home

SNE Master Research Projects 2018 - 2019

http://uva.nl/
2004-2005 2005-2006 2006-2007 2007-2008 2008-2009 2009-2010 2010-2011 2011-2012 2012-2013 2013-2014 2014-2015 2015-2016 2016-2017 2017-2018 2018-2019 2019-2020
Contact TimeLine Projects LeftOver Projects Presentations-rp1 Presentations-rp2 Objective Process Tips Project Proposal

Contact

Cees de Laat, room: C.3.152
And the OS3 staff.
Course Codes:

Research Project 1 53841REP6Y
Research Project 2 53842REP6Y

TimeLine

RP1 (January):
  • Wednesday Nov 01, 2018, 10h15-13h00: Introduction to the Research Projects.
  • Wednesday Dec 05, 2018, 10h15-13h00: Detailed discussion on selections for RP1.
  • Monday Jan 7th - Friday Feb 1th 2019: Research Project 1.
  • Friday Jan 11th: (updated) research plan due.
  • Monday Jan 21, 2019, 16h00, progress meeting (not mandatory).
  • Monday Feb 4, 2019 15h00-17h00: Presentations RP1 in B1.23 at SP 904.
  • Tuesday Feb 5, 2019 10h00 - 17h00: Presentations RP1 in B1.23 at SP 904.
  • Sunday Feb 10, 24h00: RP1 - reports due
RP2 (June):
  • Wednesday May 22, 2019, 14h00-16h00, B1.23 Detailed discussion on chosen subjects for RP2.
  • Monday Jun 3th - Friday Jun 28, 2019: Research Project 2.
  • Friday Jun 7th: (updated) research plan due.
  • Monday Jun 17: come back day 16h00.
  • Thursday Jul 4 2019, 10h00-17h00: presentations in H0.008 @ SP904.
(as backup presentation day we have:
Wednesday Jul 3 2019, 12h00-17h00: presentations in Turing zaal @ CWI.)

Projects

Here is a list of student projects. Find here the left over projects this year: LeftOvers.
In a futile attempt to prevent spam "@" is replaced by "=>" in the table.
Color of cell background:
Project available Presentation received. Confidentiality was requested.
Currently chosen project. Report received. Blocked, not available.
Project plan received. Completed project. Report but no presentation
Outside normal rp timeframe project will be done in next block

wordle-s.png


title
summary
supervisor contact

students
R

P
1
/
2
1

End-to-end automated email component testing.

Handling electronic mail in the modern age involves many different software components, as well as significant configuration skills and regular maintenance. This creates a large surface for human error. What is currently missing is an end-to-end automated email component test that system administrators running email systems can use to see if all the components in their actual setup are fully functional. The research question is defined as:
  • To what extent can we prove an e-mail server is properly setup via end-to-end component testing?
In order to answer the main research question, the following sub-questions are defined:
  • What are relevant e-mail server components?
  • Which features are missing in the current mail testing websites, that are required in an end-to-end system?
  • What tests can we run on those missing components.
Code can be found on: https://gitlab.os3.nl/Networking/pogo
Michiel Leenaars <michiel=>nlnet.nl>

Isaac Klop <Isaac.Klop=>os3.nl>
Kevin Csuka <kevin.csuka=>os3.nl>
R

P
2
11

Network Functions Virtualization and Security.

The security threat landscape is ever changing with cyber-attacks becoming increasingly sophisticated and targeted. This accompanied by the fact that an increasing number of applications and data are moving into the cloud only further complicates the situation. The traditional approach of securing an organization with a firewall is probably not sufficient anymore.

The question to be addressed by the research assignment is to investigate this issue and suggest solutions for the research and education sector in the Netherlands.
  • How are the research and education institutions in the Netherlands securing themselves from cyber-attacks today?
  • What additional measures need to be taken and which functionality needs to be added to their infrastructure (IPS, IDS?)
  • Can Network Functions Virtualization play a role in providing (part) of the security functionality?
  • Would it be useful if the required (virtualized) functionality is centrally arranged on a common NFV platform instead of each research and education institution arranging this for themselves?
Richa Malhotra <richa.malhotra=>surfnet.nl>

Rik Janssen <Rik.Janssen=>os3.nl>
R

P
2
12

Technical feasibility of Segment Routing Traffic Engineering to steer traffic through VNFs.

