The real voyage of discovery lies in not seeing new landscapes but in having new eyes. (Marcel Proust)

I am an Associate Professor and head of the Threat Analysis group within the Security Cluster of the Eindhoven University of Technology, in the Netherlands. We investigate attacker operations ([1], [2]), economics ([3], [4]), and how these are ultimately delivered to the (human) user ( [5] , [6]) to improve operational defense capabilities ([7], [8]). Our research draws from several fields, including computer security, economics, risk analysis, and criminology.

I am the Scientific Director of the Eindhoven Security Hub SOC, a facility managed by the TU/e SECurity group and devoted to delivering cutting-edge security monitoring services to its customers. Read more about it here and here.

Students

  • Michele Campobasso on cybercrime operations and ecosystems. Website, GScholar profile.
  • Pavlo Burda on advanced social engineering. Website, GScholar profile.
  • Leon Kersten on decision support for cybersecurity analysis. Website.
  • Koen Teuwen on threat intelligence operationalization.

About

        Office:         MF 6.122 
                        P.O. Box 513, 5600 MB
                        Eindhoven, The Netherlands
        Email:          l.allodi at tue.nl
        PGP fngrprnt:   950E 3DC8 EB66 DFF3 B64D  7848 A0AD 0BB6 5DC4 98F1

Public key here.

Curriculum Vitae

I DO NOT have a Facebook profile.
My LinkedIn page (hardly updated) is this.
My Twitter handle is @securescientist.
I am on Mastodon at @securescientist@fediscience.org.

Some highlights

Organization

I am the organizer and co-chair of the multidisciplinary Workshop on Attackers and Cyber-Criminal Operations (WACCO), together with, among others, Alice Hutchings (Twitter, homepage) and Sergio Pastrana (Twitter, homepage). The workshop is held annually jointly with the IEEE European Symposium on Security and Privacy.

A selection of publications

  • Marin, I. and Burda, P. and Zannone, N. and Allodi, L. (2023), The Influence of Human Factors on the Intention to Report Phishing Emails In Proceedings of the 2023 ACM CHI Conference on Human Factors in Computing Systems. Preprint.
  • Campobasso, M. and Allodi, L. (2023), Know Your Cybercriminal: Evaluating Attacker Preferences by Measuring Profile Sales on an Active, Leading Criminal Market for User Impersonation at Scale. In Proceedings of USENIX Security 2023. Preprint.
  • Martin Rosso, Michele Campobasso, Ganduulga Gankhuyag, Luca Allodi. SAIBERSOC: Synthetic Attack Injection to Benchmark and Evaluate the Performance of Security Operation Centers. In Proceedings of the 36th Annual Computer Security Applications Conference (ACSAC 2020). (acc. rate 23%) Distinguished Paper with Artifacts Award Preprint.
  • Michele Campobasso, Luca Allodi. Impersonation-as-a-Service: Characterizing the Emerging Criminal Infrastructure for User Impersonation at Scale. In Proceedings of the ACM Conference on Computer and Communications Security (ACM CCS 2020). (acc. rate 17%) Preprint.
  • Amber van der Heijden, Luca Allodi. Cognitive Triaging of Phishing Attacks. In Proceedings of Usenix Security 2019. (Acc. rate 16%). Preprint.
  • Luca Allodi. 2017. Economic Factors of Vulnerability Trade and Exploitation. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS ‘17). ACM, New York, NY, USA, 1483-1499. DOI: https://doi.org/10.1145/3133956.3133960 (Acc. rate 18%). Preprint.