Guillermo Suarez-Tangil

IMDEA Networks Institute

"Nothing in life is to be feared, it is only to be understood." - Marie Curie.

About me - PhD (with distinction)

I am an Assistant Professor at IMDEA Networks Institue. I am also part of the Cybersecurity research group at King's College London (KCL), where I hold a honorary visiting position.

I was previously at the Information Security Group in University College London (UCL) working as a senior research associate with Gianluca Stringhini. My main focus is on detecting and preventing mass-marketing fraud (see DAPM project). My interests in security range from malware detection, security in smart devices, intrusion detection, and other cyber security areas. Prior to joining UCL, I was at the Information Security Group in Royal Holloway, University of London (RHUL) as a postdoctoral research assistant.

I received a PhD in CS with distinction in the Computer Security (COSEC) Lab at Universidad Carlos III de Madrid, Spain. I have participated in various research projects related to network security and trusted computing. I hold a B.Sc. and a M.Sc. in Computer Science from Universidad Carlos III de Madrid. Best academic award for the M.Sc. and PhD.

Contact information:
Guillermo Suarez de Tangil
Cybersecurity Group
IMDEA Networks Institute
Avda. del Mar Mediterraneo, 22 28918 Leganes, Spain

Office: room 1W12
E-mail:

PhD - Computer Science

This Thesis deals with the problem of analyzing smart malware for smart devices, providing specific methods for improving their identification.

Mining Structural and Behavioral Patterns in Smart Malware. Best National Thesis Award. 2014.

Research - Security

Full list of publications at Google Schoolar.

News

  • Serving in the TPC of IEEE S&P and Usenix Sec 2025.
  • Serving as General co-Chair of ACM IMC 2024.
  • Served in the TPC of Usenix Sec 2024, where I got the Distinguished Reviewer Award.
  • Served in the TPC of KDD 2023, where I got the Distinguished Reviewer Award.

