Publications

Papers

2022

George, D. R., & Sciancalepore, S. (2022). PRM - Private Interference Discovery for IEEE 802.15. 4 Networks. 2022 IEEE Conference on Communications and Network Security (CNS), 136–144. https://doi.org/10.1109/CNS56114.2022.9947236
Sciancalepore, S., & George, D. R. (2022). Privacy-Preserving Trajectory Matching on Autonomous Unmanned Aerial Vehicles. Proceedings of the 38th Annual Computer Security Applications Conference. Annual Computer Security Applications Conference. https://doi.org/https://doi.org/10.1145/3564625.3564626
Luca Morgese Zangrandi, Thijs van Ede, Tim Booij, Savio Sciancalepore, Luca Allodi, & Andrea Continella. (2022). Stepping out of the MUD: Contextual threat information for IoT devices with manufacturer-provided behaviour profiles. Annual Computer Security Applications Security Conference. https://vm-thijs.ewi.utwente.nl/static/homepage/papers/mudscope.pdf
Dalla Corte, L. (2022). On proportionality in the data protection jurisprudence of the CJEU. International Data Privacy Law, ipac014. https://doi.org/10.1093/idpl/ipac014
Leukfeldt, E. R., & Holt, T. J. (2022). Cybercrime on the menu? Examining cafeteria-style offending among financially motivated cybercriminals. Computers in Human Behavior, 126, 106979. https://doi.org/10.1016/j.chb.2021.106979
Sciancalepore, S., & Zannone, N. (2022). PICO: Privacy-Preserving Access Control in IoT Scenarios through Incomplete Information. The 37th ACM/SIGAPP Symposium on Applied Computing (SAC ’22), 10. https://intersct.nl/wp-content/uploads/2022/01/iot_ac_uncertainty-1.pdf

