The Systems and Network Security Group is lead by prof. dr. ir. Herbert Bos and deals with all aspects of system-level security. It is active in the areas of attack detection, exploitation, binary and malware analysis, software hardening, and reverse engineering. It is active in the areas of attack detection, binary and malware analysis, and reverse engineering. Our work on reverse engineering is partially funded by an ERC Starting Grant for the Rosetta project .
The group’s focus is on “research that matters”, by which we mean research that has impact either on the research community, or on society as whole. The group has won and/or supervised four ACM SIGOPS Roger Needham Ph.D. Awards for best Ph.D. thesis in Europe, as well as the 2014 award for the best cyber security paper coming from the Netherlands. Our research is funded by a mix of national and European funding, including ERC and VICI grants. In addition, we played active roles in high-profile botnet takedowns, co-authored the national cyber security research agenda, and actively particpated in the public debate on how to fight cybercrime.
Moreover, the group has spawned several popular software systems like:
– ArgosĀ is a full and secure system emulator designed for use in honeypots. It is based on Qemu, an open source emulator that uses dynamic translation to achieve a fairly good emulation speed.
– MinemuĀ is a minimal and very fast emulator for dynamic taint analysis at process-level. Dynamic taint analysis is a very effective way of detecting and defending against memory corruption attacks, yet large performance penalties prevent its widespread use.
