Welcome...

dr.ir. A. Continella (Andrea)

Assistant Professor

About Me

I am an Assistant Professor in the Services and CyberSecurity group of the University of Twente and a member of the International Secure Systems Lab (iSecLab).

Previously, I was a Postdoctoral Researcher in the Computer Science Department at UC Santa Barbara, working at the SecLab, and I obtained a Ph.D. cum laude in Computer Science and Engineering at Politecnico di Milano in Italy. During my Ph.D., I also took part in two research exchanges, working as a visiting researcher at UCSB and at the School of Computer Science of the University of Sydney.

My research focuses on aspects of computer security traditionally known as systems security. In particular, my main research interests lie in the security of the software that people use in their daily tasks, and revolve around analyzing such software for multiple security purposes, such as malware detection, identification of privacy disclosures, and vulnerability discovery. For example, I have worked on analysis and defense mechanisms against advanced threats such as the infamous ransomware families, on the detection of obfuscated privacy leaks in Android apps, and on the design of novel program analysis techniques to identify and patch vulnerabilities in embedded firmware.

I strongly believe in open, collaborative science, where researchers can easily and quickly access to previous research outcomes to reproduce and analyze results obtained by others.

I also love Capture The Flag (CTF) competitions, which I currently play with Shellphish (usually ending up in Vegas to play DEFCON Finals), and I co-organized several editions of the PoliCTF and iCTF.

Publications

Recent
Galloro, N., Polino, M., Carminati, M. , Continella, A., & Zanero, S. (2022). A Systematical and longitudinal study of evasive behaviors in windows malware. Computers & Security, 113, [102550]. https://doi.org/10.1016/j.cose.2021.102550
van Ede, T., Aghakhani, H., Spahn, N. , Bortolameotti, R., Cova, M. , Continella, A. , van Steen, M. , Peter, A., Kruegel, C., & Vigna, G. (2022). DeepCASE: Semi-Supervised Contextual Analysis of Security Events. In Proceedings of the IEEE Symposium on Security and Privacy (S&P)
Melotti, D., Rossi-Bellom, M. , & Continella, A. (2021). Reversing and Fuzzing the Google Titan M Chip. In ROOTS 2021 - Proceedings of the 5th Reversing and Offensive-Oriented Trends Symposium 2021, co-Located with DEEPSEC (ACM International Conference Proceeding Series). Association for Computing Machinery (ACM). https://doi.org/10.1145/3503921.3503922
Ruaro, N., Zeng, K., Dresel, L., Polino, M., Bao, T. , Continella, A., Zanero, S., Kruegel, C., & Vigna, G. (2021). SyML: Guiding symbolic execution toward vulnerable states through pattern learning. In Proceedings of 2021 24th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2021), October 6-8, 2021, Donostia/San Sebastiàn, Spain (pp. 456-468). (ACM International Conference Proceeding Series). Association for Computing Machinery (ACM). https://doi.org/10.1145/3471621.3471865
Garg, C., Machiry, A. , Continella, A., Kruegel, C., & Vigna, G. (2021). Toward a Secure Crowdsourced Location Tracking System. In 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec) (pp. 311-322). [3467821] https://doi.org/10.1145/3448300.3467821
Meng, D., Guerriero, M., Machiry, A., Aghakhani, H., Bose, P. , Continella, A., Kruegel, C., & Vigna, G. (2021). Bran: Reduce Vulnerability Search Space in Large Open Source Repositories by Learning Bug Symptoms. In ACM ASIA Conference on Computer and Communications Security (ASIACCS) (pp. 731-743) https://doi.org/10.1145/3433210.3453115
Redini, N. , Continella, A., Das, D., Pasquale, G. D., Spahn, N., Machiry, A., Bianchi, A., Kruegel, C., & Vigna, G. (2021). DIANE: Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Devices. In Proceedings of the IEEE Symposium on Security & Privacy (S&P)
Ayub, M. A. , Continella, A., & Siraj, A. (2020). An I/O Request Packet (IRP) Driven Effective Ransomware Detection Scheme using Artificial Neural Network. In Proceedings - 2020 IEEE 21st International Conference on Information Reuse and Integration for Data Science, IRI 2020 (pp. 319-324). [9191509] IEEE. https://doi.org/10.1109/IRI49571.2020.00053
Redini, N., Machiry, A., Wang, R., Spensky, C. , Continella, A., Shoshitaishvili, Y., Kruegel, C., & Vigna, G. (2020). Identifying Multi-Binary Vulnerabilities in Embedded Firmware at Scale. Paper presented at Black Hat Asia 2020, Singapore.
Redini, N., Machiry, A., Wang, R., Spensky, C. , Continella, A., Shoshitaishvili, Y., Kruegel, C., & Vigna, G. (2020). KARONTE: Detecting Insecure Multi-binary Interactions in Embedded Firmware. In Proceedings 2020 IEEE Symposium on Security and Privacy, SP 2020 (pp. 1544-1561). [9152796] IEEE. https://doi.org/10.1109/SP40000.2020.00036

UT Research Information System

Google Scholar Link

Contact Details

Visiting Address

University of Twente
Faculty of Electrical Engineering, Mathematics and Computer Science
Zilverling (building no. 11), room 2023
Hallenweg 19
7522NH  Enschede
The Netherlands

Navigate to location

Mailing Address

University of Twente
Faculty of Electrical Engineering, Mathematics and Computer Science
Zilverling  2023
P.O. Box 217
7500 AE Enschede
The Netherlands

Social Media