Institute of Software Security
21079 Hamburg, Germany
I am a senior researcher and lecturer at the Institute of Software Security of Hamburg University of Technology. My main research focus stands at the intersection of human-computer interaction and privacy engineering. Particularly, I seek to create technological solutions for supporting the cybersecurity decisions of social network users and software developers. For this, I elaborate on digital nudging applications, their personalization by means of Artificial Intelligence (AI), and ethical issues arising from combining persuasion with AI.
Before joining the Hamburg University of Technology, I worked as a postdoctoral fellow at the University of Duisburg-Essen. From January 2020 to October 2021 I was the coordinator of the RTG “User-Centered Social Media” funded by the German Research Foundation (DFG). Between August 2018 and September 2021 I participated in the H2020 project “PDP4E: Methods and Tools for GDPR Compliance through Privacy and Data Protection Engineering”. In the past, I have worked as a software engineer in Denmark and as an undergraduate research assistant in Argentina.
Since 2023 I am an associate member of the Research Institute for Socio-Technical Cybersecurity (RISCS) at the University of Bristol. Besides conducting my research, I am involved in multi-stakeholder forums for the discussion of public policies and Internet governance issues. Particularly, in debates concerning the users’ right to privacy and control over their private information.
|Aug 15, 2023|| 📣 I will be in Melbourne 🇦🇺 from September to mid-November 2023, working as a visiting scholar at |
|Jul 15, 2023|| I am co-organizing the 2nd Workshop on Mining Software Repositories Applications for Privacy and Security at |
|May 18, 2023|| I am co-organizing the 3rd Workshop on Adverse Impacts and Collateral Effects of AI Technologies at |
|Dec 8, 2021||IGF 2021 Town Hall #19 Paving the Road for the European Regulation on AI|
|Aug 16, 2021||I4ADA: Dialogues on Accountability in the Digital Age|
- JSS ’23Simple Stupid Insecure Practices and GitHub’s Code Search: A Looming Threat?Journal of Systems and Software 2023
- MSR ’23LLMSecEval: A Dataset of Natural Language Prompts for Security EvaluationsIn Proceedings of the 20th International Conference on Mining Software Repositories (MSR ’23) 2023
- CHI ’23Regret, Delete, (Do Not) Repeat: An Analysis of Self-Cleaning Practices on Twitter After the Outbreak of the COVID-19 PandemicIn Extended Abstracts of the 2023 CHI Conference on Human Factors in Computing Systems (CHI EA ’23) 2023
- CHASE ’23Developers Need Protection, Too: Perspectives and Research Challenges for Privacy in Social Coding PlatformsIn 16th International Conference on Cooperative and Human Aspects of Software Engineering (CHASE 2023) 2023
- QRS ’22GitHub Considered Harmful? Analyzing Open-Source Projects for the Automatic Generation of Cryptographic API Call SequencesIn 2022 IEEE 22nd International Conference on Software Quality, Reliability and Security Companion (QRS-C) 2022
- EuroUSEC ’22ENAGRAM: An App to Evaluate Preventative Nudges for InstagramIn 2022 European Symposium on Usable Security (EuroUSEC 2022) 2022
- ARES ’22SoK: Security of Microservice Applications: A Practitioners’ Perspective on Challenges and Best PracticesIn International Conference on Availability, Reliability and Security (ARES) 2022
- MSR ’22Vul4J: A Dataset of Reproducible Java Vulnerabilities Geared Towards the Study of Program Repair TechniquesIn International Conference on Mining Software Repositories (MSR) 2022
- EASE ’22Conversational DevBots for Secure Programming: An Empirical Study on SKF ChatbotIn Evaluation and Assessment in Software Engineering (EASE) 2022