Publications
2025
PhaseSCA: Exploiting Phase-Modulated Emanations in Side Channels
Pierre Ayoub, Aurélien Hernandez, Romain Cayre, Aurélien Francillon, Clémentine Maurice
IACR Transactions on Cryptographic Hardware and Embedded Systems
2024
BlueScream: Screaming Channels on Bluetooth Low Energy
Pierre Ayoub, Romain Cayre, Aurélien Francillon, Clémentine Maurice
40th Annual Computer Security Applications Conference (ACSAC '24)
, Waikiki, Honolulu, Hawaii, United States
On Understanding and Forecasting Fuzzers Performance with Static Analysis
Dongjia Zhang, Andrea Fioraldi, Davide Balzarotti
Proceedings of the 31th ACM conference on Computer and communications security (CCS)
, Salt Lake City, UT, USA
LibAFL QEMU: A Library for Fuzzing-oriented Emulation
Romain Malmain, Andrea Fioraldi, Aurélien Francillon
Workshop on Binary Analysis Research (colocated with NDSS Symposium)
, San Diego (USA)
Predictive context-sensitive fuzzing
Borrello, Pietro, Fioraldi, Andrea, Cono D'Elia, Daniele, Balzarotti, Davide, Querzoni, Leonardo, Giuffrida, Cristiano
NDSS 2024, Network and Distributed System Security (NDSS) Symposium, 26 February-1 March 2024, San Diego, CA, USA
, San Diego
X-Ray-TLS: Transparent Decryption of TLS Sessions by Extracting Session Keys from Memory
Moriconi, Florent, Levillain, Olivier, Francillon, Aurélien, Troncy, Raphael
Proceedings of the 2024 ACM Asia conference on Computer and Communications Security (ASIACCS)
Unmasking the Veiled: A Comprehensive Analysis of Android Evasive Malware
Ruggia, Antonio, Nisi, Dario, Dambra, Savino, Merlo, Alessio, Balzarotti, Davide, Aonzo, Simone
Proceedings of the 2024 ACM Asia conference on Computer and Communications Security (ASIACCS)
OASIS: An Intrusion Detection System Embedded in Bluetooth Low Energy Controllers
Cayre, Romain, Nicomette, Vincent, Auriol, Guillaume, Kaâniche, Mohamed, Francillon, Aurélien
Proceedings of the 2024 ACM Asia conference on Computer and Communications Security (ASIACCS)
2023
Decoding the Secrets of Machine Learning in Malware Classification: A Deep Dive into Datasets, Feature Extraction, and Model Performance
Savino Dambra, Yufei Han, Simone Aonzo, Platon Kotzias, Antonino Vitale, Juan Caballero, Davide Balzarotti, Leyla Bilge
Proceedings of the 30th ACM conference on Computer and communications security (CCS)
, Copenaghen
Android, Notify Me When It Is Time To Go Phishing
Antonio Ruggia, Andrea Possemato, Alessio Merlo, Dario Nisi, Simone Aonzo
Proceedings of the 8th IEEE European Symposium on Security and Privacy (EuroS\&P'23)
, Delft, Netherlands
An OS-agnostic Approach to Memory Forensics
Andrea Oliveri, Matteo Dell'Amico, Davide Balzarotti
Network and Distributed System Security (NDSS) Symposium
, San Diego (USA)
WHIP: Improving Static Vulnerability Detection in Web Application by Forcing tools to Collaborate
Feras Al-Kassar, Luca Compagna, Davide Balzarotti
32nd USENIX Security Symposium (USENIX Security 23)
, Anaheim, CA
CrabSandwich: Fuzzing Rust with Rust (Registered Report)
Crump, Addison, Zhang, Dongjia, Asif, Syeda Mahnur, Maier, Dominik, Fioraldi, Andrea, Holz, Thorsten, Balzarotti, Davide
Proceedings of the 2nd International Fuzzing Workshop (FUZZING) 2023
, Seattle, WA, USA
ESPwn32: hacking with ESP32 system-on-chips
Cayre, Romain, Cauquil, Damien, Francillon, Aurelien
WOOT 2023, 17th IEEE Workshop on Offensive Technologies, co-located with IEEE S\&P 2023, 25 May 2023, San Francisco, United States
, San Francisco
Reflections on Trusting Docker: Invisible Malware in Continuous Integration Systems
Moriconi, Florent, Neergaard, Axel Ilmari, Georget, Lucas, Aubertin, Samuel, Francillon, Aurelien
WOOT 2023, 17th IEEE Workshop on Offensive Technologies, co-located with IEEE S\&P 2023, 25 May 2023, San Francisco, United States
, San Francisco
2022
LibAFL: A Framework to Build Modular and Reusable Fuzzers
Andrea Fioraldi, Dominik Maier, Dongjia Zhang, Davide Balzarotti
Proceedings of the 29th ACM conference on Computer and communications security (CCS)
, Los Angeles, U.S.A.