2021

Bouwmeester, B., Turcios Rodriguez, E. R., Gañán, C., van Eeten, M., & Parkin, S. (2021). The thing doesn’t have a name. Proceedings of the 17th Symposium on Usable Privacy and Security, SOUPS 2021, 493–512. http://www.scopus.com/inward/record.url?scp=85114464267&partnerID=8YFLogxK
Rodríguez, E., Noroozian, A., van Eeten, M., & Gañán, C. (2021). Superspreaders: Quantifying the Role of IoT Manufacturers in Device Infections. Annual Workshop on the Economics on Information Security, 18. https://weis2021.econinfosec.org/wp-content/uploads/sites/9/2021/06/weis21-rodriguez.pdf
Khashooei, B. A., Vasenev, A., Kocademir, H. A., & Mathijssen, R. (2021). Architecting System of Systems Solutions with Security and Data-Protection Principles. 2021 16th International Conference of System of Systems Engineering (SoSE), 43–48. https://doi.org/10.1109/SOSE52739.2021.9497461
Asadi Khashooei, B., Vasenev, A., & Kocademir, H. A. (2021). Structured Traceability of Security and Privacy Principles for Designing Safe Automated Systems. In I. Habli, M. Sujan, S. Gerasimou, E. Schoitsch, & F. Bitsch (Eds.), Computer Safety, Reliability, and Security. SAFECOMP 2021 Workshops (pp. 52–62). Springer International Publishing. https://doi.org/10.1007/978-3-030-83906-2_4
Noroozian, A., Rodriguez, E. T., Lastdrager, E., Kasama, T., Van Eeten, M., & Gañán, C. H. (2021). Can ISPs Help Mitigate IoT Malware? A Longitudinal Study of Broadband ISP Security Efforts. 2021 IEEE European Symposium on Security and Privacy (EuroS P), 337–352. https://doi.org/10.1109/EuroSP51992.2021.00031
Graßl, P., Schraffenberger, H., Borgesius, F. Z., & Buijzen, M. (2021). Dark and Bright Patterns in Cookie Consent Requests. Journal of Digital Social Research, 3(1), 1–38. https://doi.org/10.33621/jdsr.v3i1.54
Garg, C., Machiry, A., Continella, A., Kruegel, C., & Vigna, G. (2021). Toward a Secure Crowdsourced Location Tracking System. 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 311–322. https://doi.org/10.1145/3448300.3467821
Meijaard, Y., Meiler, P.-P., & Allodi, L. (2021). Modelling Disruptive APTs targeting Critical Infrastructure using Military Theory. 178–190. https://doi.org/10.1109/EuroSPW54576.2021.00026
Burda, P., Allodi, L., & Zannone, N. (2021). Dissecting Social Engineering Attacks Through the Lenses of Cognition. 149–160. https://doi.org/10.1109/EuroSPW54576.2021.00024
van Dooremaal, B., Burda, P., Allodi, L., & Zannone, N. (2021). Combining Text and Visual Features to Improve the Identification of Cloned Webpages for Early Phishing Detection. The 16th International Conference on Availability, Reliability and Security, 1–10. https://doi.org/10.1145/3465481.3470112
van de Weijer, S. G. A., Holt, T. J., & Leukfeldt, E. R. (2021). Heterogeneity in trajectories of cybercriminals: A longitudinal analyses of web defacements. Computers in Human Behavior Reports, 4, 100113. https://doi.org/10.1016/j.chbr.2021.100113
Fasano, A., Ballo, T., Muench, M., Leek, T., Bulekov, A., Dolan-Gavitt, B., Egele, M., Francillon, A., Lu, L., Gregory, N., Balzarotti, D., & Robertson, W. (2021). SoK: Enabling Security Analyses of Embedded Systems via Rehosting. In Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security (pp. 687–701). Association for Computing Machinery. https://doi.org/10.1145/3433210.3453093
Ragab, H., Barberis, E., Bos, H., & Giuffrida, C. (2021). Rage Against the Machine Clear: A Systematic Analysis of Machine Clears and Their Implications for Transient Execution Attacks. 1451–1468. https://www.usenix.org/conference/usenixsecurity21/presentation/ragab
Pletinckx, S., Borgolte, K., & Fiebig, T. (2021). Out of Sight, Out of Mind: Detecting Orphaned Web Pages at Internet-Scale. Proc. of ACM Computer and Communication Security, 21–35. https://doi.org/https://doi.org/10.1145/3460120.3485367
Sciancalepore, S., Tedeschi, P., Riasat, U., & Di Pietro, R. (2021, October 6). Mitigating Energy Depletion Attacks in IoT via Random Time-Slotted Channel Access. Proc. of IEEE Conference on Computer and Communications Security. IEEE Conference on Computer and Communications Security, Virtual. https://intersct.nl/wp-content/uploads/2021/11/2021_Sciancalepore_CNS.pdf
Tedeschi, P., Sciancalepore, S., & Di Pietro, R. (2021, December 6). ARID – Anonymous Remote Identication of Unmanned Aerial Vehicles. Proc. of ACM Annual Computer Security Applications Conference (ACSAC). Annual Computer Security Applications Conference (ACSAC), Virtual. https://intersct.nl/wp-content/uploads/2021/11/2021_Tedeschi_ACSAC.pdf
Van Aubel, P., & Poll, E. (2021). Compromised through Compression – Privacy Implications of Smart Meter Traffic Analysis. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2021, 399, 317–337. https://doi.org/10.1007/978-3-030-90022-9_16
Dupont, G., Leite, C., dos Santos, D. R., Costante, E., den Hartog, J., & Etalle, S. (2021). Similarity-Based Clustering For IoT Device Classification. 2021 IEEE International Conference on Omni-Layer Intelligent Systems (COINS), 1–7. https://doi.org/10.1109/COINS51742.2021.9524201

2020

Walree, T. F., & Wolters, P. T. J. (2020). The right to compensation of a competitor for a violation of the GDPR. International Data Privacy Law, 10(4), 346–355. https://doi.org/10.1093/idpl/ipaa018
Pirocca, S., Allodi, L., & Zannone, N. (2020). A Toolkit for Security Awareness Training Against Targeted Phishing (pp. 137–159). https://doi.org/10.1007/978-3-030-65610-2_9
Rosso, M., Campobasso, M., Gankhuyag, G., & Allodi, L. (2020). SAIBERSOC: Synthetic Attack Injection to Benchmark and Evaluate the Performance of Security Operation Centers. Annual Computer Security Applications Conference, 141–153. https://doi.org/10.1145/3427228.3427233
Campobasso, M., & Allodi, L. (2020). Impersonation-as-a-Service: Characterizing the Emerging Criminal Infrastructure for User Impersonation at Scale. Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, 1665–1680. https://doi.org/10.1145/3372297.3417892
Schrama, V., Gañán, C. H., Aschenbrenner, D., de Reuver, M., Borgolte, K., Fiebig, T., Delft, T., & Schrama, V. C. M. (2020). Understanding the Knowledge Gap: How Security Awareness Influences the Adoption of Industrial IoT. 17. https://weis2020.econinfosec.org/wp-content/uploads/sites/8/2020/06/weis20-final23.pdf

