Daniel R. dos Santos, PhD

LinkedIn

Publications

  1. Poster: A Multi-step Approach for Classification of Malware Samples [CCS 2024]
  2. Using DNS Patterns for Automated Cyber Threat Attribution [WSDF 2024 (co-located with ARES)]
  3. Automated Cyber Threat Intelligence Generation on Multi-Host Network Incidents [CyberHunt 2023]
  4. Demonstration of New Attacks on Three Healthcare Network Protocols in a Lab Environment [JICV 2023]
  5. Insecure by Design in the Backbone of Critical Infrastructure [SafeThings 2023]
  6. Actionable Cyber Threat Intelligence for Automated Incident Response [NordSec 2022]
  7. Similarity-based Clustering for IoT Device Classification [IEEE COINS 2021]
  8. Attacking and Defending Healthcare Networks [Book Chapter - "Cyber-Physical Threat Intelligence for Critical Infrastructures Security"]
  9. A Matter of Life and Death: Analyzing the Security of Healthcare Networks [IFIP SEC 2020]
  10. Security and Privacy in Smart Grids: Challenges, Solutions and Opportunities [ICISSP 2020]
  11. Leveraging Operational Technology and the Internet of Things to Attack Smart Buildings [JICV 2020]
  12. Role Inference + Anomaly Detection = Situational Awareness in BACnet Networks [DIMVA 2019]
  13. Leveraging Semantics for Actionable Intrusion Detection in Building Automation Systems [CRITIS 2018]
  14. Solving Multi-Objective Workflow Satisfiability Problems with Optimization Modulo Theories Techniques [SACMAT 2018]
  15. From System Specification to Anomaly Detection (and back) [CPS-SPC 2017 (co-located with CCS)]
  16. TestREx: a Framework for Repeatable Exploits [STTT]
  17. A Survey on Workflow Satisfiability, Resiliency, and Related Problems [arXiv]
  18. On Run-time Enforcement of Authorization Constraints in Security-Sensitive Business Processes [SEFM 2017]
  19. Automatically Finding Execution Scenarios to Deploy Security-Sensitive Workflows [JCS]
  20. Aegis: Automatic Enforcement of Security Policies in Workflow-driven Web Applications [CODASPY 2017]
  21. A Framework and Risk Assessment Approaches for Risk-based Access Control in the Cloud [JNCA]
  22. Modular Synthesis of Enforcement Mechanisms for the Workflow Satisfiability Problem: Scalability and Reusability [SACMAT 2016]
  23. Cerberus: Automated Synthesis of Enforcement Mechanisms for Security-sensitive Business Processes [TACAS 2016]
  24. Assisting the Deployment of Security-Sensitive Workflows by Finding Execution Scenarios [DBSec 2015]
  25. Automated Synthesis of Run-time Monitors to Enforce Authorization Policies in Business Processes [ASIACCS 2015]
  26. TestRex: a Testbed for Repeatable Exploits [CSET 2014 (co-located with USENIX Security)]
  27. Current Issues in Cloud Computing Security and Management [SECURWARE 2014]
  28. A dynamic risk-based access control architecture for cloud computing [NOMS 2014]
  29. Operation, Management, Security and Sustainability for Cloud Computing [FSMA]
  30. A Cyclical Evaluation Model of Information Security Maturity [IMCS]
  31. An Architecture for Risk Analysis in Cloud [ICNS 2014]
  32. Privacy-preserving identity federations in the cloud: a proof of concept [IJSN]
  33. Risk-based Dynamic Access Control for a Highly Scalable Cloud Federation [SECURWARE 2013]
  34. Challenges of Operationalizing PACS on Cloud Over Wireless Networks [ICWMC 2013]
  35. A Review of PACS on Cloud for Archiving Secure Medical Images [IJPHIM]
  36. A Validation Model of Data Input for Web Services [ICN 2013]
  37. Multi-Tenancy Authorization System with Federated Identity for Cloud-Based Environments Using Shibboleth [ICN 2012]
  38. Uma aplicacao de privacidade no gerenciamento de identidades em nuvem com uApprove [WTICG 2011 (co-located with SBSEG)]