You can find a list of my publications also on my Google Scholar profile.
However, on this page you will find more information and links to additional material (such as slides, tools, and datasets).

2017

A Lustrum of Malware Network Communication: Evolution and Insights
Chaz Lever, Platon Kotzias, Davide Balzarotti, Juan Caballero, Manos Antonakakis
Proceedings of the IEEE Symposium on Security and Privacy , San Jose, CA (acceptance rate: 13.3%)
Attacks Landscape in the Dark Side of the Web
Onur Catakoglu, Marco Balduzzi, Davide Balzarotti
Proceedings of the 32nd Annual ACM Symposium on Applied Computing (SAC) , Marrakech, Morocco (acceptance rate: 15.7%)
Best Paper Award
The Onions Have Eyes: A Comprehensive Structure and Privacy Analysis of Tor Hidden Services
Iskander Sanchez-Rola, Davide Balzarotti, Igor Santos
26th International World Wide Web Conference (WWW) , Perth, Australia (acceptance rate: 17.0%)

2016

PhishEye: Live Monitoring of Sandboxed Phishing Kits
Xiao Han, Nizar Kheir, Davide Balzarotti
Proceedings of the 23rd ACM conference on Computer and communications security (CCS) , Vienna, Austria (acceptance rate: 16.4%)
Best European Student Paper Award
Taming Transactions: Towards Hardware-Assisted Control Flow Integrity Using Transactional Memory
Marius Muench, Fabio Pagani, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna, Davide Balzarotti
Symposium on Research in Attacks, Intrusion, and Defenses (RAID) , Paris (acceptance rate: 25.9%)
Uses and Abuses of Server-Side Requests
Giancarlo Pellegrino, Onur Catakoglu, Davide Balzarotti, Christian Rossow
Symposium on Research in Attacks, Intrusion, and Defenses (RAID) , Paris (acceptance rate: 25.9%)
Micro-Virtualization Memory Tracing to Detect and Prevent Spraying Attacks
Stefano Cristalli, Mattia Pagnozzi, Mariano Graziano, Andrea Lanzi, Davide Balzarotti
Proceedings of the 25rd USENIX Security Symposium (USENIX Security) (acceptance rate: 15.6%)
Google Dorks: Analysis, Creation, and new Defenses
Flavio Toffalini, Maurizio Abba, Damiano Carra, Davide Balzarotti
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) , San Sebastian, Spain (acceptance rate: 31.8%)
Subverting Operating System Properties through Evolutionary DKOM Attacks
Mariano Graziano, Lorenzo Flore, Andrea Lanzi, Davide Balzarotti
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) , San Sebastian, Spain (acceptance rate: 31.8%)
RAMBO: Run-time packer Analysis with Multiple Branch Observation
Xabier Ugarte-Pedrero, Davide Balzarotti, Igor Santos, Pablo G. Bringas
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) , San Sebastian, Spain (acceptance rate: 31.8%)
Measuring the Role of Greylisting and Nolisting in Fighting Spam
F. Pagani, M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti
International Conference on Dependable Systems and Networks (DSN) , Toulouse, France (acceptance rate: 20.5%)
ROPMEMU: A Framework for the Analysis of Complex Code-Reuse Attacks
Mariano Graziano, Davide Balzarotti, Alain Zidouemba
Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS) , Xi'an, China (acceptance rate: 20.9%)
Automatic Extraction of Indicators of Compromise for Web Applications
Onur Catakoglu, Marco Balduzzi, Davide Balzarotti
25th International World Wide Web Conference (WWW) , Montreal, Canada (acceptance rate: 22.0%)

