Cristian Assaiante

Ph.D. Student in Engineering in Computer Science

Biography

I am a Ph.D. Student with the Department of Computer, Control and Management Engineering (DIAG) "Antonio Ruberti" at Sapienza University of Rome. I am currently working with the research group of my advisor Prof. Leonardo Querzoni and my co-advisor Dr. Daniele Cono D'Elia.

My research interests spans over several aspects of compilers, and software and system security, the main focus at the moment is debug information quality and profile-guided optimizations. I currently work on evaluating the quality of debug information, how compiler optimizations affect it, and its incompleteness can affect downstream tools. Also, as part of a collaboration with Google, I work on improving the effectiveness of profile-guided optimiations. I am passionate about compilers optimizations, program analysis techniques (sometimes applied to malware analysis), operating systems and micro-architectural attacks.

I obtained my M.Sc. degree (summa cum laude) with a thesis about the completeness of debug symbols in optimizing compilers, and my B.Sc. degree (summa cum laude) with a thesis about a micro-architectural approach to malware evasion techniques (Winner of the CLUSIT prize for the most innovative cybersecurity thesis, 2019).

From 2020 to 2023, I have been among the organizers and training coordinators for the CyberChallenge.IT introductory program in cybersecurity, at Sapienza University of Rome. During the course I give lectures, both practical and theoretical, about various cybersecurity topics (cryptography, reverse engineering, binary exploitation and micro-architectural attacks). In 2023, the Sapienza team reached the 1^st place at the national finals, in Turin, Italy.

I am a CTF player (mainly involed in reverse engineering) with the Sapienza team (TRX) and mhackeroni (6 times DEFCON finalist, winner of Hack-A-Sat4).

An updated and complete version of my CV can be found here.

Service

2025: Artifact Evaluation Committee member for ACM CCS'25 - ACM Conference on Computer and Communications Security [CORE23 rank: A*]; Artifact Evaluation Committee member for USENIX Security'25 - 34° USENIX Security Symposium [CORE23 rank: A*]
2024: Artifact Evaluation Committee member for NDSS'25 - Network and Distributed System Security Symposium 2025 [CORE23 rank: A*]
2023: Reviewer for Computer and Security (COSE) [Scimago rank: Q1]; Reviewer for SoftwareX (SoftX) [Scimago rank: Q2]
2022: Shadow Program Committee member for EuroSys'23 - 18^th European Conference on Computer Systems [CORE21 rank: A]; Artifact Evaluation Committee member for EuroSys'23 - 18^th European Conference on Computer Systems [CORE21 rank: A]

Teaching

2024: Adjunct Professor for Sistemi di Calcolo (3CFU module) course (Spring 2024), Sapienza University of Rome
2023: Adjunct Professor for Sistemi di Calcolo (3CFU module) course (Spring 2023), Sapienza University of Rome
2022: Teaching Assistant for Sistemi di Calcolo course (Spring 2022), Sapienza University of Rome

Publications

Where Did My Variable Go? Poking Holes in Incomplete Debug Information

C. Assaiante, D. C. D'Elia, G. A. Di Luna, L. Querzoni, 2023

In Proceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS '23)

CORE23 rank: A*

abstract doi extended talk cite

Evading Userland API Hooking, Again: Novel Attacks and a Principled Defense Method

C. Assaiante, S. Nicchi, D. C. D'Elia, L. Querzoni, 2024

To appear in Proceedings of the 21st Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA '24)

CORE23 rank: C

abstract preprint doi cite

Projects

Incomplete Debug Information

A framework for testing compiler toolchains for completeness bugs in debug information.

code

Toxotidae

A dynamic binary instrumentation prototype API monitor for malware analysis based on deeper hooking.