Computer Laboratory

Sergio Pastrana

Sergio Pastrana
E-mail:  sp849 [at]
Computer Laboratory
William Gates Building
15 JJ Thomson Avenue
Cambridge CB3 0FD UK
Office: GE20
Phone: +44 1223763783

Publications      Research activities      Teaching      Supervision     

I'm Research Associate at Computer Laboratory of University of Cambridge, working at the Cybercrime Centre. My research interests are manyfold through the field of cybersecurity. Currently, I'm working on identifying common patterns of criminal activity on the Internet, as well as preparing a series of datasets about such criminal activity. I'm also interested in various topics of systems security, including memory exploitation, and malware detection and classification. Please feel free to contact me if you want to have a chat about these or other topics.

I received a PhD in Computer Science and Technology in 2014 by University of Carlos III de Madrid, my alma mater, where I have also taught courses in official studies offered at the University Carlos III about Security and Computer Programming as well as ocassional participation in Master courses, summer schools and workshops. Google profile

Download my full CV from here

Publications  Journals   Conferences  Chapters

PhD Thesis

  • "Attacks Against Intrusion Detection Networks: Evasion, Reverse Engineering and Optimal Countermeasures". Supervised by Agustin Orfila and Juan E. Tapiador. June, 2014. [pdf] UC3M Outstanding Thesis Award 2013/2014
Journal papers

  1. "PAgIoT: Privacy-preserving Aggregation protocol for Internet of Things". L. Gonzalez-Manzano, J.M. de Fuentes, S. Pastrana, P.Peris-Lopez, L. Hernandez."Journal of Network and Computer Applications". Volume 71. pp 59-71. August 2016. (JCR index: 2.331) [pdf] [doi]

  2. "Probabilistic Yoking Proofs For Large Scale IoT Systems".J.M. de Fuentes, P. Peris-Lopez, J.E. Tapiador, S. Pastrana."Ad Hoc Networks". Volume 32. pp 43-53. September 2015. (JCR index: 1,660). [pdf] [doi]

  3. "DEFIDNET: A framework for optimal allocation of cyberdefenses in Intrusion Detection Networks" S. Pastrana, A. Orfila, J.E. Tapiador, P. Peris-Lopez."Computer Networks". Volume 80. pp 66-84, April 2015. (JCR index: 1,446) [pdf] [doi] [prototype]

  4. "Power-aware anomaly detection in smartphones: An analysis of on-platform versus externalized operation".G. Suarez-Tangil, J.E. Tapiador, P. Peris-Lopez, S. Pastrana."Pervasive and Mobile Computing". Elsevier. Volume 18. pp 137-151. April 2015. (JCR index: 1.719). [doi] [pdf]

  5. "Randomized Anagram revisited". Sergio Pastrana, Agustin Orfila, Juan E. Tapiador, Pedro Peris-Lopez. "Journal of Network and Computer Applications". Volume 41. pp 182-196, May 2014.(JCR index: 2.229). [doi] [pdf]

  6. "Evaluation of Classification Algorithms for Intrusion Detection in MANETs". Sergio Pastrana, Aikaterina Mitrokotsa, Agustin Orfila, Pedro Peris-Lopez. "Knowledge Based Systems". Volume 36. pp 217-225. December 2012. (JCR index: 4,104). [doi] [pdf]
Conference papers

  1. "Characterizing Eve: Analysing Cybercrime Actors in a Large Underground Forum", Sergio Pastrana , Alice Hutchings, Andrew Caines, Paula Buttery. Accepted at Research in Attacks, Intrusions and Defences (RAID) , Heraklion, Crete, September 2018 [Download preprint]

  2. "CrimeBB: Enabling Cybercrime Research on Underground Forums at Scale", Sergio Pastrana, Daniel R. Thomas, Alice Hutchings, and Richard Clayton. ACM The Web Conference 2018 (WWW) , Lyon, France, April 2018. [pdf]

  3. "Ethical issues of research using datasets of illicit origin", Daniel R. Thomas, Sergio Pastrana, Alice Hutchings, Richard Clayton, and Alastair R. Beresford. ACM Internet Measurement Conference (IMC) , London, UK, November 2017. [pdf]

  4. "Shall we collaborate? A model to analyse the benefits of information sharing", Roberto Garrido, Lorena Gonzalez and Sergio Pastrana. ACM CCS Worshop on Information Sharing and Collaborative Security (WISCS) , Vienna, Austria, October 2016. [pdf]

  5. "AVRAND: A Software Based Defense Against Code Reuse Attacks in AVR Architectures", Sergio Pastrana, Juan E. Tapiador, Guillermo Suarez-Tangil, Pedro Peris-Lopez. "13th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)", San Sebastian, Spain, July 2016. [pdf]

  6. "ArduWorm: A Practical Malware Targeting Arduino Devices", Sergio Pastrana, Jorge Rodriguez-Canseco, Alejandro Calleja. "Jornadas Nacionales de Investigacion en Seguridad (JNIC)", Granada, Spain, June 2016. [pdf] Best paper award!

