin, Germany [to appear]
    [20] Davide Canali, Andrea Lanzi, Davide Balzarotti, Christopher Kruegel, Mihai Christodorescu, Engin Kirda A Quantitative Study of Accuracy in System Call-Based Malware Detection - ISSTA 2012
    [ Download |  bibtex]
    [19] Abhinav Srivastava, Andrea Lanzi, Jonathon Giffin, Davide Balzarotti "Operating System Interface Obfuscation and the Revealing of Hidden Operations" 8th Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA) - Amsterdam, July 2011
    [ Download |  bibtex]
    [18] Leyla Bilge, Andrea Lanzi, Davide Balzarotti "Thwarting Real-Time Dynamic Unpacking" European Workshop on System Security (EUROSEC) - Salzburg, April 2011
    [ Download |  bibtex]
    [17] Kaan Onarlioglu, Leyla Bilge, Andrea Lanzi, Davide Balzarotti, Engin Kirda "G-free: Defeating Return-oriented Programming Through Gadget-less Binaries" In Proceedings of 26th Annual Computer Security Applications Conference (ACSAC 2010) Austin, Texas, USA
    [ Download |  bibtex]
    [16] Andrea Lanzi, Davide Balzarotti, Christopher Kruegel, Mihai Christoderescu, Engin Kirda "AccessMiner: Using System-Centric Models for Malware Protection", In Proceedings of 17th ACM Conference on Computer and Communications Security (CCS 2010) , CCS 2010 Chicago.
    [ Download |  bibtex]
    [15] Monirul Sharif, Wenke Lee, Weidong Cui, Andrea Lanzi "Secure In-VM Monitoring Using Hardware Virtualization" In Proceedings of 16th ACM Conference on Computer and Communications Security (CCS 2009) , CCS 2009 Chicago
    [ Download |  bibtex]
    [14] Monirul Sharif, Andrea Lanzi, Jonathon Giffin, and Wenke Lee "Automatic Reverse Engineering of Malware Emulators" In Proceedings of The 2009 IEEE Symposium on Security and Privacy (Oakland 09), Oakland, CA, May 2009. (Best Student Paper Award)
    [ Download |  bibtex]
    [13] Andrea Lanzi, Monirul Sharif and Wenke Lee "K-Tracer: A System for Extracting Kernel Malware Behavior" In the Proceedings of the 16th Annual Network and Distributed System Security Symposium (NDSS'09), San Diego, CA, February 2009
    [ Download |  bibtex]
    [12] Roberto Perdisci, Andrea Lanzi, Wenke Lee "McBoost: Boosting Scalability in Malware Collection and Analysis Using Statistical Classification of Executables", In the Proceedings of Annual Computer Security Applications Conference, (ACSAC 2008). Anaheim California USA
    [ Download |  bibtex]
    [11] Monirul Sharif, Andrea Lanzi, Jonathon Giffin and Wenke Lee "Impeding Malware Analysis Using Conditional Code Obfuscation", In the Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS'08), San Diego, CA, February 2008
    [ Download |  bibtex]
    [10] Abhinav Srivastava, Andrea Lanzi and Jonathon Giffin "System Call API Obfuscation (Extended Abstract)", In Proceedings of the 11th International Symposium on Recent Advances in Intrusion Detection (RAID 2008) , Cambridge, Massachusetts, USA 2008
    [ Download |  bibtex]
    [9] Lorenzo Cavallaro, Andrea Lanzi, Luca Mayer, and Mattia Monga "LISABETH: Automated Content-Based Signatures Generator for Zero-day Polymorphic Worms", International Workshop on Software Engineering for Secure Systems (SESS'08) 2008, Berlin, EU
    [ Download |  bibtex]
    [8] Danilo Bruschi, Lorenzo Cavallaro, Andrea Lanzi "Static Analysis on x86 Executable for Preventing Automatic Mimicry Attacks", In the Proceedings of the International Conference IEEE, (DIMVA 2007) Lucerne Switzerland July 12-13 2007
    [ Download |  bibtex]
    [7] Andrea Lanzi, Lorenzo Martignoni, Mattia Monga, Roberto Paleari "A Smart Fuzzer for x86 Executables", In the Proceedings of the 3rd International Workshop on Software Engineering for Secure Systems (SESS07) 2007, Minneapolis, USA.
    [ Download |  bibtex]
    [6] Danilo Bruschi, Lorenzo Cavallaro, and Andrea Lanzi "An Efficient Technique for Preventing Mimicry and Impossible Paths Execution Attacks", In the Proceedings of the 3rd International Workshop on Information Assurance IEEE(WIA 2007), April 11-13, 2007, New Orleans, Louisiana, USA
    [ Download |  bibtex]
    [5] Danilo Bruschi, Lorenzo Cavallaro, and Andrea Lanzi "Diversified Process Replicae for Defeating Memory Error Exploits", In the Proceedings of the 3rd International Workshop on Information Assurance IEEE (WIA 2007), April 11-13, 2007, New Orleans, Louisiana, USA.
    [ Download |  bibtex]
    [4] D.Bruschi, L. Cavallaro, A. Lanzi, M.Monga "Replay Attack in the TCG Specification and a Solution", In the Proceedings of 21th Annual Computer Security Application Conference (ACSAC 2005) ACM, Tucson Arizona, USA 2005
    [ Download |  bibtex]
    [3] D.Bruschi, Igor N. Fovino, A. Lanzi, "A protocol for Anonymous and Accurate E-Polling", In the Proceedings of the international conference Security for e-Government Services, (TCGOV 2005), Bozen, Italy 2005. LNCS Springer-Verlag, (LNAI 3416) pag.112-121
    [ Download |  bibtex]
    [2] D.Bruschi, Igor N. Fovino, A. Lanzi , "A protocol for Anonymous and Accurate E-Polling", Publisher:"IDEA GROUP Inc." Title:"Book on Secure eGovernment Web Services"
    [ Download |  bibtex]
    [1] Roberto Perdisci, Andrea Lanzi, Wenke Lee "Classification of Packed Executables for Accurate Computer Virus Detection.", Pattern Recognition Letters 2008
    [ Download  | bibtex]


ADDRESS

EURECOM
Campus SophiaTech,
450 Route des Chappes, 06410 Biot FRANCE
Office: 370

CONTACT

python -c "print 'la%s%seurecom.%s' % ('nzi', '@', 'fr')"