BreakMi: Reversing, Exploiting and Fixing Xiaomi Fitness Tracking Ecosystem
Casagrande, Marco, Losiouk, Eleonora, Conti, Mauro, Payer, Mathias, Antonioli, Daniele
IACR Transactions on Cryptographic Hardware and Embedded Systems
RE-Mind: a First Look Inside the Mind of a Reverse Engineer
Alessandro Mantovani, Simone Aonzo, Yanick Fratantonio, Davide Balzarotti
31st USENIX Security Symposium (USENIX Security 2022)
How Machine Learning Is Solving the Binary Function Similarity Problem
Andrea Marcelli, Mariano Graziano, Xabier Ugarte-Pedrero, Yanick Fratantonio, Mohamad Mansouri, Davide Balzarotti
31st USENIX Security Symposium (USENIX Security 2022)
Arbiter: Bridging the Static and Dynamic Divide in Vulnerability Discovery on Binary Programs
Jayakrishna Vadayath, Moritz Eckert, Kyle Zeng, Nicolaas Weideman, Gokulkrishna Praveen Menon, Yanick Fratantonio, Davide Balzarotti, Adam Doupéand Tiffany Bao, Ruoyu Wang, Christophe Hauser, Yan Shoshitaishvili
31st USENIX Security Symposium (USENIX Security 2022)
When Sally Met Trackers: Web Tracking From the Users' Perspective
Savino Dambra, Iskander Sanchez-Rola, Leyla Bilge, Davide Balzarotti
31st USENIX Security Symposium (USENIX Security 2022)
The Convergence of Source Code and Binary Vulnerability Discovery -- A Case Study
Alessandro Mantovani, Luca Compagna, Yan Shoshitaishvili, Davide Balzarotti
Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS22)
Fuzzing with Data Dependency Information
Alessandro Mantovani, Andrea Fioraldi, Davide Balzarotti
Proceedings of the 7th IEEE European Symposium on Security and Privacy (EuroS\&P'22)
, Genoa, Italy
BEERR: Bench of Embedded system Experiments for Reproducible Research
Paul Olivier, Xuan-Huy Ngo, Aurélien Francillon
Workshop on on the Security of Software / Hardware Interfaces (co-located with EuroS\&P'22)
, Genoa (Italy)
On the Insecurity of Vehicles Against Protocol-Level Bluetooth Threats
Antonioli, Daniele, Payer, Mathias
Proceedings of Workshop on offensive security (WOOT)
BLURtooth: Exploiting Cross-Transport Key Derivation in Bluetooth Classic and Bluetooth Low Energy
Antonioli, Daniele, Tippenhauer, Nils Ole, Rasmussen, Kasper, Payer, Mathias
Proceedings of the Asia conference on computer and communications security (ASIACCS)
Registered Report: Dissecting American Fuzzy Lop - A FuzzBench Evaluation
Andrea Fioraldi, Alessandro Mantovani, Dominik Maier, Davide Balzarotti
Proceedings of the 1st International Fuzzing Workshop (FUZZING) 2022
, San Diego, California
Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications
Feras Al Kassar, Giulia Clerici, Luca Compagna, Fabian Yamaguchi, Davide Balzarotti
Network and Distributed System Security (NDSS) Symposium
, San Diego (USA)
In the Land of MMUs: Multiarchitecture OS-Agnostic Virtual Memory Forensics
Andrea Oliveri, Davide Balzarotti
ACM Trans. Priv. Secur.
, New York, NY, USA
AutoProfile: Towards Automated Profile Generation for Memory Analysis
Fabio Pagani, Davide Balzarotti
ACM Transactions on Privacy and Security (TOPS)
Dissecting American Fuzzy Lop -- A FuzzBench Evaluation
Fioraldi, Andrea, Mantovani, Alessandro, Maier, Dominik C., Balzarotti, Davide
ACM Trans. Softw. Eng. Methodol.
Noise-SDR: Arbitrary modulation of electromagnetic noise from unprivileged software and its impact on emission security
Giovanni Camurati, Aurélien Francillon
IEEE Symposium on Security and Privacy
, San Francisco, CA
A Comparison of Systemic and Systematic Risks of Malware Encounters in Consumer and Enterprise Environments
Savino Dambra, Leyla Bilge, Davide Balzarotti
ACM Transactions on Privacy and Security (TOPS)
Automated identification of flaky builds using knowledge graphs
Moriconi, Florent, Troncy, Raphael, Francillon, Aurelien, Zouaoui, Jihane
2021
Tarnhelm: Isolated, Transparent & Confidential Execution of Arbitrary Code in ARM's TrustZone
Davide Quarta, Michele Ianni, Aravind Machiry, Yanick Fratantonio, Eric Gustafson, Davide Balzarotti, Martina Lindorfer, Giovanni Vigna, Christopher Kruegel
CheckMATE Workshop, co-located with ACM CCS
Lost in the Loader: The Many Faces of the Windows PE File Format
Dario Nisi, Mariano Graziano, Yanick Fratantonio, Davide Balzarotti
Symposium on Research in Attacks, Intrusion, and Defenses (RAID)
, San Sebastian
When Malware Changed Its Mind: Characterizing the Variability of Malicious and Unwanted Program Behaviors at Scale
Erin Avllazagaj, Ziyun Zhu, Leyla Bilge, Davide Balzarotti, Tudor Dumitras
29th USENIX Security Symposium (USENIX Security 21)
, Boston, MA
Winner of the Best Paper Award for 2021 -- CSAW
SoK: Enabling Security Analyses of Embedded Systems via Rehosting
Andrew Fasano, Tiemoko Ballo, Marius Muench, Tim Leek, Alexander Olienik, Brendan Dolan Gavitt, Manuel Egele, Aurélien Francillon, Long Lu, Nick Gregory, Davide Balzarotti, William Robertson
Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS)
, Hong Kong, China
(acceptance rate: 19.3%)
Trust, But Verify: A Longitudinal Analysis Of Android OEM Compliance and Customization
Possemato Andrea, Aonzo Simone, Balzarotti Davide, Fratantonio Yanick
IEEE Symposium on Security & Privacy
, San Francisco, CA
Journey to the Center of the Cookie Ecosystem: Unraveling Actors' Roles and Relationships
Iskander Sanchez-Rola, Matteo dell'Amico, Davide Balzarotti, Pierre-Antoine Vervier, Leyla Bilge
IEEE Symposium on Security & Privacy
, San Francisco, CA
Does Every Second Count? Time-based Evolution of Malware Behavior in Sandboxes
Alexander Kuechler, Alessandro Mantovani, Yufei Han, Leyla Bilge, Davide Balzarotti
Network and Distributed System Security (NDSS) Symposium
, San Diego (USA)
Preventing and Detecting State Inference Attacks on Android
Possemato Andrea, Nisi Dario, Fratantonio Yanick
Network and Distributed System Security Symposium
On the Insecurity of SMS One-Time Password Messages against Local Attackers in Modern Mobile Devices
Zeyu Lei, Yuhong Nan, Yanick Fratantonio, Antonio Bianchi
Network and Distributed System Security Symposium
SymQEMU: Compilation-based symbolic execution for binaries
Poeplau, Sebastian, Francillon, Aurélien
Network and Distributed System Security Symposium
Pre-processing Memory Dumps to Improve Similarity Score of Windows Modules
Miguel Martin-Pereand, Ricardo J. Rodriguez, Davide Balzarotti
Computers \& Security
Understanding and detecting international revenue share fraud
Merve Sahin, Aurélien Francillon
Network and Distributed System Security (NDSS) Symposium
, San Diego (USA)
The evidence beyond the wall: Memory forensics in SGX environments
Flavio Toffalini, Andrea Oliveri, Mariano Graziano, Jianying Zhou, Davide Balzarotti
Forensic Science International: Digital Investigation
The Use of Likely Invariants as Feedback for Fuzzers
Andrea Fioraldi, Daniele Cono D'Elia, Davide Balzarotti
30th USENIX Security Symposium (USENIX Security 21)
LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks
Wu, Jianliang, Wu, Ruoyu, Antonioli, Daniele, Payer, Mathias, Tippenhauer, Nils Ole, Xu, Dongyan, Tian, Dave Jing, Bianchi, Antonio
Proceedings of the USENIX Security Symposium (USENIX Security)
2020
Towards HTTPS Everywhere on Android: We Are Not There Yet
Andrea Possemato, Yanick Fratantonio
29th USENIX Security Symposium (USENIX Security 20)
(acceptance rate: 16.1%)
Symbolic execution with SymCC: Don't interpret, compile!
