RL

R.L. Lagendijk

info

Please Note

15 records found

Deep Learning-based Side-channel Analysis for Evaluators

Doctoral thesis (2026) - A. Rezaeezade, R.L. Lagendijk, Lejla Batina, S. Picek
Digital devices are now deeply embedded in modern life. These devices process sensitive information, including personal data, financial records, and data related to critical infrastructure. Cryptography is therefore a fundamental component of digital security, providing confidentiality, integrity, authentication, key exchange, and digital signatures.

Although cryptographic algorithms are designed to be mathematically secure, their physical implementations can introduce vulnerabilities. When cryptographic algorithms run on hardware, devices unintentionally leak information through side channels such as power consumption, electromagnetic radiation, and timing behavior. These leakages can be exploited through side-channel analysis to recover secret information, including cryptographic keys.

Security evaluation laboratories assess the resistance of cryptographic implementations against such attacks. However, this process is costly and must strike a balance between thoroughness and practical limitations on time, budget, data, and computational resources. Deep learning-based side-channel analysis (DL-SCA) is attractive in this context because neural networks can learn leakage characteristics directly from traces, reducing the need for manual preprocessing and explicit statistical assumptions. At the same time, deep learning introduces new costs, caused by sensitivity to neural network hyperparameter selection, instability, and overfitting in its training process.

The central problem addressed in this thesis is the tension between the benefits and costs of deep learning in side-channel evaluation. On the one hand, deep learning can reduce evaluation effort by relaxing assumptions about leakage models and reducing dependence on known data. On the other hand, it can make evaluation more expensive due to model selection, hyperparameter tuning, and the risk of overfitting. This thesis investigates how DL-SCA can be made more practical, reliable, and cost-effective for security evaluation workflows.

To this end, the thesis studies several strategies for improving DL-SCA without relying on excessive hyperparameter tuning. It examines the impact of increasing the amount of training data, regularization techniques, and ensemble learning. These approaches aim to improve generalization, robustness, and attack stability under realistic evaluation constraints. The thesis also investigates two deep learning approaches that relax major assumptions in classical SCA: leakage model-flexible DL-SCA, which avoids relying on fixed leakage models such as Hamming weight or identity, and deep learning-based blind SCA, which reduces dependence on plaintext or ciphertext by learning from noisy labels. ...

Comparing Manual and LLM Approaches to Understanding How Smokers Experience Preparatory Activities in a Digital Cessation Intervention

Bachelor thesis (2025) - K. Nair, W.P. Brinkman, R.L. Lagendijk
Smoking remains a leading cause of preventable death, making effective cessation support a global health priority. While conversational agents (chatbots) offer a scalable solution, their success depends on understanding the user’s experience. This study addresses two interconnected challenges: first, understanding the subjective experience of smokers with preparatory activities proposed by a chatbot, and second, evaluating the efficacy of Large Language Models (LLMs) in analyzing this qualitative feedback. This research employs a comparative design. A manual thematic analysis of smokers’ written reflections first established a baseline coding scheme. This scheme was then compared against the outputs of three LLMs, which were tasked with both generating themes independently and applying the predefined manual scheme. The accuracy of the LLMs’ application was measured against the human baseline using Cohen’s Kappa. The manual analysis revealed that smokers’ experiences were predominantly positive, showing strong motivation and a sense that the activities helped reinforce their quitting goals. This was concurrently challenged by expressions of skepticism about the activities’ effectiveness and mentions of personal barriers to quitting. The comparative analysis demonstrated that while LLMs could identify these broad positive and negative topics, they failed to capture more subtle, attitude-based concepts, such as a user’s willingness to engage with an activity despite their personal doubts. Furthermore, the models’ accuracy in applying a predefined coding scheme was substantially lower than the human baseline. This work makes two primary contributions. For digital health, the findings show that cessation aids must be designed to personalize activities to address specific user barriers and skepticism. Methodologically, the study provides a clear verdict on the current role of LLMs in this context: while LLMs show potential as an exploratory aid in theme generation, they are not yet a viable tool for applying a predefined coding scheme, making human analytical oversight essential for ensuring the depth and validity of qualitative research. ...

