Pages
- 1
- 2
- document
-
Thomas, Wessel (author)Network Intrusion Detection Systems (NIDSs) defend our computer networks against malicious network attacks. Anomaly-based NIDSs use machine learning classifiers to categorise incoming traffic. Research has shown that classifiers are vulnerable to adversarial examples, perturbed inputs that lead the classifier into misclassifying the input....master thesis 2023
- document
-
Griffioen, H.J. (author)The growing dependency on interconnected devices makes cyber crime increasingly lucrative. Together with the rise of premade tools to perform exploits, the number of cyber incidents grows rapidly each year. Defending against these threats becomes increasingly difficult as organizations depend heavily on the Internet and have many different...doctoral thesis 2022
- document
-
Frensel, Mees (author)P4 programmable data-planes provide operators with a flexible method to set up data-plane forwarding logic. To deploy networks with confidence, a switch's forwarding logic should correspond with its intended behavior. Programs loaded onto programmable data-planes don't necessarily go through as much testing as traditional fixed-function devices...bachelor thesis 2022
- document
-
de Vos, Adriaan (author)The upcoming IEEE 802.1CB standard aims to solve performance and reliability issues in Time-Sensitive Networking (TSN). Mission-critical systems often use these standards for communication in automotive, industrial, and avionic networks. However, researchers did not sufficiently investigate the security risks and possible mitigation solutions to...master thesis 2022
- document
-
Vermeer, M. (author), van Eeten, M.J.G. (author), Hernandez Ganan, C. (author)Notwithstanding the predicted demise of signature-based network monitoring, it is still part of the bedrock of security operations. Rulesets are fundamental to the efficacy of Network Intrusion Detection Systems (NIDS). Yet, they have rarely been studied in production environments. We partner with a Managed Security Service Provider (MSSP) to...conference paper 2022
- document
-
Chiba, Daiki (author), Akiyama, Mitsuaki (author), Otsuki, Yuto (author), Hada, Hiroki (author), Yagi, Takeshi (author), Fiebig, Tobias (author), van Eeten, M.J.G. (author)Security Operations Centers (SOCs) are in need of automation for triaging alerts. Current approaches focus on analyzing and enriching individual alerts. We take a different approach and analyze the population of alerts. In an observational study over 24 weeks, we find a surprising pattern: some domains get analyzed again and again by different...journal article 2022
- document
-
Apruzzese, Giovanni (author), Pajola, Luca (author), Conti, M. (author)Enhancing Network Intrusion Detection Systems (NIDS) with supervised Machine Learning (ML) is tough. ML-NIDS must be trained and evaluated, operations requiring data where benign and malicious samples are clearly labeled. Such labels demand costly expert knowledge, resulting in a lack of real deployments, as well as on papers always relying...journal article 2022
- document
-
Förstel, Irène (author)Nowadays does the internet presence of companies increase, and with it, their attack surface and the probability of breaches: every information system in the company's network may be an entry point for an outsider. Therefore, companies need to secure their information systems. However, current risk assessment frameworks fail to connect the...master thesis 2021
- document
-
d' Estalenx, Antoine (author)IoT devices keep entering our homes with the promise of delivering more services and enhancing user experience; however, these new devices also carry along an alarming number of vulnerabilities and security issues. In most cases, the users of these devices are completely unaware of the security risks that connecting these devices entail. Current...master thesis 2021
- document
-
Neeleman, Fimme (author)The IPv6 routing protocol for low-power and lossy networks (RPL) is a routing protocol that is standardized for constrained devices. This standard only considers static nodes and consequently underperforms in networks with moving nodes. Several studies exist intending to mend this problem, but analyses of RPL's performance in mobile situations...bachelor thesis 2021
- document
-
Epifanov, Mikhail (author)Malware Packet-sequence Clustering and Analysis (MalPaCA) is a unsupervised clustering application for malicious network behavior, it currently uses solely sequential features to characterize network behavior. In this paper an extensive comparison between those features and statistical features is performed. During the comparison a better...bachelor thesis 2021