  7. "Security Analysis and Exploitation of Arduino Devices in the Internet of Things", Carlos Alberca, Sergio Pastrana, Guillermo Suarez-Tangil, Paolo Palmieri. " Workshop on Malicious Software and Hardware in Internet of Things (Mal-IoT)", Como, Italy, May 2016 [doi] [pdf]

  8. "Interactive activities: the key to learning programming with MOOCs.",Carlos Alario, Carlos Delgado, Iria Estevez, Carmen Fernandez, Jorge Blasco, Sergio Pastrana, Guillermo Suarez, and Julio Villena. "Proceedings of the European Stakeholder Summit on experiences and best practices in and around MOOCs (EMOOCS)", Graz (Austria), February 2016

  9. "Anomalous Web Payload Detection: Evaluating the Resilience of 1-gram Based Classifiers", Sergio Pastrana, Carmen Torrano-Gimenez, Hai Than Nguyen, Agustin Orfila. "Proceedings of the VIII Conference on Intelligent Distributed Computing (IDC) ", pp 195-201, Madrid, Spain, September 2014 [pdf]

  10. "A functional framework to evade Network IDS", Sergio Pastrana, Agustin Orfila and Arturo Ribagorda. "Proceedings of the 44th Hawaii International Conference on Systems Sciences (HICSS44)", Kauai, USA, January 2011 [doi] [pdf]

  11. "Artificial Immunity-Based Correlation System (poster)", Guillermo Suarez-Tangil, Esther Palomar, Sergio Pastrana, Arturo Ribagorda. "SECRYPT – International Conference on Security and Cryptography", Sevilla, Spain, July 2011 [doi] [pdf]

  12. "Modeling NIDS evasion using Genetic Programming", Sergio Pastrana, Agustin Orfila and Arturo Ribagorda. "Proceedings of the 2010 World Congress in Computer Science, Computer Engineering and Applied Computing, WORLDCOMP'10", Las Vegas, USA, July 2010 [pdf]

  13. "EVADIR: una metodologia para la evasion de IDS de red", Sergio Pastrana, Agustin Orfila and Arturo Ribagorda. "Actas de la XI Reunion Espanola sobre Criptologia y Seguridad de la Informacion, RECSI'10", Tarragona, Spain, September 2010 [pdf]

Book chapters
  1. "Evading IDS and Firewalls as Fundamental Sources of Information in SIEMS", in "Advances in Security Information Management: perceptions and outcomes". Sergio Pastrana, José Montero, Agustin Orfila, NOVA Publishers, ISBN 978-1-62417-221-2(2013)

Research Activities

Reviewer of the following journals
  • Computers&Security
  • Knowledge Based Systems
  • Future Generation Computer Systems
  • Information Sciences
  • KSII Transactions on Internet and Information Systems
  • AdHoc Networks
PC Member or conference sub-reviewer
  • 12th International Conference on Security and Cryptography (SECRYPT) 2015
  • IEEE International Conference on Trust, Security and Privacy 2015
  • International Conference on Information Security Practice and Experience 2015
  • International Conference on Networks & Communications 2016
  • 13th International Conference on Security and Cryptography (SECRYPT) 2016
  • Project reviewer at Spanish Association for Standardisation and Certification
  • Project reviewer at Israeli Ministry of Science, Technology and Space

Teaching experience

MSc courses BSc and other courses Online Open Courses


In the past, I've supervised several BSc projects and MSc Thesis (see list below). Currently, I'm preparing supervision for students of the University of Cambridge. I will upload a set of ideas and projects soon.

Master Thesis
  1. José María Alonso, 2016. Topic: Security in SCADA
  2. Jaime Morales, 2016. Topic: Information Sharing
  3. Luis Nuñez, 2016. Topic: Malware analysis
  4. Fernando Vañó, 2016. Topic: IoT Honeypot
  5. Roberto Garrido, 2016. Topic: Cooperative Cyberdefense
  6. Victor Sánchez, 2015. Topic: SIEM systems
  7. Eric Mendillo, 2015. Topic: Cybersecurity simulator
  8. José Ramón Rapallo, 2015. Topic: Military Cyber-ranges
  9. Carlos Alberca, 2015. Topic: Security in IoT
  10. Christian López, 2015, Topic: SIEM systems
BSc Projects
  1. Guillermo Izquierdo 2016. Topic: Android security
  2. Luis Buendía 2016. Topic: Malware engineering
  3. Antonio Requena, 2016. Topic: Android Security
  4. Carlos Alberca, 2014. Topic: Security in RFID
  5. Marta Canes, 2014. Topic: Intrusion Detection Networks
  6. Ricardo Ramirez, 2014, Topic: Security Legislation
  7. Javier Alvarez, 2014, Topic: Bio-engineering
  8. Antonio Parra, 2013, Topic: Malware analysis
  9. Joel Barra, 2012, Topic: Linux security