Prof Pasquale Malacaria
Professor of Computer Science
School of Electronic Engineering and Computer Science
Queen Mary University of London
Queen Mary University of London
Research
information theory and program analysis, computer security, semantics of programming languages
Interests
I am interested in both the theoretical foundations of computer science and the practical implications and applications of the theoretical foundations.In particular, my theoretical interests focus on the use of information theory, logic and game theory to understand how information is transformed and leaked in computational processes.
On the applications side, I have worked on program analysis and the use of model-checkers to detect and quantify information leakage in programs and in side channels.
Publications
Publications of specific relevance to the Centre for Fundamental Computer Science2024
Smart topology detection using multi-armed bandit reinforcement learning methodSönmez FÖ, Hankin C and Malacaria P
Information Security Journal a Global Perspective, Taylor & Francis, 1-26.
10-12-2024
Dealing with uncertainty in cybersecurity decision supportZhang Y and Malacaria P
Computers & Security, Elsevier vol. 148, 104153-104153.
10-10-2024
2023
Keep spending: Beyond optimal cyber-security investmentMalacaria P and Zhang Y
2023 IEEE Computer Security Foundations Symposium.
01-07-2023
CROSS: A Framework for Cyber Risk Optimisation in Smart HomesZhang Y, Malacaria P, Loukas G and Panaousis E
Computers and Security, Elsevier, 103250-103250.
05-04-2023
2022
Attack Dynamics: An Automatic Attack Graph Generation Framework Based on System Topology, CAPEC, CWE, and CVE Databaseszdemir S.nmez F, Hankin C and Malacaria P
Computers and Security, Elsevier vol. 123
14-10-2022
Decision support for healthcare cyber securitySönmez FÖ, Hankin C and Malacaria P
Computers and Security, Elsevier vol. 122, 102865-102865.
04-08-2022
Optimal Security Hardening over a Probabilistic Attack Graph: A Case Study of an Industrial Control System using CySecToolBuczkowski P, Malacaria P, Hankin C and Fielder A
Sat-CPS '22: Proceedings of the 2022 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems., 21-30.
28-04-2022
Optimal Security Hardening over a Probabilistic Attack GraphBuczkowski P, Malacaria P, Hankin C and Fielder A
Proceedings of the 2022 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems., 21-30.
18-04-2022
Optimal Security Hardening over a Probabilistic Attack Graph: A Case Study of an Industrial Control System using CySecTool.Buczkowski P, Malacaria P, Hankin C and Fielder A
SAT-CPS@CODASPY., 21-30. Editors: Gupta M, Khorsandroo S and Abdelsalam M.
01-01-2022
2021
Channel-supermodular entropies: Order theory and an application to query anonymizationAmérico A, Khouzani M and Malacaria P
Entropy vol. 24 (1)
25-12-2021
Concavity, Core-concavity, Quasiconcavity: A Generalizing Framework for Entropy MeasuresAmérico A and Malacaria P
2021 IEEE 34th Computer Security Foundations Symposium (CSF). vol. 00, 1-14.
25-06-2021
Bayesian Stackelberg games for cyber-security decision supportZhang Y and Malacaria P
Decision Support Systems, Elsevier vol. 148
15-05-2021
Optimization-Time Analysis for CybersecurityZhang Y and Malacaria P
Ieee Transactions On Dependable and Secure Computing
01-02-2021
Concavity, Core-concavity, Quasiconcavity: A Generalizing Framework for Entropy Measures.Américo A and Malacaria P
CSF., 1-14.
01-01-2021
2020
Conditional Entropy and Data Processing: an Axiomatic Approach Based on Core-ConcavityAmerico A, Khouzani M and Malacaria P
Ieee Transactions On Information Theory, Institute of Electrical and Electronics Engineers (Ieee), 1-1.
13-04-2020
QQIF: Quantum Quantitative Information Flow (invited paper)Américo A and Malacaria P
2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). vol. 00, 261-270.
11-01-2020
From Lambda Calculus to Cybersecurity Through Program Analysis - Essays Dedicated to Chris Hankin on the Occasion of His RetirementFrom Lambda Calculus to Cybersecurity Through Program Analysis. vol. 12065 Editors: Pierro AD, Malacaria P and Nagarajan R.
01-01-2020
Conditional Entropy and Data Processing: An Axiomatic Approach Based on Core-Concavity.Américo A, Khouzani MHR and Malacaria P
Ieee Trans. Inf. Theory vol. 66, 5537-5547.
