Fabio Massacci
Orcid: 0000-0002-1091-8486Affiliations:
- University of Trento, Italy
- Vrije Universiteit Amsterdam, The Netherlands
According to our database1,
Fabio Massacci
authored at least 273 papers
between 1994 and 2024.
Collaborative distances:
Collaborative distances:
Timeline
Legend:
Book In proceedings Article PhD thesis Dataset OtherLinks
Online presence:
-
on zbmath.org
-
on orcid.org
-
on d-nb.info
On csauthors.net:
Bibliography
2024
APR4Vul: an empirical study of automatic program repair techniques on real-world Java vulnerabilities.
Empir. Softw. Eng., February, 2024
IEEE Secur. Priv., 2024
Analyzing and Mitigating (with LLMs) the Security Misconfigurations of Helm Charts from Artifact Hub.
CoRR, 2024
Cross-ecosystem categorization: A manual-curation protocol for the categorization of Java Maven libraries along Python PyPI Topics.
CoRR, 2024
2023
Empir. Softw. Eng., November, 2023
Comput. Secur., April, 2023
Comput. Secur., April, 2023
Software Updates Strategies: A Quantitative Evaluation Against Advanced Persistent Threats.
IEEE Trans. Software Eng., March, 2023
A Graph-Based Stratified Sampling Methodology for the Analysis of (Underground) Forums.
IEEE Trans. Inf. Forensics Secur., 2023
IEEE Secur. Priv., 2023
IEEE Secur. Priv., 2023
Empir. Softw. Eng., 2023
2022
IEEE Trans. Software Eng., 2022
ACM Trans. Sens. Networks, 2022
IEEE Secur. Priv., 2022
IEEE Secur. Priv., 2022
Machine Learning for Source Code Vulnerability Detection: What Works and What Isn't There Yet.
IEEE Secur. Priv., 2022
Empir. Softw. Eng., 2022
On the acceptance by code reviewers of candidate security patches suggested by Automated Program Repair tools.
CoRR, 2022
Proceedings of the Digital Sovereignty in Cyber Security: New Challenges in Future Vision, 2022
Proceedings of the 22nd IEEE International Symposium on Cluster, 2022
Proceedings of the IEEE 15th International Conference on Cloud Computing, 2022
Proceedings of the ARES 2022: The 17th International Conference on Availability, Reliability and Security, Vienna,Austria, August 23, 2022
Proceedings of the ARES 2022: The 17th International Conference on Availability, Reliability and Security, Vienna,Austria, August 23, 2022
2021
Proceedings of the Advancing Research in Information and Communication Technology, 2021
IEEE Secur. Priv., 2021
IEEE Secur. Priv., 2021
IEEE Secur. Priv., 2021
Are We Preparing Students to Build Security In? A Survey of European Cybersecurity in Higher Education Programs [Education].
IEEE Secur. Priv., 2021
Optimisation of cyber insurance coverage with selection of cost effective security controls.
Comput. Secur., 2021
Proceedings of the ESEC/FSE '21: 29th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2021
Secure Software Development in the Era of Fluid Multi-party Open Software and Services.
Proceedings of the 43rd IEEE/ACM International Conference on Software Engineering: New Ideas and Emerging Results, 2021
Technical Leverage in a Software Ecosystem: Development Opportunities and Security Risks.
Proceedings of the 43rd IEEE/ACM International Conference on Software Engineering, 2021
Please hold on: more time = more patches? Automated program repair as anytime algorithms.
Proceedings of the 2nd IEEE/ACM International Workshop on Automated Program Repair, 2021
Proceedings of the Financial Cryptography and Data Security, 2021
2020
Inf., 2020
IEEE Secur. Priv., 2020
Trans. Emerg. Telecommun. Technol., 2020
Measuring the accuracy of software vulnerability assessments: experiments with students and professionals.
Empir. Softw. Eng., 2020
Preliminary findings on FOSS dependencies and security: a qualitative study on developers' attitudes and experience.
