Biography

I am a Vulnerability Research Lead at Binarly, where I work at the intersection of static and dynamic analysis techniques to help secure the UEFI ecosystem.

Previously, I was a postdoctoral researcher working with Giovanni Vigna and Christopher Kruegel in the SecLab at UC Santa Barbara. During my time at the SecLab, I focused on several aspects of systems security: automated vulnerability discovery, human-assisted cyber reasoning systems, and malware analysis.

I earned a Ph.D at EURECOM, where I was advised by Davide Balzarotti. Among other things, we investigated how non-atomic acquisitions impact the consistency of memory dumps, how to discover and to assess the quality of memory forensics heuristics, and how to automatically generate profiles for memory forensics.

I love playing Capture the Flag (CTF) competitions with Shellphish. In the past I played with NOPS which, by the way, was once defined “probably a top team” by one of the greatest hackers of our time (if you think this is a mere PR stunt, contact me and you will receive proof that this actually happened - for real!).

When I am away from keyboard, I enjoy hiking, rock climbing, surfing, and playing chess.

NEWS

• Our research PKfail: Supply-Chain Failures in Secure Boot Key Management was accepted to LABScon 2024

• LogoFAIL won the LangSec Hardest to Fix Parser Bug of the Year

• Our research LogoFAIL: Security Implications of Image Parsing During System Boot was accepted to BlackHat Europe 2023

• I am now working at Binarly on firmware security (UEFI)

• Our paper Let Me Unwind That For You: Exceptions to Backward-Edge Protection was accepted to NDSS ‘23

• Our paper Toss a Fault to Your Witcher: Applying Grey-box Coverage-Guided Mutational Fuzzing to Detect SQL and Command Injection Vulnerabilities was accepted to IEEE Security and Privacy ‘23

Talks

2024	PKFAIL: Supply-Chain Failures in Secure Boot Key Management Fabio Pagani, Alex Matrosov, Yegor Vasilenko, Sam Thomas, Anton Ivanov LABScon 2024 [Slides] [Video] [BlogPost 1] [BlogPost 2] [Press: Ars Technica | Tom's Hardware | BleepingComputer | PC World]
2023	LogoFAIL: Security Implications of Image Parsing During System Boot Fabio Pagani, Alex Matrosov, Alex Ermolov, Yegor Vasilenko, Sam Thomas, Anton Ivanov BlackHat EU 2023 [Slides] [Video] [Press: The Verge | Ars Technica | Tom's Hardware | ZDNET]
	LogoFAIL: Security Implications of Image Parsing During System Boot Fabio Pagani, Alex Matrosov, Alex Ermolov, Yegor Vasilenko, Sam Thomas, Anton Ivanov Hackers 2 Hackers Conference (H2HC) - Virtual Presentation [Slides]
	Old But Gold: The Underestimated Potency of Decades-Old Attacks on BMC Security Anton Ivanov, Alex Matrosov, Alex Ermolov, Yegor Vasilenko, Sam Thomas, Fabio Pagani Hackers 2 Hackers Conference (H2HC)
2021	Symbexcel: Bringing the Power of Symbolic Execution to the Fight Against Malicious Excel 4 Macros Giovanni Vigna, Nicola Ruaro, Fabio Pagani, Stefano Ortolani BlackHat USA 2021 [Slides] [Video] [Press: PCMag | TheNewStack]
2019	Memory Smearing: Myth or Reality? Fabio Pagani SANS DFIR Europe Summit [Slides]
	Advances In Memory Forensics Fabio Pagani PhD Thesis [Paper] [Slides]

