About me

I am Davide Quarta, a Postdoctoral Researcher working in the System Security group under the supervision of Davide Balzarotti. I received my PhD from Politecnico di Milano where I worked in the NECSTLab under the supervision of Stefano Zanero and Federico Maggi. During this journey, I co-advised more than 10 students on their master thesis, and projects. I received my Laurea Magistrale in Software and Digital Systems, and Laurea from Politecnico di Torino.

As a Marie-Skłodowska Curie alumni, I’ve been an exchange student at UC Santa Barbara’ SecLab, working under the supervision of Giovanni Vigna and Christopher Kruegel. At the end of my PhD I had a chance to work as an engineering intern in Qualcomm’ Product Security group under the supervision of Pouyan Sepehrdad. I served as a reviewer for several journals, and as part of the Security&Privacy ’18 student program committee, and WOOT ’19 Artifact Evaluation Committee.

I love teaching: I worked as TA in basic programming, and computer security courses. As a freelance consultant I teached malware analysis, and mobile and windows reverse engineering for the Consorzio Interuniversitario Nazionale per l’Informatica, and national, and international clients of Italian security firms Secure Network, and Shorr Kan. You can also check out my condensed CV.

Research interests

I love Reverse Engineering in all of its forms. I worked on mobile malware analysis as a Research Assistant in Politecnico di Milano, working on the Andrototal project. I also worked on windows malware analysis as a freelance consultant. I love thinkering with things, understand how they work, and I believe that science should be reproducible, and accessible. These ideas and topic resonated with Andrea Continella, and we started developing the CrAVe project in order to develop a deeper understanding of anti-malware solutions, and how they are impacted by evasive malware. My main topic as a PhD has been the security Smart manufacturing systems (Industrial Robots) and more in general on the inherent security challenges posed by IoT and embedded systems at large. My current research interest lies at the intersection of (automated) reverse engineering and vulnerability discovery, malware analysis in the context of Cyber-Physical systems, and (Industrial) IoT: a sweet spot where we’ll probably see more and more attacks being carried through embedded systems (e.g., Mirai, amplification attacks, etc.).