About

My name is Paul Fiterau. Since May 2024, I am an assistant professor at Uppsala University in the area of cybersecurity. Before that, I worked as postdoctoral researcher and lecturer at Uppsala University. Before that, I completed my PhD in Computer Science at Radboud University Nijmegen. Before that, I did my Bachelor's and Master's in Computer Science at Politehnica University of Timisoara. Between my PhD and postdoc I worked as a software developer, which I also did during my Master's.

Research

My research lies squarely in the area of software testing with focus on security. A center point of my research is a black-box testing technique known as active automata learning, or model learning for short. This technique has been proven effective for testing implementations of network protocols including TCP, SSH, DTLS, IPsec, Bluetooth Low Energy, WiFi... I am interested both in improving the technique for the purpose of testing, as well as broadening its application. I also want to develop techniques for automated testing leveraging other, often complementary methods (e.g., symbolic execution, fuzzing, etc.), so that no bug is sparred detection.

Broadly speaking broadly, my research interests lie in:

Software

Tool building has been an essential part of my work. I contributed to several software projects. Among these I mention:

Teaching

I was a lecturer for the following courses at Uppsala University:

I assisted with the following courses at Radboud University:

Publications

A listing of all my scientific contributions:

[] Paul Fiterău-Brostean, Bengt Jonsson, Konstantinos Sagonas, and Fredrik Taquist. Smbugfinder: An automated framework for testing protocol implementations for state machine bugs. In Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), 2024. [ BIB | PDF ]
[] Hooman Asadian, Paul Fiterau-Brostean, Bengt Jonsson, and Konstantinos Sagonas. Monitor-based testing of network protocol implementations using symbolic execution. In Proceedings of the 19th International Conference on Availability, Reliability and Security (ARES), 2024. [ BIB | PDF ]
[] Simon Dierl, Fiterău-Brostean, Paul, Falk Howar, Bengt Jonsson, Konstantinos Sagonas, and Fredrik Tåkvist. Scalable tree-based register automata learning. In International Conference on Tools and Algorithms for the Construction and Analysis of Systems, 2024. [ BIB | PDF ]
[] Fiterău-Brostean, Paul, Bengt Jonsson, Konstantinos Sagonas, and Fredrik Tåkvist. Automata-based automated detection of state machine bugs in protocol implementations. In Network and Distributed System Security Symposium 2023 (NDSS), 2023. [ BIB | PDF ]
[] Paul Fiterău-Brostean, Bengt Jonsson, Konstantinos Sagonas, and Fredrik Tåkvist. DTLS-Fuzzer: A DTLS protocol state fuzzer. In ICST 2022, 2022. [ BIB | PDF ]
[] Asadian Hooman, Paul Fiterău-Brostean, Bengt Jonsson, and Konstantinos Sagonas. Applying symbolic execution to test implementations of a network protocol against its specification. 2022. [ BIB | PDF ]
[] Paul Fiterău-Brostean, Bengt Jonsson, Robert Merget, Joeri de Ruiter, Konstantinos Sagonas, and Juraj Somorovsky. Analysis of DTLS implementations using protocol state fuzzing. In 29th USENIX Security Symposium (USENIX Security 20), 2020. [ BIB | PDF ]
[] Rick Smetsers, Paul Fiterău-Brostean, and Frits Vaandrager. Model learning as a satisfiability modulo theories problem. In International Conference on Language and Automata Theory and Applications, pages 182--194. Springer, 2018. [ BIB | PDF ]
[] Paul Fiterău-Brostean and Falk Howar. Learning-based testing the sliding window behavior of TCP implementations. In Critical Systems: Formal Methods and Automated Verification, pages 185--200. Springer, 2017. [ BIB | PDF ]
[] Paul Fiterău-Brostean, Toon Lenaerts, Erik Poll, Joeri de Ruiter, Frits Vaandrager, and Patrick Verleg. Model learning and model checking of SSH implementations. In Proceedings of the 24th ACM SIGSOFT International SPIN Symposium on Model Checking of Software, SPIN 2017, pages 142--151. ACM, 2017. [ BIB | PDF ]
[] Paul Fiterău-Brostean, Ramon Janssen, and Frits Vaandrager. Combining model learning and model checking to analyze TCP implementations. In CAV 2016, volume 9780 of LNCS, pages 454--471. Springer, 2016. [ BIB | PDF ]
[] Fides Aarts, Paul Fiterău-Brostean, Harco Kuppens, and Frits Vaandrager. Learning register automata with fresh value generation. In ICTAC 2015, volume 9399 of LNCS, pages 165--183. Springer, 2015. [ BIB | PDF ]
[] Paul Fiterău-Brostean, Ramon Janssen, and Frits Vaandrager. Learning fragments of the TCP network protocol. In FMICS 2014, volume 8718 of LNCS, pages 78--93. Springer, 2014. [ BIB | PDF ]

This list cannot be complete without my PhD thesis which mostly stitches these works together. A copy of the thesis can be found here. What might be interesting to readers is the introduction, which gives a unified overview of all the work done during my PhD. My thesis also features on the IPA website. I successfully defended my PhD thesis on the 13th of April 2018.

Hobbies

I love singing, staying informed (thanks BBC), gaming and just going for a walk. Also do running, more for keeping my health in check than for the love of it.

The publications section was generated with the help of bibtex2html 1.98.