I am an Assistant Professor in the Semantics, Cybersecurity and Services group of the university of Twente.

My research focuses on security automation and the integration of machine learning and AI techniques into security solutions. More specifically, I am interested in the application of large language models (LLMs), network-based intrusion detection and the continuous integration of such systems in dynamic, rapidly changing environments. To this end, I focus on anomaly detection, contextual security analysis using deep neural networks, and the application of Natural Language Processing (NLP) techniques for sharing cyber threat intelligence.

I strongly believe in open, collaborative science, where researchers can easily and quickly access previous research. To that end, I maintain several security tools that have been developed through research efforts.

Finally, I love Capture The Flag (CTF) competitions, and I am involved in the organization of the Twente Hacking Squad, the University of Twente's student hacking team.



Stepping out of the MUD: Contextual threat information for IoT devices with manufacturer-provided behaviour profilesIn Proceedings of the Annual Computer Security Applications Conference, ACSAC 2022. Applied Computer Security Associates. Zangrandi, L. M., Ede, T. v., Booij, T., Sciancalepore, S., Allodi, L. & Continella, A.https://doi.org/10.1145/3564625.3564644Detecting Anomalous Misconfigurations in AWS Identity and Access Management PoliciesIn CCSW 2022 - Proceedings of the 2022 Cloud Computing Security Workshop, co-located with CCS 2022 (pp. 63-74). Ede, T. v., Khasuntsev, N., Steen, B. & Continella, A.https://doi.org/10.1145/3560810.3564264Federated Lab (FedLab): An Open-source Distributed Platform for Internet of Things (IoT) Research and ExperimentationIn IEEE World Forum on IoT (WF-IoT). Meijer, M., Petrucci, G. T., Schotsman, M., Morgese, L., Ede, T. v., Continella, A., Gankhuyag, G., Allodi, L. & Sciancalepore, S.DEEPCASE: Semi-Supervised Contextual Analysis of Security EventsIn 2022 IEEE Symposium on Security and Privacy (SP) (pp. 522-539). IEEE. van Ede, T., Aghakhani, H., Spahn, N., Bortolameotti, R., Cova, M., Continella, A., van Steen, M., Peter, A., Kruegel, C. & Vigna, G.https://doi.org/10.1109/SP46214.2022.9833671
HeadPrint: Detecting Anomalous Communications through Header-based APplication FingerprintingIn 35th Annual ACM Symposium on Applied Computing, SAC 2020 (pp. 1696-1705). Association for Computing Machinery. Bortolameotti, R., van Ede, T. S., Continella, A., Hupperich, T. M., Everts, M. H., Rafati, R., Jonker, W., Hartel, P. & Peter, A.https://doi.org/10.1145/3341105.3373862FlowPrint: Semi-Supervised Mobile-App Fingerprinting on Encrypted Network TrafficIn Network and Distributed System Security Symposium (NDSS). Internet Society. van Ede, T. S., Bortolameotti, R., Continella, A., Ren, J., Dubois, D. J., Lindorfer, M., Choffnes, D., van Steen, M. & Peter, A.https://doi.org/10.14722/ndss.2020.24412

Other contributions

Bortolameotti, R., van Ede, T., Continella, A., Everts, M.H., Jonker, W., Hartel, P. & Peter, A. (2019, October). Victim-Aware Adaptive Covert Channels. In Proceedings of the International Conference on Security and Privacy in Communication Networks. Springer.

Bortolameotti, R., van Ede, T., Caselli, M., Everts, M. H., Hartel, P., Hofstede, R., Jonker, W. & Peter, A. (2017, December). DECANTeR: DEteCtion of Anomalous outbouNd HTTP TRaffic by Passive Application Fingerprinting. In Proceedings of the 33rd Annual Computer Security Applications Conference (pp. 373-386). ACM.

Research profiles


University of Twente

Zilverling (building no. 11), room 2027
Hallenweg 19
7522 NH Enschede

Navigate to location


Scan the QR code or
Download vCard