Andrea Marcelli

andrea.marcelli at polito.it

Ph.D Student
Security Researcher and Data Scientist

Politecnico di Torino - DAUIN, Italy

PGP key

News:

Accepted paper: "Countering Android Malware: a Scalable Semi-Supervised Approach for Family-Signature Generation".

Presented talk "Looking for the perfect signature: an automatic YARA rules generation algorithm in the AI-era" at BSIDESLV and DEF CON 26.


Research interests

My research interests include malware analysis, machine learning, semi-supervised modeling, and advanced optimization methods mainly applied to open problems in computer security.


Work Experience

[November 2016 - Ongoing] Security Researcher at HISPASEC SISTEMAS S.L., Malaga (Spain)
working on the Koodous project, and developing new AI-based tools to automate large scale Android malware analysis, including malware clustering, network graph analytics and automatic YARA signatures generation.
[Koodous]


Publications

  • [J] Countering Android Malware: a Scalable Semi-Supervised Approach for Family-Signature Generation
    Andrea Atzeni, Fernando Díaz, Andrea Marcelli, Antonio Sánchez, Giovanni Squillero, Alberto Tonda
    IEEE Access, 2018
    [IEEE Explore]

  • [J] An Unsupervised and Non-Invasive Model for Predicting Network Resource Demands
    Fulvio Corno, Luigi De Russis, Andrea Marcelli, Teodoro Montanaro
    IEEE Internet of Things Journal, 2018
    [IEEE Explore] [Bibtex]

  • [C] Evaluating Surrogate Models for Multi-Objective Influence Maximization in Social Networks
    Doina Bucur, Giovanni Iacca, Andrea Marcelli, Giovanni Squillero, Alberto Tonda
    GECCO ’18 Companion. ACM, 2018.
    [pdf]

  • [C] On the mitigation of Hardware Trojan attacks in embedded processors by exploiting a Hardware-based obfuscator
    Andrea Marcelli, Ernesto Sanchez, Luca Sasselli and Giovanni Squillero
    3rd International Verification and Security Workshop 2018 (IVSW' 18)
    [Conference link]

  • [C] Improving Multi-Objective Evolutionary Influence Maximization in Social Networks
    Doina Bucur, Giovanni Iacca, Andrea Marcelli, Giovanni Squillero, Alberto Tonda
    European Conference on the Applications of Evolutionary and Bio-inspired Computation (EvoApplications), track EvoComNet: Application of Nature-inspired Techniques for Communication Networks and other Parallel and Distributed Systems. Springer, 2018.
    [Article] [Poster]

  • [C] Defeating Hardware Trojan in Microprocessor Cores through Software Obfuscation
    Andrea Marcelli, Ernesto Sanchez, Giovanni Squillero
    19th IEEE Latin-American Test Symposium (LATS 2018)
    [IEEEXplore]

  • [C] HAIT: Heap Analyzer with Input Tracing
    Andrea Atzeni, Andrea Marcelli, Francesco Muroni, Giovanni Squillero
    Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 6: SECRYPT, (ICETE 2017)
    [Keynote] [ScitepressLink]

  • [P] Defeating Hardware Trojan through Software Obfuscation
    Andrea Marcelli, Marco Restifo, Ernesto Sanchez, Giovanni Squillero
    Online Informal proceedings of the RESCUE 2017 workshop
    [Article] [Poster]

  • [C] An Evolutionary Approach to Hardware Encryption and Trojan-Horse Mitigation
    Andrea Marcelli, Marco Restifo, Ernesto Sanchez, Giovanni Squillero
    In Design, Automation & Test in Europe Conference & Exhibition (DATE 2017)
    [IEEEXplore] [GitHub]

  • [C] Multi-Objective Evolutionary Algorithms for Influence Maximization in Social Networks
    Doina Bucur, Giovanni Iacca, Andrea Marcelli, Giovanni Squillero, Alberto Tonda
    European Conference on the Applications of Evolutionary and Bio-inspired Computation (EvoApplications), track EvoComNet: Application of Nature-inspired Techniques for Communication Networks and other Parallel and Distributed Systems. Springer, 2017.
    [Article] [SpringerLink] [BEST PAPER AWARD]