Proceedings of the ICSE '20: 42nd International Conference on Software Engineering, Companion Volume, Seoul, South Korea, 27 June, 2020
Proceedings of the IEEE European Symposium on Security and Privacy Workshops, 2020
An Experimental Approach for Estimating Cyber Risk: a Proposal Building upon Cyber Ranges and Capture the Flags.
Proceedings of the IEEE European Symposium on Security and Privacy Workshops, 2020
Proceedings of the IEEE European Symposium on Security and Privacy Workshops, 2020
WACCO 2020: the 2nd Workshop on Attackers and Cybercrime Operations Co-held with IEEE European Symposium on Security and Privacy 2020.
Proceedings of the IEEE European Symposium on Security and Privacy Workshops, 2020
Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020
Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020
2019
J. Comput. Virol. Hacking Tech., 2019
IEEE Trans. Software Eng., 2019
Int. J. Softw. Tools Technol. Transf., 2019
A Server-Side JavaScript Security Architecture for Secure Integration of Third-Party Libraries.
Secur. Commun. Networks, 2019
Is "Deny Access" a Valid "Fail-Safe Default" Principle for Building Security in Cyberphysical Systems?
IEEE Secur. Priv., 2019
Proceedings of the 5th IEEE World Forum on Internet of Things, 2019
Affordable Security or Big Guy vs Small Guy - Does the Depth of Your Pockets Impact Your Protocols?
Proceedings of the Security Protocols XXVII, 2019
Proceedings of the Third Italian Conference on Cyber Security, 2019
Proceedings of the Second Distributed Ledger Technology Workshop, 2019
Proceedings of the International Conference on Cyber Situational Awareness, 2019
2018
The Effect of Security Education and Expertise on Security Assessments: the Case of Software Vulnerabilities.
CoRR, 2018
Proceedings of the Security Protocols XXVI, 2018
Non-monotonic Security Protocols and Failures in Financial Intermediation (Transcript of Discussion).
Proceedings of the Security Protocols XXVI, 2018
Proceedings of the 2018 IEEE Symposium on Security and Privacy, 2018
Proceedings of the 12th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement, 2018
2017
Identifying the implied: Findings from three differentiated replications on the use of security requirements templates.
Empir. Softw. Eng., 2017
Model comprehension for security risk assessment: an empirical comparison of tabular vs. graphical representations.
Empir. Softw. Eng., 2017
The Seconomics (Security-Economics) Vulnerabilities of Decentralized Autonomous Organizations.
Proceedings of the Security Protocols XXV, 2017
REW-SMT: A New Approach for Rewriting XACML Request with Dynamic Big Data Security Policies.
Proceedings of the Security, Privacy, and Anonymity in Computation, Communication, and Storage, 2017
On the Equivalence Between Graphical and Tabular Representations for Security Risk Assessment.
Proceedings of the Requirements Engineering: Foundation for Software Quality, 2017
Diversity: A Poor Man's Solution to Drone Takeover.
Proceedings of the 7th International Joint Conference on Pervasive and Embedded Computing and Communication Systems (PECCS 2017), 2017
Teaching predictive modeling to junior software engineers - seminar format and its evaluation: poster.
Proceedings of the 39th International Conference on Software Engineering, 2017
Proceedings of the Future Data and Security Engineering - 4th International Conference, 2017
Proceedings of the 2017 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement, 2017
Graphical vs. Tabular Notations for Risk Models: On the Role of Textual Labels and Complexity.
Proceedings of the 2017 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement, 2017
Proceedings of the 12th International Conference on Availability, Reliability and Security, Reggio Calabria, Italy, August 29, 2017
2016
Then and Now: On the Maturity of the Cybercrime Markets The Lesson That Black-Hat Marketeers Learned.
IEEE Trans. Emerg. Top. Comput., 2016
Economic Impacts of Rules- versus Risk-Based Cybersecurity Regulations for Critical Infrastructure Providers.
IEEE Secur. Priv., 2016
IEEE Secur. Priv., 2016
Empir. Softw. Eng., 2016
On the Security Cost of Using a Free and Open Source Component in a Proprietary Product.