Publications

  1. Sharad Agarwal, Emma Harvey, Enrico Mariconti, Guillermo Suarez-Tangil, Marie Vasek. 'Hey mum, I dropped my phone down the toilet': Investigating Hi Mum and Dad SMS Scams in the United Kingdom. Usenix Sec. August 13–15, 2025. (CORE A*).
  2. Ghafouri, Vahid and Such, Jose and Suarez-Tangil, Guillermo. I love pineapple on pizza != I hate pineapple on pizza: Stance-Aware Sentence Transformers for Opinion Mining. The 2024 Conference on Empirical Methods in Natural Language Processing (EMNLP Main). November 12 –16. (CORE A*).
  3. Seymour, William and Abdi, Noura and Ramokapane, Kopo M. and Edu, Jide and Suarez-Tangil, Guillermo and Such, Jose Voice App Developer Experiences with Alexa and Google Assistant: Juggling Risks, Liability, and Security. Usenix Security August 14–16, 2024. (CORE A*).
  4. Tereszkowski-Kaminski, Michal and Kumar Dash, Santanu and Suarez-Tangil, Guillermo A Study of Malicious Source Code Reuse Among GitHub, StackOverflow and Underground Forums. The 29th European Symposium on Research in Computer Security (ESORICS). September 16-20, 2024. (CORE A).
  5. Ghafouri, Vahid and Alatawi, Faisal and Karami, Mansooreh and Such, Jose and Suarez-Tangil, Guillermo Transformer-Based Quantification of the Echo Chamber Effect in Online Communities. The 27th ACM Conference on Computer-Supported Cooperative Work and Social Computing (CSCW). November 9-13, 2024. (CORE A).
  6. Singh, Ashwini and Ghafouri, Vahid and Such, Jose and Suarez-Tangil, Guillermo. Differences in the Toxic Language of Cross-Platform Communities. The 18th International AAAI Conference on Web and Social Media (ICWSM). 3rd – 6th June 2024. (CORE A). [doi]
  7. Ghafouri, Vahid and Agarwal, Vibhor and Zhang, Yong and Sastry, Nishanth and Such, Jose and Suarez-Tangil, Guillermo. AI in the Gray: Exploring Moderation Policies in Dialogic Large Language Models vs. Human Answers in Controversial Topics. 32nd ACM International Conference on Information and Knowledge Management (CIKM). 21-25 October 2023. (CORE A). [doi]
  8. Waleed Iqbal, Vahid Ghafouri, Gareth Tyson, Guillermo Suarez-Tangil, Ignacio Castro. Lady and the Tramp Nextdoor: Online Manifestations of Real-World Inequalities in the Nextdoor Social Network. The 17TH International AAAI Conference on Web and Social Media (ICWSM). 5-8 June 2023. (CORE A). [arXiv]
  9. Javier Carrillo-Mondejar, José Roldán-Gómez, Juan Manuel Castelo Gómez, Sergio Ruiz Villafranca, Guillermo Suarez-Tangil. Stories from a Customized Honeypot for the IoT. Journal of Information Technology. 2023. I.F.: 5.6 (Q1).
  10. Cayetano Valero, Jaime Pérez, Sonia Solera-Cotanilla, Mario Vega-Barbas, Guillermo Suarez-Tangil, Manuel Alvarez-Campana, Gregorio López. Analysis of security and data control in smart personal assistants from the user's perspective. Future Generation Computer Systems. 2023. I.F.: 7.3 (Q1). [doi]
  11. Burroughs, J., Tereszkowski-Kaminski, M., & Suarez-Tangil, G. (2023, July). Visualizing Cyber-Threats in Underground Forums. In 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) (pp. 244-258). IEEE.
  12. Bispham, M., Sattar, S. K., Zard, C., Ferrer-Aran, X., Edu, J., Suarez-Tangil, G., & Such, J. (2023, June). Misinformation in third-party voice applications. In ACM conference on Conversational User Interfaces (CUI'23).
  13. Jide Edu, Cliona Mulligan, Fabio Pierazzi, Jason Polakis, Guillermo Suarez-Tangil, Jose Such. Exploring the Security and Privacy Risks of Chatbots in Messaging Services. In Proceedings of the 22nd ACM Internet Measurement Conference (IMC ’22). October 25–27, 2022. Nice, France. (CORE A). [doi]
  14. Jide Edu, Xavier Ferrer-Aran, Jose Such, Guillermo Suarez-Tangil. Measuring Alexa Skill Privacy Practices across Three Years. The Web Conference (WWW). (CORE A*). April 25–29, 2022. Online, hosted by Lyon, France.
  15. Javier Carrillo-Mondejar, Hannu Turtiainen, Andrei Costin, J.L. Martinez, Guillermo Suarez-Tangil HALE-IoT: HArdening LEgacy Internet-of-Things devices by retrofitting defensive firmware modifications and implants. IEEE Internet of Things. 2022. I.F.: 10,24 (Q1). [doi] [IEEE]
