Pietro Borrello

Pietro Borrello

Ph.D. Student in Systems Security

Sapienza University of Rome

Biography

I am a PhD Student at the Sapienza University of Rome, working on Systems Security. My focus is applying Fuzzing and Program Analysis techniques to find and mitigate architectural and microarchitectural vulnerabilities.

I am also a passionate CTF player focusing on exploitation and reverse-engineering with TRX and mhackeroni teams.

Co-founder and current lead of the DEFCON Group in Rome.

Black Hat speaker and Pwnie Award winner:

  • Best Desktop Bug for “ÆPIC Leak: Architecturally Leaking Uninitialized Data from the Microarchitecture”
  • Most Innovative Research for “Custom Processing Unit: Tracing and Patching Intel Atom Microcode”
Interests
  • Systems Security
  • Microarchitectural Attacks & Defenses
  • Side-Channels
  • Program Analysis
  • Fuzzing
Education
  • PhD in Engineering in Computer Science (current), 2023

    Sapienza University of Rome

  • MSc in Engineering in Computer Science, 2019

    Sapienza University of Rome

  • BSc in Engineering in Computer Science, 2017

    Sapienza University of Rome

Projects

Custom Processing Unit

Custom Processing Unit

The first dynamic analysis framework for CPU microcode. Pwnie Award for Most Innovative Research

ÆPIC Leak

ÆPIC Leak

Architecturally Leaking Uninitialized Data from the Microarchitecture. Pwnie Award for Best Desktop Bug

Constantine

Constantine

A compiler-based system to automatically harden programs against microarchitectural side channels.

Intel Atom Microcode Decompiler

Intel Atom Microcode Decompiler

Ghidra Processor Module to disassemble and decompile x86 Intel Atom microcode.

raindrop

raindrop

A binary translator to transform program functions into obfuscated ROP chains.

Publications

(2022). ÆPIC Leak: Architecturally Leaking Uninitialized Data from the Microarchitecture. USENIX SECURITY.

Cite Code

(2021). Practical Timing Side-Channel Attacks on Memory Compression. arXiv.

PDF Cite DOI

(2021). Robust and Scalable Process Isolation against Spectre in the Cloud. arXiv.

PDF Cite Project DOI

(2019). The ROP needle: hiding trigger-based injection vectors via code reuse. ACM SAC.

PDF Cite DOI

(2018). Boosting Virtualization Obfuscation with Return Oriented Programming. Poster at ACM ACSAC.

(2018). Ropmate: Visually Assisting the Creation of ROP-Based Exploits. IEEE VizSec.

PDF Cite Code DOI