2015

PIE: Parser Identification in Embedded Systems
Lucian Cojocar, Jonas Zaddach, Roel Verdult, Herbert Bos, Aurelien Francillon, Davide Balzarotti
Annual Computer Security Applications Conference (ACSAC) (acceptance rate: 24.4%)
Needles in a Haystack: Mining Information from Public Dynamic Analysis Sandboxes for Malware Intelligence
Mariano Graziano, Davide Canali, Leyla Bilge, Andrea Lanzi, Davide Balzarotti
Proceedings of the 24rd USENIX Security Symposium (USENIX Security) (acceptance rate: 15.7%)
In the Compression Hornet's Nest: A Security Study of Data Compression in Network Services
Giancarlo Pellegrino, Davide Balzarotti, Stefan Winter, Neeraj Suri
Proceedings of the 24rd USENIX Security Symposium (USENIX Security) (acceptance rate: 15.7%)
The Impact of GPU-Assisted Malware on Memory Forensics: A Case Study
Antonio Villani, Davide Balzarotti, Roberto di Pietro
Annual Digital Forensics Research Conference (DFRWS) , Philadelphia, USA (acceptance rate: 34.8%)
The Role of Cloud Services in Malicious Software: Trends and Insights
Xiao Han, Nizar Kheir, Davide Balzarotti
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) , Milan, Italy (acceptance rate: 22.7%)
Cutting the Gordian Knot: A Look Under the Hood of Ransomware Attacks
Amin Kharraz, William Robertson, Davide Balzarotti, Leyla Bilge, Engin Kirda
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) , Milan, Italy (acceptance rate: 22.7%)
[SoK] Deep Packer Inspection: A Longitudinal Study of the Complexity of Run-Time Packers
Xabier Ugarte-Pedrero, Davide Balzarotti, Igor Santos, Pablo G. Bringas
Proceedings of the IEEE Symposium on Security and Privacy , San Jose, CA (acceptance rate: 13.8%)
Hypervisor-based Malware Protection with AccessMiner
Aristide Fattori, Andrea Lanzi, Davide Balzarotti, Engin Kirda
Computers {\&} Security

2014

Resource monitoring for the detection of parasite P2P botnets
Rafael Rodríguez-Gómez, Gabriel Maciá-Fernández, Pedro García-Teodoro, Moritz Steiner, Davide Balzarotti
Journal of Computer Networks
Through the Looking-Glass, and What Eve Found There
Luca Bruno, Mariano Graziano, Davide Balzarotti, Aurélien Francillon
8th USENIX Workshop on Offensive Technologies (WOOT 14) (acceptance rate: 48.6%)
A Large Scale Analysis of the Security of Embedded Firmwares
Andrei Costin, Jonas Zaddach, Aurélien Francillon, Davide Balzarotti
Proceedings of the 23rd USENIX Security Symposium (USENIX Security) (acceptance rate: 19.0%)
Shades of Grey: A Closer Look at Emails in the Gray Area
Jelena Isacenkova, Davide Balzarotti
Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS) , Kyoto, Japan (acceptance rate: 20.0%)
Optical Delusions: A Study of Malicious QR Codes in the Wild
Amin Kharraz, Engin Kirda, William Robertson, Davide Balzarotti, Aurelien Francillon
Proceedings of the IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) , Atlanta, GA USA (acceptance rate: 21.8%)
On the Feasibility of Software Attacks on Commodity Virtual Machine Monitors via Direct Device Assignment
Gabor Pek, Andrea Lanzi, Abhinav Srivastava, Davide Balzarotti, Aurélien Francillon, Christoph Neumann
Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS) , Kyoto, Japan (acceptance rate: 20.0%)
On The Effectiveness of Risk Prediction Based on Users Browsing Behavior
Davide Canali, Leyla Bilge, Davide Balzarotti
Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS) , Kyoto, Japan (acceptance rate: 20.0%)
EXPOSURE: a Passive DNS Analysis Service to Detect and Report Malicious Domains
Leyla Bilge, Sevil Sen, Davide Balzarotti, Engin Kirda, Christopher Kruegel
ACM Transactions on Information and System Security (TISSEC)
Avatar: A Framework to Support Dynamic Security Analysis of Embedded Systems' Firmwares
Jonas Zaddach, Luca Bruno, Aurelien Francillon, Davide Balzarotti
Network and Distributed System Security (NDSS) Symposium , San Diego (USA) (acceptance rate: 18.6%)
Toward Black-Box Detection of Logic Flaws in Web Applications
Giancarlo Pellegrino, Davide Balzarotti
Network and Distributed System Security (NDSS) Symposium , San Diego (USA) (acceptance rate: 18.6%)
Inside the SCAM Jungle: A Closer Look at 419 Scam Email Operations
Jelena Isacenkova, Olivier Thonnard, Andrei Costin, Aurelien Francillon, Davide Balzarotti
EURASIP Journal on Information Security