From Key Management, Secure Computing, and Search Functionality

Doctoral thesis (2025) - H. Chen, R.L. Lagendijk, K. Liang
Big data is generated daily from diverse sources and devices, significantly transforming our lives through machine learning. However, it also presents major challenges, particularly for individuals and organizations with limited storage and computational resources. As a result, cloud services have gained increasing popularity over the past decades, enabling users to outsource storage and complex analysis tasks while focusing on data utilization. However, due to the potential curiosity of cloud servers and external attackers, directly uploading private data to the cloud is not a viable option. Instead, sensitive data must be encrypted before being outsourced.
This thesis investigates cryptographic solutions for secure and efficient cloud services, addressing key challenges in security, efficiency, and functionality. We focus on three core areas: updatable encryption (UE) to ensure long-termsecurity for stored data, fully homomorphic encryption (FHE) for efficient computation over encrypted data, and searchable encryption (SE) to maintain search functionality over outsourced encrypted data.... ...

Deep Latent Variable Modeling against Out-of-Distribution and Adversarial Inputs

Doctoral thesis (2025) - M. Glazunov, R.L. Lagendijk, D.M.J. Tax
As Deep Neural Networks (DNNs) continue to be deployed in safety-critical domains, two specific concerns — adversarial examples and Out-of-Distribution (OoD) data — pose significant threats to their reliability. This thesis proposes novel methods to enhance the robustness of deep learning by detecting such inputs and mitigating their impact.

A central insight of this work is that algorithmic stability plays a crucial role in generalizing to in-distribution data. Motivated by this, the thesis formulates a dual perspective on stability with respect to the hypotheses and explores whether this perspective facilitates the separation of problematic inputs under two main lenses: epistemic uncertainty estimation and the choice of an appropriate inductive bias. By grounding our approach in generative modeling with a latent variable based on an information bottleneck and, specifically, employing Variational Autoencoders (VAEs), we first leverage Bayesian inference over model parameters to estimate the model’s uncertainty with respect to a particular input. Second, we investigate the required properties of both VAE maps and latent representations from a topological perspective. This reveals how OoD inputs predominantly map onto empty regions — or “holes” — in the latent manifold. Finally, we discover that adversarial examples likewise exhibit similar behavior. This finding is then used to craft new scoring functions that reliably distinguish between inliers, outliers, and adversarial attacks. ...

Algorithms for Robust Prediction and Policy Optimization

Doctoral thesis (2025) - D.A. Vos, S.E. Verwer, R.L. Lagendijk
We increasingly encounter artificial intelligence-based technology in our daily lives, from smart home devices to self-driving cars to invisible systems running on our internet. Many artificial intelligence techniques use machine learning, algorithms that learn to predict or act based on collected data. Unfortunately, the most popular machine learning techniques, such as neural networks and ensembles, are so complex that humans cannot understand how they make predictions. Without understanding the prediction process, it is difficult to trust the model. Therefore, in this dissertation, we work on algorithms that learn models that are understandable to humans. The type of model we consider is a decision tree, a flowchart-like model that can easily be visualized so humans can understand it. These models ask a series of questions about an input and use the answers to derive a prediction.

Decision trees were popularized in the 1980s and extensively studied, but there is still room for improvement. The most popular algorithms for learning decision trees are fast but do not necessarily lead to the best performance. They are not robust, meaning tiny changes in the data can negatively influence the quality of their predictions. Also, the existing algorithms cannot be directly applied to problems where multiple sequential predictions have to be made. Therefore, this dissertation studies several techniques for learning decision trees for robustness and sequential decision making problems.

In Part I of the dissertation, we consider the problem of optimizing decision trees to make good predictions while being robust to small changes in the data. In Chapter 4, we tackle the problem of learning good decision trees quickly in this setting. We improved the runtime of an existing algorithm by speeding up one of the key operations. In Chapter 5, we solve the problem of finding the best possible robust decision tree. The idea is to formulate the problem as an Integer-Linear Program, a special mathematical problem that can be solved with highly optimized algorithms. In Chapter 6, we propose a method that allows learning of models that are more flexible in terms of robustness, i.e., by allowing data changes in different shapes. To create an efficient algorithm, we optimize only the model’s predictions, not the model’s question part. Finally, in Chapter 7, we use techniques for improving data privacy to enable robustness against another kind of data change: someone adding or removing data.

