About me

I am a cybersecurity researcher from Patagonia, Argentina, with over a decade of experience in threat intelligence, malware traffic analysis, and data-driven security. I work as a senior researcher and co-director of the Stratosphere Research Laboratory at the Czech Technical University in Prague, where I also teach the Introduction to Security course, both in a physical class and as a large-scale MOOC. I have presented at international conferences, including Black Hat, EkoParty, Botconf, and Virus Bulletin, and I serve on review boards for Black Hat and academic events. I am the co-founder of MatesLab hackerspace in Argentina and the Independent Fund for Women in Tech. I deliver intensive, hands-on training in network traffic and malware analysis, drawing on over 18,000 hours of real-world traffic investigation experience. Since 2025, I have been pursuing a PhD in Computer Science and AI at the Czech Technical University in Prague while completing a master’s degree in Intelligence and Security Studies at Liverpool John Moores University.

Advising

2023-2024

Master Thesis Co-Supervisor

Seguridad de un satélite en órbita: Detección de compromiso mediante técnicas de integridad. Juan Ignacio Bousquet. UBA, Argentina
2022-2023

Master Thesis Supervisor Specialist

A Network Dataset of Normal, Malware, Attack and Background Traffic on a Real Network. Štěpán Bendl. FEE, CTU in Prague, Czech Republic
2019-2020

Master Thesis Supervisor Specialist

The first comprehensive report on the state of the security of mobile phones of civil society. Jakub Čech. FEE, CTU in Prague, Czech Republic

Teaching

Fall 2020-ongoing

Teaching Assistant --- Introduction to Computer Security (in English)

Open Informatics Master Program, CTU in Prague

Trainings

2018-ongoing

BlackHat (USA, Asia, Europe)

Trainer --- Advanced Malware Traffic Analysis (various editions)
2021

NorthSec

Trainer --- Getting Your Hands Dirty: Understanding & Hunting Down Malware Attacks in Your Network
2019

Ekoparty

Trainer --- Getting Your Hands Dirty: Understanding & Hunting Down Malware Attacks in Your Network
2019

OWASP Czech Republic

Trainer --- Getting Your Hands Dirty: IoT Botnet Analysis
2019

Internet Freedom Festival

Trainer --- Emergency VPN: Analyzing mobile network traffic to detect digital threats
2019

Troopers

Trainer --- Machine Learning for Network Security and Malware Detection
2018

HackLu

Trainer --- Getting Your Hands Dirty: How to Analyze the Behavior of Malware Traffic and Web Connections
2018

Ekoparty

Trainer --- Advanced Malware Attacks In Your Network
2016

Botconf

Trainer --- Getting your hands dirty: How to Analyze the Behavior of Malware Traffic and Web Connections

Contributions

Civilsphere AI VPN, Core researcher and developer, 2021-2023, AIC, FEL, CTU in Prague, Czech Republic
Slips, supporter, 2018-2024, AIC, FEL, CTU in Prague, Czech Republic

Awards & Scholarships

Outstanding Teaching Assistant Award, Winter Semester 2023/2024, AI Center, FEE, Czech Technical University in Prague, Czech Republic
Career Trajectory Award 2021, Ekoparty Security Conference, Argentina
Information Security Undergraduate Scholarship 2011, (ISC)² Foundation, United States
Full University Scholarship 2010-2013, FASTA University, Argentina
Student scholarship 2010-2011, Chubut Province’s Department of Scholarships and Compensation Policies, Argentina
Partial University Scholarship 2007-2009, FASTA University, Argentina
Special Mention 2002, Instituto Balseiro, Argentina
Best Technological Project Idea 1999, Ministry of Education of Chubut Province, Argentina

Initiatives

Co-founder of the Independent Fund for Women in Tech, a global initiative to foster the participation of women in cybersecurity conferences, in 2018.
Co-founder of the MatesLab hackerspace in Mar del Plata, Argentina, in 2009.

