Guillermo Suarez-Tangil

King's College London

"Nothing in life is to be feared, it is only to be understood." - Marie Curie.

About me - PhD (with distinction)

I am a Lecturer (Assistant Professor) in the Department of Informatics at King's College London (KCL). I am part of the Cybersecurity research group.

I was previously at the Information Security Group in University College London (UCL) working as a senior research associate with Gianluca Stringhini. My main focus is on detecting and preventing mass-marketing fraud (see DAPM project). My interests in security range from malware detection, security in smart devices, intrusion detection, and other cyber security areas. Prior to joining UCL, I was at the Information Security Group in Royal Holloway, University of London (RHUL) as a postdoctoral research assistant.

I received a PhD in CS with distinction in the Computer Security (COSEC) Lab at Universidad Carlos III de Madrid, Spain. I have participated in various research projects related to network security and trusted computing. I hold a B.Sc. and a M.Sc. in Computer Science from Universidad Carlos III de Madrid. Best academic award for the M.Sc. and PhD.

Contact information:
Guillermo Suarez de Tangil
Cybersecurity Group
King's College London
Bush House, Strand Campus, London, UK

Office: Bush House at room (N)7.16

PhD - Computer Science

This Thesis deals with the problem of analyzing smart malware for smart devices, providing specific methods for improving their identification.

Mining Structural and Behavioral Patterns in Smart Malware. Best National Thesis Award. 2014.

Research - Security

Full list of publications at Google Schoolar.



