Currently I am a part of the TUD team for analysing different aspects of security in smart grids (e.g., see Powerweb). In addition, I am closely involved in TREsPASS project, where I work on extracting and analysing various data sources from cloud and telecom infrastructure.
During my PhD I worked in the context of HERMES, CASTOR and MIDAS projects. My research was concerning the security of critical infrastructures. In particular, I worked on three main aspects: analysis of application logs, network traffic analysis and threat identification.
I like integrating process semantics into (ICS) system monitoring. One such effort will be done within this Bro project.
M. Caselli, D. Hadziosmanovic, E. Zambon, F.Kargl (2013): On the feasibility of device fingerprinting in Industrial Control Systems, 8th International Conference on Information Infrastructures Security (ACCEPTED)
D. Hadziosmanovic, L. Simionato, D. Bolzoni, E. Zambon, S. Etalle (2012): N-gram Against the Machine: On the Feasibility of the N-gram Network Analysis for Binary Protocols. In: Proceedings of the 15th International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 12-14 Sep, Amsterdam, The Netherlands, pp 354-373, Lecture Notes in Computer Science 7462, Springer Verlag Berlin, DOI:10.1007/978-3-642-33338-5_18. [bibtex][paper][implementations]
D. Hadziosmanovic, D. Bolzoni, S. Etalle, P.H. Hartel (2012): Challenges and Opportunities in Securing Industrial Control Systems. In: Proceedings of the IEEE Workshop on Complexity in Engineering (COMPENG), 11-13 June, Aachen, Germany, pp 1-6, IEEE Computer Society, DOI:10.1109/CompEng.2012.6242970. (INVITED PAPER) [bibtex][paper]
D. Hadziosmanovic, D. Bolzoni, P.H. Hartel (2012): A Log Mining Approach for Process Monitoring in SCADA. International Journal of Information Security, Volume 11, Issue 4, pp 231-251, ISSN 1615-5262, DOI: 10.1007/s10207-012-0163-8, ***ISI Impact 1,094*** [bibtex][paper]
D. Hadziosmanovic, D. Bolzoni, P.H. Hartel, S. Etalle (2011): MELISSA - Towards Automated Detection of Undesirable User Actions in Critical Infrastructures. In: Proceedings of the European Conference on Computer Network Defense (EC2ND), 6-8 Sept, Gothenburg, Sweden. pp. 41-48. IEEE Computer Society. [bibtex][paper]
D. Hadziosmanovic, R.Sommer, E.Zambon, P.H. Hartel (2013): Through the Eye of the PLC: Towards Semantic Security Monitoring for Industrial Control Systems, International Computer Science Institute, Berkeley, TR-13-003 [paper]
Posters, talks, media
D. Hadziosmanovic, R. Sommer, D. Bolzoni, P.H. Hartel (2012): Improving SCADA Security with Context-aware Network Profiling. In: IEEE Symposium on Security and Privacy, 20-23 May, San Francisco, California, USA. (poster) [abstract][poster]
D. Hadziosmanovic, D. Bolzoni (2012): Detecting zero-day and targeted attacks against ICS. In: ICSJWG Spring Conference, 7-10 May, Savannah, Georgia, USA. (talk) [slides]
D. Hadziosmanovic (2011): Detecting Cyber Attacks in Critical Infrastructures. In: Resilient Societies - Governing Risk and Vulnerability for Water, Energy and Climate Change, 19-21 Oct, Enschede, The Netherlands. (talk) [slides][media]
D. Hadziosmanovic, D. Bolzoni, P.H. Hartel (2010): MEDUSA - Mining Events to Detect Undesirable uSer Actions in SCADA. In: Proceedings of the 13th International Symposium on Recent Advances in Intrusion Detection (RAID), 15-17 Sep 2010, Ottawa, Canada. pp. 500-501. LNCS 6307. Springer Verlag. (poster) [bibtex][abstract][poster]
D. Hadziosmanovic, D. Bolzoni, P.H. Hartel (2010): How to prevent your favorite plant from exploding. In: CTIT Symposium, 1st June, Enschede, The Netherlands. (talk) [slides]