If you made any changes in Pure these will be visible here soon.

Personal profile

Quote

“The real voyage of discovery consists not in seeking new landscapes but in having new eyes.” - Marcel Proust

Research profile

Luca Allodi is an Assistant Professor in the Security Group of the Eindhoven University of Technology (TU/e). His research focuses on vulnerability laws, with a strong accent on attackers’ behavior and strategies, seeking quantitative answers to the economics of vulnerability exploitation and the management of cyber risk. His research looks for technical, economic, and strategic factors that drive vulnerability exploitation ‘in the wild’. To this aim, he investigates the dynamic optimization problems the attacker solves when engineering a new attack, the underground markets in which the attackers operate, the technology they employ, and the rates at which attacks are delivered to the final users. This research draws from several field, including computer security, economics, risk analysis, and criminology.

Luca is currently working on new ways to integrate security metrics with cyber attacks economics; in particular, he is interested in understanding if analysis of new trends in cybercrime attacks (APTs, black markets, botnet rentals...) can be exploited to improve current metrics for security.

Academic background

Luca Allodi obtained his PhD in 2015 from the University of Trento, Italy, with a thesis entitled: "Risk-based Vulnerability Management. Exploiting the economic nature of the attacker to build sound and measurable vulnerability mitigation strategies". Whilst studying for his MSc, he became interested in Social Network Dynamics, the diffusion of information within networks, and the different roles of nodes. He is also an acknowledged authoring member of the First.org SIG Team for the upcoming CVSS v3 framework (the worldwide standard-de-facto for vulnerability assessment)

Fingerprint Dive into the research topics where Luca Allodi is active. These topic labels come from the works of this person. Together they form a unique fingerprint.

Social Networks Mathematics
Internet Engineering & Materials Science
Economics Engineering & Materials Science
Risk assessment Engineering & Materials Science
Computer systems Engineering & Materials Science
Heavy Tails Mathematics
Crime Engineering & Materials Science
Dynamic Networks Mathematics

Network Recent external collaboration on country level. Dive into details by clicking on the dots.

Research Output 2011 2019

  • 120 Citations
  • 19 Conference contribution
  • 4 Paper
  • 3 Article
  • 1 Chapter

CARONTE: crawling adversarial resources over non-trusted, high-profile environments

Campobasso, M., Burda, P. & Allodi, L., 2019, Workshop on Attackers and Cyber-Crime Operations (WACCO). Institute of Electrical and Electronics Engineers

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

Scalability
Servers
Monitoring
Costs

Cognitive Triaging of Phishing Attacks

Heijden, A. V. D. & Allodi, L., 6 May 2019, (Accepted/In press) Usenix Security 2019. Usenix Association

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

File
Electronic mail
Remediation
Learning systems

Privacy-conscious threat intelligence using DNSBLoom

van Rijswijk-Deij, R., Rijnders, G., Bomhoff, M. & Allodi, L., 16 May 2019, 2019 IFIP/IEEE Symposium on Integrated Network and Service Management, IM 2019. Piscataway: Institute of Electrical and Electronics Engineers, p. 98-106 9 p. 8717908

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

Internet
Monitoring
Threat
Privacy
Botnet
1 Citation (Scopus)

Unveiling systematic biases in decisional processes: an application to discrimination discovery

Genga, L., Allodi, L. & Zannone, N., 2 Jul 2019, AsiaCCS 2019 - Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc, p. 67-72 6 p.

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

Association rules
Regression analysis
Data mining

A bug bounty perspective on the disclosure of web vulnerabilities

Ruohonen, J. & Allodi, L., 2018

Research output: Contribution to conferencePaperAcademic

Open Access
File

Courses

Cyberattacks Crime and Defenses

1/09/15 → …

Course

Networks and security

1/09/17 → …

Course

Student theses

Cognitive triaging of phishing attacks

Author: van der Heijden, A., 28 Jan 2019

Supervisor: Allodi, L. (Supervisor 1) & Docters van Leeuwen, M. (External person) (External coach)

Student thesis: Master

Darknet markets : competitive strategies in the underground of illicit goods

Author: Evangelista, A., 24 Sep 2018

Supervisor: Allodi, L. (Supervisor 1) & Cremonini, M. (External person) (External coach)

Student thesis: Master

File

DNSSEC policies in the wild

Author: Le, P., 31 Aug 2017

Supervisor: Zannone, N. (Supervisor 1), Allodi, L. (Supervisor 2) & van Rijswijk-Deij, R. (External person) (External coach)

Student thesis: Master

File

Network based ransomware detection on the Samba protocol

Author: Mülders, D., 27 Mar 2017

Supervisor: den Hartog, J. (Supervisor 1), Allodi, L. (Supervisor 2), Ozcelebi, T. (Supervisor 2) & Yüksel, O. (Supervisor 2)

Student thesis: Master

File

Privacy-friendly threat detection using DNS

Author: Rijnders, G., 31 Aug 2018

Supervisor: Allodi, L. (Supervisor 1) & van Rijswijk-Deij, R. (External person) (External coach)

Student thesis: Master

File