Katsiaryna Labunets

Department of Information Engineering and Computer Science, University of Trento

Bio

Katsiaryna Lobunets received her master’s degree in Mathematics from the Belarusian State University in Minsk, Belarus, in 2010.
Katsiaryna Labunets received her Ph.D. degree in Information and Communication Technologies from the University of Trento, Italy, in 2016.

She is now a postdoctoral researcher at the University of Trento in Security Research Group under the supervision of Prof. Fabio Massacci.

Her research interests include Empirical Methods, Security Risk Assessment, Cyber Insurance, Knowledge Reuse in Security, Models Comprehensibility.

Contacts
E-mail: katsiaryna.labunetsunitn.it
Office:  Università degli Studi di Trento (Povo 2, Open Space 8)
             Via Sommarive 9, I-38123, Povo
             Trento, Italy

ResearchGate.net
LinkedIn


Publications
Conferences & Workshops:
  1. K. Labunets, F. Massacci, F. Paci, S. Marczak, F. Moreira de Oliveira. Model Comprehension for Security Risk Assessment: An Empirical Comparison of Tabular vs. Graphical Representations. Empirical Software Engineering, 2017. Available at SSRN https://ssrn.com/abstract=2906745
  2. K. Labunets, F. Massacci, F. Paci. On the Equivalence Between Graphical and Tabular Representations for Security Risk Assessment. In Proc. of REFSQ 2017. Authors' Draft PDF.
  3. O. Gadyatskaya, K. Labunets and F. Paci. Towards Empirical Evaluation of Automated Risk Assessment Methods. In Proc. of CRiSIS 2016.
  4. K. Labunets, Y. Li, F. Massacci, F. Paci, M. Ragosta, B. Solhaug, K. Stølen, and A. Tedeschi. Preliminary Experiments on the Relative Comprehensibility of Tabular and Graphical Risk Models. In Proc. of SIDs 2015. PDF
  5. K. Labunets, F. Paci, and F. Massacci. Which Security Catalogue Is Better for Novices? In Proc. of EmpiRE Workshop at IEEE RE 2015. PDF (preprint)
  6. M.  de Gramatica, K. Labunets, F. Massacci, F. Paci, and A. Tedeschi. The Role of Catalogues of Threats and Security Controls in Security Risk Assessment: An Empirical Study with ATM Professionals. In Proc. of REFSQ 2015. PDF.
  7. K. Labunets, F. Massacci, F. Paci, M. Ragosta, B. Solhaug, K. Stølen, and A. Tedeschi. A First Empirical Evaluation Framework for Security Risk Assessment Methods in the ATM Domain, In Proc. of SIDs 2014. PDF
  8. K. Labunets, F. Paci, F. Massacci, and R. Ruprai. An Experiment on Comparing Textual vs. Visual Industrial Methods for Security Risk Assessment. In Proc. of EmpiRE Workshop at IEEE RE 2014 PDF
  9. K. Labunets, Fabio Massacci, Federica Paci, and Le Minh Sang Tran. An experimental comparison of two risk-based security methods. In Proc. of the ESEM 2013. PDF
  10. K. Labunets. Empirical Validation of Security Methods. In Proc. of the ESSoS-DS 2013. Available online.
Book Chapters:
  1. R. Scandariato, F. Paci, L.M.S. Tran, K. Labunets, K. Yskout, F. Massacci, and W. Joosen. "Empirical Assessment of Security Requirements and Architecture: Lessons Learned". In: Advances in Engineering Secure Future Internet Services and Systems, volume 8431 LNCS, Springer, 2014. Available online.
Research Projects

Dec 2015 - now            JESE - Joint seminar series "Empirical Software Engineering"
Sep 2013 - Mar 2016    EMFASE - Empirical Framework for Security Design and Economic Trade-Off
Oct 2012 - Mar 2014     NESSOS - Network of Excellence on Engineering Secure Future Internet Software Services and Systems

Education

Nov 2011 - Apr 2016     PhD in Information and Communication Technology, University of Trento, Italy
Sep 2009 - Jun 2010     MSc in Mathematics, Belarussian State University, Minsk, Belarus. Master thesis: "Fuzzy Graphs and Fuzzy Hypergraphs"
Sep 2004 - Jun 2009    Diploma of Science in Mathematics, Belarussian State University, Minsk, Belarus. Diploma thesis: "Fuzzy Line Graphs of Fuzzy Hypergraphs"

Work Experience

Jun 2016 - now              Postoctoral Research Fellow at the University of Trento (Italy).
Sep 2013 - Dec 2015
    Teaching Assistant at University of Trento (Italy).
Master course "Security Engineering" (Fall semester). The goal of the course is to learn how to conduct security risk assessment and requirements engineering and apply it to a real life problem. The course includes various topics from design and engineering (security requirements, risk assessment and compliance) to technological aspects (access control, encryption and intrusion detection). These topics covers database security, application security, network security, and mobile security.
Nov 2009 - Oct 2011      Business Systems Analyst at Itransition (Minsk, Belarus).
Jul 2008 - Nov 2009      Junior Business Systems Analyst at Itransition (Minsk, Belarus).

The most updated work experience can be found on my LinkedIn page.

Real-world interests

Road trip, cats, hiking