Luca Allodi

Orcid: 0000-0003-1600-0868

Affiliations:
  • Technical University of Eindhoven, Department of Mathematics and Computer Science, The Netherlands


According to our database1, Luca Allodi authored at least 59 papers between 2011 and 2024.

Collaborative distances:
  • Dijkstra number2 of four.
  • Erdős number3 of four.

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

Online presence:

On csauthors.net:

Bibliography

2024
Cognition in Social Engineering Empirical Research: A Systematic Literature Review.
ACM Trans. Comput. Hum. Interact., April, 2024

A Methodology to Measure the "Cost" of CPS Attacks: Not all CPS Networks are Created Equal.
Proceedings of the IEEE European Symposium on Security and Privacy Workshops, 2024

Attacking Operational Technology Without Specialized Knowledge: The Unspecialized OT Threat Actor Profile.
Proceedings of the IEEE European Symposium on Security and Privacy Workshops, 2024

The (Relative) Impact of Email Cues on the Perceived Threat of Phishing Attacks: A User Perspective on Phishing Deceptiveness.
Proceedings of the IEEE European Symposium on Security and Privacy Workshops, 2024

2023
You Can Tell a Cybercriminal by the Company they Keep: A Framework to Infer the Relevance of Underground Communities to the Threat Landscape.
CoRR, 2023

Know Your Cybercriminal: Evaluating Attacker Preferences by Measuring Profile Sales on an Active, Leading Criminal Market for User Impersonation at Scale.
Proceedings of the 32nd USENIX Security Symposium, 2023

'Give Me Structure': Synthesis and Evaluation of a (Network) Threat Analysis Process Supporting Tier 1 Investigations in a Security Operation Center.
Proceedings of the Nineteenth Symposium on Usable Privacy and Security, 2023

The Peculiar Case of Tailored Phishing against SMEs: Detection and Collective DefenseMechanisms at a Small IT Company.
Proceedings of the IEEE European Symposium on Security and Privacy, 2023

The Influence of Human Factors on the Intention to Report Phishing Emails.
Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems, 2023

2022
Association Rule Mining Meets Regression Analysis: An Automated Approach to Unveil Systematic Biases in Decision-Making Processes.
J. Cybersecur. Priv., March, 2022

Federated Lab (FedLab): An Open-source Distributed Platform for Internet of Things (IoT) Research and Experimentation.
Proceedings of the 8th IEEE World Forum on Internet of Things, 2022

A Decision-Support Tool for Experimentation on Zero-Hour Phishing Detection.
Proceedings of the Foundations and Practice of Security - 15th International Symposium, 2022

Characterizing Building Automation System Attacks and Attackers.
Proceedings of the IEEE European Symposium on Security and Privacy, 2022

Investigating the Effect of Phishing Believability on Phishing Reporting.
Proceedings of the IEEE European Symposium on Security and Privacy, 2022

THREAT/crawl: a Trainable, Highly-Reusable, and Extensible Automated Method and Tool to Crawl Criminal Underground Forums.
Proceedings of the APWG Symposium on Electronic Crime Research, 2022

Stepping out of the MUD: Contextual threat information for IoT devices with manufacturer-provided behavior profiles.
Proceedings of the Annual Computer Security Applications Conference, 2022

2021
Modelling Disruptive APTs targeting Critical Infrastructure using Military Theory.
Proceedings of the IEEE European Symposium on Security and Privacy Workshops, 2021

Dissecting Social Engineering Attacks Through the Lenses of Cognition.
Proceedings of the IEEE European Symposium on Security and Privacy Workshops, 2021

Combining Text and Visual Features to Improve the Identification of Cloned Webpages for Early Phishing Detection.
Proceedings of the ARES 2021: The 16th International Conference on Availability, 2021

2020
The Need for New Antiphishing Measures Against Spear-Phishing Attacks.
IEEE Secur. Priv., 2020

Measuring the accuracy of software vulnerability assessments: experiments with students and professionals.
Empir. Softw. Eng., 2020

A Toolkit for Security Awareness Training Against Targeted Phishing.
Proceedings of the Information Systems Security - 16th International Conference, 2020

An Experimental Approach for Estimating Cyber Risk: a Proposal Building upon Cyber Ranges and Capture the Flags.
Proceedings of the IEEE European Symposium on Security and Privacy Workshops, 2020

Don't Forget the Human: a Crowdsourced Approach to Automate Response and Containment Against Spear Phishing Attacks.
Proceedings of the IEEE European Symposium on Security and Privacy Workshops, 2020

WACCO 2020: the 2nd Workshop on Attackers and Cybercrime Operations Co-held with IEEE European Symposium on Security and Privacy 2020.
Proceedings of the IEEE European Symposium on Security and Privacy Workshops, 2020

Impersonation-as-a-Service: Characterizing the Emerging Criminal Infrastructure for User Impersonation at Scale.
Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020

