BIO

Mariano `emdel` Graziano is currently a Ph.D. student under the supervision of Davide Balzarotti at the Software and Systems Security group of Eurecom in Sophia-Antipolis (France). He earned a Master of Science in Computer and Communication Networks from Politecnico di Torino (Italy).

Mariano is the "virtual" guy of the group. He spends his days in the office trying to understand all the secrets of Xen, KVM and other hypervisors (bhyve). In parallel he tries to protect the world by developing new automated techniques to analyze malware and to defeat the chaos in the physical memory dumps. When he is stuck in his research, he feeds his brain with CTF challenges with the nops team as well as messing around on IRC.

From July to December 2014 I was an intern at Cisco in the Talos Security Intelligence and Research Group in Columbia, MD.

PUBLICATIONS

Needles in a Haystack: Mining Information from Public Dynamic Analysis Sandboxes for Malware Intelligence
Mariano Graziano, Davide Canali, Leyla Bilge, Andrea Lanzi, Davide Balzarotti
24th USENIX Security Symposium (Usenix Security), Washington DC, August 2015 (acceptance rate: 15.7%)
Through the Looking-Glass, and What Eve Found There
Luca Bruno, Mariano Graziano, Davide Balzarotti, Aurelien Francillon
8th USENIX Workshop on Offensive Technologies (WOOT), San Diego, California, August 2014
PDF BibTeX
Hypervisor Memory Forensics
Mariano Graziano, Andrea Lanzi, Davide Balzarotti
16th International Symposium on Research in Attacks, Intrusions and Defenses (RAID), St. Lucia, October 2013 (acceptance rate: 22.9%)
PDF Actaeon BibTeX
Towards Network Containment In Malware Analysis Systems
Mariano Graziano, Corrado Leita, Davide Balzarotti
28th Annual Computer Security Applications Conference (ACSAC), Orlando, Florida, December 2012 (acceptance rate: 19.0%)

TALKS

Through the Looking-Glass, and What Eve Found There
Mariano Graziano, Luca Bruno
DEF CON 22, Las Vegas (USA), August 2014
Under the Hood: How Actaeon Unveils Your Hypervisor
Mariano Graziano, Andrea Lanzi
Hack In The Box, Kuala Lumpur (Malaysia), October 2013
Hypervisor Memory Forensics
Mariano Graziano, Davide Balzarotti
SANS DFIR EU Summit, Prague (Czech Republic), October 2013

CONTACT

  • Mail: python -c "print 'graz%s%seurecom.%s' % ('iano', '@', 'fr')" [PGP Key]
  • Key fingerprint = 6DDA AD10 27AA D620 43B1 4BDB 85EC B102 6E40 AB3C
  • Twitter: @emd3l
  • GitHub: repository
  • Linkedin: profile
  • Google Scholar: profile
  • IRC: emdel/emd3l on Freenode/Efnet/W3challs/Azzurra
  • Mirror Site: Personal Website

  • EURECOM
    Campus SophiaTech,
    450 Route des Chappes, 06410 Biot FRANCE
    Office: 370

    NEWS