Luca Morgese Zangrandi, Thijs van Ede, Tim Booij, Savio Sciancalepore, Luca Allodi, & Andrea Continella. (2022). Stepping out of the MUD: Contextual threat information for IoT devices with manufacturer-provided behaviour profiles. Annual Computer Security Applications Security Conference. https://vm-thijs.ewi.utwente.nl/static/homepage/papers/mudscope.pdf
Sciancalepore, S., & George, D. R. (2022). Privacy-Preserving Trajectory Matching on Autonomous Unmanned Aerial Vehicles. Proceedings of the 38th Annual Computer Security Applications Conference. Annual Computer Security Applications Conference. https://doi.org/https://doi.org/10.1145/3564625.3564626
George, D. R., & Sciancalepore, S. (2022). PRM - Private Interference Discovery for IEEE 802.15. 4 Networks. 2022 IEEE Conference on Communications and Network Security (CNS), 136–144. https://doi.org/10.1109/CNS56114.2022.9947236
Leukfeldt, E. R., & Holt, T. J. (2022). Cybercrime on the menu? Examining cafeteria-style offending among financially motivated cybercriminals. Computers in Human Behavior, 126, 106979. https://doi.org/10.1016/j.chb.2021.106979
Sciancalepore, S., & Zannone, N. (2022). PICO: Privacy-Preserving Access Control in IoT Scenarios through Incomplete Information. The 37th ACM/SIGAPP Symposium on Applied Computing (SAC ’22), 10. https://intersct.nl/wp-content/uploads/2022/01/iot_ac_uncertainty-1.pdf
Dalla Corte, L. (2022). On proportionality in the data protection jurisprudence of the CJEU. International Data Privacy Law, ipac014. https://doi.org/10.1093/idpl/ipac014

 