2013

Implementation and Implications of a Stealth Hard-Drive Backdoor
Jonas Zaddach, Anil Kurmus, Davide Balzarotti, Erik Olivier Blass, Aurelien Francillon, Travis Goodspeed, Moitrayee Gupta, Ioannis Koltsidas
Proceedings of the 29th Annual Computer Security Applications Conference (ACSAC) , New Orleans (acceptance rate: 19.0%)
Best Student Paper Award
Hypervisor Memory Forensics
Mariano Graziano, Andrea Lanzi, Davide Balzarotti
Symposium on Research in Attacks, Intrusion, and Defenses (RAID) , Saint Lucia (acceptance rate: 22.9%)
Winner of the 2013 Annual Volatility Framework Plugin Contest!
The Role of Phone Numbers in Understanding Cyber-Crime Schemes
Andrei Costin, Jelena Isachenkova, Marco Balduzzi, Aurelien Francillon, Davide Balzarotti
Annual Conference on Privacy, Security, and Trust (PST) , Terragona, Spain (acceptance rate: 29.0%)
The Role of Web Hosting Providers in Detecting Compromised Websites
Davide Canali, Davide Balzarotti, Aurelien Francillon
22th International World Wide Web Conference (WWW) , Rio de Janeiro, Brazil (acceptance rate: 15.0%)
Best Paper Nominee
Inside the SCAM Jungle: A Closer Look at 419 Scam Email Operations
Jelena Isacenkova, Olivier Thonnard, Andrei Costin, Davide Balzarotti, Aurelien Francillon
Proceedings of the International Workshop on Cyber Crime (co-located with S&P) , San Francisco, CA
Behind the Scenes of Online Attacks: an Analysis of Exploitation Behaviors on the Web
Davide Canali, Davide Balzarotti
Proceedings of the 20th Annual Network and Distributed System Security Symposium (NDSS) , San Diego, CA (acceptance rate: 18.8%)

2012

Disclosure: detecting botnet command and control servers through large-scale NetFlow analysis
Leyla Bilge, Davide Balzarotti, William Robertson, Engin Kirda, Christopher Kruegel
Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC) , Orlando, FL (acceptance rate: 19.0%)
Towards network containment in malware analysis systems
Mariano Graziano, Corrado Leita, Davide Balzarotti
Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC) , Orlando, FL (acceptance rate: 19.0%)
A quantitative study of accuracy in system call-based malware detection
Davide Canali, Andrea Lanzi, Davide Balzarotti, Christopher Kruegel, Mihai Christodorescu, Engin Kirda
Proceedings of the 2012 International Symposium on Software Testing and Analysis (ISSTA) , Minneapolis, MN (acceptance rate: 28.7%)
Preventing Input Validation Vulnerabilities in Web Applications through Automated Type Analysis
Theodoor Scholte, William Robertson, Davide Balzarotti, Engin Kirda
36th Computer Software and Applications Conference (COMPSAC) , Izmir, Turkey (acceptance rate: 18.0%)
Have things changed now? An empirical study on input validation vulnerabilities in web applications
Theodoor Scholte, Davide Balzarotti, Engin Kirda
Journal on Computers & Security
From model-checking to automated testing of security protocols: Bridging the gap
Alessandro Armando, Giancarlo Pellegrino, Roberto Carbone, Alessio Merlo, Davide Balzarotti
6th International Conference on Tests and Proofs (TAP) , Prague, Czech Republic
A security analysis of amazon's elastic compute cloud service
Marco Balduzzi, Jonas Zaddach, Davide Balzarotti, Engin Kirda, Sergio Loureiro
Proceedings of the 27th Annual ACM Symposium on Applied Computing (SAC) , Trento, Italy (acceptance rate: 24.0%)
An empirical analysis of input validation mechanisms in web applications and languages
Theodoor Scholte, William Robertson, Davide Balzarotti, Engin Kirda
Proceedings of the 27th Annual ACM Symposium on Applied Computing (SAC) , Trento, Italy (acceptance rate: 24.0%)
Insights into user behavior in dealing with internet attacks
Kaan Onarlioglu, U Ozan Yilmaz, Davide Balzarotti, Engin Kirda
19th Annual Network and Distributed System Security Symposium (NDSS) , San Diego, CA (acceptance rate: 17.8%)

