Publications
.
2014.
Quantitative Penetration Testing with Item Response Theory. Journal of Information Assurance and Security. 9:118–127.
.
2014. Reconciling Malicious and Accidental Risk in Cyber Security. Journal of Internet Services and Information Security. 4:4–26.
.
2014. RISK-DET: ICT Security Awareness Aspect Combining Education and Cognitive Sciences. Ninth International Multi-Conference on Computing in the Global Information Technology, ICCGI 2014, Seville, Spain.
.
2014. The Social Engineering Personality Framework. 4th Workshop on Socio-Technical Aspects in Security and Trust (STAST), Vienna, Austria. :24–30.
.
2014. Stochastic Model Checking: Rigorous Dependability Analysis Using Model Checking Techniques for Stochastic Systems. Lecture Notes in Computer Science. 8453
.
2014. Time-dependent analysis of attacks. Proceedings of the Third International Conference on Principles and Security of Trust, POST 2014, Grenoble, France. 8414:285–305.
.
2014. Towards Rigorously Faking Bidirectional Model Transformations. Proceedings of the Workshop on Analysis of Model Transformations, AMT 2014, Valencia, Spain. 1277:70–75.
.
2014. TREsPASS: Plug-and-Play Attacker Profiles for Security Risk Analysis (Poster). 35th IEEE Symposium on Security and Privacy, San Jose, California.
.
2014. A tutorial on interactive Markov chains. Stochastic Model Checking. Rigorous Dependability Analysis Using Model Checking Techniques for Stochastic Systems, Vahrn, Italy. 8453:26–66.
.
2014. ADTool: Security Analysis with Attack-Defense Trees. 10th International Conference on Quantitative Evaluation of Systems (QEST), Buenos Aires, Argentina. 8054:173–176.
.
2013. An application to estimate the cyber-risk detection skill of mobile device users (IDEA). Sixth International Conference on Advances in Human oriented and Personalized Mechanisms, Technologies, and Services (CENTRIC), Venice, Italy. :Article7.
.
2013. Applying the Lost-Letter Technique to Assess IT Risk Behaviour. Proceedings of the 3rd Workshop on Socio-Technical Aspects in Security and Trust, New Orleans, USA. :2–9.
.
2013. Attack navigator vindt en verhelpt zwakke plekken. Bits en chips. 4
.
2013. .
2013. Confluence Reduction for Markov Automata. Proceedings of the 11th International Conference on Formal Modeling and Analysis of Timed Systems (FORMATS), Buenos Aires, Argentina. 8053:243–257.
.
2013. .
2013. .
2013. Deciding Bisimilarities on Distributions. 10th International Conference on Quantitative Evaluation of Systems (QEST), Buenos Aires, Argentina. 8054:72–88.
.
2013. Defining the cloud battlefield - supporting security assessments by cloud customers. International Conference on Cloud Engineering (IC2E 2013), Redwood City, CA. :78–87.
.
2013. Defining "The Weakest Link" Comparative Security in Complex Systems of Systems. 2013 IEEE 5th International Conference on Cloud Computing Technology and Science, CloudCom, Bristol, United Kingdom. :39–44.
.
2013. DFTCalc: a tool for efficient fault tree analysis. Proceedings of the 32nd International Conference on Computer Safety, Reliability, and Security (SAFECOMP), Toulouse, France. 8153:293–301.
.
2013. .
2013. Externalizing Behaviour for Analysing System Models. Journal of Internet Services and Information Security. 3:52–62.
.
2013. Invalidating policies using structural information. IEEE Security and Privacy Workshops (SPW 2013), San Francisco, CA. :76–81.
.
2013.