Background and activities
- Software security and security testing
- Software vulnerability analysis
- Model driven software development and model driven security
- Access control, usage control and privacy protection
- Security monitoring, policies, languages, models and enforcement
Scientific, academic and artistic work
A selection of recent journal publications, artistic productions, books, including book and report excerpts. See all publications in the database
- (2018) Source Code Patterns of Cross Site Scripting in PHP Open Source Projects. Norsk Informasjonssikkerhetskonferanse (NISK). vol. 11.
- (2018) A Pilot Study in Cyber Security Education Using CyberAIMs: A Simulation-Based Experiment. IFIP Advances in Information and Communication Technology. vol. 531.
- (2015) A process for mastering security evolution in the development lifecycle. International Journal on Software Tools for Technology Transfer (STTT). vol. 17.
- (2012) Managing Privacy and Effectiveness of Patient-Administered Authorization Policies. International Journal of Computational Models and Algorithms in Medicine (IJCMAM).
Part of book/report
- (2018) Source Code Patterns of Buffer Overflow Vulnerabilities in Firefox. SICHERHEIT 2018.
- (2018) Towards a Quantitative Approach for Security Assurance Metrics. The Twelfth International Conference on Emerging Security Information, Systems and Technologies; SECURWARE 2018 September 16, 2018 to September 20, 2018 - Venice, Italy.
- (2017) Source Code Patterns of SQL Injection Vulnerabilities. ARES'17. Proceedings of The 12th International Conference on Availability, Reliability and Security, Reggio Calabria, Italy — August 29 - September 01, 2017.
- (2013) Towards a Model- and Learning-Based Framework for Security Anomaly Detection. Formal Methods for Components and Objects.
- (2013) Enhancing Model Driven Security through Pattern Refinement Techniques. Formal Methods for Components and Objects.
- (2012) Monitoring Anomalies in IT-Landscapes Using Clustering Techniques and Complex Event Processing. Leveraging Applications of Formal Methods, Verification, and Validation.
- (2012) Anomaly Detection in the Cloud: Detecting Security Incidents via Machine Learning. Trustworthy Eternal Systemsvia Evolving Software, Data and Knowledge..
- (2012) The Process of Policy Authoring of Patient-Controlled Privacy Preferences. Electronic Healthcare.
- (2010) cover Meeting EHR Security Requirements: SeAAS Approach. Seamless Care – Safe Care.