Skip to content
View UmbertoDellaMonica's full-sized avatar
45 followers · 121 following

Achievements

Achievement: Pull Sharkx3Achievement: YOLOAchievement: Quickdraw

Achievements

Achievement: Pull Sharkx3Achievement: YOLOAchievement: Quickdraw

Highlights

  • Pro

Organizations

@DefNet-Enterprise-Mobile-Application

Block or report UmbertoDellaMonica

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
UmbertoDellaMonica/README.md

Umberto Della Monica

Embedded Security Researcher · Side-Channel Analysis · Hardware Security · Deep Learning

📍 Cava de' Tirreni, Italy · 🎓 M.Sc. Cybersecurity @ Università di Salerno 🔬 M.Sc. Thesis @ STMicroelectronics — Explainable Deep Learning for Side-Channel Leakage Analysis

Website LinkedIn ORCID Google Scholar

🔬 Research Interests

My work focuses on the intersection of hardware security, side-channel analysis, and machine learning. I am particularly interested in:

  • Profiled side-channel attacks using deep neural networks
  • Explainability methods for ML-based SCA (perceived information, layer-wise relevance)
  • Threat modeling and risk assessment of embedded automotive systems
  • Firmware reverse engineering and hardware penetration testing

📚 Selected Publications

  • U. Della Monica, K. Munjal, M. P. Tamas, B. Boi, C. Esposito, R. Khondoker. "Threat Analysis and Risk Assessment (TARA) Analysis of an Autonomous Emergency Braking (AEB) System". Applied Sciences, MDPI, 2025. [DOI]

  • Upcoming paper on Large Language Models applied to VHDL hardware design (ACM proceedings, in press).

💼 Current Work

🔬 STMicroelectronicsCybersecurity Engineering Intern (2026, ongoing) M.Sc. Thesis on Explainable Deep Learning for Side-Channel Leakage Analysis. Profiled SCA attacks on AES implementations using CNN architectures, with layer-wise interpretability methods.

🔧 STMicroelectronicsCybersecurity Engineering Intern (2024) Development of automotive penetration testing methodology aligned with ISO/SAE 21434.

🛠️ Technical Focus

Hardware Security

Side-Channel Analysis (DPA, CPA, profiled) · Fault Injection · JTAG/SWD/SPI/UART/I2C · Firmware Extraction · Secure Boot Analysis

Reverse Engineering

Ghidra · radare2 · binwalk · OpenOCD · JTAGulator · Attify Badge

ML for Security

PyTorch · TensorFlow/Keras · scikit-learn · CNN/MLP architectures · Explainability methods

Programming

Python · C · C++ · Assembly (ARM) · Bash

Embedded

STM32 · Cortex-M · ESP32 · Bare-metal C · Linux toolchains

🎯 Featured Projects

📌 Pinned repositories below showcase my work in hardware security, embedded systems, and applied research. Highlights include:

  • Linksys WRT54GL Firmware Extraction & Exploitation — Full JTAG firmware dump and reverse shell injection on consumer router. [Write-up →]
  • S.I.D.E. — Modular intrusion detection engine for ICS/SCADA networks (Modbus, OPC-UA, SNAP7). [Repo →]
  • m0rph CTF — Reverse engineering challenge solved as part of CyberChallenge.IT 2025.

📫 Contact

📧 [email protected] 🌐 umbertodellamonica.github.io

Pinned Loading

  1. Linksys-WRT54GL-Exploitation Linksys-WRT54GL-Exploitation Public

    From Solder to Shell: Full Hardware Exploitation of the Linksys WRT54GL Router (CVE-2022-43973)

    Classic ASP 1 1

  2. DefNet-Enterprise-Mobile-Application/Defnet-IDS-IPS DefNet-Enterprise-Mobile-Application/Defnet-IDS-IPS Public

    Simple service for OpenWRT as IDS and IPS

    Python 1 1

  3. m0rph-CTF-CyberChallenge.IT m0rph-CTF-CyberChallenge.IT Public

    As part of the "Secure Programming" academic course, I collaborated with a team of three to analyze and solve "m0rph," a Reverse Engineering CTF challenge from CyberChallenge.IT. The objective was …

    1

  4. S.I.D.E. S.I.D.E. Public

    S.I.D.E. (SCADA Intrusion Detection Engine) is an advanced IDS designed for industrial control systems. It identifies and monitors SCADA devices, detects network anomalies, and provides real-time a…

    TypeScript 1

  5. umbertodellamonica.github.io umbertodellamonica.github.io Public

    Personal Portfolio website. Showcasing my projects, skills, and professional experience. Fully responsive and modern design, serving as a digital showcase of my work, code examples, and achievement…

    TypeScript