Part II of this dissertation is about sequential decision making problems. In these settings, we control a device or agent that tries to achieve some goal in a potentially uncertain environment. Sequential decision making problems are significantly different from the supervised learning problems considered in Part I since the data is not pre-collected. This class of problems encompasses many real-life problems; one of the simplest of those could be a thermostat that measures the temperature in a room and needs to decide whether to turn a heater on or off constantly. Highly complex problems such as self-driving cars can be modeled similarly. We aim to find a controller represented by a simple decision tree for such problems. Such a controller is called a policy, and by representing it with a small decision tree, humans can understand it. In Chapter 9, we assume that we have a perfect mathematical description of the problem and use it to find the best possible decision tree via Integer Programming techniques. Later in Chapter 10, we assume that we can only interact with the environment and do not have a mathematical description of the problem. In this setting, we find good policies by iteratively updating the tree to achieve better scores using gradient information.

In our research, we have developed various algorithms for learning decision trees in settings that are hard to optimize with existing methods: robust predictions and sequential decision making. We hope that our work on decision tree learning for these settings allows human-understandable machine learning to be used in more real applications in the future. By improving model understanding and robustness, we aim to enable machine learning systems that humans can trust.
...
Doctoral thesis (2025) - Y. Qiao, R.L. Lagendijk, K. Liang
Deep learning, a prominent branch of machine learning, leverages artificial neural networks to extract complex patterns and hierarchical representations from large datasets. Notably, advanced architectures such as convolutional neural networks (CNNs) and vision transformers (ViTs) have achieved remarkable success in various computer vision applications, particularly in image classification tasks.
While deep learning offers substantial benefits, it faces security challenges stemming from potentially unreliable models and untrustworthy training data. Such vulnerabilities can compromise model functionality through maliciously perturbed inputs or by introducing model Trojans, where adversaries embed triggers in input data to activate harmful behaviors.
Despite significant research on adversarial and backdoor attacks, along with their countermeasures in various deep learning systems, there remains a critical demand for innovative technical solutions to mitigate persistent vulnerabilities and bolster the security and robustness of these systems.
This thesis addresses three key security challenges, including (1) low attack robustness against common image transformations and anomaly frequency perturbations in backdoor triggers under centralized learning; (2) anomaly backdoor features and parameters introduced by current attack methods under decentralized learning; and (3) the significant drop in both clean and robust accuracy caused by global image restoration using diffusion models in adversarial purification.
In examining the vulnerabilities of centralized deep learning systems, Chapter 2 focuses on backdoor attacks against CNNs and Transformers as a malicious data provider. The thesis leverages an evolutionary algorithm to optimize the frequency properties of the designed trigger to maximize attack effectiveness, robustness against image transformation operations, and stealthiness in dual space under the black-box setting.
In investigating the security issues in the decentralized scenarios, Chapters 3 and 4 focuses on backdoor attacks against federated learning from the perspective of a malicious client. In Chapter 3, we propose a backdoor attack to disguise malicious updates of the adversary as benign at the parameter level by backdoor neuron constraint and model camouflage. In Chapter 4, we utilize the power of generative adversarial networks to produce stealthy and flexible triggers that minimize the representation distance between poisoned and benign samples.
To enhance the security of deep learning through data perspective, the thesis focuses on adversarial purification to improve the model robustness against adversarial attacks. In Chapter 5, we identify perturbed image regions through multi-scale superpixel segmentation and occlusion analysis, subsequently using diffusion models for in painting while maintaining visual consistency. ...

