You can edit almost every page by Creating an account. Otherwise, see the FAQ.

Marco Ramilli

From EverybodyWiki Bios & Wiki

Marco Ramilli
File:Marcoramilli.pngMarcoramilli.png Marcoramilli.png
Ramilli in 2018
Native nameMarco Ramilli
Born (1983-01-13) 13 January 1983 (age 41)
Cesena, Italy
🏳️ CitizenshipItalian
🏫 EducationPhD Computer Engineer
🎓 Alma materUniversity of Bologna (Laurea in Engineering, 2006)
💼 Occupation
Known forCyber Security, Malware Analysis
🏅 AwardsFellowship Awards by University of Bologna, Best Thesis Award Bank of Cesena, Thesis Worthy of Mention italian association of engineers, one year fellowship university of Davis )

Marco Ramilli (born 13 January 1983), is an international cyber security expert,[1][2][3] entrepreneur,[4][5][6][7] writer and white-hat hacker. Ramilli received his PhD on Information Communication Technology from University of Bologna joining University of California at Davis. During his PhD program he worked for US Government (NIST) where he performed intensive researches on Malware evasion techniques and penetration testing methodologies in order to improve USA electronic voting systems. Ramilli has strong experiences on penetration testing, he has been charged of testing several software and hardware devices, one of the most notable is uVote, a voting system from the MIUR (Ministero Istruzione dell'Università e della Ricerca). In 2015 he decided to found Yoroi: an innovative Managed Cyber Security Service Provider developing one of the most amazing cyber security defence center he has ever experienced. Nowadays Ramilli leads some of the most talented ethical hackers with a unique mission: to defend private and public organisation on digital space. Ramilli strongly strongly believes in the role of humanity in the digital age. He often reminds to his credo: "Defence Belongs To Humans".

In 1859, Charles Darwin published “The Origin of Species by Means of Natural Selection”, suggesting that survival depends on the ability to change as environmental conditions change. Ramilli, according with Charles Darwin, he introduced the “ability to defend humanity in the cyber space” in his first TEDx Talk (Milan, Italy).[8] Nowadays is quite clear, humanity should defends itself from Physical Space as well as from Cyber Space. Ramilli decided to dedicate part of his life to the Cyber defense.

Education[edit]

Born in Cesena, Ramilli received a laurea degree in computer engineer, at the University of Bologna, Italy. Ramilli manifested, from an early age, a strong interest in technology and decided to attend a technical high school in Cesena: I.T.I.S (Istituto Tecnico Industriale Statale) Blaise Pascal where he started his first experimental hacks on assembly 8086 and writing networking drivers. At age of 19 after his graduation from I.T.I.S Ramilli started computer engineering from Alma Mater Studiorum University of Bologna where he implemented his first opensource projects to contribute to the opensource community. After his bachelor's degree he decided to follow on studies by taking a Master Degree on computer engineering from University of Bologna where he focused his thesis on Malware analysis. In 2008 once graduated from his Master program Ramilli decided to follow on studies by getting an additional step starting a PhD on Information Communication Technology working as guest researcher on University of California at Davis.

Ramilli spent last year of his PhD program working for NIST on the Computer Security Division where he contributed to OEVT (Open Ended Vulnerability Testing) chapter of the wider VVSG Document.[9]

Opensource projects during education[edit]

Ramilli developed the following opensource projects during his first university years as a contribution to the opensource community:

  • MalControl.[10] Gathering open data from malware analysis websites is the main target of Malware Control Monitor project. Visualise such a data by showing statistics highlighting where threats happen and what their impact is, could be useful to identify malware propagations.
  • MouseGlove.[11] A very early stage prototype realised to prove that Ramilli was able to build stuff and not only to break them.
  • RoboAdmin.[12] A simple Remote Terminal Administration used for administrate server with natural language.
  • IENA.[13] A simple but still effective Multiple and low interaction HonePot, build as main project during his bachelor's degree
  • SpamPIG.[14] One of the first known anti-spam engine built over "Prolog intelligence".
  • PEInfector[15]. An interesting tool to find PE empty spaces and to break it into multiple under-file in order to break common AV signature engines.

Marco contributed to the Artificial intelligence field by classifying and public releasing a dataset of classified Malware available for free here. He figured out a way to modify MIST[16] (A Malware Instruction Set for Behavior-Based Analysis) in order to make it more flexible in a production environment where training sets might get bigger and bigger over time. Marco introduced an hybrid process analysis over MIST and Behavioural analysis based on specific features.

