Security

Organisatieprofiel

Introductie / missie

Research in the Security (SEC) group spans two areas vital to the security of decentralized and embedded systems, and has its center of gravity in the intersection of these areas. The two areas are security policy specification & enforcement and security of embedded systems.

Over de organisatie

Policy Specification and Enforcement. While the Internet allows for a free exchange of data, the security boundaries  needed to guarantee privacy and confidentiality have become the main obstacle to flexible cooperation within and between (virtual) organizations.

The classical preventive access control mechanisms cannot cope with heterogeneous distributed systems and they have to be at least partially replaced by more elaborate trust management  and compliance control systems. This is where SEC expertise lies: in the specification and implementation of policies for distributed systems.

Security of Embedded Systems

Securing networked embedded systems is particularly challenging because of their lack of computational and physical resources. In this area, SEC focuses presently on the security of mobile (e.g. smart-card based) systems; for instance in the PinpasJC project we are studying side channel attacks on smart cards.

One of the challenges that embedded devices face is secure key storage. This issue is addressed by SEC's research on Physical Unclonable Functions, a novel approach based on the extraction of randomness from the physical components of the device itself. Also in this area and closely linked to coding and crypto we have the project PinpasJC (on the analysis of smart card algorithms to identify possible side-channel attacks).

These areas overlap to a great extent and their intersection forms the core of SEC's research: compliance control for distributed and embedded systems. SEC's approach is to start from a concrete security problem and solve it by addressing the fundamental issues behind it. SEC's strength lies precisely in the ability to understand deeply both the user's concern as well as the theory behind it.

Master's projects

There are many options for master thesis projects, both internal projects and projects in industry.

See the website for more information on the group and its projects.

Vingerafdruk Verdiep u in de onderzoeksgebieden waarop Security actief is. Deze onderwerplabels komen uit het werk van de leden van deze organisatie. Samen vormen ze een unieke vingerafdruk.

    • Netwerk Recente externe samenwerking op landenniveau. Duik in de details door op de stippen te klikken.

    Profielen

    Geen foto van Arne A. Aarts

    Arne A. Aarts, MSc

    Persoon: Prom. : Promovendus

    Foto van Luca Allodi

    Luca Allodi

    Persoon: UD : Universitair Docent

    20112020
    Geen foto van Pavlo Burda

    Pavlo Burda, MSc

    Persoon: Prom. : Promovendus, OWP : Docent / Onderzoeker

    20192019

    Onderzoeksoutput

    An authorization framework for cooperative intelligent transport systems

    Ravidas, S., Karkhanis, P., Dajsuren, Y. & Zannone, N., 1 jan 2020, Emerging Technologies for Authorization and Authentication - 2nd International Workshop, ETAA 2019, Proceedings. Saracino, A. & Mori, P. (redactie). Cham: Springer, blz. 16-34 19 blz. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); vol. 11967 LNCS).

    Onderzoeksoutput: Hoofdstuk in Boek/Rapport/CongresprocedureConferentiebijdrageAcademicpeer review

    • 2 Downloads (Pure)

    Design of practical IoT identification methods: deliverable 2.2, Month 34, Nov 2019

    Razeghi, B., Voloshynovskiy, S., Gheisari, M., Furon, T., Amsaleg, L., Leermakers, D. & Škorić, B., jan 2020, Eindhoven: Technische Universiteit Eindhoven. 90 blz. (Computer Science Reports; vol. 20-01)

    Onderzoeksoutput: Boek/rapportRapportAcademic

    Open Access
    Bestand

    Measuring the accuracy of software vulnerability assessments: experiments with students and professionals

    Allodi, L., Cremonini, M., Massacci, F. & Shim, W., 1 mrt 2020, In : Empirical Software Engineering. 25, 2, blz. 1063-1094 32 blz.

    Onderzoeksoutput: Bijdrage aan tijdschriftTijdschriftartikelAcademicpeer review

    Open Access
    Bestand
    • 13 Downloads (Pure)

    Knipsels

    US Patent Issued to NXP on June 30 for "Balanced encoding of intermediate values within a white-box implementation" (Dutch, Belgian Inventors)

    Wil P.A.J. Michiels

    30/06/20

    1 item van Media-aandacht

    Pers / media: Vakinhoudelijk commentaar

    On the Foundations of White-Box Cryptography

    Wil P.A.J. Michiels

    27/05/20

    1 item van Media-aandacht

    Pers / media: Vakinhoudelijk commentaar

    Blog: Protecting Your Machine Learning Investment (Part II)

    Wil P.A.J. Michiels

    6/04/20

    1 item van Media-aandacht

    Pers / media: Vakinhoudelijk commentaar

    Scripties/Masterproeven

    Automated 2G traffic interception and penetration testing

    Auteur: Veens, T., 26 nov 2018

    Begeleider: Michiels, W. (Afstudeerdocent 1) & Moonen, R. (Externe persoon) (Externe coach)

    Scriptie/masterproef: Master

    Bestand

    Boarding a sinking ship: trust mechanisms in the underground in the face of high market platform volatility

    Auteur: Wouters, R., 25 nov 2019

    Begeleider: Allodi, L. (Afstudeerdocent 1)

    Scriptie/masterproef: Master

    Bestand

    Characterization of illegal dark web arms markets

    Auteur: Ubbink, J., 25 nov 2019

    Begeleider: Allodi, L. (Afstudeerdocent 1)

    Scriptie/masterproef: Master

    Bestand