About      Publications      Services      Teaching      Advising      Projects

Sergio Pastrana Portillo

Visiting Professor

Computer Securiry Lab (COSEC)
Universidad Carlos III de Madrid

E-mail:  spastran [at] inf [dot] uc3m [dot] es
Escuela Politécnica Superior, Universidad Carlos III de Madrid
Avenida de la Universidad 30
28911, Leganés, Madrid

About me

I'm Visiting Associate Professor at the Computer Security Lab from the University Carlos III of Madrid and an external collaborator in the Cambridge Cybercrime Centre from the University of Cambridge. My research interests are manyfold through the field of cybersecurity and cybercrime. Please, see my list of publications (or my Google profile) to get a glimpse of my current interests

I received a PhD in Computer Science and Technology in 2014 by University of Carlos III de Madrid, my alma mater, where I have also taught courses in official studies offered at the University Carlos III about Security and Computer Programming as well as ocassional participation in Master courses, summer schools and workshops.


Journal papers
  1. "A Methodology for Large-Scale Identification of Related Accounts in Underground Forums". José Cabrero-Holgueras, Sergio Pastrana. "Computers & Security". Accepted, September 2021 [accepted version]

  2. "Avaddon ransomware: an in-depth analysis and decryption of infected systems". Javier Yuste, Sergio Pastrana. "Computers & Security". Volume 109-C, October 2021 [accepted version] [doi]

  3. "Blocklist Babel: On the Transparency and Dynamics of Open Source Blocklisting". Álvaro Feal, Pelayo Vallina, Julien Gamba, Sergio Pastrana, Antonio Nappa, Oliver Hohlfeld, Narseo Vallina-Rodriguez, Juan Tapiador."IEEE Transactions on Network and Service Management". Volume 18, pp 1334-1349 June 2021. [doi]

  4. "Automatically identifying the function and intent of posts in underground forums". Andrew Caines, Sergio Pastrana , Alice Hutchings, Paula Buttery."Crime Science". Volume 7. November 2018. [Open access] [doi]

  5. "PAgIoT: Privacy-preserving Aggregation protocol for Internet of Things". L. Gonzalez-Manzano, J.M. de Fuentes, S. Pastrana, P.Peris-Lopez, L. Hernandez."Journal of Network and Computer Applications". Volume 71 pp 59-71. 2016. (JCR index: 2.331) [pdf] [doi]

  6. "Probabilistic Yoking Proofs For Large Scale IoT Systems".J.M. de Fuentes, P. Peris-Lopez, J.E. Tapiador, S. Pastrana."Ad Hoc Networks". Volume 32. pp 43-53. September 2015. (JCR index: 1,660). [pdf] [doi]

  7. "DEFIDNET: A framework for optimal allocation of cyberdefenses in Intrusion Detection Networks" S. Pastrana, A. Orfila, J.E. Tapiador, P. Peris-Lopez."Computer Networks". Volume 80. pp 66-84, April 2015. (JCR index: 1,446) [pdf] [doi] [prototype]

  8. "Power-aware anomaly detection in smartphones: An analysis of on-platform versus externalized operation".G. Suarez-Tangil, J.E. Tapiador, P. Peris-Lopez, S. Pastrana."Pervasive and Mobile Computing". Elsevier. Volume 18. pp 137-151. April 2015. (JCR index: 1.719). [doi] [pdf]

  9. "Randomized Anagram revisited". Sergio Pastrana, Agustin Orfila, Juan E. Tapiador, Pedro Peris-Lopez. "Journal of Network and Computer Applications". Volume 41. pp 182-196, May 2014.(JCR index: 2.229). [doi] [pdf]

  10. "Evaluation of Classification Algorithms for Intrusion Detection in MANETs". Sergio Pastrana, Aikaterina Mitrokotsa, Agustin Orfila, Pedro Peris-Lopez. "Knowledge Based Systems". Volume 36. pp 217-225. December 2012. (JCR index: 4,104). [doi] [pdf]
Conference papers
  1. "Towards Improving Code-Stylometry Analysis in Underground Forums"". Michal Tereszkowski-Kaminski, Sergio Pastrana, Jorge Blasco, Guillermo Suarez-Tangil Proceedings of the 22st Privacy Enhancing Technologies Symposium (PoPETS). 2022

