about
publications
news
blog
photography
contact
Conference Papers (9)
9.
SoK: Automating Kernel Vulnerability Discovery and Exploit Generation
In Proceedings of the 19th Usenix WOOT Conference on Offensive Technologies
Seattle, USA, 2025
Acceptance Rate 39.13%
A. Kurmus,
A. Mambretti
,
A. Sorniotti,
V. Lenders,
D. Pfammatter,
B. Tellenbach
8.
GhostRace: Exploiting and Mitigating Speculative Race Conditions
In Proceedings of the 33rd Usenix Security Symposium
Philadelphia, USA, 2024
Acceptance Rate 18.32%
H. Ragab,
A. Mambretti
,
A. Kurmus,
C. Giuffrida
7.
Bypassing memory safety mechanisms through speculative control flow hijacks
In Proceedings of the IEEE European Symposium on Security and Privacy (EuroS&P)
Vienna, Austria, 2021
Acceptance Rate 19.35%
A. Mambretti
,
A. Sandulescu,
A. Sorniotti,
W. Robertson,
E. Kirda,
A. Kurmus
6.
GhostBuster: understanding and overcoming the pitfalls of transient execution vulnerability checkers
In Proceedings of the IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)
Honolulu, Hawaii, 2021
Acceptance Rate 25.45%
A. Mambretti
,
P. Convertini,
A. Sorniotti,
A. Sandulescu,
E. Kirda,
A. Kurmus
5.
HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing
In Proceedings of the Network and Distributed System Security (NDSS) Symposium
San Diego, California, USA, 2020
Acceptance Rate 17.39%
W. Blair,
A. Mambretti
,
S. Arshad,
M. Weissbacher,
E. Kirda,
W. Robertson,
M. Egele
4.
Speculator: A Tool to Analyze Speculative Execution Attacks and Mitigations
In Proceedings of the 35th Annual Computer Security Applications Conference (ACSAC)
San Juan, Puerto Rico, 2019
Acceptance Rate 22.55%
A. Mambretti
,
M. Neugschwandtner,
A. Sorniotti,
E. Kirda,
W. Robertson,
A. Kurmus
3.
Educational Game Design: An Empirical Study of the Effects of Narrative
In Proceedings of the 13th International Conference on the Foundations of Digital Games (FDG)
Malmo, Sweden, 2018
Acceptance Rate N/A
C. Jemmali,
S. Bunian,
A. Mambretti
,
M. Seif El-Nasr
2.
Trellis: Privilege Separation for Multi-User Applications Made Easy
In Proceedings of the International Symposium on Research in Attacks, Intrusions, and Defenses (RAID)
Paris, France, 2016
Acceptance Rate 25%
A. Mambretti
,
K. Onarlioglu,
C. Mulliner,
W. Robertson,
E. Kirda,
F. Maggi,
S. Zanero
1.
LAVA: Large-scale Automated Vulnerability Addition
In Proceedings of the IEEE Symposium on Security and Privacy (Oakland)
San Jose, California, 2016
Acceptance Rate 13.31%
B. Dolan-Gavitt,
P. Hulin,
E. Kirda,
T. Leek,
A. Mambretti
,
W. Robertson,
F. Ulrich,
R. Whelan
Workshop Papers (1)
1. Two methods for exploiting speculative control flow hijacks
In Proceedings of the 13th USENIX Workshop on Offensive Technologies (WOOT)
Santa Clara, California, 2019
A. Mambretti
,
A. Sandulescu,
M. Neugschwandtner,
A. Sorniotti,
A. Kurmus
Technical reports (1)
1. Let's Not Speculate: Discovering and Analyzing Speculative Execution Attacks
In IBM Technical Report RZ3933
Zurich, Switzerland, 2018
A. Mambretti
,
M. Neugschwandtner,
A. Sorniotti,
E. Kirda,
W. Robertson,
A. Kurmus
Dissertations (2)
2. Execution security in the Spectre era
PhD Thesis, Northeastern University
Boston, MA, USA, 2022
A. Mambretti
1. PRIVMUL: PRIVilege separation for Multi-user Logic applications
Master Thesis, Politecnico di Milano
Milano, Italy, 2014
A. Mambretti