Van Aubel, P., & Poll, E. (2021). Compromised through Compression – Privacy Implications of Smart Meter Traffic Analysis. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2021, 399, 317–337. https://doi.org/10.1007/978-3-030-90022-9_16
Dupont, G., Leite, C., dos Santos, D. R., Costante, E., den Hartog, J., & Etalle, S. (2021). Similarity-Based Clustering For IoT Device Classification. 2021 IEEE International Conference on Omni-Layer Intelligent Systems (COINS), 1–7. https://doi.org/10.1109/COINS51742.2021.9524201
Ragab, H., Barberis, E., Bos, H., & Giuffrida, C. (2021). Rage Against the Machine Clear: A Systematic Analysis of Machine Clears and Their Implications for Transient Execution Attacks. 1451–1468. https://www.usenix.org/conference/usenixsecurity21/presentation/ragab
Burda, P., Allodi, L., & Zannone, N. (2021). Dissecting Social Engineering Attacks Through the Lenses of Cognition. 149–160. https://doi.org/10.1109/EuroSPW54576.2021.00024
Meijaard, Y., Meiler, P.-P., & Allodi, L. (2021). Modelling Disruptive APTs targeting Critical Infrastructure using Military Theory. 178–190. https://doi.org/10.1109/EuroSPW54576.2021.00026
Noroozian, A., Rodriguez, E. T., Lastdrager, E., Kasama, T., Van Eeten, M., & Gañán, C. H. (2021). Can ISPs Help Mitigate IoT Malware? A Longitudinal Study of Broadband ISP Security Efforts. 2021 IEEE European Symposium on Security and Privacy (EuroS P), 337–352. https://doi.org/10.1109/EuroSP51992.2021.00031
Asadi Khashooei, B., Vasenev, A., & Kocademir, H. A. (2021). Structured Traceability of Security and Privacy Principles for Designing Safe Automated Systems. In I. Habli, M. Sujan, S. Gerasimou, E. Schoitsch, & F. Bitsch (Eds.), Computer Safety, Reliability, and Security. SAFECOMP 2021 Workshops (pp. 52–62). Springer International Publishing. https://doi.org/10.1007/978-3-030-83906-2_4
Rodríguez, E., Noroozian, A., van Eeten, M., & Gañán, C. (2021). Superspreaders: Quantifying the Role of IoT Manufacturers in Device Infections. Annual Workshop on the Economics on Information Security, 18. https://weis2021.econinfosec.org/wp-content/uploads/sites/9/2021/06/weis21-rodriguez.pdf
Bouwmeester, B., Turcios Rodriguez, E. R., Gañán, C., van Eeten, M., & Parkin, S. (2021). The thing doesn’t have a name. Proceedings of the 17th Symposium on Usable Privacy and Security, SOUPS 2021, 493–512. http://www.scopus.com/inward/record.url?scp=85114464267&partnerID=8YFLogxK
Fasano, A., Ballo, T., Muench, M., Leek, T., Bulekov, A., Dolan-Gavitt, B., Egele, M., Francillon, A., Lu, L., Gregory, N., Balzarotti, D., & Robertson, W. (2021). SoK: Enabling Security Analyses of Embedded Systems via Rehosting. In Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security (pp. 687–701). Association for Computing Machinery. https://doi.org/10.1145/3433210.3453093
Garg, C., Machiry, A., Continella, A., Kruegel, C., & Vigna, G. (2021). Toward a Secure Crowdsourced Location Tracking System. 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 311–322. https://doi.org/10.1145/3448300.3467821
Khashooei, B. A., Vasenev, A., Kocademir, H. A., & Mathijssen, R. (2021). Architecting System of Systems Solutions with Security and Data-Protection Principles. 2021 16th International Conference of System of Systems Engineering (SoSE), 43–48. https://doi.org/10.1109/SOSE52739.2021.9497461
van de Weijer, S. G. A., Holt, T. J., & Leukfeldt, E. R. (2021). Heterogeneity in trajectories of cybercriminals: A longitudinal analyses of web defacements. Computers in Human Behavior Reports, 4, 100113. https://doi.org/10.1016/j.chbr.2021.100113
Graßl, P., Schraffenberger, H., Borgesius, F. Z., & Buijzen, M. (2021). Dark and Bright Patterns in Cookie Consent Requests. Journal of Digital Social Research, 3(1), 1–38. https://doi.org/10.33621/jdsr.v3i1.54
van Dooremaal, B., Burda, P., Allodi, L., & Zannone, N. (2021). Combining Text and Visual Features to Improve the Identification of Cloned Webpages for Early Phishing Detection. The 16th International Conference on Availability, Reliability and Security, 1–10. https://doi.org/10.1145/3465481.3470112
Sciancalepore, S., Tedeschi, P., Riasat, U., & Di Pietro, R. (2021, October 6). Mitigating Energy Depletion Attacks in IoT via Random Time-Slotted Channel Access. Proc. of IEEE Conference on Computer and Communications Security. IEEE Conference on Computer and Communications Security, Virtual. https://intersct.nl/wp-content/uploads/2021/11/2021_Sciancalepore_CNS.pdf
Pletinckx, S., Borgolte, K., & Fiebig, T. (2021). Out of Sight, Out of Mind: Detecting Orphaned Web Pages at Internet-Scale. Proc. of ACM Computer and Communication Security, 21–35. https://doi.org/https://doi.org/10.1145/3460120.3485367
Tedeschi, P., Sciancalepore, S., & Di Pietro, R. (2021, December 6). ARID – Anonymous Remote Identication of Unmanned Aerial Vehicles. Proc. of ACM Annual Computer Security Applications Conference (ACSAC). Annual Computer Security Applications Conference (ACSAC), Virtual. https://intersct.nl/wp-content/uploads/2021/11/2021_Tedeschi_ACSAC.pdf
Schrama, V., Gañán, C. H., Aschenbrenner, D., de Reuver, M., Borgolte, K., Fiebig, T., Delft, T., & Schrama, V. C. M. (2020). Understanding the Knowledge Gap: How Security Awareness Influences the Adoption of Industrial IoT. 17. https://weis2020.econinfosec.org/wp-content/uploads/sites/8/2020/06/weis20-final23.pdf
Campobasso, M., & Allodi, L. (2020). Impersonation-as-a-Service: Characterizing the Emerging Criminal Infrastructure for User Impersonation at Scale. Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, 1665–1680. https://doi.org/10.1145/3372297.3417892
Walree, T. F., & Wolters, P. T. J. (2020). The right to compensation of a competitor for a violation of the GDPR. International Data Privacy Law, 10(4), 346–355. https://doi.org/10.1093/idpl/ipaa018
Pirocca, S., Allodi, L., & Zannone, N. (2020). A Toolkit for Security Awareness Training Against Targeted Phishing (pp. 137–159). https://doi.org/10.1007/978-3-030-65610-2_9
Rosso, M., Campobasso, M., Gankhuyag, G., & Allodi, L. (2020). SAIBERSOC: Synthetic Attack Injection to Benchmark and Evaluate the Performance of Security Operation Centers. Annual Computer Security Applications Conference, 141–153. https://doi.org/10.1145/3427228.3427233