An Evergrowing Ally in Hardware Security Evaluation

Doctoral thesis (2025) - L.J.A. Weissbart, R.L. Lagendijk, L. Batina, S. Picek
To ensure that no information unintentionally leaks through side channels during the execution of cryptographic operations, the physical security of a device must be evaluated. Nowadays, a security analysis must show security not only against traditional Side-Channel Analysis (SCA) attacks (e.g., Differential Power Analysis (DPA)) involving classical statistical analysis but also against machine learning and deep learning attacks. If not protected against these attacks, symmetric and public-key cryptographic implementations can be at risk.

While traditional SCA attacks rely on a cryptanalyst’s expertise to extract features from the leakages of one or multiple traces and analyze their observations through statistical methods to recover the secret key. Deep Learning-based Side- Channel Analysis (DLSCA) attacks bring a new perspective to the field. DLSCA attacks rely on automating feature extraction using a task-specific algorithm. For most DLSCA attacks, an expert is still needed, but the expert’s work is shifted to training this algorithm. Among the different deep learning architectures, the most used in DLSCA are the Multilayer Perceptron (MLP) and the Convolutional Neural Networks (CNN). Those methods are Neural Networks (NN) trained to find patterns in a collected dataset of side-channel traces to recover the secret key given a proper tuning of their hyperparameters and a successful training process.

This thesis investigates the use of deep learning in side-channel analysis of symmetric and public-key cryptography and other applications of side-channel analysis. We go through the application of DLSCA for implementations of AES and ASCON in symmetric cryptography and EdDSA in public-key cryptography. We also explore the use of deep learning to enhance TEMPEST-like side-channel analysis and the use of side-channel analysis to reverse engineer neural networks.

The main contributions of this thesis are as follows. First, we show the performances that can reach a MLP on a dataset of an AES implementation protected with a masking countermeasure. We demonstrate that MLP can defeat the masking countermeasure and recover the secret key with a high success rate for many configurations of hyperparameters and power intermediate models and even with very few parameters.

Second, we present an application of CNN in the side-channel analysis of the lightweight authenticated encryption algorithm ASCON on a 32-bit microcontroller. We demonstrate that the reference implementation is vulnerable to DLSCA attacks and that the same attack can be applied to a masked implementation but cannot completely recover the secret key.

Third, we propose a single-trace attack on the ephemeral key of EdDSA on the elliptic curve 25519. We show that the attack can recover the secret key from a single execution of an implementation on a 32-bit microcontroller. This attack is based on a CNN, and we demonstrate that, of the other profiling methods explored, the CNN is the most efficient for this attack. Furthermore, we systematize this attack and show that it can be applied to a different target and implement countermeasures against side-channel analysis.

Finally, we demonstrate the use of side-channel analysis and deep learning in different applications than cryptographic implementations. We present a methodology to evaluate TEMPEST attacks using deep learning. We focus the analysis of the electromagnetic emanations of mobile devices without visual line of sight, to build a testbed with a standard setup that can be used to test different attacker models. A second application is the use of side-channel analysis to reverse engineer neural networks on GPU. We show that side-channel analysis of the electromagnetic emanations of a GPU can be used to recover several hyperparameters of a neural network during the inference phase.

Our main research goal is to apply deep learning to side-channel analysis to develop new attacks for existing implementations and countermeasures, and we believe that this thesis is a step in that direction regarding the aforementioned contributions. We also believe that the reading of this thesis will shine the light on the potential of deep learning in side-channel analysis and inspire future research in this field to help to secure the electronics of tomorrow. ...
Doctoral thesis (2024) - T. Li, R.L. Lagendijk, Z. Erkin
In modern society, data is increasingly important for people's daily lives and commercial activities to benefit organization, management and analysis. Proper data utilization involves different stages, and the data life cycle is introduced to describe the procedures as generation, collection, processing, storage, management, analysis, visualization and interpretation. Along the data life cycle, data privacy is highly concerned since possible breaches can lead to the abuse of personal information and financial loss. In this thesis, we advance data privacy protection in data processing, data management, and data analysis correlated with the Spark Living Lab project in the domain of supply chains and machine learning. To enhance privacy protection, we propose solutions based on differential privacy and cryptographic protocols since they provide strong and provable security and privacy guarantees. Moreover, we integrate differential privacy and cryptographic protocols to achieve strong privacy guarantees efficiently and practically for data processing, management, and analysis.

