Fabio Pierazzi

Office 109

169 Euston Rd.

UCL, London

I am invested into understanding how AI can be used to improve systems security tasks, with a particular emphasis on settings in which attackers adapt quickly to new defenses. In this context, I am currently exploring how to measure, mitigate and prevent concept drift in ML-based detection systems; how to measure and improve robustness of systems to adversarial attacks while taking into account problem-space constraints (such as preserving semantics of modified code); and how to explain what these systems are doing, both from an attacker’s and a defender’s perspective.

I also care deeply about the practicality of our proposed solutions, and on understanding implications and limitations of using AI in the context of computer security. To this purpose, I also regularly engage and collaborate with industry. I mostly work on malware analysis and network traffic, but I am becoming more interested in understanding inner workings of AI and ML models to improve their trustworthiness in more general security scenarios.

I am always looking for motivated students and collaborators passionate about these topics. If you are interested in joining my team, or even just visiting, have a look here.

news

Mar 4, 2025	Updated opportunities for fully-funded Home Studentship at UCL see here
Jan 31, 2025	Opportunity for fully-funded Home Studentship at UCL: see here
Nov 1, 2024	I joined UCL Computer Science as Associate Professor in Information Security.
Oct 20, 2024	Shae got a paper accepted at ARTMAN (co-located with ACSAC).
Sep 20, 2024	Jacopo successfully passed his Ph.D. viva, with the usual minor amendments!

selected publications

2024

DLSP

Shae McFadden, Marcello Maugeri, Chris Hicks, Vasilis Mavroudis, and Fabio Pierazzi , "Wendigo: Deep Reinforcement Learning for Denial-of-Service Query Discovery in GraphQL" , In Proc. of the IEEE Workshop on Deep Learning Security and Privacy (DLSP), 2024

Bib PDF Code

@inproceedings{mcfadden2024wendigo,
  title = {Wendigo: Deep Reinforcement Learning for Denial-of-Service Query Discovery in GraphQL},
  author = {McFadden, Shae and Maugeri, Marcello and Hicks, Chris and Mavroudis, Vasilis and Pierazzi, Fabio},
  booktitle = {Proc. of the {IEEE} Workshop on Deep Learning Security and Privacy ({DLSP})},
  year = {2024},
}

2023

AISec

Theo Chow, Zeliang Kan, Lorenz Linhardt, Lorenzo Cavallaro, Daniel Arp, and Fabio Pierazzi , "Drift Forensics of Malware Classifiers" , In Proc. of the ACM Workshop on Artificial Intelligence and Security (AISec), 2023

Bib PDF Code

@inproceedings{chow2023driftforensics,
  title = {Drift Forensics of Malware Classifiers},
  author = {Chow, Theo and Kan, Zeliang and Linhardt, Lorenz and Cavallaro, Lorenzo and Arp, Daniel and Pierazzi, Fabio},
  booktitle = {Proc. of the {ACM} Workshop on Artificial Intelligence and Security ({AISec})},
  year = {2023},
}

IEEE SaTML

Giovanni Apruzzese, Hyrum S Anderson, Savino Dambra, David Freeman, Fabio Pierazzi, and Kevin Roundy , "“Real Attackers Don’t Compute Gradients”: Bridging the Gap Between Adversarial ML Research and Practice" , In IEEE Conference on Secure and Trustworthy Machine Learning (SaTML), 2023
Position Paper

Bib PDF Website

@inproceedings{apruzzese2023real,
  title = {{“Real Attackers Don't Compute Gradients”: Bridging the Gap Between Adversarial ML Research and Practice}},
  author = {Apruzzese, Giovanni and Anderson, Hyrum S and Dambra, Savino and Freeman, David and Pierazzi, Fabio and Roundy, Kevin},
  booktitle = {{IEEE} Conference on Secure and Trustworthy Machine Learning ({SaTML})},
  pages = {339--364},
  year = {2023},
  organization = {IEEE},
  note = {<br/><span class="badge badge-warning">Position Paper</span>}
}

2022

USENIX Sec

Daniel Arp, Erwin Quiring, Feargus Pendlebury, Alexander Warnecke, Fabio Pierazzi, Christian Wressnegger, Lorenzo Cavallaro, and Konrad Rieck , "Dos and don’ts of machine learning in computer security" , In Proc. of USENIX Security Symposium, 2022
Distinguished Paper Award

arXiv Bib PDF Website

@inproceedings{ArpQuiPen+22,
  title = {Dos and don'ts of machine learning in computer security},
  author = {Arp, Daniel and Quiring, Erwin and Pendlebury, Feargus and Warnecke, Alexander and Pierazzi, Fabio and Wressnegger, Christian and Cavallaro, Lorenzo and Rieck, Konrad},
  booktitle = {Proc. of {USENIX} Security Symposium},
  year = {2022},
  note = {<br/><span class="badge badge-primary">Distinguished Paper Award</span>}
}

2020

IEEE S&P

Fabio Pierazzi, Feargus Pendlebury, Jacopo Cortellazzi, and Lorenzo Cavallaro , "Intriguing properties of adversarial ML attacks in the problem space" , In IEEE Symposium on Security and Privacy (S&P), 2020

Bib PDF Code Website

@inproceedings{pierazzi2020intriguing,
  title = {Intriguing properties of adversarial ML attacks in the problem space},
  author = {Pierazzi, Fabio and Pendlebury, Feargus and Cortellazzi, Jacopo and Cavallaro, Lorenzo},
  booktitle = {{IEEE} Symposium on Security and Privacy ({S\&P})},
  pages = {1332--1349},
  year = {2020},
  organization = {IEEE},
}

2019

USENIX Sec

Feargus Pendlebury, Fabio Pierazzi, Roberto Jordaney, Johannes Kinder, and Lorenzo Cavallaro , "TESSERACT: Eliminating experimental bias in malware classification across space and time" , In Proc. of USENIX Security Symposium, 2019

Bib PDF Code Website

@inproceedings{pendlebury2019tesseract,
  title = {TESSERACT: Eliminating experimental bias in malware classification across space and time},
  author = {Pendlebury, Feargus and Pierazzi, Fabio and Jordaney, Roberto and Kinder, Johannes and Cavallaro, Lorenzo},
  booktitle = {Proc. of {USENIX} Security Symposium},
  year = {2019},
}