SAIBERSOC: Synthetic Attack Injection to Benchmark and Evaluate the Performance of Security Operation Centers.
Proceedings of the ACSAC '20: Annual Computer Security Applications Conference, 2020

Testing the effectiveness of tailored phishing techniques in industry and academia: a field experiment.
Proceedings of the ARES 2020: The 15th International Conference on Availability, 2020

2019
Cognitive Triaging of Phishing Attacks.
Proceedings of the 28th USENIX Security Symposium, 2019

Privacy-Conscious Threat Intelligence Using DNSBloom.
Proceedings of the IFIP/IEEE International Symposium on Integrated Network Management, 2019

CARONTE: Crawling Adversarial Resources Over Non-Trusted, High-Profile Environments.
Proceedings of the 2019 IEEE European Symposium on Security and Privacy Workshops, 2019

Unveiling Systematic Biases in Decisional Processes: An Application to Discrimination Discovery.
Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, 2019

Productivity and Patterns of Activity in Bug Bounty Programs: Analysis of HackerOne and Google Vulnerability Research.
Proceedings of the 14th International Conference on Availability, Reliability and Security, 2019

Characterizing the Redundancy of DarkWeb .onion Services.
Proceedings of the 14th International Conference on Availability, Reliability and Security, 2019

2018
Underground Economics for Vulnerability Risk.
login Usenix Mag., 2018

The Effect of Security Education and Expertise on Security Assessments: the Case of Software Vulnerabilities.
CoRR, 2018

A Bug Bounty Perspective on the Disclosure of Web Vulnerabilities.
CoRR, 2018

Economic incentives on DNSSEC deployment: Time to move from quantity to quality.
Proceedings of the 2018 IEEE/IFIP Network Operations and Management Symposium, 2018

Identifying Relevant Information Cues for Vulnerability Assessment Using CVSS.
Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy, 2018

2017
Economic Factors of Vulnerability Trade and Exploitation: Empirical Evidence from a Prominent Russian Cybercrime Market.
CoRR, 2017

Towards Realistic Threat Modeling: Attack Commodification, Irrelevant Vulnerabilities, and Unrealistic Assumptions.
Proceedings of the 2017 Workshop on Automated Decision Making for Active Cyber Defense, 2017

Diversity: A Poor Man's Solution to Drone Takeover.
Proceedings of the 7th International Joint Conference on Pervasive and Embedded Computing and Communication Systems (PECCS 2017), 2017

Estimating the Assessment Difficulty of CVSS Environmental Metrics: An Experiment.
Proceedings of the Future Data and Security Engineering - 4th International Conference, 2017

Economic Factors of Vulnerability Trade and Exploitation.
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

Attack Potential in Impact and Complexity.
Proceedings of the 12th International Conference on Availability, Reliability and Security, Reggio Calabria, Italy, August 29, 2017

2016
Then and Now: On the Maturity of the Cybercrime Markets The Lesson That Black-Hat Marketeers Learned.
IEEE Trans. Emerg. Top. Comput., 2016

2015
Risk-Based Vulnerability Management. Exploiting the economic nature of the attacker to build sound and measurable vulnerability mitigation strategies.
PhD thesis, 2015

The Heavy Tails of Vulnerability Exploitation.
Proceedings of the Engineering Secure Software and Systems - 7th International Symposium, 2015

The Work-Averse Attacker Model.
Proceedings of the 23rd European Conference on Information Systems, 2015

2014
Comparing Vulnerability Severity and Exploits Using Case-Control Studies.
ACM Trans. Inf. Syst. Secur., 2014

Self-organizing Techniques for Knowledge Diffusion in Dynamic Social Networks.
Proceedings of the Complex Networks V, 2014

2013
My Software has a Vulnerability, should I worry?
CoRR, 2013

MalwareLab: Experimentation with Cybercrime Attack Tools.
Proceedings of the 6th Workshop on Cyber Security Experimentation and Test, 2013

Quantitative Assessment of Risk Reduction with Cybercrime Black Market Monitoring.
Proceedings of the 2013 IEEE Symposium on Security and Privacy Workshops, 2013

Attacker Economics for Internet-scale Vulnerability Risk Assessment.
Proceedings of the 6th USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2013

2012
Crime Pays If You Are Just an Average Hacker.
Proceedings of the 2012 ASE International Conference on Cyber Security, 2012

A preliminary analysis of vulnerability scores for attacks in wild: the ekits and sym datasets.
Proceedings of the 2012 ACM Workshop on Building analysis datasets and gathering experience returns for security, 2012

2011
The asymmetric diffusion of trust between communities: simulations in dynamic social networks.
Proceedings of the Winter Simulation Conference 2011, 2011

Modifying Trust Dynamics through Cooperation and Defection in Evolving Social Networks.
Proceedings of the Trust and Trustworthy Computing - 4th International Conference, 2011


  Loading...