Publications

all conference and journal articles technical reports articles in Dutch some of my talks

Selected publications

*
(OSDI'2004) FFPF: Fairly Fast Packet Filters [PDF][HTML version] [Bibtex]
*
(ACM TOCS'11) Application-tailored I/O with Streamline [PDF] (also available here) [Bibtex]
*
(Security & Privacy (Oakland), 2016) Dedup Est Machina: Memory Deduplication as an Advanced Exploitation Vector [PDF] [Bibtex]
*
(Security & Privacy (Oakland), 2016) A Tough Call: Mitigating Advanced Code-Reuse Attacks At The Binary Level [PDF] [Bibtex]
*
(Security & Privacy (Oakland), 2014) Framing Signals -- A Return to Portable Exploits. [PDF] (Best Student Paper Award!) [Bibtex]
*
(Security & Privacy (Oakland), 2014) Out Of Control: Overcoming Control-Flow Integrity [PDF] [Bibtex]
*
(Security & Privacy (Oakland) 2013) P2PWNED --- Modeling and Evaluating the Resilience of Peer-to-Peer Botnets [PDF] [Bibtex]
*
(Security & Privacy (Oakland) 2012) Prudent Practices for Designing Malware Experiments: Status Quo and Outlook [PDF] [Bibtex]
*
(USENIX Security 2016) Flip Feng Shui: Hammering a Needle in the Software Stack [PDF] [Bibtex]
*
(USENIX Security 2016) An In-Depth Analysis of Disassembly on Full-Scale x86/x64 Binaries [PDF] [Bibtex]
*
(USENIX Security 2016) Poking Holes in Information Hiding [PDF] [Bibtex]
*
(USENIX Security 2016) Undermining Entropy-based Information Hiding (And What To Do About It) [PDF] [Bibtex]
*
(USENIX Security 2014) Size does matter: Why Using Gadget-Chain Length to Prevent Code-Reuse Attacks is Hard [PDF] [Bibtex]
*
(USENIX Security 2013) Dowsing for overflows: A guided fuzzer to find buffer boundary violations [PDF] [Bibtex]
*
(USENIX 2013) When Slower is Faster: On Heterogeneous Multicores for Reliable Systems [PDF] [Bibtex]
*
(USENIX 2012) Body Armor for Binaries: preventing buffer overflows without recompilation [PDF] [Bibtex]
* (NDSS, 2017)ASLR on the Line: Practical Cache Attacks on the MMU[PDF] [Bibtex -- see VUSec.net]
* (NDSS, 2017)VUzzer: Application-aware Evolutionary Fuzzing[PDF]>[Bibtex -- see VUSec.net]
* (NDSS, 2017)SafeInit: Comprehensive and Practical Mitigation of Uninitialized Read Vulnerabilities[PDF][Bibtex -- see VUSec.net]
* (NDSS, 2017)MARX: Uncovering Class Hierarchies in C++ Programs[PDF][Bibtex -- see VUSec.net]
*
(NDSS, 2015) StackArmor: Comprehensive Protection from Stack-based Memory Error Vulnerabilities for Binaries [PDF] [Bibtex]
* (NDSS, 2011) [PDF] Howard: a dynamic excavator for reverse engineering data structures [Bibtex]
*
(CCS 2016) Drammer: Deterministic Rowhammer Attacks on Commodity Mobile Platforms [PDF] [Bibtex]
*
(CCS 2016) TypeSanitizer: Practical Type Confusion Detection [PDF] [Bibtex]
*
(CCS 2015) Practical Context-Sensitive CFI [PDF] [Bibtex]
*
(ACM SIGOPS EUROSYS 2006) Argos: an Emulator for Fingerprinting Zero-Day Attacks [PDF] [Bibtex]
*
(ACM SIGOPS EUROSYS 2008) Eudaemon: Involuntary and On-Demand Emulation Against Zero-Day Exploits [PDF] [Bibtex]
*
(ACM SIGOPS EUROSYS 2009) Pointless tainting? Evaluating the practicality of pointer tainting [PDF] [Bibtex]
* (ACM SIGOPS EUROSYS 2017)No Need to Hide: Protecting Safe Regions on Commodity Hardware[PDF][Bibtex -- see VUSec.net]
* (IEEE EUROS&P 2017)Compiler-Agnostic Function Detection in Binaries[PDF] [Bibtex -- see VUSec.net]
* (IEEE EUROS&P 2017)CodeArmor: Virtualizing the Code Space to Counter Disclosure Attacks[PDF] [Bibtex -- see VUSec.net]
*
(IEEE COMPUTER 2006) Can We Make Operating Systems Reliable and Secure? [Bibtex]
* (DSN'17)Towards Automated Discovery of Crash-Resistant Primitives in Binaries[PDF] [Bibtex -- see VUSec.net]
*
(DSN'16) OSIRIS: Efficient and Consistent Recovery of Compartmentalized Operating Systems [PDF] [Bibtex]
*
(DSN'16) Secure and Efficient Multi-variant Execution Using Hardware-assisted Process Virtualization [PDF] [Bibtex]
*
(DSN'15) Parallax: Implicit Code Integrity Verification Using Return-Oriented Programming [PDF] [Bibtex]
*
(DSN'15) Lightweight Memory Checkpointing [PDF] [Bibtex]
*
(DSN'12) Keep Net Working - On a Dependable and Fast Networking Stack[PDF] [Bibtex]
*
(DSN'09) Isolating Faulty Device Drivers[PDF] [Bibtex]
*
(DSN'07) Failure Resilience for Device Drivers[PDF] [Bibtex]