Steering traffic to NVFs (Network Virtual Functions) in a network allows to deliver tailored services to end users, such as fire-walling and traffic inspection, as well as load balancing. In this project we look at the suitability of using segment routing to deliver the traffic to the NVFs. The project is carried out at SURFnet and it will use virtual and physical testbed for the validation of the concept.
Marijke Kaat <marijke.kaat=>surfnet.nl>
Eyle Brinkhuis <eyle.brinkhuis=>surfnet.nl>

Ronald van der Gaag <rgaag=>os3.nl>
Mike Slotboom <mslotboom=>os3.nl>
R

P
1
20

Network Peering Dashboard for SURFnet.

SURFnet is the National Research and Education network and we among other services provide internet connectivity to research and higher education in the Netherlands. To do this in the best way we can we need tooling that enables us to get a good oversight of our external connectivity and all our peers.

The student we are looking for would help us implement and build a peering dashboard and have this dashboard interact with external information sources (such as http://peeringdb.com), our ticketing tool and our automation environment.

Research questions include what information should be presented in this tool that helps SURFnet provide the best external connectivity. Is there a way to propose peers available at the IXs SURFnet connects to that aren't peering yet. How to have an as redundant as possible setup, can a tool propose additional peers for the best redundancy.
Jac Kloots <jac.kloots=>surfnet.nl>
Marijke Kaat <marijke.kaat=>surfnet.nl>

David Garay; <david.garay=>os3.nl>
R

P
1
22

Next generation Wi-Fi.

Summary:
The next generation of Wi-Fi is the IEEE 802.11ax standard, also known as Wi-Fi 6. Key features introduced in order to achieve an increase in throughput and efficiency are OFDMA (Orthogonal Frequency-Division Multiple Access), MU-MIMO (Multi-User Multiple-Input and Multiple-Output), and higher modulation schemes such as 1024-QAM (Quadrature Amplitude Modulation).
 
This project aims to build a framework to test the physical layer of the IEEE 802.11ax standard. The first step is to build the test setup shown in the picture below and subsequently automate the tests using MATLAB. The setup will be built in the Faraday room in Schiphol-Rijk.

This research subject is not only building the setup, but also performing the measurements in order to address the following research questions regarding the key features introduced with IEEE 802.11ax:
·        What is the benefit of introducing 1024QAM modulation compared to 256QAM in terms of throughput?
·        What is the impact of introducing OFDMA by increasing the number of clients compared to the theoretical performance simulations (for example the MATLAB 802.11ax downlink OFDMA throughput simulation)?
 
We have 802.11ax reference boards for multiple vendors, the required MATLAB licenses, a spectrum analyser capable of capturing 160MHz, as well as a RF shielded room available in Schiphol-Rijk.
Jan-Willem van Bloem <jvanbloem=>libertyglobal.com>
Arjan van der Vegt <avdvegt=>libertyglobal.com>

Daan Weller <Daan.Weller=>os3.nl>
Raoul Dijksman <Raoul.Dijksman=)os3.nl>
R

P
2
24

Investigation of security on Chinese smartwatches.

Smartwatches are an unknown area in information risk. They are an additional display for certain sensitive data (i.e. executive mail, calendars and other notifications), but are not necessarily covered by organizations' existing mobile security products. In addition, it is often much easier to steal a watch than it is to steal a phone. What is the data that gets 'left behind' on smartwatches in case of theft, and what information risks do they pose?
Alex Stavroulakis <Stavroulakis.Alex=>kpmg.nl>
Kasper van Brakel <kbrakel=>os3.nl>
R Witsenburg <renee.witsenburg=>os3.nl>
R

P
1
25

WhatsApp End-to-End Encryption: Are Our Messages Private?

WhatsApp has recently switched to using the Signal protocol for their messaging, which should provide greatly enhanced security and privacy over their earlier, non end-to-end encrypted propietary protocol. Of course, since WhatsApp is closed source, one has to trust WhatsApp to actually use this Signal protocol, since one cannot review the source code. What other (automated) methods are there to verify that WhatsApp actually employs this protocol? This research is about reverse engineering Android and/or iOS apps.;
Alex Stavroulakis <Stavroulakis.Alex=>kpmg.nl>
Pavlos Lontorfos <Pavlos.Lontorfos=>os3.nl>
Tom Carpaij <tcarpaij=>os3.nl>
R

P
1
27

Probabilistic password recognition.

