Kevin van Liebergen

Kevin van Liebergen

PhD Student in security

IMDEA Software Institute

Biography

Hi! I am a Ph.D. Student at IMDEA Software Institute. I am part of the security group lead by Prof. Juan Caballero. I received my M.Sc in cybersecurity from the Universidad de Alcalá (UAH).

My research focuses on cybercrime, particularly ransom scams, attribution target selection, threat hunting, and threat intelligence approaches. I enjoy participating in CTFs and have a genuine passion for all things related to IT.

My Erdös number is 4 (Juan Caballero -> Geoffrey M. Voelker -> Ronald. L. Graham -> P. Erdös).

I don’t pass the Turing test in the mornings.

Interests
  • Cybercrime
  • Attribution
  • Threat Hunting
  • Threat Intelligence
Education
  • PhD in security, WIP

    IMDEA Software Institute

  • MSc in Cybersecurity, 2022

    Universidad de Alcalá

  • BSc in Computer Engineering, 2020

    Universidad de Alcalá

Recent News

[2024/April] Our paper on Database Server Ransom Scams has been accepted at JNIC 2024

[2023/December] Beneficiary of the “Formacion de Personal Investigador” (FPI Espada) grant

[2023/October] Participation on the Artifacts Evaluation Committee (AEC) at Usenix 2024

[2023/September] Our paper on Bitcoin Estimations has been accepted at CCS 2023

[2023/April] Our paper on VirusTotal file feed has been accepted at DIMVA 2023

Recent Publications

(2023). Cybercrime Bitcoin Revenue Estimations: Quantifying the Impact of Methodology and Coverage. arXiv.

Cite URL

(2023). Cybercrime Bitcoin Revenue Estimations: Quantifying the Impact of Methodology and Coverage. CCS 2023.

Cite URL

(2023). A Deep Dive into the VirusTotal File Feed. DIMVA 2023.

Cite DOI

(2022). A Deep Dive into VirusTotal: Characterizing and Clustering a Massive File Feed. arXiv.

Cite DOI URL

Experience

 
 
 
 
 
IMDEA Software Institute
PhD Student
Sep 2022 – Present Madrid
Conducted research on cybercrime bitcoin revenue estimation methods, emphasizing methodological variations. Developed a tool replicating diverse approaches, highlighting potential overestimation risks. Developed techniques improving estimation accuracy, exposing existing discrepancies.
 
 
 
 
 
IMDEA Software Institute
Research Intern
May 2021 – Aug 2022 Madrid
Full-time internship at the IMDEA Software Institute under the supervision of Prof. Juan Caballero in collaboration with NortonLifeLock Research Group to work on the development of a threat hunting tool using the VirusTotal file feed.
 
 
 
 
 
Cátedra ISDEFE-UAH
Researcher
Sep 2018 – Apr 2021 Madrid
Design and teaching of courses on networks and forensics, with a focus on drone technology. Conducted in-depth analysis on anonymization networks (Deep Web, Dark Web, and Dark Net) and homomorphic encryption, to anticipate emerging trends and technologies in the cybersecurity landscape. Generated static code analysis reports to enhance software security and identify vulnerabilities, contributing to robust and secure applications.
 
 
 
 
 
Making Science
System Administrator
Sep 2019 – Mar 2020 Madrid
Administration and management of infrastructures and services: Google Cloud Platform and on-premises. Configuration and automation of high-availability system with the philosophy of Infrastructure as code (IaC) with tools such as SaltStack, Terraform and Docker.

Projects

Wallapop crawler
Python web crawler using the Selenium library to extract data from Wallapop’s second-hand application. Automated navigation and data extraction for efficient analysis and monitoring of listings.
Privilege escalation tool
Bachelor’s degree thesis titled ‘Análisis de procedimientos de escalada de privilegios basado en el framework MITRE ATT&CK’ for the Computer Engineering degree from the Universidad de Alcalá.

Contact