Publications (conferences + journals) by year

2017

*
ASLR on the Line: Practical Cache Attacks on the MMU[PDF]
NDSS, February, 2017.
[Bibtex -- see VUSec.net]

*
VUzzer: Application-aware Evolutionary Fuzzing[PDF]
NDSS, February, 2017.
[Bibtex -- see VUSec.net]

*
SafeInit: Comprehensive and Practical Mitigation of Uninitialized Read Vulnerabilities[PDF]
NDSS, February, 2017.
[Bibtex -- see VUSec.net]

*
MARX: Uncovering Class Hierarchies in C++ Programs[PDF]
NDSS, February, 2017.
[Bibtex -- see VUSec.net]

*
Compiler-Agnostic Function Detection in Binaries[PDF]
EuroS&P, April, 2017 (Best Paper!) [Bibtex -- see VUSec.net]

*
CodeArmor: Virtualizing the Code Space to Counter Disclosure Attacks[PDF]
EuroS&P, April, 2017.
[Bibtex -- see VUSec.net]

*
No Need to Hide: Protecting Safe Regions on Commodity Hardware[PDF]
EuroSys, April, 2017.
[Bibtex -- see VUSec.net]

*
Towards Automated Discovery of Crash-Resistant Primitives in Binaries[PDF]
DSN, June, 2017.
[Bibtex -- see VUSec.net]

*
DSIbin: Identifying Dynamic Data Structures in C/C++ Binaries[PDF]
Proceedings of the IEEE/ACM International Conference on Automated Software Engineering (ASE), Urbana-Champaign, Illinois, USA, October, 2017.
[Bibtex -- see VUSec.net]

*
Fast and Generic Metadata Management with Mid-Fat Pointers[PDF]
EuroSec, Belgrade, Serbia, April, 2017.
[Bibtex -- see VUSec.net]

*
RevAnC: A Framework for Reverse Engineering Hardware Page Table Caches[PDF]
EuroSec, Belgrade, Serbia, April, 2017.
[Bibtex -- see VUSec.net]

*
Off-the-shelf Embedded Devices As Platforms for Security Research[PDF]
EuroSec, Belgrade, Serbia, April, 2017.
[Bibtex -- see VUSec.net]

2016

* Over the Edge: Silently Owning Windows 10's Secure Browser
Black Hat USA
, 2016.
[Bibtex -- see VUSec.net]

* Bypassing Clang's SafeStack for Fun and Profit
Black Hat Europe
, 2016.
[Bibtex -- see VUSec.net]

* Flip Feng Shui: Rowhammering the VM's Isolation
Black Hat Europe
, 2016.
[Bibtex -- see VUSec.net]

* METAlloc: Efficient and Comprehensive Metadata Management for Software Security Hardening
EUROSEC
'2016.
[Bibtex -- see VUSec.net]

* Binary Rejuvenation: Applications and Challenges
IEEE S&P Magazine
2016.
[Bibtex -- see VUSec.net]

* Trade-offs in Automatic Provenance Capture
IPAW
2016.
[Bibtex -- see VUSec.net]

