Salvatore Manfredi Researcher

Salvatore Manfredi is a researcher at the Center for Cybersecurity.

He earned his Bachelor’s degree in Computer Science from the University of Catania in 2016 and his Master’s degree in 2019 from the University of Trento. He received his Ph.D. in Secure and Reliable Systems from the University of Genoa in 2023.

In recent years, he has worked on the security analysis of the authentication scheme for the Italian electronic identity card (CIE 3.0) and on the Horizon 2020-funded FINSEC project. Recently, he joined the team working on MERIT, an EU project that aims to create a dynamic educational ecosystem for the training of digital specialists.

His research interests include network security, awareness training, and risk management of TLS configurations.

Publications

2022

Matteo Rizzi, Salvatore Manfredi, Giada Sciarretta, Silvio Ranise
A Modular and Extensible Framework for Securing TLS
In: Proceedings of the Twelfth ACM Conference on Data and Application Security and Privacy (CODASPY 2022) (DOI, news)
Matteo Rizzi, Salvatore Manfredi, Giada Sciarretta, Silvio Ranise
Demo: TLSAssistant v2 - A Modular and Extensible Framework for Securing TLS
In: Proceedings of the 27th ACM Symposium on Access Control Models and Technologies (SACMAT 2022) (DOI, news)
Salvatore Manfredi, Mariano Ceccato, Giada Sciarretta, Silvio Ranise
Empirical Validation on the Usability of Security Reports for Patching TLS Misconfigurations: User- and Case-Studies on Actionable Mitigations
In: Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA) (DOI)

2021

Salvatore Manfredi, Mariano Ceccato, Giada Sciarretta, Silvio Ranise
Do Security Reports Meet Usability? - Lessons Learned from Using Actionable Mitigations for Patching TLS Misconfigurations
In: The 16th International Conference on Availability, Reliability and Security (ARES 2021) (ETACS 2021) (DOI, complementary material, news)

2020

Andrea Bisegna, Roberto Carbone, Mariano Ceccato, Salvatore Manfredi, Silvio Ranise, Giada Sciarretta, Alessandro Tomasi, Emanuele Viglianisi
Automated Assistance to the Security Assessment of API for Financial Services in book Cyber-Physical Threat Intelligence for Critical Infrastructures Security: A Guide to Integrated Cyber-Physical Protection of Modern Critical Infrastructures
In: Cyber-Physical Threat Intelligence for Critical Infrastructures Security: A Guide to Integrated Cyber-Physical Protection of Modern Critical Infrastructures (DOI)
Salvatore Manfredi, Silvio Ranise, Giada Sciarretta, Alessandro Tomasi
TLSAssistant goes FINSEC: A Security Platform Integration Extending Threat Intelligence Language
In: 1st International Workshop on Cyber-Physical Security for Critical Infrastructures Protection (CPS4CIP 2020)

2019

Salvatore Manfredi, Silvio Ranise, Giada Sciarretta
Lost in TLS? No More! Assisted Deployment of Secure TLS Configurations
In: Proceedings of the 33rd Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec 2019), vol. 11559, pp. 201-220 (DOI, news)

Theses

Salvatore Manfredi (PhD Thesis, University of Genoa, 2023)
Automated Assistance for Actionable Security: Security and Compliance of TLS Configurations (link)
Supervisor: Silvio Ranise | Co-supervisor: Giada Sciarretta
Salvatore Manfredi (Master's Thesis, University of Trento, 2019)
Assisting users in securing TLS configurations
Supervisors: Silvio Ranise | Co-supervisor: Giada Sciarretta

Projects

Former

FINSEC

Integrated Framework for Predictive and Collaborative Security of Financial Infrastructures

Dissemination

2024

March 21, 2024 • School
Salvatore Manfredi, Giada Sciarretta
Identità digitale
Liceo Scientifico "Galileo Galilei", Trento

