The key to security is understanding
Sandro Etalle leads the Security group where the approach to system security is multi-faceted and covers offensive and defensive aspects of system security, always targeting concrete security problems and addressing the underlying, fundamental issues at their core. The group’s strength lies precisely in its ability to empirically and theoretically understand the full security process: from attack generation and system management, to policy specification and user aspects. Today,Etalle’s research is focused mainly on network monitoring and intrusion detection, with particular emphasis on the security of industrial control systems. Other topics includes policy specification and enforcement, and incident response. With two PhD students, Etalle founded the company SecurityMatters, bringing the result of their research to the market, and at the same time providing a source for insights into how cybersecurity evolvesin real life, leading to new research challenges.His group’s research spans three areas vital to the security of decentralized and embedded systems: (a) Security policy specification & enforcement (b) Security of embedded systems, and (c) Threat intelligence and defense, sitting at the cutting-edge intersection of these areas, addressing particularly challenging operative and theoretical problems.
Sandro Etalle obtained his master’s degree in Mathematics at the University of Padova (Italy) and earned his PhD in 1995 at the University of Amsterdam, under the supervision of Prof. K. R. Apt and Prof. A. Bossi. He was a post-doctoral fellow at the University of Amsterdam, Assistant Professor at the universities of Genova (Italy), Maastricht and Twente, where he lead the spearhead program on Security. After a year as a visiting researcher at the University of Trento, he became full professor at the TU/e. Etalle is one of the authors of the Dutch ‘National Cyber Security Research Agenda’, he has been leader of several national and EU projects, and program chair of several international conferences.
Leveraging semantics for actionable intrusion detection in building automation systems13th International Conference on Critical Information Infrastructures Security, CRITIS 2018 (2019)
Eventpad: Rapid Malware Analysis and Reverse Engineering using Visual AnalyticsIEEE Symposium on Visualization for Cyber Security (2018)
Eventpad : a visual analytics approach to network intrusion detection and reverse engineeringEuropean Cyper Security Perspectives 2018 (2018)
Behavior analysis in the medical sector33rd Annual ACM Symposium on Applied Computing, SAC 2018 (2018)
ECFI: Asynchronous Control Flow Integrity for Programmable Logic ControllersAnnual Computer Security Applications Conference (2017)
- Principles of data protection
- Cyberattacks Crime and Defenses
- Capita selecta security
- Guest lectures, Bologna Business School
- het gaat om het verrichten van onderzoek., University of Trento (Italy)