  16. Jide Edu, Xavier Ferrer-Aran, Jose Such, Guillermo Suarez-Tangil. SkillVet: Automated Traceability Analysis of Amazon Alexa Skills. IEEE Transactions on Dependable and Secure Computing, 2022. I.F.: 7,33 (Q1). [ArXiv] [doi]
  17. Michal Tereszkowski-Kaminski, Sergui Pastrana, Jorge Blasco, Guillermo Suarez-Tangil. Towards Improving Code Stylometry Analysis in Underground Forums. Proceedings on Privacy Enhancing Technologies (PoPETs/PETS). (CORE A). July 18–23, 2022. Sydney, Australia.
  18. Héctor D. Menéndez, Guillermo Suarez-Tangil. ObfSec: Measuring the Security of Obfuscations from a Testing Perspective. Expert Systems with Applications, 2022, I.F.: 8.65 (Q1).
  19. Javier Carrillo-Mondéjar, Jose Luis Martinez, Guillermo Suarez-Tangil On how VoIP attacks foster the malicious call ecosystem. Computers & Security, 2022. I.F.: 4,44 (Q1). [doi]
  20. Mary Bispham, Clara Zard, Suliman Sattar, Xavier Ferrer-Aran, Jose Such. Leakage of Sensitive Information to Third-Party Voice Applications. Conversational User Interfaces (CUI). 2022
  21. Panicos Karkallis, Jorge Blasco, Guillermo Suarez-Tangil, Sergio Pastrana. Detecting video-game injectors exchanged in game cheating communities. European Symposium on Research in Computer Security (ESORICS). October 04–08, 2021. (CORE A).
  22. Mohammed Rashed, and Guillermo Suarez-Tangil An Analysis of Android Malware Classification Services. Sensors, 2021. I.F.: 3.9 (Q1).
  23. Memes, Radicalisation, and the Promotion of Violence on Chan Sites. Blyth Crawford, Florence Keen, and Guillermo Suarez-Tangil. International AAAI Conference on Web and Social Media (ICWSM). June 8 - 10, 2021. (CORE A). [AAAI]
  24. WearFlow: Expanding Information Flow Analysis To Companion Apps in Wear OS. Marcos Tileria, Jorge Blasco, and Guillermo Suarez-Tangil. 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2020). October 14-16, 2020. San Sebastian, Spain. (CORE A). (Acceptance rate 25.6%).
  25. Multi-country Study of Third Party Trackers from Real Browser Histories. Xuehui Hu, Guillermo Suarez-Tangil, and Nishanth Sastry IEEE European Symposium on Security and Privacy (Euro S&P). June 16-18, 2020. Genova, Italy. (Acceptance rate 14.6%).
  26. Smart Home Personal Assistants: A Security and Privacy Jide S. Edu, Jose M. Such, and Guillermo Suarez-Tangil. ACM Computation Surveys, 2020. [pdf]
  27. Characterizing Linux-based malware: Findings and recent trends Javier Carrillo-Mondéjar, Jose Luis Martínez, and Guillermo Suarez-Tangil. Future Generation Computer Systems, 2020. [doi] I.F. (2019): 6.13 (Q1). JCR Rank: 8/108
  28. Eight Years of Rider Measurement in the Android Malware Ecosystem: Evolution and Lessons Learned. Guillermo Suarez-Tangil and Gianluca Stringhini. IEEE Transactions on Dependable and Secure Computing, 2020. [doi] I.F. (2019): 6,86 (Q1).
  29. A First Look at the Crypto-Mining Malware Ecosystem: A Decade of Unrestricted Wealth. Sergio Pastrana and Guillermo Suarez-Tangil. ACM Internet Measurement Conference (IMC). Oct 21-23, 2019. Amsterdam, Netherlands. (CORE A). [Press: MIT Tech Review, New Scientist, Oracle Times, BTC Wires, CoinTelegraph, Invezz, ChainBits, BleepingComputer, BC Focus, Oracle Times, ETH News, Yahoo, Reuters, Nasdaq] (Acceptance rate 19.8%)
  30. "You Know What to Do": Proactive Detection of YouTube Videos Targeted by Coordinated Hate Attacks. Enrico Mariconti, Guillermo Suarez-Tangil, Jeremy Blackburn, Emiliano De Cristofaro, Nicolas Kourtellis, Ilias Leontiadis, Jordi Luque Serrano, Gianluca Stringhini. ACM Conference on Computer-Supported Cooperative Work and Social Computing (CSCW). Nov 9-13, 2019. Austin, Texas. (CORE A). (Acceptance rate 31.1%) [Press: Newest
  31. AndrEnsemble: Leveraging API Ensembles to Characterize Android Malware Families. Omid Mirzaei, Guillermo Suarez-Tangil, Juan Maria de Fuentes, Juan Tapiador, and Gianluca Stringhini Proceedings of the ACM ASIA Conference on Computer and Communications Security (ASIACCS). July 7-12 2019, Auckland, New Zealand. (CORE A). [doi]
  32. Automatically Dismantling Online Dating Fraud. Guillermo Suarez-Tangil, Matthew Edwards, Claudia Peersman, Gianluca Stringhini, Awais Rashid, Monica Whitty. IEEE Transactions on Information Forensics and Security (TIFS), July 22, 2019. I.F.: 6,21 (Q1). [doi]
