This is an old revision of the document!

Research Areas

Research at the Security Group at TU/e covers both empirical and theoretical areas of computer security, including network detection and system authentication, physical security and malware engineering and trading, as well as management of health and sensible data and risk evaluation.

Below you can find an updated list of the recent and core contributions in these area of research.

Research output

Research Area	Staff member(s)	Sample of recent output	Full publication list
Network monitoring	Sandro Etalle, Jerry den Hartog	You Can't Protect What You Don't Understand: Characterizing an Operational Gas SCADA Network. Xi Qin, Martin Rosso, Alvaro A. Cárdenas, Sandro Etalle, Jerry den Hartog, Emmanuele Zambon: You Can't Protect What You Don't Understand: Characterizing an Operational Gas SCADA Network. SP (Workshops) 2022: 243-250 Similarity-Based Clustering For IoT Device Classification. Guillaume Dupont, Cristoffer Leite, Daniel Ricardo dos Santos, Elisa Costante, Jerry den Hartog, Sandro Etalle: Similarity-Based Clustering For IoT Device Classification. COINS 2021: 1-7 Challenges in Designing Exploit Mitigations for Deeply Embedded Systems. Ali Abbasi, Jos Wetzels, Thorsten Holz, Sandro Etalle: Challenges in Designing Exploit Mitigations for Deeply Embedded Systems. CoRR abs/2007.02307 (2020) A Matter of Life and Death: Analyzing the Security of Healthcare Networks. Guillaume Dupont, Daniel Ricardo dos Santos, Elisa Costante, Jerry den Hartog, Sandro Etalle: A Matter of Life and Death: Analyzing the Security of Healthcare Networks. SEC 2020: 355-369 Network intrusion detection systems for in-vehicle network - Technical report. Guillaume Dupont, Jerry den Hartog, Sandro Etalle, Alexios Lekidis: Network intrusion detection systems for in-vehicle network - Technical report. CoRR abs/1905.11587 (2019)	S. Etalle J. Hartog
Software security	Wil Michiels	Cloning Object Detectors with Limited Access to In-Distribution Samples. Arne Aarts, Wil Michiels, Peter Roelse: Cloning Object Detectors with Limited Access to In-Distribution Samples. ICCE-Berlin 2023: 62-67 Cloning Object Detectors. Arne Aarts, Wil Michiels, Peter Roelse: Cloning Object Detectors. ICCE-Berlin 2022: 1-6 Leveraging Partial Model Extractions using Uncertainty Quantification. Arne Aarts, Wil Michiels, Peter Roelse: Leveraging Partial Model Extractions using Uncertainty Quantification. CloudNet 2021: 19-25 On the Security Goals of White-Box Cryptography. Estuardo Alpirez Bock, Alessandro Amadori, Chris Brzuska, Wil Michiels: On the Security Goals of White-Box Cryptography. IACR Cryptol. ePrint Arch. 2020: 104 (2020) The Blob: provable incompressibility and traceability in the whitebox model. Boris Skoric, Wil Michiels: The Blob: provable incompressibility and traceability in the whitebox model. CoRR abs/2004.04457 (2020)
Secure data management	Jerry den Hartog, Milan Petkovic, Nicola Zannone	Formal analysis of XACML policies using SMT. Fatih Turkmen, Jerry den Hartog, Silvio Ranise, Nicola Zannone: Formal analysis of XACML policies using SMT. Computers & Security 66: 185-203 (2017) Data Governance and Transparency for Collaborative Systems. Rauf Mahmudlu, Jerry den Hartog, Nicola Zannone: Data Governance and Transparency for Collaborative Systems. DBSec 2016: 199-216 SAFAX - An Extensible Authorization Service for Cloud Environments. Samuel Paul Kaluvuri, Alexandru Ionut Egner, Jerry den Hartog, Nicola Zannone: SAFAX - An Extensible Authorization Service for Cloud Environments. Front. ICT 2015 (2015) On Missing Attributes in Access Control: Non-deterministic and Probabilistic Attribute Retrieval. Jason Crampton, Charles Morisset, Nicola Zannone: On Missing Attributes in Access Control: Non-deterministic and Probabilistic Attribute Retrieval. SACMAT 2015: 99-109 GEM: A distributed goal evaluation algorithm for trust management. Daniel Trivellato, Nicola Zannone, Sandro Etalle: GEM: A distributed goal evaluation algorithm for trust management. TPLP 14(3): 293-337 (2014)	N. Zannone