In data processing, we focus on data anonymization and location data perturbation in supply chains. Data de-identification is essential to comply with privacy laws, such as GDPR, before possible sharing or analysis. We propose an anonymization algorithm by combining differential privacy and k-anonymity to achieve stronger privacy guarantees or better data utility than using them alone. Meanwhile, we consider trajectory hiding under possible attacks and real maps, which propose a more practical solution to share trajectory data under privacy protection.

In data management, we address secure data sharing with cryptographic protocols. Data sharing is vital in data management to advance collaboration and knowledge. However, possible data breaches and malicious inputs can lead to potential financial loss and identity theft. In this thesis, we propose a framework for sharing logistic data in a privacy-preserving way using blockchain and cryptographic protocols. Differential privacy is applied to anonymize data, while cryptographic protocols enhance privacy during data transmission.

In data analysis, we pay attention to privacy-preserving machine learning. Machine learning models are usually trained on large datasets which may contain sensitive personal information. It is important to consider privacy protection during the training and utilization of models. We use differential privacy and secure multi-party computation techniques to design a framework for collaborative learning among multiple parties against inference attacks. Also, we utilize zero-knowledge proof to validate model integrity without leaking the model. ...
Doctoral thesis (2024) - M. Krcek, R.L. Lagendijk, S. Picek
In an era of increasing reliance on digital technology, securing embedded and interconnected devices, such as smart cards or Internet of Things (IoT) devices, against emerging threats becomes crucial, highlighting the need for advanced security measures. Cryptographic algorithms, essential for secure communication, data storage, and transaction integrity, are often employed to develop secure systems. However, the practical implementation of these algorithms in software and hardware introduces vulnerabilities, exposing sensitive information to risks. Implementation attacks, such as fault injection (FI) and side-channel analysis (SCA), belong to a category of security threats that exploit these vulnerabilities occurring during the cryptographic algorithms’ execution.

Security evaluation and certification assess the product’s security features against industry best practices and regulatory standards. These processes aim to independently verify the claims made about the product’s security, fostering and maintaining trust among users. Given the evolving landscape of security threats and increasing security concerns, the need for more efficient and resource-effective security evaluations has become evident. Fault injection and side-channel analysis are commonly conducted as part of this assessment, and recent studies have demonstrated that integrating artificial intelligence (AI) methods can significantly enhance their performance. Moreover, this integration can provide more automated and optimized attacks for security evaluation.

This thesis aims to advance AI-based implementation attacks by investigating current AI frameworks, with the objective of improving the efficiency and effectiveness of these attacks across various scenarios. We target specific challenges within AI-based fault injection (AIFI) and deep learning-based SCA (DLSCA), addressing gaps in the current methodologies and proposing solutions that significantly impact their performance and efficiency. We focus on hyperparameter tuning of the utilized AI methods, portability of the attacks, and alternative evaluation metrics within the AI frameworks.

Hyperparameter tuning is critical but can be a time-intensive process. By investigating specific hyperparameters, we can identify those crucial for the performance, guiding a more efficient tuning process. This thesis focuses on initialization methods, revealing no universally optimal initialization method. Instead, we offer a strategic approach to selecting initialization methods that can lead to improved and more reliable performance in specific scenarios. Next, we provide practical AI-based solutions to enhance the portability of FI parameter search results across different samples of the same target and SCA profiling models across different public datasets (targets). This approach makes security evaluation more efficient by leveraging data and findings to expedite evaluations on other targets. Furthermore, this enables future efforts to develop universal methods to help standardize the AI-based implementation attacks for security evaluation. Lastly, we revisit and refine evaluation metrics within the AI-based implementation attacks, proposing new metrics better aligned with the considered objectives. We present new XIX XX SUMMARY metrics for evaluating the performance of AI-based FI parameter search to find distant vulnerable regions of the target alongside algorithms for this objective. On the other hand, we improve the training process of DLSCA by introducing a training scheme involving the redefinition of the labels and a metric that can evaluate the generality of the profiling model, enabling better assessment for early stopping and model tuning.

