2025
Dealing with uncertainty in cybersecurity decision support.
Comput. Secur., 2025
2023
CROSS: A framework for cyber risk optimisation in smart homes.
Comput. Secur., 2023
Keep Spending: Beyond Optimal Cyber-Security Investment.
Proceedings of the 36th IEEE Computer Security Foundations Symposium, 2023
2022
Optimization-Time Analysis for Cybersecurity.
IEEE Trans. Dependable Secur. Comput., 2022
Channel-Supermodular Entropies: Order Theory and an Application to Query Anonymization.
Entropy, 2022
Optimal security hardening over a probabilistic attack graph: a case study of an industrial control system using the CySecTool tool.
CoRR, 2022
Decision support for healthcare cyber security.
Comput. Secur., 2022
Attack Dynamics: An Automatic Attack Graph Generation Framework Based on System Topology, CAPEC, CWE, and CVE Databases.
Comput. Secur., 2022
Optimal Security Hardening over a Probabilistic Attack Graph: A Case Study of an Industrial Control System using CySecTool.
Proceedings of the Sat-CPS@CODASPY 2022: Proceedings of the 2022 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems, 2022
2021
Bayesian Stackelberg games for cyber-security decision support.
Decis. Support Syst., 2021
Concavity, Core-concavity, Quasiconcavity: A Generalizing Framework for Entropy Measures.
Proceedings of the 34th IEEE Computer Security Foundations Symposium, 2021
2020
Conditional Entropy and Data Processing: An Axiomatic Approach Based on Core-Concavity.
IEEE Trans. Inf. Theory, 2020
QQIF: Quantum Quantitative Information Flow (invited paper).
Proceedings of the IEEE European Symposium on Security and Privacy Workshops, 2020
2019
Generalized Entropies and Metric-Invariant Optimal Countermeasures for Information Leakage Under Symmetric Constraints.
IEEE Trans. Inf. Theory, 2019
Scalable min-max multi-objective cyber-security optimisation over probabilistic attack graphs.
Eur. J. Oper. Res., 2019
Channel Ordering and Supermodularity.
Proceedings of the 2019 IEEE Information Theory Workshop, 2019
Malware Detection Using 1-Dimensional Convolutional Neural Networks.
Proceedings of the 2019 IEEE European Symposium on Security and Privacy Workshops, 2019
Deterministic Channel Design for Minimum Leakage.
Proceedings of the 32nd IEEE Computer Security Foundations Symposium, 2019
Core-concavity, Gain Functions and Axioms for Information Leakage.
Proceedings of the Art of Modelling Computational Systems: A Journey from Logic and Concurrency to Security and Privacy, 2019
2018
Symbolic Side-Channel Analysis for Probabilistic Programs.
IACR Cryptol. ePrint Arch., 2018
Information Theory in Game Theory.
Entropy, 2018
Optimal Channel Design: A Game Theoretical Analysis.
Entropy, 2018
Generalised Entropies and Metric-Invariant Optimal Countermeasures for Information Leakage under Symmetric Constraints.
CoRR, 2018
Pseudo-Random Number Generation Using Generative Adversarial Networks.
Proceedings of the ECML PKDD 2018 Workshops, 2018
2017
Synthesis of Adaptive Side-Channel Attacks.
IACR Cryptol. ePrint Arch., 2017
Leakage-Minimal Design: Universality, Limitations, and Applications.
Proceedings of the 30th IEEE Computer Security Foundations Symposium, 2017
2016
Decision support approaches for cyber security investment.
Decis. Support Syst., 2016
Information Leakage Analysis of Complex C Code and Its application to OpenSSL.
Proceedings of the Leveraging Applications of Formal Methods, Verification and Validation: Foundational Techniques, 2016
Efficient Numerical Frameworks for Multi-objective Cyber Security Planning.
Proceedings of the Computer Security - ESORICS 2016, 2016
Multi-run Side-Channel Analysis Using Symbolic Execution and Max-SMT.
Proceedings of the IEEE 29th Computer Security Foundations Symposium, 2016
Relative Perfect Secrecy: Universally Optimal Strategies and Channel Design.
Proceedings of the IEEE 29th Computer Security Foundations Symposium, 2016
2015
Quantifying information leakage of randomized protocols.
Theor. Comput. Sci., 2015
Concurrent Bounded Model Checking.
ACM SIGSOFT Softw. Eng. Notes, 2015
Algebraic foundations for quantitative information flow.
Math. Struct. Comput. Sci., 2015
Comparing Decision Support Approaches for Cyber Security Investment.
CoRR, 2015
A game-theoretic approach for minimizing security risks in the Internet-of-Things.
Proceedings of the IEEE International Conference on Communication, 2015
All-Solution Satisfiability Modulo Theories: Applications, Algorithms and Benchmarks.
Proceedings of the 10th International Conference on Availability, Reliability and Security, 2015
2014
Quantifying information leaks using reliability analysis.
