Hello! It's me Mario

I'm an Assistant Professor(RTDa) at Politecnico di Milano working on Computer Security at NECSTLab. I'm interested in many aspect of Computer Security and Computer Science and I'm currently working on Malware and Binary Analysis.

Contacts

mario.polino [a t] polimi.it

(+39) 02-2399-3564 (NecstLab)

NECSTLab, Building 20
DEIB, Politecnico di Milano
Via Ponzio 34/5, Milano, Italy

PGP Key

SSH Pub Key

CV

Publications

# CANflict: Exploiting Peripheral Conflicts for Data-Link Layer Attacks on Automotive Networks
A. Faveri Tron, S. Longari, M. Carminati, Mario Polino, S. Zanero,
Proceedings of ACM Conference on Computer and Communications Security (CCS 2022) , 2022
[PDF]

# Apìcula: Static Detection of API Calls in Generic Streams of Bytes
M. D’Onghia, M. Salvadore, B. Nespoli, M. Carminati, Mario Polino, S. Zanero,
Computers & Security , 2022
[PDF]

# Amaretto: An Active Learning Framework for Money Laundering Detection
D. Labanca, L. Primerano, M. Markland-Montgomery, Mario Polino, M. Carminati, S. Zanero,
IEEE Access , 2022
[PDF]

# A Systematical and Longitudinal Study of Evasive Behaviors in Windows Malware
N. Galloro, Mario Polino, M. Carminati, A. Continella, S. Zanero,
Computers & Security , 2022
[PDF]

# SyML: Guiding Symbolic Execution Toward Vulnerable States Through Pattern Learning
N. Ruaro, K. Zeng, L. Dresel, Mario Polino, T. Bao, A. Continella, S. Zanero, C. Kruegel, G. Vigna,
24th International Symposium on Research in Attacks, Intrusions and Defenses , 2021
[Code] [PDF]

# NoSQL Breakdown: A Large-scale Analysis of Misconfigured NoSQL Services
D. Ferrari, M. Carminati, Mario Polino, S. Zanero,
Proceedings of 36th Annual Computer Security Applications Conference (ACSAC 2020) , 2020
[PDF]

# Evasion Attacks against Banking Fraud Detection Systems
M. Carminati, L. Santini, Mario Polino, S. Zanero,
Proceedings of 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2020) , 2020
[PDF]

# Security of controlled manufacturing systems in the connected factory: the case of industrial robots
M. Pogliani, D. Quarta, Mario Polino, M. Vittone, F. Maggi, S. Zanero,
Journal of Computer Virology and Hacking Techniques , 2019
[PDF]

# ELISA: ELiciting ISA of raw binaries for fine-grained code and data separation
P. De Nicolao, M. Pogliani, Mario Polino, M. Carminati, D. Quarta, S. Zanero,
Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA) , Paris, France, 2018
[PDF]

# There's a Hole in that Bucket! A Large-scale Analysis of Misconfigured S3 Buckets
A. Continella, Mario Polino, M. Pogliani, S. Zanero,
Proceedings of the Annual Computer Security Applications Conference (ACSAC) , San Juan, Puerto Rico, Usa, 2018
[BucketSec] [PDF]

# Security Evaluation of a Banking Fraud Analysis System
M. Carminati, Mario Polino, A. Continella, A. Lanzi, F. Maggi, S. Zanero,
ACM Transactions on Privacy and Security (TOPS) , 2018

# SysTaint: Assisting Reversing of Malicious Network Communications
G. Viglianisi, M. Carminati, Mario Polino, A. Continella, S. Zanero,
8th Software Security, Protection, and Reverse Engineering Workshop , 2018

# Measuring and Defeating Anti-Instrumentation-Equipped Malware
Mario Polino, A. Continella, S. Mariani, S. D’Alessio, L. Fontana, F. Gritti, S. Zanero,
Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA) , Bonn, Germany, 2017
[Code] [PDF]

# An Experimental Security Analysis of an Industrial Robot Controller
D. Quarta, M. Pogliani, Mario Polino, F. Maggi, A. Zanchettin, S. Zanero,
2017 IEEE Symposium on Security and Privacy (SP) , 2017
[PDF] [Site]

# Prometheus: Analyzing WebInject-based information stealers
A. Continella, M. Carminati, Mario Polino, A. Lanzi, S. Zanero, F. Maggi,
Journal of Computer Security , 2017
[PDF]

# Going Native: Using a Large-Scale Analysis of Android Apps to Create a Practical Native-Code Sandboxing Policy
V. Afonso, A. Bianchi, Y. Fratantonio, A. Doupè, Mario Polino, P. Geus, C. Kruegel, G. Vigna,
Proceedings of the Symposium on Network and Distributed System Security (NDSS) , 2016
[PDF]

# SOK: (State of) The Art of War: Offensive Techniques in Binary Analysis
Y. Shoshitaishvili, R. Wang, C. Salls, N. Stephens, Mario Polino, A. Dutcher, J. Grosen, S. Feng, C. Hauser, C. Kruegel, G. Vigna,
2016 IEEE Symposium on Security and Privacy (SP) , 2016
[PDF]

# Jackdaw: Towards Automatic Reverse Engineering of Large Datasets of Binaries
Mario Polino, A. Scorti, F. Maggi, S. Zanero,
Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA) , 2015
[PDF]