Academic Focus

My research focuses on the empirical study of Cyber Threat Intelligence, with particular attention to the ransomware ecosystem, dark web dynamics, and the observable behavior of cybercriminal actors.

I do not treat cyber threats as isolated technical incidents. Instead, I study them as socio-technical ecosystems shaped by infrastructure, incentives, adaptation, and recurring behavioral patterns.

---

Ph.D. Research: The Ransomware Economy

I am currently pursuing a Ph.D. in Cyber Threat Intelligence at the University of Sannio, with expected completion in 2026.

Thesis: Ecosystem Dynamics and Structural Resilience of the Ransomware Economy: A Longitudinal Multi-Method Analysis of the Observable Disclosure Surface (2020-2025).

Key research areas include:

• Longitudinal analysis of ransomware groups, threat actor behavior, and attack pattern evolution.
• Study of extortion models and cybercriminal business dynamics.
• Development of data-driven and statistical models for threat detection, attribution support, and risk assessment.
• Construction and analysis of large-scale datasets for threat actor profiling and intelligence correlation.

---

Applied Engineering & Threat Intelligence Platforms

A central part of my research is the translation of analytical models into operational tools.

• Deepye Project: Designed and developed a microservices-based Threat Intelligence Platform for attack surface analysis, integrating OSINT and CLOSINT sources.
• Academic Supervision: Co-supervision of Master’s theses focused on CTI platform development, dark web monitoring for data leak detection, and adversary simulation frameworks.