About me

I am a cybersecurity researcher from Patagonia, Argentina, with over a decade of experience in threat intelligence, malware traffic analysis, and data-driven security. I work as a senior researcher and co-director of the Stratosphere Research Laboratory at the Czech Technical University in Prague, where I also teach the Introduction to Security course, both in a physical class and as a large-scale MOOC. I have presented at international conferences, including Black Hat, EkoParty, Botconf, and Virus Bulletin, and I serve on review boards for Black Hat and academic events. I am the co-founder of MatesLab hackerspace in Argentina and the Independent Fund for Women in Tech. I deliver intensive, hands-on training in network traffic and malware analysis, drawing on over 18,000 hours of real-world traffic investigation experience. Since 2025, I have been pursuing a PhD in Computer Science and AI at the Czech Technical University in Prague while completing a master’s degree in Intelligence and Security Studies at Liverpool John Moores University.

Advising

• Master Thesis Co-Supervisor, 2023-2024, Seguridad de un satélite en órbita: Detección de compromiso mediante técnicas de integridad. Juan Ignacio Bousquet. UBA, Argentina
• Master Thesis Supervisor Specialist, 2022-2023, A Network Dataset of Normal, Malware, Attack and Background Traffic on a Real Network. Štěpán Bendl. FEE, CTU in Prague, Czech Republic
• Master Thesis Supervisor Specialist, 2019-2020, The first comprehensive report on the state of the security of mobile phones of civil society. Jakub Čech. FEE, CTU in Prague, Czech Republic

Teaching

• Fall 2025, Teaching Assistant, Introduction to Computer Security (in English), Open Informatics Master Program, CTU in Prague
• Fall 2024, Teaching Assistant, Introduction to Computer Security (in English), Open Informatics Master Program, CTU in Prague
• Fall 2023, Teaching Assistant, Introduction to Computer Security (in English), Open Informatics Master Program, CTU in Prague
• Fall 2022, Teaching Assistant, Introduction to Computer Security (in English), Open Informatics Master Program, CTU in Prague
• Fall 2021, Teaching Assistant, Introduction to Computer Security (in English), Open Informatics Master Program, CTU in Prague
• Fall 2020, Teaching Assistant, Introduction to Computer Security (in English), Open Informatics Master Program, CTU in Prague

Trainings

• 2025 BlackHat USA, trainer, Advanced Malware Traffic Analysis - Adaptive Defence 2024 Edition
• 2025 BlackHat Asia, trainer, Advanced Malware Traffic Analysis - Adaptive Defence 2024 Edition
• 2024 BlackHat USA, trainer, Advanced Malware Traffic Analysis - Adaptive Defence 2024 Edition
• 2024 BlackHat Asia, trainer, Advanced Malware Traffic Analysis - Adaptive Defence 2024 Edition
• 2023 BlackHat USA, trainer, Advanced Malware Traffic Analysis - Defence in Depth 2023 Edition
• 2023 BlackHat Asia, trainer, Advanced Malware Traffic Analysis: Own Your Protection. 2023 Edition
• 2022 BlackHat Europe, trainer, Advanced Malware Traffic Analysis: Smarter Protection - 2022 Edition
• 2022 BlackHat USA, trainer, Advanced Malware Traffic Analysis: Smarter Protection - 2022 Edition
• 2021 BlackHat Europe, trainer, Advanced Malware Traffic Analysis: Smarter Protection - 2021 Edition
• 2021 BlackHat USA, trainer, Advanced Malware Traffic Analysis: Smarter Protection - 2021 Edition
• 2021 NorthSec, trainer, Getting Your Hands Dirty: Understanding & Hunting Down Malware Attacks in Your Network
• 2020 BlackHat Europe, trainer, Advanced Malware Traffic Analysis - Adversarial Thinking - 2020 Edition
• 2020 BlackHat USA, trainer, Advanced Malware Traffic Analysis - Adversarial Thinking - 2020 Edition
• 2020 BlackHat Asia, trainer, Advanced Malware Traffic Analysis - Adversarial Thinking - 2020 Edition
• 2019 Ekoparty, trainer, Getting Your Hands Dirty: Understanding & Hunting Down Malware Attacks in Your Network
• 2019 BlackHat USA, trainer, Advanced Malware Traffic Analysis - Adversarial Thinking
• 2019 OWASP Czech Republic, trainer, Getting Your Hands Dirty: IoT Botnet Analysis
• 2019 Internet Freedom Festival, trainer, Emergency VPN: Analyzing mobile network traffic to detect digital threats
• 2019 BlackHat Asia, trainer, Advanced Malware Traffic Analysis - Adversarial Thinking
• 2019 Troopers, trainer, Machine Learning for Network Security and Malware Detection
• 2018 BlackHat Europe, trainer, Advanced Malware Traffic Analysis - Adversarial Thinking
• 2018 HackLu, trainer, Getting Your Hands Dirty: How to Analyze the Behavior of Malware Traffic and Web Connections
• 2018 Ekoparty, trainer, Advanced Malware Attacks In Your Network
• 2016 Botconf, trainer, Getting your hands dirty: How to Analyze the Behavior of Malware Traffic and Web Connections