Proceedings of the Engineering Secure Software and Systems - 8th International Symposium, 2016
2015
IT Interdependence and the Economic Fairness of Cybersecurity Regulations for Civil Aviation.
IEEE Secur. Priv., 2015
The Role of Catalogues of Threats and Security Controls in Security Risk Assessment: An Empirical Study with ATM Professionals.
Proceedings of the Requirements Engineering: Foundation for Software Quality, 2015
Proceedings of the 2015 IEEE Fifth International Workshop on Empirical Requirements Engineering, 2015
Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, 2015
Proceedings of the 23rd European Conference on Information Systems, 2015
StaDynA: Addressing the Problem of Dynamic Code Updates in the Security Analysis of Android Applications.
Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, 2015
Proceedings of the 10th International Conference on Availability, Reliability and Security, 2015
2014
Proceedings of the Engineering Secure Future Internet Services and Systems, 2014
IEEE Trans. Software Eng., 2014
ACM Trans. Inf. Syst. Secur., 2014
Assessing a requirements evolution approach: Empirical studies in the air traffic management domain.
J. Syst. Softw., 2014
Proceedings of the 7th Workshop on Cyber Security Experimentation and Test, 2014
Proceedings of the IEEE 22nd International Requirements Engineering Conference, 2014
An experiment on comparing textual vs. visual industrial methods for security risk assessment.
Proceedings of the 4th IEEE International Workshop on Empirical Requirements Engineering, 2014
Security triage: A report of a lean security requirements methodology for cost-effective security analysis.
Proceedings of the 4th IEEE International Workshop on Empirical Requirements Engineering, 2014
Proceedings of the 15th Italian Conference on Theoretical Computer Science, 2014
Security triage: an industrial case study on the effectiveness of a lean methodology to identify security requirements.
Proceedings of the 2014 ACM-IEEE International Symposium on Empirical Software Engineering and Measurement, 2014
An Empirical Study of the Technology Transfer Potential of EU Security and Trust R&D Projects.
Proceedings of the Cyber Security and Privacy - Third Cyber Security and Privacy EU Forum, 2014
Proceedings of the 30th Annual Computer Security Applications Conference, 2014
A Relative Cost-Benefit Approach for Evaluating Alternative Airport Security Policies.
Proceedings of the Ninth International Conference on Availability, 2014
Proceedings of the Ninth International Conference on Availability, 2014
2013
A Systematically Empirical Evaluation of Vulnerability Discovery Models: a Study on Browsers' Vulnerabilities.
CoRR, 2013
Proceedings of the 6th Workshop on Cyber Security Experimentation and Test, 2013
Proceedings of the 2013 IEEE Symposium on Security and Privacy Workshops, 2013
Anatomy of Exploit Kits - Preliminary Analysis of Exploit Kits as Software Artefacts.
Proceedings of the Engineering Secure Software and Systems - 5th International Symposium, 2013
Proceedings of the 2013 ACM / IEEE International Symposium on Empirical Software Engineering and Measurement, 2013
The (un)reliability of NVD vulnerable versions data: an empirical experiment on Google Chrome vulnerabilities.
Proceedings of the 8th ACM Symposium on Information, Computer and Communications Security, 2013
UNICORN: A Tool for Modeling and Reasoning on the Uncertainty of Requirements Evolution.
Proceedings of the CAiSE'13 Forum at the 25th International Conference on Advanced Information Systems Engineering (CAiSE), 2013
Proceedings of the 2013 International Conference on Availability, Reliability and Security, 2013
2012
J. Comput. Secur., 2012
Inf. Softw. Technol., 2012
High-level algorithms and data structures requirements for security-by-contract on Java cards.
Int. J. Crit. Comput. Based Syst., 2012
Proceedings of the Information Security and Privacy Research, 2012
Assessing a requirements evolution approach: Empirical studies in the Air Traffic Management domain.
Proceedings of the Second IEEE International Workshop on Empirical Requirements Engineering, 2012
How to Select a Security Requirements Method? A Comparative Study with Students and Practitioners.