  33. BORDERPATROL: Securing BYOD using fine-grained contextual information. Onur Zungur, Guillermo Suarez-Tangil, Gianluca Stringhini, Manuel Egele In Proceedings of the IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). June 24-27 2019, Portland, Oregon. (CORE A). (Acceptance rate 21.4%).
  34. On the Origins of Memes by Means of Fringe Web Communities. Savvas Zannettou, Tristan Caulfield, Jeremy Blackburn, Emiliano De Cristofaro, Michael Sirivianos, Gianluca Stringhini, Guillermo Suarez-Tangil. ACM Internet Measurement Conference (IMC). Oct 31 - Nov 2, 2018, Boston, MA, USA. (CORE A). (Acceptance rate 24.7%). Distinguished paper award. [src & data] Press: Quartz, BBC Trending, MIT Tech Review, CBS News, Business Insider, VICE, Infowars
  35. Matthew Edwards, Guillermo Suarez-Tangil, Claudia Peersman, Gianluca Stringhini, Awais Rashid, Monica Whitty. The Geography of Online Dating Fraud. Workshop on Technology and Consumer Protection (ConPro). May 24, 2018 at the Hyatt Regency in San Francisco, CA.
  36. Guillermo Suarez-Tangil, Santanu Kumar Dash, Pedro Garcia-Teodoro, Jose Camacho, Lorenzo Cavallaro. Anomaly-based Exploratory Analysis and Detection of Exploits in Android Platforms. IET Information Security (2018).
  37. Michael Weissbacher, Enrico Mariconti, Guillermo Suarez-Tangil, Gianluca Stringhini, William Robertson, Engin Kirda. Ex-Ray: Detection of History-Leaking Browser Extensions. 33rd Annual Computer Security Applications Conference (ACSAC). Dec 4, 2017, San Juan, Puerto Rico, USA. (CORE A). (Acceptance rate 19.7%). [blog]
  38. Omid Mirzaei, Guillermo Suarez-Tangil, Juan Tapiador, Jose M. de Fuentes. TriFlow: Triaging Android Applications using Speculative Information Flows. ACM Asia Conference on Computer and Communications Security (ASIACCS). Apr 2, 2017, Abu Dhabi, UAE. (CORE A). (Acceptance rate 18% ~ 20%). CSAW-Europe Award [src]
  39. Médéric Hurier, Tegawendé Bissyandé, Yves Le Traon, Jacques Klein, Guillermo Suarez-Tangil, Santanu Kumar Dash and Lorenzo Cavallaro. Euphony: Harmonious Unification of Cacophonous Anti-Virus Vendor Labels for Android Malware. The 14th International Conference on Mining Software Repositories (MSR). May 20-21, 2017. Buenos Aires, Argentina. (CORE A). (Acceptance rate 16% ~ 30%).
  40. Guillermo Suarez-Tangil, Santanu Kumar Dash, Mansour Ahmadi, Johannes Kinder, Giorgio Giacinto, Lorenzo Cavallaro. DroidSieve: Fast and Accurate Classification of Obfuscated Android Malware. Conference on Data and Application Security and Privacy, (CODASPY). Mar 22, 2017, Arizona, USA. (Acceptance rate 16%). [doi]
  41. Ali Feizollaha, Nor Badrul Anuara, Rosli Salleha, Guillermo Suarez-Tangilb, Steven Furnellc. AndroDialysis: Analysis of Android Intent Effectiveness in Malware Detection. Computers & Security. Vol 65, p. 121–134 (Mar, 2017). Last year's I.F.: 2.9 (Q2). [doi]
  42. Amit Deo, Santanu K. Dash, Guillermo Suarez-Tangil, Volodya Vovk, Lorenzo Cavallaro. Prescience: Probabilistic Guidance on the Retraining Conundrum for Malware Detection. Artificial Intelligence and Security (AISec). Oct 28, 2016, Vienna, Austria. (Acceptance rate 32%). [doi]
  43. Santanu K. Dash, Guillermo Suarez-Tangil, Salahudin Khan, Kimberly Tam, Mansour Ahmadi, Johannes Kinder, Lorenzo Cavallaro. DroidScribe: Classifying Android Malware based on Runtime Behavior. Mobile Security Technologies (MoST). May 26, 2016, San Jose, USA. (Acceptance rate 28%). [doi]
  44. Sergio Pastrana, Juan E. Tapiador, Guillermo Suarez-Tangil, Pedro Peris-Lopez. AVRAND: A Software Based Defense Against Code Reuse Attacks in AVR Architectures. 13th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA). July 7-8, 2016, San Sebastián, Spain. (CORE C). (Acceptance rate 28.7%).
  45. Sergio Pastrana, Carlos Alberca, Guillermo Suarez-Tangil, Paolo Palmieri. Security Analysis and Exploitation of Arduino Devices in the Internet of Things. Workshop on Malicious Software and Hardware in Internet of Things (Mal-IoT). May 16, 2016, Como, Italy.
  46. G. Suarez-Tangil, Juan E. Tapiador, Flavio Lombardi, Roberto Di Pietro. Alterdroid: Differential Fault Analysis of Obfuscated Smartphone Malware. IEEE Transactions on Mobile Computing. vol. 15:4, pp. 789-802 (2016). I.F.: 2.54 (Q1) [pdf] [Source Code]