  1. A First Look at the Crypto-Mining Malware Ecosystem: A Decade of Unrestricted Wealth. Sergio Pastrana and Guillermo Suarez-Tangil. ACM Internet Measurement Conference (IMC). Oct 21-23, 2019. Amsterdam, Netherlands. [Press: MIT Tech Review, New Scientist, Oracle Times, BTC Wires, CoinTelegraph, Invezz, ChainBits, BleepingComputer, BC Focus, Oracle Times, ETH News, Yahoo, Reuters] (Acceptance rate 19.8%)
  2. "You Know What to Do": Proactive Detection of YouTube Videos Targeted by Coordinated Hate Attacks. Enrico Mariconti, Guillermo Suarez-Tangil, Jeremy Blackburn, Emiliano De Cristofaro, Nicolas Kourtellis, Ilias Leontiadis, Jordi Luque Serrano, Gianluca Stringhini. ACM Conference on Computer-Supported Cooperative Work and Social Computing (CSCW). Nov 9-13, 2019. Austin, Texas. (Acceptance rate 31.1%)
  3. AndrEnsemble: Leveraging API Ensembles to Characterize Android Malware Families. Omid Mirzaei, Guillermo Suarez-Tangil, Juan Maria de Fuentes, Juan Tapiador, and Gianluca Stringhini Proceedings of the ACM ASIA Conference on Computer and Communications Security (ASIACCS). July 7-12 2019, Auckland, New Zealand.
  4. Automatically Dismantling Online Dating Fraud. Guillermo Suarez-Tangil, Matthew Edwards, Claudia Peersman, Gianluca Stringhini, Awais Rashid, Monica Whitty. IEEE Transactions on Information Forensics and Security.
  5. BORDERPATROL: Securing BYOD using fine-grained contextual information. Onur Zungur, Guillermo Suarez-Tangil, Gianluca Stringhini, Manuel Egele In Proceedings of the IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). June 24-27 2019, Portland, Oregon. (Acceptance rate 21.4%).
  6. On the Origins of Memes by Means of Fringe Web Communities. Savvas Zannettou, Tristan Caulfield, Jeremy Blackburn, Emiliano De Cristofaro, Michael Sirivianos, Gianluca Stringhini, Guillermo Suarez-Tangil. ACM Internet Measurement Conference (IMC). Oct 31 - Nov 2, 2018, Boston, MA, USA. (Acceptance rate 24.7%). Distinguished paper award. [src & data] Press: Quartz, BBC Trending, MIT Tech Review, CBS News, Business Insider, VICE, Infowars
  7. Matthew Edwards, Guillermo Suarez-Tangil, Claudia Peersman, Gianluca Stringhini, Awais Rashid, Monica Whitty. The Geography of Online Dating Fraud. Workshop on Technology and Consumer Protection (ConPro). May 24, 2018 at the Hyatt Regency in San Francisco, CA.
  8. Guillermo Suarez-Tangil, Santanu Kumar Dash, Pedro Garcia-Teodoro, Jose Camacho, Lorenzo Cavallaro. Anomaly-based Exploratory Analysis and Detection of Exploits in Android Platforms. IET Information Security (2018).
  9. Michael Weissbacher, Enrico Mariconti, Guillermo Suarez-Tangil, Gianluca Stringhini, William Robertson, Engin Kirda. Ex-Ray: Detection of History-Leaking Browser Extensions. 33rd Annual Computer Security Applications Conference (ACSAC). Dec 4, 2017, San Juan, Puerto Rico, USA. (Acceptance rate 19.7%). [blog]
  10. Omid Mirzaei, Guillermo Suarez-Tangil, Juan Tapiador, Jose M. de Fuentes. TriFlow: Triaging Android Applications using Speculative Information Flows. ACM Asia Conference on Computer and Communications Security (ASIACCS). Apr 2, 2017, Abu Dhabi, UAE. (Acceptance rate 18% ~ 20%). CSAW-Europe Award [src]
  11. Médéric Hurier, Tegawendé Bissyandé, Yves Le Traon, Jacques Klein, Guillermo Suarez-Tangil, Santanu Kumar Dash and Lorenzo Cavallaro. Euphony: Harmonious Unification of Cacophonous Anti-Virus Vendor Labels for Android Malware. The 14th International Conference on Mining Software Repositories (MSR). May 20-21, 2017. Buenos Aires, Argentina. (Acceptance rate 16% ~ 30%).
  12. Guillermo Suarez-Tangil, Santanu Kumar Dash, Mansour Ahmadi, Johannes Kinder, Giorgio Giacinto, Lorenzo Cavallaro. DroidSieve: Fast and Accurate Classification of Obfuscated Android Malware. Conference on Data and Application Security and Privacy, (CODASPY). Mar 22, 2017, Arizona, USA. (Acceptance rate 16%). [doi]
  13. Ali Feizollaha, Nor Badrul Anuara, Rosli Salleha, Guillermo Suarez-Tangilb, Steven Furnellc. AndroDialysis: Analysis of Android Intent Effectiveness in Malware Detection. Computers & Security. Vol 65, p. 121–134 (Mar, 2017). Last year's I.F.: 2.9 (Q2). [doi]
  14. Amit Deo, Santanu K. Dash, Guillermo Suarez-Tangil, Volodya Vovk, Lorenzo Cavallaro. Prescience: Probabilistic Guidance on the Retraining Conundrum for Malware Detection. Artificial Intelligence and Security (AISec). Oct 28, 2016, Vienna, Austria. (Acceptance rate 32%). [doi]
  15. Santanu K. Dash, Guillermo Suarez-Tangil, Salahudin Khan, Kimberly Tam, Mansour Ahmadi, Johannes Kinder, Lorenzo Cavallaro. DroidScribe: Classifying Android Malware based on Runtime Behavior. Mobile Security Technologies (MoST). May 26, 2016, San Jose, USA. (Acceptance rate 28%). [doi]
