Publications

My profiles

• Google Scholar

• Research Gate

• Scopus

• ORCID

List of Publications

• Unmasking the Veiled: A Comprehensive Analysis of Android Evasive Malware
  A. Ruggia, D. Nisi, S. Dambra, A. Merlo, D. Balzarotti, S. Aonzo
  In Proc. of the ACM Asia conference on Computer and Communications Security (ASIACCS)
  • [PDF] [BibTeX]
• Decoding the Secrets of Machine Learning in Malware Classification: A Deep Dive into Datasets, Feature Extraction, and Model Performance
  S. Dambra, Y. Han, S. Aonzo, P. Kotzias, A. Vitale, J. Caballero, D. Balzarotti, L. Bilge
  In Proc. of the ACM Conference on Computer and Communications Security (CCS), 2023
  • [PDF]
• Android, notify me when it is time to go phishing
  A. Ruggia, A. Possemato, A. Merlo, D. Nisi, and S. Aonzo
  In Proc. of the 8th IEEE European Symposium on Security and Privacy (EUROS&P), 2023
  • [PDF] [BibTeX]
  • Press: s3blogpost, EurecomMedium, WiredIT
• Humans vs. Machines in Malware Classification
  S. Aonzo, Y. Han, A. Mantovani, D. Balzarotti
  In Proc. of the 32st USENIX Security Symposium (USENIX-Security), 2023
  • [PDF] [BibTeX] [Slides] [Video]
• The dark side of native code on android
  A. Ruggia, A. Possemato, S. Dambra, A. Merlo, S. Aonzo, and D. Balzarotti, 2022
  • [PDF] [BibTeX]
• RE-Mind: a First Look Inside the Mind of a Reverse Engineer
  A. Mantovani, S. Aonzo, Y. Fratantonio, D. Balzarotti
  In Proc. of the 31st USENIX Security Symposium (USENIX-Security), 2022
  • [PDF] [BibTeX] [Slides] [Video]
• Trust, But Verify: A Longitudinal Analysis Of Android OEM Compliance and Customization
  A. Possemato, S. Aonzo, D. Balzarotti, Y. Fratantonio
  In Proc. of the 42nd IEEE Symposium on Security and Privacy (S&P), 2021
  • [PDF] [BibTeX] [Video]
• Prevalence and impact of low-entropy packing schemes in the malware ecosystem
  A. Mantovani, S. Aonzo, X. Ugarte-Pedrero, A. Merlo, D. Balzarotti
  In Proc. of the ISOC Network and Distributed System Security (NDSS), 2020
  • [PDF] [BibTeX]
  • Press: Talosintelligence Blog
• Obfuscapk: An open-source black-box obfuscation tool for Android apps
  S. Aonzo, G. C. Georgiu, L. Verderame, A. Merlo
  SoftwareX, Volume 11, 2020
  • [PDF] [BibTeX]
  • Website: https://github.com/Obfuscapk
• Droids in Disarray: Detecting Frame Confusion in Hybrid Android Apps
  D. Caputo, L. Verderame, S. Aonzo, A. Merlo
  In Proc. of the IFIP Conference on Data and Applications Security and Privacy (DBSec), 2019
  • [PDF] [BibTeX] [Slides]
• Phishing Attacks on Modern Android S. Aonzo, A. Merlo, G. Tavella, Y. Fratantonio In Proc. of the ACM Conference on Computer and Communications Security (CCS), 2018
  • [PDF] [BibTeX] [Video] [Slides]
  • Website: http://www.s3.eurecom.fr/projects/modern-android-phishing/
  • Press: SlashDot, The Register, Threat Post, ZDNet, Duo Security, Naked Security, Keeper Security, LastPass, Corriere della Sera [ITA]
• Low-Resource Footprint, Data-driven Malware Detection on Android
  S. Aonzo, A. Merlo, M. Migliardi, L. Oneto, F. Palmieri
  IEEE Transaction on Sustainable Computing, Vol. PP, no. 99, pp. 1-1.
  • [PDF] [BibTeX]
• RmPerm: a Tool for Android Permissions Removal
  S. Aonzo, G. Lagorio, A. Merlo
  In Proc. of the Conference on Security and Cryptography (SECRYPT), 2017
  • [PDF] [BibTeX]
  • Website: https://github.com/RmPerm

Ph.D. Thesis in Computer Science and Systems Engineering

• Novel Attacks and Defenses in the Userland of Android, 2019
  • [PDF] [Slides]