I'm an Assistant Professor at Eurecom Graduate School and Research Center, located in Sophia Antipolis on the French riviera. My research interests include most aspects of system security and in particular the areas of intrusion detection and prevention, binary and malware analysis, reverse engineering, and web security. Before joining Eurecom I spent almost two years in Santa Barbara as a postdoctoral researcher in the Department of Computer Science at UCSB, working in the Computer Security Lab with professor Giovanni Vigna and professor Richard Kemmerer. I received my PhD in Computer Engineering from Politecnico di Milano in 2006.

Office Hours:	e-mail appointment
Email:	> echo "danowayde@iseclab.org" | sed s/noway/vi/
Current Address:	Institut Eurecom 2229 Route des Cretes F-06560 Sophia-Antipolis cedex France
Telephone:	+33 4 9300 8156

Program Committee Memberships

RAID 2010 - 13th International Symposium on Recent Advances in Intrusion Detection

SESS 2010 - 6th International Workshop on Software Engineering for Secure Systems

ARES 2010 - IEEE International Conference on Availability, Reliability, and Security

SESOC 2010 - IEEE International Worskshop on SECurity and SOCial Networking

PC Memberships (Past Events)

EC2ND 2009 - 5th European Conference on Computer Network Defense

RAID 2009 - 12th International Symposium on Recent Advances in Intrusion Detection

ICIW 2009 - 4th International Conference on Internet and Web Applications and Services

SESS 2009 - 5th International Workshop on Software Engineering for Secure Systems

ARES 2009 - IEEE International Conference on Availability, Reliability, and Security

SecSE 2009 - Third International Workshop on Secure Software Engineering

ICIMP 2008 - Third International Conference on Internet Monitoring and Protection

SESS 2008 - 4th International Workshop on Software Engineering for Secure Systems

ARES 2008 - IEEE International Conference on Availability, Reliability, and Security

DAWAM 2008 - 3rd International Workshop on Dependability Aspects on Data Warehousing and Mining applications

SESS 2007 - 3rd International Workshop on Software Engineering for Secure Systems

Other Activities

Member of the red team involved in testing the capability and security of the voting machines certiified for use in the State of Ohio. Project Everest (Evaluation & Validation of Election-Related Equipment, Standards & Testing). September - December 2007

Member of the red team in the top-to-bottom review of the electronic voting machines certified for use in California. June - July 2007

Member of ShellPhish, winner team at the DEFCON capture the flag hacking competition, Las Vegas, August 2005

Conferences and Workshops

M.Balduzzi, M.Egele, E.Kirda, D.Balzarotti, C.Kruegel "A Solution for the Automated Detection of Clickjacking Attacks" (to appear) Proceedings of (AsiaCCS) - Beijing, China, April 13-16 2010 [ ]

D.Balzarotti, M.Cova, C.Karlberger, E.Kirda, C.Kruegel, G.Vigna "Efficient Detection of Split Personalities in Malware" (to appear) Proceedings of the Symposium on Network and Distributed System Security (NDSS) - San Diego, USA, March 1-2 2010 [ ]

L. Bilge, T. Strufe, D. Balzarotti, E. Kirda "All Your Contacts Are Belong to Us: Automated Identity Theft" 18th International World Wide Web Conference (WWW) - Madrid, Spain, April 20-24 2009 [ download |  bibtex ] In the press: [ Nature ]

U. Bayer, I. Habibi, D. Balzarotti, E. Kirda, C. Kruegel "Insights Into Current Malware Behavior" 2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET) - Boston, MA, April 21 2009 [ download ]

D. Balzarotti, G. Banks, M. Cova, V. Felmetsger, R. Kemmerer, W. Robertson, F. Valeur, G. Vigna "Are Your Votes Really Counted? Testing the Security of Real-world Electronic Voting Systems" International Symposium on Software Testing and Analysis (ISSTA) - Seattle, WA, July 20-24 2008 [ download |  bibtex ]

D. Balzarotti, M. Cova, V. Felmetsger, N. Jovanovic, E. Kirda, C. Kruegel, G. Vigna "Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications" Proceedings of the 29th IEEE Symposium on Security and Privacy - Oakland, California, May 18-21, 2008 [ download |  bibtex ]

D. Balzarotti, M. Cova, G. Vigna "ClearShot: Eavesdropping on Keyboard Input from Video" Proceedings of the 29th IEEE Symposium on Security and Privacy - Oakland, California, May 18-21, 2008 [ download |  bibtex ] In the press: [ Scientific American |  PCWorld  |  Geeks are sexy  |  IntelFusion ]

