Presentation is loading. Please wait.

Presentation is loading. Please wait.

Master track Computer security: studying at the Kerckhoffs Institute Lejla Batina Digital Security Group Institute for Computing and Information Sciences.

Published byMartha Herndon Modified over 10 years ago

Similar presentations

Presentation on theme: "Master track Computer security: studying at the Kerckhoffs Institute Lejla Batina Digital Security Group Institute for Computing and Information Sciences."— Presentation transcript:

1 Master track Computer security: studying at the Kerckhoffs Institute Lejla Batina Digital Security Group Institute for Computing and Information Sciences (ICIS) Digital Security Nijmegen November 11, 2013

2 Organization

3 Research topics that you study Cryptographic foundations of security Security mechanisms within network protocols (IPSec, SSL, scans, intrusions, DOS attacks and firewalls) Software security: buffer overflows, SQL injections, design an implementation, verification, proof-carrying code, software evaluation Hardware security: physical security, security of smartcards and RFID tags Privacy enhancing technologies - PETS Law in cyberspace Implementations of secure systems

4 4 Motivation: crypto/security is everywhere

5 Researchers working on these topics 1/2 Bart Jacobs: correctness and security properties of software Erik Poll: software security, smartcard security, smart grids etc. Jaap Henk Hoepman: design of a secure and privacy-friendly Internet of Things, Identity management

6 Researchers working on these topics 2/2 Mireille Hildebrandt: data protection, cyber crime, fundamental rights protection, privacy and non- discrimination Lejla Batina: physical security, lightweight cryptography, implementations of cryptography Peter Schwabe: high-speed cryptography, cryptanalysis

7 Mandatory and optional courses Mandatory courses Network Security (UT) Cryptography 1 (TU/e) Software security (RU) Verification of security protocols (TU/e) Security in organizations (RU) Security and privacy in mobile systems (UT) Optional courses Introduction to biometrics (UT) Secure data management (UT) Cryptography 2 (TU/e) Seminar Inf. Security Technology (TU/e) Hacker’s Hut (TU/e) Hardware security (RU) Law in cyberspace (RU) Privacy seminar (RU)

8 Examples of research projects – short term Privacy-friendly solutions for data aggregation and filtering in SmartGrids Tor vs. the NSA Experimental comparison of time memory trade-offs Cluster analysis for side-channel attacks Voting on mobile devices Power measurement acquisition from an FPGA board OV-chipkaart on a NFC-enabled mobile phone Trusted interfaces for secure devices Big data and non-discrimination Data retention (NSA)

9 Examples of research projects – publications Kostas Papagiannopoulos, Gergely Alpár, and Wouter Lueks. Desigated Attribute Proofs with the Camenish-Lysyanskaya Signature. In 34th WIC Symposium on Information Theory, 2013. Manu Drijvers, Pedro Luz, Gergely Alpár and Wouter Lueks. Ad Hoc Voting on Mobile Devices. In 34th WIC Symposium on Information Theory, 2013. Jip Hogenboom and Wojciech Mostowski. Full Memory Read Attack on a Java Card. Proceedings of 4th Benelux Workshop on Information and System Security, Louvain-la-Neuve, Belgium, November 2009.

10 Master thesis projects with companies

11 Examples of recent MSc thesis projects Kostas Papagiannopoulos. High-throughput implementations of lightweight ciphers in the AVR ATtiny architecture, 2013 – now PhD student at the DS group Mathias Morbitzer. TCP Idle scans in IPv6, 2013 – now with Fox-IT Christiaan Hillen. Beyond Smart Meters: Legal compliance of Home Energy Management Systems, 2013 – now PhD student at the DS group Barry Weymes. Recognising botnets in organisations, 2012 - now with Fox-IT Arjan Blom. ABN-AMRO E-dentifier2 reverse engineering, 2011 – now with a start-up Ruben Muijrers. RAM: Rapid Alignment Method, 2011 – now with Riscure Brinio Hond. Fuzzing the GSM protocol, 2011 – now with KPMG Martijn Sprengers. GPU-based password cracking, 2011 – now with KPMG Jip Hogenboom. Principal component analysis and side-channel attacks, 2010 – now with KPMG Gerhard de Koning Gans. Analysis of the MIFARE classic used in the OV- chipkaart project, 2009 – now with the Dutch police

12 Master thesis projects – closer look and impact 1.Mathias Morbitzer. TCP Idle scans in IPv6, 2013. presented his thesis work at Hack in the Box 2013 in Malaysia and at HACK.LU in Luxemburg 2. Arjan Blom. ABN-AMRO E-dentifier2 reverse engineering, 2011. discovered a serious security flaw in the internet banking protocol of ABN- AMRO, which resulted in a publication at NordSec 2012 conference and attention in the Dutch press. 3. Ruben Muijrers. RAM: Rapid Alignment Method, 2011 found a new algorithm for the alignment of “power traces” based on image processing, which is now built into a commercial tool, published at CARDIS 2011. 4. Martijn Sprengers. GPU-based password cracking, 2011 MD5crypt password hashing scheme is considered not secure any more as the results of Martijn’s thesis, published at SHARCS2012.

