An Italian Security Researcher 🇮🇹 focusing on System Security.
Currently working as a Ph.D. student at CISPA Helmholtz Center for Information Security in Germany 🇩🇪.
Biography
Matteo Leonelli is a Ph.D. fellow at the CISPA Helmholtz Center for Information Security, supervised by Prof. Dr. Thorsten Holz.
Prior to this, he earned an M.Eng. in Security from Saarland University (2024) and a B.Sc. in Computer Science from the University of Trento (2021).
His research focuses on fuzzing, automated testing, and vulnerability discovery, with a particular emphasis on novel approaches for detecting unusual behaviors and bug classes.
Publications
2025
SBFT Tool Competition 2025 – Fuzzing Track
Addison Crump, Matteo Leonelli, Sahil Sihag
Workshop on Search-Based and Fuzz Testing (SBFT)
[pdf]
TwinFuzz: Differential Testing of Video Hardware Acceleration Stacks
Matteo Leonelli, Addison Crump, Meng Wang, Florian Bauckholt, Keno Hassler, Ali Abbasi, Thorsten Holz
Network and Distributed System Security Symposium (NDSS)
[pdf], [code]
2021
Secure Pull Printing with QR Codes and National eID Cards: A Software-oriented Design and an Open-source Implementation
Matteo Leonelli, Umberto Morelli, Giada Sciarretta, Silvio Ranise
ACM Conference on Data and Application Security and Privacy (CODASPY)
[pdf], [code]
2020
Pull Printing with National eID Cards: An Open-source and Software-oriented Implementation
Matteo Leonelli, Umberto Morelli, Silvio Ranise, Giada Sciarretta
Italian Conference on Cybersecurity (ITASEC)
Work Experience
Amazon – Applied Scientist Intern, AWS
Research and develop automated fuzz testing methods to evaluate and ensure data integrity in Amazon S3.
Ph.D. Candidate – CISPA Helmholtz Center for Information Security
Research functional and security-focused automated fuzz testing for complex system security.
Fondazione Bruno Kessler
Research secure protocol communication and contribute to application development.
Matrix Tech
Develop a web service to manage gate access and presence tracking on embedded system devices.
OGP
Develop customer-facing websites and integrate new features.
About Me
Experienced in Computer Science and Cybersecurity with over 7 years of hands-on work.
Passionate about software and hardware security, continuously staying updated with academic and industry trends to explore innovative solutions.
2024 – Present: Ph.D. in Cybersecurity (CISPA 🇩🇪)
2021 – 2024: Master’s degree in Cybersecurity (Saarland University 🇩🇪)
2018 – 2021: Bachelor’s degree in Computer Science (University of Trento 🇮🇹)
2014 – 2018: High School diploma in Computer Science (Marconi Rovereto 🇮🇹)
Achievements and CVEs
- Intel CVE-2024-23919: Improper buffer restrictions in Intel® Graphics software
– Intel Acknowledgements - FFmpeg: Global buffer overflow
- FFmpeg: Attempting free on address which was not malloc’ed
- WordPress: Unauthenticated Arbitrary Options Update
- WordPress: Missing Authorization for Unauthenticated Arbitrary Post Deletion
Events
Intel Workshop: Scalable Assurance 2024
SBFT 2025
EPFL Summer School in System Security 2024
CISPA Summer School in System Security 2023
CISPA Summer School in Trustworthy Artificial Intelligence 2022
University of Trento School of Innovation 2021