Publications

2023	Toss a Fault to Your Witcher: Applying Grey-box Coverage-Guided Mutational Fuzzing to Detect SQL and Command Injection Vulnerabilities Erik Trickel, Fabio Pagani, Chang Zhu, Lukas Dresel, Giovanni, Vigna, Christopher Kruegel, Ruoyu Wang, Tiffany Bao, Yan Shoshitaishvili, Adam Doupe Proceedings of the 2023 IEEE Symposium on Security and Privacy (SP) [Paper]
	Let Me Unwind That For You: Exceptions to Backward-Edge Protection Victor Duta, Fabian Freyer, Fabio Pagani, Marius Muench, Cristiano Giuffrida Symposium on Network and Distributed System Security (NDSS) [Paper] [Artifacts]
2022	Regulator: Dynamic Analysis to Detect ReDoS Robert McLaughlin, Fabio Pagani, Noah Spahn, Christopher Kruegel, Giovanni Vigna Proceedings of the 31st USENIX Security Symposium (USENIX Security 22) [Paper] [Slides] [Artifacts]
	Decomperson: How Humans Decompile and What We Can Learn From It Kevin Burk, Fabio Pagani, Noah Spahn, Christopher Kruegel, Giovanni Vigna Proceedings of the 31st USENIX Security Symposium (USENIX Security 22) [Paper] [Slides] [Code] [Artifacts]
	SYMBEXCEL: Automated Analysis and Understanding of Malicious Excel 4.0 Macros Nicola Ruaro, Fabio Pagani, Stefano Ortolani, Christopher Kruegel, Giovanni Vigna Proceedings of the 2022 IEEE Symposium on Security and Privacy (SP) [Paper] [Slides] [Code] [Teaser]
	HEAPSTER: Analyzing the Security of Dynamic Allocators for Monolithic Firmware Images Fabio Gritti, Fabio Pagani, Ilya Grishchenko, Lukas Dresel, Nilo Redini, Christopher Kruegel, Giovanni Vigna Proceedings of the 2022 IEEE Symposium on Security and Privacy (SP) [Paper] [Slides] [Code] [Teaser]
	AutoProfile: Towards Automated Profile Generation for Memory Analysis Fabio Pagani, Davide Balzarotti ACM Transactions on Privacy and Security (TOPS) [Paper] [Code]
2020	SYMBION: Interleaving Symbolic with Concrete Execution Fabio Gritti, Lorenzo Fontana, Eric Gustafson, Fabio Pagani, Andrea Continella, Christopher Kruegel, Giovanni Vigna Proceedings of the IEEE Conference on Communications and Network Security (CNS) [Paper] [Slides]
2019	Introducing the temporal dimension to memory forensics Fabio Pagani, Oleksii Fedorov, Davide Balzarotti ACM Transactions on Privacy and Security (TOPS) [Paper] [Code]
	Back to the whiteboard: a principled approach for the assessment and design of memory forensic techniques Fabio Pagani, Davide Balzarotti Proceedings of the 28th USENIX Security Symposium (USENIX Security) [Paper] [Slides] [Code]
2018	Beyond precision and recall: understanding uses (and misuses) of similarity hashes in binary analysis Fabio Pagani, Matteo Dell'Amico, Davide Balzarotti Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy (CODASPY) [Paper] [Slides] [Artifacts]
2016	Measuring the Role of Greylisting and Nolisting in Fighting Spam Fabio Pagani, Matteo De Astis, Mariano Graziano, Andrea Lanzi, Davide Balzarotti Proceedings of the IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) [Paper] [Slides]
	Taming transactions: Towards hardware-assisted control flow integrity using transactional memory Marius Muench, Fabio Pagani, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna, Davide Balzarotti Proceedings of the International Symposium on Research in Attacks, Intrusions, and Defenses (RAID) [Paper] [Slides] [Code]
2012	When hardware meets software: A bulletproof solution to forensic memory acquisition Alessandro Reina, Aristide Fattori, Fabio Pagani, Lorenzo Cavallaro, Danilo Bruschi Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC) [Paper] [Slides]

Service

PC member at USENIX Security 2024

PC member at IEEE S&P 2023

PC member at WOOT 2023

PC member at DIMVA 2023

PC member at DIMVA 2022

PC member at DFRWS USA 2022

PC member at WOOT 2022

PC member at BAR 2022

PC member at DIMVA 2021 - Distinguished Reviewer Award

Journal reviewer for Computers & Security (COSE)

Theme inspired by orderedlist