*
A NEaT Design for Reliable and Scalable Network Stacks [PDF]
Co-Next, December13-15 2016, Irvine, California
[Bibtex]

*
Drammer: Deterministic Rowhammer Attacks on Mobile Platforms [PDF]
ACM CCS 2016, Vienna, Austria
[Bibtex]

*
TypeSanitizer: Practical Type Confusion Detection [PDF]
ACM CCS 2016, Vienna, Austria
[Bibtex]

*
Flip Feng Shui: Hammering a Needle in the Software Stack [PDF]
USENIX Security 2016, Austin, TX, USA
[Bibtex]

*
An In-Depth Analysis of Disassembly on Full-Scale x86/x64 Binaries [PDF]
USENIX Security 2016, Austin, TX, USA
[Bibtex]

*
Poking Holes in Information Hiding [PDF]
USENIX Security 2016, Austin, TX, USA
[Bibtex]

*
Undermining Entropy-based Information Hiding (And What To Do About It) [PDF]
USENIX Security 2016, Austin, TX, USA
[Bibtex]

*
Dedup Est Machina: Memory Deduplication as an Advanced Exploitation Vector [PDF]
Security & Privacy 2016, San Jose, CA, USA
[Bibtex]

*
A Tough Call: Mitigating Advanced Code-Reuse Attacks At The Binary Level [PDF]
Security & Privacy 2016, San Jose, CA, USA
[Bibtex]

*
IFuzzer: An Evolutionary Interpreter Fuzzer using Genetic Programming [PDF]
ESORICS 2016, Heraklion, Greece
[Bibtex]

*
OSIRIS: Efficient and Consistent Recovery of Compartmentalized Operating Systems [PDF]
DSN 2016, Toulouse France
[Bibtex]

*
Secure and Efficient Multi-variant Execution Using Hardware-assisted Process Virtualization [PDF]
DSN 2016, Toulouse France
[Bibtex]

*
Peeking into the Past: Efficient Checkpoint-assisted Time-traveling Debugging [PDF]
(ISSRE'16),
[Bibtex]

*
How Anywhere Computing Just Killed Your Phone-Based Two-Factor Authentication [PDF]
Financial Crypto (FC'16),
[Bibtex]

*
Slick: An Intrusion Detection System for Virtualized Storage Devices [PDF]
SAC'16, 31st ACM Symposium
[Bibtex]

2015

*
Practical Context-Sensitive CFI [PDF]
CCS, October 2015, Denver Colorado
[Bibtex]

*
StackArmor: Comprehensive Protection from Stack-based Memory Error Vulnerabilities for Binaries [PDF]
NDSS, 2015, San Diego, CA
[Bibtex]

*
Speculative Memory Checkpointing [PDF]
Middleware, December 2015, Vancouver Canada
[Bibtex]

*
ShrinkWrap: VTable protection without loose ends [PDF]
ACSAC, December 2015, Los Angeles, CA
[Bibtex]

*
PIE: Parser Identification in Embedded Systems [PDF]
ACSAC, December 2015, Los Angeles, CA
[Bibtex]

*
Reliable Recon in Adversarial Peer-to-Peer Botnets [PDF]
IMC, October 2015, Tokyo, Japan
[Bibtex]

*
Parallax: Implicit Code Integrity Verification Using Return-Oriented Programming [PDF]
DSN, June 2015, Rio de Janeiro, Brazil
[Bibtex]

*
Lightweight Memory Checkpointing [PDF]
DSN, June 2015, Rio de Janeiro, Brazil
[Bibtex]

*
The BORG: Nanoprobing Binaries for Buffer Overreads [PDF]
CODASPY, 2015, San Antonio, TX
[Bibtex]

*
"Nice Boots" - A Large-Scale Analysis of Bootkits and New [PDF]
DIMVA, July 2015, Milano, Italy.
[Bibtex]

*
Decoupling Provenance Capture and Analysis from Execution [PDF]
TAPP, July 2015, Edinburgh, Scotland.
[Bibtex]

2014

*
Framing Signals -- A Return to Portable Exploits [Best Student Paper Award]. [PDF]
Security & Privacy (Oakland), 2014, San Jose, CA
[Bibtex]

