1 / 14

Master track Computer security: studying at the Kerckhoffs Institute

Master track Computer security: studying at the Kerckhoffs Institute. Lejla Batina Digital Security Group Institute for Computing and Information Sciences (ICIS) Digital Security. Nijmegen November 11, 2013. Organization. Research topics that you study.

lavonn
Download Presentation

Master track Computer security: studying at the Kerckhoffs Institute

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Master track Computer security:studying at the Kerckhoffs Institute Lejla Batina Digital Security Group Institute for Computing and Information Sciences (ICIS) Digital Security Nijmegen November 11, 2013

  2. Organization

  3. Research topics that you study • Cryptographic foundations of security • Security mechanisms within network protocols (IPSec, SSL, scans, intrusions, DOS attacks and firewalls) • Software security: buffer overflows, SQL injections, design an implementation, verification, proof-carrying code, software evaluation • Hardware security: physical security, security of smartcards and RFID tags • Privacy enhancing technologies - PETS • Law in cyberspace • Implementations of secure systems

  4. Motivation: crypto/security is everywhere 4

  5. Researchers working on these topics 1/2 Bart Jacobs: correctness and security properties of software Erik Poll: software security, smartcard security, smart grids etc. Jaap Henk Hoepman: design of a secure and privacy-friendly Internet of Things, Identity management

  6. Researchers working on these topics 2/2 Mireille Hildebrandt: data protection, cyber crime, fundamental rights protection, privacy and non-discrimination Lejla Batina: physical security, lightweight cryptography, implementations of cryptography Peter Schwabe: high-speed cryptography, cryptanalysis

  7. Mandatory and optional courses Optional courses Introduction to biometrics (UT) Secure data management (UT) Cryptography 2 (TU/e) Seminar Inf. Security Technology (TU/e) Hacker’s Hut (TU/e) Hardware security (RU) Law in cyberspace (RU) Privacy seminar (RU) Mandatory courses Network Security (UT) Cryptography 1 (TU/e) Software security (RU) Verification of security protocols (TU/e) Security in organizations (RU) Security and privacy in mobile systems (UT)

  8. Examples of research projects – short term • Privacy-friendly solutions for data aggregation and filtering in SmartGrids • Tor vs. the NSA • Experimental comparison of time memory trade-offs • Cluster analysis for side-channel attacks • Voting on mobile devices • Power measurement acquisition from an FPGA board • OV-chipkaart on a NFC-enabled mobile phone • Trusted interfaces for secure devices • Big data and non-discrimination • Data retention (NSA)

  9. Examples of research projects – publications • Kostas Papagiannopoulos, Gergely Alpár, and Wouter Lueks. Desigated Attribute Proofs with the Camenish-Lysyanskaya Signature. In 34th WIC Symposium on Information Theory, 2013. • Manu Drijvers, Pedro Luz, Gergely Alpár and Wouter Lueks. Ad Hoc Voting on Mobile Devices. In 34th WIC Symposium on Information Theory, 2013. • Jip Hogenboom and Wojciech Mostowski. Full Memory Read Attack on a Java Card. Proceedings of 4th Benelux Workshop on Information and System Security, Louvain-la-Neuve, Belgium, November 2009.

  10. Master thesis projects with companies

  11. Examples of recent MSc thesis projects • Kostas Papagiannopoulos. High-throughput implementations of lightweight ciphers in the AVR ATtiny architecture, 2013 – now PhD student at the DS group • Mathias Morbitzer. TCP Idle scans in IPv6, 2013 –now with Fox-IT • Christiaan Hillen. Beyond Smart Meters: Legal compliance of Home Energy Management Systems, 2013 – now PhD student at the DS group • Barry Weymes. Recognising botnets in organisations, 2012 - now with Fox-IT • Arjan Blom. ABN-AMRO E-dentifier2 reverse engineering, 2011 –nowwith a start-up • Ruben Muijrers. RAM: Rapid Alignment Method, 2011 – now with Riscure • Brinio Hond. Fuzzing the GSM protocol, 2011 – now with KPMG • Martijn Sprengers. GPU-based password cracking, 2011 – now with KPMG • Jip Hogenboom. Principal component analysis and side-channel attacks, 2010 – now with KPMG • Gerhard de Koning Gans. Analysis of the MIFARE classic used in the OV-chipkaart project, 2009 – now with the Dutch police

  12. Master thesis projects – closer look and impact • Mathias Morbitzer. TCP Idle scans in IPv6, 2013. • presented his thesis work at Hack in the Box 2013 in Malaysia and at HACK.LU in Luxemburg • 2. Arjan Blom. ABN-AMRO E-dentifier2 reverse engineering, 2011. • discovered a serious security flaw in the internet banking protocol of ABN-AMRO, which resulted in a publication at NordSec 2012 conference and attention in the Dutch press. • 3. Ruben Muijrers. RAM: Rapid Alignment Method, 2011 • found a new algorithm for the alignment of “power traces” based on image processing, which is now built into a commercial tool, published at CARDIS 2011. • 4. Martijn Sprengers. GPU-based password cracking, 2011 • MD5crypt password hashing scheme is considered not secure any more as the results of Martijn’s thesis, published at SHARCS2012.

  13. Job perspective • http://nos.nl/video/564092-kans-op-werk-in-cybersecurity.html

  14. Why studying at the Kerckhoffs Institute – RU? • ICT security is hot, with excellent job opportunities • DS group performs multidisciplinary research • DS group collaborates in developing better solutions for managing online privacy and electronic identities as a member of PI.lab • DS promotes open standards and open source and has started many open source smartcard projects • DS group has numerous projects with companies that specialise in security, such as (security) consultancy companies, evaluation laboratories etc. => many PhD study opportunities

More Related