Through its exploration of AI-based implementation attacks, this thesis offers valuable insights and practical solutions that significantly enhance the field. By improving the efficiency and effectiveness of AI-based implementation attacks, this research not only aids security analysts but also offers a foundation for future standardization efforts of these attacks for security evaluation.
...

The effects of the use of machine learning in criminal sentencing on the application of the theories of punishment

Bachelor thesis (2021) - M.W. de Lange, R.L. Lagendijk, E. Aizenberg, H.S. Hung
In recent years, the practice of risk-assessment has started to utilize machine learning to take in larger data sets and improve prediction accuracy. Simultaneously, it has expanded into the sentencing stage of the criminal justice system. This paper analyzes the effect of these developments on the consideration of the theories of punishment during sentencing. After first going over key characteristics of both the theories of punishment and the practice of risk-assessment, it presents a series of connections between aspects of machine learning enabled risk-assessment and each of the theories of punishment. It then provides developers of such systems with both general advice and advice aimed specifically at the highlighted effects, rooted in various design methodologies such as Systemic Design and Value-Sensitive Design, in order to better account for these effects. Future research can expand upon this paper both in depth and in scope: in depth by carrying out the empirical research needed to verify and improve upon the ideas in this paper; in scope by extending this research to other ethical debates surrounding machine learning in criminal justice. ...

Data veracity, completeness, and clustering

This thesis presents several methodological and statistical solutions to problems encountered in cyber security. We investigated the effects of compromised data veracity in state estimators and fraud detection systems, a model to impute missing data in attributes of linked observations, and an unsupervised approach to detect infected machines in a computer network. ...
Doctoral thesis (2021) - O. Ersoy, R.L. Lagendijk, Z. Erkin
Bitcoin is a widely acknowledged digital currency that is designed in a decentralized manner. The recognition of Bitcoin has introduced the notion of cryptocurrencies and, in general, blockchain technology. Blockchain, within less than a decade, has become one of the most exciting technological developments. Among several exciting use cases and projects, there has been an inevitable hype in the industry as well. While in the research community, it has opened an interdisciplinary research field among cryptography, distributed systems, and economics.

Notwithstanding the interest and great effort, blockchain is still a new and evolving technology, and numerous challenges need to be addressed.
To name a few, security, privacy, scalability, smart contracts, and economic aspects with their manifold sub-challenges can be mentioned.Among the research challenges, in this thesis, we investigate three crucial ones for the long-term functionality of the Bitcoin-like blockchains, which are security, scalability, and economic aspects.Our works can be divided into two subjects: transaction propagation and payment channel networks.

Transaction propagation or advertisement refers to the dissemination of newly created transactions of clients in the mining network.In this thesis, we investigate the lack of incentives for transaction propagation and provide an incentive mechanism for peer-to-peer mining networks. Moreover, we focus on the inefficient routing of the transactions and propose a smart routing mechanism.

Payment channel networks (PCN) are promising layer-2 protocols aiming to improve the scalability of blockchains.In this thesis, we present three works on the PCNs.Firstly, we investigate the incentives to participate in multi-hop payments and propose a profit strategy that would encourage the use of PCNs.
Secondly, we propose the first Bitcoin-compatible virtual channel constructions on payment channels that improve the efficiency and availability of multi-hop payments. Finally, we introduce the first post-quantum PCN utilizing our post-quantum adaptor signature scheme. Our works mainly focus on Bitcoin and its PCN, Lightning Network, yet they can be applied to the blockchains and cryptocurrencies having similar characteristics. ...
The internet traffic is constantly rising nowadays due to the significant increase of the devices connected to the Internet. As a consequence, many cyber risks have arisen. Cybercriminals are trying to exploit the vulnerabilities of these devices to cause damage and gain profit. Monitoring the network traffic and detecting such threats has become essential in order to keep safe systems that are connected to the Internet. The powerful properties of state machines and the sequential nature of the network traffic data, makes them an interesting and promising solution for the implementation of an intrusion detection system.