*
Out Of Control: Overcoming Control-Flow Integrity [PDF]
Security & Privacy (Oakland), 2014, San Jose, CA
[Bibtex]

*
Size does matter: Why Using Gadget-Chain Length to Prevent Code-Reuse Attacks is Hard [PDF]
USENIX Security, 2014, San Jose, CA
[Bibtex]

*
Data structure archaeology: scrape away the dirt and glue back the pieces! (Or: automated techniques to recover split and merged variables) [PDF]
DIMVA, Egham, UK, July 2014.
[Bibtex]

*
On Sockets and System Calls: Minimizing Context Switches for the Socket API [PDF]
TRIOS, Broomfield, CO, October 2014.
[Bibtex]

*
I Sensed It Was You: Authenticating Mobile Users with Sensor-enhanced Keystroke Dynamics [PDF]
DIMVA, Egham, UK, July 2014.
[Bibtex]

*
Instruction-Level Steganography for Covert Trigger-Based Malware [PDF]
DIMVA, extended abstract, Egham, UK, July 2014.
[Bibtex]

*
Scheduling of Multiserver System Components on Over-provisioned Multicore Systems [PDF]
SFMA, Amsterdam, April 2014
[Bibtex]

*
Towards Optimal Scheduling of Multiserver System Components [PDF]
Workshop on Managing Overprovisioned Systems (W-MOS)
[Bibtex]

*
On Measuring the Impact of DDoS Botnets [PDF]
EUROSEC
[Bibtex]

*
Facilitating Trust on Data through Provenance [PDF]
TRUST, June 2014, Heraklion, Greece
[Bibtex]

*
Looking Inside the Black-Box: Capturing Data Provenance Using Dynamic Instrumentation [PDF]
IPAW, June 2014, Cologne, 2014
[Bibtex]

2013

*
Dowsing for overflows: A guided fuzzer to find buffer boundary violations [PDF]
USENIX Security 2013, Washington, DC, August 2013.
[Bibtex]

*
When Slower is Faster: On Heterogeneous Multicores for Reliable Systems [PDF]
USENIX 2013, San Jose, CA, USA, June 2013.
[Bibtex]

*
P2PWNED --- Modeling and Evaluating the Resilience of Peer-to-Peer Botnets [PDF]
Security & Privacy (Oakland), San Francisco, California, May 2013
[Bibtex]

*
Techniques for Efficient In-Memory Checkpointing [PDF]
Topics in Dependable Systems (HotDep), Farmington, PA, Novermber 2013
[Bibtex]

*
MemPick: data structure detection in C/C++ binaries [PDF]
Working Conference on Reverse Engineering (WCRE), Koblenz, Germany, October 2013
[Bibtex]

*
Who allocated my memory? Detecting custom memory allocators in C binaries [PDF]
Working Conference on Reverse Engineering (WCRE), Koblenz, Germany, October 2013 →Best Paper!
[Bibtex]

*
Highly Resilient Peer-to-Peer Botnets Are Here: An Analysis of Gameover Zeus [PDF]
8th International Conference on Malicious and Unwanted Software (MALWARE'2013), Fajardo, Puerto Rico, October 2013.
[Bibtex]

2012

*
Prudent Practices for Designing Malware Experiments: Status Quo and Outlook [PDF]
Security & Privacy (Oakland), San Francisco, California, May 2012
[Bibtex]

*
Memory Errors: The Past, the Present, and the Future [PDF]
RAID 2012, Amsterdam, Netherlands, September 2012
[Bibtex]

*
Body Armor for Binaries: preventing buffer overflows without recompilation [PDF]
USENIX ATC 2012, Boston, MA, June 2012
[Bibtex]

*
Keep Net Working - On a Dependable and Fast Networking Stack [PDF]
Dependable Systems and Networks (DSN), Boston, MA, June 2012
[Bibtex]

*
Large-Scale Analysis of Malware Downloaders [PDF]
DIMVA 2012, Heraklion, GR, July 2012
[Bibtex]

*
System-level Support for Intrusion Recovery [PDF]
DIMVA 2012, Heraklion, GR, July 2012
[Bibtex]

2011

*
Minemu: The World's Fastest Taint Tracker [PDF]
RAID'11, Menlo Park, California, September 2011
[Bibtex]

*
Howard: a dynamic excavator for reverse engineering data structures [PDF]
NDSS'11, San Diego, California, February 2011
[Bibtex]

