|
Marco Ramilli (born 13 January 1983), is an international cyber security expert, entrepreneur, writer and white-hat hacker. Ramilli received his PhD on Information Communication Technology from University of Bologna joining University of California at Davis. During his PhD program he worked for US Government (NIST) where he performed intensive researches on Malware evasion techniques and penetration testing methodologies in order to improve USA electronic voting systems. Ramilli has strong experiences on penetration testing, he has been charged of testing several software and hardware devices, one of the most notable is uVote, a voting system from the MIUR (Ministero Istruzione dell'Università e della Ricerca). In 2015 he decided to found Yoroi: an innovative Managed Cyber Security Service Provider developing one of the most amazing cyber security defence center he has ever experienced. Nowadays Ramilli leads some of the most talented ethical hackers with a unique mission: to defend private and public organisation on digital space. Ramilli strongly strongly believes in the role of humanity in the digital age. He often reminds to his credo: "Defence Belongs To Humans". In 1859, Charles Darwin published “The Origin of Species by Means of Natural Selection”, suggesting that survival depends on the ability to change as environmental conditions change. Ramilli, according with Charles Darwin, he introduced the “ability to defend humanity in the cyber space” in his first TEDx Talk (Milan, Italy). Nowadays is quite clear, humanity should defends itself from Physical Space as well as from Cyber Space. Ramilli decided to dedicate part of his life to the Cyber defense. Education Born in Cesena, Ramilli received a laurea degree in computer engineer, at the University of Bologna, Italy. Ramilli manifested, from an early age, a strong interest in technology and decided to attend a technical high school in Cesena: I.T.I.S (Istituto Tecnico Industriale Statale) Blaise Pascal where he started his first experimental hacks on assembly 8086 and writing networking drivers. At age of 19 after his graduation from I.T.I.S Ramilli started computer engineering from Alma Mater Studiorum University of Bologna where he implemented his first opensource projects to contribute to the opensource community. After his bachelor's degree he decided to follow on studies by taking a Master Degree on computer engineering from University of Bologna where he focused his thesis on Malware analysis. In 2008 once graduated from his Master program Ramilli decided to follow on studies by getting an additional step starting a PhD on Information Communication Technology working as guest researcher on University of California at Davis. Ramilli spent last year of his PhD program working for NIST on the Computer Security Division where he contributed to OEVT (Open Ended Vulnerability Testing) chapter of the wider VVSG Document. Opensource projects during education Ramilli developed the following opensource projects during his first university years as a contribution to the opensource community: * MalControl. Gathering open data from malware analysis websites is the main target of Malware Control Monitor project. Visualise such a data by showing statistics highlighting where threats happen and what their impact is, could be useful to identify malware propagations. * MouseGlove. A very early stage prototype realised to prove that Ramilli was able to build stuff and not only to break them. * RoboAdmin. A simple Remote Terminal Administration used for administrate server with natural language. * IENA. A simple but still effective Multiple and low interaction HonePot, build as main project during his bachelor's degree * SpamPIG. One of the first known anti-spam engine built over "Prolog intelligence". *PEInfector. An interesting tool to find PE empty spaces and to break it into multiple under-file in order to break common AV signature engines. Marco contributed to the Artificial intelligence field by classifying and public releasing a dataset of classified Malware available for free here. He figured out a way to modify MIST (A Malware Instruction Set for Behavior-Based Analysis) in order to make it more flexible in a production environment where training sets might get bigger and bigger over time. Marco introduced an hybrid process analysis over MIST and Behavioural analysis based on specific features. Selected Publications During his studies, Ramilli published Books and Scientific Papers as follows: Books * Designing A New Electronic Voting System: Towards electronic voting systems * A Design Methodology for Computer Security Testing Scientific Papers Only selected publication have been linked here * Man-in-the-Middle Attack to the HTTPS Protocol * Return-oriented programming * Multi-stage delivery of malware * Multiprocess malware * Splitting the HTTPS stream to attack secure web connections * Always the same, never the same * Towards a practical and effective security testing methodology * Raising risk awareness on the adoption of Web 2.0 technologies in decision making processes * Decentralised detection of network attacks through P2P data clustering of SNMP data * Frightened by links * Network attack detection based on peer-to-peer clustering of SNMP data * Peer-to-peer data mining classifiers for decentralised detection of network attacks * An integrated application of security testing methodologies to e-voting systems * Exploring information security issues in public sector inter-organizational collaboration * Taking the Best of Both Worlds: a Comparison and Integration of the US and EU Approaches to E-voting Systems Evaluation * Internet voting: fatally torn between conflicting goals? * A model for e-voting systems evaluation based on international standards: definition and experimental validation * Security considerations about the adoption of web 2.0 technologies in sensitive e-government processes * Comment spam injection made easy * Redesigning remote system administration paradigms for enhanced security and flexibility Working Experiences Ramilli worked as guest researcher at University of California close to Matt Bishop on Malware evasion techniques where he published scientific papers on how to build hidden Malware by exploiting memory sharing techniques. Ramilli worked to improve USA electronic election by working at NIST. During his stay at NIST, Ramilli developed a framework to test electronic voting system which ended up on a more general personal publication titled: A Design Methodology for Computer Security Testing. On 2015 after having worked at Palantir Technology Ramilli decided wrap his experiences founding Yoroi, one of the most known cyber security company founded in Europe. Yoroi is a cybersecurity company who developed a unique "Cyber Security Defence Center" aiming to empower cyber security analysts by providing the right threat intelligence and the right detection tools to facilitate their job and to scale up their capabilities. Ramilli strongly believes that the human being will be doing the difference in the digital era. He wrote many Italian essays on the humanity in the digital era comparing the physical defence with the digital defence highlighting difference and difficulties. Some of the most known assays are: "La Fiducia Nell'Intelligenza Artificiale", "Le Armi Nell' Epoca Digitale", "Dolore Nel Digitale e la Connessione con la Difesa", "L' Umanità Nella Difesa" and "Protezione VS. Difesa". According to blue-pencil and hack-players Ramilli runs one of the top international blogs on cyber security TV appearances and radio broadcasts Ramilli took place on several TV news and Radio broadcasting shows. Following some of the first TV ad radio appearances * RAI TG1 during a special program on Cyber Security * during a special broadcasting program on Data Leaks * during a specialbroadcasting program on Cyber Security * Radio Radicale during a conference into the House of Representatives () on Cyber Security made in Italy * Radio Radicale during a conference into the House of Representatives () on post G7 selective Meeting] *Repubblica (the first Italian news paper) cited many time Ramilli's researches and companies. *SanMarino TV show
|
|
|