User Tools

Site Tools


researchareas

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
researchareas [2017/10/24 15:14]
lallodi [Research output]
researchareas [2021/03/05 16:13] (current)
Line 8: Line 8:
 ===== Research output ===== ===== Research output =====
  
-^ Research Area ^ Staff member(s) ^ Sample of output ^ Full publication list +^ Research Area ^ Staff member(s) ^ Sample of output ^ 
-| Network monitoring | Sandro Etalle, Jerry den Hartog | {{rss>feed://dblp.uni-trier.de/pers/xs/e/Etalle:Sandro.rss 5 description}}| [[http://www.win.tue.nl/~setalle/|SEtalle]] [[http://www.win.tue.nl/~jhartog/| J. Hartog]] | +| Network monitoring | [[http://www.win.tue.nl/~setalle/|S. Etalle]] [[http://www.win.tue.nl/~jhartog/J. Hartog]] | <WRAP> 
-| Software security | Wil Michiels |{{rss>feed://dblp.uni-trier.de/pers/xs/m/Michiels:Wil.rss 5 description}}+  * [[ http://www.win.tue.nl/~setalle/2017_etalle_esorics_supervisable.pdf From Intrusion Detection to Software Design. ]] Sandro Etalle. ESORICS - European Symposium on Research in Computer Security 2017 (keynote talk). [[ http://www.win.tue.nl/~setalle/201709_etalle_esorics_slides.pdf (slides) ]] 
-| Secure data management | Jerry den Hartog, Milan Petkovic, [[http://security1.win.tue.nl/~zannone/|Nicola Zannone]] | <WRAP>+  * [[http://www.sciencedirect.com/science/article/pii/S2214212616302629 | A white-box anomaly-based framework for database leakage detection.]] Elisa Costante, Jerry den Hartog, Milan Petkovic, Sandro Etalle, Mykola Pechenizkiya. Journal of Information Security and Applications 32: 27-46 (2017) 
 +  * [[http://www.win.tue.nl/~setalle/2017_fauri_encryption.pdf | Encryption in ICS Networksa Blessing or a Curse?]] Davide Fauri, Bart de Wijs, Jerry den Hartog, Elisa Costante, Emmanuele Zambon, Sandro EtalleIn Proceedings of IEEE SmartGridComm 2017. 
 +</WRAP> |   
 +| Software security | Wil Michiels | 
 +| Secure data management | Jerry den Hartog, Milan Petkovic, [[http://zannone.win.tue.nl/|Nicola Zannone]] | <WRAP>
   * [[http://www.sciencedirect.com/science/article/pii/S0167404817300135|Formal analysis of XACML policies using SMT.]] Fatih Turkmen, Jerry den Hartog, Silvio Ranise, Nicola Zannone: Formal analysis of XACML policies using SMT. Computers & Security 66: 185-203 (2017)    * [[http://www.sciencedirect.com/science/article/pii/S0167404817300135|Formal analysis of XACML policies using SMT.]] Fatih Turkmen, Jerry den Hartog, Silvio Ranise, Nicola Zannone: Formal analysis of XACML policies using SMT. Computers & Security 66: 185-203 (2017) 
   *  [[https://doi.org/10.1007/978-3-319-41483-6_15|Data Governance and Transparency for Collaborative Systems.]] Rauf Mahmudlu, Jerry den Hartog, Nicola Zannone: Data Governance and Transparency for Collaborative Systems. DBSec 2016: 199-216   *  [[https://doi.org/10.1007/978-3-319-41483-6_15|Data Governance and Transparency for Collaborative Systems.]] Rauf Mahmudlu, Jerry den Hartog, Nicola Zannone: Data Governance and Transparency for Collaborative Systems. DBSec 2016: 199-216
Line 17: Line 21:
   *  [[https://doi.org/10.1145/2752952.2752970|On Missing Attributes in Access Control: Non-deterministic and Probabilistic Attribute Retrieval.]] Jason Crampton, Charles Morisset, Nicola Zannone: On Missing Attributes in Access Control: Non-deterministic and Probabilistic Attribute Retrieval. SACMAT 2015: 99-109   *  [[https://doi.org/10.1145/2752952.2752970|On Missing Attributes in Access Control: Non-deterministic and Probabilistic Attribute Retrieval.]] Jason Crampton, Charles Morisset, Nicola Zannone: On Missing Attributes in Access Control: Non-deterministic and Probabilistic Attribute Retrieval. SACMAT 2015: 99-109
   *  [[https://doi.org/10.1017/S1471068412000397|GEM: A distributed goal evaluation algorithm for trust management.]] Daniel Trivellato, Nicola Zannone, Sandro Etalle: GEM: A distributed goal evaluation algorithm for trust management. TPLP 14(3): 293-337 (2014)   *  [[https://doi.org/10.1017/S1471068412000397|GEM: A distributed goal evaluation algorithm for trust management.]] Daniel Trivellato, Nicola Zannone, Sandro Etalle: GEM: A distributed goal evaluation algorithm for trust management. TPLP 14(3): 293-337 (2014)