  47. Guillermo Suarez-Tangil, Juan E. Tapiador, Pedro Peris-Lopez. Compartmentation Policies for Android Apps: A Combinatorial Optimization Approach. 9th International Conference on Network and System Security (NSS 2015). New York City, USA. (CORE B). [pdf] [Program]. Best Paper (Honorable Mention).
  48. J. Blasco, J.E. Tapiador, P. Peris-Lopez, G. Suarez-Tangil. Hindering Data Theft with Encrypted Data Trees. Journal of Systems and Software. Elsevier, March (2015). I.F.: 1,35 (Q1). [doi] [pdf]
  49. G. Suarez-Tangil, J.E. Tapiador, P. Peris-Lopez, S. Pastrana. Power-aware Anomaly Detection in Smartphones: An Analysis of On-Platform versus Externalized Operation. Pervasive and Mobile Computing (Elsevier), 18, pp. 137–151 (2015). I.F.: 2.08 (Q1). [pdf] [doi]
  50. G. Suarez-Tangil, E. Palomar, A. Ribagorda, I. Sanz. Providing SIEM Systems with Self–Adaptation. Information Fusion. vol. 21, pp. 145–158 (2015). I.F.: 3,681 (Q1). [doi] [pdf] [bib]
  51. C. Camara, P. Peris-Lopez, J.E. Tapiador, G. Suarez-Tangil. A Non-invasive Multi-modal Human Identification System combining ECG, GSR and Airflow Biosignals. Journal of Medical and Biological Engineering. vol. 35:6, pp. 735-748 (2015) I.F.: 0.97 (Q3) [pdf]
  52. Guillermo Suarez-Tangil, Juan E. Tapiador, Pedro Peris-Lopez. Stegomalware: Playing Hide and Seek with Malicious Components in Smartphone Apps. The 10th China International Conference on Information Security and Cryptology (INSCRYPT 2014). Beijing, China. December 2014. (CORE B). (Acceptance rate: 31%). [pdf] [Program]
  53. Guillermo Suarez-Tangil, Mauro Conti, Juan E. Tapiador, Pedro Peris-Lopez. Detecting Targeted Smartphone Malware with Behavior-Triggering Stochastic Models. European Symposium on Research in Computer Security (ESORICS 2014). Wroclaw, Poland. September 2014. (CORE A). (Acceptance rate 24.7%). [pdf] [bib] [Program] [Proceedings] [Targetdroid code!]
  54. G. Suarez-Tangil, F. Lombardi, J.E. Tapiador, R.D. Pietro. Thwarting Obfuscated Malware via Differential Fault Analysis. Mobile App Security. IEEE Computer, vol. 47:6, pp. 24-31 (2014). I.F.: 1,44 (Q2). [doi][pdf][bib]. More information can be found here.
  55. G. Suarez-Tangil, J.E. Tapiador, P. Peris-Lopez, J. Blasco. Dendroid: A Text Mining Approach to Analyzing and Classifying Code Structures in Android Malware Families. Expert Systems With Applications. Elsevier, vol. 41:4, pp. 1104-1117 (2014). I.F.: 2,24 (Q1). [doi][pdf][bib] (Average acceptance rate 8% ~ 10%)
  56. G. Suarez-Tangil, J.E. Tapiador, P. Peris-Lopez, A. Ribagorda. Evolution, Detection and Analysis of Malware in Smart Devices. IEEE Communications Surveys & Tutorials. IEEE, vol. 16:2, pp. 961-987 (2014). I.F.: 6,490 (Q1). [doi][pdf][bib]
  57. P. Picazo, J.E. Tapiador, P. Peris-Lopez, G. Suarez-Tangil Secure Publish-Subscribe Protocols for Heterogeneous Medical Wireless Body Area Networks. Sensors (Elsevier), 14:12, pp. 22619-22642 (2014). I.F.: 2,245 (Q1). [pdf] [doi]
  58. Jorge López Ardieta, Juan E. Tapiador, Guillermo Suarez-Tangil. Information Sharing Models for Cooperative Cyber Defence. In International Conference on Cyber Conflict.. NATO Cooperative Cyber Defence Centre of Excellence Publications. Tallin, Estonia. May 2013. [pdf]
  59. G. Suarez-Tangil, A. Ribagorda, S. Pastrana, E. Palomar Artificial Immunity-based Correlation System. International Conference on Security and Cryptography. SECRYPT 2011. [doi] [pdf]
  60. A.I. Gonzalez-Tablas, A. Alcaide, G. Suarez-Tangil, J. M. de Fuentes, I. Barroso-Perez. Towards a privacy-respectful telematic verification system for vehicle & driver authorizations (Poster). Eighth Annual International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services (MOBIQUITOUS) [uri] [pdf] [poster]
  61. G. Suarez-Tangil, E. Palomar, B. Ramos-Alvarez, A Ribagorda. An Experimental Comparison of Source Location Privacy Methods for Power Optimization in WSN. [doi] [pdf]
  62. G. Suarez-Tangil, E. Palomar, J.D. Fuentes, J. Blasco, A. Ribagorda. Automatic Rule Generation Based on Genetic Programming for Event Correlation. [doi] [pdf]

