Cristian Assaiante

Ph.D. Student in Engineering in Computer Science

Biography

I am a Ph.D. Student with the Department of Computer, Control and Management Engineering (DIAG) "Antonio Ruberti" at Sapienza University of Rome. I am currently working with the research group of my advisor Prof. Leonardo Querzoni and my co-advisor Dr. Daniele Cono D'Elia.

My research interests spans over several aspects of compilers, and software and system security, the main focus at the moment is software testing. I currently work on source-level debugging of optimized code, finding bugs in compiler toolchains related to inaccurate debug information generation and testing the effects of optimizations of software debuggability. I am passionate about compilers optimizations, program analysis techniques (sometimes applied to malware analysis), operating systems and micro-architectural attacks.

I obtained my M.Sc. degree (summa cum laude) with a thesis about the completeness of debug symbols in optimizing compilers, and my B.Sc. degree (summa cum laude) with a thesis about a micro-architectural approach to malware evasion techniques (Winner of the CLUSIT prize for the most innovative cybersecurity thesis, 2019).

Since 2020, I am one of the organizers and training coordinators for the CyberChallenge.IT introductory program in cybersecurity, at Sapienza University of Rome. During the course I give lectures, both practical and theoretical, about various cybersecurity topics (cryptography, reverse engineering, binary exploitation and micro-architectural attacks). In 2023, the Sapienza team reached the 1^st place at the national finals, in Turin, Italy.

I am a CTF player (mainly involed in reverse engineering) with the Sapienza team (TRX) and mhackeroni (4 times DEFCON finalist, winner of Hack-A-Sat4).

An updated and complete version of my CV can be found here.

Service

2023: Reviewer for Computer and Security (COSE) - [Scimago rank: Q1]; Reviewer for SoftwareX (SoftX) - [Scimago rank: Q2]
2022: Shadow Program Committee member for EuroSys'23 - 18^th European Conference on Computer Systems [CORE21 rank: A]; Artifact Evaluation Committee member for EuroSys'23 - 18^th European Conference on Computer Systems [CORE21 rank: A]

Teaching

2024: Adjunct Professor for Sistemi di Calcolo (3CFU module) course (Spring 2024), Sapienza University of Rome
2023: Adjunct Professor for Sistemi di Calcolo (3CFU module) course (Spring 2023), Sapienza University of Rome
2022: Teaching Assistant for Sistemi di Calcolo course (Spring 2022), Sapienza University of Rome

Publications

Where Did My Variable Go? Poking Holes in Incomplete Debug Information

C. Assaiante, D. C. D'Elia, G. A. Di Luna, L. Querzoni, 2023

In Proceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS '23)

CORE23 rank: A*

abstract doi extended talk cite

Evading Userland API Hooking, Again: Novel Attacks and a Principled Defense Method

C. Assaiante, S. Nicchi, D. C. D'Elia, L. Querzoni, 2024

To appear in Proceedings of the 21st Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA '24)

CORE23 rank: C

abstract

Projects

Incomplete Debug Information

A framework for testing compiler toolchains for completeness bugs in debug information.

code

Toxotidae

A dynamic binary instrumentation prototype API monitor for malware analysis based on deeper hooking.