Publications
Achieving a Consensual Definition of Phishing Based on a Systematic Review of the Literature. Crime Science. 3:9:1-9:16.
.
2014. ADTool: Security Analysis with Attack-Defense Trees. 10th International Conference on Quantitative Evaluation of Systems (QEST), Buenos Aires, Argentina. 8054:173–176.
.
2013. Adversarial risks in social experiments with new technologies. Experimentation beyond the laboratory: new perspectives on technology.
.
2017. Analysing the Efficacy of Security Policies in Cyber-Physical Socio-Technical Systems. 12th International Workshop on Security and Trust Management, STM 2016, Heraklion, Crete, Greece. 9871:170–178.
.
2016. Apate: Anti-Phishing Analysing and Triaging Environment (Poster). 36th IEEE Symposium on Security and Privacy, San Jose, CA, USA.
.
2015. An application to estimate the cyber-risk detection skill of mobile device users (IDEA). Sixth International Conference on Advances in Human oriented and Personalized Mechanisms, Technologies, and Services (CENTRIC), Venice, Italy. :Article7.
.
2013. Applying the Lost-Letter Technique to Assess IT Risk Behaviour. Proceedings of the 3rd Workshop on Socio-Technical Aspects in Security and Trust, New Orleans, USA. :2–9.
.
2013. ArgueSecure: Out-of-the-box Risk Assessment. Proceedings of the 2015 IEEE 2nd Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE), Beijing, China.
.
2016. Argumentation-Based Security Requirements Elicitation: The Next Round. Proceedings of the 2014 IEEE 1st International Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE), Karlskrona, Sweden. :7–12.
.
2014. The Attack Navigator (Invited). Graphical Models for Security - Revised Selected Papers. 9390:1–17.
.
2016. Attack navigator vindt en verhelpt zwakke plekken. Bits en chips. 4
.
2013. Attack Tree Generation by Policy Invalidation. 9th IFIP WG 11.2 International Conference on Information Security Theory and Practice, WISTP 2015, Heraklion, Crete, Greece. 9311:249–259.
.
2015. Attack Trees for Practical Security Assessment: Ranking of Attack Scenarios with ADTool 2.0. 13th International Conference on Quantitative Evaluation of Systems, QEST 2016, Quebec City, QC, Canada. 9826:159–162.
.
2016. Attack Trees with Sequential Conjunction. International Conference on ICT Systems Security and Privacy Protection (IFIPSEC), Hamburg, Germany.
.
2015. .
2013. .
2014. Attacker profiling in quantitative security assessment based on attack trees. 19th Nordic Conference on Secure IT (NordSec), Troms?, Norway. 8788
.
2014. Automated Identification and Prioritization of Business Risks in e-service Networks. Proceedings of the 7th International Conference on Exploring Service Science, IESS 2016, Bucharest, Romania. 247:547–560.
.
2016. Automating Cyber Defence Responses Using Attack-Defence Trees and Game Theory. European Conference on Cyber Warfare and Security, ECCWS 2016, Munich, Germany. :163–172.
.
2016. Automating Defence Generation for Risk Assessment. 1st European Symposium on Security and Privacy, Saarbrücken, Germany. :Number6.
.
2016. Bridging Two Worlds: Reconciling Practical Risk Assessment Methodologies with Theory of Attack Trees. Third International Workshop GraMSec 2016, Lisbon, Portugal. :80–93.
.
2016. Calculating Adversarial Risk from Attack Trees: Control Strength and Probabilistic Attackers. 9th International Workshop on Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance (DPM), Wroclaw, Poland. 8872:201–215.
.
2015. Cloud Radar: Near Real-Time Detection of Security Failures in Dynamic Virtualized Infrastructures. Annual Computer Security Applications Conference (ACSAC), New Orleans, Louisiana.
.
2014. Combining Generated Data Models with Formal Invalidation for Insider Threat Analysis. IEEE Security and Privacy Workshops (SPW), San Jose, California. :229–235.
.
2014. Confluence Reduction for Markov Automata. Proceedings of the 11th International Conference on Formal Modeling and Analysis of Timed Systems (FORMATS), Buenos Aires, Argentina. 8053:243–257.
.
2013.