Domenic Lo Iacono - Cybersecurity & Projects

Domenic Lo Iacono: Cybersecurity Student & Engineer

Employment Experience

Malware Benchmark Dataset Research

Research Assistant (May 2024 - August 2024)

Designed and established a benchmark dataset of malware samples for the malware research community.
Developed a Flask-based web interface and integrated PostgreSQL for secure data storage and Docker for feature extraction in isolated environments. Learn more.

Little Caesars, 2125 Woodward Ave, Detroit, MI 48201

Cybersecurity Intern (May 2022 - December 2023)

Worked with the cybersecurity architecture and engineering team on threat modeling, security solutions, and building configurations for tooling, and automating security tasks.
Managed application security domain tasks including creating guidelines and standards, and deploying tools like Snyk and other DAST and SAST tools.

Notable Projects

Web Application Fuzzer with GUI (QT6 Framework)

Developed a fuzzer tool for web applications with a user-friendly graphical interface, designed to identify vulnerabilities through automated testing. Learn more.

Metadata Analyzer (Python)

Created a metadata analyzer to assist in generating detailed metadata reports. Learn more.

ChatCSEC - Undergraduate Capstone Project

Developed ChatCSEC, an LLM-based chatbot for computing security education, as part of a group project. Collaborated with a team to design, develop, and deploy the chatbot. Learn more.

Vulnerabilities in Tap-To-Pay Systems

Participated in a research project analyzing vulnerabilities in Tap-To-Pay systems. Documented potential security flaws and contributed to a comprehensive research paper. Read the full report here to learn more.

Cuckoo Watchtower

Created Cuckoo Watchtower to assist with malware forensics by integrating GPT-4 to analyze Cuckoo Sandbox JSON reports. Enhanced malware analysis with interactive, chatbot-style insights within a Google Colab environment. Learn more.

AudioCovert

Developed AudioCovert, a tool to embed and decode hidden messages in audio files. Encoded messages into WAV files, manipulating high-frequency signals to make them imperceptible to the human ear. Messages were decoded by generating and inspecting the audio file's spectrogram. Learn more.

Malware Benchmark Dataset

Created a streamlined workflow for malware sample uploading, feature extraction, and data management using Flask, PostgreSQL, and Docker. The project addresses the lack of standardized malware datasets in cybersecurity research. Learn more.

Attacking Ethereum Lottery Game "1000 Guess"

Explored the vulnerabilities of Ethereum-based lottery dApps by implementing a game, exploiting its weaknesses, and creating a secure version using Chainlink's VRF for randomness. Read the full report here.

Mock OSINT Report on Experian

Conducted a detailed OSINT investigation on Experian, identifying potential security and privacy risks from publicly available information. Read the full Experian OSINT Report to learn more.

About Me

I am a Computing Security major at RIT, focusing on red teaming, penetration testing, and developing tools for cybersecurity.