Proceedings of the Secure IT Systems - 17th Nordic Conference, 2012
Proceedings of the Fifth IEEE International Conference on Software Testing, 2012
Controlling Application Interactions on the Novel Smart Cards with Security-by-Contract.
Proceedings of the Formal Methods for Components and Objects, 2012
Proceedings of the Engineering Secure Software and Systems - 4th International Symposium, 2012
Proceedings of the 2012 ASE International Conference on Cyber Security, 2012
Proceedings of the 7th ACM Symposium on Information, Compuer and Communications Security, 2012
A preliminary analysis of vulnerability scores for attacks in wild: the ekits and sym datasets.
Proceedings of the 2012 ACM Workshop on Building analysis datasets and gathering experience returns for security, 2012
2011
Int. J. Secur. Softw. Eng., 2011
Int. J. Inf. Sec., 2011
Proceedings of the 13th IEEE Conference on Commerce and Enterprise Computing, 2011
Orchestrating Security and System Engineering for Evolving Systems - (Invited Paper).
Proceedings of the Towards a Service-Based Internet - 4th European Conference, 2011
Proceedings of the Towards a Service-Based Internet - 4th European Conference, 2011
Proceedings of the First International Workshop on Empirical Requirements Engineering, 2011
Proceedings of the POLICY 2011, 2011
Proceedings of the POLICY 2011, 2011
Proceedings of the 5th International Conference on Network and System Security, 2011
Proceedings of the 2011 IEEE International Conference on Intelligence and Security Informatics, 2011
Proceedings of the Information Systems Security - 7th International Conference, 2011
A Method for Security Governance, Risk, and Compliance (GRC): A Goal-Process Approach.
Proceedings of the Foundations of Security Analysis and Design VI, 2011
Proceedings of the Future Internet, 2011
After-Life Vulnerabilities: A Study on Firefox Evolution, Its Vulnerabilities, and Fixes.
Proceedings of the Engineering Secure Software and Systems - Third International Symposium, 2011
Proceedings of the Engineering Secure Software and Systems - Third International Symposium, 2011
Dealing with Known Unknowns: Towards a Game-Theoretic Foundation for Software Requirement Evolution.
Proceedings of the Advanced Information Systems Engineering, 2011
Proceedings of the Advanced Information Systems Engineering Workshops, 2011
Proceedings of the IS Olympics: Information Systems in a Diverse World, 2011
Detecting Conflicts between Functional and Security Requirements with Secure Tropos: John Rusnak and the Allied Irish Bank.
Proceedings of the Social Modeling for Requirements Engineering., 2011
2010
Security Requirements Engineering: The SI* Modeling Language and the Secure Tropos Methodology.
Proceedings of the Advances in Intelligent Information Systems, 2010
A Dynamic Security Framework for Ambient Intelligent Systems: A Smart-Home Based eHealth Application.
Trans. Comput. Sci., 2010
J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl., 2010
J. Comput. Secur., 2010
Can We Support Applications' Evolution in Multi-application Smart Cards by Security-by-Contract?
Proceedings of the Information Security Theory and Practices. Security and Privacy of Pervasive Systems and Smart Devices, 2010
Proceedings of the Workshop on Future of Software Engineering Research, 2010
Java Card Architecture for Autonomous Yet Secure Evolution of Smart Cards Applications.
Proceedings of the Information Security Technology for Applications, 2010
Proceedings of the Leveraging Applications of Formal Methods, Verification, and Validation, 2010
Proceedings of the Towards the Future Internet - Emerging Trends from European Research, 2010
Proceedings of the CISIS 2010, 2010
2009
J. Log. Algebraic Methods Program., 2009
Proceedings of the Fourth Workshop on Bytecode Semantics, 2009
What the heck is this application doing? - A security-by-contract architecture for pervasive services.
Comput. Secur., 2009
A self-protecting and self-healing framework for negotiating services and trust in autonomic communication systems.
Comput. Networks, 2009
How to integrate legal requirements into a requirements engineering methodology for the development of security and privacy patterns.
