Dr.ir. T.S. van Ede MSc | People Pages: Find employees & contact details

I am an Assistant Professor in the Semantics, Cybersecurity and Services group of the university of Twente.

My research focuses on security automation and the integration of machine learning and AI techniques into security solutions. More specifically, I am interested in the application of large language models (LLMs), network-based intrusion detection and the continuous integration of such systems in dynamic, rapidly changing environments. To this end, I focus on anomaly detection, contextual security analysis using deep neural networks, and the application of Natural Language Processing (NLP) techniques for sharing cyber threat intelligence.

I strongly believe in open, collaborative science, where researchers can easily and quickly access previous research. To that end, I maintain several security tools that have been developed through research efforts.

Finally, I love Capture The Flag (CTF) competitions, and I am involved in the organization of the Twente Hacking Squad, the University of Twente's student hacking team.

Organisations

Publications

2025

SoK: Automated TTP Extraction from CTI Reports – Are We There Yet? (2025)In Proceedings of the USENIX Security Symposium: August 13–15, 2025 • Seattle, WA, USA (pp. 4621-4641). USENIX Association. Büchel, M., Paladini, T., Longari, S., Carminati, M., Zanero, S., Binyamini, H., Engelberg, G., Klein, D., Guizzardi, G., Caselli, M., Continella, A., van Steen, M., Peter, A. & van Ede, T.https://www.usenix.org/conference/usenixsecurity25/presentation/buechelInterdisciplinary Research Project 'AI Shield' (2025)In The 8!" Cyber Security in Networking Conference (CSNet 2024): AI for Cybersecurity (pp. 268-271) (Proceedings of the 8th Cyber Security in Networking Conference: AI for Cybersecurity, CSNet 2024). IEEE. Van Ede, T., Mulder, T. & Moyakine, E.https://doi.org/10.1109/CSNet64211.2024.10851746Beyond CVEs: Mapping Weaknesses in Unstructured Threat Intelligence Text (2025)[Working paper › Preprint]. Simonetto, S., Oostveen, R., van Ede, T. S., Bosch, P. & Jonker, W.Knowing your weaknesses is your greatest strength: Mapping CVE to CWE by leveraging CWE Hierarchy and LLMs (2025)[Working paper › Preprint]. Simonetto, S., Oostveen, R., van Ede, T. S., Bosch, P. & Jonker, W.What Matters Most in Vulnerabilities? Key Term Extraction for CVE-to-CWE Mapping with LLMs (2025)[Working paper › Preprint]. Simonetto, S., Oostveen, R., van Ede, T. S., Bosch, P. & Jonker, W.

2024

Text2Weak: mapping CVEs to CWEs using description embeddings analysis (2024)In The 4th Workshop on Artificial Intelligence-Enabled Cybersecurity Analytics. Simonetto, S., van Ede, T. S., Bosch, P., Jonker, W. & Oostveen, R.https://ai4cyber-kdd.com/KDD-AISec_files/Submission_8_final.pdf

2023

Comprehending Security Events: Context-Based Identification and Explanation (2023)[Thesis › PhD Thesis - Research UT, graduation UT]. University of Twente. van Ede, T. S.https://doi.org/10.3990/1.9789036558891Code for Appscanner: Automatic fingerprinting of smartphone apps from encrypted network traffic (2023)[Dataset Types › Dataset]. 4TU.Centre for Research Data. van Ede, T.https://doi.org/10.4121/db4fbbb9-fe7d-44b0-b8ec-02a8c81481d9Code for DeepCASE: Semi-Supervised Contextual Analysis of Security Events (2023)[Dataset Types › Dataset]. 4TU.Centre for Research Data. van Ede, T., Aghakhani, H., Spahn, N., Bortolameotti, R., Cova, M., Continella, A., van Steen, M., Peter, A., Kruegel, C. & Vigna, G.https://doi.org/10.4121/86c12ba1-7709-45c3-ade3-897552f98ca3Code for DeepLog: Anomaly detection and diagnosis from system logs through deep learning (2023)[Dataset Types › Dataset]. 4TU.Centre for Research Data. van Ede, T.https://doi.org/10.4121/7a6086ad-1cd1-4a76-be8a-b7c0b6d17311

Other contributions

Bortolameotti, R., van Ede, T., Continella, A., Everts, M.H., Jonker, W., Hartel, P. & Peter, A. (2019, October). Victim-Aware Adaptive Covert Channels. In Proceedings of the International Conference on Security and Privacy in Communication Networks. Springer.

Bortolameotti, R., van Ede, T., Caselli, M., Everts, M. H., Hartel, P., Hofstede, R., Jonker, W. & Peter, A. (2017, December). DECANTeR: DEteCtion of Anomalous outbouNd HTTP TRaffic by Passive Application Fingerprinting. In Proceedings of the 33rd Annual Computer Security Applications Conference (pp. 373-386). ACM.

Research profiles

Affiliated study programs

Courses academic year 2025/2026

Courses in the current academic year are added at the moment they are finalised in the Osiris system. Therefore it is possible that the list is not yet complete for the whole academic year.

Courses academic year 2024/2025

Address

University of Twente

Zilverling (building no. 11), room 2027
Hallenweg 19
7522 NH Enschede
Netherlands

Navigate to location