Claudio Migliorelli

Welcome to my website. My name is Claudio. I'm a Predoctoral Researcher at IBM Research Zürich and a PhD Student at EPFL, in Switzerland. I am supervised by Mathias Payer and co-supervised by Anil Kurmus. I have a Master's Degree in Computer Engineering from Politecnico di Milano and a Bachelor's Degree in Computer Science and Engineering from University of Rome "Tor Vergata".

My work is focused on the broad area of kernel security and hardening. In the past, I worked on kernel-level rootkits, specifically on those not modifying kernel-level data structures (e.g., using hardware facilities). I work with the Linux kernel on a daily basis, and I've been doing so for the last 4/5 years. It started as a hobby, and then became my job.

I use Emacs and I’m a strong supporter of open-source software. I run Linux and I developed some patches for the kernel that have been accepted and merged into the Linux kernel’s source tree (see kernel contributions).

Publications

Cross-Cache Attacks for the Linux Kernel via PCP Massaging (to appear).
Claudio Migliorelli, Andrea Mambretti, Alessandro Sorniotti, Vittorio Zaccaria, Anil Kurmus.
Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, USA, February 2026.

Invited talks and presentations

Advanced Operating Systems Master's course - Politecnico di Milano, Milan, Italy

Exploiting and Mitigating Memory Corruption in the Linux kernel

December 2025.
Cyber Resilience Network for the Canton of Zurich (CYREN): Cybersecurity Summer School - IBM Research, Zürich, Switzerland

Memory Massaging techniques in the Linux kernel

July 2025.

Research interests

My research focuses on strengthening the security of the Linux kernel. More broadly, I work across three tightly connected areas:

Kernel‑Level Heap Feng Shui — exploring ways to interact with the kernel through legitimate interfaces (such as system calls) while subtly influencing its memory layout. The goal is to craft predictable conditions that make exploitation techniques more stable and reliable.
Automated Exploit Generation (AEG) — distinguishing truly dangerous kernel vulnerabilities from the large volume of issues uncovered daily by modern fuzzers like syzkaller. By automatically analyzing what capabilities a bug grants an attacker and whether exploitable kernel objects are within reach, AEG helps identify which flaws are likely exploitable, allowing security teams to prioritize timely fixes.
Operating System Hardening and Compartmentalization — reducing the practicality of exploitation altogether rather than attempting to patch every single bug. This involves reinforcing critical kernel components and introducing isolation mechanisms that limit the impact of successful attacks. It’s a wide-ranging field that unites many techniques, each contributing to increasing the cost and complexity of exploiting kernel vulnerabilities.

I supervise (and have supervised) students working on both Master’s theses and practical projects. Since 2023, I have served as a project assistant for the Advanced Operating Systems Master's course at Politecnico di Milano, a role I continue to hold. Over the years, I have proposed numerous kernel security related projects and guided students through their development. Below is a quick overview of some of such projects:

Hijacking system calls via direct table modification.
UAF-OOB pivoting attack in the SLUB allocator.
Page-level UAF using struct pipe_buffer (and struct page pointer corruption).
Cross-cache attacks via page reclamation.

Contact

If you'd like to get in touch, email is the best way to reach me. You can also find me on a few other platforms.

E-mail: claudio.migliorelli@epfl.ch
GitHub: https://github.com/migliio
Mastodon: https://infosec.exchange/@migliio
Twitter: https://twitter.com/migliio