Group

The DCD Laboratory, led by Associate Professor Emmanouil Vasilomanolakis, conducts research in advanced defensive cyber deception. We study the full spectrum of deception techniques—from traditional honeypots to moving target defense and AI-enhanced traps—while also investigating adversary tactics and tools and how real-world defenses fail. In parallel, we focus on critical infrastructure and operational technology (OT). Using internet measurements, large-scale scanning, and analysis of exposed online systems, we map real-world risk (for example, vulnerable or obsolete OT deployments) and translate these insights into improved detection and protection methods.

Our team includes postdoctoral researchers, PhD students, and student researchers, and we collaborate with the Honeynet Project through Google Summer of Code initiatives.

Postdoctoral researchers (see also alumni)

  • Ongoing: Alberto Mongardini (Technical University of Denmark, 2025-now), area: cyber-deception

PhD Students (see alumni for completed ones)

  • Ongoing: Ilaria Giacometti (Technical University of Denmark, 2025-now), area: cyber-deception
  • Ongoing: Dario Maddaloni (Technical University of Denmark, 2024-now), area: cyber-deception
  • Ongoing: Karina Elzer (Technical University of Denmark, 2024-now), area: cyber-deception
  • Ongoing: Arthur Cordeiro Urbano (Technical University of Denmark, 2024-now), area: cyber-deception
  • Ongoing: Anastasia Safargalieva (Technical University of Denmark, 2024-now), area: cyber-deception
  • Ongoing: Pilleriin Lillemets (co-supervision with Prof. N. Dragoni, Technical University of Denmark, 2024-now), area: cyber-ranges
  • Ongoing: Ricardo Maria Yaben Lopezosa (Technical University of Denmark, 2023-now), area: IoT security

Erasmus+ students

  • Ongoing: Stylianos Malamas (University of Crete)
  • Ongoing: Angelos Valentions Politis (University of Crete)

Google Summer of Code (GSoC) students (collaboration with the Honeynet Project)

  • Ongoing: Olha Patsyienko (South East Technological University)
  • Ongoing: Anshika Sharma (Manipal University Jaipur)

Alumni

Postdoctoral researchers

  • Erick Armando Diaz Hernandez (2022), area: threat detection in blockchain networks

PhD Students

  • Completed 🎉: Dimitrios Georgoulias (Aalborg University, 2020-2024), area: botnets
  • Completed 🎉: Shreyas Srinivasa (Aalborg University, 2020-2023), area: honeypots, offensive cyber-security
  • Completed 🎉: Martin Fejrskov Andersen (Aalborg University, Telenor Denmark, 2019-2022), area: ISP-level malware detection

Google Summer of Code (GSoC) in collaboration with the Honeynet Project

  • Sean Brady (Oregon State University, 2024): Honeyscanner
  • Daria Danieluk (Warsaw University of Technology, 2024): Honeyscanner
  • Aristofanis Chionis (Technical University of Denmark, 2023): Honeyscanner
  • Elisa Tsai (University of Michigan, 2023): Riotpot honeypot development
  • Ricardo Maria Yaben Lopezosa (Aalborg University, 2022): RIoTPot honeypot development
  • Abhimanyu Rawat (Universitat Pompeu Fabra, 2021): RIoTPot honeypot development
  • Filip Adamik (Aalborg University, 2021), area: HosTaGe mobile honeypot development
  • Eirini Lygerou (Athens University of Economics and Business, 2020), area: HosTaGe mobile honeypot development

MSc Students (completed)

