1. Students
  2. Alumni
  3. Honorary Graduates
  4. Academic Experts
  1. Dr Ilir Gashi

Contact Information


Visit Dr Ilir Gashi

A304J, College Building


Postal Address

City, University of London
Northampton Square
United Kingdom



Ilir holds PhD (2007) and BEng (Honours) (2003) degrees in Software Reliability and Computing respectively from City University, London. He joined the Centre for Software Reliability (CSR) in July 2003, first as a Research Assistant and then as a PhD student. He was appointed a Research Fellow in January 2009, Lecturer in November 2012, and Senior Lecturer in April 2014.

He is a Principal Investigator in two projects which investigate the potential benefits of diversity and defence in depth for security: the UK EPSRC-funded D3S project (2015-2018); and the EU H2020-funded DiSIEM project (Diversity Enhancements for SIEMs), which will start in September 2016 and run for 3 years.

He has worked previously in the DOTS and DIRC projects, a research project sponsored by the UK Defence Science and Technology Laboratory (DSTL) on technological trends of secure system evolution as well as the EU Framework Programme 6 (FP 6) project ReSIST and EU FP 7 project AMBER. He was the CSR lead on the ReSIST activity FOREVER. He was also a co-investigator in the SESAMO project.
He is a Certified Information Systems Security Professional (CISSP), and a member of IEEE, ACM and BCS.


PhD Software Reliability, City University London, 2007
BEng Computing, City University London, 2003


04/2014 - to date City University London, Senior Lecturer
11/2012 - 04/2014 City University London, Lecturer
01/2009 - 11/2012 City University London, Research Fellow
09/2005 - 12/2008 City University London, Research Associate
07/2003 - 10/2004 City University London, Research Assistant

Other appointments

10/2004 - 06/2007 City University London, Teaching Assistant

Membership of professional bodies

IEEE, Member
ACM, Member
BCS, Member
Higher Education Academy (HEA), Fellow


With colleagues Vladimir Stankovic and Peter Popov we have setup a spin-off company called ResilSoft Ltd, which aims to commercialise research on diverse databases which formed part of mine and Vladimir’s PhD thesis, which were supervised by Peter. The company was registered in September 2012. We are currently pursuing funding for the company.



- D3S (2015-2018) (PI)
- DiSIEM (2016-2019) (PI)
- SESAMO (co-I)
- Defence Science and Technology Laboratory (DSTL)

Research Students

Ambrose Andongabo
Oct 2016 – Sep 2021
Thesis Title
Deciphering trends and relationships in large scale public security data
Areej Algaith
Oct 2013 – Sep 2017
Thesis Title
Empirical Assessment of Diversity and Defence in Depth for Security
Further Information
1st Supervisor
Cher Devey
Thesis Title
A framework for data breach incident response and stakeholder notification in the EU-UK
Further Information
2nd Supervisor



  1. Algaith, A., Gashi, I., Sobesto, B., Cukier, M., Haxhijaha, S. and Bajrami, G. (2016). Comparing Detection Capabilities of AntiVirus Products: An Empirical Study with Different Versions of Products from the Same Vendors. (pp. 48–53). ISBN 978-1-4673-8891-7.

Conference Papers and Proceedings (21)