  2. "Detecting video-game injectors exchanged in game cheating communities". Panicos Karkallis, Jorge Blasco, Sergio Pastrana, Guillermo Suarez-Tangil Proceedings of the 26th European Symposium on Research in Computer Security (ESORICS) 2021. October 2021 [preprint]

  3. "SoK: Privacy-Preserving Computation Techniques for Deep Learning". José Cabrero-Holgueras and Sergio Pastrana Proceedings of the 21st Privacy Enhancing Technologies Symposium (PoPETS). July 2021 [pdf]

  4. "Trouble Over-The-Air: An Analysis of FOTA Apps in the Android Ecosystem". Eduardo Blazquez, Sergio Pastrana, Alvaro Feal, Julien Gamba, Platon Kotzias, Narseo Vallina-Rodriguez, Juan Tapiador. 42nd IEEE Symposium on Security and Privacy (IEEE S&P). May 2021 [doi]

  5. "A tight scrape: methodological approaches to cybercrime research data collection in adversarial environments", Kieron Turk, Sergio Pastrana, Ben Collier. 2nd Workshop on Attackers and Cyber-Crime Operations (WACCO) , Digital Conference, September 7th, 2020. [doi] [pdf]

  6. "A first look at the crypto-mining malware ecosystem: A decade of unrestricted wealth", Sergio Pastrana, Guillermo Suarez-Tangil. ACM Internet Measurement Conference (IMC) , Amsterdam, Netherlands, October 2019. [doi] [pdf extended version]

  7. "Measuring eWhoring", Sergio Pastrana, Alice Hutchings, Daniel Thomas, Juan E. Tapiador. ACM Internet Measurement Conference (IMC) , Amsterdam, Netherlands, October 2019. [doi] [pdf] [video]

  8. "Understanding eWhoring", Alice Hutchings, Sergio Pastrana. 4th IEEE European Symposium on Security and Privacy , Stockholm, Sweden, June 2019 [pdf]

  9. "Aggressive language in an online hacking forum", Andrew Caines, Sergio Pastrana , Alice Hutchings, Paula Buttery. Second Workshop on Abusive Language Online (ALW2) , Brussels, Belgium, October 2018 [pdf]

  10. "Characterizing Eve: Analysing Cybercrime Actors in a Large Underground Forum", Sergio Pastrana , Alice Hutchings, Andrew Caines, Paula Buttery. Research in Attacks, Intrusions and Defences (RAID) , Heraklion, Crete, September 2018 [pdf]

  11. "CrimeBB: Enabling Cybercrime Research on Underground Forums at Scale", Sergio Pastrana, Daniel R. Thomas, Alice Hutchings, and Richard Clayton. ACM The Web Conference 2018 (WWW) , Lyon, France, April 2018. [pdf]

  12. "Ethical issues of research using datasets of illicit origin", Daniel R. Thomas, Sergio Pastrana, Alice Hutchings, Richard Clayton, and Alastair R. Beresford. ACM Internet Measurement Conference (IMC) , London, UK, November 2017. [pdf]

  13. "Shall we collaborate? A model to analyse the benefits of information sharing", Roberto Garrido, Lorena Gonzalez and Sergio Pastrana. ACM CCS Worshop on Information Sharing and Collaborative Security (WISCS) , Vienna, Austria, October 2016. [pdf]

  14. "AVRAND: A Software Based Defense Against Code Reuse Attacks in AVR Architectures", Sergio Pastrana, Juan E. Tapiador, Guillermo Suarez-Tangil, Pedro Peris-Lopez. "13th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)", San Sebastian, Spain, July 2016. [pdf]

  15. "ArduWorm: A Practical Malware Targeting Arduino Devices", Sergio Pastrana, Jorge Rodriguez-Canseco, Alejandro Calleja. "Jornadas Nacionales de Investigacion en Seguridad (JNIC)", Granada, Spain, June 2016. [pdf] Best paper award!