  16. Sergio Pastrana, Juan E. Tapiador, Guillermo Suarez-Tangil, Pedro Peris-Lopez. AVRAND: A Software Based Defense Against Code Reuse Attacks in AVR Architectures. 13th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA). July 7-8, 2016, San Sebastián, Spain. (Acceptance rate 28.7%).
  17. Sergio Pastrana, Carlos Alberca, Guillermo Suarez-Tangil, Paolo Palmieri. Security Analysis and Exploitation of Arduino Devices in the Internet of Things. Workshop on Malicious Software and Hardware in Internet of Things (Mal-IoT). May 16, 2016, Como, Italy.
  18. G. Suarez-Tangil, Juan E. Tapiador, Flavio Lombardi, Roberto Di Pietro. Alterdroid: Differential Fault Analysis of Obfuscated Smartphone Malware. IEEE Transactions on Mobile Computing. vol. 15:4, pp. 789-802 (2016). I.F.: 2.54 (Q1) [pdf] [Source Code]
  19. Guillermo Suarez-Tangil, Juan E. Tapiador, Pedro Peris-Lopez. Compartmentation Policies for Android Apps: A Combinatorial Optimization Approach. 9th International Conference on Network and System Security (NSS 2015). New York City, USA. [pdf] [Program]. Best Paper (Honorable Mention).
  20. J. Blasco, J.E. Tapiador, P. Peris-Lopez, G. Suarez-Tangil. Hindering Data Theft with Encrypted Data Trees. Journal of Systems and Software. Elsevier, March (2015). I.F.: 1,35 (Q1). [doi] [pdf]
  21. G. Suarez-Tangil, J.E. Tapiador, P. Peris-Lopez, S. Pastrana. Power-aware Anomaly Detection in Smartphones: An Analysis of On-Platform versus Externalized Operation. Pervasive and Mobile Computing (Elsevier), 18, pp. 137–151 (2015). I.F.: 2.08 (Q1). [pdf] [doi]
  22. G. Suarez-Tangil, E. Palomar, A. Ribagorda, I. Sanz. Providing SIEM Systems with Self–Adaptation. Information Fusion. vol. 21, pp. 145–158 (2015). I.F.: 3,681 (Q1). [doi] [pdf] [bib]
  23. C. Camara, P. Peris-Lopez, J.E. Tapiador, G. Suarez-Tangil. A Non-invasive Multi-modal Human Identification System combining ECG, GSR and Airflow Biosignals. Journal of Medical and Biological Engineering. vol. 35:6, pp. 735-748 (2015) I.F.: 0.97 [pdf]
  24. Guillermo Suarez-Tangil, Juan E. Tapiador, Pedro Peris-Lopez. Stegomalware: Playing Hide and Seek with Malicious Components in Smartphone Apps. The 10th China International Conference on Information Security and Cryptology (INSCRYPT 2014). Beijing, China. December 2014. (Acceptance rate: 31%). [pdf] [Program]
  25. Guillermo Suarez-Tangil, Mauro Conti, Juan E. Tapiador, Pedro Peris-Lopez. Detecting Targeted Smartphone Malware with Behavior-Triggering Stochastic Models. European Symposium on Research in Computer Security (ESORICS 2014). Wroclaw, Poland. September 2014. (Acceptance rate 24.7%). [pdf] [bib] [Program] [Proceedings] [Targetdroid code!]
  26. G. Suarez-Tangil, F. Lombardi, J.E. Tapiador, R.D. Pietro. Thwarting Obfuscated Malware via Differential Fault Analysis. Mobile App Security. IEEE Computer, vol. 47:6, pp. 24-31 (2014). I.F.: 1,44 (Q2). [doi][pdf][bib]. More information can be found here.
  27. G. Suarez-Tangil, J.E. Tapiador, P. Peris-Lopez, J. Blasco. Dendroid: A Text Mining Approach to Analyzing and Classifying Code Structures in Android Malware Families. Expert Systems With Applications. Elsevier, vol. 41:4, pp. 1104-1117 (2014). I.F.: 2,24 (Q1). [doi][pdf][bib] (Average acceptance rate 8% ~ 10%)
  28. G. Suarez-Tangil, J.E. Tapiador, P. Peris-Lopez, A. Ribagorda. Evolution, Detection and Analysis of Malware in Smart Devices. IEEE Communications Surveys & Tutorials. IEEE, vol. 16:2, pp. 961-987 (2014). I.F.: 6,490 (Q1). [doi][pdf][bib]
  29. P. Picazo, J.E. Tapiador, P. Peris-Lopez, G. Suarez-Tangil Secure Publish-Subscribe Protocols for Heterogeneous Medical Wireless Body Area Networks. Sensors (Elsevier), 14:12, pp. 22619-22642 (2014). I.F.: 2,245 (Q1). [pdf] [doi]
  30. Jorge López Ardieta, Juan E. Tapiador, Guillermo Suarez-Tangil. Information Sharing Models for Cooperative Cyber Defence. In International Conference on Cyber Conflict.. NATO Cooperative Cyber Defence Centre of Excellence Publications. Tallin, Estonia. May 2013. [pdf]
  31. G. Suarez-Tangil, A. Ribagorda, S. Pastrana, E. Palomar Artificial Immunity-based Correlation System. International Conference on Security and Cryptography. SECRYPT 2011. [doi] [pdf]
  32. A.I. Gonzalez-Tablas, A. Alcaide, G. Suarez-Tangil, J. M. de Fuentes, I. Barroso-Perez. Towards a privacy-respectful telematic verification system for vehicle & driver authorizations (Poster). Eighth Annual International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services (MOBIQUITOUS) [uri] [pdf] [poster]
  33. G. Suarez-Tangil, E. Palomar, B. Ramos-Alvarez, A Ribagorda. An Experimental Comparison of Source Location Privacy Methods for Power Optimization in WSN. [doi] [pdf]
  34. G. Suarez-Tangil, E. Palomar, J.D. Fuentes, J. Blasco, A. Ribagorda. Automatic Rule Generation Based on Genetic Programming for Event Correlation. [doi] [pdf]


