marco

publications

Menu:

• home
• publications
• teaching
• service
• projects
• blog

• Revolver: An Automated Approach to the Detection of Evasive Web-based Malware » Alexandros Kapravelos, Yan Shoshitaishvili, Marco Cova, Christopher Kruegel, Giovanni Vigna Proceedings of the USENIX Security Symposium Washington, DC, USA, August 2013
• Proceedings of the 15th International Symposium on Research in Attacks, Intrusions and Defenses (RAID) » Davide Balzarotti, Salvatore Stolfo, Marco Cova Proceedings of the 15th International Symposium on Research in Attacks, Intrusions and Defenses (RAID) Amsterdam, The Netherlands, September 2012
• The Unbearable Lightness of Monitoring: Indirect and Direct Peer Monitoring in BitTorrent » Tom Chothia, Marco Cova, Chris Novakovic, Camilo Toro Proceedings of the Conference on Security and Privacy in Communication Networks (SECURECOMM) Padova, Italy, September 2012
• EVILSEED: A Guided Approach to Finding Malicious Web Pages » Luca Invernizzi, Stefano Benvenuti, Paolo Milani, Marco Cova, Christopher Kruegel, Giovanni Vigna Proceedings of the IEEE Symposium on Security and Privacy San Francisco, California, May 2012
• Escape from Monkey Island: Evading High-Interaction Honeyclients » Alex Kapravelos, Marco Cova, Christopher Kruegel, Giovanni Vigna Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA) Amsterdam, The Netherlands, July 2011
• HARMUR: Storing and Analyzing Historic Data on Malicious Domains » Corrado Leita, Marco Cova Proceedings of the Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS) Salzburg, Austria, April 2011
• Peering Through the iFrame » Brett Stone-Gross, Marco Cova, Christopher Kruegel, Giovanni Vigna Proceedings of the IEEE International Conference on Computer Communications (INFOCOM) Mini-Conference Shanghai, China, April 2011
• Prophiler: a Fast Filter for the Large-Scale Detection of Malicious Web Pages » Davide Canali, Marco Cova, Christopher Kruegel, Giovanni Vigna Proceedings of the International World Wide Web Conference (WWW) Hyderabad, India, March 2011
• Analysis of a Botnet Takeover » Brett Stone-Gross, Marco Cova, Bob Gilbert, Richard Kemmerer, Christopher Kruegel, Giovanni Vigna IEEE Security and Privacy Magazine, 9(1) January 2011
• An Analysis of Rogue AV Campaigns » Marco Cova, Corrado Leita, Olivier Thonnard, Angelos Keromytis, Marc Dacier Proceedings of the Symposium on Recent Advances in Intrusion Detection (RAID) Ottawa, Canada, September 2010
• Taming the Malicious Web: Avoiding and Detecting Web-based Attacks » Marco Cova Ph.D. dissertation, University of California, Santa Barbara July 2010
• Organizing Large Scale Hacking Competitions » Nick Childers, Bryce Boe, Ludovico Cavedon, Lorenzo Cavallaro, Marco Cova, Manuel Egele, Giovanni Vigna Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA) Bonn, Germany, July 2010
• Why Johnny Can't Pentest: An Analysis of Black-box Web Vulnerability Scanners » Adam Doupè, Marco Cova, Giovanni Vigna Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA) Bonn, Germany, July 2010
• Detection and Analysis of Drive-by-Download Attacks and Malicious JavaScript Code » Marco Cova, Christopher Kruegel, Giovanni Vigna Proceedings of the International World Wide Web Conference (WWW) Raleigh, NC, USA, April 2010
• Efficient Detection of Split Personalities in Malware » Davide Balzarotti, Marco Cova, Christoph Karlberger, Engin Kirda, Christopher Kruegel, Giovanni Vigna Proceedings of the Symposium on Network and Distributed System Security (NDSS) San Diego, CA, USA, February 2010
• An Experience in Testing the Security of Real-World Electronic Voting Systems » Davide Balzarotti, Greg Banks, Marco Cova, Viktoria Felmetsger, Richard Kemmerer, William Robertson, Fredrik Valeur, Giovanni Vigna IEEE Transactions on Software Engineering, 36(4) 2010 Spotlight paper for the July/August 2010 issue
• Analyzing and Detecting Malicious Flash Advertisements » Sean Ford, Marco Cova, Christopher Kruegel, Giovanni Vigna Proceedings of the Annual Computer Security Applications Conference (ACSAC) Honolulu, HI, USA, December 2009
• Your Botnet is My Botnet: Analysis of a Botnet Takeover » Brett Stone-Gross, Marco Cova, Lorenzo Cavallaro, Bob Gilbert, Martin Szydlowski, Richard Kemmerer, Christopher Kruegel, Giovanni Vigna Proceedings of the ACM Conference on Computer and Communications Security (CCS) Chicago, IL, USA, November 2009
• Symbolic String Verification: An Automata-based Approach » Fang Yu, Tevfik Bultan, Marco Cova, Oscar Ibarra Proceedings of the International SPIN Workshop on Model Checking of Software Los Angeles, CA, USA, August 2008
• There Is No Free Phish: An Analysis of “Free” and Live Phishing Kits » Marco Cova, Christopher Kruegel, Giovanni Vigna Proceedings of the USENIX Workshop on Offensive Technologies (WOOT) San Jose, CA, USA, July 2008
• Are Your Votes Really Counted? Testing the Security of Real-world Electronic Voting Systems » Davide Balzarotti, Greg Banks, Marco Cova, Viktoria Felmetsger, Richard Kemmerer, William Robertson, Fredrik Valeur, Giovanni Vigna Proceedings of the International Symposium on Software Testing and Analysis (ISSTA) Seattle, WA, USA, July 2008 One of six best papers of ISSTA 2008, nominated for submission to special TSE issue
• ClearShot: Eavesdropping on Keyboard Input from Video » Davide Balzarotti, Marco Cova, Giovanni Vigna Proceedings of the IEEE Symposium on Security and Privacy Oakland, CA, USA, May 2008
• Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications » Davide Balzarotti, Marco Cova, Viktoria Felmetsger, N. Jovanovic, Engin Kirda, Christopher Kruegel, Giovanni Vigna Proceedings of the IEEE Symposium on Security and Privacy Oakland, CA, USA, May 2008
• Multi-Module Vulnerability Analysis of Web-based Applications » Davide Balzarotti, Marco Cova, Viktoria Felmetsger, Giovanni Vigna Proceedings of the ACM Conference on Computer and Communications Security (CCS) Alexandria, VA, USA, October 2007
• Vulnerability Analysis of Web-Based Applications » Marco Cova, Viktoria Felmetsger, Giovanni Vigna Test and Analysis of Web Services September 2007
• Swaddler: An Approach for the Anomaly-based Detection of State Violations in Web Applications » Marco Cova, Davide Balzarotti, Viktoria Felmetsger, Giovanni Vigna Proceedings of the Symposium on Recent Advances in Intrusion Detection (RAID) Gold Coast, Queensland, Australia, September 2007
• Static Detection of Vulnerabilities in x86 Executables » Marco Cova, Viktoria Felmetsger, Greg Banks, Giovanni Vigna Proceedings of the Annual Computer Security Applications Conference (ACSAC) Miami, FL, USA, December 2006
• SNOOZE: toward a Stateful NetwOrk prOtocol fuzZEr » Greg Banks, Marco Cova, Viktoria Felmetsger, Kevin Almeroth, Richard Kemmerer, Giovanni Vigna Proceedings of the Information Security Conference (ISC) Samos, Greece, August 2006
• LinSTAT: An Intrusion Detection System for Linux » Marco Cova Master dissertation, Università di Bologna December 2003

