Publications
Home University of Twente
Homepage
Activities

Publications

2015

Bortolameotti, R. and Peter, A. and Everts, M.H. and Bolzoni, D. (2015) Indicators of Malicious SSL Connections. In: 9th International Conference on Network and System Security, NSS 2015, 3-5 Nov 2015, New York, USA. pp. 162-175. Lecture Notes in Computer Science 9408. Springer Verlag. ISBN 978-3-319-25645-0

2012

Hadžiosmanović, D. and Bolzoni, D. and Etalle, S. and Hartel, P.H. (2012) Challenges and opportunities in securing industrial control systems. In: Proceedings of the IEEE Workshop on Complexity in Engineering, COMPENG 2012, 11-13 June 2012, Aachen, Germany. pp. 1-6. IEEE. ISBN 978-1-4673-1614-9
Hadžiosmanović, D. and Bolzoni, D. and Hartel, P.H. (2012) A Log Mining Approach for Process Monitoring in SCADA. International Journal of Information Security, 11 (4). pp. 231-251. ISSN 1615-5262 *** ISI Impact 1,279 ***
Hadžiosmanović, D. and Simionato, L. and Bolzoni, D. and Zambon, Emmanuele and Etalle, S. (2012) N-gram Against the Machine: On the Feasibility of the N-gram Network Analysis for Binary Protocols. In: Proceedings of the 15th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2012), 12-14 Sep 2012, Amsterdam, The Netherlands. pp. 354-373. Lecture Notes in Computer Science 7462. Springer Verlag. ISSN 0302-9743 ISBN 978-3-642-33337-8

2011

Bolzoni, D. and Schade, C. L. and Etalle, S. (2011) A Cuckoo's Egg in the Malware Nest: On-the-fly Signature-less Malware Analysis, Detection, and Containment for Large Networks. In: Proceedings of the 25th Large Installation System Administration Conference (LISA 2011), 4-9 Dec 2011, Boston, USA. pp. 201-216. The USENIX Association. ISBN 978-931971-881-3
Hadžiosmanović, D. and Bolzoni, D. and Hartel, P.H. and Etalle, S. (2011) MELISSA: Towards Automated Detection of Undesirable User Actions in Critical Infrastructures. In: Proceedings of the European Conference on Computer Network Defense, EC2ND 2011, 6-8 Sept 2011, Gothenburg, Sweden. pp. 41-48. IEEE Computer Society. ISBN 978-0-7695-4762-6

2010

Hadžiosmanović, D. and Bolzoni, D. and Hartel, P.H. (2010) A Log Mining Approach for Process Monitoring in SCADA. Technical Report TR-CTIT-10-35, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625
Hadžiosmanović, D. and Bolzoni, D. and Hartel, P.H. (2010) MEDUSA: Mining Events to Detect Undesirable uSer Actions in SCADA. In: Proceedings of the 13th International Symposium on Recent Advances in Intrusion Detection (RAID 2010), 15-17 Sep 2010, Ottawa, Canada. pp. 500-501. Lecture Notes in Computer Science 6307. Springer Verlag. ISSN 0302-9743 ISBN 978-3-642-15511-6

2009

Bolzoni, D. (2009) Revisiting Anomaly-based Network Intrusion Detection Systems. PhD thesis, University of Twente. CTIT Ph.D.-thesis series No. 09-147 ISBN 978-90-365-2853-5
Bolzoni, D. and Etalle, S. and Hartel, P.H. (2009) Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems. Technical Report TR-CTIT-09-10, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625
Bolzoni, D. and Etalle, S. and Hartel, P.H. (2009) Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems. In: Recent Advances in Intrusion Detection (RAID). pp. 1-20. Lecture Notes in Computer Science 5758. Springer Verlag. ISBN 978-3-642-04341-3

2008

Bolzoni, D. and Crispo, B. and Etalle, S. (2008) ATLANTIDES: Automatic Configuration for Alert Verification in Network Intrusion Detection Systems. Technical Report TR-CTIT-08-17, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625
Bolzoni, D. and Etalle, S. (2008) Approaches in Anomaly-based Network Intrusion Detection Systems. In: Intrusion Detection Systems. Advances in Information Security 38. Springer Verlag, London, pp. 1-16. ISBN 978-0-387-77265-3
Bolzoni, D. and Etalle, S. (2008) Boosting Web Intrusion Detection Systems by Inferring Positive Signatures. Technical Report TR-CTIT-08-43, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625
Bolzoni, D. and Etalle, S. (2008) Boosting Web Intrusion Detection Systems by Inferring Positive Signatures. In: Confederated International Conferences On the Move to Meaningful Internet Systems (OTM), November 9-14, 2008, Monterrey, Mexico. pp. 938-955. Lecture Notes in Computer Science 5332. Springer Verlag. ISSN 0302-9743 ISBN 978-3-540-88872-7