Contributions

• Civilsphere AI VPN, Core researcher and developer, 2021-2023, AIC, FEL, CTU in Prague, Czech Republic
• Slips, supporter, 2018-2024, AIC, FEL, CTU in Prague, Czech Republic

Awards & Scholarships

• Outstanding Teaching Assistant Award, Winter Semester 2023/2024, AI Center, FEE, Czech Technical University in Prague, Czech Republic
• Career Trajectory Award 2021, Ekoparty Security Conference, Argentina
• Information Security Undergraduate Scholarship 2011, (ISC)² Foundation, United States
• Full University Scholarship 2010-2013, FASTA University, Argentina
• Student scholarship 2010-2011, Chubut Province’s Department of Scholarships and Compensation Policies, Argentina
• Partial University Scholarship 2007-2009, FASTA University, Argentina
• Special Mention 2002, Instituto Balseiro, Argentina
• Best Technological Project Idea 1999, Ministry of Education of Chubut Province, Argentina

Initiatives

• Co-founder of the Independent Fund for Women in Tech, a global initiative to foster the participation of women in cybersecurity conferences, in 2018.
• Co-founder of the MatesLab hackerspace in Mar del Plata, Argentina, in 2009.

Review Boards

• BlackHat Arsenal Review Board, 2024-Ongoing
• BlackHat Trainings Review Board, 2022-Ongoing
• Workshop on Attackers and Cyber-Crime Operations Program Committee, IEEE European Symposium on Security and Privacy, 2021-2025
• Ekoparty Security Conference Review Board, 2018-2025
• BlackHat Briefings EU Review Board, 2018