Password authentication is still a very popular way of authenticating users. When a law-enforcement agency seizes the hard drive of a suspect, they have a small window of time to gather evidence from it to extend pre-trial detention. Because of the large amount of data, automated tools can be useful to scan a drive for interesting files. Files containing passwords are especially interesting because they can provide access to extra data. This research focuses on the probability that a certain input string is a password. There has been a lot of research on the strength of passwords [1][2][3] but little to no research has been done on the probability that a string could be a password.
In theory, every string that holds to the requirements of the system enforcing the passwords, could be a password. Because of this, there is no way to know for sure whether a string is a password or not. Because of this, the purpose of this research is to get to a probability that a string is a password.
The main question for this research is:
  • How can software calculate the probability of an input string being a password?
The research question can be divided into multiple sub- questions:
  1. What characteristics differentiate a password from ’regular’ text?
  2. How can these characteristics be used to come to an algorithm that defines a probability of a string being a password?
Zeno Geradts <Z.J.M.H.Geradts=>uva.nl>

Tiko Huizinga <tiko.huizinga=>os3.nl>
R

P
1
28

The development of a contained and user emulated malware assessment platform.

Using common tools such as Puppet, Docker or other mass-deployment solutions create a Windows and Linux blended solution that enables the automatic creation of a virtualized test lab for the evaluation of a potential malware across multiple Antivirus (A/V) products concurrently and securely. This does not involve analysis of the potential malware in a sandbox such as Cuckoo sandbox but the evaluation of an executable across multiple free and commercial A/V products.

Area of expertise: Red Teaming Operations
Vincent van Mieghem <vvanmieghem=>deloitte.nl>
Henri Hambartsumyan <HHambartsumyan=>deloitte.nl>

Siebe Hodzelmans <siebe.hodzelmans=>os3.nl>
Frank Potter <Frank.Potter=>os3.nl>
R

P
1
29

Analysis of potential threats that jeopardize the availability of SURFwireless.

Since 2016 SURFnet offers Wi-Fi as a service. This includes the tender process, Wi-Fi measurements, planning the location of the access points, maintenance, monitoring, and the security of the Wi-Fi network. The goal of this research project is to investigate whether Wireless intrusion prevention systems can be used to protect the Wi-Fi network of SURF against well known attacks like rogue access points, mitigation, encryption cracking and what measures can SURF take against these kind of attacks.

Request questions:
  • Which common Wi-Fi attacks can be used to threaten SURFwireless?
  • How can SURFNET detect that the availability of the SURFwireless service is under threat and estimate its impact?
  • What measures can SURFnet take to improve the availability of SURFwireless?
Frans Panken <frans.panken=>surfnet.nl>

Kasper van Brakel <Kasper.vanBrakel=>os3.nl>
R

P
2
30

Measuring end-to-end latency with P4 and INT.

The UvA is collaborating with SURFnet, UTwente and SIDN to create a P4 nationwide experimental environment, as part of the 2STiC initiative. In this project we want to investigate how to use INT (In-band Network Telemetry) specification in a distributed P4 (www.p4.org <http://www.p4.org>) testbed. See for additional information on INT and P4: https://p4.org/assets/INT-current-spec.pdf

The specific usecase we consider is flow measurements, namely end-to-end latency and throughput over time. The research will address the following challenges:
  • The specification does not prescribe where the INT tag should be inserted in the packets. We will determine the most suitable design for tag INT tag insertion as function of the considered usecase.
  • We will investigate the role and the optimal behavior of the INT sinks, ie the elements that extract the information from the packets.
  • We will develop an initial implementation and evaluate its performance in the testbed.
Joseph Hill <j.d.hill=>uva.nl>
Paola Grosso <p.grosso=>uva.nl>

Siebe Hodzelmans <siebe.hodzelmans=>os3.nl>
R

P
2
31

Scaling the configuration of AMS-IX Route Servers.