  1. Gashi, I., Povyakalo, A. and Strigini, L. (2016). Diversity, Safety and Security in Embedded Systems: Modelling Adversary Effort and Supply Chain Risks. .
  2. Gashi, I., Povyakalo, A., Strigini, L., Matschnig, M., Hinterstoisser, T. and Fischer, B. (2014). Diversity for Safety and Security in Embedded Systems. IEEE International Conference on Dependable Systems and Networks 23-26 June, Atlanta, GA, USA.
  3. Mason, S., Gashi, I., Lugini, L., Marasco, E. and Cukic, B. (2014). Interoperability between fingerprint biometric systems: An epirical sudy. .
  4. Turkay, C., Mason, S., Gashi, I. and Cukic, B. (2014). Supporting decision-making for biometric system deployment through visual analysis. .
  5. Mason, S., Gashi, I., Lugini, L., Marasco, E. and Cukic, B. (2014). Interoperability between fingerprint biometric systems: An empirical study. .
  6. Gashi, I., Sobesto, B., Mason, S., Stankovic, V. and Cukier, M. (2013). A Study of the Relationship Between Antivirus Regressions and Label Changes. IEEE International Symposium on Software Reliability Engineering 4-7 November, Pasadena, CA, US.
  7. Cukier, M., Gashi, I., Sobesto, B. and Stankovic, V. (2013). Does Malware Detection Improve With Diverse AntiVirus Products? An Empirical Study. 32nd International Conference on Computer Safety, Reliability and Security (SAFECOMP) 24-27 September, Toulouse, France.
  8. Lugini, L., Marasco, E., Cukic, B. and Gashi, I. (2013). Interoperability in Fingerprint Recognition: A Large-Scale Empirical Study. 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2013) 24-27 June, Budapest, Hungary.
  9. Gashi, I. (2012). How secure is ERTMS? Workshop on Dependable and Secure Computing for Large-scale Complex Critical Infrastructures (DESEC4LCCI) 25 September, Herrenkrug, Germany.
  10. Stroud, R. and Gashi, I. (2012). Methodology for a security audit of ERTMS. 42nd IEEE International Conference on Dependable Systems and Networks (DSN) 2012 25-28 June, Boston, USA.
  11. Gashi, I., Stankovic, V., Cukier, M. and Sobesto, B. (2012). Diversity with AntiVirus Products: Additional Empirical Studies. 42nd IEEE International Conference on Dependable Systems and Networks (DSN) 2012 25-28 June, Boston, USA.
  12. Bishop, P., Bloomfield, R., Gashi, I., Stankovic, V. and IEEE, (2011). Diversity for Security: a Study with Off-The-Shelf AntiVirus Engines. .
  13. Garcia, M., Bessani, A., Gashi, I., Neves, N., Obelheiro, R. and IEEE, (2011). OS Diversity for Intrusion Tolerance: Myth or Reality? .
  14. Stankovic, V., Bessani, A., Daidone, A., Gashi, I., Obelheiro, R. and Sousa, P. (2009). Enhancing Fault / Intrusion Tolerance through Design and Configuration Diversity. 3rd Workshop on Recent Advances on Intrusion-Tolerant Systems (WRAITS 2009) Estoril, Lisbon, Portugal.
  15. Gashi, I., Stankovic, V., Leita, C., Thonnard, O. and IEEE, (2009). An Experimental Study of Diversity with Off-The-Shelf AntiVirus Engines. .
  16. Bessani, A.N., Reiser, H.P., Sousa, P., Gashi, I., Stankovic, V., Distler, T., Kapitza, R., Daidone, A. and Obelheiro, R.R. (2008). FOREVER: Fault/intrusiOn REmoVal through Evolution & Recovery. .
  17. Bloomfield, R.E., Gashi, I., Povyakalo, A. and Stankovic, V. (2008). Comparison of Empirical Data from Two Honeynets and a Distributed Honeypot Network. .
  18. Bishop, P., Gashi, I., Littlewood, B. and Wright, D. (2007). Reliability modeling of a 1-out-of-2 system: Research with diverse Off-the-shelf SQL database servers. .
  19. Gashi, I. and Popov, P. (2007). Uncertainty explicit assessment of off-the-shelf software: Selection of an optimal diverse pair. .
  20. Gashi, I. and Popov, P.T. (2006). Rephrasing Rules for Off-The-Shelf SQL Database Servers. .
  21. Gashi, I., Popov, P.T. and Strigini, L. (2004). Fault Diversity among Off-The-Shelf SQL Database Servers. .

