My Research

Summary

I work on a variety of cyber security topics pertaining to cyber security of organizations, ranging from security risk management and threat modeling to mobile security and secure software development. My main goal is to make organisations more secure by improving their security management practices, helping them to secure their software and systems, providing them insights into cyber threats, and assisting them in making decisions about cyber security.

Cyber threats

I am interested in threat modelling: elicitation of threat scenarios in security risk assessment and application of these models to detecting ongoing attacks. I often work with attack trees: a versatile graphical security model, which has rigorous theoretical foundations, but is still easy to use. I am also interested in cyber threat intelligence, and the mutual enrichment of threat models and threat intelligence data.

Secure software engineering

Software security issues enable attackers to infiltrate and damage systems. In the past 20 years the society has developed many techniques, tools and process to engineer software in a secure way. However, many issues still remain, and security vulnerabilities continue to appear. With the C-SIDe project team, I study practical challenges with the existing tools, techniques and processes, and propose improvements.

Mobile security

I work on Android security, focusing on analysis and detection of malicious apps, improving automated testing, and evaluating security analysis tools. I also investigate explainable AI methods applied to malware detection.

Selected publications

Below is a selection of my research publications.

Most of my publications are available on Google Scholar: my profile.