01-01-2020
QQIF: Quantum Quantitative Information FlowAmerico A and Malacaria P
2020 IEEE EUROPEAN SYMPOSIUM ON SECURITY AND PRIVACY WORKSHOPS (EUROS&PW 2020)., 261-270.
01-01-2020
2019
Channel Ordering and SupermodularityAmérico A, Malacaria P and Khouzani M
2019 IEEE Information Theory Workshop (ITW). vol. 00, 1-5.
28-08-2019
Deterministic Channel Design for Minimum LeakageAmérico A, Khouzani M and Malacaria P
, Institute of Electrical and Electronics Engineers (Ieee) vol. 00, 428-441.
25-06-2019
Malware Detection Using 1-Dimensional Convolutional Neural NetworksSharma A, Malacaria P and Khouzani M
2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). vol. 00, 247-256.
19-06-2019
Scalable min-max multi-objective cyber-security optimisation over probabilistic attack graphsKhouzani MHR, Liu Z and Malacaria P
European Journal of Operational Research, Elsevier Bv
29-04-2019
Generalized Entropies and Metric-Invariant Optimal Countermeasures for Information Leakage Under Symmetric Constraints.Khouzani MHR and Malacaria P
Ieee Trans. Inf. Theory vol. 65, 888-901.
01-02-2019
Pseudo-Random Number Generation Using Generative Adversarial NetworksDe Bernardi M, Khouzani MHR and Malacaria P
Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) vol. 11329 LNAI, 191-200.
01-01-2019
Core-concavity, Gain Functions and Axioms for Information LeakageAmérico A, Khouzani MHR and Malacaria P
In The Art of Modelling Computational Systems: a Journey From Logic and Concurrency to Security and Privacy, Springer Nature 261-275.
01-01-2019
Channel Ordering and SupermodularityAmerico A, Malacaria P and Khouzani MHR
2019 IEEE INFORMATION THEORY WORKSHOP (ITW)., 674-678.
01-01-2019
2018
Generalised Entropies and Metric-Invariant Optimal Countermeasures for Information Leakage under Symmetric ConstraintsMALACARIA P and KHOUZANI MHR
Ieee Transactions On Information Theory, Institute of Electrical and Electronics Engineers vol. 65 (2), 888-901.
28-11-2018
Optimal channel design: A game theoretical analysisKhouzani MHR and Malacaria P
Entropy vol. 20 (9)
05-09-2018
Symbolic side-channel analysis for probabilistic programsMalacaria P, Khouzani M, Pasareanu CS, Phan QS and Luckow K
2018 IEEE Computer Security Foundations Symposium.. vol. 2018-July, 313-327.
07-08-2018
Symbolic Side-Channel Analysis for Probabilistic Programs.Malacaria P, Khouzani MHR, Pasareanu CS, Phan Q-S and Luckow KS
Iacr Cryptol. Eprint Arch. vol. 2018, 329-329.
09-07-2018
Pseudo-Random Number Generation Using Generative Adversarial Networks.Bernardi MD, Khouzani MHR and Malacaria P
Nemesis/UrbReas/SoGood/IWAISe/GDM@PKDD/ECML. vol. 11329, 191-200. Editors: Alzate C, Monreale A, Assem H, Bifet A, Buda TS, Caglayan B, Drury B, García-Martín E, Gavaldà R, Kramer S, Lavesson N, Madden M, Molloy IM, Nicolae M-I and Sinn M.
01-01-2018
2017
Synthesis of Adaptive Side-Channel AttacksMALACARIA P, Phan Q-S, Pasareanu C, Bang L and Bultan T
2017 IEEE Computer Security Foundations Symposium (CSF) Santa Barbara (California) 21 Aug 2017 - 25 Aug 2017.
25-09-2017
Leakage-Minimal Design: Universality, Limitations, and ApplicationsKhouzani M and Malacaria P
2017 IEEE 30th Computer Security Foundations Symposium (CSF)., 305-317.
01-08-2017
Synthesis of Adaptive Side-Channel Attacks.Phan Q-S, Bang L, Pasareanu CS, Malacaria P and Bultan T
Iacr Cryptology Eprint Archive vol. 2017, 401-401.
