Mario Raciti

PhD Researcher in Cybersecurity

tsumarios' blog

CySec and Research - A cool description might be something like:
"a place where I post about my research and share resources".

Featured Posts

You can find more articles in my Personal Blog.

(Gen)AI4CySec

Jul 13, 2024 • ai, cti, dfir

This blog post introduces you to the (Gen)AI4CySec project, which highlights the practical applications of Generative AI (GenAI) in cybersecurity.

A Primer on Cryptocurrency Investigation and Forensics

Sep 02, 2023 • dfir

An introductory exploration of Cryptocurrency Investigation and Forensics, with a demo on a real-world RaaS case.

Visual Cryptography Explained

Oct 21, 2022 • cryptography, dfir

An overview about Visual Cryptography and implementations of the main state-of-the-art techniques in the VCrytpure open source project.

~$ whoami

PhD Student in Cybersecurity at IMT School for Advanced Studies Lucca - University of Catania.
Security Researcher at NaS.Inf.
Host of the HoneyPod podcast.
Admin/Writer at Rev3rse Security.
Interests: CySec and Privacy Threat Modelling, Anti-Forensics, Cyber Threat Intelligence.

Short Bio

I am a PhD Student of the first National PhD in Cybersecurity at IMT School for Advanced Studies Lucca, assigned at the University of Catania, where I joined the Networks and Security Informatics (NaS.Inf) research lab. Currently, I am a visiting researcher at Fondazione Bruno Kessler, where I joined the Center for Cybersecurity. I was previously a visiting researcher at KU Leuven, where I joined the DistriNet research unit.
I hold a Master's degree in Computer Science (Network and Security Systems) from the University of Catania. My Master's thesis focused on cybersecurity risks in modern vehicles.
Before starting my doctorate programme, I worked as a Research Fellow at the Italian Institute for Astrophysics (INAF) for 2 years.
My research interests cover the CySec and Privacy Threat Modelling, Anti-Forensics, and Cyber Threat Intelligence fields.

Experience

Apr 2025–ongoing

Research - Fondazione Bruno Kessler - Center for Cybersecurity

Visiting Researcher. Cybersecurity and Privacy Threat Modelling - Threat Modelling Automation with Multi-Agentic LLMs.
Feb 2025–Mar 2025

Teaching - Le Panier S.R.L.

Instructor. Basic digital skills for information and data management - Digital culture and cybersecurity awareness - AI.
Sep 2024–Mar 2025

Research - KU Leuven - DistriNet

Visiting Researcher. Cybersecurity and Privacy Threat Modelling - Threat Modelling Automation with Generative AI and LLMs - Evaluation of Threat Modelling Tools.
Dec 2022–ongoing

Research - IMT School for Advanced Studies Lucca - NaS.Inf

PhD Researcher. Cybersecurity and Privacy Threat Modelling - (Anti-)Digital Forensics - Cyber Threat Intelligence - Cryptocurrency Investigation and Cybercrime - IoT Privacy and Security - Research Method - Project Management - Research Grant Application.
Oct 2020–Nov 2022

Fellowship - INAF-OACT

Scrum (AGILE) software developer. In-kind collaboration within ASTRON for the LOFAR–TMSS projects.
System Administrator. System management of the PLEIADI cluster.
Mar 2020–May 2020

Internship - INAF-OACT

Trainee. REST-ful APIs and Web service implementation for the EOSC cloud as part of H2020 NEANIAS.
Feb 2019–ongoing

Community Collaboration - Rev3rse Security

Blog Writer - Admin. Technical ICT Security blogging on research, proof-of-concepts and tutorials.

Research Projects

Jan 2025-ongoing

SCAR’s Four Security-Unravelling Dimensions - SCAR4SUD

Team Member. IT PNRR Spoke 7 SERICS. Design and application of a reference framework for the automotive sector, integrating multi-layered security and privacy practices using STRIDE and LINDDUN.
Nov 2024-ongoing

Supply Chain Attack Avoidance - SCAI

Team Member. IT PNRR Spoke 6 SERICS. Design and application of an automated threat modeling methodology using NLP and LLMs to integrate cybersecurity, AI, and human-factor risks from regulatory frameworks.
Feb 2024-Oct 2024

Privacy Enrooted Car Systems - PECS

Team Member. EU NGI Trustchain Project. Design and implementation of a multisensory-media car interface for the static definition and dynamic runtime control of privacy policies.
Nov 2023-ongoing

Future generation Security for smart and connected Cars - FuSeCar

Collaborator. PRIN 2022 Project. Design and application of a methodology for the de-anonymisation and linkability of personal data in realistic connected vehicle scenarios.
Sep 2023-ongoing

Future Artificial Intelligence Research - FAIR

Collaborator. PNRR MUR Project. Analysis of multimodal document sources for the elicitation of a complete list of threats, while avoiding redundancy and subjectivity.
May 2023-Jul 2024

Following the Crypto Rabbit - How to Track RaaS Attacks on the Blockchain

Team Member. Design and implementation of a blockchain analysis and querying approach using temporal logic for criminal investigations, including Ransomware-as-a-Service.