Sebastian Poeplau, Aurélien Francillon
29th USENIX Security Symposium (USENIX Security 20)
, Boston, MA
(acceptance rate: 16.1%)
Distinguished Paper Award Winner
Understanding Screaming Channels: From a Detailed Analysis to Improved Attacks
Giovanni Camurati, Aurélien Francillon, François-Xavier Standaert
IACR Transactions on Cryptographic Hardware and Embedded Systems (CHES 2020)
Google Bughunter Hall of Fame Honorable Mention
HardSnap: Leveraging hardware snapshotting for embedded systems security testing
Nassim Corteggiani, Aur\'elien Francillon
50th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2020)
, Valencia, SPAIN
(acceptance rate: 16.5%)
SoK: Cyber Insurance - Technical Challenges and a System Security Roadmap
Savino Dambra, Leyla Bilge, Davide Balzarotti
IEEE Symposium on Security & Privacy
, San Francisco, CA
(acceptance rate: 12.4%)
Prevalence and Impact of Low-Entropy Packing Schemes in the Malware Ecosystem
Alessandro Mantovani, Simone Aonzo, Xabier-Ugarte Pedrero, Alessio Merlo, Davide Balzarotti
Network and Distributed System Security (NDSS) Symposium
, San Diego (USA)
When Malware is Packin' Heat; Limits of Machine Learning Classifiers Based on Static Analysis Features
Hojjat Aghakhani, Fabio Gritti, Francesco Mecca, Martina Lindorfer, Stefano Ortolani, Davide Balzarotti, Giovanni Vigna, Christopher Kruegel
Network and Distributed System Security (NDSS) Symposium
, San Diego (USA)
The Tangled Genealogy of IoT Malware
Emanuele Cozzi, Pierre-Antoine Vervier, Matteo Dell'Amico, Yun Shen, Leyla Bilge, Davide Balzarotti
Annual Computer Security Applications Conference (ACSAC)
(acceptance rate: 23.2%)
SoC Security Evaluation: Reflections on Methodology and Tooling
Nassim Corteggiani, Giovanni Camurati, Marius Muench, Sebastian Poeplau, Aurelien Francillon
IEEE Design and Test
Dirty Clicks: A Study of the Usability and Security Implications of Click-related Behaviors on the Web
Iskander Sanchez-Rola, Davide Balzarotti, Christopher Kruegel, Giovanni Vigna, Igor Santos
Proceedings of The Web Conference 2020
(acceptance rate: 19.2%)
Cookies from the Past: Timing Server-Side Request Processing Code for History Sniffing
Iskander Sanchez-Rola, Davide Balzarotti, Igor Santos
ACM Dgital Threats: Research and Practice Journal (DTRAP)
, New York, NY, USA
2019
Systematic Comparison of Symbolic Execution Systems: Intermediate Representation and its Generation
Sebastian Poeplau, Aurélien Francillon
Proceedings of the 35th Annual Computer Security Applications Conference (ACSAC) 2019
, San Juan, Puerto Rico
(acceptance rate: 22.6%)
Toward the Analysis of Embedded Firmware through Automated Re-hosting
Eric Gustafson, Marius Muench, Chad Spensky, Nilo Redini, Aravind Machiry, Yanick Fratantonio, Davide Balzarotti, Aurelien Francillon, Yung Ryn Choe, Christopher Kruegel, Giovanni Vigna
Symposium on Research in Attacks, Intrusion, and Defenses (RAID)
, Beijing
(acceptance rate: 22.3%)
Exploring Syscall-Based Semantics Reconstruction of Android Applications
Dario Nisi, Antonio Bianchi, Yanick Fratantonio
Symposium on Research in Attacks, Intrusion, and Defenses (RAID)
, Beijing
(acceptance rate: 22.3%)
Back to the Whiteboard: a Principled Approach for the Assessment and Design of Memory Forensic Techniques
Fabio Pagani, Davide Balzarotti
28th USENIX Security Symposium (USENIX Security 19)
, Santa Clara, CA
(acceptance rate: 15.7%)
Can I Opt Out Yet? GDPR and the Global Illusion of Cookie Control
Iskander Sanchez-Rola, Matteo Dell’Amico, Platon Kotzias, Davide Balzarotti, Leyla Bilge, Pierre-Antoine Vervier, Igor Santos
Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS)
, Oakland, New Zealand
(acceptance rate: 17.1%)
A Close Look at a Daily Dataset of Malware Samples
Xabier Ugarte-Pedrero, Mariano Graziano, Davide Balzarotti
ACM Transactions on Privacy and Security (TOPS)
Finding software bugs in embedded devices
Francillon, Aurélien, Thomas, Sam L., Costin, Andrei
Security of Ubiquitous Computing Systems (Book Chapter) (to appear)
Introducing the Temporal Dimension to Memory Forensics
Pagani, Fabio, Fedorov, Oleksii, Balzarotti, Davide
ACM Transactions on Privacy and Security (TOPS)
BakingTimer: Privacy Analysis of Server-Side Request Processing Time
Sanchez-Rola, Iskander, Balzarotti, Davide, Santos, Igor
Annual Computer Security Applications Conference (ACSAC)
(acceptance rate: 22.6%)
2018
Using Loops For Malware Classification Resilient to Feature-unaware Perturbations
Aravind Machiry, Nilo Redini, Eric Gustafson, Yanick Fratantonio, Yung Ryn Choe, Christopher Kruegel, Giovanni Vigna
Proceedings of the Annual Computer Security Applications Conference (ACSAC)
, San Juan, Puerto Rico
(acceptance rate: 22.1%)
Clock Around the Clock: Time-Based Device Fingerprinting
Iskander Sanchez-Rola, Igor Santos, Davide Balzarotti
Proceedings of the 25th ACM conference on Computer and communications security (CCS)
, Toronto, Canada
(acceptance rate: 16.6%)
ClickShield: Are You Hiding Something? Towards Eradicating Clickjacking on Android
Andrea Possemato, Andrea Lanzi, Simon Pak Ho Chung, Wenke Lee, Yanick Fratantonio
Proceedings of the 25th ACM conference on Computer and communications security (CCS)
, Toronto, Canada
(acceptance rate: 16.6%)
