Matteo Golinelli

CyberSecurity PhD Student

University of Trento

My research interests include web security, with special focus on web caches.

Download CV

Interests

Web security, caches and proxies
Cloud security
CTF

Education

PhD in CyberSecurity, 2021-
University of Trento
Master in CyberSecurity, 2021
University of Trento
BsC in Computer Science, 2019
University of Trento

News

November, 2025: We arrived 3rd place in the WP CTF 2025, a Capture The Flag competition in Bolzano, Italy, organized by Würth IT.

April, 2025: Our paper Koney: A Cyber Deception Orchestration Framework for Kubernetes has been accepted at ADnD 2025, co-located with EuroS&P 2025. We will present our work on Koney, a Kubernetes operator for automated cyber-deception in cloud-native environments. The source code is available on GitHub.

January, 2025: We have been accepted for a poster session at KubeCon, between April 1-4 in London. We will present Koney, our new Kubernetes operator for automated cyber-deception in cloud-native environments.

Recent Publications

Mario Kahlhofer, Matteo Golinelli, Stefan Rass (2025). Koney: A Cyber Deception Orchestration Framework for Kubernetes. ADnD 2025.

PDF Cite Code Poster DOI

Matteo Golinelli, Bruno Crispo (2024). Hidden Web Caches Discovery. RAID 2024.

PDF Cite Code Slides DOI

Tommaso Innocenti, Matteo Golinelli, Kaan Onarlioglu, Ali Mirheidari, Bruno Crispo, Engin Kirda (2023). OAuth 2.0 Redirect URI Validation Falls Short Literally. ACSAC 2023.

PDF Cite Code Slides DOI

Matteo Golinelli, Francesco Bonomi, Bruno Crispo (2023). The Nonce-nce of Web Security: An Investigation of CSP Nonces Reuse. WASP @ ESORICS 2023.

Cite Code Slides arXiv On Springer (paid access)

Matteo Golinelli, Elham Arshad, Dmytro Kashchuk, Bruno Crispo (2023). Mind the CORS. IEEE TPS 2023.

PDF Cite Code IEEE Xplore

See all publications