*
On Botnets that use DNS for Command and Control [PDF]
EC2ND'11, Gothenburg, Sweden, September 2011
[Bibtex]

*
Sandnet: Network Traffic Analysis of Malicious Software [PDF]
Proceedings of the 1st Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS) April 10, 2011, Salzburg, Austria
[Bibtex]

*
System Security Research at VU University Amsterdam [PDF]
SYSSEC Workshop, Amsterdam, July 2011
[Bibtex]

*
Application-tailored I/O with Streamline [PDF] (also available here)
ACM Transactions on Computer Systems (TOCS'11), May 2011.
[Bibtex]

2010

*
Paranoid Android: Versatile Protection For Smartphones [PDF]
Annual Computer Security Applications Conference (ACSAC'10), Austin, Texas, December 2010
[Bibtex]

*
DDE: Dynamic Data Structure Excavation [PDF]
ACM APSYS'10, New Delhi, India, August 2010
[Bibtex]

*
Pointer tainting still pointless (but we all see the point of tainting) [PDF]
ACM SIGOPS Operating Systems Review (OSR), 44(3), July 2010
[Bibtex]

*
Brief Announcement: A Shared Disk on Distributed Storage [PDF]
PODC'10, Zuerich, July 2010
[Bibtex]

2009

*
CacheCard: a transparent cache for static and dynamic content on the NIC [PDF]
Proceedings of ACM/IEEE ANCS, Princeton, NY, Oct. 2009
[Bibtex]

*
Isolating Faulty Device Drivers [PDF]
Proceedings of IEEE/IFIP Dependable Systems and Networks (DSN 2009), Lisbon, Portugal, June 2009.
[Bibtex]

*
Pointless tainting? Evaluating the practicality of pointer tainting [PDF]
Proceedings of EUROSYS 2009, Nuremberg, Germany, March/April 2009.
[Bibtex]

*
Mapping and synchronizing streaming applications on Cell processors [PDF]
Proceedings of HiPEAC 2009, Paphos, Cyprus, January 25-28, 2009
[Bibtex]

2008

*
Countering IPC Threats in Multiserver Operating Systems [PDF]
IEEE PRDC, Taipei, Taiwan, December 2008.
[Bibtex]

*
PipesFS: Fast Linux I/O in the Unix Tradition [PDF]
Operating Systems Review, Special Issue on the Linux Kernel, July 2008.
[Bibtex]

*
Future Threats to Future Trust [PDF]
Conference on the Future of Trust in Computing, July 2008.
[Bibtex]

*
Model-T: Rethinking the OS for terabit speeds [PDF]
Proceedings of High-Speed Networks Workshop HSN 2008, Phoenix, AZ, April 2008
[Bibtex]

*
Eudaemon: Involuntary and On-Demand Emulation Against Zero-Day Exploits [PDF]
Proceedings of ACM SIGOPS EUROSYS 2008, Glasgow, UK, April, 2008.
[Bibtex]

*
Beltway buffers: avoiding the OS traffic jam [PDF]
The 27th IEEE International Conference on Computer Communications (INFOCOM 2008), April 2008, Phoenix, Arizona.
[Bibtex]

*
Safe Execution of Untrusted Applications on Embedded Network Processors [PDF]
International Journal of Embedded Systems (IJES), InderScience, Vol.3, No. 4, 2008.
[Bibtex]

2007

*
Ruler: easy packet matching and rewriting on network processors [PDF]
Symposium on Architectures for Networking and Communications Systems (ANCS'07)
[Bibtex]

*
The Age of Data: pinpointing guilty bytes in polymorphic buffer overflows on heap or stack [PDF]
23rd Annual Computer Security Applications Conference (ACSAC'07), Miami, FLA, December 2007.
[Bibtex]

*
Tales from the Crypt: fingerprinting attacks on encrypted channels by way of retainting [PDF]
Proc. of 3rd European Conference on Computer Network Defense (EC2ND), Heraklion, Greece, October, 2007. Note: the paper in the link above has a better layout and more readable figures compared to the paper in the proceedings (we had to convert our latex to word which screwed things up a little). It also contains a few lines of text that were slashed from the paper in the proceedings for space reasons. If you want to know what the paper in the proceedings looks like, click here.
[
Bibtex]