Screaming Channels: When Electromagnetic Side Channels Meet Radio Transceivers
Giovanni Camurati, Sebastian Poeplau, Marius Muench, Tom Hayes, Aurélien Francillon
Proceedings of the 25th ACM conference on Computer and communications security (CCS)
, Toronto, Canada
(acceptance rate: 16.6%)
Third place at the CSAW Europe applied research competition 2018
Phishing Attacks on Modern Android
Simone Aonzo, Alessio Merlo, Giulio Tavella, Yanick Fratantonio
Proceedings of the 25th ACM conference on Computer and communications security (CCS)
, Toronto, Canada
(acceptance rate: 16.6%)
Backdoors: Definition, Deniability and Detection
Sam L. Thomas, Aurélien Francillon
Symposium on Research in Attacks, Intrusion, and Defenses (RAID)
, Heraklion
(acceptance rate: 22.8%)
Smashing the Stack Protector for Fun and Profit
Bruno Bierbaumer, Julian Kirsch, Thomas Kittel, Aurélien Francillon, Apostolis Zarras
33nd International Conference on ICT Systems Security and Privacy Protection (IFIP SEC 2018)
, Poznan, Poland
Inception: System-wide Security Testing of Real-World Embedded Systems Software
Nassim Corteggiani, Giovanni Camurati, Aurélien Francillon
27th USENIX Security Symposium (USENIX Security 18)
, Baltimore, MD
(acceptance rate: 19.1%)
Deception Techniques In Computer Security: A Research Perspective
Xiao Han, Nizar Kheir, Davide Balzarotti
ACM computing surveys (CSUR)
GuardION: Practical Mitigation of DMA-based Rowhammer Attacks on ARM
Victor van der Veen, Martina Lindorfer, Yanick Fratantonio, Harikrishnan Padmanabha Pillai, Giovanni Vigna, Christopher Kruegel, Herbert Bos, Kaveh Razavi
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)
, Paris, France
(acceptance rate: 30.5%)
On the Effectiveness of the National Do-Not-Call Registries
Merve Sahin, Aurélien Francillon
Workshop on Technology and Consumer Protection (Peer reviewed workshop co-located with S\&P, without formal proceedings)
Understanding Linux Malware
Emanuele Cozzi, Mariano Graziano, Yanick Fratantonio, Davide Balzarotti
IEEE Symposium on Security & Privacy
, San Francisco, CA
(acceptance rate: 11.5%)
Beyond Precision and Recall: Understanding Uses (and Misuses) of Similarity Hashes in Binary Analysis
Pagani, Fabio, Dell'Amico, Matteo, Balzarotti, Davide
Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy
, Tempe, AZ, USA
(acceptance rate: 20.9%)
Avatar²: A Multi-target Orchestration Platform
Marius Muench, Dario Nisi, Aurelien Francillon, Davide Balzarotti
Workshop on Binary Analysis Research (colocated with NDSS Symposium)
, San Diego (USA)
What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices
Marius Muench, Jan Stijohann, Frank Kargl, Aurelien Francillon, Davide Balzarotti
Network and Distributed System Security (NDSS) Symposium
, San Diego (USA)
Broken Fingers: On the Usage of the Fingerprint API in Android
Antonio Bianchi, Yanick Fratantonio, Aravind Machiry, Christopher Kruegel, Giovanni Vigna, Pak Chung, Wenke Lee
Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS)
, San Diego, CA
2017
Exploitation and Mitigation of Authentication Schemes Based on Device-Public Information
Antonio Bianchi, Eric Gustafson, Yanick Fratantonio, Christopher Kruegel, Giovanni Vigna
Proceedings of the Annual Computer Security Applications Conference (ACSAC)
, Orlando, Florida
(acceptance rate: 19.7%)
Evaluation of Deception-Based Web Attacks Detection
Xiao Han, Nizar Kheir, Davide Balzarotti
ACM Workshop on Moving Targets Defense (co-located with CCS)
, Dallas, USA
(acceptance rate: 34.6%)
Extension Breakdown: Security Analysis of Browsers Extension Resources Control Policies
Iskander Sanchez-Rola, Igor Santos, Davide Balzarotti
Proceedings of the 26rd USENIX Security Symposium (USENIX Security)
(acceptance rate: 16.3%)
Using chatbots against voice spam: Analyzing Lenny’s effectiveness
Merve Sahin, Marc Relieu, Aurélien Francillon
Proceedings of the Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017)
, Santa Clara, USA
(acceptance rate: 26.5%)
Towards Automated Classification of Firmware Images and Identification of Embedded Devices
Costin, Andrei, Zarras, Apostolis, Francillon, Aurélien
32nd International Conference on ICT Systems Security and Privacy Protection (IFIP SEC 2017)
, Rome, Italy
(acceptance rate: 19.4%)
A Lustrum of Malware Network Communication: Evolution and Insights
Chaz Lever, Platon Kotzias, Davide Balzarotti, Juan Caballero, Manos Antonakakis
Proceedings of the IEEE Symposium on Security and Privacy
, San Jose, CA
(acceptance rate: 13.3%)
SoK: Fraud in Telephony Networks
Merve Sahin, Aurélien Francillon, Payas Gupta, Mustaque Ahamad
Proceedings of the 2nd IEEE European Symposium on Security and Privacy (EuroS\&P'17)
, Paris, France
(acceptance rate: 19.6%)
Attacks Landscape in the Dark Side of the Web
Onur Catakoglu, Marco Balduzzi, Davide Balzarotti
Proceedings of the 32nd Annual ACM Symposium on Applied Computing (SAC)
, Marrakech, Morocco
(acceptance rate: 15.7%)
Best Paper Award
The Onions Have Eyes: A Comprehensive Structure and Privacy Analysis of Tor Hidden Services
Iskander Sanchez-Rola, Davide Balzarotti, Igor Santos
26th International World Wide Web Conference (WWW)
, Perth, Australia
(acceptance rate: 17.0%)
2016
Over-The-Top Bypass: Study of a Recent Telephony Fraud
