Achieving a Consensual Definition of Phishing Based on a Systematic Review of the Literature. Crime Science. 3:9:1-9:16.. 2014.
ADTool: Security Analysis with Attack-Defense Trees. 10th International Conference on Quantitative Evaluation of Systems (QEST), Buenos Aires, Argentina. 8054:173–176.. 2013.
Adversarial risks in social experiments with new technologies. Experimentation beyond the laboratory: new perspectives on technology.. 2017.
Analysing the Efficacy of Security Policies in Cyber-Physical Socio-Technical Systems. 12th International Workshop on Security and Trust Management, STM 2016, Heraklion, Crete, Greece. 9871:170–178.. 2016.
Apate: Anti-Phishing Analysing and Triaging Environment (Poster). 36th IEEE Symposium on Security and Privacy, San Jose, CA, USA.. 2015.
An application to estimate the cyber-risk detection skill of mobile device users (IDEA). Sixth International Conference on Advances in Human oriented and Personalized Mechanisms, Technologies, and Services (CENTRIC), Venice, Italy. :Article7.. 2013.
Applying the Lost-Letter Technique to Assess IT Risk Behaviour. Proceedings of the 3rd Workshop on Socio-Technical Aspects in Security and Trust, New Orleans, USA. :2–9.. 2013.
ArgueSecure: Out-of-the-box Risk Assessment. Proceedings of the 2015 IEEE 2nd Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE), Beijing, China.. 2016.
Argumentation-Based Security Requirements Elicitation: The Next Round. Proceedings of the 2014 IEEE 1st International Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE), Karlskrona, Sweden. :7–12.. 2014.
The Attack Navigator (Invited). Graphical Models for Security - Revised Selected Papers. 9390:1–17.. 2016.
Attack navigator vindt en verhelpt zwakke plekken. Bits en chips. 4. 2013.
Attack Tree Generation by Policy Invalidation. 9th IFIP WG 11.2 International Conference on Information Security Theory and Practice, WISTP 2015, Heraklion, Crete, Greece. 9311:249–259.. 2015.
Attack Trees for Practical Security Assessment: Ranking of Attack Scenarios with ADTool 2.0. 13th International Conference on Quantitative Evaluation of Systems, QEST 2016, Quebec City, QC, Canada. 9826:159–162.. 2016.
Attack Trees with Sequential Conjunction. International Conference on ICT Systems Security and Privacy Protection (IFIPSEC), Hamburg, Germany.. 2015.
Attacker profiling in quantitative security assessment based on attack trees. 19th Nordic Conference on Secure IT (NordSec), Troms?, Norway. 8788. 2014.
Automated Identification and Prioritization of Business Risks in e-service Networks. Proceedings of the 7th International Conference on Exploring Service Science, IESS 2016, Bucharest, Romania. 247:547–560.. 2016.
Automating Cyber Defence Responses Using Attack-Defence Trees and Game Theory. European Conference on Cyber Warfare and Security, ECCWS 2016, Munich, Germany. :163–172.. 2016.
Automating Defence Generation for Risk Assessment. 1st European Symposium on Security and Privacy, Saarbrücken, Germany. :Number6.. 2016.
Bridging Two Worlds: Reconciling Practical Risk Assessment Methodologies with Theory of Attack Trees. Third International Workshop GraMSec 2016, Lisbon, Portugal. :80–93.. 2016.
Calculating Adversarial Risk from Attack Trees: Control Strength and Probabilistic Attackers. 9th International Workshop on Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance (DPM), Wroclaw, Poland. 8872:201–215.. 2015.
Cloud Radar: Near Real-Time Detection of Security Failures in Dynamic Virtualized Infrastructures. Annual Computer Security Applications Conference (ACSAC), New Orleans, Louisiana.. 2014.
Combining Generated Data Models with Formal Invalidation for Insider Threat Analysis. IEEE Security and Privacy Workshops (SPW), San Jose, California. :229–235.. 2014.
Confluence Reduction for Markov Automata. Proceedings of the 11th International Conference on Formal Modeling and Analysis of Timed Systems (FORMATS), Buenos Aires, Argentina. 8053:243–257.. 2013.