*
A component-based coordination language for efficient reconfigurable streaming applications [PDF]
Proc. of International Conference on Parallel Processing (ICPP'07), Xian, China, Sept. 2007
[Bibtex]

*
Failure Resilience for Device Drivers [PDF]
IEEE/IFIP International Conference on Dependable Systems and Networks (IEEE/IFIP DSN'07), Dependable Computing and Communication Track
(William C. Carter award for →best paper), Edinburgh, UK, June 2007.
[Bibtex]

*
Roadmap to a Failure-Resilient Operating System [PDF]
"USENIX ;login:", Volume 32, Number 1, February 2007
[Bibtex]

*
The Token Based Switch: per-packet access authorisation to optical shortcuts [PDF]
IFIP Networking, Atlanta, Georgia, May, 2007
[Bibtex]

2006

*
SP@CE - An SP-based Programming Model for Consumer Electronics Streaming Applications [PDF]
Languages and Compilers for Parallel Computing (LCPC'06), New Orleans, Louisiana, USA, November, 2006
[Bibtex]

*
Construction of a Highly Dependable Operating System (preprint) [PDF]
(Proceedings of EDCC'06, Coimbra, Portugal, October 2006) (accepted for publication)
[Bibtex]

*
MINIX 3: A Highly Reliable, Self-Repairing Operating System
(ACM SIGOPS Operating Systems Review, vol. 40, nr. 3, July 2006)
[Bibtex]

*
Reorganizing UNIX for Reliability (preprint) [PDF]
(Proceedings of Asia-Pacific Computer Systems Architecture Conference (ACSAC'06), Shangai, China, September, 2006) (accepted for publication)
[Bibtex]

*
SafeCard: a Gigabit IPS on the network card [PDF]
(RAID'06, Hamburg, Germany, September 2006)
[Bibtex]

*
Can We Make Operating Systems Reliable and Secure?
(IEEE Computer, Vol. 39, No. 5, pp. 44--51, ISSN 0018-9162, May 2006)
[Bibtex]

*
Supporting Reconfigurable Parallel Multimedia Applications [PDF]
(→distinguished paper, ACM/IFIP/IEEE Euro-Par'06, August 2006)
[Bibtex]

*
Modular system programming in Minix 3 [PDF]
("USENIX ;LOGIN:", Vol 31, No. 2, April 2006)
[Bibtex]

*
Argos: an Emulator for Fingerprinting Zero-Day Attacks [PDF]
(ACM SIGOPS EUROSYS 2006, Leuven, Begium, April 2006)
[Bibtex]

*
SweetBait: Zero-Hour Worm Detection and Containment Using Low- and High-Interaction Honeypots
(Elsevier Computer Networks, Special Issue on Security through Self-Protecting and Self-Healing Systems, 2006)
[Bibtex]

*
Dynamically extending the Corral with native code for high-speed packet processing [PDF]
(Elsevier Computer Networks, Special Issue on Active and Programmable Networks, 50(14), pp. 2444-2461, October 2006)
[Bibtex]

*
File Size Distribution on UNIX Systems Then and Now [PDF]
(Operating Systems Review, Vol 40, No. 1, January 2006).)
[Bibtex]

2005

*
Towards software-based signature detection for intrusion prevention on the network card [PDF]
(Proceedings of Eighth International Symposium on Recent Advances in Intrusion Detection (RAID2005), Seattle, Washington, September 2005.)
[Bibtex] [PPT]

*
Network intrusion prevention on the network card [PDF]
(IXA Summit, Hudson, MA, September 2005.)

*
Robust distributed systems - achieving self-management through inference [PDF]
(Proceedings of First International IEEE WoWMoM Workshop on Autonomic Communications and Computing, ACC2005, Taormina, Italy, June 2005.)
[Bibtex]

*
FPL-3: towards language support for distributed packet processing [PDF]
(Proceedings of IFIP Networking, Waterloo, Ontario, Canada, May 2005 (accepted for publication).)
[Bibtex]

*
FPL-3e: towards language support for distributed reconfigurable packet processing [PDF]
(Proceedings of SAMOS V: Embedded Computer Systems: Architectures, MOdeling, and Simulation, Lecture Notes in Computer Science, Vol.3553/2005, ISSN 0302-9743, July, 2005.)
[Bibtex]