Merve Sahin, Aurélien Francillon
Proceedings of the 23rd ACM conference on Computer and communications security (CCS)
, Vienna, Austria
(acceptance rate: 16.4%)
PhishEye: Live Monitoring of Sandboxed Phishing Kits
Xiao Han, Nizar Kheir, Davide Balzarotti
Proceedings of the 23rd ACM conference on Computer and communications security (CCS)
, Vienna, Austria
(acceptance rate: 16.4%)
Best European Student Paper Award
Taming Transactions: Towards Hardware-Assisted Control Flow Integrity Using Transactional Memory
Marius Muench, Fabio Pagani, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna, Davide Balzarotti
Symposium on Research in Attacks, Intrusion, and Defenses (RAID)
, Paris
(acceptance rate: 25.9%)
Uses and Abuses of Server-Side Requests
Giancarlo Pellegrino, Onur Catakoglu, Davide Balzarotti, Christian Rossow
Symposium on Research in Attacks, Intrusion, and Defenses (RAID)
, Paris
(acceptance rate: 25.9%)
Micro-Virtualization Memory Tracing to Detect and Prevent Spraying Attacks
Stefano Cristalli, Mattia Pagnozzi, Mariano Graziano, Andrea Lanzi, Davide Balzarotti
Proceedings of the 25rd USENIX Security Symposium (USENIX Security)
(acceptance rate: 15.6%)
Google Dorks: Analysis, Creation, and new Defenses
Flavio Toffalini, Maurizio Abba, Damiano Carra, Davide Balzarotti
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)
, San Sebastian, Spain
(acceptance rate: 31.8%)
RAMBO: Run-time packer Analysis with Multiple Branch Observation
Xabier Ugarte-Pedrero, Davide Balzarotti, Igor Santos, Pablo G. Bringas
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)
, San Sebastian, Spain
(acceptance rate: 31.8%)
Subverting Operating System Properties through Evolutionary DKOM Attacks
Mariano Graziano, Lorenzo Flore, Andrea Lanzi, Davide Balzarotti
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)
, San Sebastian, Spain
(acceptance rate: 31.8%)
Measuring the Role of Greylisting and Nolisting in Fighting Spam
F. Pagani, M. De Astis, M. Graziano, A. Lanzi, D. Balzarotti
International Conference on Dependable Systems and Networks (DSN)
, Toulouse, France
(acceptance rate: 20.5%)
ROPMEMU: A Framework for the Analysis of Complex Code-Reuse Attacks
Mariano Graziano, Davide Balzarotti, Alain Zidouemba
Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS)
, Xi'an, China
(acceptance rate: 20.9%)
Automated Dynamic Firmware Analysis at Scale: A Case Study on Embedded Web Interfaces
Costin, Andrei, Zarras, Apostolis, Francillon, Aurélien
11th ACM Asia Conference on Computer and Communications Security (AsiaCCS)
, Xidian, China
(acceptance rate: 20.9%)
Automatic Extraction of Indicators of Compromise for Web Applications
Onur Catakoglu, Marco Balduzzi, Davide Balzarotti
25th International World Wide Web Conference (WWW)
, Montreal, Canada
(acceptance rate: 22.0%)
Trust, But Verify: Why and how to establish trust in embedded devices (invited paper)
Aurélien Francillon
Proceedings of Design, Automation and Test in Europe (DATE), Dresden, Germany
SMASHUP: a toolchain for unified verification of hardware/software co-designs
Lugou, Florian, Apvrille, Ludovic, Francillon, Aurelien
Journal of Cryptographic Engineering
2015
PIE: Parser Identification in Embedded Systems
Lucian Cojocar, Jonas Zaddach, Roel Verdult, Herbert Bos, Aurelien Francillon, Davide Balzarotti
Annual Computer Security Applications Conference (ACSAC)
(acceptance rate: 24.4%)
Reverse Engineering Intel Last-Level Cache Complex Addressing Using Performance Counters
Clémentine Maurice, Le Scouarnec, Nicolas, Christoph Neumann, Olivier Heen, Aurélien Francillon
Proceedings of the 18th International Symposium on Research in Attacks, Intrusions and Defenses (RAID'15)
Automated Dynamic Firmware Analysis at Scale: A Case Study on Embedded Web Interfaces
Andrei Costin, Apostolis Zarras, Aurelien Francillon
ArXiv e-prints
Toward a methodology for unified verication of hardware/software co-designs
Florian Lugou, Ludovic Apvrille, Aurélien Francillon
PROOFS 2015, Security Proofs for Embedded Systems, 17 September 2015, Saint-Malo, France, Springer
, Saint-Malo, FRANCE
Large Scale Security Analysis of Embedded Devices' Firmware
Costin, Andrei
All your cluster-grids are belong to us: Monitoring the (in)security of infrastructure monitoring systems
Andrei Costin
1st Workshop on Security and Privacy in the Cloud (SPC) of the 2015 IEEE Conference on Communications and Network Security (CNS)
(acceptance rate: 27.3%)
Needles in a Haystack: Mining Information from Public Dynamic Analysis Sandboxes for Malware Intelligence
Mariano Graziano, Davide Canali, Leyla Bilge, Andrea Lanzi, Davide Balzarotti
Proceedings of the 24rd USENIX Security Symposium (USENIX Security)
(acceptance rate: 15.7%)
In the Compression Hornet's Nest: A Security Study of Data Compression in Network Services
Giancarlo Pellegrino, Davide Balzarotti, Stefan Winter, Neeraj Suri
Proceedings of the 24rd USENIX Security Symposium (USENIX Security)
(acceptance rate: 15.7%)
The Impact of GPU-Assisted Malware on Memory Forensics: A Case Study
Antonio Villani, Davide Balzarotti, Roberto di Pietro
Annual Digital Forensics Research Conference (DFRWS)
, Philadelphia, USA
(acceptance rate: 34.8%)
C5: Cross-Cores Cache Covert Channel
