I am a computer science PhD student at the University of Twente working under the supervision of Andreas Peter. I am broadly interested in several aspects of security and privacy, such as applied cryptography, distributed systems security, network security and machine learning. I am currently particularly interested to the security and privacy challenges related to data leakage/exfiltration.
Riccardo Bortolameotti, Thijs van Ede, Marco Caselli, Maarten H. Everts, Pieter Hartel, Rick Hofstede, Willem Jonker, Andreas Peter. "DECANTeR: DEtection of Anomalous outbouNd HTTP TRaffic by Passive Application Fingerprinting" In Proceedings of the Annual Computer Security Applications Conference (ACSAC), San Juan, Dec 2017. [PDF] [Code]
Riccardo Bortolameotti, Andreas Peter, Maarten H. Everts, Willem Jonker, Pieter Hartel. "Reliably Determining Data Leakage in the Presence of Strong Attackers" In Proceedings of the Annual Computer Security Applications Conference (ACSAC), Los Angeles, Dec 2016. [PDF]
Riccardo Bortolameotti, Andreas Peter, Maarten H. Everts, Damiano Bolzoni. "Indicators of Malicious SSL Connections" In Proceedings of the 9th International Conference Network and System Security (NSS), New York, Nov 2015. [PDF]
In the last few years, data breaches are constantly on the front pages of major newspapers. Cyber criminals, hacktivists or state-sponsored groups are compromising the networks of companies in order to steal their assets, which span from customer data, intellectual properties, or secret documents. These attacks do not only affect the companies' businesses but also their customers and potentially their lives. For instance, a customer can be victim of identity fraud once his data has been leaked to criminals. Governments and lawmakers recognize the problem and recently approved the first legal obligations for companies regarding these incidents. Nonetheless, companies lack of many technical solutions to deal with these attacks.
#BREACHED focuses on filling the technological gap that companies face when dealing with data breaches. The goal of this project is to create innovative technical solutions that deal with different aspects of such threats. The technologies proposed in this project will allow companies to better protect themselves even in case the attacker is very powerful. The aspects touched by the project span from the prevention of a data breach to the evaluation of its consequences and severity.