Additional Responsibilities

Peer Review

ESORICS 2025, ACSW 2025, SAC-SRC 2025, ACSW 2024, ESORICS 2024, ESORICS 2023.
Technical Program Commettee

IEEE EuroS&P ACSW 2025, ACSW 2024.

International Events

Sep 2024-Sep 2024

Summer School - SECAI

PhD Student. Summer School on Security and Privacy in the Age of AI 2024 - Security and privacy aspects of AI, security and privacy solutions with advanced AI, state-of-the-art ML to higher security and privacy levels, establishing stronger ties between academia and industry.
Jun 2024-Jun 2024

Summer School - CySeP

PhD Student. Cybersecurity and Privacy (CySeP) Summer School 2024 - Cybersecurity and Privacy challenges, fundamentals, cutting-edge solutions, and latest research results.
Jul 2023-Jul 2023

Summer School - IFOSS

PhD Student. International FOrensics Summer School (IFOSS) 2023 Edition - Digitalisation and forensic data science: from evidence acquisition to interpretation.

Certifications & Courses

2025

Windows Forensics - Belkasoft

2024

5-day Generative AI Intensive Course - Google

Generative AI: Boost Your Cybersecurity Career - IBM

Android Forensics - Belkasoft
2023

Digital Forensics Masterclass: Forensic Science 2023 DFMC+ - Udemy
2020

Autopsy 8-Hour Online Training - BasisTech

Education

2022–ongoing

PhD Degree - IMT School for Advanced Studies Lucca, assigned at DMI.UNICT, Italy.

PhD-CySec - National PhD in Cybersecurity - Software, System, and Infrastructure Security, EQF 8
2018–2020

Master's Degree - DMI.UNICT, Italy.

LM-18 - 2nd level degree in Computer Science - Network and Security Systems, EQF 7
2015–2018

Bachelor's Degree - DMI.UNICT, Italy.

L-31 - 1st level degree in Computer Science, EQF 6

Selected Publications

The full list is available on my ResearchGate profile.

Verreydt et al. (In press.) On the usefulness of LLM-generated threat descriptions.
In 4th International Workshop on Designing and Measuring Security in Systems with AI (DeMeSSAI 2025).
Bellemans J. et al. (In press.) From Cluttered to Clustered: Addressing Privacy Threat Explosion through Automated Clustering.
In the International Workshop on Privacy Engineering (IWPE 2025).
Raciti M. and Bella G. (Jun 2025) To See or Not to See: A Privacy Threat Model for Digital Forensics in Crime Investigation.
In 13th International Symposium on Digital Forensics and Security (ISDFS 2025).
Raciti M. and Bella G. (Mar 2025) The SPADA Methodology for Threat Modelling.
In International Journal of Information Security.
Blanchini M. et al. (Aug 2024) Supporting Criminal Investigations on the Blockchain: A Temporal Logic-based Approach.
In Proceedings of the Italian Conference on Cyber Security (ITASEC 2024).
Raciti M. and Bella G. (May 2024) Behind the (Digital Crime) Scenes: An MSC Model.
In 12th International Symposium on Digital Forensics and Security (ISDFS 2024).
Raciti M. (Mar 2024) Conceptualising an Anti-Digital Forensics Kill Chain for Smart Homes.
In Proceedings of the 10th International Conference on Information Systems Security and Privacy (ICISSP 2024).
Raciti M. and Bella G. (Mar 2024) Up-to-date Threat Modelling for Soft Privacy on Smart Cars.
In 7th International Workshop on SECurity and Privacy Requirements Engineering (SECPRE 2023).
Raciti M. and Bella G. (Jul 2023) A Threat Model for Soft Privacy on Smart Cars.
In 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW).
Raciti M. and Bella G. (Apr 2023) How to Model Privacy Threats in the Automotive Domain.
In Proceedings of the 9th International Conference on Vehicle Technology and Intelligent Transport Systems (VEHITS 2023).
Bella G. et al. (Feb 2023) The AILA Methodology for Automated and Intelligent Likelihood Assignment in Risk Assessment.
In IEEE Access.
Bella G. et al. (Aug 2022) The AILA Methodology for Automated and Intelligent Likelihood Assignment.
In 6th International Conference on Cryptography, Security and Privacy (CSP).
Raciti M. (Jun 2022) The TMSS project for LOFAR 2.0 operations.
Poster in Forum della Ricerca Sperimentale e Tecnologica in INAF (2022).
Raciti M., Vitello F. R. (Mar 2022) WebSocket Integration in Django.
INAF Technical Reports.

