Marco Ramilli, PhD
Bologna, Emilia Romagna, Italia
17.761 follower
Oltre 500 collegamenti
Informazioni
With over 15 years of experience in the cybersecurity field, Marco Ramilli is a passionate leader, entrepreneur, and expert who founded and leads Yoroi, an innovative Managed Cyber Security Service Provider. Yoroi focuses on defending its customers with no compromise, using a unique platform called CyberSecurity Defence Center that empowers analysis and response.
Marco Ramilli holds a PhD in Information Communication Technology and has worked for the US Government, the IEEE, and various academic institutions as a researcher, speaker, and teacher. He has published multiple papers and books on malware detection, penetration testing, and digital security. He is also a white-hat hacker, a TEDx speaker, and a Paul Harris Fellow. He strongly believes in the human role in the digital age and his mission is to protect private and public organizations from cyber threats. His credo is: "Defence Belongs To Humans".
Articoli di Marco
Contributi
Attività
-
Le cucine popolari di Cesena: un posto dove accoglienza e vicinanza sono di casa. 📌 Ieri ho cenato alle cucine popolari di Cesena, un luogo di…
Le cucine popolari di Cesena: un posto dove accoglienza e vicinanza sono di casa. 📌 Ieri ho cenato alle cucine popolari di Cesena, un luogo di…
Consigliato da Marco Ramilli, PhD
-
Mark your calendars for next Tuesday! Our Chairman, Mr. Bob Diamond, and our new executive team members will be unveiling some exciting news. You…
Mark your calendars for next Tuesday! Our Chairman, Mr. Bob Diamond, and our new executive team members will be unveiling some exciting news. You…
Consigliato da Marco Ramilli, PhD
-
Eccoci arrivati al nostro interessante e attualissimo convegno!
Eccoci arrivati al nostro interessante e attualissimo convegno!
Consigliato da Marco Ramilli, PhD
Esperienza
Formazione
Pubblicazioni
-
Man-in-the-Middle Attack to the HTTPS Protocol
CyberSecurity
The man-in-the-middle (MITM) attack exploits the fact that the HTTPS server sends a certificate with its public key to the Web browser. If this certificate isn't trustworthy, the entire communication path is vulnerable. Such an attack replaces the original certificate authenticating the HTTPS server with a modified certificate. The attack is successful if the user neglects to double-check the certificate when the browser sends a warning notification. This occurs all too often-especially among…
The man-in-the-middle (MITM) attack exploits the fact that the HTTPS server sends a certificate with its public key to the Web browser. If this certificate isn't trustworthy, the entire communication path is vulnerable. Such an attack replaces the original certificate authenticating the HTTPS server with a modified certificate. The attack is successful if the user neglects to double-check the certificate when the browser sends a warning notification. This occurs all too often-especially among users who frequently encounter self-signed certificates when accessing intranet sites.
-
Multi-stage delivery of Malware
IEEE
Abstract: Malware signature detectors use patterns of bytes, or variations of patterns of bytes, to detect malware attempting to enter a systems. This approach assumes the signatures are both or sufficient length to identify the malware, and to distinguish it from non-malware objects entering the system. We describe a technique that can increase the difficulty of both to an arbitrary degree. This technique can exploit an optimization that many anti-virus systems use to make inserting the…
Abstract: Malware signature detectors use patterns of bytes, or variations of patterns of bytes, to detect malware attempting to enter a systems. This approach assumes the signatures are both or sufficient length to identify the malware, and to distinguish it from non-malware objects entering the system. We describe a technique that can increase the difficulty of both to an arbitrary degree. This technique can exploit an optimization that many anti-virus systems use to make inserting the malware simple; fortunately, this particular exploit is ...
-
Multiprocess Malware
IEEE
Abstract: Malware behavior detectors observe the behavior of suspected malware by emulating its execution or executing it in a sandbox or other restrictive, instrumented environment. This assumes that the process, or process family, being monitored will exhibit the targeted behavior if it contains malware. We describe a technique for evading such detection by distributing the malware over multiple processes. We then present a method for countering this technique, and present results of tests…
Abstract: Malware behavior detectors observe the behavior of suspected malware by emulating its execution or executing it in a sandbox or other restrictive, instrumented environment. This assumes that the process, or process family, being monitored will exhibit the targeted behavior if it contains malware. We describe a technique for evading such detection by distributing the malware over multiple processes. We then present a method for countering this technique, and present results of tests that validate our claims.
-
Return Oriented Programming
Computer by IEEE
Abstract: Attackers able to compromise the memory of a target machine can change its behavior and usually gain complete control over it. Despite the ingenious prevention and protection mechanisms that have been implemented in modern operating systems, memory corruption attacks still account for a big share of the security breaches afflicting software systems. This article describes a growing attack trend that uses return-oriented programming (ROP) techniques to bypass the most common memory…
Abstract: Attackers able to compromise the memory of a target machine can change its behavior and usually gain complete control over it. Despite the ingenious prevention and protection mechanisms that have been implemented in modern operating systems, memory corruption attacks still account for a big share of the security breaches afflicting software systems. This article describes a growing attack trend that uses return-oriented programming (ROP) techniques to bypass the most common memory protection systems.
-
Splitting the HTTPS Stream to Attack Secure Web Connections
IEEE
Abstract: Secure transactions over the World Wide Web are required for implementing services of economic value or dealing with sensitive data. The HTTPS protocol lets a browser verify a Web server's authenticity and establish an encrypted channel for protecting exchanged data.