09-05-2017
2016
Information leakage analysis of complex C code and its application to OpenSSLMALACARIA P, TAUTCHNING M and DISTEFANO D
7th International Symposium on Leveraging Applications CORFU 10 Oct 2016 - 14 Oct 2016.
05-10-2016
Efficient Numerical Frameworks for Multi-Objective Cyber Security PlanningKHOUZANI MHR, MALACARIA P, HANKIN C, FIELDER A and SMERALDI F
European Symposium on Research in Computer Security (ESORICS) 2016 Heraklion, Crete, Greece 26 Sep 2016 - 30 Sep 2016.
15-09-2016
Relative Perfect Secrecy: Universally Optimal Strategies and Channel DesignKhouzani MHR and Malacaria P
2016 IEEE 29th Computer Security Foundations Symposium (CSF)., 61-76.
08-08-2016
Multi-run Side-Channel Analysis Using Symbolic Execution and Max-SMTPasareanu CS, Phan Q-S and Malacaria P
2016 IEEE 29th Computer Security Foundations Symposium (CSF)., 387-400.
08-08-2016
Decision support approaches for cyber security investmentFielder A, Panaousis E, Malacaria P, Hankin C and Smeraldi F
Decision Support Systems vol. 86, 13-23.
19-03-2016
2015
Quantifying information leakage of randomized protocolsBiondi F, Legay A, Malacaria P and Wasowski A
Theoretical Computer Science vol. 597, 62-87.
13-09-2015
Quantifying information leakage of randomized protocolsBiondi F, Legay A, Malacaria P and Wąsowski A
Theoretical Computer Science, Elsevier vol. 597, 62-87.
01-09-2015
All-Solution Satisfiability Modulo Theories: Applications, Algorithms and BenchmarksPhan Q-S and Malacaria P
Availability, Reliability and Security (ARES), 2015 10th International Conference on., 100-109.
01-08-2015
A Game-Theoretic Approach for Minimizing Security Risks in the Internet-of-ThingsRontidis G, Panaousis E, Laszka A, Daziuklas T, Malacaria P and Alpcan T
2015 IEEE International Conference on Communication Workshop (ICCW)., 2639-2644.
01-06-2015
Comparing Decision Support Approaches for Cyber Security InvestmentFielder A, Panaousis E, Malacaria P, Hankin C and Smeraldi F
19-02-2015
Concurrent Bounded Model CheckingPhan Q-S, Malacaria P and Pasareanu CS
Sigsoft Softw. Eng. Notes, Acm vol. 40, 1-5.
01-02-2015
2014
Information leakage of non-terminating processesBiondi F, Legay A, Nielsen BF, Malacaria P and Wąsowski A
Leibniz International Proceedings in Informatics, LIPIcs. vol. 29, 517-529.
01-12-2014
Algebraic foundations for quantitative information flowMALACARIA P
Mathematical Structures in Computer Science, Cambridge University Press (Cup) vol. 25 (2), 404-428.
10-11-2014
How to spend itSmeraldi F and Malacaria P
, Association For Computing Machinery (Acm), 1-4.
06-05-2014
Abstract Model Counting: A Novel Approach for Quantification of Information LeaksPhan Q-S and Malacaria P
ASIA CCS '14 Proceedings of the 9th ACM symposium on Information, computer and communications security Kyoto, Japan 4 Jun 2014 - 6 Jun 2014., 283-292.
01-01-2014
Cybersecurity Games and Investments: A Decision Support ApproachPanaousis E, Fielder A, Malacaria P, Hankin C and Smeraldi F
Lecture Notes in Computer Science. vol. 8840, 266-286.
01-01-2014
Quantifying Information Leaks Using Reliability AnalysisPhan Q-S, Malacaria P, Pasareanu CS and d Amorim M
SPIN 2014 Proceedings of the 2014 International SPIN Symposium on Model Checking of Software San Jose, CA. USA 21 Jul 2014 - 22 Jul 2014., 105-108.
01-01-2014
Game Theory Meets Information Security ManagementFielder A, Panaousis E, Malacaria P, Hankin C and Smeraldi F
IFIP Advances in Information and Communication Technology. vol. 428, 15-29.
01-01-2014
2013
SideAuto: Quantitative information flow for side-channel leakage in web applicationsHuang X and Malacaria P
Proceedings of The Acm Conference On Computer and Communications Security, 285-290.
09-12-2013
Thermodynamic Aspects of ConfidentialityMALACARIA P and SMERALDI F
Information and Computation vol. 226, 76-93.