2004

*
FFPF: Fairly Fast Packet Filters [PDF]
(Proceedings of 6th Symposium on Operating Systems Design and Implementation (OSDI'2004), San Francisco, CA, December 2004.)
[HTML version] [Bibtex] [PPT]
[Here is also a short FFPF tutorial (powerpoint) - from the Lobster workshop in Stockholm in May 2005]

*
Scalable network monitors for high-speed links: a bottom-up approach [PDF]
(Proceedings of IEEE IPOM 2004, Beijing, China, October 2004.)
[Bibtex]

*
On the feasibility of using network processors for DNA processing
(Slightly modified version of the NP3 paper, to be published as Chapter 10 in "Network Processor Design, Vol. 3", Morgan Kaufmann, pp. 10.1 -- 10.14, 2004.)
[See also the NP3 paper below]
*
SNMP Plus a Lightweight API for SNAP Handling [PDF]
(Proceedings of IEEE/IFIP Network Operations and Management Symposium (NOMS'04), Seoul, Korea, April, 2004)
[Bibtex]

*
On the feasibility of using network processors for DNA processing [PDF]
(Proceedings of NP3, Workshop on Network Processors & Applications, Madrid, Spain, Feb, 2004)
[Bibtex] [PPT]

2003

*
HOKES/POKES: Light-weight resource sharing [PDF]
(Proceedings of ACM SIGBED EMSOFT'03, October 2003, Philadelphia, USA)
[Bibtex]

*
SCAMPI: A Scalable and Programmable Architecture for Monitoring Gigabit Networks [PDF]
(Proceedings of E2EMon'03, September 2003, Dublin, Ireland)
[Bibtex]

*
Compiler assistance for safe resource sharing without hardware support
(Compilers for Parallel Computers (CPC), Amsterdam, January 2003)

2002

* A perspective on how ATM lost Control [PDF]
(ACM SIGCOMM Computer Communication Review, Volume 32, Number 5, November 2002)
  
* The OKE Corral: Code Organisation and Reconfiguration at Runtime using Active Linking [PDF]
(Proceedings of IWAN'2002, Zuerich, December 2002).
[Bibtex]

* Safe Kernel Programming in the OKE [PDF]
(Here we explain the OKE in some detail. It is also the preferred OKE paper to cite. Proceedings of IEEE OpenArch'02, New York, June, 2002)
[Bibtex]
 
* Towards Flexible Real-Time Network Monitoring Using a Network Processor.
(Short paper: Proceedings of 3rd USENIX/NLUUG International SANE Conference 2002, pp. 409-410, Maastricht, May, 2002)
 

2001 and earlier

* The Open Kernel Environment.
(This is the first presentation of the OKE - OpenSig'2001, London, September, 2001)
 
* Elastic Network Control: An Alternative to Active Networks [PDF]
(This paper describes our work on marrying the various approaches to programmable networks in a single, sensible framework. Journal of Communications and Networks, Special Issue on Programmable Routers and Switches, Vol.3, No.2, 2001)
 
* Open Extensible Network Control [PDF]
(Journal of Network and Systems Management (JNSM), Vol.8. No.1, March 2000)
 
* Elastic Network Control [PDF]
(PhD thesis. Also published as Technical Report No. 483, Cambridge University Computer Laboratory, August 1999)
 
* Application-Specific Policies: Beyond the Domain Boundaries [PDF]
(Proceedings IM'99, Boston, USA, May 1999)  
[HTML version]
 
* Application-specific Behaviour in Distributed Network Control [PDF]
(Proceedings ERSADS'99, Madeira, Portugal, April 1999)
 
* Building a Distributed Video Server using Advanced ATM Network Support [PDF]
(Proceedings IFIP/IEEE MMNS'98, Versailles, France, Nov. 1998)
 
* ATM Admission Control based on Reservations and Measurements [PDF]
(Proceedings IEEE IPCCC'98, Phoenix, Arizona, Feb. 1998)
 
* Efficient Reservations in Open ATM Network Control using Online Measurements [PDF]
(Int. J. of Communication Systems, V11, No. 4, August 1998)
[HTML version]
 
* An Active Distributed File Server for Continuous Media
(Proceedings ERSADS'97, Zinal, Switzerland, March 1997)
 

Technical reports

(If not online, TRs are available on request)