The route servers are a vital part of an IXP ecosystem, a central component that allows the exchange of prefixes between IXP peers without establishing hundreds of BGP sessions. In AMS-IX, with more than 700 established peers and 350.000 prefixes, the configuration of the Route Servers becomes harder and the current toolset has reached its scalability limitations. While these numbers grow significantly year by year, the demand for a new framework that can push configuration in a more scalable approach becomes more critical. The new framework should use modern tools like container technology and python templates with the Large Installation & Administration techniques in order to cover our engineering needs. At the same time, the solution should cover the customer requirements for fast re-configuration, integrity and accuracy. The background knowledge fields that are required for this project are the Networking track of OS3 and especially the BGP protocol, the system engineering and virtualisation technologies, which will be glued together with LIA techniques and Python scripting. We advice the assignment of 2 students as we require a small PoC in the given timeframe.
Stavros Konstantaras <stavros.konstantaras=>ams-ix.net>

David Garay <David.Garay=>os3.nl>
R

P
2
38

IoT DOS prevention and corporate responsibility.

The Dyn DOS attacks shows a fundamental problem in internet connected devices. Huge swathes of unpatched and improperly configured devices with access to high bandwidth are misused to bring down inter; What technical prevention and detection methods can organizations employ to make sure that they are not a contributor to this problem? And what can they do once it does appear they are inadvertently contributing to this problem? This would focus on literary research combining research in DoS prevention, asset management, patch management and network monitoring.
Alex Stavroulakis <Stavroulakis.Alex=>kpmg.nl>

Swann Scholtes <Swann.Scholtes=>os3.nl>
R

P
2
39

Using machine learning in network traffic analysis for penetration testing auditability.

The goal of this project is to train a model to recognize different types of traffic correlating to different actions a pentester executes. Examples of these actions are running different types of portscans, directory or password brute force attacks, creating a reverse TCP shell and more. By evaluating the accuracy of this model, we hope to gain insight in whether this approach would be useful for pentesting auditability. The research question we want to answer is as follows:
  • How reliable is using machine learning in network traffic classification for pentesting auditability?
Alex Stavroulakis <Stavroulakis.Alex=>kpmg.nl>
Tiko Huizinga <Tiko.Huizinga=>os3.nl>
R

P
2
41

Security evaluation of glucose monitoring applications for Android smartphones.

With the “recent” health trend of fitness apps and hardware such as fitbits, combined with the /need/ to share results with friends, family and the world through facebook, runkeeper, strava and other sites we have entered into an era of potential cyber unhealthiness. What potentially valuable information could be retrieved from the web or through bluetooth about people to influence health insurance rates of individuals? Note: this is a broad question, and it is up to the student to choose his/her own liking (e.g. focus on bluetooth security of fitbits/mi’s; identification of individuals through strava/runkeeper posts; quantifying the public sharing of health information; etc. etc.).
Ruud Verbij <Verbij.Ruud=>kpmg.nl>

Roy Vermeulen <rvermeulen=>os3.nl>
Edgar Bohte <ebohte=>os3.nl>
R

P
1
44

Analyzing Bluetooth Low Energy Using Software Defined  Radio.

Within the current market one can observe a growth in the use of Bluetooth Low Energy devices (Statista 2017). Given that  the  HCI  layer  of  the  Bluetooth  protocol  abstracts  the Bluetooth traffic from the operating system. One would not be able to analyze the Bluetooth traffic within a piconet using consumer grade Bluetooth chips because of this abstraction.

However, in 2011 Micheal Ossman presented the Ubertooth One a hardware platform intended for Bluetooth development and analysis. With the release of the Ubertooth One the abstraction introduced by the HCI layer has been removed and one can directly analyze the Bluetooth traffic during transit in the air. The Ubertooth One and similar hardware platforms create a new challenge because one has to know the sequence used  with  direct-sequence  spread  spectrum  (DSSS)  to  be able to follow the connection real time. In this research we will  attempt  to  listen  to  all  the  40  Bluetooth  Low  Energy Channels  at  once  by  making  use  of  an  Universal  Software Radio  Peripheral  (USRP)  and  try  to  inject  Bluetooth  Low Energy packets in an existing piconet using an USRP.
Hidde-Jan Jongsma <hidde-jan.jongsma=>tno.nl>

Vincent Breider <vincent.breider=>os3.nl>
MS <ms=>os3.nl>
R

P
2
55

Enhanced distributed data access on a large scale with NDN and PIDs.

The objective is to use the NDN-as-a-service to prototype the SeaDataCloud use case.

