The Team

September 13, 2015
C. Aaron Visaggio

C. Aaron Visaggio

Dr. Corrado Aaron Visaggio is Professor of Software Security at the University of Sannio, Italy. He received his degree in Electronic Engineering from the Politecnico of Bari, and his PhD in Software Engineering from the University of Sannio.
His first work experience was with the Fraunhofer IESE (Kaiserslautern, Germany), working as researcher in the field of Empirical Software Engineering.
He has founded a software house, which is an academic spin off, namely SER&Practices.
He is consultant for many enterprises for projects of Software Security and Software Engineering, Software Testing, and Software Quality within and outside Italian borders.
He is responsible of the node Unisannio for the CyberSecurity CINI National Lab.
His main interests of research are: malware analysis, vulnerability assessment, mobile security, and web app security.
He is author of more than 70 papers in international journals and conferences.
He collaborates with the ONG Informatici Senza Frontiere, in the area of security awareness.
He is speaker in many national and international conferences on Software Security.
He collaborates with many different university like:
University of San Jose (CA, USA)
University of Castilla-La-Mancha (Spain)
University of Lugano (Switzerland)
University of Zurich (Switzerland)
He serves on various international committees including Software Security and Software Engineering research study sections.

Dr. Professor at University of Sannio

  • Software Security
  • Network Security
  • Vulnerability Assessment
  • Computer Security
  • Opinion mining
  • Empirical Software Engineering

Penetration Testing - 99%
Vulnerability Assessment - 99%
Web Application Security - 99%
Data Anomaly Detection - 99%
Malware Analysis - 99%
Danilo Caivano

Danilo Caivano

Danilo Caivano graduated at the University of Bari Aldo Moro, where he also obtained his PhD in 2002 and is currently assistant professor. He carries out his research in the Software Engineering Laboratory at the Department of Informatics. His research and teaching activities focus on topics related to Software Engineering with emphasis on Project and Process Management in collocated and distributed contexts and on software development, maintenance and testing. Since 2007 he is Chief Executive Officer of SER&Practices (www.serandp.com), a Spin Off company of the University of Bari that he has contributed to start up. He has managed several large and complex projects, many of which are focused on research and development in partnership with Universities, Research Centers, as well as national and international companies. He is actively involved in the Project Management Institute - Southern Italy Chapter (www.pmi.org) and in the International Software Engineering Research Network (isern.iese.de). He is representative of University of Bari in the Smartcities & Communities CINI National Lab and involved in several board and scientific committees of public and private companies. He is the coordinator of the 1st Short Master in Cyber Security co-organized by University of Bari and OmnitechIT (http://omnitechit.eu). His research interests are now moving towards software engineering methods and techniques for cyber secutity. e vulnerability.

Andrea Di Sorbo

Andrea Di Sorbo

Andrea Di Sorbo was born in Piedimonte Matese(CE) in 1984.
In May 2013 he received (cum laude) Master’s Degree in Computer Engineering at University of Sannio, with a thesis entitled “Design and Implementation of a Sentiment Mining Analyzer for micro-comments in Italian Language” advised by Prof. Corrado Aaron Visaggio. In July 2013 he obtained the  best graduate award in Computer Engineering at University of Sannio for the Academic Year 2011/2012.
In July 2009 he received Bachelor’s Degree in Computer Engineering at University of Sannio, with a thesis entitled “Design and Implementation of a Client-Server Tool for the Web Penetration Testing”.
During his studies he examined several themes including: Software Engineering Development Models, Software Technologies for the Web, Operating Systems, Database Models and Technologies, Distributed and Parallel Computing, High-Performance Computing, Software Design Technologies, Software Testing Methodologies, Programming Paradigms and Programming Languages, Software Security Threats.        
Currently he is a PhD student at the University of Sannio. His research interests include: Mining Software Repositories, Software Engineering, Text Analysis, and Software Security. His work is supervised by Prof. Gerardo Canfora and Prof. Corrado Aaron Visaggio.

PhD Student

  • Software Engineering Development Models
  • Methodologies, Programming Paradigms and Programming Languages
  • Mining Software
  • Software Testing Methodologies
  • Software Security Threats

NLP Researcher

Software Engineering Development Models - 99%
Programming Paradigms and Programming - 99%
Mining Software - 99%
Software Security - 85%
Antonio Pirozzi

Antonio Pirozzi

Antonio Pirozzi In May 2011 received Bachelor’s Degree in Computer Engineering at University of Sannio, with a thesis entitled “System for Detecting Malicious web sites using heuristics”.
In March 2015 , he received (cum laude) Master’s Degree in Computer Engineering at University of Sannio, with a thesis entitled “Detecting Android Malware Variants using Opcodes Frequency Distribution and call graphs Isomorphism Analysis” advised by Prof. Corrado Aaron Visaggio.
In September 2015 he won a Research Grant funded by Emaze Networks spa and currently he holds the position of Research Fellow of Software Security and Vulnerability Researcher for Emaze Network spa at University of Sannio (Italy).

He co-found, in 2010, along Dr. Prof. C. Aaron Visaggio, the ISWAT Research Team in University of Sannio and actually he's a Security Researcher in ISWAT. He worked as IT Security Engineer in Sanniomatica srl from 2011 to 1014, actually he's also a Security Consultant for different companies.
His experience goes beyond the classical Computer Security landscape, he's also passionate on GSM Security, Critical Infrastructure Security, ICS Exploitation.. His research interests include: Software Security, Malware Analysis, Vulnerability Research, GSM Security, Compilers, Enrcyption, side-channel exploit.
Actually, his academic research is focused on Android Malware Philogenesys nalysis, with the design of a methodology to Detect Malware Variants using Opcodes distribution and Call Graph Isomorphism analysis. The tool prototype is called DescentDroid.

I have done Professional Software Development on : - Android mobile application. - GSM security related, working on a USRP 2 ETTUS , customizing OpenBTS firmware. exploiting MUTUAL Auth on GSM . - Security Framework (ISP-based web filtering, IDS, SIEM).

Research Fellow at Dept. of Engineering, University of Sannio -Vulnerability Researcher for Emaze Networks s.p.a

  • Exploiting Software
  • Vulnerability Assessment
  • Penetration Testing

R&D Vulnerability Researcher

Penetration Testing - 95%
Software Vulnerability Assessment - 99%
Exploit Development - 99%
ICS Vulnerability Assessment - 99%
Side-Channels Attacks - 99%
Android Malware - 99%
Malware Analysis - 99%
Francesco Mercaldo

Francesco Mercaldo

Francesco Mercaldo received his Master Degree in Computer Engineering from the University of Sannio, with a thesis in Software Testing entitled "Design and implementation of a system for the identification of anomalies of alteration of databases" under the supervision of Professor Corrado Aaron Visaggio.
He obtained his Ph.D in 2015 with a dissertation on malware analysis using machine learning technique under the supervision of Profs. Gerardo Canfora and Corrado Aaron Visaggio.
The research areas of Francesco is software testing, verification and validation, with the emphasis on the application of empirical methods.
The core of his research is finding methods and methodologies to detect these new threats applying the empirical methods of software engineering as well as studying the current mechanisms to ensure security and private data in order to highlight the vulnerability.

PhD, Post-Doc Researcher

  • Android Malware
  • MobileSecurity
  • Empirical Software Engineering

Android Malware Analysis - 99%
Android Security - 99%
Software Metrics - 99%
Software Security - 99%