Prof Pasquale Malacaria
Professor of Computer Science
School of Electronic Engineering and Computer Science
Queen Mary University of London
Queen Mary University of London
Research
information theory and program analysis, computer security, semantics of programming languages
Interests
I am interested in both the theoretical foundations of computer science and the practical implications and applications of the theoretical foundations.In particular, my theoretical interests focus on the use of information theory, logic and game theory to understand how information is transformed and leaked in computational processes.
On the applications side, I have worked on program analysis and the use of model-checkers to detect and quantify information leakage in programs and in side channels.
Publications
Publications of specific relevance to the Centre for Fundamental Computer Science2024
Sönmez FÖ, Hankin C and Malacaria P (2024). Smart topology detection using multi-armed bandit reinforcement learning method. Information Security Journal A Global Perspective, Taylor & Francis vol. ahead-of-print (ahead-of-print), 1-26. 10-12-2024
Zhang Y and Malacaria P (2024). Dealing with uncertainty in cybersecurity decision support. Computers & Security, Elsevier vol. 148, 104153-104153. 10-10-2024
2023
Malacaria P and Zhang Y (2023). Keep spending: Beyond optimal cyber-security investment. 2023 IEEE Computer Security Foundations Symposium. 01-07-2023
Zhang Y, Malacaria P, Loukas G and Panaousis E (2023). CROSS: A Framework for Cyber Risk Optimisation in Smart Homes. Computers and Security, Elsevier, 103250-103250. 05-04-2023
2022
zdemir S.nmez F, Hankin C and Malacaria P (2022). Attack Dynamics: An Automatic Attack Graph Generation Framework Based on System Topology, CAPEC, CWE, and CVE Databases. Computers and Security, Elsevier vol. 123 14-10-2022
Sönmez FÖ, Hankin C and Malacaria P (2022). Decision support for healthcare cyber security. Computers and Security, Elsevier vol. 122, 102865-102865. 04-08-2022
Buczkowski P, Malacaria P, Hankin C and Fielder A (2022). Optimal Security Hardening over a Probabilistic Attack Graph: A Case Study of an Industrial Control System using CySecTool. 28-04-2022
Buczkowski P, Malacaria P, Hankin C and Fielder A (2022). Optimal Security Hardening over a Probabilistic Attack Graph. Proceedings of the 2022 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems. 18-04-2022
Buczkowski P, Malacaria P, Hankin C and Fielder A (2022). Optimal Security Hardening over a Probabilistic Attack Graph: A Case Study of an Industrial Control System using CySecTool., Editors: Gupta M, Khorsandroo S and Abdelsalam M. 01-01-2022
2021
Américo A, Khouzani M and Malacaria P (2021). Channel-supermodular entropies: Order theory and an application to query anonymization. Entropy vol. 24 (1) 25-12-2021
Américo A and Malacaria P (2021). Concavity, Core-concavity, Quasiconcavity: A Generalizing Framework for Entropy Measures. 2021 IEEE 34th Computer Security Foundations Symposium (CSF). 25-06-2021
Zhang Y and Malacaria P (2021). Bayesian Stackelberg games for cyber-security decision support. Decision Support Systems, Elsevier vol. 148 15-05-2021
Zhang Y and Malacaria P (2021). Optimization-Time Analysis for Cybersecurity. IEEE Transactions on Dependable and Secure Computing 01-02-2021
Américo A and Malacaria P (2021). Concavity, Core-concavity, Quasiconcavity: A Generalizing Framework for Entropy Measures. 01-01-2021
2020
Americo A, Khouzani M and Malacaria P (2020). Conditional Entropy and Data Processing: an Axiomatic Approach Based on Core-Concavity. IEEE Transactions on Information Theory, Institute of Electrical and Electronics Engineers (IEEE), 1-1. 13-04-2020
Américo A and Malacaria P (2020). QQIF: Quantum Quantitative Information Flow (invited paper). 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). 11-01-2020
(2020). From Lambda Calculus to Cybersecurity Through Program Analysis - Essays Dedicated to Chris Hankin on the Occasion of His Retirement., Editors: Pierro AD, Malacaria P and Nagarajan R. 01-01-2020
