Transforming Graphical System Models To Graphical Attack Models. The Second International Workshop on Graphical Models for Security (GraMSec 2015), Verona, Italy. :1–15.. 2015.
Using Value Models for Business Risk Analysis in e-Service Networks. 8th IFIP WG 8.1. Working Conference, PoEM 2015, Valencia, Spain. 235:239–253.. 2015.
Achieving a Consensual Definition of Phishing Based on a Systematic Review of the Literature. Crime Science. 3:9:1-9:16.. 2014.
Argumentation-Based Security Requirements Elicitation: The Next Round. Proceedings of the 2014 IEEE 1st International Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE), Karlskrona, Sweden. :7–12.. 2014.
Attacker profiling in quantitative security assessment based on attack trees. 19th Nordic Conference on Secure IT (NordSec), Troms?, Norway. 8788. 2014.
Cloud Radar: Near Real-Time Detection of Security Failures in Dynamic Virtualized Infrastructures. Annual Computer Security Applications Conference (ACSAC), New Orleans, Louisiana.. 2014.
Combining Generated Data Models with Formal Invalidation for Insider Threat Analysis. IEEE Security and Privacy Workshops (SPW), San Jose, California. :229–235.. 2014.
Context-sensitive Information security Risk identification and evaluation techniques. 22nd IEEE International Requirements Engineering Conference (RE14), Karlskrona, Sweden. :485–488.. 2014.
Cost-effectiveness of Security Measures: A model-based Framework. Approaches and Processes for Managing the Economics of Information Systems. :139–156.. 2014.
Cyber Security as Social Experiment. NSPW '14 Proceedings of the 2014 workshop on New Security Paradigms, NSPW 2014, Victoria, BC, Canada. :15–24.. 2014.
DAG-Based Attack and Defense Modeling: Don't Miss the Forest for the Attack Trees. Computer Science Review. 13-14:1–38.. 2014.
Effectiveness of qualitative and quantitative security obligations. Journal of Information Security and Applications. to appear:1–14.. 2014.
Experiences with formal engineering: model-based specification, implementation and testing of a software bus at Neopost. Science of computer programming. 80:188–209.. 2014.
Experimenting with Incentives: Security in Pilots for Future Grids. IEEE Security & Privacy. 12:59–66.. 2014.
Incremental Bisimulation Abstraction Refinement. ACM Transactions on Embedded Computing Systems (TECS). 13:ArtcleNo.142.. 2014.
Invalidating policies using structural information. Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA). 5:59–79.. 2014.
Limiting Adversarial Budget in Quantitative Security Assessment. 5th International Conference on Decision and Game Theory for Security (GameSec), Los Angeles, CA, USA. 8840:155–174.. 2014.
Logical Lego? Co-constructed perspectives on service design Proceedings of NordDesign 2014, Melbourne, Australia. :416–425.. 2014.
Meer vrouwen in de ict, waarom eigenlijk? Bits en chips. 9:20–21.. 2014.
Model-based Abstraction of Data Provenance. 6th USENIX Workshop on the Theory and Practice of Provenance, Cologne, Germany. :Article3.. 2014.
Modeling Human Behaviour with Higher Order Logic: Insider Threats. 4th Workshop on Socio-Technical Aspects in Security and Trust (STAST), Vienna, Austria. :31–39.. 2014.
Modelling and analysis of Markov reward automata. Proceedings of the 12th International Symposium on Automated Technology for Verification and Analysis, ATVA 2014, Sydney, NSW, Australia. 8837:168–184.. 2014.
A Probabilistic Framework for Security Scenarios with Dependent Actions. 11th International Conference on Integrated Formal Methods, IFM 2014, Bertinoro, Italy. 8739:256–271.. 2014.