2007

Bolzoni, D. and Crispo, B. and Etalle, S. (2007) ATLANTIDES: An Architecture for Alert Verification in Network Intrusion Detection Systems. In: Proceedings of the 21st Large Installation System Administration Conference (LISA '07), 11-16 November 2007, Dallas, Texas. pp. 141-152. Usenix Association. ISBN 978-1-931971-55-3
Su, X. and Bolzoni, D. and van Eck, P.A.T. (2007) Understanding and Specifying Information Security Needs to Support the Delivery of High Quality Security Services. In: Proceedings of the The International Conference on Emerging Security Information, Systems, and Technologies (SECURWARE '07), October 14-20, 2007, Valencia, Spain. pp. 107-114. IEEE Computer Society. ISBN 0-7695-2989-5
Su, X. and Bolzoni, D. and van Eck, P.A.T. (2007) Specifying Information Security Needs for the Delivery of High Quality Security Services. In: 2nd IEEE/IFIP International Workshop on Business-Driven IT Management, BDIM '07, 21-23 May 2007, Munich, Germany. pp. 112-113. IEEE Computer Society. ISBN 1-4244-1295-1
Zambon, Emmanuele and Bolzoni, D. and Etalle, S. and Salvato, M. (2007) A model supporting Business Continuity auditing & planning in Information Systems. In: Second International Conference on Internet Monitoring and Protection (ICIMP), 1-5 Jul 2007, San Jose, CA, USA. pp. 33-33. IEEE Computer Society. ISBN 0-7695-2911-9
Zambon, Emmanuele and Bolzoni, D. and Etalle, S. and Salvato, M. (2007) Model-Based Mitigation of Availability Risks. Technical Report TR-CTIT-07-04, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625
Zambon, Emmanuele and Bolzoni, D. and Etalle, S. and Salvato, M. (2007) A model supporting Business Continuity auditing & planning in Information Systems. Technical Report TR-CTIT-07-17, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625
Zambon, Emmanuele and Bolzoni, D. and Etalle, S. and Salvato, M. (2007) Model-Based Mitigation of Availability Risks. In: Second IEEE/IFIP International Workshop on Business-Driven IT Management, 21 May 2007, Munich, Germany. pp. 75-83. IEEE Computer Society. ISBN 1-4244-1295-1

2006

Bolzoni, D. and Etalle, S. (2006) APHRODITE: an Anomaly-based Architecture for False Positive Reduction. Technical Report TR-CTIT-06-13, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625
Bolzoni, D. and Zambon, Emmanuele and Etalle, S. and Hartel, P.H. (2006) Poseidon: a 2-tier Anomaly-based Network Intrusion Detection System. In: 4th IEEE Int. Information Assurance Workshop (IWIA2006), 13-14 Apr 2006, London, UK. pp. 144-156. IEEE Computer Society. ISBN 0 7695 2564 4
Su, X. and Bolzoni, D. and van Eck, P.A.T. (2006) A Business Goal Driven Approach for Understanding and Specifying Information Security Requirements. Technical Report TR-CTIT-06-08, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625
Su, X. and Bolzoni, D. and van Eck, P.A.T. (2006) Understanding and Specifying Information Security Needs to Support the Delivery of High Quality Security Services. Technical Report TR-CTIT-06-73, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625
Su, X. and Bolzoni, D. and van Eck, P.A.T. (2006) A Business Goal Driven Approach for Understanding and Specifying Information Security Requirements. In: 11th International Workshop on Exploring Modeling Methods in Systems Analysis and Design (EMMSAD2006), 5-9 Jun 2006, Luxembourg. pp. 465-472. Presses Universitaries de Namur. ISBN 2-87037-525-5

2005

Bolzoni, D. and Zambon, Emmanuele and Etalle, S. and Hartel, P.H. (2005) Poseidon: A 2-tier Anomaly-based Intrusion Detection System. Technical Report TR-CTIT-05-53, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625
  Top