01-05-2013
Quantifying Information Leakage of Randomized ProtocolsBiondi F, Legay A, MALACARIA P and Wasowski A
14th International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI) Rome 20 Jan 2013 - 22 Jan 2013. vol. 7737, 68-87. Editors: Giacobazzi R, Berdine J and Mastroeni I.
01-01-2013
Payoffs, Intensionality and Abstraction in Games.Hankin C and Malacaria P
Computation, Logic, Games, and Quantum Foundations. vol. 7860, 69-82. Editors: Coecke B, Ong L and Panangaden P.
01-01-2013
2012
The thermodynamics of confidentialityMalacaria P and Smeraldi F
Proceedings of The Computer Security Foundations Workshop, 280-290.
05-10-2012
The Thermodynamics of ConfidentialityMALACARIA P and SMERALDI F
25th IEEE Computer Security Foundations Symposium Harvard, MA, USA 25 Jun 2012 - 27 Jun 2012., 280-290. Editors: Cortier V and Zdancewic S.
01-01-2012
Symbolic quantitative information flow.Phan Q-S, Malacaria P, Tkachuk O and Pasareanu CS
Acm Sigsoft Softw. Eng. Notes vol. 37, 1-5.
01-01-2012
Quantitative Security Analysis (Dagstuhl Seminar 12481).Köpf B, Malacaria P and Palamidessi C
Dagstuhl Reports vol. 2, 135-154.
01-01-2012
2011
Algebraic Foundations for Information Theoretical, Probabilistic and
Guessability measures of Information FlowMalacaria P
18-01-2011
2010
Program Analysis Probably Counts: Discussant Contribution for the Computer Journal Lecture by Chris HankinMalacaria P
Comput J vol. 53 (6), 881-881.
01-07-2010
Risk assessment of security threats for looping constructs.Malacaria P
Journal of Computer Security, Ios Press vol. 18, 191-228.
22-03-2010
The Optimum Leakage Principle for Analyzing Multi-threaded ProgramsChen H and Malacaria P
INFORMATION THEORETIC SECURITY. vol. 5973, 177-193. Editors: Kurosawa K.
01-01-2010
Quantifying information leaks in softwareHeusser J and MALACARIA P
Twenty-Sixth Annual Computer Security Applications Conference, ACSAC 2010 Austin Texas 6 Dec 2010 - 10 Dec 2010., 261-269.
01-01-2010
Applied Quantitative Information Flow and Statistical DatabasesHeusser J and Malacaria P
FORMAL ASPECTS IN SECURITY AND TRUST. vol. 5983, 96-110. Editors: Degano P and Guttman JD.
01-01-2010
Quantitative Information Flow: From Theory to Practice?Malacaria P
COMPUTER AIDED VERIFICATION, PROCEEDINGS. vol. 6174, 20-22. Editors: Touili T, Cook B and Jackson P.
01-01-2010
Information Theory and Security: Quantitative Information FlowMalacaria P and Heusser J
FORMAL METHODS FOR QUANTITATIVE ASPECTS OF PROGRAMMING LANGUAGES. vol. 6154, 87-134. Editors: Aldini A, Bernardo M, Di Pierro A and Wiklicky H.
01-01-2010
2009
Studying Maximum Information Leakage Using Karush-Kuhn-Tucker ConditionsChen H and Malacaria P
Eptcs 7, 2009, Pp. 1-15
21-10-2009
On Adaboost and optimal betting strategiesMalacaria P and Smeraldi F
Proceedings of the 5th International Conference on Data Mining (DMIN/WORLDCOMP)., 326–332-326–332.
01-07-2009
On Adaboost and Optimal Betting StrategiesMALACARIA P and SMERALDI F
WORLDCOMP: The 2009 International Conference on Data Mining, DMIN 2009 Las Vegas 13 Jul 2009 - 16 Jul 2009., 326-332.
01-01-2009
Quantifying maximal loss of anonymity in protocolsCHEN H and MALACARIA P
Proceedings of the 2009 ACM Symposium on Information, Computer and Communications Security, ASIACCS 2009 Sydney, Australia 1 Jan 1970., 206-217.
01-01-2009
2008
Lagrange Multipliers and Maximum Information Leakage in Different Observational ModelsMalacaria P and Chen H
PLAS'08: PROCEEDINGS OF THE ACM SIGPLAN THIRD WORKSHOP ON PROGRAMMING LANGUAGES AND ANALYSIS FOR SECURITY., 135-146.
