Davide Canali // davidecanali.com // personal website

Please be patient, this website is always in development!
I'm adding content little by little, on my spare time.

News

2015-05-12: Our paper "Needles in a Haystack: Mining Information from Public Dynamic Analysis Sandboxes for Malware Intelligence" has been accepted for the 24th USENIX Security Symposium (USENIX SEC 2015).

2014-06-05: In Kyoto, Japan, presenting the paper "On The Effectiveness of Risk Prediction Based on Users Browsing Behavior" at the 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2014).

2014-02-12: I obtained my Ph.D. degree from Telecom ParisTech (EURECOM) with the defense of my thesis titled "A Multidimensional Analysis of Malicious and Compromised Websites"

2014-02-05: Our paper "On The Effectiveness of Risk Prediction Based on Users Browsing Behavior" has been accepted for the 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2014).

2013-10-02: at Les Assises de la Sécurité in Monaco, the biggest business security conference in France and Monaco

2013-06-24: Our research group hosted the French stop of the OWASP EUTour 2013, in Sophia-Antipolis. A brief summary of the event is available here. Slides of the presentations can be found OWASP France website

2013-06-22: At Disneyland Paris, giving a talk on the follow up of our web honeypots project at Nuit du Hack 2013

More... 2013-06-07: At SSTIC 2013 (Symposium sur la sécurité des technologies de l'information et des communications), in Rennes. A writeup of my talk can be found here (in French)

2013-06-01: I'm organizing the French stop of the OWASP EUTour 2013, which will take place on June 24th at EURECOM, Sophia-Antipolis, hosted by our research group. The event is FREE to attend. For more information and directions, check the official event page: OWASP EUTour2013 France Agenda

2013-05-17: I presented the paper "The Role of Web Hosting Providers in Detecting Compromised Websites" at the 22nd International World Wide Web Conference (WWW 2013), in Rio de Janeiro. Our work was one of the candidates for the best paper award :)

2013-04-22: Our talk on the behavior of web attackers has been accepter for the Nuit du Hack 2013, which will take place on June 22 and 23 at Disneyland Paris.

2012-04-17: Our presentation on the security of web hosting providers has been selected for SSTIC 2013 (Symposium sur la sécurité des technologies de l'information et des communications)

2013-02-27: In San Diego, presenting the paper "Behind the Scenes of Online Attacks: an Analysis of Exploitation Behaviors on the Web" at the 20th Annual Network & Distributed System Security Symposium (NDSS 2013).

2013-02-08: Our paper "The role of web hosting providers in detecting compromised websites" has been accepted for the 22nd International World Wide Web Conference (WWW 2013).

2012-10-20: Our paper "Behind the Scenes of Online Attacks: an Analysis of Exploitation Behaviors on the Web" has been accepted for the 20th Annual Network & Distributed System Security Symposium (NDSS 2013).

2012-07-18: In Minneapolis, presenting the paper "A Quantitative Study of Accuracy in System Call-Based Malware Detection" at the International Symposium on Software Testing and Analysis (ISSTA 2012).

2012-06-06: In Rennes, France, presenting at SSTIC 2012 (Symposium sur la sécurité des technologies de l'information et des communications)

2012-04-20: Our paper "A Quantitative Study of Accuracy in System Call-Based Malware Detection" has been accepted for ISSTA 2012.

2011-08-10: Published Advisory "phpList Improper Access Control and Information Leakage vulnerabilities"

2011-06-09: In Dublin for OWASP AppSec Europe 2011, giving the talk titled "Building Large Scale Detectors for Web-based Malware", together with Marco Cova.

2011-04-09: Our talk "Building Large Scale Detectors for Web-based Malware" has been accepted for OWASP AppSec Europe 2011.

2011-03-30: I presented the paper "Prophiler: a Fast Filter for the Large-Scale Detection of Malicious Web Pages" at the 20th International World Wide Web Conference (WWW 2011).

2011-01-14: Our paper "Prophiler: a Fast Filter for the Large-Scale Detection of Malicious Web Pages" has been accepted for the 20th International World Wide Web Conference (WWW 2011).

2010-09-01: Starting my PhD at the Networking and Security department of Institute Eurecom in Sophia Antipolis (France), under the supervision of prof. Davide Balzarotti

2010-04-23: Back in Santa Barbara for 2 months, to complete my project at the UCSB Computer Security Lab

2010-03-18: I received my M.Sc. in Computer Engineering (Laurea Specialistica in Ingegneria Informatica) with Honors, from Università di Bologna, Italy

2009-12-04: I participated as a guest to the International Capture The Flag (iCTF), organized every year by my advisor, prof. Giovanni Vigna

2009-10-21: Published Advisory "TwonkyMedia Server Multiple Cross-Site Scripting Vulnerabilities" Less...