- document
-
Kerkhof, Jorden (author)The urgency for high-security products for industrial networks is increasing as malicious hackers are improving their accessibility tools. A common practice for a company to protect its sensitive data is network segmentation. The network is segmented in different domains with distinctive security levels. The sensitive data is stored and managed...master thesis 2021
- document
-
Bortolameotti, Riccardo (author), Van Ede, Thijs (author), Continella, Andrea (author), Hupperich, Thomas (author), Everts, Maarten H. (author), Rafati, Reza (author), Jonker, Willem (author), Hartel, P.H. (author), Peter, Andreas (author)Passive application fingerprinting is a technique to detect anomalous outgoing connections. By monitoring the network traffic, a security monitor passively learns the network characteristics of the applications installed on each machine, and uses them to detect the presence of new applications (e.g., malware infection). In this work, we...conference paper 2020
- document
-
Knezevic, Karlo (author), Picek, S. (author), Jakobovic, Domagoj (author), Hernandez-Castro, Julio (author)Finding optimal adversarial dynamics between defenders and attackers in large network systems is a complex problem one can approach from several perspectives. The results obtained are often not satisfactory since they either concentrate on only one party or run very simplified scenarios that are hard to correlate with realistic settings. To...conference paper 2020
- document
-
Moelchand, Pravesh (author), Gnanavarothayan, Kabilan (author), Verheijde, Jim (author), van Stam, Just (author)Intermax Cloudsourcing B.V. designs, implements and manages critical IT-infrastructures for Dutch clients from the medical, public and financial sectors. The information that passes over these IT-infrastructures is highly confidential and privacy-sensitive, therefore it is essential that these infrastructures are secure. To improve the security...bachelor thesis 2019
- document
-
Noroozian, A. (author), Koenders, Jan (author), van Veldhuizen, Eelco (author), Hernandez Ganan, C. (author), Alrwais, Sumayah (author), McCoy, Damon (author), van Eeten, M.J.G. (author)This paper presents the first empirical study based on ground-truth data of a major Bullet-Proof Hosting (BPH) provider, a company called Maxided. BPH allows miscreants to host criminal activities in support of various cybercrime business models such as phishing, botnets, DDoS, spam, and counterfeit pharmaceutical websites. Maxided was legally...conference paper 2019
- document
-
Pletinckx, Stijn (author)Prior to exploiting a vulnerable service, adversaries perform a port scan to detect open ports on a target machine. If an adversary is aiming for multiple targets, multiple IP addresses need to be scanned for possible open ports. As sending all this probing traffic with one source IP address causes a lot of suspicion in an intrusion detection...bachelor thesis 2018
- document
-
Bortolameotti, Riccardo (author), van Ede, Thijs (author), Caselli, Marco (author), Everts, M.H. (author), Hartel, P.H. (author), Hofstede, Rick (author), Jonker, Willem (author), Peter, A. (author)We present DECANTeR, a system to detect anomalous outbound HTTP communication, which passively extracts fingerprints for each application running on a monitored host. The goal of our system is to detect unknown malware and backdoor communication indicated by unknown fingerprints extracted from a host's network traffic. We evaluate a prototype...conference paper 2017
- document
-
Arelakis, A. (author)Network Security is a significant issue nowadays. The information flow is enormous and the attacks have been substantially evolved.Every single packet of the flow must be scanned in deep and checked with all known attack rules (Deep Packet Inspection) to determine whether it is malicious. However, the task of Deep Packet Inspection requires a...master thesis 2008
- document
-
Sourdis, I. (author)This dissertation deals with essential issues pertaining to high performance processing for network security and deep packet inspection. The proposed solutions keep pace with the increasing number and complexity of known attack descriptions providing multi-Gbps processing rates. We advocate the use of reconfigurable hardware to provide...doctoral thesis 2007
Pages
- 1
- 2