- </WRAP> | [[http://security1.win.tue.nl/~zannone/publications.html|N. Zannone]] + </WRAP> |  
-| Deep learning applied to cyber security | Milan Petkovic  |{{rss>feed://dblp.uni-trier.de/pers/xs/p/Petkovic:Milan.rss 5 description}}  | +| Deep learning applied to cyber security | Milan Petkovic  |  | 
-| [[processmining|Process mining applied to security and privacy]] | [[http://security1.win.tue.nl/~zannone/|Nicola Zannone]] | <WRAP>+| [[processmining|Process mining applied to security and privacy]] | [[http://zannone.win.tue.nl/|Nicola Zannone]] | <WRAP>
   * [[https://doi.org/10.1007/978-3-319-61461-8_12|Subgraph Mining for Anomalous Pattern Discovery in Event Logs.]] Laura Genga, Domenico Potena, Orazio Martino, Mahdi Alizadeh, Claudia Diamantini, Nicola Zannone: Subgraph Mining for Anomalous Pattern Discovery in Event Logs. NFMCP@PKDD/ECML 2016: 181-197    * [[https://doi.org/10.1007/978-3-319-61461-8_12|Subgraph Mining for Anomalous Pattern Discovery in Event Logs.]] Laura Genga, Domenico Potena, Orazio Martino, Mahdi Alizadeh, Claudia Diamantini, Nicola Zannone: Subgraph Mining for Anomalous Pattern Discovery in Event Logs. NFMCP@PKDD/ECML 2016: 181-197 
   *  [[https://doi.org/10.1109/SSCI.2015.194|Constructing Probable Explanations of Nonconformity: A Data-Aware and History-Based Approach.]] Mahdi Alizadeh, Massimiliano de Leoni, Nicola Zannone: Constructing Probable Explanations of Nonconformity: A Data-Aware and History-Based Approach. SSCI 2015: 1358-1365    *  [[https://doi.org/10.1109/SSCI.2015.194|Constructing Probable Explanations of Nonconformity: A Data-Aware and History-Based Approach.]] Mahdi Alizadeh, Massimiliano de Leoni, Nicola Zannone: Constructing Probable Explanations of Nonconformity: A Data-Aware and History-Based Approach. SSCI 2015: 1358-1365 
Line 25: Line 29:
   *  [[https://doi.org/10.1109/SocialCom.2013.91|Controlling Break-the-Glass through Alignment]] Arya Adriansyah, Boudewijn F. van Dongen, Nicola Zannone: Controlling Break-the-Glass through Alignment. SocialCom 2013: 606-611    *  [[https://doi.org/10.1109/SocialCom.2013.91|Controlling Break-the-Glass through Alignment]] Arya Adriansyah, Boudewijn F. van Dongen, Nicola Zannone: Controlling Break-the-Glass through Alignment. SocialCom 2013: 606-611 
   *  [[https://doi.org/10.1007/978-3-642-23556-6_10|Purpose Control: Did You Process the Data for the Intended Purpose?]] Milan Petkovic, Davide Prandi, Nicola Zannone: Purpose Control: Did You Process the Data for the Intended Purpose? Secure Data Management 2011: 145-168   *  [[https://doi.org/10.1007/978-3-642-23556-6_10|Purpose Control: Did You Process the Data for the Intended Purpose?]] Milan Petkovic, Davide Prandi, Nicola Zannone: Purpose Control: Did You Process the Data for the Intended Purpose? Secure Data Management 2011: 145-168
-</WRAP> | [[http://security1.win.tue.nl/~zannone/publications.html|N. Zannone]] +</WRAP> |  
-| [[attackereconomics|Attacker economics and operating environment]] | [[http://www.win.tue.nl/~lallodi/|L. Allodi]] | <WRAP> +| [[attackereconomics|Attacker economics and operating environment]] | [[https://lallodi.github.io|L. Allodi]] | <WRAP> 
-  * [[http://www.win.tue.nl/~lallodi/allodi-tetcs-15.pdf| Then and Now: On The Maturity of the Cybercrime Markets. The lesson black-hat marketeers learned.]] Luca Allodi, Marco Corradin, Fabio Massacci. IEEE Transactions on Emerging Topics in Computing, 4(1):35–46, Jan 2016. Impact factor: 4.12 (2016 Scopus CiteScore).  +  * [[https://arxiv.org/abs/1708.04866| Economic Factors of Vulnerability Trade and Exploitation: empirical evidence from a prominent Russian cybercrime market.]] Luca Allodi. ACM Conference on Computer and Communications Security (CCS) 2017. 
-  * [[https://arxiv.org/abs/1708.04866| Economic Factors of Vulnerability Trade and Exploitation: empirical evidence from a prominent Russian cybercrime market.]] Luca Allodi. ACM CCS 2017+  * [[http://www.win.tue.nl/~lallodi/allodi-tetcs-15.pdf| Then and Now: On The Maturity of the Cybercrime Markets. The lesson black-hat marketeers learned.]] Luca Allodi, Marco Corradin, Fabio Massacci. IEEE Transactions on Emerging Topics in Computing, 4(1):35–46, Jan 2016.