Publications

Peer-reviewed Conferences and Journals

• VelLMes: A high-interaction AI-based deception framework. In 4th Workshop on Active Defense and Deception (AD&D) co-located with the 10th IEEE European Symposium on Security and Privacy (EuroS&PW). Sladić, M., Valeros, V., Catania, C., & Garcia, S. (2025).
• CTU Hornet 65 Niner: A network dataset of geographically distributed low-interaction honeypots. Data in Brief, 111261. Valeros, V., & Garcia, S. (2024).
• Towards Better Understanding of Cybercrime: The Role of Fine-Tuned LLMs in Translation. In 2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). Valeros, V., Širokova, A., Catania, C., & Garcia, S. (2024).
• LLM in the Shell: Generative Honeypots. In 2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). Sladić, M., Valeros, V., Catania, C., & Garcia, S. (2024).
• Hornet 40: network dataset of geographically placed honeypots. Data in Brief, 107795. Valeros, V., & Garcia, S. (2022).
• Growth and commoditization of remote access trojans. In 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) (pp. 454-462). IEEE. Valeros, V., & Garcia, S. (2020, September).
• Machete: Dissecting the Operations of a Cyber Espionage Group in Latin America. In 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) (pp. 464-473). IEEE. Valeros, V., Rigaki, M., & Garcia, S. (2019, June).
• An overview of the WCMS brute-forcing malware landscape. The Journal on Cybercrime & Digital Investigations, 3(1), 20-29. Shirokova, A., & Valeros, V. (2017).
• Make it count: an analysis of a brute-forcing botnet. The Journal on Cybercrime & Digital Investigations, 1(1). Valeros, V. (2016).
• Exploit kit website detection using http proxy logs. In Proceedings of the Fifth International Conference on Network, Communication and Computing (pp. 120-125). Nikolaev, I., Grill, M., & Valeros, V. (2016).
• Detecting DGA malware using NetFlow. In 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM) (pp. 1304-1309). IEEE. Grill, M., Nikolaev, I., Valeros, V., & Rehak, M. (2015).
• Educarse y divertirse, la Universidad y el Hackspace. V Congreso de Tecnología en Educación y Educación en Tecnología. V. Valeros, S. Garcia (2010).
• De la universidad al hacklab, respetar y divertirse en la educación. World Engineering Congress. V. Valeros, S. Garcia (2010).

Reports

• ENISA Threat Landscape for DoS Attacks, ENISA, 2023
• ENISA Threat Landscape for Ransomware Attacks, ENISA, 2022
• ENISA Threat Landscape for Supply Chain Attacks, ENISA, 2021
• ENISA Report - Encrypted Traffic Analysis, ENISA, 2019

Conferences

• ARACNE: A Multi-Agent LLM Framework for Comprehensive Autonomous Linux Shell Security Testing, Ekoparty (Argentina), 2025
• Innovating Cybersecurity Education through Hands-On Learning, Democratized Knowledge, and Safe Experimentation, 1st Teaching Europe Conference (Virtual), 2024
• AI VPN: A Free-Software AI-Powered Network Forensics Tool, BlackHat Asia Arsenal (Virtual), 2024
• AI VPN: A Free-Software AI-Powered Network Forensics Tool, BlackHat Europe Arsenal (UK), 2023
• Four Key Problems in OSINT for Cyber Threat Intelligence, ENISA CTI (Greece), 2023
• AI VPN: A Free-Software AI-Powered Network Forensics Tool, DIMVA Arsenal (Germany), 2023
• Un análisis global de la privacidad en tráfico celular y cómo estás en riesgo de vigilancia, Ekoparty (Argentina), 2022
• Spy vs. Spy: A Modern Study Of Microphone Bugs Operation And Detection, BSides BUD (Hungary), 2018
• Spy vs. Spy: A Modern Study Of Microphone Bugs Operation And Detection, 34C3 (Germany), 2017
• Knock Knock… Who’s there? admin admin, Get In! An Overview of the CMS Brute-Forcing Malware Landscape, Botconf (France), 2017
• América Latina, blanco de un grupo avanzado de cyber espionaje, TandilSec (Argentina), 2017
• Panel: Mujeres en Tecnología y Ciencia, UNICEN (Argentina), 2017
• Five days in the life of a CMS brute forcing malware, BSides Vienna (Austria), 2017
• An overview of the CMS brute-forcing malware landscape, BruCON (Belgium), 2017
• A new twist on the APT targeting Latin America, GoSec (Canada), 2017
• Spy vs. Spy: A modern study of microphone bugs operation and detection, Hack in the Box (Singapore), 2017
• Are You The Lucky One? Sometimes Luck Can Bring You Malware, Cisco Blogs, 2017
• The Future of Cybersecurity Needs You: Here is Why, PyData Berlin (Germany), 2017
• Threat Hunting En Masse: The 9 Circles of Evil, Copenhagen CyberCrime Conference (Denmark), 2017
• Hunting Them All, Troopers (Germany), 2017
• Closing One Learning Loop: Using Decision Forests to Detect Advanced Threats, Cisco Blogs, 2017
• In plain sight: Credential and data stealing adware, Cisco Blogs, 2016
• Getting your hands dirty: How to Analyze the Behavior of Malware Traffic and Web Connections, Botconf (France), 2016
• 50 Thousand Needles in 5 Million Haystacks: Understanding Old Malware Tricks to Find New Malware Families, BlackHat EU (UK), 2016
• DNS Changer Lighting-talk, Secure PL (Poland), 2016
• Trickeries of a giant: a long term study on malicious adware networks, Secure PL (Poland), 2016
• Network Analysis for Threat Intelligence Workshop, Czech Technical University (Czech Republic), 2016
• Piecing Together Malicious Behavior in Encrypted Traffic, Cisco Blogs, 2016
• Cognitive Threat Analytics: Turn Your Proxy Into Security Device, Cisco Blogs, 2016
• Threat Hunting En Masse: Challenges And Discoveries, Security Automation World (France), 2016
• Adware landscape: what you didn’t want to hear, University of Luxembourg (Luxembourg), 2016
• The Dark Side of Adware: Malware and Data Exfiltration, BSides Tel Aviv (Israel), 2016
• Adware’s new upsell: malware, BSides Calgary (Canada), 2016
• DNSChanger Outbreak Linked to Adware Install Base, Cisco Blogs, 2016
• Insights of a brute-forcing botnet, Security Session (Czech Republic) , 2015
• Make It Count: an Analysis of a Brute-forcing Botnet, Botconf (France), 2015
• Angler for Beginners in 34 Seconds, Cisco Blogs, 2015
• Bad Browser Plug-ins Gone Wild: Malvertising, Data Exfiltration, and Malware, Oh my!, Cisco Blogs, 2015
• How bluetooth may jeopardize your privacy. An analysis of people behavioral patterns in the street, DeepSec (Austria), 2014
• Uncovering your trails Privacy issues of bluetooth devices, Ekoparty (Argentina), 2013
• Análisis de anomalías en protocolos web para la detección de ataques, FASTA University, 2012