Talks and Presentations

(Click on the cover image to download slides)

Jun 2025
Cybersecurity threat elicitation under human-artificial intelligence sources of risk.
Second Software and Platform Security Workshop (SERICS Spoke 6)

Jun 2025
Capillary Static Policy Setup and Multisensory Dynamic Feedback in Modern Cars.
In HCII 2025 Conference (HCI-CPT 2025)

Apr 2025
To See or Not to See: A Privacy Threat Model for Digital Forensics in Crime Investigation.
In 13th International Symposium on Digital Forensics and Security (ISDFS 2025)

Mar 2025
Re-forging SPADA: guiding threat modelling and automation challenges.
DRADS DistriNet Workshop (DRADS 2025)

Apr 2024
Behind the (Digital Crime) Scenes: An MSC Model.
In 12th International Symposium on Digital Forensics and Security (ISDFS 2024)

Feb 2024
Conceptualising an Anti-Digital Forensics Kill Chain for Smart Homes.
10th International Conference on Information Systems Security and Privacy (ICISSP 2024)

Nov 2023
Behind the Screens: An MSC-Model of Digital Forensics in Crime Investigation.
The 2023 Workshop on Security Frameworks "Intelligence rests on Knowledge" (Workshop)

Nov 2023
The SPADA Methodology for Privacy Threat Modelling.
Automotive Innovation Workshop 2023 (Workshop)

Sep 2023
Up-to-date Threat Modelling for Soft Privacy on Smart Cars.
7th International Workshop on SECurity and Privacy Requirements Engineering (Workshop)

Jul 2023
A Threat Model for Soft Privacy on Smart Cars.
Second Workshop on Automotive Cybersecurity 2023 (Workshop)

Mar 2023
Subjectivity and Automation in Privacy Risk Assessment.
Hardening Seven 2023 Edition (Workshop)

Dec 2022
Risk assessment with AILA: Automated and Intelligent Likelihood Assignment.
The 2022 Workshop on Security Frameworks "Security Testing" (Workshop)

Jun 2022
The TMSS project for LOFAR 2.0 operations.
Forum della Ricerca Sperimentale e Tecnologica in INAF (INAF Event)

Jun 2022
Science Gateways in EOSC: The NEANIAS Visualisation Gateway.
14th International Workshop on Science Gateways (Workshop)

May 2022
The advantages of Notebooks orbiting the Cloud.
From Science Gateways to Papers (Workshop)

Dec 2020
Automotive Risk Assessment.
3 anni di Rev3rse Security (YouTube Live)

Works

You can find full code and related docs on my Github profile.

アマヤラ Lab

アマヤラ (Android Malware Analysis YARA) Lab is a project that provides a ready-to-use Jupyter Lab environment to help out with Android malware analysis using YARA rules. It automatically analyses files with your YARA rules and stores the results in a JSON file. YARA rules are checked against both the APK file itself and its content (recursively). アマヤラ Lab also gathers some information about the file(s) that you want to analyse from the Virus Total and Malware Bazaar APIs, using your own API keys. Eventually, The results include a link to Pithus which is valid only if the file was already uploaded.

AURA

AURA (AUtomotive Risk Assessment) is the name of my Master's thesis. In this work we propose a Risk Assessment exercise applied to an automotive scenario, according to the MAGERIT methodology and with the support of the PILAR commercial tool, in order to seek whether both of them may prove to be useful in the automotive field, with specific attention paid to potential threats against personal data en route from/to connected vehicles. Moreover, we also provide a regression analysis study of the algorithm implemented in Pilar for the purposes of reverse engineering, to better understand the values calculated by the tool in the demo.

VCrypture

VCrypture is an online service that allows you to encrypt your secret images safely using visual cryptographic algorithms. VCrypture is composed of two mainly parts: VCrypture-API and VCrypture-Web. The latter is a web server which provides the front-end as well as forwarding users' requests to the API core, whilst the former aims to perform visual cryptographic operations on images. The user can choose between four visual cryptographic algorithms: Naor-Shamir, Taghaddos-Latif, Dhiman-Kasana EVCT(N, N) and Dhiman-Kasana EVCT(K, N).

DSR Bad

The Dynamic Source Routing (DSR) protocol is an example of reactive routing protocol for MANET networks. To work properly, DSR requires nodes to collaborate without maliciously inhibiting routing operations. In this scientific paper we present DSR Bad, a modification of the DSR module present in the ns-3 simulator, through which we aim to study and analyze two examples of non-cooperative scenarios that allow us to observe the impact suffered by the protocol and its reaction to situations not normally foreseen.

QueKey

QueKey is the name of my Bachelor's thesis. The project is a cloud system for IoT Smart Lock devices placed in hotels and B&Bs. Its aim is, on the one hand, to make easy the handling of rooms and builds for the hotel managers and, on the other side, to give to their guests an easy way to lock and unlock rooms. QueKey consts of a main cloud service and of two physical devices: a RaspberryPi 3 (also other little boards are compatible with the system) and a NodeMCU with ESP8266 WiFi module.

FIAR

FIAR (Four-In-A-Row) is an online multiplayer game, with a vaporwave futuristic design inspired. Developed using NodeJS (Express & Socket.IO with rooms handling) and p5.js library (Processing based). FIAR can be played on Desktops, Tablets and Smartphones, thanks to its responsive design. Indeed the canvas containing the game is created in order to fit most of the display sizes.

Get in touch!

Please feel free to contact me for any questions.
Don't forget to follow me on socials! I actively post cybersecurity news and resources.