Proceedings of the 2014 International Symposium on Model Checking of Software, 2014
Game Theory Meets Information Security Management.
Proceedings of the ICT Systems Security and Privacy Protection, 2014
Cybersecurity Games and Investments: A Decision Support Approach.
Proceedings of the Decision and Game Theory for Security - 5th International Conference, 2014
Information Leakage of Non-Terminating Processes.
Proceedings of the 34th International Conference on Foundation of Software Technology and Theoretical Computer Science, 2014
Abstract model counting: a novel approach for quantification of information leaks.
Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, 2014
2013
Thermodynamic aspects of confidentiality.
Inf. Comput., 2013
SideAuto: quantitative information flow for side-channel leakage in web applications.
Proceedings of the 12th annual ACM Workshop on Privacy in the Electronic Society, 2013
Payoffs, Intensionality and Abstraction in Games.
Proceedings of the Computation, Logic, Games, and Quantum Foundations. The Many Facets of Samson Abramsky, 2013
2012
Symbolic quantitative information flow.
ACM SIGSOFT Softw. Eng. Notes, 2012
Quantitative Security Analysis (Dagstuhl Seminar 12481).
Dagstuhl Reports, 2012
The Thermodynamics of Confidentiality.
Proceedings of the 25th IEEE Computer Security Foundations Symposium, 2012
2011
Algebraic Foundations for Information Theoretical, Probabilistic and Guessability measures of Information Flow
CoRR, 2011
2010
Risk assessment of security threats for looping constructs.
J. Comput. Secur., 2010
Quantifying Information Leak Vulnerabilities
CoRR, 2010
Program Analysis Probably Counts: Discussant Contribution for the <i>Computer Journal Lecture</i> by Chris Hankin.
Comput. J., 2010
Information Theory and Security: Quantitative Information Flow.
Proceedings of the Formal Methods for Quantitative Aspects of Programming Languages, 2010
Quantitative Information Flow: From Theory to Practice?
Proceedings of the Computer Aided Verification, 22nd International Conference, 2010
Quantifying information leaks in software.
Proceedings of the Twenty-Sixth Annual Computer Security Applications Conference, 2010
2009
Studying Maximum Information Leakage Using Karush-Kuhn-Tucker Conditions
Proceedings of the Proceedings 7th International Workshop on Security Issues in Concurrency, 2009
Applied Quantitative Information Flow and Statistical Databases.
Proceedings of the Formal Aspects in Security and Trust, 6th International Workshop, 2009
The Optimum Leakage Principle for Analyzing Multi-threaded Programs.
Proceedings of the Information Theoretic Security, 4th International Conference, 2009
On Adaboost and Optimal Betting Strategies.
Proceedings of The 2009 International Conference on Data Mining, 2009
Quantifying maximal loss of anonymity in protocols.
Proceedings of the 2009 ACM Symposium on Information, 2009
2008
Lagrange multipliers and maximum information leakage in different observational models.
Proceedings of the 2008 Workshop on Programming Languages and Analysis for Security, 2008
2007
A static analysis for quantifying information flow in a simple imperative language.
J. Comput. Secur., 2007
Assessing security threats of looping constructs.
Proceedings of the 34th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, 2007
Quantitative analysis of leakage for multi-threaded programs.
Proceedings of the 2007 Workshop on Programming Languages and Analysis for Security, 2007
2005
Quantitative Information Flow, Relations and Polymorphic Types.
J. Log. Comput., 2005
2004
Quantified Interference for a While Language.
Proceedings of the Second Workshop on Quantitative Aspects of Programming Languages, 2004
2002
Relative definability of boolean functions via hypergraphs.
Theor. Comput. Sci., 2002
2001
Quantitative Analysis of the Leakage of Confidential Data.
Proceedings of the Workshop on Quantitative Aspects of Programming Laguages, 2001
2000
Full Abstraction for PCF.
Inf. Comput., 2000
1999
Non-Deterministic Games and Program Analysis: An Application to Security.
Proceedings of the 14th Annual IEEE Symposium on Logic in Computer Science, 1999
1998
Generalised Flowcharts and Games.
Proceedings of the Automata, Languages and Programming, 25th International Colloquium, 1998
A New Approach to Control Flow Analysis.
Proceedings of the Compiler Construction, 7th International Conference, 1998
1995
Studying Equivalences of Transition Systems with Algebraic Tools.
Theor. Comput. Sci., 1995
1993
Equivalences of Transition Systems in an Algebraic Framework.
Proceedings of the Algebraic Methodology and Software Technology (AMAST '93), 1993
1991
Some Results on the Interpretation of lambda-calculus in Operator Algebras
Proceedings of the Sixth Annual Symposium on Logic in Computer Science (LICS '91), 1991
Stone Duality for Stable Functions.
Proceedings of the Category Theory and Computer Science, 1991