Clémentine Maurice, Christoph Neumann, Olivier Heen, Aurélien Francillon
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)
, Milan, Italy
(acceptance rate: 22.7%)
Best Paper Award
Cutting the Gordian Knot: A Look Under the Hood of Ransomware Attacks
Amin Kharraz, William Robertson, Davide Balzarotti, Leyla Bilge, Engin Kirda
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)
, Milan, Italy
(acceptance rate: 22.7%)
The Role of Cloud Services in Malicious Software: Trends and Insights
Xiao Han, Nizar Kheir, Davide Balzarotti
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)
, Milan, Italy
(acceptance rate: 22.7%)
[SoK] Deep Packer Inspection: A Longitudinal Study of the Complexity of Run-Time Packers
Xabier Ugarte-Pedrero, Davide Balzarotti, Igor Santos, Pablo G. Bringas
Proceedings of the IEEE Symposium on Security and Privacy
, San Jose, CA
(acceptance rate: 13.8%)
Hypervisor-based Malware Protection with AccessMiner
Aristide Fattori, Andrea Lanzi, Davide Balzarotti, Engin Kirda
Computers \& Security
2014
Resource monitoring for the detection of parasite P2P botnets
Rafael Rodríguez-Gómez, Gabriel Maciá-Fernández, Pedro García-Teodoro, Moritz Steiner, Davide Balzarotti
Journal of Computer Networks
A Large Scale Analysis of the Security of Embedded Firmwares
Andrei Costin, Jonas Zaddach, Aurélien Francillon, Davide Balzarotti
Proceedings of the 23rd USENIX Security Symposium (USENIX Security)
(acceptance rate: 19.0%)
Through the Looking-Glass, and What Eve Found There
Luca Bruno, Mariano Graziano, Davide Balzarotti, Aurélien Francillon
8th USENIX Workshop on Offensive Technologies (WOOT 14)
(acceptance rate: 48.6%)
Short Paper: A Dangerous 'Pyrotechnic Composition': Fireworks, Embedded Wireless and Insecurity-by-Design
Andrei Costin, Aurélien Francillon
Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec)
(acceptance rate: 26.0%)
Short Paper: WifiLeaks: Underestimated Privacy Implications of the ACCESS\_WIFI\_STATE Android Permission
Jagdish Prasad Achara, Mathieu Cunche, Vincent Roca, Aurélien Francillon
Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec)
(acceptance rate: 26.0%)
On the Feasibility of Software Attacks on Commodity Virtual Machine Monitors via Direct Device Assignment
Gabor Pek, Andrea Lanzi, Abhinav Srivastava, Davide Balzarotti, Aurélien Francillon, Christoph Neumann
Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS)
, Kyoto, Japan
(acceptance rate: 20.0%)
On The Effectiveness of Risk Prediction Based on Users Browsing Behavior
Davide Canali, Leyla Bilge, Davide Balzarotti
Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS)
, Kyoto, Japan
(acceptance rate: 20.0%)
Shades of Grey: A Closer Look at Emails in the Gray Area
Jelena Isacenkova, Davide Balzarotti
Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS)
, Kyoto, Japan
(acceptance rate: 20.0%)
Optical Delusions: A Study of Malicious QR Codes in the Wild
Amin Kharraz, Engin Kirda, William Robertson, Davide Balzarotti, Aurelien Francillon
Proceedings of the IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
, Atlanta, GA USA
(acceptance rate: 21.8%)
Microcomputations As Micropayments in Web-based Services
Ghassan O. Karame, Aurélien Francillon, Victor Budilivschi, Srdjan Capkun, Vedran Capkun
ACM Trans. Internet Technol. (ACM TOIT)
, New York, NY, USA
EXPOSURE: a Passive DNS Analysis Service to Detect and Report Malicious Domains
Leyla Bilge, Sevil Sen, Davide Balzarotti, Engin Kirda, Christopher Kruegel
ACM Transactions on Information and System Security (TISSEC)
Confidentiality Issues on a GPU in a Virtualized Environment
Clémentine Maurice, Christoph Neumann, Olivier Heen, Aurélien Francillon
Proceedings of the Eighteenth International Conference on Financial Cryptography and Data Security (FC'14)
, Barbados
(acceptance rate: 22.5%)
A Minimalist Approach to Remote Attestation
Aurelien Francillon, Quan Nguyen, Kasper B. Rasmussen, Gene Tsudik
Proceedings of Design, Automation and Test in Europe (DATE), Dresden, Germany
Avatar: A Framework to Support Dynamic Security Analysis of Embedded Systems' Firmwares
Jonas Zaddach, Luca Bruno, Aurelien Francillon, Davide Balzarotti
Network and Distributed System Security (NDSS) Symposium
, San Diego (USA)
(acceptance rate: 18.6%)
Toward Black-Box Detection of Logic Flaws in Web Applications
Giancarlo Pellegrino, Davide Balzarotti
Network and Distributed System Security (NDSS) Symposium
, San Diego (USA)
(acceptance rate: 18.6%)
Inside the SCAM Jungle: A Closer Look at 419 Scam Email Operations
Jelena Isacenkova, Olivier Thonnard, Andrei Costin, Aurelien Francillon, Davide Balzarotti
EURASIP Journal on Information Security
2013
Implementation and Implications of a Stealth Hard-Drive Backdoor
Jonas Zaddach, Anil Kurmus, Davide Balzarotti, Erik Olivier Blass, Aurelien Francillon, Travis Goodspeed, Moitrayee Gupta, Ioannis Koltsidas
Proceedings of the 29th Annual Computer Security Applications Conference (ACSAC)
, New Orleans
(acceptance rate: 19.0%)
Best Student Paper Award
Hypervisor Memory Forensics
Mariano Graziano, Andrea Lanzi, Davide Balzarotti
Symposium on Research in Attacks, Intrusion, and Defenses (RAID)
, Saint Lucia
(acceptance rate: 22.9%)
Winner of the 2013 Annual Volatility Framework Plugin Contest!