  16. "Security Analysis and Exploitation of Arduino Devices in the Internet of Things", Carlos Alberca, Sergio Pastrana, Guillermo Suarez-Tangil, Paolo Palmieri. " Workshop on Malicious Software and Hardware in Internet of Things (Mal-IoT)", Como, Italy, May 2016 [doi] [pdf]

  17. "Interactive activities: the key to learning programming with MOOCs.",Carlos Alario, Carlos Delgado, Iria Estevez, Carmen Fernandez, Jorge Blasco, Sergio Pastrana, Guillermo Suarez, and Julio Villena. "Proceedings of the European Stakeholder Summit on experiences and best practices in and around MOOCs (EMOOCS)", Graz (Austria), February 2016

  18. "Anomalous Web Payload Detection: Evaluating the Resilience of 1-gram Based Classifiers", Sergio Pastrana, Carmen Torrano-Gimenez, Hai Than Nguyen, Agustin Orfila. "Proceedings of the VIII Conference on Intelligent Distributed Computing (IDC) ", pp 195-201, Madrid, Spain, September 2014 [pdf]

  19. "A functional framework to evade Network IDS", Sergio Pastrana, Agustin Orfila and Arturo Ribagorda. "Proceedings of the 44th Hawaii International Conference on Systems Sciences (HICSS44)", Kauai, USA, January 2011 [doi] [pdf]

  20. "Artificial Immunity-Based Correlation System (poster)", Guillermo Suarez-Tangil, Esther Palomar, Sergio Pastrana, Arturo Ribagorda. "SECRYPT - International Conference on Security and Cryptography", Sevilla, Spain, July 2011 [doi] [pdf]

  21. "Modeling NIDS evasion using Genetic Programming", Sergio Pastrana, Agustin Orfila and Arturo Ribagorda. "Proceedings of the 2010 World Congress in Computer Science, Computer Engineering and Applied Computing, WORLDCOMP'10", Las Vegas, USA, July 2010 [pdf]

  22. "EVADIR: una metodologia para la evasion de IDS de red", Sergio Pastrana, Agustin Orfila and Arturo Ribagorda. "Actas de la XI Reunion Espanola sobre Criptologia y Seguridad de la Informacion, RECSI'10", Tarragona, Spain, September 2010 [pdf]

PhD Thesis Book chapters
  1. "Displacing big data: How criminals cheat the system", in "The Human Factor of Cybercrime". Alice Hutchings, Sergio Pastrana, Richard Clayton. Taylor & Francis; ISBN 978-0-42946-059-3 (2019)
  2. "Evading IDS and Firewalls as Fundamental Sources of Information in SIEMS", in "Advances in Security Information Management: perceptions and outcomes". Sergio Pastrana, José Montero, Agustin Orfila, NOVA Publishers, ISBN 978-1-62417-221-2(2013)


Reviewer of the following journals
  • Computers in Human Behavior
  • Information Fusion
  • Computers&Security
  • Knowledge Based Systems
  • Future Generation Computer Systems
  • Information Sciences
  • KSII Transactions on Internet and Information Systems
  • AdHoc Networks
PC chair/co-chair PC Member or conference sub-reviewer
  • The Web Conference 2022
  • APWG eCrime 2021
  • 1st Workshop on Attackers and Cyber-Crime Operations (WACCO), 2019
  • 9th International Conference on Emerging Ubiquitous Systems and Pervasive Networks 2018
  • International Conference on Networks & Communications 2016
  • 12th International Conference on Security and Cryptography (SECRYPT) 2015
  • IEEE International Conference on Trust, Security and Privacy 2015
  • International Conference on Information Security Practice and Experience 2015
  • 13th International Conference on Security and Cryptography (SECRYPT) 2016
  • Project reviewer at Spanish Association for Standardisation and Certification (AENOR)
  • Project reviewer at Israeli Ministry of Science, Technology and Space

Teaching experience

MSc courses BSc and other courses Online Open Courses


Current PhD Students

  1. José Cabrero Holgueras


  • Trustaware: Enhancing Digital Security, Privacy and TRUST in software
  • ECYSAP: European Cyber Situational Awareness Platform
  • CYNAMON: Cybersecurity, Network Analysis And Monitoring for the next generation Internet
  • ODIO: The Open Digital Identity Observatory