Publications
] .
2015. Effectiveness of qualitative and quantitative security obligations. Journal of Information Security and Applications. 22:3–16.
.
2015. Examining the Contribution of Critical Visualisation to Information Security. New Security Paradigm Workshop (NSPW), Twente, The Netherlands. :1–14.
.
2015. Fault Trees on a Diet - Automated Reduction by Graph Rewriting. Proceedings of the First International Symposium on Dependable Software Engineering: Theories, Tools, and Applications (SETTA 2015), Nanjing, China. 9409:3–18.
.
2015. Formal Modelling and Analysis of Socio-Technical Systems. Semantics, Logics, and Calculi: Essays Dedicated to Hanne Riis Nielson and Flemming Nielson on the Occasion of Their 60th Birthdays. 9560:54–73.
.
2015. From Cybercrime to Cyborg Crime: Botnets as Hybrid Criminal Actor-Networks. British journal of Criminology. 55:1–18.
.
2015. Genetic Approximations for the Failure-Free Security Games. Decision and Game Theory for Security, 6th International Conference, GameSec 2015, London, UK. 9406:311–321.
.
2015. "If you were attacked, you'd be sorry": Counterfactuals as security arguments. New Security Paradigm Workshop (NSPW), Twente, Netherlands. :1–12.
.
2015. Investigating the usability and utility of tangible modelling of socio-technical architectures.
.
2015. Maybe Poor Johnny Really Cannot Encrypt - The Case for a Complexity Theory for Usable Security. New Security Paradigm Workshop (NSPW), Twente, Netherlands. :1–15.
.
2015. Modeling and Analysing Socio-Technical Systems. 1st International Workshop on Socio-Technical Perspective in IS development (STPIS), Stockholm, Sweden. 1374:121–124.
.
2015. Modeling and Verification of Insider Threats Using Logical Analysis. IEEE Systems Journal. 99:1–12.
.
2015. Modelling Social-Technical Attacks with Timed Automata. Proceedings of the 7th ACM CCS International Workshop on Managing Insider Security Threats (MIST), Denver, Colorado, US. :21–28.
.
2015. Pareto Efficient Solution of Attack-Defence Trees. 4th International Conference on Principles of Security and Trust, POST 2015, London, UK. 9036:95–114.
.
2015. The persuasion and security awareness experiment: reducing the success of social engineering attacks. Journal of Experimental Criminology. 11:97–115.
.
2015. A Probabilistic Analysis Framework for Malicious Insider Threats. Third International Conference on Human Aspects of Information Security, Privacy, and Trust (HAS), Los Angeles, US. 9190:178–189.
.
2015. Quantitative Attack Tree Analysis via Priced Timed Automata. Proceedings of the 13th International Conference on Formal Modeling and Analysis of Timed Systems, FORMATS 2015, Madrid, Spain. 9268:156–171.
.
2015. Regression Nodes: Extending attack trees with data from social sciences. Workshop on Socio-Technical Aspects in Security and Trust (STAST), Verona, Italy.
.
2015. Security analysis of socio-technical physical systems. Computers & Electrical Engineering. online
.
2015. Security-by-Experiment: Lessons from Responsible Deployment in Cyberspace. Science and Engineering Ethics. N/A
.
2015. Sequential and Parallel Attack Tree Modelling. Computer Safety, Reliability, and Security - Proceedings of the SAFECOM 2015 Workshops, ASSURE, DECSoS. ISSE, ReSA4CI, and SASSUR, Delft, The Netherlands. 9338:291–299.
.
2015. Socio-Technical Security Metrics (Dagstuhl Seminar 14491). Dagstuhl Reports. 4:1–28.
.
2015. Tangible Modelling to Elicit Domain Knowledge: An Experiment and Focus Group. 34th International Conference, ER 2015, Stockholm, Sweden. 9381:558–565.
.
2015. Time dependent analysis with dynamic counter measure trees. Proceedings of the 13th Workshop on Quantitative Aspects of Programming Languages and Systems (QAPL 2015), London, England.
.
2015. Tool-based Risk Assessment of Cloud Infrastructures as Socio-Technical Systems. The Cloud Security Ecosystem. :495–517.