The research structure in the project will be as follows:
  • Assume there will be different number of digital object providers
  • Assume we know the potential distribution of the users
  • How can we
    1. plan a NDN network, routers, etc.,
    2. deploy them on cloud,
    3. demonstrate their usage,
    4. benchmark the performance.
Zhiming Zhao <z.zhao=>uva.nl>

Kees de Jong <kees.dejong=>os3.nl>
Anas Younis <anas.younis=>os3.nl>
R

P
2
57

A Deep Dive into the Dark Web.

Description:

Every now and then you encounter claims that the 'surface' web is about 4% of the internet and the deep web is about 96% of the internet. Many 'infographs' are made to illustrate this, and it is a popular believe, see:
<https://www.google.nl/search?q=surface+web+4%25+deep+web+96%26&source=lnms&tbm=isch&sa=X&ved=0ahUKEwjLp8e_nNTWAhVFU1AKHdmJDVoQ_AUICigB&biw=1689&bih=922 >.

However, these claims seem to originate from a white paper released in 2001 with the following claims <https://quod.lib.umich.edu/cgi/t/text/text-idx?c=jep;view=text;rgn=main;idno=3336451.0007.104>:
  • Public information on the deep Web is currently 400 to 550 times larger than the commonly defined World Wide Web.
  • The deep Web contains 7,500 terabytes of information compared to nineteen terabytes of information in the surface Web.
The goal of this research project is to determine how large the dark web currently is either in absolute size or compared to the 'surface' web. Other focus points can be regarding different definitions of 'surface', 'dark' and 'deep' web, and how the size, popularity and/or definition of the dark web has developed itself since 2001.
Stijn van Winsen <vanWinsen.Stijn=>kpmg.nl>
Soufiane el Aissaoui <elAissaoui.Soufiane=>kpmg.nl>

Coen Schuijt <Coen.Schuijt=>os3.nl>
R

P
1
59

Client-side Attacks on the LastPass Browser Extension.

Tools exist for the extraction of credentials for certain popular password managers (such as KeePass 2.x, the Chrome password manager, etc.). During redteam projects where a cyber attack is simulated, we make use of tooling that can extract credentials from memory (e.g. KeeThief for KeePass 2.x).
;
However, similar tooling appears to be missing for older KeePass 1.x databases and other popular password managers including PasswordSafe, 1Password and LastPass. We are looking to investigate which protection mechanisms these password managers employ, and whether it is possible to extract credentials in the same way. Both solutions for offline usage and online usage are of interest (especially if a desktop client is available).
Cedric Van Bockhaven <cvanbockhaven=>deloitte.nl>

Derk Barten <Derk.Barten=>os3.nl>
R

P
1
61

Bypassing Phishing Mail Filters (cont'd).

Email phishing is currently one of the most problematic threats in network security. By sending out emails that may be very similar to legitimate ones, attackers aim to harvest information by making users believe that they are communicating with a trusted entity. Although many techniques exist[3] to prevent phishing emails from reaching end users, studies[1] show that a lot of these techniques lack efficiency, are costly and too complex to be used in large environments or are simply not used. As Ammar Almomani et al. stated in their survey[1], the main technical approaches to counter email phishing are content analysis, network-level protection and authentication. The objective of this study is to examine which mechanisms are effectively used by spam filters against phishing attacks at a net- work and protocol level, and to determine how to bypass these mechanisms.

The main research question of this study is defined as follows:

;;; Which network and authentication aspects of phishing emails can be modified in order to bypass common spam filters?

In order to answer our main research question, we will have to answer a number of sub-questions:

;;; What network level protections and authentication mechanisms are com- monly used to prevent phishing attacks?
;;; Which of these protections can be found in spam filters?
;;; How efficient are these solutions?
;;; How efficient is reputation-based email filtering?

[1] Ammar Almomani et al. “A survey of phishing email filtering techniques”. In: IEEE communications surveys & tutorials 15.4 (2013), pp. 2070–2090.

[3] Ian Fette, Norman Sadeh, and Anthony Tomasic. “Learning to detect phishing emails”. In: Proceedings of the 16th international conference on World Wide Web. ACM. 2007, pp. 649–656.
Alex Stavroulakis <Stavroulakis.Alex=>kpmg.nl>
Marat Nigmatullin <Nigmatullin.Marat=>kpmg.nl>
Adrien Raulot <Adrien.Raulot=>os3.nl>
R

P
2
62

Characterization of a Cortex-M4 microcontroller with backside optical fault injection.

