Year: 2014

• Jacobs, B., Smans, J. & Piessens, F. (2014). Solving the VerifyThis 2012 challenges with VeriFast. International Journal on Software Tools for Technology Transfer. [More] [Online version] [Bibtex]
• Basin, D., Clavel, M., Egea, M., Garca de Dios, M. A. & Dania, C. (2014). A Model-Driven Methodology for Developing Secure Data-Management Applications. IEEE Transactions on Software Engineering. [More] [Bibtex]
• Basin, D., Burri, S. J. & Karjoth, G. (2014). Obstruction-free Authorization Enforcement: Aligning Security and Business Objectives. Journal of Computer Security. [More] [Bibtex]
• Moyano, F., Beckers, K. & Fernandez-Gago, C (2014). Trust-Aware Decision-Making Methodology for Cloud Sourcing. In To be published in the proceedings of the 26th International Conference on Advanced Information Systems Engineering (CAiSE). Springer Berlin Heidelberg. [More] [Online version] [Bibtex]
• Beckers, K., Faßbender, S., Heisel, M. & Suppan, S (2014). A Threat Analysis Methodology for Smart Home Scenarios. In To be published in the proceedings of the Second Open EIT ICT Labs Workshop on Smart Grid Security (SmartGridSec14). [More] [Bibtex]
• Beckers, K., Heisel, M., Krautsevich, L., Maritnelli, F. & Yautsiukhin, A (2014). Considering Attacker Motivation in Attack Graphs Analysis in a Smart Grid Scenario. In To be published in the proceedings of the Second Open EIT ICT Labs Workshop on Smart Grid Security (SmartGridSec14). [More] [Bibtex]
• Nikiforakis, N., Maggi, F., Stringhini, G., Rafique, M. Z., Joosen, W., Kruegel, C. et al (2014). Stranger Danger: Exploring the Ecosystem of Ad-based URL Shortening Services. In Proceedings of the 23rd International World Wide Web Conference (WWW). [More] [Bibtex]
• Acker, S. V., Nikiforakis, N., Desmet, L., Piessens, F. & Joosen, W (2014). Monkey-in-the-browser: Malware and vulnerabilities in augmented browsing script markets. In Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS). [More] [Bibtex]
• Anantharaman, S., Bouchard, C., Narendran, P. & Rusinowitch, M. (2014). Unification modulo a 2-sorted Equational theory for Cipher-Decipher Block Chaining. Logical Methods in Computer Science, 10. [More] [Bibtex]
• Fernandez-Gago, C., Agudo, I. & Lopez, J. (2014). Building trust from context similarity measures. Computer Standards & Interfaces. [More] [Bibtex]
• Busch, M., Koch, N. & Wirsing, M (2014). Systematic Evaluation of Engineering Approaches for Secure Software and Systems. Springer. [More] [Bibtex]
• Busch, M., Koch, N. & Suppan, S (2014). Modeling Security Features of Web Applications. Springer. [More] [Bibtex]
• Bertolino, A., Busch, M., Daoudagh, S., Lonetti, F. & Marchetti, E (2014). A Toolchain for Designing and Testing Access Control Policies. Springer. [More] [Bibtex]
• Busch, M., Koch, N. & Wirsing, M (2014). SecEval: An Evaluation Framework for Engineering Secure Systems. In Proceedings of MoK14. [More] [Bibtex]
• Busch, M (2014). Secure Web Engineering supported by an Evaluation Framework. In Modelsward 2014. Scitepress. [More] [Bibtex]
• Solhaug, B. & Seehusen, F. (2014). Model-driven risk analysis of evolving critical infrastructures. Journal of Ambient Intelligence and Humanized Computing, 5(2), 187-204. [More] [Online version] [Bibtex]
• Beckers, K., Côté, I., Fenz, S., Hatebur, D. & Heisel, M (2014). A Structured Comparison of Security Standards. In Advances in Engineering Secure Future Internet Services and Systems. Springer. [More] [Bibtex]
• Moyano, F. & Heisel, M (2014). Enhancing Problem Frames with Trust and Reputation for Analyzing Smart Grid Security Requirements. In To be published in the proceedings of the Second Open EIT ICT Labs Workshop on Smart Grid Security (SmartGridSec14). [More] [Bibtex]

Year: 2013

• Decat, M., Lagaisse, B., Joosen, W. & Crispo, B (2013). Introducing concurrency in policy-based access control. In Proceedings of the 8th Workshop on Middleware for Next Generation Internet Computing, pages 3:1-3:6. ACM. [More] [Online version] [Bibtex]
• Patrignani, M., Clarke, D. & Piessens, F (2013). Secure compilation of Object-Oriented components to protected module architectures. In Asian Symposium on Programming Languages and Systems, pages 176-191. Springer International Publishing. [More] [Online version] [Bibtex]
• Scandariato, R., Walden, J. & Joosen, W (2013). Static analysis versus penetration pesting: a controlled experiment. In Proceedings of the 24th IEEE International Symposium on Software Reliability Engineering, pages 1-10. IEEE. [More] [Online version] [Bibtex]
• Agudo, I., Rios, R. & Lopez, J. (2013). A Privacy-Aware Continuous Authentication Scheme for Proximity-based Access. Computers & Security, 39(B), 117-126. [More] [Bibtex]
• Moyano, F., Fernandez-Gago, C. & Lopez, J. (2013). A Framework for Enabling Trust Requirements in Social Cloud Applications. Requirements Engineering, 18, 321-341. [More] [Bibtex]
• Rios, R., Cuellar, J. & Lopez, J (2013). Ocultacion de la estación base en redes inalambricas de sensores. In Verdejo, D., E, J., Ortiz, N., J, Muñoz, R. & J, J. (editors), IX Jornadas de Ingenieria Telematica, pages 481-486. [More] [Bibtex]
• Avonds, N., Strackx, R., Agten, P. & Piessens, F (2013). Salus: Non-hierarchical memory access rights to enforce the principle of least privilege. In Security and Privacy in Communication Networks (SecureComm 2013), pages 252-269. Springer International Publishing. [More] [Online version] [Bibtex]