The Role of Phone Numbers in Understanding Cyber-Crime Schemes
Andrei Costin, Jelena Isachenkova, Marco Balduzzi, Aurelien Francillon, Davide Balzarotti
Annual Conference on Privacy, Security, and Trust (PST)
, Terragona, Spain
(acceptance rate: 29.0%)
PeerRush: Mining the Unwanted P2P Traffic
Babak Rahbarinia, Roberto Perdisci, Andrea Lanzi, and Kang Li,
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)
, Berlin, Germany
(acceptance rate: 31.6%)
Best Paper Award
Improving 802.11 Fingerprinting of Similar Devices by Cooperative Fingerprinting
Clémentine Maurice, Stephane Onno, Christoph Neumann, Olivier Heen, Aurelien Francillon
Proceedings of the 2013 International Conference on Security and Cryptography (SECRYPT'13)
, Reykjavik, Iceland
The Role of Web Hosting Providers in Detecting Compromised Websites
Davide Canali, Davide Balzarotti, Aurelien Francillon
22th International World Wide Web Conference (WWW)
, Rio de Janeiro, Brazil
(acceptance rate: 15.0%)
Best Paper Nominee
Inside the SCAM Jungle: A Closer Look at 419 Scam Email Operations
Jelena Isacenkova, Olivier Thonnard, Andrei Costin, Davide Balzarotti, Aurelien Francillon
Proceedings of the International Workshop on Cyber Crime (co-located with S\&P)
, San Francisco, CA
Behind the Scenes of Online Attacks: an Analysis of Exploitation Behaviors on the Web
Davide Canali, Davide Balzarotti
Proceedings of the 20th Annual Network and Distributed System Security Symposium (NDSS)
, San Diego, CA
(acceptance rate: 18.8%)
An authentication flaw in browser-based Single Sign-On protocols: Impact and remediations
Alessandro Armando, Roberto Carbone, Luca Compagna, Jorge Cuellar, Giancarlo Pellegrino, Alessandro Sorniotti
Computers \& Security
Embedded Devices Security and Firmware Reverse Engineering
Jonas Zaddach, Andrei Costin
BlackHat USA
2012
Towards network containment in malware analysis systems
Mariano Graziano, Corrado Leita, Davide Balzarotti
Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC)
, Orlando, FL
(acceptance rate: 19.0%)
Disclosure: detecting botnet command and control servers through large-scale NetFlow analysis
Leyla Bilge, Davide Balzarotti, William Robertson, Engin Kirda, Christopher Kruegel
Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC)
, Orlando, FL
(acceptance rate: 19.0%)
Analysis of the communication between colluding applications on modern smartphones
Claudio Marforio, Hubert Ritzdorf, Aurélien Francillon, Srdjan Capkun
Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC)
, Orlando
(acceptance rate: 19.0%)
Enabling trusted scheduling in embedded systems
Ramya Jayaram Masti, Claudio Marforio, Aanjhan Ranganathan, Aurélien Francillon, Srdjan Capkun
Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC)
, Orlando
(acceptance rate: 19.0%)
How can we determine if a device is infected or not?