Before defecting to the field of security, I delved in the problem of emergent semantics at ITC-irst. Some of my work appears in the articles listed below.

• Language Games: Solving the Vocabulary Problem in Multi-Case-Base Reasoning Paolo Avesani, Conor Hayes, Marco Cova Proceedings of the 6th International Conference on Case-Based Reasoning (ICCBR), pp. 35–49, August 23–26, 2005, Chicago, USA [abstract] [PDF] [BibTeX]
• Language Games: Learning Shared Concepts among Distributed Information Agents Conor Hayes, Paolo Avesani, Marco Cova Proceedings of the 1st IJCAI workshop on Multi-Agent Information Retrieval and Recommender Systems, pp. 11–17, July 31, 2005, Edinburgh, Scotland [abstract] [PDF]
• Learning Contextualized Weblog Topics Paolo Avesani, Marco Cova, Conor Hayes, Paolo Massa Proceedings of the 2nd WWW workshop on the Weblogging Ecosystem: Aggregation, Analysis and Dynamics, May 10, 2005, Chiba, Japan [abstract] [PDF]
• Shared Lexicon for Distributed Annotations on the Web Paolo Avesani, Marco Cova Proceedings of the 14th International World Wide Web Conference (WWW), pp. 207–214, May 10–14, 2005, Chiba, Japan [abstract] [PDF] [BibTeX]
• A Service Oriented Architecture for Advertising Games (short paper) Paolo Avesani, Marco Cova, Roberto Tiella, Arun Sharma Proceedings of the 2nd International Conference on Service Oriented Computing (ICSOC), November 15–18, 2004, New York City, NY, USA [abstract] [PDF] [slides] [BibTeX]