  1. Hardening Honeypot Technologies in IoT : Challenges and Practical Improvements, Siyan Chen and Khizar Mukhtiar (Technical University of Denmark, 2025)
  2. Exploring the use of AI Scammer Deception Framework with focus on Believability, Stability and Scammer Profiling, Joachim Touveneau Petersen and Chrisitan Emil Houmann Tchernokojev (Technical University of Denmark, 2025)
  3. Extending the Attribute Based Access Control Model (ABAC) with HoneyAttributes for Insider Threat Detection: a trust-aware framework, Anastasia Danai Panagiotopoulou (Technical University of Denmark, 2025)
  4. One Honeypot to Rule Them All Advancing Honeypot Flexibility and Deception Through the Utilization of Large Language Models, Artur Rüffer (Technical University of Denmark, 2025) [received the IDA IT-Specialeprisen 2025 for the best MSc thesis in Denmark]
  5. Leveraging Tarpits to Mitigate Botnet Propagation through IoT Protocol Simulation, Bastian Preisel (Technical University of Denmark, 2025)
  6. Cyber Security in Operational Technology Identifying vulnerable and obsolete Operational Technology (OT) systems, Mathias Axel Anguita Andersen (Technical University of Denmark, 2025)
  7. Enhancing Web Honeypots with LLM-driven Breadcrumbs and Honeytokens, Constantinos Palochis and Nicolai Veiglin Arends (Technical University of Denmark, 2025)
  8. Breaking the Illusion Techniques for Honeypot Detection, Oscar Alexander Munch Jørgensen (Technical University of Denmark, 2025)
  9. Cyber Deception with DicomHawk: Honeypot and honeytoken design for fingerprinting evasion, Alexandra Babanuta and Nawras Mouala (Technical University of Denmark, 2025)
  10. AI-Based Password Guessing Attacks, Karolina Jadwiga Jablonska (Technical University of Denmark, 2025)
  11. Investigating the Viability of LLM-based Honeypots, Eva Hvalkof Andersen, Markus Emil Høybye Jegstrup, Simon Bang Hjortkilde (Technical University of Denmark, 2025)
  12. Machine learning and cyber deception Methods for combating fraudsters, Victor Rodrigues Andersen (Technical University of Denmark, 2025)
  13. Advancing Medical Cybersecurity: Designing and Implementing a DICOM Honeypot, Georgios Theodoridis (Technical University of Denmark, 2024)
  14. Analysis of devices connected to the Internet with an interest on digital ghosts, Oliver Rømer Hansen (Technical University of Denmark, 2024)
  15. Securing the Internet of Things Data Analysis, Vulnerability Discovery, and Clustering of IoT and OT data, Ioannis Milopoulos (Technical University of Denmark, 2024)
  16. Assessing Cybersecurity Awareness in the Public Domain An Experimental Study on Human Behavior in Response to Dropped USB Drives and QR Codes, Johannes Nordskov Pedersen (Technical University of Denmark, 2024)
  17. Hardening and misusing of honeypots, Anders Skrøvseth Haugen (Technical University of Denmark, 2024)
  18. Why Security Fails ? The Core Reasons for Security Failures Among Users in Denmark: A Psychological and Behavioural Perspective, Zainab Imad Hassoun (Technical University of Denmark, 2024)
  19. Modeling Attack Surface to Analyze Security Risks in Cloud Architecture, Nela Kaczmarek (Technical University of Denmark, 2024)
  20. Unmasking digital ghost ships: Comprehensive scanning, statistical analysis, and ethical disclosure of vulnerable IoT and OT devices in Denmark and beyond, Niels Peter Vinkel Ahle Lundsgaard and Jacob August Indahl Lundin (Technical University of Denmark, 2024)
  21. Investigating the Effectiveness of Modern Wardriving for Identifying Vulnerable Bluetooth- Enabled IoT Devices, Jesper Spenter Ifversen (Technical University of Denmark, 2024)
  22. Honeyscanner: A vulnerability analyzer for honeypots, Aristofanis Chionis Koufakos (Technical University of Denmark, 2023)
  23. Towards Developing Realistic Datasets for Evaluating Intrusion Detection Systems, Abdirisaq Farah and Martin Daniel Nielsen (Technical University of Denmark, 2023) [in collaboration with Vicente Rodriguez (cPacket Networks) and Carlos Garcia Cordero (CGI Space)]
  24. Unveiling The Dark Web: Automated Monitoring of Hidden Services, Mohammad Nabil Ahmad (Technical University of Denmark, 2023)
  25. SweetCam: The Design of a Honeypot for IP Cameras, Zetong Zhao (Technical University of Denmark, 2023)