Francillon, Aurélien, Jakobsson, Markus, Perrig, Adrian
Preventing Input Validation Vulnerabilities in Web Applications through Automated Type Analysis
Theodoor Scholte, William Robertson, Davide Balzarotti, Engin Kirda
36th Computer Software and Applications Conference (COMPSAC)
, Izmir, Turkey
(acceptance rate: 18.0%)
A quantitative study of accuracy in system call-based malware detection
Davide Canali, Andrea Lanzi, Davide Balzarotti, Christopher Kruegel, Mihai Christodorescu, Engin Kirda
Proceedings of the 2012 International Symposium on Software Testing and Analysis (ISSTA)
, Minneapolis, MN
(acceptance rate: 28.7%)
From model-checking to automated testing of security protocols: Bridging the gap
Alessandro Armando, Giancarlo Pellegrino, Roberto Carbone, Alessio Merlo, Davide Balzarotti
6th International Conference on Tests and Proofs (TAP)
, Prague, Czech Republic
Have things changed now? An empirical study on input validation vulnerabilities in web applications
Theodoor Scholte, Davide Balzarotti, Engin Kirda
Journal on Computers & Security
A security analysis of amazon's elastic compute cloud service
Marco Balduzzi, Jonas Zaddach, Davide Balzarotti, Engin Kirda, Sergio Loureiro
Proceedings of the 27th Annual ACM Symposium on Applied Computing (SAC)
, Trento, Italy
(acceptance rate: 24.0%)
An empirical analysis of input validation mechanisms in web applications and languages
Theodoor Scholte, William Robertson, Davide Balzarotti, Engin Kirda
Proceedings of the 27th Annual ACM Symposium on Applied Computing (SAC)
, Trento, Italy
(acceptance rate: 24.0%)
Insights into user behavior in dealing with internet attacks
Kaan Onarlioglu, U Ozan Yilmaz, Davide Balzarotti, Engin Kirda
19th Annual Network and Distributed System Security Symposium (NDSS)
, San Diego, CA
(acceptance rate: 17.8%)
Physical-Layer Attacks on Chirp-based Ranging Systems
Ranganathan, Aanjhan, Danev, Boris, Francillon, Aurélien, Capkun, Srdjan
Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)
Ghost in the Air (Traffic): On insecurity of ADS-B protocol and practical attacks on ADS-B devices
Andrei Costin, Aurélien Francillon
Black Hat USA
SMART: Secure and Minimal Architecture for (Establishing a Dynamic) Root of Trust
Karim El Defrawy, Aurelien Francillon, Daniele Perito, Gene Tsudik
Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego
NDSS 2024 Test of Time Award
2011
Measurement and evaluation of a real world deployment of a challenge-response spam filter
Jelena Isacenkova, Davide Balzarotti
Proceedings of the 2011 ACM SIGCOMM conference on Internet Measurement Conference (IMC)
, Berlin
(acceptance rate: 19.1%)
Reverse Social Engineering Attacks in Online Social Networks
Danesh Irani, Marco Balduzzi, Davide Balzarotti, Engin Kirda, C. Pu
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)
, Amsterdam, The Netherlands
(acceptance rate: 31.7%)
Operating System Interface Obfuscation and the Revealing of Hidden Operations
Abhinav Srivastava, Andrea Lanzi, Jonathon Giffin, Davide Balzarotti
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)
, Amsterdam, The Netherlands
(acceptance rate: 31.7%)
Thwarting Real-Time Dynamic Unpacking
Leyla Bilge, Andrea Lanzi, Davide Balzarotti
Proceedings of the Fourth European Workshop on System Security (EUROSEC)
Prophiler: a Fast Filter for the Large-Scale Detection of Malicious Web Pages
Davide Canali, Marco Cova, Giovanni Vigna, Christopher Kruegel
20th International World Wide Web Conference (WWW)
, Hyderabad, India
(acceptance rate: 12.3%)
Exposing the lack of privacy in file hosting services
Nick Nikiforakis, Marco Balduzzi, S. Van Acker, W. Joosen, Davide Balzarotti
Proceedings of the 4th USENIX conference on Large-scale exploits and emergent threats (LEET)
Quo Vadis? A Study of the Evolution of Input Validation Vulnerabilities in Web Applications
Theodor Scholte, Davide Balzarotti, Engin Kirda
Proceedings of the Fifteenth International Conference on Financial Crypto (FC)
, St. Lucia
(acceptance rate: 20.3%)
Automated discovery of parameter pollution vulnerabilities in web applications
Marco Balduzzi, Carment T. Gimenez, Davide Balzarotti, Engin Kirda
Proceedings of the 18th Network and Distributed System Security Symposium (NDSS)
, San Diego, CA
(acceptance rate: 20.1%)
Distinguished Paper Award
A Summary of Two Practical Attacks Against Social Networks
Leyla Bilge, Marco Balduzzi, Davide Balzarotti, Engin Kirda
Trustworthy Internet (Book Chapter)
EphPub: Toward Robust Ephemeral Publishing
Castelluccia, Claude, De Cristofaro, Emiliano, Francillon, Aurélien, Kaafar, Mohamed Ali
Proceedings of the IEEE International Conference on Network Protocols (ICNP)
Automatic Security Analysis of SAML-based Single Sign-On Protocols
Alessandro Armando, Roberto Carbone, Luca Compagna, Giancarlo Pellegrino
Digital Identity and Access Management: Technologies and Framework
2010
G-Free: defeating return-oriented programming through gadget-less binaries
Kaan Onarlioglu, Leyla Bilge, Andrea Lanzi, Davide Balzarotti, Engin Kirda
Proceedings of the 26th Annual Computer Security Applications Conference (ACSAC)
, Austin, Texas
(acceptance rate: 16.3%)
AccessMiner: using system-centric models for malware protection
Andrea Lanzi, Davide Balzarotti, Christopher Kruegel, Mihai Christodorescu, Engin Kirda
Proceedings of the 17th ACM conference on Computer and communications security (CCS)
, Chicago, Illinois, USA
(acceptance rate: 17.2%)
Abusing Social Networks for Automated User Profiling
Marco Balduzzi, Christian Platzer, Thorsten Holz, Engin Kirda, Davide Balzarotti, Christopher Kruegel
Proceedings of the Internation Symposium on Recent Advances in Intrusion Detection (RAID)
, Ottawa, Canada
(acceptance rate: 23.1%)
A Solution for the Automated Detection of Clickjacking Attacks
Marco Balduzzi, Manuel Egele, Engin Kirda, Davide Balzarotti, Christopher Kruegel
Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS)
, Beijing, China
(acceptance rate: 15.0%)
Honeybot, Your Man in the Middle for Automated Social Engineering
Tobias Lauinger, Veikko Pankakoski, Davide Balzarotti, Engin Kirda
Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET)
, San Jose, CA
(acceptance rate: 31.4%)
Efficient Detection of Split Personalities in Malware
Davide Balzarotti, Marco Cova, Christoph Karlberger, Christopher Kruegel, Engin Kirda, Giovanni Vigna
Proceedings of the Network and Distributed System Security Symposium (NDSS)
, San Diego, CA
(acceptance rate: 15.4%)
2009
A view on current malware behaviors
Ulrich Bayer, Imam Habibi, Davide Balzarotti, Engin Kirda, Christopher Kruegel
USENIX workshop on large-scale exploits and emergent threats (LEET)
, Boston, MA
(acceptance rate: 40.9%)
All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks
Leyla Bilge, Thorsten Strufe, Davide Balzarotti, Engin Kirda
20th International World Wide Web Conference (WWW)
, Madrid, Spain
(acceptance rate: 11.7%)