  • [C] Challenging Anti-virus Through Evolutionary Malware Obfuscation
    Marco Gaudesi, Andrea Marcelli, Ernesto Sanchez, Giovanni Squillero, Alberto Tonda
    In European Conference on the Applications of Evolutionary Computation 2016 Mar 30 (pp. 149-162). Springer International Publishing.
    [Article] [Poster] [SpringerLink]

  • [C] Malware Obfuscation through Evolutionary Packers
    Marco Gaudesi, Andrea Marcelli, Ernesto Sanchez, Giovanni Squillero, Alberto Tonda
    In Proceedings of the Companion Publication of the 2015 Annual Conference on Genetic and Evolutionary Computation 2015 Jul 11 (pp. 757-758). ACM.
    [Poster] [ACMLink]

Some Talks

  • Inteligencia colectiva con Koodous y YaYaGen
    Criptored and BBVA Next Technologies - BBVA Open Space, Thursday 13th September 2018
    [Web]

  • Looking for the perfect signature: an automatic YARA rules generation algorithm in the AI-era
    DEFCON - Saturday 11th Aug 2018 at 13:00, Las Vegas, Nevada
    BSIDESLV - TBD, track Ground Truth
    [BSIDESLV] [DEF CON 26] [Una al día] [Slides] [Demo] [Video]

  • Practical intro to Machine Learning in Python with scikit-learn and AutoML strategies
    24 Mar 2018, Politecnico di Torino, Italy
    [Web] [Slides] [Notebook]

  • Evolutionary Machine Learning for Android Malware Analysis
    2nd SmartData@PoliTO Workshop on Big Data and Data Science
    2 Mar 2018, Camogli, Italy
    [Web]

  • Evolutionary Malware: Challenging Anti-Virus
    2 Dec 2015, Politecnico di Torino, Italy
    [Web] [Slides]

Past Research

  • Ms.C. Thesis "Computational-Intelligence Techniques for Malware Generation"
    Andrea Marcelli
    [pdf]

  • Mobile Os Security Analysis
    Security analysis of three mobile Operating Systems: Tizen, CyanogenMod and Ubuntu Touch
    Alessio Canepa and Andrea Marcelli, in collaboration with Telecom IT Security Lab.
    2015, Computer Security Exam. Tutor: Andrea Atzeni
    [web] [pdf]

Old Projects

  • Netatmo vulnerabilities discovery
    Affected product: Netatmo Weather Station
    Vulnerability: expose Wifi SSID and Password of connected networks in clear.
    Affected firmware versions: <=v 119.
    [Slides] [PoC exploit]

  • NFC 2-Factor authentication
    Development of an authentication mechanism that uses an NFC card and a user personal PIN.
    Vincenzo Costanzo, Antonio Leo, Andrea Marcelli, Sebastiano Miano
    2015, Project and Laboratory on Communication System exam. Prof: Guido Albertengo
    [GitHub] [Report] [Slides]

  • LWIP MITM - A simple TCP/IP splitter
    A simple but effective lightweight TCP/IP splitter (MITM) implementation, based on the LWIP TCP/IP stack from Adam Dunkels.
    2014, Local Area Networks course, Prof. Fulvio Risso (NetGroup Polito)
    [GitHub] [Slides]

Grant support

The Ph.D. program is supported by a scholarship from Telecom Italia JOL (2015-2018).


Teaching

Lecturer and teaching assistant ([SC]: semester course) for:

  • [SC] Tecniche di programmazione Politecnico di Torino, Italy, 2018 (laboratory assistant, lecturer)
  • [SC] Tecniche di programmazione Politecnico di Torino, Italy, 2017 (laboratory assistant, lecturer)
  • [SC] Tecniche di programmazione Politecnico di Torino, Italy, 2016 (laboratory assistant)