Kevin van Liebergen ☕️
Kevin van Liebergen

Ph.D. Student in Cybercrime Attribution

About Me

Hi! I’m a PhD student at the IMDEA Software Institute, where I’m part of the software security group led by Prof. Juan Caballero. My research focuses on malware and cybercrime, particularly cybercrime attribution, ransom scams, attacker profiling, and threat intelligence. I’ve presented my work at major conferences such as NDSS (San Diego, US), DIMVA (Hamburg, Germany), and JNIC (Sevilla, Spain).

Before joining IMDEA, I earned an M.Sc. in Cybersecurity from the Universidad de Alcalá and worked as a systems administrator consultant. Outside of academia, I enjoy participating in Capture The Flag (CTF) competitions and have a genuine passion for cybersecurity and systems.

My Erdös number is 4 (Juan Caballero -> Geoffrey M. Voelker -> Ronald. L. Graham -> P. Erdös).

I transform coffee into code, and datasets into knowledge… Or at least I try to.

Interests
  • CTFs (web and rev)
  • RFID
  • AI
Education
  • PhD in Cybercrime Attribution

    IMDEA Software Institute

  • MSc Cybersecurity

    Universidad de Alcalá

  • BSc Computer Engineering

    Universidad de Alcalá

Recent Publications
(2025). All your (data)base are belong to us: Characterizing Database Ransom(ware) Attacks. NDSS 2025.
(2023). Cybercrime Bitcoin Revenue Estimations: Quantifying the Impact of Methodology and Coverage. CCS 2023.
(2023). A Deep Dive into the VirusTotal File Feed. DIMVA 2023.
(2022). A Deep Dive into VirusTotal: Characterizing and Clustering a Massive File Feed. arXiv.
Recent News