2011

Measurement and evaluation of a real world deployment of a challenge-response spam filter
Jelena Isacenkova, Davide Balzarotti
Proceedings of the 2011 ACM SIGCOMM conference on Internet Measurement Conference (IMC) , Berlin (acceptance rate: 19.1%)
Operating System Interface Obfuscation and the Revealing of Hidden Operations
Abhinav Srivastava, Andrea Lanzi, Jonathon Giffin, Davide Balzarotti
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) , Amsterdam, The Netherlands (acceptance rate: 31.7%)
Reverse Social Engineering Attacks in Online Social Networks
Danesh Irani, Marco Balduzzi, Davide Balzarotti, Engin Kirda, C. Pu
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA) , Amsterdam, The Netherlands (acceptance rate: 31.7%)
Thwarting Real-Time Dynamic Unpacking
Leyla Bilge, Andrea Lanzi, Davide Balzarotti
Proceedings of the Fourth European Workshop on System Security (EUROSEC)
Exposing the lack of privacy in file hosting services
Nick Nikiforakis, Marco Balduzzi, S. Van Acker, W. Joosen, Davide Balzarotti
Proceedings of the 4th USENIX conference on Large-scale exploits and emergent threats (LEET)
Quo Vadis? A Study of the Evolution of Input Validation Vulnerabilities in Web Applications
Theodor Scholte, Davide Balzarotti, Engin Kirda
Proceedings of the Fifteenth International Conference on Financial Crypto (FC) , St. Lucia (acceptance rate: 20.3%)
Automated discovery of parameter pollution vulnerabilities in web applications
Marco Balduzzi, Carment T. Gimenez, Davide Balzarotti, Engin Kirda
Proceedings of the 18th Network and Distributed System Security Symposium (NDSS) , San Diego, CA (acceptance rate: 20.1%)
Distinguished Paper Award
A Summary of Two Practical Attacks Against Social Networks
Leyla Bilge, Marco Balduzzi, Davide Balzarotti, Engin Kirda
Trustworthy Internet (Book Chapter)

2010

G-Free: defeating return-oriented programming through gadget-less binaries
Kaan Onarlioglu, Leyla Bilge, Andrea Lanzi, Davide Balzarotti, Engin Kirda
Proceedings of the 26th Annual Computer Security Applications Conference (ACSAC) , Austin, Texas (acceptance rate: 16.3%)
AccessMiner: using system-centric models for malware protection
Andrea Lanzi, Davide Balzarotti, Christopher Kruegel, Mihai Christodorescu, Engin Kirda
Proceedings of the 17th ACM conference on Computer and communications security (CCS) , Chicago, Illinois, USA (acceptance rate: 17.2%)
Abusing Social Networks for Automated User Profiling
Marco Balduzzi, Christian Platzer, Thorsten Holz, Engin Kirda, Davide Balzarotti, Christopher Kruegel
Proceedings of the Internation Symposium on Recent Advances in Intrusion Detection (RAID) , Ottawa, Canada (acceptance rate: 23.1%)
Honeybot, Your Man in the Middle for Automated Social Engineering
Tobias Lauinger, Veikko Pankakoski, Davide Balzarotti, Engin Kirda
Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET) , San Jose, CA (acceptance rate: 31.4%)
A Solution for the Automated Detection of Clickjacking Attacks
Marco Balduzzi, Manuel Egele, Engin Kirda, Davide Balzarotti, Christopher Kruegel
Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS) , Beijing, China (acceptance rate: 15.0%)
Efficient Detection of Split Personalities in Malware
Davide Balzarotti, Marco Cova, Christoph Karlberger, Christopher Kruegel, Engin Kirda, Giovanni Vigna
Proceedings of the Network and Distributed System Security Symposium (NDSS) , San Diego, CA (acceptance rate: 15.4%)
An Experience in Testing the Security of Real-World Electronic Voting Systems
Davide Balzarotti, Greg Banks, Marco Cova, Viktoria Felmetsger, Richard A. Kemmerer, William Robertson, Fredrik Valeur, Giovanni Vigna
IEEE Transactions on Software Engineering

2009

Reducing errors in the anomaly-based detection of web-based attacks through the combined analysis of web requests and SQL queries
Giovanni Vigna, Fredrik Valeur, Davide Balzarotti, William Robertson, Christopher Kruegel, Engin Kirda
Journal of Computer Security , Amsterdam, The Netherlands, The Netherlands
A view on current malware behaviors
Ulrich Bayer, Imam Habibi, Davide Balzarotti, Engin Kirda, Christopher Kruegel
USENIX workshop on large-scale exploits and emergent threats (LEET) , Boston, MA (acceptance rate: 40.9%)
All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks
Leyla Bilge, Thorsten Strufe, Davide Balzarotti, Engin Kirda
20th International World Wide Web Conference (WWW) , Madrid, Spain (acceptance rate: 11.7%)