Riscure produces fault injection tooling. This includes lasers that are used to alter the intended behaviour of chips. The goal of this project is to analyze the effectiveness of one of our newer lasers on embedded systems. During this project you will characterize the impact of this laser on the intended behaviour of the targeted chip.
Niek Timmers <Timmers=>riscure.com>

Jasper Hupkens <jasper.hupkens=>os3.nl> Dominika Rusek <dominika.rusek=>os3.nl>
R

P
1
63

Invisible Internet Project - I2P.

Anonymity networks, such as Tor or I2P, were built to allow users to access network resources without revealing their identity [1,2]. This project will be aimed at theoretical research into existing attacks and how they hold up given I2P updates and current network size [3,4,5]. The fact that only little is known about the i2p network and due to its potential for future growth and public perception of it being the most secure solution compared to Tor and Freenet [6], results in our research questions:

  1. What are possible attacks against the I2P network?
  2. What is the feasibility of such attacks?

In this research, we will present a number of possible attacks against the i2p network. Specifically, the attacks that are able to deanonymize the i2p users and reveal their identities. We will be researching from the theoretical point of these attacks, and propose a mitigation mechanisms against them. Should time and ethical considerations allow, a proof of concept can supplement the research.

Ethical Consideration:

During our research, we will be looking on the i2p network and the way it works. In addition to that, we will be looking at the possible attacks from a theoretical point of view. To get a better understanding of the network, we may need to do some practical reconnaissance. However, this will be mostly passive in nature and no attack shall be attempted against the live I2P network. Therefore, we do not see ethical issues where any confidential or personal data might leak.

Some related work:

  1. https://www.cs.ucsb.edu/~chris/research/doc/raid13_i2p.pdf
  2. https://static.siccegge.de/pdfs/bachelor-thesis.pdf
  3. https://www.dailydot.com/debug/tor-freenet-i2p-anonymous-network/
  4. https://hal.inria.fr/file/index/docid/653136/filename/RR-7844.pdf
  5. https://geti2p.net/en/comparison/tor
  6. https://www.tandfonline.com/doi/full/10.1080/21642583.2017.1331770
  7. https://hal.inria.fr/hal-01238453/file/I2P-design-vs-performance-security.pdf

See also: http://www.dcssproject.net/i2p/

Henri Hambartsumyan <HHambartsumyan=>deloitte.nl>
Vincent van Mieghem <vvanmieghem=>deloitte.nl>
Fons Mijnen <fmijnen=>deloitte.nl>

Vincent Breider <vincent.breider=>os3.nl>
Tim de Boer <tim.deboer=>os3.nl>
R

P
1
64

A Comparative Security Evaluation for IPv4 and IPv6 Addresses.

We currently move to ever-greater deployment rates of IPv6. However, comparative IPv4 and IPv6 security evaluations in the past have shown that the security state of multihomed systems is often worse via IPv6 than via IPv4. In this research project, you will build an Internet measurement setup that identifies IPv4/IPv6 multihomed systems and measures their security state for IPv4 and IPv6 correspondingly. The scientific contribution of your work will then be in the evaluation and analysis of the collected data, especially in the context of prior work.

Suggested reading: Czyz, J., Luckie, M.J., Allman, M. and Bailey, M., 2016, February. Don't Forget to Lock the Back Door! A Characterization of IPv6 Network Security Policy. In NDSS.
Tobias Fiebig <T.Fiebig=>tudelft.nl>

Erik Lamers <erik.lamers=>os3.nl>
Vincent van der Eijk <Vincent.vanderEijk=>os3.nl>
R

P
1
66

Static Code Analysis on Network Performance: Detecting unoptimized usage of networking code.

Static code analysis tools are nowadays mainly used to detect bugs and unoptimized code. With the vast majority of applications utilizing networking to either bringing in patches, or are intensively receiving small updates from servers (such as games). This part tends to be analyzed manually using internal debugging tools. The potential difficulty here is that the manual inspection can leave out opportunities to overflow either the client or server (or both) with unnecessary data, or by having unoptimized bundled messages that could lead to lots of unnecessary overhead. These issues could lead to major consequences in production, such as server downtime, severe latency or corruption of data if unattended.

