Andrea Fioraldi


Andrea Fioraldi is currently a Ph.D. student in the Software and Systems Security group of EURECOM under the supervision of Prof. Davide Balzarotti. He is working on new methodologies to improve the effectiveness of security vulnerability discovery techniques such as Fuzz Testing in the scope of the DARPA Chess project.

In 2020, Andrea obtained his MSc degree in Engineering in Computer Science from Sapienza, University of Rome. His thesis was developed during his internship at EURECOM with the supervision of Prof. Balzarotti and its title is “Program State Abstraction for Feedback-driven Fuzz Testing using Likely Invariants”. In 2018, Andrea obtained his BSc degree in Computer and Control Engineering from Sapienza, University of Rome. His thesis is entitled “Symbolic Execution and Debugging Synchronization”.

Andrea is an active player in CyberSecurity competitions (Capture the Flag). He won the Italian CyberChallenge in 2017 in the category of Malware Analysis, he was also part of the first Italian team participating at the ENISA’s European CyberSecurity Challenge. With his team mHACKeroni, he also participated several times to top international competitions among the best hacker teams in the world, such as DEFCON CTF and CCC CTF, with great results.

Andrea is known in the security community for his contributions in the field of Fuzz Testing, specifically (but not limited to) as a maintainer of one of the most advanced and used publicly available fuzzers, AFL++.


WEIZZ: Automatic Grey-box Fuzzing for Structured Binary Formats
Fioraldi Andrea and D'Elia Daniele Cono and Coppa Emilio
in Proceedings of the 29th ACM SIGSOFT International Symposiumon Software Testing and Analysis
PDF BibTex
AFL++: Combining incremental steps of fuzzing research
Andrea Fioraldi, Dominik Maier, Heiko Eissfeldt, Marc Heuse
in 14th USENIX Workshop on Offensive Technologies (WOOT 20)
PDF BibTex Slides
Fuzzing binaries for memory safety errors with QASan
Andrea Fioraldi, Daniele Cono D'Elia, Leonardo Querzoni
in 2020 IEEE Secure Development Conference (SecDev)
PDF BibTex
The Use of Likely Invariants as Feedback for Fuzzers
Andrea Fioraldi, Daniele Cono D'Elia, Davide Balzarotti
in 30th USENIX Security Symposium (USENIX Security 21)
PDF BibTex
Registered Report: Dissecting American Fuzzy Lop - A FuzzBench Evaluation
Andrea Fioraldi, Alessandro Mantovani, Dominik Maier, Davide Balzarotti
in the 1st International Fuzzing Workshop (FUZZING 2022)
PDF (Report) BibTex
Fuzzing with Data Dependency Information
Alessandro Mantovani, Andrea Fioraldi and Davide Balzarotti
EuroSP 2022, Genoa, Italy
PDF BibTex
LibAFL: A Framework to Build Modular and Reusable Fuzzers
Andrea Fioraldi and Dominik Maier and Dongjia Zhang and Davide Balzarotti
Proceedings of the 29th ACM conference on Computer and communications security (CCS) , Los Angeles, U.S.A.
PDF BibTex
Dissecting American Fuzzy Lop -- A FuzzBench Evaluation
Andrea Fioraldi and Alessandro Mantovani and Dominik Maier and Davide Balzarotti
ACM Trans. Softw. Eng. Methodol.
PDF BibTex


Fuzzers like LEGO
Fioraldi Andrea and Dominik Maier
Remote Chaos Experience (CCC), December 2020
Slides Video
LibAFL: The Advanced Fuzzing Library
Fioraldi Andrea and Dominik Maier
FUZZCON EUROPE, October 2021



Campus SophiaTech,
450 Route des Chappes, 06410 Biot FRANCE
Office: 370