2008 and before

EVEREST: Evaluation and Validation of Election-Related Equipment, Standards and Testing
Patrick McDaniel, Matt Blaze, Giovanni Vigna, Davide Balzarotti et al.
Improving Signature Testing Through Dynamic Data Flow Analysis
Christopher Kruegel, Davide Balzarotti, William Robertson, Giovanni Vigna
Proceedings of the Annual Computer Security Applications Conference (ACSAC) , Miami, FL (acceptance rate: 20.9%)
Supporting cooperative software processes in a decentralized and nomadic world
Davide Balzarotti, Carlo Ghezzi, Mattia Monga
IEEE Transactions on Systems, Man, and Cybernetics Part A: Systems and Humans
Multi-Module Vulnerability Analysis of Web-based Applications
Davide Balzarotti, Marco Cova, Viktoria Felmetsger, Giovanni Vigna
Proceedings of the ACM Conference on Computer and Communication Security (ACM CCS) , Alexandria, VA (acceptance rate: 18.2%)
Testing Network-based Intrusion Detection Signatures Using Mutant Exploits
Giovanni Vigna, William Robertson, Davide Balzarotti
Proceedings of the ACM Conference on Computer and Communication Security (ACM CCS) , Washington, DC (acceptance rate: 13.9%)
Swaddler: An Approach for the Anomaly-based Detection of State Violations in Web Applications
Marco Cova, Davide Balzarotti, Viktoria Felmetsger, Giovanni Vigna
Proceedings of the 10th Internation Symposium on Recent Advances in Intrusion Detection (RAID) , Surfer Paradise, Australia (acceptance rate: 15.8%)
Catch Me, If You Can: Evading Network Signatures with Web-based Polymorphic Worms
Matt Van Gundy, Davide Balzarotti, Giovanni Vigna
Proceedings of the First USENIX Workshop on Offensive Technologies (WOOT) , Boston, MA
Testing Network Intrusion Detection Systems
D. Balzarotti
Ph.D. Dissertation
Security Evaluation of the Sequoia Voting System
Giovanni Vigna, Richard Kemmerer, Davide Balzarotti, Greg Banks, Marco Cova, Viktoria Felmetsger, William Robertson, Fredrik Valeur
Supporting Configuration Management for Virtual Workgroups in a Peer-to-Peer Setting
Davide Balzarotti, Carlo Ghezzi, Mattia Monga
Proceedings of International Conference on Software Engineering and Knowledge Engineering , Ischia, Italy
Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications
Davide Balzarotti, Marco Cova, Viktoria Felmetsger, Nenad Jovanovic, Engin Kirda, Christopher Kruegel, Giovanni Vigna
Proceedings of the IEEE Symposium on Security and Privacy , Berkeley, CA (acceptance rate: 11.2%)
ClearShot: Eavesdropping on Keyboard Input from Video
Davide Balzarotti, Marco Cova, Giovanni Vigna
Proceedings of the IEEE Symposium on Security and Privacy , Berkeley, CA (acceptance rate: 11.2%)
The LighTS Tuple Space Frawework and its Customization for Context-Aware Applications
Davide Balzarotti, Paolo Costa, Gian Pietro Picco
International Journal on Web Intelligence and Agent Systems (WAIS)
LighTS: A Lightweight, Customizable Tuple Space Supporting Context-Aware Applications
Gian Pietro Picco, Davide Balzarotti, Paolo Costa
Proceedings of the 20$^{th}$ ACM Symposium on Applied Computing (SAC05) , Santa Fe (New Mexico, USA) (acceptance rate: 36.4%)
Slicing {AspectJ} Woven Code
Davide Balzarotti, Antonio Castaldo D'Ursi, Luca Cavallaro, Mattia Monga
Proceedings of the Foundations of Aspect-Oriented Languages workshop ({FOAL2005}) , Chicago, IL (USA)
Using Program Slicing to Analyze Aspect-Oriented Composition
Davide Balzarotti, Mattia Monga
Proceedings of Foundations of Aspect-Oriented Languages Workshop at {FOAL} 2004 , Lancaster (UK)
Are Your Votes {\em Really} Counted? Testing the Security of Real-world Electronic Voting Systems
Davide Balzarotti, Greg Banks, Marco Cova, Viktoria Felmetsger, Richard Kemmerer, William Robertson, Fredrik Valeur, Giovanni Vigna
Proceedings of the International Symposium on Software Testing and Analysis (ISSTA) , Seattle, WA (acceptance rate: 26.0%)
Assessing the risk of using vulnerable components
Davide Balzarotti, Mattia Monga, Sabrina Sicari
Quality of Protection: Security Measurements and Metrics (QoP)
Freeing Cooperation From Servers Tyranny
Davide Balzarotti, Carlo Ghezzi, Mattia Monga
Web Engineering and Peer-to-Peer Computing