Books

Book Chapters

  1. G. Suarez-Tangil, E. Palomar, A. Ribagorda, Y. Zhang. Towards an Intelligent Security Event Information Management System . Advances in Security Information Management: perceptions and outcomes pp. 239-258 (2013). [isbn] [pdf]

Edited Books

  1. G. Suarez-Tangil, E. Palomar. Advances in Security Information Management: perceptions and outcomes (2013). [isbn]

Research Visits

  1. I'm visiting Dr. Mauro Conti from University of Padua, Padova, Italy between summer-fall 2013.

  2. I'm visiting Dr. Agustí Solanas from UNESCO Chair in Data Privacy. Rovira i Virgili University, Catalonia, Spain between 10-12 July 2013.

  3. I'm visiting Dr. Roberto Di Pietro from Security and PRivacy INnovation GRoup, Roma, Italy between summer-fall 2012.

Security Dissemination

Teaching - Teaching Assistant at UC3M

I am mainly teaching security-related courses. Currently, I am teaching Mobile Device Security since 2013, among others.

Starting from 2014 we are opening a new Master in Cybersecurity. I will be coordinating and teaching the following subjects:

  1. Analysis and Engineering of Malware.
  2. Advanced Persistent Threats and Information Leakage.

More information about my teaching can be found here.

Software - License registration tools

Sofware available for academic fair use by request.

  1. SETiChat - A secure Android chat. Jorge Blasco, Guillermo Suarez-Tangil, Juan E. Tapiador y Pedro Peris-López. Ref.: M-003681/2014.
  2. Alterdroid - Tool for analyzing obfuscated software in Android. Guillermo Suarez-Tangil, D. Juan E. Tapiador, Pedro Peris-López, Sergio Pastrana. Ref.: M-003190/2014. [doc].
  3. Targetdroid - Targetdroid - Tool for analyzing targeted malware in Android. Guillermo Suarez-Tangil, D. Juan E. Tapiador, Pedro Peris-López. Ref.: M-008457/2014. [doc].