Student projects
If you are a TU/e honors student and want to work on malware/IoT devices security/Security monitoring contact me.
Courses
Offensive Computer Security (OCS)
This is an introductory course on hacking, with a focus on computer networks and software. The full course will revolve around the idea that (most) mechanisms can be illegitimately misused to obtain (some level of) a desired behaviour; this is the very essence of computer security. We will explore network protocols and the implied trust relations they operate upon; we will look at software vulnerabilities and at how they can emerge from software code; we will look at exploit testing and automated attack frameworks; we will look at penetration testing and advanced networked attacks.
Intrusion Detection Laboratory (IDL)
The goal of this course is to provide students with a platform to get in-depth, hands-on experience on all three of the building blocks of cyber security monitoring: network-based, host-based and log-based intrusion detection. To do so, the course is not focused on front classes but rather adopts a reverse classroom setup: the course will start by providing students with material covering practical and theoretical elements of security monitoring and additional material and pointers covering all three pillars, and their relationship. The students will then form groups, and will be able to choose one of the building blocks to explore in depth by developing a fully-fledged laboratory activity for the other students of the course to attend. These lab activities will require the analysis of realistic threat scenarios and systems with the goal of developing effective detection techniques accounting for the specificities of the proposed scenario. These laboratory activities will then be run and coordinated, in class, by the very students that developed them. The development and delivery of these lab sessions in class is also the final examination of the course for the group of students handling it, and it is therefore obligatory.
For details contact me.
Cyber-attacks, Crime, and Defenses (CCD)
This course covers attack phases, APTs, and cybercrime operations. Jointly with Sandro Etalle.