Luca's pic is missing.

Short Bio

  • Born in Finale Ligure, Liguria, the 17th of March 1987.
  • March 2009: B.Sc. in Computer Engineering at University of Genova.
  • March 2011: M.Sc. cum laude in System, Platform and Networks Engineering at University of Genova.
  • Apr. 2016: Ph.D. in Electronic and Computer Engineering, Robotics and Telecommunications at University of Genova on Mobile Security.
  • From Mar. 2012 to Dec. 2012: Research Fellow at AI-Lab, DIBRIS, University of Genova.
  • From Feb. 2016 to Jan. 2017: PostDoc in Computer Security at CSecLab, DIBRIS, University of Genova.
  • From Jul. 2018 to Nov. 2018: Postdoctoral Researcher at CINI, Rome.

Current positions

  • Postdoctoral Research Fellow at CSecLab, DIBRIS, University of Genova (since Dec. 2018).
  • Founder and C.E.O. at Talos s.r.l.s (since Jan. 2016).

Publications

International Journals

  • D. Caputo, L. Verderame, A. Ranieri, A. Merlo and L. Caviglione “Fine-hearing Google Home: why silence will not protect your privacy in Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA) (2020) DOI: 10.22667/JOWUA.2020.03.31.035.
  • Guerar M., Verderame L., Merlo A., Palmieri F., Migliardi M., and Vallerini L., “CirclePIN: A Novel Authentication Mechanism for Smartwatches to Prevent Unauthorized Access to IoT Devices” ACM Transaction on Cyberphysical Systems (2020) DOI: 10.1145/3365995.
  • Guerar, M., Merlo, A., Migliardi, M., Palmieri, F., Verderame, L., “A Fraud-Resilient Blockchain-Based Solution for Invoice Financing” IEEE Transactions on Engineering Management (2020) DOI: 10.1109/TEM.2020.2971865.
  • Aonzo, S., Georgiu, G.C., Verderame, L., Merlo, A. “Obfuscapk: An open-source black-box obfuscation tool for Android apps” SoftwareX (2020) DOI: 10.1016/j.softx.2020.100403.
  • Guerar, M., Migliardi, M., Palmieri, F., Verderame, L., Merlo, A. “Securing PIN-based authentication in smartwatches with just two gestures” Concurrency Computation (2019) DOI: 10.1002/cpe.5549
  • Verderame, L., Merelli, I., Morganti, L., Corni, E., Cesini, D., D’Agostino, D., Merlo, A., “A secure cloud-edges computing architecture for metagenomics analysis” Future Generation Computer Systems (2019) DOI: 10.1016/j.future.2019.09.013.
  • G. Costa, A. Merlo, L. Verderame, A. Armando. “Automatic Security Verification of Mobile App Configurations”, Future Generation Computer Systems, Elsevier. DOI: 10.1016/j.future.2016.06.014.
  • A. Merlo, G. Costa, L. Verderame, A. Armando. “Android vs. SEAndroid: an Empirical Assessment”, Pervasive & Mobile Computing, Vol. 30, pp. 113-131, Elsevier. DOI: 10.1016/j.pmcj.2016.01.006.
  • A. Armando, G. Costa, A. Merlo, L. Verderame. “Modeling and Enforcing Bring Your Own Device Policies”, International Journal of Information Security, (2015) 14(2):123-140, Springer, DOI: 10.1007/s10207-014-0252-y.
  • Armando, A., Costa, G., Merlo, A., Verderame, L., “Formal modeling and automatic enforcement of Bring Your Own Device policies” International Journal of Information Security (2015) DOI: 10.1007/s10207-014-0252-y.
  • A. Armando, A. Merlo, L. Verderame. “Security considerations related to the use of mobile devices in the operation of critical infrastructures”, International Journal of Critical Infrastructure Protection, (2015) 7(4):247-256, Elsevier, DOI: 10.1016/j.ijcip.2014.10.002.
  • A. Armando, G. Costa, A. Merlo, L. Verderame. “Securing the Bring Your Own Device Paradigm”, IEEE Computer, (2014) 47(6):26-34. DOI: 10.1109/MC.2014.164.
  • A. Armando, A. Merlo, M. Migliardi, L. Verderame. “Breaking and Fixing the Android Launching Flow”, Computer & Security, (2013) 39A:104-115, Elsevier, DOI: 10.1016/j.cose.2013.03.009.
  • A. Armando, G. Costa, A. Merlo, L. Verderame. “Securing the Bring Your Own Device Policy”, Journal of Internet Services and Information Security (2012), 2(3):3-16. Best Paper Award at MIST 2012.