Américo A, Khouzani MHR and Malacaria P (2020). Conditional Entropy and Data Processing: An Axiomatic Approach Based on Core-Concavity. IEEE Trans. Inf. Theory vol. 66, 5537-5547. 01-01-2020
2019
Américo A, Malacaria P and Khouzani M (2019). Channel Ordering and Supermodularity. 2019 IEEE Information Theory Workshop (ITW). 28-08-2019
Américo A, Khouzani M and Malacaria P (2019). Deterministic Channel Design for Minimum Leakage. 25-06-2019
Sharma A, Malacaria P and Khouzani M (2019). Malware Detection Using 1-Dimensional Convolutional Neural Networks. 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). 19-06-2019
Khouzani MHR, Liu Z and Malacaria P (2019). Scalable min-max multi-objective cyber-security optimisation over probabilistic attack graphs. European Journal of Operational Research, Elsevier BV 29-04-2019
Khouzani MHR and Malacaria P (2019). Generalized Entropies and Metric-Invariant Optimal Countermeasures for Information Leakage Under Symmetric Constraints. IEEE Trans. Inf. Theory vol. 65, 888-901. 01-02-2019
De Bernardi M, Khouzani MHR and Malacaria P (2019). Pseudo-Random Number Generation Using Generative Adversarial Networks. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) vol. 11329 LNAI, 191-200. 01-01-2019
Américo A, Khouzani MHR and Malacaria P (2019). Core-concavity, Gain Functions and Axioms for Information Leakage. The Art of Modelling Computational Systems: A Journey from Logic and Concurrency to Security and Privacy 261-275. 01-01-2019
2018
MALACARIA P and KHOUZANI MHR (2018). Generalised Entropies and Metric-Invariant Optimal Countermeasures for Information Leakage under Symmetric Constraints. IEEE Transactions on Information Theory, Institute of Electrical and Electronics Engineers vol. 65 (2), 888-901. 28-11-2018
Khouzani MHR and Malacaria P (2018). Information theory in game theory. Entropy vol. 20 (11) 05-11-2018
Khouzani MHR and Malacaria P (2018). Optimal channel design: A game theoretical analysis. Entropy vol. 20 (9) 05-09-2018
Malacaria P, Khouzani M, Pasareanu CS, Phan QS and Luckow K (2018). Symbolic side-channel analysis for probabilistic programs. 2018 IEEE Computer Security Foundations Symposium.. 07-08-2018
Malacaria P, Khouzani MHR, Pasareanu CS, Phan Q-S and Luckow KS (2018). Symbolic Side-Channel Analysis for Probabilistic Programs. IACR Cryptol. ePrint Arch. vol. 2018, 329-329. 09-07-2018
Bernardi MD, Khouzani MHR and Malacaria P (2018). Pseudo-Random Number Generation Using Generative Adversarial Networks., Editors: Alzate C, Monreale A, Assem H, Bifet A, Buda TS, Caglayan B, Drury B, García-Martín E, Gavaldà R, Kramer S, Lavesson N, Madden M, Molloy IM, Nicolae M-I and Sinn M. 01-01-2018
2017
MALACARIA P, Phan Q-S, Pasareanu C, Bang L and Bultan T (2017). Synthesis of Adaptive Side-Channel Attacks. 2017 IEEE Computer Security Foundations Symposium (CSF) Santa Barbara (California) 21 Aug 2017 - 25 Aug 2017. 25-09-2017
Khouzani M and Malacaria P (2017). Leakage-Minimal Design: Universality, Limitations, and Applications. 2017 IEEE 30th Computer Security Foundations Symposium (CSF). 01-08-2017
Phan Q-S, Bang L, Pasareanu CS, Malacaria P and Bultan T (2017). Synthesis of Adaptive Side-Channel Attacks. IACR Cryptology ePrint Archive vol. 2017, 401-401. 09-05-2017
2016
MALACARIA P, TAUTCHNING M and DISTEFANO D (2016). Information leakage analysis of complex C code and its application to OpenSSL. 7th International Symposium on Leveraging Applications CORFU 10 Oct 2016 - 14 Oct 2016. 05-10-2016
KHOUZANI MHR, MALACARIA P, HANKIN C, FIELDER A and SMERALDI F (2016). Efficient Numerical Frameworks for Multi-Objective Cyber Security Planning. European Symposium on Research in Computer Security (ESORICS) 2016 Heraklion, Crete, Greece 26 Sep 2016 - 30 Sep 2016. 15-09-2016
Khouzani MHR and Malacaria P (2016). Relative Perfect Secrecy: Universally Optimal Strategies and Channel Design. 2016 IEEE 29th Computer Security Foundations Symposium (CSF). 08-08-2016
Pasareanu CS, Phan Q-S and Malacaria P (2016). Multi-run Side-Channel Analysis Using Symbolic Execution and Max-SMT. 2016 IEEE 29th Computer Security Foundations Symposium (CSF). 08-08-2016
