Daniel R. dos Santos, PhD
LinkedIn
Publications
-
Using DNS Patterns for Automated Cyber Threat Attribution
[WSDF 2024]
-
Automated Cyber Threat Intelligence Generation on Multi-Host Network Incidents
[CyberHunt 2023]
-
Demonstration of New Attacks on Three Healthcare Network Protocols in a Lab Environment
[JICV 2023]
-
Insecure by Design in the Backbone of Critical Infrastructure
[SafeThings 2023]
-
Actionable Cyber Threat Intelligence for Automated Incident Response [NordSec 2022]
-
Similarity-based Clustering for IoT Device Classification [IEEE COINS 2021]
-
Attacking and Defending Healthcare Networks [Book Chapter - "Cyber-Physical Threat Intelligence for Critical Infrastructures Security"]
-
A Matter of Life and Death: Analyzing the Security of Healthcare Networks [IFIP SEC 2020]
-
Security and Privacy in Smart Grids: Challenges, Solutions and Opportunities [ICISSP 2020]
-
Leveraging Operational Technology and the Internet of Things to Attack Smart Buildings [JICV 2020]
-
Role Inference + Anomaly Detection = Situational Awareness in BACnet Networks [DIMVA 2019]
-
Leveraging Semantics for Actionable Intrusion Detection in Building Automation Systems [CRITIS 2018]
-
Solving Multi-Objective Workflow Satisfiability Problems with Optimization Modulo Theories Techniques [SACMAT 2018]
-
From System Specification to Anomaly Detection (and back) [CPS-SPC 2017 (co-located with CCS)]
-
TestREx: a Framework for Repeatable Exploits [STTT]
-
A Survey on Workflow Satisfiability, Resiliency, and Related Problems [arXiv]
-
On Run-time Enforcement of Authorization Constraints in Security-Sensitive Business Processes [SEFM 2017]
-
Automatically Finding Execution Scenarios to Deploy Security-Sensitive Workflows [JCS]
-
Aegis: Automatic Enforcement of Security Policies in Workflow-driven Web Applications [CODASPY 2017]
-
A Framework and Risk Assessment Approaches for Risk-based Access Control in the Cloud [JNCA]
-
Modular Synthesis of Enforcement Mechanisms for the Workflow Satisfiability Problem: Scalability and Reusability [SACMAT 2016]
-
Cerberus: Automated Synthesis of Enforcement Mechanisms for Security-sensitive Business Processes [TACAS 2016]
-
Assisting the Deployment of Security-Sensitive Workflows by Finding Execution Scenarios [DBSec 2015]
-
Automated Synthesis of Run-time Monitors to Enforce Authorization Policies in Business Processes [ASIACCS 2015]
-
TestRex: a Testbed for Repeatable Exploits [CSET 2014 (co-located with USENIX Security)]
-
Current Issues in Cloud Computing Security and Management [SECURWARE 2014]
-
A dynamic risk-based access control architecture for cloud computing [NOMS 2014]
-
Operation, Management, Security and Sustainability for Cloud Computing [FSMA]
-
A Cyclical Evaluation Model of Information Security Maturity [IMCS]
-
An Architecture for Risk Analysis in Cloud [ICNS 2014]
-
Privacy-preserving identity federations in the cloud: a proof of concept [IJSN]
-
Risk-based Dynamic Access Control for a Highly Scalable Cloud Federation [SECURWARE 2013]
-
Challenges of Operationalizing PACS on Cloud Over Wireless Networks [ICWMC 2013]
-
A Review of PACS on Cloud for Archiving Secure Medical Images [IJPHIM]
-
A Validation Model of Data Input for Web Services [ICN 2013]
-
Multi-Tenancy Authorization System with Federated Identity for Cloud-Based Environments Using Shibboleth [ICN 2012]
-
Uma aplicacao de privacidade no gerenciamento de identidades em nuvem com uApprove [WTICG 2011 (co-located with SBSEG)]