Alessandro Palma

Postdoctoral Researcher

SAPIENZA University of Rome

I am a postdoctoral researcher at Sapienza University of Rome, Italy. My research focuses on automated and quantifiable cyber risk assessment, both from a technical perspective --researching attack modeling, attack graphs, and probabilistic methods-- and from an operational perspective by providing decision support for security operations and their integration into autonomic cybersecurity, such as self-protecting systems.

I am interested in how interactive visualization and visual analytics can help analysts understand complex attack surfaces, evolving risks, and remediation priorities more intuitively. To this aim, my work also investigates progressive data analysis for real-time exploration of security data to make cyber risk assessment more adaptive, explainable, and actionable for both human operators and automated defense mechanisms.

I got a Ph.D. with Laude in Engineering in Computer Science at Sapienza University of Rome, Italy, where I also received my MSc in Engineering in Computer Science. In 2022 I worked as a research fellow with CINI Cyber Security National Laboratory on Open Source INTelligence (OSINT) topics.

During my Ph.D., I was a visiting scholar at Télécom SudParis - Institut Polytechnique de Paris.

CONTACTS

Email: palma@diag.uniroma1.it

Dipartimento di Ingegneria Informatica, Automatica e Gestionale "Antonio Ruberti" (DIAG)

Sapienza Università di Roma

Via Ariosto 25, 00185, Roma (Italy)

Room: B112

NEWS

Check out the new paper "Progressive attack graph: a technique for scalable and adaptive attack graph generation" published in the International Journal of Information Security
The track "Applications and Systems for Healthcare" has been accepted at SAC 2026. Consider submitting your work.
The paper "Behind the scenes of attack graphs: Vulnerable network generator for in-depth experimental evaluation of attack graph scalability " has just been published in Elsevier Computers & Security
The paper "IMPAVID: Enhancing incident management process compliance assessment with visual analytics " has just been published in Elsevier Computers & Graphics
🏆 We won the Best Paper Award from SEAMS 2025 with the paper "SPARQ: A QoS-Aware Framework for Mitigating Cyber Risk in Self-Protecting IoT Systems"
On April 1, 2025, the paper "SHIELD: Assessing Security-by-Design in Federated Data Spaces Using Attack Graphs" with Nikolaos Papadakis, Georgios Bouloukakis, Joaquin Garcia-Alfaro, Mattia Sospetti, and Kostas Magoutis was presented at SAC 2025
🏆 We won the best paper runner-up award from ESORICS 2024 with the paper "It is Time To Steer: A Scalable Framework for Analysis-Driven Attack Graph Generation"

Report abuse