Daniel R. dos Santos, PhD

LinkedIn

Publications

  1. Demonstration of New Attacks on Three Healthcare Network Protocols in a Lab Environment [JICV 2023]
  2. Insecure by Design in the Backbone of Critical Infrastructure [SafeThings 2023]
  3. Actionable Cyber Threat Intelligence for Automated Incident Response [NordSec 2022]
  4. Similarity-based Clustering for IoT Device Classification [IEEE COINS 2021]
  5. Attacking and Defending Healthcare Networks [Book Chapter - "Cyber-Physical Threat Intelligence for Critical Infrastructures Security"]
  6. A Matter of Life and Death: Analyzing the Security of Healthcare Networks [IFIP SEC 2020]
  7. Security and Privacy in Smart Grids: Challenges, Solutions and Opportunities [ICISSP 2020]
  8. Leveraging Operational Technology and the Internet of Things to Attack Smart Buildings [JICV 2020]
  9. Role Inference + Anomaly Detection = Situational Awareness in BACnet Networks [DIMVA 2019]
  10. Leveraging Semantics for Actionable Intrusion Detection in Building Automation Systems [CRITIS 2018]
  11. Solving Multi-Objective Workflow Satisfiability Problems with Optimization Modulo Theories Techniques [SACMAT 2018]
  12. From System Specification to Anomaly Detection (and back) [CPS-SPC 2017 (co-located with CCS)]
  13. TestREx: a Framework for Repeatable Exploits [STTT]
  14. A Survey on Workflow Satisfiability, Resiliency, and Related Problems [arXiv]
  15. On Run-time Enforcement of Authorization Constraints in Security-Sensitive Business Processes [SEFM 2017]
  16. Automatically Finding Execution Scenarios to Deploy Security-Sensitive Workflows [JCS]
  17. Aegis: Automatic Enforcement of Security Policies in Workflow-driven Web Applications [CODASPY 2017]
  18. A Framework and Risk Assessment Approaches for Risk-based Access Control in the Cloud [JNCA]
  19. Modular Synthesis of Enforcement Mechanisms for the Workflow Satisfiability Problem: Scalability and Reusability [SACMAT 2016]
  20. Cerberus: Automated Synthesis of Enforcement Mechanisms for Security-sensitive Business Processes [TACAS 2016]
  21. Assisting the Deployment of Security-Sensitive Workflows by Finding Execution Scenarios [DBSec 2015]
  22. Automated Synthesis of Run-time Monitors to Enforce Authorization Policies in Business Processes [ASIACCS 2015]
  23. TestRex: a Testbed for Repeatable Exploits [CSET 2014 (co-located with USENIX Security)]
  24. Current Issues in Cloud Computing Security and Management [SECURWARE 2014]
  25. A dynamic risk-based access control architecture for cloud computing [NOMS 2014]
  26. Operation, Management, Security and Sustainability for Cloud Computing [FSMA]
  27. A Cyclical Evaluation Model of Information Security Maturity [IMCS]
  28. An Architecture for Risk Analysis in Cloud [ICNS 2014]
  29. Privacy-preserving identity federations in the cloud: a proof of concept [IJSN]
  30. Risk-based Dynamic Access Control for a Highly Scalable Cloud Federation [SECURWARE 2013]
  31. Challenges of Operationalizing PACS on Cloud Over Wireless Networks [ICWMC 2013]
  32. A Review of PACS on Cloud for Archiving Secure Medical Images [IJPHIM]
  33. A Validation Model of Data Input for Web Services [ICN 2013]
  34. Multi-Tenancy Authorization System with Federated Identity for Cloud-Based Environments Using Shibboleth [ICN 2012]
  35. Uma aplicacao de privacidade no gerenciamento de identidades em nuvem com uApprove [WTICG 2011 (co-located with SBSEG)]