I am Mariano `emdel` Graziano and I am currently a researcher at Cisco in the Talos group.

I obtained my Ph.D. from Telecom ParisTech/Eurecom (Sophia Antipolis - France) and during my doctoral studies I worked in the Software and Systems Security group (S3) under the supervision of Davide Balzarotti.

I earned a Master of Science in Computer and Communication Networks from Politecnico di Torino (Italy).

Talk accepted at Recon - 2018/06

Paper accepted at S&P - 2018/01

Talk accepted at Recon - 2017/06

4th place at the Volatility plugin contest- 2016/12

Talk accepted at Zeronights - 2016/11

Mariano is interested in security researches related to memory forensics, automated malware analysis, virtualization and exploitation techniques.

Understanding Linux Malware

Emanuele Cozzi, Mariano Graziano, Yanick Fratantonio, Davide Balzarotti

To appear in the IEEE Symposium on Security & Privacy , San Francisco, CA

[Paper | BibTex ]

Micro-Virtualization Memory Tracing to Detect and Prevent Spraying Attacks

Stefano Cristalli, Mattia Pagnozzi, Mariano Graziano, Andrea Lanzi, Davide Balzarotti

25th USENIX Security Symposium (USENIX Security), Austin, Texas, August 2016

[Paper | Slides | Video | BibTex ]

Subverting Operating System Properties through Evolutionary DKOM Attacks

Mariano Graziano, Lorenzo Flore, Andrea Lanzi, Davide Balzarotti

13th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), San Sebastian, Spain, July 2016

[Paper | Slides | BibTex]

Measuring the Role of Greylisting and Nolisting in Fighting Spam

Fabio Pagani, Matteo De Astis, Mariano Graziano, Andrea Lanzi, Davide Balzarotti

46th Annual International Conference on Dependable Systems and Networks (DSN), Toulouse, France, June 2016

[Paper | BibTex]

ROPMEMU: A Framework for the Analysis of Complex Code-Reuse Attacks

Mariano Graziano, Davide Balzarotti, Alain Zidouemba

11th Asia Conference on Computer and Communications Security (ASIACCS), Xi'an, China, June 2016

[Paper | Website | BibTex]

Needles in a Haystack: Mining Information from Public Dynamic Analysis Sandboxes for Malware Intelligence

Mariano Graziano, Davide Canali, Leyla Bilge, Andrea Lanzi, Davide Balzarotti

24th USENIX Security Symposium (USENIX Security), Washington DC, August 2015

[Paper | Slides | Video | BibTex]

Through the Looking-Glass, and What Eve Found There

Luca Bruno, Mariano Graziano, Davide Balzarotti, Aurelien Francillon

8th USENIX Workshop on Offensive Technologies (WOOT), San Diego, California, August 2014

[Paper | Website | BibTex]

Hypervisor Memory Forensics

Mariano Graziano, Andrea Lanzi, Davide Balzarotti

16th International Symposium on Research in Attacks, Intrusions and Defenses (RAID), St. Lucia, October 2013

[Actaeon | Paper | Contest | BibTex]

Towards Network Containment in Malware Analysis Systems

Mariano Graziano, Corrado Leita, Davide Balzarotti

28th Annual Computer Security Applications Conference (ACSAC), Orlando, Florida, December 2012

[Paper | Slides | BibTex]

T A L K S

Resistenza digitale: consigli per la privacy

Mariano Graziano

Linux day 2017, Palermo (Italy), October 2017

[Slides]

BASS Automated Signature Synthesizer

Mariano Graziano, Jonas Zaddach

Recon 2017, Montreal (Canada), June 2017

[Slides | Post | Website | Video]

Dissecting complex code-reuse attacks with ROPMEMU

Mariano Graziano

Zeronights 2016, Moscow (Russia), November 2016

[Slides | Demo]

Graffiti: the spraying attacks slayer

Mariano Graziano

Tensec 2016, Beijing (China), November 2016

[Slides]

Make DKOM attacks great again

Mariano Graziano

HackInBo 2016, Bologna (Italy), October 2016

[Slides | Video | Demo]

Memory Forensics: A Volatility Primer

Mariano Graziano

Security Day 2015, Lille 1 University (France), January 2015

[Slides]

Through the Looking-Glass, and What Eve Found There

Mariano Graziano, Luca Bruno

DEF CON 22, Las Vegas (USA), August 2014

[Slides | Site]

Under the Hood: How Actaeon Unveils Your Hypervisor

Mariano Graziano, Andrea Lanzi

Hack In The Box, Kuala Lumpur (Malaysia), October 2013

[Slides]

Hypervisors Memory Forensics

Mariano Graziano, Davide Balzarotti

SANS DFIR EU Summit, Prague (Czech Republic), October 2013

[Slides]

Beware of Hypervisor: Understanding ring -1

Mariano Graziano

MOCA 2012, Pescara (Italy), August 2012

[Slides]

M I S C

Mozzie: a normalization environment for malware execution Slides presented for my graduation at the Politecnico di Torino about my final project for the Master of Science in Computer and Communication Networks. Mozzie has been developed at the Network and Security Department of Institut Eurecom (iSecLab).

Smashing the stack in 2010 Report for the Computer Security exam at the Politecnico di Torino. It deals with buffer overflows in modern Linux and Windows systems considering also all the countermeasures introduced by software companies. Notice that I have performed the analysis on Windows while my classmate Andrea Cugliari on Linux. Happy hacking!

Malicious Softwares: conosciamoli meglio... Slide portare a SMAU 09 - 23/10/2009 Fiera Milano city, divulgative sul mondo dei malwares, i suoi trends ed il cybercrime.

E-Doctor Project presented to the Imagine Cup, a Microsoft international student competition, by me Dino, Manuel and Giampiero, my schoolfriends at Politecnico di Torino. In this paper we discuss about E-Doctor. E-DOCTOR is a low cost device focused on the disease prevention and support to facilitate medical screening in disadvantaged areas.

Malware: know your enemies Slides portate al DIGITAL SECURITY day 2008, 12/12/2008 Universita' di Crema, insieme a Roberto Sponchioni relative ai malwares, alla loro classificazione, comportamento ed analisi. Nell'archivio e' anche presente la demo di DLL injection con il relativo sorgente.

C O N T A C T

T W I T T E R
L I N K E D I N
G I T H U B
S C H O L A R

S 3 P A G E

© This site has been developed from scratch by Mariano Graziano. Best view with Linux & Chrome.