  26. Modeling and Analyzing the Interactions Between Synthetic Attacks and Background Traffic in Network Intrusion Detection System Datasets, Francesco Romeo (Technical University of Denmark, 2023) [in collaboration with Vicente Rodriguez (cPacket Networks) and Carlos Garcia Cordero (CGI Space)]
  27. Privacy-preserving decentralized group messaging protocol using self-sovereign identity, Daniel Cacabelos (Technical University of Denmark, 2023)
  28. Attack simulation to test the Microsoft security suite, Stefanos Mavrozoumis (Technical University of Denmark, 2023)
  29. Invisible Deception: Redesigning Honeytokens to Combat Fingerprinting, Akos Pilis (Technical University of Denmark, 2023)
  30. Hackers Are Moving: A Quantitative Analysis of Darknet Markets Products Related to Cyber Security, Ricardo Maria Yaben Lopezosa (Aalborg University, 2022)
  31. Incident Information Sharing in the Danish Critical Infrastructure: Proposal of a Conceptual Centralised Framework, Ievgeniia Moturi, Michael Christensen, Livia Dzupinova (Aalborg University, 2022)
  32. Password Labeller, A game for investigative study into the implicit, sociological meaning of passwords, Daniel Christopher Mølmark-O’Connor (Aalborg University, 2022)
  33. IT Reconnaissance Automation, Mathias Gam-Pedersen (Aalborg University, 2022)
  34. Scalable Sandboxing System, Kim Christensen (Aalborg University, 2022)
  35. Cyber Risk Quantification Using Open-Source Intelligence Gathering, Jimmi Frankel Torp (Aalborg University, 2022)
  36. Early Vulnerability Detection Using Signals from Web, Filip Adamik (Aalborg University, 2020)
  37. Feasibility of Blockchain-based Botnets: Emine Saracoglu (TU Darmstadt, 2019)
  38. Investigating the capabilities of a binary classifier to detect known and unknown botnets: Giorgio Bertagnolli (TU Darmstadt, 2019)
  39. Reverse Engineering of Sophisticated peer-to-peer IoT-Botnet Malware: Joel Küpper (TU Darmstadt, 2018)
  40. A Fuzzy Password Strength Evaluator for analysing large leaked password databases: Hong Ngoc Hoang (TU Darmstadt, 2018)
  41. HoneyDrone – A Honeypot for Drone Systems: Dhanasekar Boopalan (TU Darmstadt, 2018)
  42. Trust in Collaborative Intrusion Detection: Franklin Labang G. (TU Darmstadt, 2018)
  43. On P2P Botnet Monitoring in Adverse Conditions: Leon Böck (TU Darmstadt, 2017)
  44. Using blockchains for alert data dissemination between CIDS monitors: Natalia Reka Ivanko (TU Darmstadt, 2017)
  45. Trust Management in P2P Botnets: Jan Helge Wolf (TU Darmstadt, 2017)
  46. On the Analysis & Generation of Synthetic Attacks for Intrusion Detection Systems: Aidmar Wainakh (TU Darmstadt, 2017) *** shortlisted for the Competence Center for Applied Security Technology (CAST) award for IT Security 2018 ***
  47. Comparison and Evaluation of Honeypots: Pereira Sherryl Ann (TU Darmstadt, 2016)
  48. Extended probe-response attacks on cyber-incident monitors: Sharief Noorulla (TU Darmstadt, 2016)
  49. A Mobile Honeypot for Industrial Control Systems: Shreyas Srinivasa (TU Darmstadt, 2015)
  50. ID2T: an Intrusion Detection Dataset Toolkit: Nikolay Milanov (TU Darmstadt, 2015)
  51. Probe response attacks on cyber incident monitors: Michael Stahn (TU Darmstadt, 2015)
  52. Membership Management for unstructured distributed Collaborative IDS: Matthias Krügl (TU Darmstadt, 2015)
  53. Peer to peer based Intrusion Detection: Ahsan Malik (TU Darmstadt, 2014)

BSc Students (completed)

  1. An open-source approach to leaked account data for DTU users: Niels Kjær Ersbøll, Frederik Peetz-Schou Larsen (Technical University of Denmark, 2023)
  2. Analyzing Bitcoin’s OP RETURN operator: Johannes Mols (Aalborg University, 2020)
  3. Infiltrating Dark Net Underground Hacking Marketplaces: Ricardo Maria Yaben Lopezosa (Aalborg University, 2020)
  4. Developing an Autonomous Drone using Machine Learning and Simulations: Lasse Skjøtt Hansen, Anton Krogh Petersen (Aalborg University, 2020)
  5. Blockchain-based market for alert data exchange in Collaborative Intrusion Detections Systems: Steven Rowe (TU Darmstadt, 2018)
  6. A Toolkit for Synthetic Injection of Attacks into Network Data: Patrick Jattke (TU Darmstadt, 2016)