Nicolás E. Díaz Ferreyra

Senior Researcher and Lecturer


Institute of Software Security

Blohmstr. 15

21079 Hamburg, Germany

I am a senior researcher and lecturer at the Institute of Software Security of Hamburg University of Technology. My main research focus stands at the intersection of human-computer interaction and privacy engineering. Particularly, I am passionate about people’s privacy practices in networked environments, their associated risks, and developing technologies to support information disclosure. For this, I analyse empirical data extracted from software repositories, conduct studies with human participants, and elaborate on machine learning models. I am especially interested in digital nudging applications for privacy and the usability of security-enhancing technologies.

Before joining the Hamburg University of Technology, I worked as a postdoctoral fellow at the University of Duisburg-Essen. From January 2020 to October 2021 I was the coordinator of the RTG “User-Centered Social Media” funded by the German Research Foundation (DFG). I have taken part of several European projects on privacy and securiy including PDP4E, AssureMOSS and more recently Sec4AI4Sec: Cybersecurity for AI-Augmented Systems. In the past, I have worked as a software engineer in Denmark and as an undergraduate research assistant in Argentina.

Since 2023 I am an associate member of the Research Institute for Socio-Technical Cybersecurity (RISCS) at the University of Bristol. Besides conducting my research, I am involved in multi-stakeholder forums for the discussion of public policies and Internet governance issues. Particularly, in debates concerning the users’ right to privacy and control over their private information.


Aug 15, 2023 📣 I will be in Melbourne 🇦🇺 from September to mid-November 2023, working as a visiting scholar at RMIT University
Jul 15, 2023 I am co-organizing the 2nd Workshop on Mining Software Repositories Applications for Privacy and Security at SANER '24
May 18, 2023 I am co-organizing the 3rd Workshop on Adverse Impacts and Collateral Effects of AI Technologies at IJCAI '23
Dec 8, 2021 IGF 2021 Town Hall #19 Paving the Road for the European Regulation on AI
Aug 16, 2021 I4ADA: Dialogues on Accountability in the Digital Age

selected publications

  1. MSR ’24
    What Can Self-Admitted Technical Debt Tell Us About Security? A Mixed-Methods Study
    Díaz Ferreyra, Nicolás E., Shahin, Mojtaba,  Zahedi, Mansooreh and 2 more authors
    In Proceedings of the 21st International Conference on Mining Software Repositories (MSR ’24) 2024
  2. SNAM ’23
    Cybersecurity Discussions in Stack Overflow: A Developer-Centred Analysis of Engagement and Self-Disclosure Behaviour
    Díaz Ferreyra, Nicolás E., Vidoni, Melina,  Heisel, Maritta and 1 more author
    Social Network Analysis and Mining Dec 2023
  3. JSS ’23
    Simple Stupid Insecure Practices and GitHub’s Code Search: A Looming Threat?
    Russel Go, Ken, Soundarapandian, Sruthi,  Mitra, Aparupa and 2 more authors
    Journal of Systems and Software Dec 2023
  4. MSR ’23
    LLMSecEval: A Dataset of Natural Language Prompts for Security Evaluations
    Tony, Catherine, Mutas, Markus,  Díaz Ferreyra, Nicolás E. and 1 more author
    In Proceedings of the 20th International Conference on Mining Software Repositories (MSR ’23) Dec 2023
  5. CHI ’23
    Regret, Delete, (Do Not) Repeat: An Analysis of Self-Cleaning Practices on Twitter After the Outbreak of the COVID-19 Pandemic
    Díaz Ferreyra, Nicolás E., Shahi, Gautam Kishore,  Tony, Catherine and 2 more authors
    In Extended Abstracts of the 2023 CHI Conference on Human Factors in Computing Systems (CHI EA ’23) Dec 2023
  6. CHASE ’23
    Developers Need Protection, Too: Perspectives and Research Challenges for Privacy in Social Coding Platforms
    Díaz Ferreyra, Nicolás E., Imine, Abdessamad,  Vidoni, Melina and 1 more author
    In 16th International Conference on Cooperative and Human Aspects of Software Engineering (CHASE 2023) Dec 2023
  7. QRS ’22
    GitHub Considered Harmful? Analyzing Open-Source Projects for the Automatic Generation of Cryptographic API Call Sequences
    Tony, Catherine, Díaz Ferreyra, Nicolás,  and Scandariato, Riccardo
    In 2022 IEEE 22nd International Conference on Software Quality, Reliability and Security Companion (QRS-C) Dec 2022
  8. EuroUSEC ’22
    ENAGRAM: An App to Evaluate Preventative Nudges for Instagram
    Díaz Ferreyra, Nicolás E., Ostendorf, Sina,  Aïmeur, Esma and 2 more authors
    In 2022 European Symposium on Usable Security (EuroUSEC 2022) Dec 2022
  9. ARES ’22
    SoK: Security of Microservice Applications: A Practitioners’ Perspective on Challenges and Best Practices
    Billawa, Priyanka, Bambhore Tukaram, Anusha,  Díaz Ferreyra, Nicolás E. and 3 more authors
    In International Conference on Availability, Reliability and Security (ARES) Dec 2022
  10. MSR ’22
    Vul4J: A Dataset of Reproducible Java Vulnerabilities Geared Towards the Study of Program Repair Techniques
    Bui, Quang-Cuong, Scandariato, Riccardo,  and Díaz Ferreyra, Nicolás E.
    In International Conference on Mining Software Repositories (MSR) Dec 2022
  11. EASE ’22
    Conversational DevBots for Secure Programming: An Empirical Study on SKF Chatbot
    Tony, Catherine, Balasubramanian, Mohana,  Díaz Ferreyra, Nicolás E. and 1 more author
    In Evaluation and Assessment in Software Engineering (EASE) Dec 2022