Datasets

• Valeros, V., & Sebastian, G. (2024). CTU Hornet 65 Niner: A Network Dataset of Geographically Distributed Low-Interaction Honeypots (Version 1) [Data set]. Mendeley Data. https://doi.org/10.17632/nt4p9zsv5k.1
• Valeros, V., & Shirokova, A. (2024). CTU-Hacktivist-RU_EN-1: A Dataset with Russian English Translation, Zenodo, doi: 10.5281/zenodo.10782757
• Bendl, Š., Valeros, V., & Garcia, S. (2023). CTU-SME-11: a labeled dataset with real benign and malicious network traffic mimicking a small medium-size enterprise environment, Zenodo, doi: 10.5281/zenodo.7958259
• García, Sebastián; Čejka, Tomáš; Valeros, Veronica (2021), “Dataset of DNS over HTTPS (DoH) Internet Servers”, Mendeley Data, V2, doi: 10.17632/ny4m53g6bw.2
• Valeros, Veronica; Garcia, Sebastian (2021), “Dataset of 50 Online Services Advertised in the Internet Marketing Forum searchengines.guru”, Mendeley Data, V2, doi: 10.17632/48gyrs6y37.2
• Valeros, Veronica (2021), “Hornet 40: Network Dataset of Geographically Placed Honeypots”, Mendeley Data, V3, doi: 10.17632/tcfzkbpw46.3
• Valeros, Veronica (2021), “Hornet 15: Network Dataset of Geographically Placed Honeypots”, Mendeley Data, V2, doi: 10.17632/rry7bhc2f2.2
• Valeros, Veronica (2021), “Hornet 7: Network Dataset of Geographically Placed Honeypots”, Mendeley Data, V3, doi: 10.17632/w6yskg3ffy.3