Fielder A, Panaousis E, Malacaria P, Hankin C and Smeraldi F (2016). Decision support approaches for cyber security investment. Decision Support Systems vol. 86, 13-23. 19-03-2016
2015
Biondi F, Legay A, Malacaria P and Wasowski A (2015). Quantifying information leakage of randomized protocols. Theoretical Computer Science vol. 597, 62-87. 13-09-2015
Biondi F, Legay A, Malacaria P and Wąsowski A (2015). Quantifying information leakage of randomized protocols. Theoretical Computer Science, Elsevier vol. 597, 62-87. 01-09-2015
Phan Q-S and Malacaria P (2015). All-Solution Satisfiability Modulo Theories: Applications, Algorithms and Benchmarks. 01-08-2015
Rontidis G, Panaousis E, Laszka A, Daziuklas T, Malacaria P and Alpcan T (2015). A Game-Theoretic Approach for Minimizing Security Risks in the Internet-of-Things. 2015 IEEE International Conference on Communication Workshop (ICCW). 01-06-2015
Fielder A, Panaousis E, Malacaria P, Hankin C and Smeraldi F (2015). Comparing Decision Support Approaches for Cyber Security Investment. 19-02-2015
Phan Q-S, Malacaria P and Pasareanu CS (2015). Concurrent Bounded Model Checking. SIGSOFT Softw. Eng. Notes, ACM vol. 40, 1-5. 01-02-2015
2014
Biondi F, Legay A, Nielsen BF, Malacaria P and Wąsowski A (2014). Information leakage of non-terminating processes. 01-12-2014
MALACARIA P (2014). Algebraic foundations for quantitative information flow. Mathematical Structures in Computer Science, Cambridge University Press (CUP) vol. 25 (2), 404-428. 10-11-2014
Phan Q-S and Malacaria P (2014). Abstract Model Counting: A Novel Approach for Quantification of Information Leaks. ASIA CCS '14 Proceedings of the 9th ACM symposium on Information, computer and communications security Kyoto, Japan 4 Jun 2014 - 6 Jun 2014. 01-01-2014
Panaousis E, Fielder A, Malacaria P, Hankin C and Smeraldi F (2014). Cybersecurity Games and Investments: A Decision Support Approach. 01-01-2014
Phan Q-S, Malacaria P, Pasareanu CS and d Amorim M (2014). Quantifying Information Leaks Using Reliability Analysis. SPIN 2014 Proceedings of the 2014 International SPIN Symposium on Model Checking of Software San Jose, CA. USA 21 Jul 2014 - 22 Jul 2014. 01-01-2014
Fielder A, Panaousis E, Malacaria P, Hankin C and Smeraldi F (2014). Game Theory Meets Information Security Management. 01-01-2014
2013
Huang X and Malacaria P (2013). SideAuto: Quantitative information flow for side-channel leakage in web applications. Proceedings of the ACM Conference on Computer and Communications Security, 285-290. 09-12-2013
MALACARIA P and SMERALDI F (2013). Thermodynamic Aspects of Confidentiality. Information and Computation vol. 226, 76-93. 01-05-2013
Biondi F, Legay A, MALACARIA P and Wasowski A (2013). Quantifying Information Leakage of Randomized Protocols., Editors: Giacobazzi R, Berdine J and Mastroeni I. 14th International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI) Rome 20 Jan 2013 - 22 Jan 2013. 01-01-2013
Hankin C and Malacaria P (2013). Payoffs, Intensionality and Abstraction in Games., Editors: Coecke B, Ong L and Panangaden P. 01-01-2013
2012
Malacaria P and Smeraldi F (2012). The thermodynamics of confidentiality. Proceedings of the Computer Security Foundations Workshop, 280-290. 05-10-2012
MALACARIA P and SMERALDI F (2012). The Thermodynamics of Confidentiality., Editors: Cortier V and Zdancewic S. 25th IEEE Computer Security Foundations Symposium Harvard, MA, USA 25 Jun 2012 - 27 Jun 2012. 01-01-2012
Phan Q-S, Malacaria P, Tkachuk O and Pasareanu CS (2012). Symbolic quantitative information flow. ACM SIGSOFT Softw. Eng. Notes vol. 37, 1-5. 01-01-2012
Köpf B, Malacaria P and Palamidessi C (2012). Quantitative Security Analysis (Dagstuhl Seminar 12481). Dagstuhl Reports vol. 2, 135-154. 01-01-2012
2011
Malacaria P (2011). Algebraic Foundations for Information Theoretical, Probabilistic and
Guessability measures of Information Flow. 18-01-2011
2010
Malacaria P (2010). Program Analysis Probably Counts: Discussant Contribution for the Computer Journal Lecture by Chris Hankin. COMPUT J vol. 53 (6), 881-881. 01-07-2010