Artif. Intell. Law, 2009
Legal Patterns Implement Trust in IT Requirements: When Legal Means are the "Best" Implementation of IT Technical Goals.
Proceedings of the Second International Workshop on Requirements Engineering and Law, 2009
Proceedings of the Privacy and Identity Management for Life, 2009
Proceedings of the Identity and Privacy in the Internet Age, 2009
Proceedings of the Service-Oriented Computing, 7th International Joint Conference, 2009
Proceedings of the 12th International Conference on Artificial Intelligence and Law, 2009
Proceedings of the Towards the Future Internet - A European Research Perspective, 2009
Proceedings of the 2009 ACM Symposium on Information, 2009
2008
Towards Systematic Achievement of Compliance in Service-Oriented Architectures: The MASTER Approach.
Wirtschaftsinf., 2008
ACM Trans. Auton. Adapt. Syst., 2008
Proceedings of the 5th ACM Workshop On Secure Web Services, 2008
Proceedings of the 2008 Workshop on Programming Languages and Analysis for Security, 2008
A Model-Driven Approach for the Specification and Analysis of Access Control Policies.
Proceedings of the On the Move to Meaningful Internet Systems: OTM 2008, 2008
Proceedings of the Trust Management II, 2008
Proceedings of the Formal Aspects in Security and Trust, 5th International Workshop, 2008
Proceedings of the Future Internet - FIS 2008, First Future Internet Symposium, 2008
Proceedings of the The Third International Conference on Availability, 2008
2007
J. Netw. Syst. Manag., 2007
From Hippocratic Databases to Secure Tropos: a Computer-Aided Re-Engineering Approach.
Int. J. Softw. Eng. Knowl. Eng., 2007
Proceedings of the First International Workshop on Run Time Enforcement for Mobile and Distributed Systems, 2007
Proceedings of the 3rd International Workshop on Security and Trust Management, 2007
Proceedings of the 4th ACM Workshop On Secure Web Services, 2007
Proceedings of the Third International Workshop on Security, 2007
Proceedings of the Trust Management, 2007
Proceedings of the Service-Oriented Computing, 2007
How to capture, model, and verify the knowledge of legal, security, and privacy experts: a pattern-based approach.
Proceedings of the Eleventh International Conference on Artificial Intelligence and Law, 2007
Proceedings of the Public Key Infrastructure, 2007
An algorithm for the appraisal of assurance indicators for complex business processes.
Proceedings of the 3th ACM Workshop on Quality of Protection, 2007
A flexible security architecture to support third-party applications on mobile devices.
Proceedings of the 2007 ACM workshop on Computer Security Architecture, 2007
Proceedings of the Third International Symposium on Information Assurance and Security, 2007
Proceedings of the The Second International Conference on Availability, 2007
2006
Hierarchical hippocratic databases with minimal disclosure for virtual organizations.
VLDB J., 2006
Int. J. Inf. Sec., 2006
Proceedings of the Second International Workshop on Security and Trust Management, 2006
Proceedings of the 14th IEEE International Conference on Requirements Engineering (RE 2006), 2006
Proceedings of the Advanced Information Systems Engineering, 18th International Conference, 2006
2005
Towards an Independent Semantics and Verification Technology for the HLPSL Specification Language.
Proceedings of the Second Workshop on Automated Reasoning for Security Protocol Analysis, 2005
Using a security requirements engineering methodology in practice: The compliance with the Italian data protection legislation.
Comput. Stand. Interfaces, 2005
Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society, 2005
Proceedings of the 13th IEEE International Conference on Requirements Engineering (RE 2005), 29 August, 2005
Proceedings of the 13th IEEE International Conference on Requirements Engineering (RE 2005), 29 August, 2005
Proceedings of the Trust Management, Third International Conference, 2005
Proceedings of the Trust Management, Third International Conference, 2005
Proceedings of the Trust Management, Third International Conference, 2005
Proceedings of the Foundations of Security Analysis and Design III, 2005
Proceedings of the Computer Security, 2005
2004
Proceedings of the Autonomic Communication, First International IFIP Workshop, 2004
Proceedings of the Security Protocols, 2004
Proceedings of the Security Protocols, 2004
Proceedings of the Security and Protection in Information Processing Systems, 2004
Proceedings of the Trust Management, Second International Conference, 2004
Proceedings of the Formal Aspects in Security and Trust: Second IFIP TC1 WG1.7 Workshop on Formal Aspects in Security and Trust (FAST), 2004
Proceedings of the Web Engineering - 4th International Conference, 2004
Filling the Gap between Requirements Engineering and Public Key/Trust Management Infrastructures.