Selected Publications[edit]

During his studies, Ramilli published Books and Scientific Papers as follows:

Books[edit]

  • Designing A New Electronic Voting System: Towards electronic voting systems[17]
  • A Design Methodology for Computer Security Testing[18]

Scientific Papers[edit]

Only selected publication have been linked here

  • Man-in-the-Middle Attack to the HTTPS Protocol[19]
  • Return-oriented programming[20]
  • Multi-stage delivery of malware[21]
  • Multiprocess malware[22]
  • Splitting the HTTPS stream to attack secure web connections[23]
  • Always the same, never the same[24]
  • Towards a practical and effective security testing methodology[25]
  • Raising risk awareness on the adoption of Web 2.0 technologies in decision making processes[26]
  • Decentralised detection of network attacks through P2P data clustering of SNMP data[27]
  • Frightened by links[28]
  • Network attack detection based on peer-to-peer clustering of SNMP data[29]
  • Peer-to-peer data mining classifiers for decentralised detection of network attacks[30]
  • An integrated application of security testing methodologies to e-voting systems[31]
  • Exploring information security issues in public sector inter-organizational collaboration[32]
  • Taking the Best of Both Worlds: a Comparison and Integration of the US and EU Approaches to E-voting Systems Evaluation[33]
  • Internet voting: fatally torn between conflicting goals?[34]
  • A model for e-voting systems evaluation based on international standards: definition and experimental validation[35]
  • Security considerations about the adoption of web 2.0 technologies in sensitive e-government processes[36]
  • Comment spam injection made easy[37]
  • Redesigning remote system administration paradigms for enhanced security and flexibility[38]

Working Experiences[edit]

Ramilli worked as guest researcher at University of California close to Matt Bishop on Malware evasion techniques where he published scientific papers on how to build hidden Malware by exploiting memory sharing techniques. Ramilli worked to improve USA electronic election by working at NIST. During his stay at NIST, Ramilli developed a framework to test electronic voting system which ended up on a more general personal publication titled: A Design Methodology for Computer Security Testing. On 2015 after having worked at Palantir Technology Ramilli decided wrap his experiences[39] founding Yoroi,[40][41] one of the most known cyber security company founded in Europe.[42][43][44][45] Yoroi is a cybersecurity company who developed a unique "Cyber Security Defence Center[46][47][48]" aiming to empower cyber security analysts by providing the right threat intelligence and the right detection tools to facilitate their job and to scale up their capabilities.

Ramilli strongly believes that the human being will be doing the difference in the digital era. He wrote many Italian essays on the humanity in the digital era comparing the physical defence with the digital defence highlighting difference and difficulties. Some of the most known assays are: "La Fiducia Nell'Intelligenza Artificiale", "Le Armi Nell' Epoca Digitale", "Dolore Nel Digitale e la Connessione con la Difesa", "L' Umanità Nella Difesa" and "Protezione VS. Difesa".

According to blue-pencil and hack-players Ramilli runs one of the top international blogs[49][50] on cyber security

TV appearances and radio broadcasts[edit]

Ramilli took place on several TV news and Radio broadcasting shows. Following some of the first TV ad radio appearances

References[edit]