*
Protecting smart phones by means of execution replication
(Technical Report IR-CS-054, Vrije Universiteit Amsterdam, September 2009)
Updated version: Paranoid Android: Zero-Day Protection for Smartphones Using the Cloud
(Technical Report IR-CS-058, Vrije Universiteit Amsterdam, February 2010)

*
Eudaemon: A Good Spirit to Protect Processes from Internet Attacks
(Technical Report IR-CS-039, Vrije Universiteit Amsterdam, April 2007)

*
Multi-tier intrusion detection by means of replayable virtual machines
(Technical Report IR-CS-047, Vrije Universiteit Amsterdam, August, 2008)

*
Streamline: Efficient OS Communication Through Versatile Streams
(Technical Report IR-CS-038, Available on request, Vrije Universiteit Amsterdam, March 2007)

*
Prospector: Accurate Analysis of Heap and Stack Overflows by Means of AgeStamps
(Technical Report IR-CS-031 [supercedes IR-CS-023], Available on request, Vrije Universiteit Amsterdam, June 2006).
Note: the prospector work was published in ACSAC'07. That paper is probably more readable than the TR and you may want to look at that paper instead: The Age of Data: pinpointing guilty bytes in polymorphic buffer overflows on heap or stack [PDF]

*
Ruler: high-speed traffic classification and rewriting using regular expressions [PDF]
(Technical Report IR-CS-027, Vrije Universiteit Amsterdam, July 2006)

*
Using Beltway Buffers for efficient and structured I/O [PDF]
(Technical Report IR-CS-028, Vrije Universiteit Amsterdam, September 2006)

*
Prospector : a protocol-specific detector of polymorphic buffer overflows [PDF]
(Technical Report IR-CS-023 [note: superceded by TR IR-CS-031], Vrije Universiteit Amsterdam, June 2006)

*
Argos: an x86 emulator for fingerprinting zero-day attacks by means of dynamic data flow analysis [Available on request.]
(Technical Report IR-CS-017, Vrije Universiteit Amsterdam, October 2005)

*
Lessons learned in developing a flexible packet processor for high-speed links [PDF]
(Technical Report IR-CS-016, Vrije Universiteit Amsterdam, June 2005)

*
SweetBait: Zero-Hour Worm Detection and Containment Using Honeypots [PDF]
(Technical Report IR-CS-015, Vrije Universiteit Amsterdam, May 2005)

*
A network intrusion detection system on IXP1200 network processors with support for large rule sets [PDF]
(Technical Report 2004-02, LIACS, Leiden University, 2004)

*
Packet monitoring at high speed with FFPF [PDF]
(Technical Report 2004-01, LIACS, Leiden University, 2004)

*
High Noon at the OKE Corral: Code Organisation and Reconfiguration at Runtime using Active Linking [PDF], .
(Technical Report 2003-07, LIACS, Leiden University, 2003, extended version of the IWAN'02 paper)

*
Compiler assistance for safe resource sharing without hardware support
(Technical Report 2003-06, LIACS, Leiden University, 2003)

*
Elastic Network Control [PDF]
(Technical Report No. 483, Cambridge University Computer Laboratory, August 1999)

* Open Programmable Networks: On the Evolution of Network Infrastructures
(Technical Report, KPN Research, 2000)
 
* Exceptional C: Design and Implementation of the XTC Compiler [PDF]
(Technical Report, Pegasus paper 94-12, October 1994)
 

Articles in Dutch

(If not online, the articles are available on request)


*
Wormen en Virussen: ongedierte op het net [PDF]
(Informatie, Themanummer IT en Misdaad, pp. 32-38, November 2005)

*
Internet.next: verbonden met de snelheid van het licht - Of toch weer traag door de digitale modder? [PDF]
(Informatie, gastredactioneel, themanummer Internet2.0, mei 2006)

*
Minix 3: Veilig en betrouwbaar besturingssysteem [PDF]
(Informatie, juni 2006)


Talks

*
Rethinking OS support for high-speed networking [PPT]"
(Talk at the ACM SIGOPS European Chapter Senior Workshop WIP session, Lisbon, 12-13 July 2005)

*
FFPF Tutorial [PPT]"
(Talk at RIPE meeting, tutorial session on passive monitoring, Stockholm, May 2005)


$Id: index.html,v 1.228 2013/04/29 09:11:39 herbertb Exp $