Publications

(2024). From Power to Water: Dissecting SCADA Networks Across Different Critical Infrastructures. In PAM 2024.

PDF Cite Project

(2024). A Tale of Two Industroyers: It was the Season of Darkness. In S&P 2024.

PDF Cite Project

(2023). ICSvertase: A Framework for Purpose-based Design and Classification of ICS Honeypots. In ARES ‘23.

PDF Cite DOI

(2022). Characterizing Building Automation System Attacks and Attackers. In EuroS&PW2022.

PDF Cite Project

(2022). You Can't Protect What You Don't Understand: Characterizing an Operational Gas SCADA Network. In SafeThings 2022.

PDF Cite Project

(2017). ECFI: Asynchronous control flow integrity for programmable logic controllers. In ACSAC2017.

PDF Cite DOI

(2017). Stealth Low-Level Manipulation of Programmable Logic Controllers I/O by Pin Control Exploitation. In CRITIS2016.

Cite DOI

(2017). Encryption in ICS networks: A blessing or a curse?. In SmartGridComm2017.

PDF Cite DOI

(2017). 𝜇Shield: Configurable Code-Reuse Attacks Mitigation For Embedded Systems. In NSS2017.

Cite Code DOI

(2016). Specification Mining for Intrusion Detection in Networked Control Systems. In USENIX Security 16.

PDF Cite Project DOI

(2015). Modeling Message Sequences for Intrusion Detection in Industrial Control Systems. In ICCIP2015.

PDF Cite DOI

(2015). Sequence-aware Intrusion Detection in Industrial Control Systems. In CPSS2015.

PDF Cite Project DOI

(2014). Through the eye of the PLC: semantic security monitoring for industrial processes. In ACSAC2014.

PDF Cite Project Project DOI

(2014). On Emulation-Based Network Intrusion Detection Systems. In RAID2014.

Cite DOI

(2013). On the Feasibility of Device Fingerprinting in Industrial Control Systems. In CRITIS2013.

PDF Cite DOI

(2012). N-Gram against the Machine: On the Feasibility of the N-Gram Network Analysis for Binary Protocols. In RAID2012.

PDF Cite Project DOI

(2011). A2thOS: availability analysis and optimisation in SLAs. In IJNM2012.

PDF Cite DOI

(2010). CRAC: Confidentiality risk assessment and IT-infrastructure comparison. In CNSM2010.

PDF Cite DOI

(2010). Model-based qualitative risk assessment for availability of IT infrastructures. In SoSyM2010.

PDF Cite DOI

(2009). Extended eTVRA vs. security checklist: Experiences in a value-web. In ICSE2009.

PDF Cite DOI

(2008). IT confidentiality risk assessment for an architecture-based approach. In BDIM2008.

PDF Cite DOI

(2007). A Model Supporting Business Continuity Auditing and Planning in Information Systems. In ICIMP2007.

PDF Cite DOI

(2007). Model-Based Mitigation of Availability Risks. In BDIM2007.

PDF Cite DOI

(2006). POSEIDON: a 2-tier anomaly-based network intrusion detection system. In IWIA'06.

PDF Cite DOI