  1. "MalHide Malware uses the compromised system as an eMail relay". Security Affairs. 2018-05-28. Retrieved 2018-11-18.
  2. "Using Microsoft Powerpoint as Malware Dropper". Security Affairs. 2018-11-16. Retrieved 2018-11-18.
  3. "Info Stealing – The cyber security expert Marco Ramilli spotted a new operation in the wild". Security Affairs. 2017-12-29. Retrieved 2018-11-18.
  4. "Cybaze, altro colpo M&A: acquisita anche Yoroi". Repubblica.it (in italiano). 2018-10-29. Retrieved 2018-11-18.
  5. "Yoroi, la sicurezza è un'attitudine, non è solo software » inno3". inno3 (in italiano). 2018-03-08. Retrieved 2018-11-18.
  6. "33 anni, dice un grande no all'ex ceo di PayPal e fa una startup a Bologna: chi è Marco Ramilli". Startupitalia (in italiano). 2016-04-15. Retrieved 2018-11-18.
  7. "Italia, nasce il polo d'eccellenza nella cyber security: Yoroi entra in Cybaze". www.difesaesicurezza.com (in italiano). 2018-11-09. Retrieved 2018-11-18.
  8. TEDx Talks (2017-11-10), Defence Belongs to Humans | Marco Ramilli | TEDxMilano, retrieved 2018-11-18
  9. jbass (2010-09-28). "VVSG Introduction". NIST. Retrieved 2018-11-18.
  10. "marcoramilli/malcontrol". GitHub. 2018-10-21. Retrieved 2018-11-18.
  11. "MouseGlove". mouseglove.sourceforge.net. Retrieved 2018-11-18.
  12. "RoboAdmin". roboadmin.sourceforge.net. Retrieved 2018-11-18.
  13. "IENA". iena.sourceforge.net. Retrieved 2018-11-18.
  14. "SpamPIG: Spam Prolog Intelligence". spampig.sourceforge.net. Retrieved 2018-11-18.
  15. "marcoramilli/peinfector". GitHub. 2018-09-07. Retrieved 2018-11-27.
  16. Trinius, Philipp; Willems, Carsten; Holz, Thorsten; Rieck, Konrad (2010). "A Malware Instruction Set for Behavior-Based Analysis". undefined. Retrieved 2018-11-27.
  17. Ramilli, Marco (2010). Designing A New Electronic Voting System: Towards electronic voting systems. Saarbrücken: LAP LAMBERT Academic Publishing. p. 350. ISBN 9783843382304. Search this book on
  18. Ramilli, Marco (2013). A Design Methodology for Computer Security Testing. Place of publication not identified: Lulu.com. ISBN 9781105649981. Search this book on
  19. "Man-in-the-Middle Attack to the HTTPS Protocol - IEEE Journals & Magazine". ieeexplore.ieee.org. Retrieved 2018-11-18.
  20. "Return-Oriented Programming - IEEE Journals & Magazine". ieeexplore.ieee.org. Retrieved 2018-11-18.
  21. "Multi-stage delivery of malware - IEEE Conference Publication". ieeexplore.ieee.org. Retrieved 2018-11-18.
  22. "Multiprocess malware - IEEE Conference Publication". ieeexplore.ieee.org. Retrieved 2018-11-18.
  23. "Splitting the HTTPS Stream to Attack Secure Web Connections - IEEE Journals & Magazine". ieeexplore.ieee.org. Retrieved 2018-11-18.
  24. "Always the Same, Never the Same - IEEE Journals & Magazine". ieeexplore.ieee.org. Retrieved 2018-11-18.
  25. "Towards a practical and effective security testing methodology - IEEE Conference Publication". ieeexplore.ieee.org. Retrieved 2018-11-18.
  26. Prandini, Marco; Ramilli, Marco; Prandini, Marco; Ramilli, Marco (2012-08-09). "Raising Risk Awareness on the Adoption of Web 2.0 Technologies in Decision Making Processes". Future Internet. 4 (3): 700–718. doi:10.3390/fi4030700.
  27. Cerroni, Walter; Moro, Gianluca; Pasolini, Roberto; Ramilli, Marco (2015-07-01). "Decentralized detection of network attacks through P2P data clustering of SNMP data". Computers & Security. 52: 1–16. doi:10.1016/j.cose.2015.03.006. ISSN 0167-4048.
  28. "Frightened by Links - IEEE Journals & Magazine". ieeexplore.ieee.org. Retrieved 2018-11-18.
  29. Cerroni, Walter; Monti, Gabriele; Moro, Gianluca; Ramilli, Marco (2009), "Network Attack Detection Based on Peer-to-Peer Clustering of SNMP Data", Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, Springer Berlin Heidelberg, pp. 417–430, doi:10.1007/978-3-642-10625-5_26, ISBN 9783642106248
  30. Cerroni, Walter; Moro, Gianluca; Pirini, Tommaso; Ramilli, Marco (2013-01-29). Peer-to-peer data mining classifiers for decentralized detection of network attacks. Australian Computer Society, Inc. pp. 101–107. ISBN 9781921770227. Search this book on
