"The key to security is understanding”
Sandro Etalle leads the Security group where the approach to system security is multi-faceted and covers offensive and defensive aspects of system security, always targeting concrete security problems and addressing the underlying, fundamental issues at their core. The group’s strength lies precisely in its ability to empirically and theoretically understand the full security process: from attack generation and system management, to policy specification and user aspects. Today,Etalle’s research is focused mainly on network monitoring and intrusion detection, with particular emphasis on the security of industrial control systems. Other topics includes policy specification and enforcement, and incident response. With two PhD students, Etalle founded the company SecurityMatters, bringing the result of their research to the market, and at the same time providing a source for insights into how cybersecurity evolvesin real life, leading to new research challenges.His group’s research spans three areas vital to the security of decentralized and embedded systems: (a) Security policy specification & enforcement (b) Security of embedded systems, and (c) Threat intelligence and defense, sitting at the cutting-edge intersection of these areas, addressing particularly challenging operative and theoretical problems.
Sandro Etalle obtained his master’s degree in Mathematics at the University of Padova (Italy) and earned his PhD in 1995 at the University of Amsterdam, under the supervision of Prof. K. R. Apt and Prof. A. Bossi. He was a post-doctoral fellow at the University of Amsterdam, Assistant Professor at the universities of Genova (Italy), Maastricht and Twente, where he lead the spearhead program on Security. After a year as a visiting researcher at the University of Trento, he became full professor at the TU/e. Etalle is one of the authors of the Dutch ‘National Cyber Security Research Agenda’, he has been leader of several national and EU projects, and program chair of several international conferences.
Eventpad : a visual analytics approach to network intrusion detection and reverse engineeringEuropean Cyper Security Perspectives 2018 (2018)
ECFI: Asynchronous Control Flow Integrity for Programmable Logic ControllersAnnual Computer Security Applications Conference (2017)
From intrusion detection to software design22nd European Symposium on Research in Computer Security (ESORICS 2017) (2017)
A white-box anomaly-based framework for database leakage detectionJournal of Information Security and Applications (2017)
Towards realistic threat modeling : attack commodification, irrelevant vulnerabilities, and unrealistic assumptionsSafeConfig '17 Proceedings of the 2017 Workshop on Automated Decision Making for Active Cyber Defense, 3 November 2017, Dallas, Texas (2017)
- Hacker's hut
- Capita selecta security
- Chairman of the Supervisory Board, and other part-time activities, Security Matters B.V. (spin-off 3TU)
- het gaat om het verrichten van onderzoek., University of Trento (Italy)