The goal of this thesis is to implement a new state-merging heuristic which will speedup the state machine building procedure without a significant loss on the quality of the model, and use it to detect malicious host on network traffic data. The new state-merging heuristic is utilizing the Locality-sensitive Hashing concept to store the future traces of each state and simplify the consistency check for the merge of two states. The network traffic data used are in the NetFlow format, and they are encoded and converted into traces in order to build the state machine model and measure its performance. The state machine built is modeling a malicious behavior and used to classify other hosts.

We show that the models built can effectively detect the malicious hosts, with its performance being comparable to the one of a state-of-the-art model. At the same time, the time needed to build the model is much less when compared to the time needed by other state-merging heuristics. ...

A framework for the correct assessment of machine learning-based intrusion detection systems

The Internet is a relatively new technology that the world has become immensely dependent on. It is a tool that makes it possible to simplify our lives and better our society. But as with many things, there are people who with to exploit this tool we have for their own malicious gain. One of the mechanisms that we can use for protection against these malicious actors is the intrusion detection system. Machine learning-based intrusion detection systems (IDS) have been heavily researched for a number of years now. Much of this research, though, appears to be conducted using improper methodologies and incorrect evaluation.
Such methodologies include training and testing IDSs with unrealistic data and using uninformative metrics to determine performance. In this research, we perform a case study using one such IDS. This IDS is trained and evaluated using real network traffic collected from a real-world network. Additionally, we test its performance on actual attack traffic. This research demonstrates that an IDS that is trained with unrealistic data performs nowhere near as well as is claimed by the author when trained using real network traffic. Finally, we propose CAML-IDS, a framework for the correct assessment of machine learning-based intrusion detection systems. This framework can assist future IDS research by preventing incorrect evaluation, in turn preventing the formulation of incorrect research. ...

A gesture-based peer-to-peer transaction system

Bachelor thesis (2017) - Hidde Lycklama à Nijeholt, Joris Oudejans, Inald Lagendijk, Chiel Liezenberg
Strape enables users to initiate and authorize peer-to-peer transactions without alphanumerical input by
using gestures. OK, a smart wallet app, combines authentication, marketing and payment services in a single
app. By choice, peer-to-peer payments were excluded from the initial design of the OK app, because no
compelling user experience for this type of payment was available, yet. With Strape there is. To incorporate
the Strape functionality inOKand other host applications, the Strape functionality needs to be made available
as an SDK.
The goal of the project is therefore twofold: An SDK must be developed that provides the gesture-based
functionality and adheres to a number of integration use cases for various possible hosting applications. First,
it should be possible to initiate transactions by using gestures, and authorize the transactions by tapping on
a discovered user and swiping it towards them. Secondly, the SDK should be structured in such a way that it
is possible for a host application to fully integrate the SDK.
The system is implemented using a set of configurable classes with the business logic and a data provider
that handles all data mutation and persistence. Furthermore, it holds views that can be extended by a host
application for further customization. Discovery is implemented by using Bluetooth Low Energy, a protocol
that enables constant advertisement and scanning of users in proximity. To ensure testability and maintainability,
aModel-View-Presenter architecture is used.
The SDK is implemented in OK at various points in the app, namely as a favorite between payment accounts,
IDs and tickets, as a shortcut in the main overview and as an overlay with transaction objects. OK
mostly uses the standard SDK configuration variables.
The project was managed using Scrum with 1-week sprints. Version control was handled by Git and
SemVer and the project was continuously integrated by using Bitrise. Although a connection to the Strape
Virtual Account System was planned, time constraints and prioritization of the core Strape functionality resulted
in leaving it out of the final product.
The result satisfies the project goal in that an SDK is realized comprising the core Strape functionality
with the specified integration requirements. Furthermore, a first version of the SDK is integrated in the OK
app, satisfying all UI integration requirements. The project has showed us the importance of the necessary
overhead with software development projects such as this one. We recommend developing the requirements
we deemed out of scope for this project to complete the entire peer-to-peer transaction proposition. ...