   * [[https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2862299|The Work-Averse Cyber Attacker Model. Evidence from two million attack signatures.]] Luca Allodi, Fabio Massacci, Julian Williams.  Published in WEIS 2017.   * [[https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2862299|The Work-Averse Cyber Attacker Model. Evidence from two million attack signatures.]] Luca Allodi, Fabio Massacci, Julian Williams.  Published in WEIS 2017.
   * [[http://www.win.tue.nl/~lallodi/allodi-essos-15.pdf|The Heavy Tails of Vulnerability Exploitation]] Luca Allodi. In the Proceedings of ESSoS 2015.    * [[http://www.win.tue.nl/~lallodi/allodi-essos-15.pdf|The Heavy Tails of Vulnerability Exploitation]] Luca Allodi. In the Proceedings of ESSoS 2015. 
   * [[http://www.win.tue.nl/~lallodi/cset-13.pdf| MalwareLab: Experimentation with Cybercrime Attack Tools.]] Luca Allodi, Vadim Kotov, Fabio Massacci. In Proceedings of Usenix CSET 2013.    * [[http://www.win.tue.nl/~lallodi/cset-13.pdf| MalwareLab: Experimentation with Cybercrime Attack Tools.]] Luca Allodi, Vadim Kotov, Fabio Massacci. In Proceedings of Usenix CSET 2013. 
- </WRAP> | [[attackereconomics|Research page]]|+ </WRAP>
 | [[riskanalysis|Cyber-risk quantification]] | [[http://www.win.tue.nl/~lallodi/|L. Allodi]] | <WRAP> | [[riskanalysis|Cyber-risk quantification]] | [[http://www.win.tue.nl/~lallodi/|L. Allodi]] | <WRAP>
-  * [[http://www.win.tue.nl/~lallodi/allodi-risa-17.pdf|Security Events and Vulnerability Data for Cybersecurity Risk Estimation.]]Luca Allodi and Fabio Massacci (2017), Risk Analysis, 37: 1606–1627. doi:10.1111/risa.12864 +  * [[http://www.win.tue.nl/~lallodi/allodi-risa-17.pdf|Security Events and Vulnerability Data for Cybersecurity Risk Estimation.]] Luca Allodi and Fabio Massacci (2017), Risk Analysis, 37: 1606–1627. doi:10.1111/risa.12864 
   * [[http://www.win.tue.nl/~lallodi/allodi-tissec-14.pdf|Comparing vulnerability severity and exploits using case-control studies.]] Luca Allodi, Fabio Massacci.ACM Transactions on Information and System Security (TISSEC). 17, 1, Article 1 (August 2014), 20 pages.   * [[http://www.win.tue.nl/~lallodi/allodi-tissec-14.pdf|Comparing vulnerability severity and exploits using case-control studies.]] Luca Allodi, Fabio Massacci.ACM Transactions on Information and System Security (TISSEC). 17, 1, Article 1 (August 2014), 20 pages.
   * [[http://www.win.tue.nl/~lallodi/allodi-essos-15.pdf|The heavy tails of vulnerability exploitation.]] Luca Allodi. In International Symposium on Engineering Secure Software and Systems (pp. 133-148). Springer, Cham.     * [[http://www.win.tue.nl/~lallodi/allodi-essos-15.pdf|The heavy tails of vulnerability exploitation.]] Luca Allodi. In International Symposium on Engineering Secure Software and Systems (pp. 133-148). Springer, Cham.  
   * [[http://www.win.tue.nl/~lallodi/allodi-massacci-BHUSA13-handout.pdf| How CVSS is DOSsing your patching policy (and wasting your money).]] Luca Allodi, Fabio Massacci. Presentation at BlackHat USA 2013.    * [[http://www.win.tue.nl/~lallodi/allodi-massacci-BHUSA13-handout.pdf| How CVSS is DOSsing your patching policy (and wasting your money).]] Luca Allodi, Fabio Massacci. Presentation at BlackHat USA 2013. 
   * [[http://www.win.tue.nl/~lallodi/allodi-13-iwcc.pdf| Quantitative assessment of risk reduction with cybercrime black market monitoring.]] Luca Allodi, Woohyun Shim, Fabio Massacci. Proceedings of IEEE S&P 2013 International Workshop on Cyber Crime.    * [[http://www.win.tue.nl/~lallodi/allodi-13-iwcc.pdf| Quantitative assessment of risk reduction with cybercrime black market monitoring.]] Luca Allodi, Woohyun Shim, Fabio Massacci. Proceedings of IEEE S&P 2013 International Workshop on Cyber Crime. 
-</WRAP>| [[riskanalysis|Research page]]+</WRAP>|  
-| Identification and Authentication | Boris Skoric |  +| Identification and Authentication | Boris Skoric |  
-| Information-theoretic security | Boris Skoric |+| Information-theoretic security | Boris Skoric | 
researchareas.1508850863.txt.gz · Last modified: 2021/01/10 20:59 (external edit)