Welcome to the SoftwarE AnalysiS and OptimizatioN (aka SEASON) Laboratory at Sapienza University of Rome.
Team
Former members:
- Irene Finocchi (Full Professor at LUISS Guido Carli University), Daniele Cono D'Elia (PostDoc at Sapienza University of Rome), Pietro Borrello (PhD student at Sapienza University of Rome), Simone Nicchi.
- Bruno Aleandri (M.Sc.), Valerio Bellizia (M.Sc.), Raffaele Di Fazio (M.Sc.), Luca Di Maio (M.Sc.), Marco Finocchi (M.Sc.), Emanuele Fusco (post-doc), Alessandro Macchioni (M.Sc.), Romolo Marotta (B.Sc.), Fabio Rosato (M.Sc.), Andrea Fioraldi (B.Sc.), Andrea Prosseda (M.Sc.), Federico Palmaro (M.Sc.).
Projects
Fuzzy-SAT - Approximate solving
Fuzzy-SAT is an approximate solver that can efficiently solve queries generated by concolic execution using techniques borrowed from the fuzzing domain.Related papers: [BCD-ICSE21], [FUZZOLIC-COSE21]
Fuzzolic - Fuzzing + Concolic
Fuzzolic is a new concolic executor based on QEMU. It can be paired with a coverage-guided fuzzer, such as AFL++, to find bugs in real-world programs.Related papers: [BCD-ICSE21], [FUZZOLIC-COSE21]
SymNav - Visually assisting symbolic execution
A prototype tool that visualizes the state of a symbolic execution analysis by plotting relevant data on a sunburst (that represent the symbolic execution tree), and on the control flow graph of the program. Furthermore, the tool allows the user to interact and refine the analysis, allowing him to interactively prune the symbolic execution treeRelated papers: [AGB-VIZSEC19]
RopMate - Visually assisting ROP chain construction
ROPMate is the first Visual Analytics system specifically designed to assist human in composing ROP chains with the desired semantics. ROPMate presents users with a clear interface of well-defined and semantically meaningful gadgets. The system supports incrementally building exploits by suggesting gadget candidates filtered according to constraints on preserved registers and accessed memory.Related papers: [ABBCDFLS-VEZSEC18]
aprof - Input-sensitive profiling
aprof is a Valgrind tool for performance profiling designed to help developers discover hidden asymptotic inefficiencies in the code. From one or more runs of a program, aprof measures how the performance of individual routines scales as a function of the input size, yielding clues to its growth rate.Related papers: [CDF-PLDI12] [CDFM-CGO14] [CDF-TSE14] [C-VAL14]
NearestFit - predicting MapReduce performance
The NearestFit progress indicator targets accuracy of progress predictions for MapReduce jobs in the presence of data skewness and super-linear computations. This is achieved combining performance profiling, machine learning techniques, and data streaming algorithms.Related papers: [CF-SOCC15]
Research interests
- Vunerability Detection
- Reverse Engineering
- Malware Analysis
- Performance Profiling
- Adaptive Optimization
- Big Data Performance Prediction
Publications
Our latest publications:
-
[{{ p.id }}]
{{ a.given }} {{ a.family }}, and.
{{ p.title }}.
{{ p['container-title'] }} ({{ p['collection-title'].replace('\'', '20') }}),
{{ p.issued['date-parts'][0][0] }}.
[DOI]
[DOI]
[PDF]
[SLIDES]
[PROJECT SITE]
[BIBTEX]
Grants
National and international collaborations
- Northeastern University, USA
- Purdue University, USA
- Royal Holloway, University of London, UK
- TU Darmstadt, DE
- University of Mannheim, DE
- University of Kent, UK
- University of Padova, IT
- University of Perugia, IT
- University of Pisa, IT
- University of Rome Roma Tre, IT
- University of Rome Tor Vergata, IT