C. Kruegel, D. Balzarotti, W. Robertson, G. Vigna "Improving Signature Testing Through Dynamic Data Flow Analysis" Proceedings of the Annual Computer Security Applications Conference (ACSAC 23) [ download |  bibtex ]

D. Balzarotti, M. Cova, V. Felmetsger, G. Vigna "Multi-Module Vulnerability Analysis of Web-based Applications" Proceedings of the ACM Conference on Computer and Communication Security (ACM CCS) 2007 [ download |  bibtex ]

M. Cova, D. Balzarotti, V. Felmetsger, G. Vigna "Swaddler: An Approach for the Anomaly-based Detection of State Violations in Web Applications" Recent Advance in Intrusion Detection (RAID) 2007 [ download |  bibtex ]

M. Van Gundy, D. Balzarotti, G. Vigna "Catch Me, If You Can: Evading Network Signatures with Web-based Polymorphic Worms" First USENIX Workshop on Offensive Technologies (WOOT) 2007 [ download |  bibtex ]

D. Balzarotti, M. Monga, S. Sicari "Assessing the risk of using vulnerable components" Quality of protection: security measurements and metrics, Advances in Information Security 23 Springer New York,2006 [ download |  bibtex ]

G.P. Picco, D. Balzarotti, P. Costa "LighTS: A Lightweight, Customizable Tuple Space Supporting Context-Aware Applications" Proceedings of the 20th Annual ACM Symposium on Applied Computing (SAC 2005) [ download |  bibtex ]

D. Balzarotti, A. Castaldo D'Ursi, L. Cavallaro, M. Monga "Slicing AspectJ Woven Code" Proceedings of Foundations Of Aspect-Oriented Languages (FOAL 2005) [ download |  bibtex ]

G. Vigna, W. Robertson, and D. Balzarotti "Testing Network-based Intrusion Detection Signatures Using Mutant Exploits" Proceedings of the ACM Conference on Computer and Communication Security (ACM CCS 2004) [ download |  bibtex ]

D. Balzarotti, M. Monga "Using Program Slicing to Analyze Aspect Composition" Proceedings of Foundations Of Aspect-Oriented Languages (FOAL 2004) [ download |  bibtex ]

D. Balzarotti, C. Ghezzi, and M. Monga "Support Configuration Management for Virtual Workgroups in a Peer-to-Peer Setting" Proceedings of international conference on Software Engineering and Knowledge Engineering (SEKE 2002) [ download |  bibtex ]

D. Balzarotti, C. Ghezzi, and M. Monga "Freeing Cooperation from Servers Tyranny" Web engineering and peer-to-peer computing, LNCS 2376 Springer-Verlag [ download |  bibtex ]

Journals

D. Balzarotti, G. Banks, M. Cova, V. Felmetsger, R. Kemmerer, W. Robertson, F. Valeur, and G. Vigna "An Experience in Testing the Security of Real-world Electronic Voting Systems" In IEEE Transactions on Software Engineering 2010 [ download |  bibtex ]

G. Vigna, F. Valeur, D. Balzarotti, W. Robertson, C. Kruegel, E. Kirda "Reducing Errors in the Anomaly-based Detection of Web-based Attacks Through the Combined Analysis of Web Requests and SQL Queries" Journal of Computer Security [ ]

D. Balzarotti, C. Ghezzi, M. Monga "Supporting cooperative software processes in a decentralized and nomadic world" IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans 36(6) 11/2006 [ download |  bibtex ]

D. Balzarotti, P. Costa, G.P. Picco "The LighTS Tuple Space Framework and Its Customization for Context-Aware Applications" Journal of Web Intelligence and Agent Systems, Volume 5, Number 2,2007 - pages 215-231 [ download |  bibtex ]

Technical Reports

P. McDaniel, M. Blaze, G. Vigna, et al. "EVEREST: Evaluation and Validation of Election-Related Equipment, Standards and Testing" In Ohio Secretary of State's EVEREST Report - December 2007 [ download |  bibtex |  Ohio Secretary of State Page |  More info ]

G. Vigna, R. Kemmerer, D. Balzarotti, G. Banks, M. Cova, V. Felmetsger, W. Robertson, and F. Valeur "Security Evaluation of the Sequoia Voting System" Report commissioned as part of the California Secretary of State's Top-To-Bottom Review of California Voting Systems. July 20, 2007 [ download |  bibtex |  California Secretary of State Page |  More info ]

D. Balzarotti "Testing Network Intrusion Detection Systems" Ph.D Dissertation, 2006 [ download |  bibtex ]