13 Job perspective http://nos.nl/video/564092-kans-op-werk-in-cybersecurity.html

14 Why studying at the Kerckhoffs Institute – RU? ICT security is hot, with excellent job opportunities DS group performs multidisciplinary research DS group collaborates in developing better solutions for managing online privacy and electronic identities as a member of PI.lab DS promotes open standards and open source and has started many open source smartcard projects DS group has numerous projects with companies that specialise in security, such as (security) consultancy companies, evaluation laboratories etc. => many PhD study opportunities

Download ppt "Master track Computer security: studying at the Kerckhoffs Institute Lejla Batina Digital Security Group Institute for Computing and Information Sciences."

Similar presentations

Software Bundle ViPNet Secure Remote Access Arrangement using ViPNet Mobile © Infotecs.

Software Bundle ViPNet Secure Remote Access Arrangement using ViPNet Mobile © Infotecs.
Research & Development Workshop on e-Voting and e-Government in the UK - February 27, 2006 Votinbox - a voting system based on smart cards Sébastien Canard.

Research & Development Workshop on e-Voting and e-Government in the UK - February 27, 2006 Votinbox - a voting system based on smart cards Sébastien Canard.
Mobile Devices in the DoD

Mobile Devices in the DoD
Coding & Crypto Bachelor Colloquium 2013.

Coding & Crypto Bachelor Colloquium 2013.
1 Hardware Security Organisational stuff Lejla Batina & Erik Poll Digital Security Radboud University Nijmegen.

1 Hardware Security Organisational stuff Lejla Batina & Erik Poll Digital Security Radboud University Nijmegen.
Jaap-Henk Hoepman TNO ICT, Groningen, the Netherlands  Digital Security (DS) Radboud University Nijmegen, the Netherlands 

Jaap-Henk Hoepman TNO ICT, Groningen, the Netherlands  Digital Security (DS) Radboud University Nijmegen, the Netherlands 
Course summary COS 433: Crptography -Spring 2010 Boaz Barak.

Course summary COS 433: Crptography -Spring 2010 Boaz Barak.
Chapter 1  Introduction 1 Introduction Chapter 1  Introduction 2 The Cast of Characters  Alice and Bob are the good guys  Trudy is the bad guy 

Chapter 1  Introduction 1 Introduction Chapter 1  Introduction 2 The Cast of Characters  Alice and Bob are the good guys  Trudy is the bad guy 
Chapter 1  Introduction 1 Chapter 1: Introduction.

Chapter 1  Introduction 1 Chapter 1: Introduction.
Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”

Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”
Security and Systems. Three tenets of security Confidentiality Integrity Availability.

Security and Systems. Three tenets of security Confidentiality Integrity Availability.
1 The Challenge of Data and Application Security and Privacy (DASPY): Are We Up to It? Ravi Sandhu Executive Director and Endowed Professor February 21,

1 The Challenge of Data and Application Security and Privacy (DASPY): Are We Up to It? Ravi Sandhu Executive Director and Endowed Professor February 21,
Laboratory for SoC design TEMPUS meeting Niš, 15.05.2008.

Laboratory for SoC design TEMPUS meeting Niš,
Mumbai Cyber Lab A Joint Endeavor of Mumbai Police and NASSCOM Mumbai Cyber Lab A Joint Endeavor of Mumbai Police and NASSCOM Dr. Pradnya Saravade Dy.

Mumbai Cyber Lab A Joint Endeavor of Mumbai Police and NASSCOM Mumbai Cyber Lab A Joint Endeavor of Mumbai Police and NASSCOM Dr. Pradnya Saravade Dy.
Bruce Schneier Lanette Dowell November 25, 2009. Introduction  “It is insufficient to protect ourselves with laws; we need to protect ourselves with.

Bruce Schneier Lanette Dowell November 25, Introduction  “It is insufficient to protect ourselves with laws; we need to protect ourselves with.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
Conclusion 1 Conclusion Conclusion 2 Course Summary  Crypto o Basics, symmetric key, public key, hash functions and other topics, cryptanalysis  Access.

Conclusion 1 Conclusion Conclusion 2 Course Summary  Crypto o Basics, symmetric key, public key, hash functions and other topics, cryptanalysis  Access.
Part 4  Software 1 Conclusion Part 4  Software 2 Course Summary  Crypto o Basics, symmetric key, public key, hash functions and other topics, cryptanalysis.

Part 4  Software 1 Conclusion Part 4  Software 2 Course Summary  Crypto o Basics, symmetric key, public key, hash functions and other topics, cryptanalysis.
FIT3105 Security and Identity Management Lecture 1.

FIT3105 Security and Identity Management Lecture 1.
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.

Similar presentations

Ads by Google