  31. Ramilli, Marco; Prandini, Marco (2010), "An Integrated Application of Security Testing Methodologies to e-voting Systems", Electronic Participation, Springer Berlin Heidelberg, pp. 225–236, doi:10.1007/978-3-642-15158-3_19, ISBN 9783642151576
  32. van Veenstra, Anne Fleur; Ramilli, Marco (2011), "Exploring Information Security Issues in Public Sector Inter-organizational Collaboration", Lecture Notes in Computer Science, Springer Berlin Heidelberg, pp. 355–366, doi:10.1007/978-3-642-22878-0_30, ISBN 9783642228773
  33. "Taking the Best of Both Worlds: A Comparison and Integration of the U.S. and EU Approaches to E-Voting Systems Evaluation - IEEE Conference Publication". ieeexplore.ieee.org. Retrieved 2018-11-18.
  34. Prandini, Marco; Ramilli, Marco (2012-10-22). Internet voting: fatally torn between conflicting goals?. ACM. pp. 58–61. doi:10.1145/2463728.2463741. ISBN 9781450312004. Search this book on
  35. Prandini, Marco; Ramilli, Marco (2012). "A Model for E-voting Systems Evaluation Based on International Standards: Definition and Experimental Validation". E-Service Journal. 8 (3): 42–72. doi:10.2979/eservicej.8.3.42.
  36. Prandini, Marco; Ramilli, Marco (2011-09-26). Security considerations about the adoption of web 2.0 technologies in sensitive e-government processes. ACM. pp. 285–288. doi:10.1145/2072069.2072119. ISBN 9781450307468. Search this book on
  37. "Comment Spam Injection Made Easy - IEEE Conference Publication". ieeexplore.ieee.org. Retrieved 2018-11-18.
  38. Prandini, Marco; Ramilli, Marco (2008-08-01). "Redesigning remote system administration paradigms for enhanced security and flexibility". Computer Standards & Interfaces. 30 (6): 424–432. doi:10.1016/j.csi.2008.03.011. ISSN 0920-5489.
  39. "Yoroi, unidea per la security". impresacity.it. Retrieved 2018-11-18.
  40. "Cyber Security: il malware Gootkit torna a colpire le email PEC in Italia". www.difesaesicurezza.com (in italiano). 2018-11-15. Retrieved 2018-11-18.
  41. "Italia, nasce il polo d'eccellenza nella cyber security: Yoroi entra in Cybaze". www.difesaesicurezza.com (in italiano). 2018-11-09. Retrieved 2018-11-18.
  42. Duc, Hiep Nguyen (2015-11-30). "We call ourselves "cyber warriors" and we respect a cyber warrior bushido - Interview with Marco Ramilli, CEO and Founder of YOROI - Hakin9 - IT Security Magazine". Hakin9 - IT Security Magazine. Retrieved 2018-11-18.
  43. Italia, AGI - Agenzia Giornalistica. "La lezione di un attacco hacker all'industria navale italiana". Agi (in italiano). Retrieved 2018-11-18.
  44. "il manifesto". il manifesto (in italiano). Retrieved 2018-11-18.
  45. "Cybaze, altro colpo M&A: acquisita anche Yoroi". Repubblica.it (in italiano). 2018-10-29. Retrieved 2018-11-18.
  46. "L'aeroporto di Orio al Serio fa rotta sulla sicurezza » inno3". inno3 (in italiano). 2018-03-21. Retrieved 2018-11-18.
  47. "Cyber Security: Yoroi sigla accordo con Grant Thornton Financial Advisory Services | Prima Pagina". Prima Pagina (in italiano). 2016-11-07. Retrieved 2018-11-18.
  48. "Yoroi, difesa informatica 4.0 — Unibo Incronaca". incronaca.unibo.it (in italiano). Retrieved 2018-11-18.
  49. brujeador, vmotos. "100 computer security blogs in English". www.hackplayers.com. Retrieved 2018-11-18.
  50. "Awesome Cyber Security Blogs". www.blue-pencil.ca. Retrieved 2018-11-18.
  51. "E gli hacker italiani presero il controllo di una rete criminale". Repubblica.it (in italiano). 2018-08-31. Retrieved 2018-11-20.
  52. "L'anno vissuto pericolosamente dall'Italia: 11 milioni di nostri account in vendita sul dark web". Repubblica.it (in italiano). 2018-02-21. Retrieved 2018-11-20.
  53. "Sembra una cartella esattoriale ma è un virus: già colpiti la Camera, gli Interni e Trenitalia". Repubblica.it (in italiano). 2018-01-21. Retrieved 2018-11-20.


This article "Marco Ramilli" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:Marco Ramilli. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.