Malacaria P (2010). Risk assessment of security threats for looping constructs. Journal of Computer Security, IOS Press vol. 18, 191-228. 22-03-2010
Chen H and Malacaria P (2010). The Optimum Leakage Principle for Analyzing Multi-threaded Programs., Editors: Kurosawa K. 01-01-2010
Heusser J and MALACARIA P (2010). Quantifying information leaks in software. Twenty-Sixth Annual Computer Security Applications Conference, ACSAC 2010 Austin Texas 6 Dec 2010 - 10 Dec 2010. 01-01-2010
Heusser J and Malacaria P (2010). Applied Quantitative Information Flow and Statistical Databases., Editors: Degano P and Guttman JD. 01-01-2010
Malacaria P (2010). Quantitative Information Flow: From Theory to Practice?, Editors: Touili T, Cook B and Jackson P. 01-01-2010
Malacaria P and Heusser J (2010). Information Theory and Security: Quantitative Information Flow., Editors: Aldini A, Bernardo M, Di Pierro A and Wiklicky H. 01-01-2010
2009
Chen H and Malacaria P (2009). Studying Maximum Information Leakage Using Karush-Kuhn-Tucker Conditions. EPTCS 7, 2009, pp. 1-15 21-10-2009
MALACARIA P and SMERALDI F (2009). On Adaboost and Optimal Betting Strategies. WORLDCOMP: The 2009 International Conference on Data Mining, DMIN 2009 Las Vegas 13 Jul 2009 - 16 Jul 2009. 01-01-2009
CHEN H and MALACARIA P (2009). Quantifying maximal loss of anonymity in protocols. Proceedings of the 2009 ACM Symposium on Information, Computer and Communications Security, ASIACCS 2009 Sydney, Australia 1 Jan 1970. 01-01-2009
2008
Malacaria P and Chen H (2008). Lagrange Multipliers and Maximum Information Leakage in Different Observational Models. 01-01-2008
2007
MALACARIA P, Hunt S and Clark D (2007). A static analysis for quantifying the information flow in a simple imperative language. Journal of Computer Security vol. 15 (3), 321-371. 01-03-2007
Chen H and Malacaria P (2007). Quantitative Analysis of Leakage for Multi-threaded Programs. 01-01-2007
2005
Clark D, Hunt S and Malacaria P (2005). Quantitative information flow, relations and polymorphic types. J LOGIC COMPUT vol. 15 (2), 181-199. 01-04-2005
Clark D, Hunt S and Malacaria P (2005). Quantified Interference for a while Language. Electronic Notes in Theoretical Computer Science vol. 112 (SPEC. ISS.), 149-166. 02-01-2005
2002
Bucciarelli A and Malacaria P (2002). Relative definability of boolean functions via hypergraphs. THEOR COMPUT SCI vol. 278 (1-2), 91-110. 06-05-2002
MALACARIA P, Clark D and Hunt S (2002). Quantitative Analysis of the Leakage of Confidential Data. Electronic Notes in Theoretical Computer Science vol. 59 (3) 01-01-2002
2000
Abramsky S, Jagadeesan R and Malacaria P (2000). Full abstraction for PCF. INFORM COMPUT vol. 163 (2), 409-470. 15-12-2000
1999
Hankin C and Malacaria P (1999). Program analysis games. ACM Computing Surveys, Association for Computing Machinery (ACM) vol. 31 (3es) 01-09-1999
Malacaria P and Hankin C (1999). Non-deterministic games and program analysis: An application to security. Proceedings 11th Annual IEEE Symposium on Logic in Computer Science, Institute of Electrical and Electronics Engineers (IEEE), 443-452. 01-01-1999
1998
1995
Malacaria P (1995). Studying equivalences of transition systems with algebraic tools. Theoretical Computer Science, Elsevier vol. 139 (1-2), 187-205. 01-03-1995
1994
Abramsky S, Malacaria P and Jagadeesan R (1994). Full Abstraction for PCF (extended abstract). Theoretical Aspects of Computer Software 1-15. 01-01-1994
Malacaria P (1994). Equivalences of Transition Systems in an Algebraic Framework. Algebraic Methodology and Software Technology (AMAST’93) 263-270. 01-01-1994
1991
Malacaria P and Regnier L (1991). Some results on the interpretation of lambda -calculus in operator algebras. [1991] Proceedings Sixth Annual IEEE Symposium on Logic in Computer Science. 01-01-1991
Grants
Grants of specific relevance to the Centre for Fundamental Computer ScienceUnrestricted donation: Formal verification of privacy propertiesPasquale Malacaria
£58,029 Meta Platforms Inc (01-10-2022 - 31-12-2025)
CHAI: Cyber Hygiene in AI enabled domestic lifePasquale Malacaria
£329,505 EPSRC Engineering and Physical Sciences Research Council (01-12-2020 - 30-11-2023)