Book Chapters

  • Costa, G., Armando, A., Verderame, L., Biondo, D., Bocci, G., Mammoliti, R., Toma, A., “Effective Security Assessment of Mobile Apps with MAVeriC: Design, Implementation, and Integration of a Unified Analysis Environment for Mobile Apps. Design, Implementation, and Integration of a Unified Analysis Environment for Mobile Apps.” (2017) Adaptive Mobile Computing: Advances in Processing Mobile Data Sets DOI: 10.1016/B978-0-12-804603-6.00011-5.

International Conference Proceedings

  • L. Verderame, D. Caputo, M. Migliardi and A. Merlo. “AppIoTTE: An Architecture for the Security Assessment of Mobile-IoT Ecosystems” in Web, Artificial Intelligence and Network Applications
  • N. Dejon, D. Caputo, L. Verderame, A. Armando and A. Merlo. “Automated Security Analysis of IoT Software Updates” in 13th WISTP International Conference on Information Security Theory and Practice (WISTP’ 2019).
  • M. Guerar, L. Verderame, M. Migliardi, A. Merlo. “2GesturePIN: Securing PIN-based Authenticationon Smartwatches”, in Proc. of the 28th IEEE International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 2019), Capri, Italy.
  • E. Russo, L. Verderame, A. Merlo. “Towards Policy-driven Monitoring of Fog Applications”, in Proc. of the 28th IEEE International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 2019), Capri, Italy.
  • D. Caputo, L. Verderame, S. Aonzo, A. Merlo. “Droids in Disarray: Detecting Frame Confusion in Hybrid Android Apps” in Proc. of the 33rd Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec 2019), Charleston, South Carolina, USA.
  • M. Guerar, L. Verderame, A. Merlo, M. Migliardi. “Blockchain-based risk mitigation for invoice financing”. Proc. of the 23rd International Database Engineering & Applications Symposium (IDEAS 2019), Athens, Greece.
  • A. Merlo, L. Lorrai, L. Verderame. Efficient Trusted Host-based Card Emulation on TEE-enabled Android Devices, in Proc. of the 11th International Conference on High Performance Computing Systems (HPCS 2016), pp. 454-459, Innsbruck, Austria. DOI: 10.1109/HPCSim.2016.7568370.
  • A. Armando, G. Costa, A. Merlo, L. Verderame, K. Wrona. “Developing the NATO BYOD Security Policy”, in Proc. of the 15th International Conference on Military Communications and Information Systems (ICMCIS 2016), pp. 1-6, Brussels, Belgium. DOI: 10.1109/ICMCIS.2016.7496587.
  • A. Armando, A. Merlo, L. Verderame. “Trusted Host-Based Card Emulation”, in Proc. of the 10th International Conference on High Performance Computing Systems (HPCS 2015), IEEE. DOI: 10.1109/HPCSim.2015.7237043.
  • A. Armando, G. Costa, A. Merlo, L. Verderame. “Enabling BYOD through Secure Meta-Market”, in Proc. of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 2014), pp. 219-230, ACM NY, DOI: 10.1145/2627393.2627410.
  • A. Armando, G. Costa, A. Merlo, L. Verderame. “Bring Your Own Device, Securely”, in Proc. of the 28th ACM Symposium on Applied Computing (SAC 2013), Vol. 2, pp. 1852-1858, ACM, DOI: 10.1145/2480362.2480707.
  • A. Armando, A. Merlo, L. Verderame. “An Empirical Evaluation of the Android Security Framework”, in Proc. of the 28th International Conference on ICT Systems Security and Privacy Protection (IFIP-SEC 2013), LNCS, Vol. 405, pp. 176-189, Springer, DOI: 10.1007/978-3-642-39218-4_14.
  • A. Armando, A. Castiglione, G. Costa, U. Fiore, A. Merlo, L. Verderame, I. You. “Trustworthy Opportunistic Access to the Internet of Services”, in Proc. of the 1st Information and Communication Technology Eurasia Conference (EurAsia 2013), LNCS, Vol. 7804, 2013, pp. 469-478, Springer, DOI: 10.1007/978-3-642-36818-9_52.
  • A. Armando, A. Merlo, A. Migliardi, L. Verderame. “Would you mind forking this process? A Denial-of-Service attack on Android (and some countermeasures)”, in Proc. of the 27th International Conference on ICT Systems Security and Privacy Protection (IFIP-SEC 2012), LNCS IFIP AICT n.376, pp. 13-24, Springer, DOI: 10.1007/978-3-642-30436-1_2. Best Paper Award.

Contacts