Review Boards

BlackHat Arsenal Review Board, 2024-Ongoing
BlackHat Trainings Review Board, 2022-2025
Workshop on Attackers and Cyber-Crime Operations Program Committee, IEEE European Symposium on Security and Privacy, 2021-2025
Ekoparty Security Conference Review Board, 2018-2025
BlackHat Briefings EU Review Board, 2018

Publications

Peer-reviewed Conferences and Journals

VelLMes: A high-interaction AI-based deception framework. In 4th Workshop on Active Defense and Deception (AD&D) co-located with the 10th IEEE European Symposium on Security and Privacy (EuroS&PW). Sladić, M., Valeros, V., Catania, C., & Garcia, S. (2025).
DeepRed: A Deep Learning-Powered Command and Control Framework for Multi-Stage Red Teaming against ML-based Network Intrusion Detection Systems. In Proceedings of the 19th USENIX Conference on Offensive Technologies (WOOT ‘25). Hajizadeh, M., Golchin, P., Nowroozi, E., Rigaki, M., Valeros, V., García, S., Conti, M., & Bauschert, T. (2025).
CTU Hornet 65 Niner: A network dataset of geographically distributed low-interaction honeypots. Data in Brief, 111261. Valeros, V., & Garcia, S. (2024).
Towards Better Understanding of Cybercrime: The Role of Fine-Tuned LLMs in Translation. In 2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). Valeros, V., Širokova, A., Catania, C., & Garcia, S. (2024).
LLM in the Shell: Generative Honeypots. In 2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). Sladić, M., Valeros, V., Catania, C., & Garcia, S. (2024).
Hornet 40: network dataset of geographically placed honeypots. Data in Brief, 107795. Valeros, V., & Garcia, S. (2022).
Growth and commoditization of remote access trojans. In 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) (pp. 454-462). IEEE. Valeros, V., & Garcia, S. (2020, September).
Machete: Dissecting the Operations of a Cyber Espionage Group in Latin America. In 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) (pp. 464-473). IEEE. Valeros, V., Rigaki, M., & Garcia, S. (2019, June).
An overview of the WCMS brute-forcing malware landscape. The Journal on Cybercrime & Digital Investigations, 3(1), 20-29. Shirokova, A., & Valeros, V. (2017).
Make it count: an analysis of a brute-forcing botnet. The Journal on Cybercrime & Digital Investigations, 1(1). Valeros, V. (2016).
Exploit kit website detection using http proxy logs. In Proceedings of the Fifth International Conference on Network, Communication and Computing (pp. 120-125). Nikolaev, I., Grill, M., & Valeros, V. (2016).
Detecting DGA malware using NetFlow. In 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM) (pp. 1304-1309). IEEE. Grill, M., Nikolaev, I., Valeros, V., & Rehak, M. (2015).
Educarse y divertirse, la Universidad y el Hackspace. V Congreso de Tecnología en Educación y Educación en Tecnología. V. Valeros, S. Garcia (2010).
De la universidad al hacklab, respetar y divertirse en la educación. World Engineering Congress. V. Valeros, S. Garcia (2010).

Reports

ENISA Threat Landscape for DoS Attacks, ENISA, 2023
ENISA Threat Landscape for Ransomware Attacks, ENISA, 2022
ENISA Threat Landscape for Supply Chain Attacks, ENISA, 2021
ENISA Report - Encrypted Traffic Analysis, ENISA, 2019