Proceedings of the Public Key Infrastructure, 2004
2003
Discret. Appl. Math., 2003
Proceedings of the 2003 ACM Workshop on XML Security, Fairfax, VA, USA, October 31, 2003, 2003
Requirement Engineering Meets Security: A Case Study on Modelling Secure Electronic Transactions by VISA and Mastercard.
Proceedings of the Conceptual Modeling, 2003
2002
Solving QBF by SMV.
Proceedings of the Eights International Conference on Principles and Knowledge Representation and Reasoning (KR-02), 2002
Proceedings of the 9th ACM Conference on Computer and Communications Security, 2002
Proceedings of the Computational Logic: Logic Programming and Beyond, 2002
2001
ACM Trans. Comput. Log., 2001
Proceedings of the Logical Aspects of Cryptographic Protocol Verification, 2001
Decision Procedures for Expressive Description Logics with Intersection, Composition, Converse of Roles and Role Identity.
Proceedings of the Seventeenth International Joint Conference on Artificial Intelligence, 2001
Proceedings of the Automated Reasoning, First International Joint Conference, 2001
2000
Combining Deduction and Model Checking into Tableaux and Algorithms for Converse-PDL.
Inf. Comput., 2000
Proceedings of the Automated Reasoning with Analytic Tableaux and Related Methods, 2000
Proceedings of the Security Protocols, 2000
Reduction rules and universal variables for first order tableaux and DPLL.
Proceedings of the KR 2000, 2000
Proceedings of the Computer Security, 2000
Proceedings of the 13th IEEE Computer Security Foundations Workshop, 2000
1999
Proceedings of the Automated Reasoning with Analytic Tableaux and Related Methods, 1999
Proceedings of the Automated Reasoning with Analytic Tableaux and Related Methods, 1999
Proceedings of the Sixteenth International Joint Conference on Artificial Intelligence, 1999
1998
J. Log. Comput., 1998
Simplification: A General Constraint Propagation Technique for Propositional and Modal Tableaux.
Proceedings of the Automated Reasoning with Analytic Tableaux and Related Methods, 1998
Cook and Reckhow are Wrong: Subexponential Tableaux Proofs for Their Family of Formulae.
Proceedings of the 13th European Conference on Artificial Intelligence, 1998
Proceedings of the Fifteenth National Conference on Artificial Intelligence and Tenth Innovative Applications of Artificial Intelligence Conference, 1998
1997
Proceedings of the Automated Reasoning with Analytic Tableaux and Related Methods, 1997
Reasoning About Security: A Logic and a Decision Method for Role-Based Access Control.
Proceedings of the Qualitative and Quantitative Practical Reasoning, 1997
Proceedings of the Recent Advances in AI Planning, 4th European Conference on Planning, 1997
Proceedings of the AI*IA 97: Advances in Artificial Intelligence, 1997
1996
Proceedings of the Logics in Artificial Intelligence, European Workshop, 1996
Proceedings of the Eigth International Conference on Tools with Artificial Intelligence, 1996
Exptime Tableaux for ALC.
Proceedings of the 1996 International Workshop on Description Logics, 1996
Proceedings of the Automated Deduction - CADE-13, 13th International Conference on Automated Deduction, New Brunswick, NJ, USA, July 30, 1996
Proceedings of the Thirteenth National Conference on Artificial Intelligence and Eighth Innovative Applications of Artificial Intelligence Conference, 1996
1994
Proceedings of the Automated Deduction - CADE-12, 12th International Conference on Automated Deduction, Nancy, France, June 26, 1994