Book Chapters

  1. G. Suarez-Tangil, E. Palomar, A. Ribagorda, Y. Zhang. Towards an Intelligent Security Event Information Management System . Advances in Security Information Management: perceptions and outcomes pp. 239-258 (2013). [isbn] [pdf]

Edited Books

  1. G. Suarez-Tangil, E. Palomar. Advances in Security Information Management: perceptions and outcomes (2013). [isbn]

Research Visits

  1. I'm visiting Dr. Mauro Conti from University of Padua, Padova, Italy between summer-fall 2013.

  2. I'm visiting Dr. Agustí Solanas from UNESCO Chair in Data Privacy. Rovira i Virgili University, Catalonia, Spain between 10-12 July 2013.

  3. I'm visiting Dr. Roberto Di Pietro from Security and PRivacy INnovation GRoup, Roma, Italy between summer-fall 2012.

Security Dissemination

Teaching - Teaching Assistant at UC3M

I am mainly teaching security-related courses. Currently, I am teaching Mobile Device Security since 2013, among others.

Starting from 2014 we are opening a new Master in Cybersecurity. I will be coordinating and teaching the following subjects:

  1. Analysis and Engineering of Malware.
  2. Advanced Persistent Threats and Information Leakage.

More information about my teaching can be found here.

Software - License registration tools

Sofware available for academic fair use by request.

  1. SETiChat - A secure Android chat. Jorge Blasco, Guillermo Suarez-Tangil, Juan E. Tapiador y Pedro Peris-López. Ref.: M-003681/2014.
  2. Alterdroid - Tool for analyzing obfuscated software in Android. Guillermo Suarez-Tangil, D. Juan E. Tapiador, Pedro Peris-López, Sergio Pastrana. Ref.: M-003190/2014. [doc].
  3. Targetdroid - Targetdroid - Tool for analyzing targeted malware in Android. Guillermo Suarez-Tangil, D. Juan E. Tapiador, Pedro Peris-López. Ref.: M-008457/2014. [doc].