Conferences

ARACNE: A Multi-Agent LLM Framework for Comprehensive Autonomous Linux Shell Security Testing, Ekoparty (Argentina), 2025
Innovating Cybersecurity Education through Hands-On Learning, Democratized Knowledge, and Safe Experimentation, 1st Teaching Europe Conference (Virtual), 2024
AI VPN: A Free-Software AI-Powered Network Forensics Tool, BlackHat Asia Arsenal (Virtual), 2024
AI VPN: A Free-Software AI-Powered Network Forensics Tool, BlackHat Europe Arsenal (UK), 2023
Four Key Problems in OSINT for Cyber Threat Intelligence, ENISA CTI (Greece), 2023
AI VPN: A Free-Software AI-Powered Network Forensics Tool, DIMVA Arsenal (Germany), 2023
Un análisis global de la privacidad en tráfico celular y cómo estás en riesgo de vigilancia, Ekoparty (Argentina), 2022
Spy vs. Spy: A Modern Study Of Microphone Bugs Operation And Detection, BSides BUD (Hungary), 2018
Spy vs. Spy: A Modern Study Of Microphone Bugs Operation And Detection, 34C3 (Germany), 2017
Knock Knock… Who’s there? admin admin, Get In! An Overview of the CMS Brute-Forcing Malware Landscape, Botconf (France), 2017
América Latina, blanco de un grupo avanzado de cyber espionaje, TandilSec (Argentina), 2017
Panel: Mujeres en Tecnología y Ciencia, UNICEN (Argentina), 2017
Five days in the life of a CMS brute forcing malware, BSides Vienna (Austria), 2017
An overview of the CMS brute-forcing malware landscape, BruCON (Belgium), 2017
A new twist on the APT targeting Latin America, GoSec (Canada), 2017
Spy vs. Spy: A modern study of microphone bugs operation and detection, Hack in the Box (Singapore), 2017
Are You The Lucky One? Sometimes Luck Can Bring You Malware, Cisco Blogs, 2017
The Future of Cybersecurity Needs You: Here is Why, PyData Berlin (Germany), 2017
Threat Hunting En Masse: The 9 Circles of Evil, Copenhagen CyberCrime Conference (Denmark), 2017
Hunting Them All, Troopers (Germany), 2017
Closing One Learning Loop: Using Decision Forests to Detect Advanced Threats, Cisco Blogs, 2017
In plain sight: Credential and data stealing adware, Cisco Blogs, 2016
Getting your hands dirty: How to Analyze the Behavior of Malware Traffic and Web Connections, Botconf (France), 2016
50 Thousand Needles in 5 Million Haystacks: Understanding Old Malware Tricks to Find New Malware Families, BlackHat EU (UK), 2016
DNS Changer Lighting-talk, Secure PL (Poland), 2016
Trickeries of a giant: a long term study on malicious adware networks, Secure PL (Poland), 2016
Network Analysis for Threat Intelligence Workshop, Czech Technical University (Czech Republic), 2016
Piecing Together Malicious Behavior in Encrypted Traffic, Cisco Blogs, 2016
Cognitive Threat Analytics: Turn Your Proxy Into Security Device, Cisco Blogs, 2016
Threat Hunting En Masse: Challenges And Discoveries, Security Automation World (France), 2016
Adware landscape: what you didn’t want to hear, University of Luxembourg (Luxembourg), 2016
The Dark Side of Adware: Malware and Data Exfiltration, BSides Tel Aviv (Israel), 2016
Adware’s new upsell: malware, BSides Calgary (Canada), 2016
DNSChanger Outbreak Linked to Adware Install Base, Cisco Blogs, 2016
Insights of a brute-forcing botnet, Security Session (Czech Republic) , 2015
Make It Count: an Analysis of a Brute-forcing Botnet, Botconf (France), 2015
Angler for Beginners in 34 Seconds, Cisco Blogs, 2015
Bad Browser Plug-ins Gone Wild: Malvertising, Data Exfiltration, and Malware, Oh my!, Cisco Blogs, 2015
How bluetooth may jeopardize your privacy. An analysis of people behavioral patterns in the street, DeepSec (Austria), 2014
Uncovering your trails Privacy issues of bluetooth devices, Ekoparty (Argentina), 2013
Análisis de anomalías en protocolos web para la detección de ataques, FASTA University, 2012

Datasets

Valeros, V., & Sebastian, G. (2024). CTU Hornet 65 Niner: A Network Dataset of Geographically Distributed Low-Interaction Honeypots (Version 1) [Data set]. Mendeley Data. https://doi.org/10.17632/nt4p9zsv5k.1
Valeros, V., & Shirokova, A. (2024). CTU-Hacktivist-RU_EN-1: A Dataset with Russian English Translation, Zenodo, doi: 10.5281/zenodo.10782757
Bendl, Š., Valeros, V., & Garcia, S. (2023). CTU-SME-11: a labeled dataset with real benign and malicious network traffic mimicking a small medium-size enterprise environment, Zenodo, doi: 10.5281/zenodo.7958259
García, Sebastián; Čejka, Tomáš; Valeros, Veronica (2021), “Dataset of DNS over HTTPS (DoH) Internet Servers”, Mendeley Data, V2, doi: 10.17632/ny4m53g6bw.2
Valeros, Veronica; Garcia, Sebastian (2021), “Dataset of 50 Online Services Advertised in the Internet Marketing Forum searchengines.guru”, Mendeley Data, V2, doi: 10.17632/48gyrs6y37.2
Valeros, Veronica (2021), “Hornet 40: Network Dataset of Geographically Placed Honeypots”, Mendeley Data, V3, doi: 10.17632/tcfzkbpw46.3
Valeros, Veronica (2021), “Hornet 15: Network Dataset of Geographically Placed Honeypots”, Mendeley Data, V2, doi: 10.17632/rry7bhc2f2.2
Valeros, Veronica (2021), “Hornet 7: Network Dataset of Geographically Placed Honeypots”, Mendeley Data, V3, doi: 10.17632/w6yskg3ffy.3