This is a relatively new field, where static code analysis currently utilize machine learning in order to find bugs and unoptimized usage in code, rather than analyzing potential networking performance. In this research, the possibility of detecting networking performance flaws is investigated. The possibility of functionality in the static code causing a Denial of Service (DoS) or unnecessary overhead will be investigated, as well as the possibility to give suggestions on how to optimize it instead. The following main research question is defined as follows:
  • Is it possible to create a tool to analyze static code to detect potential network performance issues?.
Two sub questions were derived from this question:
  1. How can network performance issues be defined, so that it can be detected?
  2. How can you identify network performance issues in various scales of code bases in an efficient way?
Wouter van Dongen <wouter.vandongen@dongit.nl>

Ivar Slotboom <ivar.slotboom@os3.nl>
R

P
1
74

Calculating metadata propagation time within eduGAIN.

Mesh identity federations and the eduGAIN Interfederation Service build their trust on the exchange of SAML metadata to limit the audience to known actors. Responding to security threats, key rollover or even updates to service configuration can be achieved with changes in metadata configuration of a service (SP) or identity provider (IdP). The time that it takes for a configuration to flow from the IdP/SP to their home federation, via inter federations services such as eduGAIN, and on to other IdPs/SPs is important to ensure consistent configuration throughout the environment. The research question is:
  • What is {best,worst,average} the propagation time of metadata throughout SAML identity federations?
Additional sub-questions that could be explored:
  • Can manual vs automatic metadata updates be detected by looking at metadata propagation times?
  • What levels of cohesion within federations, and what bilateral agreement can be exposed by looking at metadata exchange?
  • Can clashing versions of metadata be detected via external assessment of metadata exchange?
Brook Schofield <brook.schofield=>geant.org>

Marcel den Reijer <Marcel.denReijer=>os3.nl>
R

P
2
76

Investigation of Graphene and Intel SGX.

Intel SGX offers new instructions for Intel CPUs that allow you to have a “secure enclave” in which code can be run in a compartmentalized fashion (that should be secure even if the main OS compromised). This project could look into how SGX can be used to save e.g. documents safely so even the admin can’t access them, and what pitfalls could be of the system.
Gijs Hollestelle <ghollestelle=>deloitte.nl>

Robin Klusman <robin.klusman=>os3.nl>
Derk Barten <derk.barten=>os3.nl>
R

P
2
79

Development of a tool to delete Kerberos tickets of prior logon sessions from Windows memory.

Industrial Control System research.

Windows saves all credentials entered into it since boot. Because ICS systems need a near 100% availability, a reboot of the machine is not possible to clear the memory of the credentials. Therefore, the main question that will be answered during this research project is:
  • How can Kerberos credentials be completely purged out of memory without rebooting the system?
To answer this question, we will investigate the following sub-questions:
  1. Where does the lsass.exe process write its Kerberos credentials in memory, or where does it read Kerberos credentials from?
  2. How does the ’klist purge’ command remove Kerberos credentials?
  3. How does Mimikatz read out Kerberos credentials from memory?
  4. How can the process of completely overwriting Kerberos credentials in memory be automated?
Dima van de Wouw <dvandewouw=>deloitte.nl>

Nick Offerman <Nick.Offerman=>os3.nl>
Steffan Roobol <steffan.roobol=>os3.nl>
R

P
1

Presentations-rp2

I hereby would like to invite you to the annual RP2 presentations, where the SNE students will be presenting their research.
Considering the wide variety of presentations the day promises to be very interesting and we hope you will join us.
Program (Printer friendly version: HTML, PDF): The event is on Thursday July 4, 2019.
Thursday July 4, 2019, Auditorium H0.008, FNWI, Sciencepark 904, Amsterdam.
Time D #RP Title Name(s) LOC RP #stds
10h00

Welcome, introduction. Cees de Laat


10h00 25 22
Next generation Wi-Fi.
Daan Weller, Raoul Dijksman LibertyGlobal 2
2
10h25 25 44
Analyzing Bluetooth Low Energy Using Software Defined Radio.
Vincent Breider, M. S. TNO 2
2
10h50 20
break



11h10 25 76
Investigation of Graphene and Intel SGX.
Robin Klusman, Derk Barten DeLoitte 2
2
11h35 25 79 Development of a tool to delete Kerberos tickets of prior logon sessions from Windows memory.
Nick Offerman, Steffan Roobol DeLoitte 1
2
12h00

