Luca Allodi
Department / Institute
Group
RESEARCH PROFILE
Luca is an Associate Professor and head of the Threat Analysis group within the Security Cluster of the Eindhoven University of Technology, in the Netherlands. We investigate attacker operations ([1], [2]), economics ([3], [4]), and how these are ultimately delivered to the (human) user ( [5] , [6]) to improve operational defense capabilities ([7], [8]). Our research draws from several fields, including computer security, economics, risk analysis, and criminology.
I am the Scientific Director of the Eindhoven Security Hub SOC, a facility managed by the TU/e SECurity group and devoted to delivering cutting-edge security monitoring services to its customers. Read more about it here and here.
The real voyage of discovery consists not in seeking new landscapes but in having new eyes.” - Marcel Proust
ACADEMIC BACKGROUND
Luca Allodi obtained his PhD in 2015 from the University of Trento, Italy, with a thesis entitled: "Risk-based Vulnerability Management. Exploiting the economic nature of the attacker to build sound and measurable vulnerability mitigation strategies". Whilst studying for his MSc, he became interested in Social Network Dynamics, the diffusion of information within networks, and the different roles of nodes. He is also an acknowledged authoring member of the First.org SIG Team for the upcoming CVSS v3 framework (the worldwide standard-de-facto for vulnerability assessment)
Recent Publications
-
Cognition in Social Engineering Empirical Research
ACM Transactions on Computer-Human Interaction (2024) -
Know Your Cybercriminal: Evaluating Attacker Preferences by Measuring Profile Sales on an Active, Leading Criminal Market for User Impersonation at Scale
(2023) -
'Give Me Structure'
(2023) -
You Can Tell a Cybercriminal by the Company they Keep: A Framework to Infer the Relevance of Underground Communities to the Threat Landscape
(2023) -
The Influence of Human Factors on the Intention to Report Phishing Emails
(2023)
Current Educational Activities
Ancillary Activities
No ancillary activities