Progetti
-
Touch My Table
- Presente
MyTable is an interactive table with touchscreen technology for order and play in bars, restaurants, clubs and discos
Altri creatoriVedi progetto -
RoboAdmin
-
The goal of this research is to devise an unconventional model of communication between the system administrator and the remote administration interface. In the proposed solution, previously outlined in, the intrinsic vulnerability of the traditional scheme is addressed by reversing the client-server relation; an administration engine replaces the classical service, originating connections to an intermediate system rather then listening for connections. The immediate advantage arising from this…
The goal of this research is to devise an unconventional model of communication between the system administrator and the remote administration interface. In the proposed solution, previously outlined in, the intrinsic vulnerability of the traditional scheme is addressed by reversing the client-server relation; an administration engine replaces the classical service, originating connections to an intermediate system rather then listening for connections. The immediate advantage arising from this design choice is that there is nothing to attack on the remote host. On the other hand, the introduction of an additional system in the security chain must be carefully evaluated, to avoid introducing unexpected attack paths, and eventually making the system less robust than it originally was. We claim that, if properly modeled and implemented, a platform based on the meeting of the server and its administrator on an intermediate system is expedient in terms of security, availability, usability and opportunity for future extension. In the following section, we outline the design guidelines for the proposed system and describe the resulting architecture. Then, we proceed to discuss the deriving security issues. Finally, we draw conclusions based both on the present theoretical analysis and on preliminary experimental results.
Altri creatoriVedi progetto -
Mouse Glove
-
MouseGlove is an open source project for a new generation of mouse. The goal of this project is to provide an open source hardware and software stimulating new developers to improve the usability of computers through new interfaces. MouseGlove is a new kind of interface born for helping people affected by disabilities who cannot use common interfaces such as mouse and keyboard. MouseGlobe offers a natural way to move the screen pointer, click and drag objects. Each action is natural as using…
MouseGlove is an open source project for a new generation of mouse. The goal of this project is to provide an open source hardware and software stimulating new developers to improve the usability of computers through new interfaces. MouseGlove is a new kind of interface born for helping people affected by disabilities who cannot use common interfaces such as mouse and keyboard. MouseGlobe offers a natural way to move the screen pointer, click and drag objects. Each action is natural as using your hands to keep, move and touch real objects on a desktop. I encourage every developer to grab my source code and electronics and build an improved version of MouseGlove, keeping alive the next generation of computer mouse interfaces.
-
Malware Control Center
-
Gathering open data from malware analysis websites is the main target of Malware Control Monitor project. Visualize such a data by synthesize statistics highlighting where threats happen and what their impact is, could be useful to identify malware propagations
Riconoscimenti e premi
-
Excelsa Award Innovation
Confindustria Romagna
-
Excelsa Award
Confindustria Romagna
Giovani Leader "Under 40"
-
Paul Harris Fellow
Rotary
Individual Rotary clubs may from time to time award the honor to an individual who meets the high professional and personal standards exemplified by Paul Harris, the founder of Rotary International, without the honored individual having made any monetary contribution. The recognition is not limited to Rotarians.
A Paul Harris Fellow receives a special certificate and a gold pin. At the discretion of the Fellow's club, they may also receive a gold medallion on a blue-and-gold ribbon.
Lingue
-
Italian
-
-
English
-
Referenze ricevute
3 persone hanno scritto una referenza per Marco
Iscriviti ora per vedereAltre attività di Marco
-
“This merger is terrific news for both the users and the content creators on our app. Whether they are fans of BKFC, or they watch sports and…
“This merger is terrific news for both the users and the content creators on our app. Whether they are fans of BKFC, or they watch sports and…
Consigliato da Marco Ramilli, PhD
-
We were so honored to "walk" on the Green Carpet of Forbes. Our founder Marco Ramilli, PhD was kindly hosted by Enzo Argante to talk about the…
We were so honored to "walk" on the Green Carpet of Forbes. Our founder Marco Ramilli, PhD was kindly hosted by Enzo Argante to talk about the…
Consigliato da Marco Ramilli, PhD
-
📰 Martedì 15 ottobre è stato pubblicato un articolo su #Login del Corriere della Sera, nel quale si è parlato di #intelligenzaartificiale. Più…
📰 Martedì 15 ottobre è stato pubblicato un articolo su #Login del Corriere della Sera, nel quale si è parlato di #intelligenzaartificiale. Più…
Consigliato da Marco Ramilli, PhD
-
Massimo Chiriatti sarà speaker di ComoLake2024. Chief Technical & Innovation Officer di Lenovo, tecnologo e dirigente informatico, Chiriatti…
Massimo Chiriatti sarà speaker di ComoLake2024. Chief Technical & Innovation Officer di Lenovo, tecnologo e dirigente informatico, Chiriatti…
Consigliato da Marco Ramilli, PhD
-
Quando qualcuno fa qualcosa di innovativo, bisogna togliersi il cappello e fare i complimenti. Se poi il progetto è italiano, ancora meglio! L'amico…
Quando qualcuno fa qualcosa di innovativo, bisogna togliersi il cappello e fare i complimenti. Se poi il progetto è italiano, ancora meglio! L'amico…
Consigliato da Marco Ramilli, PhD