Lunch




13h10 20 29 Analysis of potential threats that jeopardize the availability of SURFwireless. Kasper van Brakel SURFnet 2
1
13h30 20 74
Calculating metadata propagation time within eduGAIN.
Marcel den Reijer GEANT 2
1
13h50 20 66
Static Code Analysis on Network Performance: Detecting unoptimized usage of networking code.
Ivar Slotboom dongit 2
1
14h10 20
break



14h30 25 55 Enhanced distributed data access on a large scale with NDN and PIDs.
Kees de Jong, Anas Younis UvA 2
2
14h55 20 30 Measuring end-to-end latency with P4 and INT.
Siebe Hodzelmans UvA 2
1
15h15 20
break



15h35 20 31 Scaling the configuration of AMS-IX Route Servers.
David Garay Ams-IX 2
1
16h00 20 39 Using machine learning in network traffic analysis for penetration testing auditability. Tiko Huizinga KPMG 2
1
16h20

End




Presentations-rp1

Program (Printer friendly version: HTML, PDF.
(all presentations are 20 minutes for single and 25 minutes for pairs of students, yellow = requested specific day/time.)
Monday feb 4th 2019, 15h05 - 17h00 in B.1.23 at Science Park 904 NL-1098XH Amsterdam
Time D #RP Title Name(s) LOC
RP #stds
15h05

Welcome, introduction. Staff


15h10 20 72
How To Reduce The Risk Of Email Data Breaches. Nick Offerman minvenj 1
1
15h30 20 59
Credential extraction of in-memory password managers. Derk Barten deloitte 1
1
15h50 20
break



16h10 25 28
The development of a contained and user emulated
malware assessment platform
Siebe Hodzelmans, Frank Potter deloitte 1
2
16h35 25 63
Invisible Internet Project - I2P. Vincent Breider, Tim de Boer deloitte 1
2
1700

End




Tuesday feb 5th 2019, 10h00 - 17h00 in room B1.23 at Science Park 904 NL-1098XH Amsterdam.
Time D #RP Title Name(s) LOC RP #stds
10h00

Welcome, introduction. Cees de Laat


10h00 25 64 A Comparative Security Evaluation for IPv4 and IPv6 Addresses. Erik Lamers, Vincent van der Eijk tudelft 1
2
10h25
25 62
Characterization of a Cortex-M4 microcontroller with backside optical fault injection. Jasper Hupkens, Dominika Rusek riscure 1
2
10h50 20
bio/coffee break



11h10 25 27
Password Classification. Tiko Huizinga NFI
1
1
11h35 25 4
ABlockchain's Relationship with Sovrin for Digital Self-Sovereign Identities. Daan Weller, Raoul Dijksman TNO
1
2
12h00

Lunch



13h00 25 41
Security of diabetes monitoring apps. Roy Vermeulen, Edgar Bohte kpmg 1
2
13h25 25 24
Forensic investigation of Chinese smartwatches. Kasper van Brakel, Renee Witsenburg kpmg 1
2
13h50 20 57 A Deep Dive into the Dark Web. Coen Schuijt kpmg 1
1
14h10 20
bio/tea/coffee break



14h30 25 25
WhatsApp End-to-End Encryption: Are Our Messages Private? Pavlos Lontorfos, Tom Carpaij kpmg 1
2
14h55 25 12
Technical feasibility of Segment Routing Traffic Engineering to steer traffic through VNFs. Ronald van der Gaag, Mike Slotboom SURFnet
1
2
15h20 20
20
Network Peering Dashboard for SURFnet. David Garay SURFnet 1
1
15h40

End





Out of normal schedule presentations: Room B1.23at Science Park 904 NL-1098XH Amsterdam. Program:
Date Time Place D #RP Title Name(s) LOC RP #stds
2018-10-15
13h00
B1.23 30 1
End-to-end automated email component testing.
Isaac Klop, Kevin Csuka NLnet
2
2
2018-11-13
14h00
B1.23 20 61
Bypassing Phishing Protections.
Adrien Raulot
KPMG
2
1
2019-02-26
13h00
B1.23 20 11
Network Functions Virtualization and Security. Rik Janssen SURFnet 2
1
2019-06-07
15h30
B1.23 20
38
IoT DOS prevention and corporate responsibility. Swann Scholtes KPMG 2
1