Dr.ir. A. Continella | People Pages: Find employees & contact details

I am an Associate Professor in the Semantics, Cybersecurity and Services group of the University of Twente and a member of the International Secure Systems Lab (iSecLab).

Before joining the University of Twente, I was a Postdoctoral Researcher in the Computer Science Department at UC Santa Barbara, working at the SecLab, and I obtained a Ph.D. cum laude in Computer Science and Engineering at Politecnico di Milano in Italy. During my Ph.D., I also took part in two research exchanges, working as a visiting researcher at UCSB and at the School of Computer Science of the University of Sydney.

My research focuses on aspects of computer security traditionally known as systems security. In particular, my main research interests lie in the security of the software that people use in their daily tasks, and revolve around analyzing such software for multiple security purposes, such as malware detection, identification of privacy disclosures, and vulnerability discovery. For example, I have worked on analysis and defense mechanisms against advanced threats such as the infamous ransomware families, on the detection of obfuscated privacy leaks in Android apps, and on the design of novel program analysis techniques to identify and patch vulnerabilities in embedded firmware.

I strongly believe in open, collaborative science, where researchers can easily and quickly access to previous research outcomes to reproduce and analyze results obtained by others.

I also love Capture The Flag (CTF) competitions, which I currently play with Shellphish (usually ending up in Vegas to play DEFCON Finals), and I co-organized several editions of the PoliCTF and iCTF.

Organisations

Publications

2024

Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused Protocols (2024)In Proceedings of 27th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2024 (pp. 561-578). Association for Computing Machinery. Tagliaro, C., Komsic, M., Continella, A., Borgolte, K. & Lindorfer, M.https://doi.org/10.1145/3678890.3678899FrameD: Toward Automated Identication of Embedded Frameworks in Firmware Images (2024)In 10th Workshop On The Security Of Industrial Control Systems & Of Cyber-Physical Systems, CyberICPS 2024. van Nielen, J., Peter, A. & Continella, A.Inferring Recovery Steps from Cyber Threat Intelligence Reports (2024)[Contribution to conference › Paper] 21st Conference on Detection of Intrusions and Malware & Vulnerability Assessment, DIMVA 2024. Kucsván, Z. L., Caselli, M., Peter, A. & Continella, A.ERAFL: Efficient Resource Allocation for Federated Learning Training in Smart Homes (2024)In NOMS 2024-2024 IEEE Network Operations and Management Symposium. IEEE. Rezaei, T., Bayhan, S., Continella, A. & Van Rijswijk-Deij, R.https://doi.org/10.1109/NOMS59830.2024.10575706ReplicaWatcher: Training-less Anomaly Detection in Containerized Microservices (2024)In Proceedings of the 31th Annual Network and Distributed System Security Symposium (NDSS 2024). Association for Computing Machinery. Khairi, A. E., Caselli, M., Peter, A. & Continella, A.https://doi.org/10.14722/ndss.2024.24286

2023

Comprehending Security Events: Context-Based Identification and Explanation (2023)[Thesis › PhD Thesis - Research UT, graduation UT]. University of Twente. van Ede, T. S.https://doi.org/10.3990/1.9789036558891Mobile apps and children's privacy: A traffic analysis of data sharing practices among children's mobile iOS apps (2023)Archives of disease in childhood, 108(11), 943-945. Pimienta, J., Brandt, J., Bethe, T., Holz, R., Continella, A., Jibb, L. & Grundy, Q.https://doi.org/10.1136/archdischild-2023-325960Code for DeepCASE: Semi-Supervised Contextual Analysis of Security Events (2023)[Dataset Types › Dataset]. 4TU.Centre for Research Data. van Ede, T., Aghakhani, H., Spahn, N., Bortolameotti, R., Cova, M., Continella, A., van Steen, M., Peter, A., Kruegel, C. & Vigna, G.https://doi.org/10.4121/86c12ba1-7709-45c3-ade3-897552f98ca3Code for Detecting Anomalous Misconfigurations in AWS Identity and Access Management Policies (2023)[Dataset Types › Dataset]. 4TU.Centre for Research Data. van Ede, T., Khasuntsev, N., Steen, B. & Continella, A.https://doi.org/10.4121/948f9457-d168-4eb6-9523-bc235a871e83Code for FlowPrint: Semi-Supervised Mobile-App Fingerprinting on Encrypted Network Traffic (2023)[Dataset Types › Dataset]. 4TU.Centre for Research Data. van Ede, T., Bortolameotti, R., Continella, A., Ren, J., Dubois, D. J., Lindorfer, M., Choffnes, D., van Steen, M. & Peter, A.https://doi.org/10.4121/e08823b5-ceff-4ebc-a967-290ef9cacc7e

Research profiles

Courses academic year 2024/2025

Courses in the current academic year are added at the moment they are finalised in the Osiris system. Therefore it is possible that the list is not yet complete for the whole academic year.

Courses academic year 2023/2024

Address

University of Twente

Zilverling (building no. 11), room 2023
Hallenweg 19
7522 NH Enschede
Netherlands

Navigate to location