01-01-2008
2007
A static analysis for quantifying the information flow in a simple imperative languageMALACARIA P, Hunt S and Clark D
Journal of Computer Security vol. 15 (3), 321-371.
01-03-2007
Quantitative Analysis of Leakage for Multi-threaded ProgramsChen H and Malacaria P
PLAS'07: PROCEEDINGS OF THE 2007 ACM SIGPLAN WORKSHOP ON PROGRAMMING LANGUAGES AND ANALYSIS FOR SECURITY., 31-40.
01-01-2007
Assessing security threats of looping constructsMalacaria P
ACM SIGPLAN NOTICES. vol. 42 (1), 225-235.
01-01-2007
Assessing Security Threats of Looping ConstructsMalacaria P
CONFERENCE RECORD OF POPL 2007: THE 34TH ACM SIGPLAN SIGACT SYMPOSIUM ON PRINCIPLES OF PROGAMMING LANGUAGES., 225-235.
01-01-2007
2005
Quantitative information flow, relations and polymorphic typesClark D, Hunt S and Malacaria P
J Logic Comput vol. 15 (2), 181-199.
01-04-2005
Quantified Interference for a while LanguageClark D, Hunt S and Malacaria P
Electronic Notes in Theoretical Computer Science vol. 112 (SPEC. ISS.), 149-166.
02-01-2005
2002
Relative definability of boolean functions via hypergraphsBucciarelli A and Malacaria P
Theor Comput Sci vol. 278 (1-2), 91-110.
06-05-2002
Quantitative Analysis of the Leakage of Confidential DataMALACARIA P, Clark D and Hunt S
Electronic Notes in Theoretical Computer Science vol. 59 (3)
01-01-2002
2000
Full abstraction for PCFAbramsky S, Jagadeesan R and Malacaria P
Inform Comput vol. 163 (2), 409-470.
15-12-2000
1999
Program analysis gamesHankin C and Malacaria P
Acm Computing Surveys, Association For Computing Machinery (Acm) vol. 31 (3es)
01-09-1999
Non-deterministic games and program analysis: An application to securityMalacaria P and Hankin C
Proceedings 11th Annual Ieee Symposium On Logic in Computer Science, Institute of Electrical and Electronics Engineers (Ieee), 443-452.
01-01-1999
1998
A new approach to control flow analysisMalacaria P and Hankin C
Lecture Notes in Computer Science. vol. 1383, 95-108.
01-01-1998
Generalised flowcharts and gamesMalacaria P and Hankin C
Lecture Notes in Computer Science. vol. 1443, 363-374.
01-01-1998
1995
Studying equivalences of transition systems with algebraic toolsMalacaria P
Theoretical Computer Science, Elsevier vol. 139 (1-2), 187-205.
01-03-1995
1994
Full abstraction for PCFAbramsky S, Malacaria P and Jagadeesan R
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). vol. 789 LNCS, 1-15.
01-01-1994
Full Abstraction for PCF (extended abstract)Abramsky S, Malacaria P and Jagadeesan R
In Theoretical Aspects of Computer Software, Springer Nature 1-15.
01-01-1994
Equivalences of Transition Systems in an Algebraic FrameworkMalacaria P
In Algebraic Methodology and Software Technology (Amast’93), Springer Nature 263-270.
01-01-1994
1991
Stone duality for stable functionsEhrhard T and Malacaria P
Lecture Notes in Computer Science. vol. 530, 1-15.
01-01-1991
Some results on the interpretation of lambda -calculus in operator algebrasMalacaria P and Regnier L
[1991] Proceedings Sixth Annual IEEE Symposium on Logic in Computer Science., 63-72.
01-01-1991
Grants
Grants of specific relevance to the Centre for Fundamental Computer ScienceUnrestricted donation: Formal verification of privacy propertiesPasquale Malacaria
£58,029 Meta Platforms Inc
01-10-2022 - 31-12-2025
CHAI: Cyber Hygiene in AI enabled domestic lifePasquale Malacaria
£329,505 EPSRC Engineering and Physical Sciences Research Council
01-12-2020 - 30-11-2023
Optimal Cybersecurity InvestmentPasquale Malacaria
£388,777 EPSRC Engineering and Physical Sciences Research Council
01-08-2017 - 31-07-2021