March 15, 2024 • School
Salvatore Manfredi, Giada Sciarretta
Consapevolezza e Sicurezza Informatica
ENAIP Trentino, Trento

2023

September 29, 2023 • General
Salvatore Manfredi, Matteo Rizzi, Giada Sciarretta
Siamo al sicuro? Mettiamoci alla prova! Un viaggio nel mondo della sicurezza informatica
Notte della Ricerca 2023 (Event)

February 16-17, 2023 • School
Salvatore Manfredi, Giada Sciarretta
Avvicinamento alla sicurezza informatica
Istituto Comprensivo Civezzano, Trento

2022

February 21-25, 2022 • School
Salvatore Manfredi, Giada Sciarretta
Giornata mondiale per la Sicurezza in Rete
Istituto Comprensivo Civezzano, Trento

2021

November 11, 2021 • Specialized
Salvatore Manfredi
TLSAssistant - uno strumento per identificare e mitigare le vulnerabilità di TLS
Security Summit Streaming Edition 2021 (Details, Slides)

September 30, 2021 • Specialized
Salvatore Manfredi
TLSAssistant - a comprehensive tool for identifying and mitigating TLS vulnerabilities
OWASP Italy Meetup 2021 (Event)

September 24, 2021 • General
Salvatore Manfredi, Umberto Morelli, Giada Sciarretta, Alessandro Tomasi
Siamo al sicuro? Mettiamoci alla prova! Avvicinamento alla sicurezza informatica
Notte dei Ricercatori 2021 (Event)

2019

September 27, 2019 • General
Salvatore Manfredi, Umberto Morelli, Alessandro Tomasi
Ti senti al sicuro? Sicurezza online, identità digitale e uso della carta d'identità elettronica
Notte dei Ricercatori 2019 (Event, Program)

February 18-22, 2019 • School
Matteo Leonelli, Salvatore Manfredi, Umberto Morelli, Giada Sciarretta, Silvio Ranise
Pro[M] Camp 2019
Pro[M] Camp 2019 (Event)

Supervised Theses

2023

Sara Sorrentino (Bachelor's Thesis, University of Trento, 2023)
Use of Gamification for Effective Cybersecurity Awareness Programs: Study and Design of a Novel Framework
Supervisors: Silvio Ranise | Co-supervisors: Salvatore Manfredi, Matteo Rizzi
Riccardo Germenia (Bachelor's Thesis, University of Trento, 2023)
A Module to Evaluate the Security Compliance of TLS Deployments: Design and Implementation of a Mechanized Methodology
Supervisors: Silvio Ranise | Co-supervisors: Salvatore Manfredi, Matteo Rizzi

2022

Federico Cucino (Bachelor's Thesis, University of Trento, 2022)
Miglioramento delle capacità di analisi di TLSAssistant - Automatizzazione delle mitigazioni per NGINX
Supervisors: Silvio Ranise | Co-supervisors: Salvatore Manfredi, Giada Sciarretta
Ivan Valentini (Bachelor's Thesis, University of Trento, 2022)
Estensione delle capacità di analisi di TLSAssistant - Rilevazione e mitigazione di ALPACA, POODLE e Raccoon
Supervisors: Silvio Ranise | Co-supervisors: Salvatore Manfredi, Giada Sciarretta

2021

Matteo Rizzi (Bachelor's Thesis, University of Trento, 2021)
TLS Analyzers for Android Apps: State-of-the-art Analysis and Integration in TLSAssistant
Supervisors: Silvio Ranise | Co-supervisors: Giada Sciarretta, Salvatore Manfredi
Awards: 3rd place at thesis award "Innovare la sicurezza delle informazioni 2021", sponsored by CLUSIT
Alessandro Pegoraro (Bachelor's Thesis, University of Trento, 2021)
Payment Services Directive 2 in the Wild - A comparison between Open Banking UK and NextGenPSD2
Supervisors: Silvio Ranise | Co-supervisors: Giada Sciarretta, Salvatore Manfredi

Contacts

Links