Internet Publications (3)

  1. Gashi, I. (2013). Message from fast abstract co-chairs..
  2. Gashi, I. and Kreidl, O.P. (2012). 6th workshop on recent advances in intrusion tolerance and reSilience (WRAITS 2012)..
  3. Vieira, M. and Gashi, I. (2012). EDCC 2012 - Fast Abstracts & Student Forum Proceedings..

Journal Articles (5)

  1. Busnel, Y. and Gashi, I. (2016). EDCC 2015 - Fast Abstracts & Student Forum Proceedings. .
  2. Garcia, M., Bessani, A., Gashi, I., Neves, N. and Obelheiro, R. (2013). Analysis of operating system diversity for intrusion tolerance. Software - Practice and Experience .
  3. Gashi, I., Popov, P.T. and Stankovic, V. (2009). Uncertainty explicit assessment of off-the-shelf software: A Bayesian approach. , 51, pp. 497–511. doi:10.1016/j.infsof.2008.06.003.

    [publisher’s website]

  4. Gashi, I., Popov, P.T. and Strigini, L. (2007). Fault Tolerance via Diversity for Off-the-Shelf Products: A Study with SQL Database Servers. , 4, pp. 280–294. doi:10.1109/TDSC.2007.70208.

    [publisher’s website]

  5. Gashi, I., Popov, P.T., Stankovic, V. and Strigini, L. (2003). On Designing Dependable Services with Diverse Off-the-Shelf SQL Servers. , 3069, pp. 191–214.

    [publisher’s website]

Reports (2)

  1. Bishop, P., Bloomfield, R., Gashi, I. and Stankovic, V. (2012). Diverse protection systems for improving
    security: a study with AntiVirus engines.
    London, UK: City University London.
  2. Gashi, I. and Bloomfield, R.E. (2008). Evaluating the resilience and security of boundaryless, evolving socio-technical Systems of Systems. City University London.


Educational Leadership

Course Director for MSc in Management of Information Security and Risk (MISR)

Director of the Applied Postgraduate Stream (consisting of the BSAD, IS&T, MISR and Health Informatics courses)

Undergraduate modules taught

IN3012 IT Security
IN2030 Work Based Project

IN2018 Team Project
IN2016 Software Measurements

Postgraduate modules taught

INM416 Information Security Management
INM440 Information Security Management

INM330 Software Systems Design

Other Activities

Collaborations (Academic) (3)

Editorial Activity

  1. I have served as Program Committees (co-) chair for the following workshops and streams of conferences:
    - 2013 IEEE ISSRE Fast Abstracts
    - 2012 6th Workshop on Recent Advances in Intrusion Tolerance and Resilience (WRAITS)
    - 2011 IEEE ISSRE Fast Abstracts
    - 2010 IEEE ISSRE Student papers

    I served as the co-Program Manager for the ISSRE 2013 conference

    I served on the PC of the following conferences:
    - IEEE ISSRE 2016, 2014, 2013, 2011, 2010
    - Safecomp 2016
    - IEEE EDCC 2016
    - IEEE DSN 2013, 2012, 2011
    - IEEE PRDC 2013, 2012
    - IEEE EWDC 2013
    - IEEE NCA 2013, 2012, 2011, 2010

Keynote Lectures/Speeches (3)

  1. Diversity with AntiVirus Products: overview of research. Morgantown, WV, USA (2013). Invited seminar
  2. Security review of the European Railway Traffic Management System (ERTMS) specifications. DHS, Washington DC, USA (2011). Invited seminar
  3. Vulnerability diversity with Operating Systems: an empirical study with data from NIST NVD. Newcastle-upon-Tyne, UK (2011). Invited seminar

Find us

City, University of London

Northampton Square

London EC1V 0HB

United Kingdom

Back to top

City, University of London is an independent member institution of the University of London. Established by Royal Charter in 1836, the University of London consists of 18 independent member institutions with outstanding global reputations and several prestigious central academic bodies and activities.