Deep learning applied to cyber security	Milan Petkovic	Generating High-Resolution 3D Faces and Bodies Using VQ-VAE-2 with PixelSNAIL Networks on 2D Representations. Alessio Gallucci, Dmitry Znamenskiy, Yuxuan Long, Nicola Pezzotti, Milan Petkovic: Generating High-Resolution 3D Faces and Bodies Using VQ-VAE-2 with PixelSNAIL Networks on 2D Representations. Sensors 23(3): 1168 (2023) Smart Selection of Useful Insights from Wearables. Allmin Pradhap Singh Susaiyah, Aki Härmä, Simone Balloccu, Ehud Reiter, Milan Petkovic: Smart Selection of Useful Insights from Wearables. ICASSP Workshops 2023: 1-4 Schema-Driven Actionable Insight Generation and Smart Recommendation. Allmin Pradhap Singh Susaiyah, Aki Härmä, Milan Petkovic: Schema-Driven Actionable Insight Generation and Smart Recommendation. CoRR abs/2307.13176 (2023) Tracking of Nutritional Intake Using Artificial Intelligence. Marko Petkovic, Joyce Maas, Milan Petkovic: Tracking of Nutritional Intake Using Artificial Intelligence. MIE 2023: 1033-1034 Generating High-Resolution 3D Faces Using VQ-VAE-2 with PixelSNAIL Networks. Alessio Gallucci, Dmitry Znamenskiy, Nicola Pezzotti, Milan Petkovic: Generating High-Resolution 3D Faces Using VQ-VAE-2 with PixelSNAIL Networks. ICIAP Workshops 2022: 228-239
Process mining applied to security and privacy	Nicola Zannone	Subgraph Mining for Anomalous Pattern Discovery in Event Logs. Laura Genga, Domenico Potena, Orazio Martino, Mahdi Alizadeh, Claudia Diamantini, Nicola Zannone: Subgraph Mining for Anomalous Pattern Discovery in Event Logs. NFMCP@PKDD/ECML 2016: 181-197 Constructing Probable Explanations of Nonconformity: A Data-Aware and History-Based Approach. Mahdi Alizadeh, Massimiliano de Leoni, Nicola Zannone: Constructing Probable Explanations of Nonconformity: A Data-Aware and History-Based Approach. SSCI 2015: 1358-1365 Privacy Analysis of User Behavior Using Alignments. Arya Adriansyah, Boudewijn F. van Dongen, Nicola Zannone: Privacy Analysis of User Behavior Using Alignments. it - Information Technology 55(6): 255-260 (2013) Controlling Break-the-Glass through Alignment Arya Adriansyah, Boudewijn F. van Dongen, Nicola Zannone: Controlling Break-the-Glass through Alignment. SocialCom 2013: 606-611 Purpose Control: Did You Process the Data for the Intended Purpose? Milan Petkovic, Davide Prandi, Nicola Zannone: Purpose Control: Did You Process the Data for the Intended Purpose? Secure Data Management 2011: 145-168	N. Zannone
Attacker economics and operating environment	Luca Allodi		L. Allodi
Cyber-risk quantification	Luca Allodi	Security Events and Vulnerability Data for Cybersecurity Risk Estimation.Luca Allodi and Fabio Massacci (2017), Risk Analysis, 37: 1606–1627. doi:10.1111/risa.12864 Comparing vulnerability severity and exploits using case-control studies. Luca Allodi, Fabio Massacci.ACM Transactions on Information and System Security (TISSEC). 17, 1, Article 1 (August 2014), 20 pages. The heavy tails of vulnerability exploitation. Luca Allodi. In International Symposium on Engineering Secure Software and Systems (pp. 133-148). Springer, Cham. How CVSS is DOSsing your patching policy (and wasting your money). Luca Allodi, Fabio Massacci. Presentation at BlackHat USA 2013. Quantitative assessment of risk reduction with cybercrime black market monitoring. Luca Allodi, Woohyun Shim, Fabio Massacci. Proceedings of IEEE S&P 2013 International Workshop on Cyber Crime.	L. Allodi
Identification and Authentication	Boris Skoric
Information-theoretic security	Boris Skoric