Thijs van Ede

Thijs van Ede


PhD Candidate @ University of Twente

About Me

About Me

I am currently a PhD candidate at the Services and Cyber Security (SCS) group at the University of Twente under the supervision of Andrea Continella, Andreas Peter and Maarten van Steen. My research interests are in various aspects of system security, such as network analysis mobile security and anomaly detection in evolving systems. I carry out this research in the project: EVolutionary Intrusion DEtectioN for Changing Environments (EVIDENCE). In this project I focus on developing anomaly-based network intrusion detection techniques to detect malicious software which are also capable of automatically evolving with benign changes.

In January 2020, I joined the SecLab at UC Santa Barbara as a visiting researcher with Giovanni Vigna and Christopher Kruegel for six months. Together with Lastline (now VMware) we worked on detecting network attack patterns using artificial intelligence.

Publications

DeepCASE: Semi-Supervised Contextual Analysis of Security Events

Thijs van Ede, Hojjat Aghakhani, Noah Spahn, Riccardo Bortolameotti, Marco Cova, Andrea Continella, Maarten van Steen, Andreas Peter, Christopher Kruegel and Giovanni Vigna
Proceedings of the IEEE Symposium on Security and Privacy (S&P), 2022 (to appear).
PDF Cite Presentation Slides Code

FlowPrint: Semi-Supervised Mobile-App Fingerprinting on Encrypted Network Traffic

Thijs van Ede, Riccardo Bortolameotti, Andrea Continella, Jingjing Ren, Daniel J. Dubois, Martina Lindorfer, David Choffnes, Maarten van Steen and Andreas Peter
Proceedings of the ISOC Network and Distributed Systems Security Symposium (NDSS), 2020.
PDF Cite Presentation Slides Code

HeadPrint: Detecting Anomalous Communications through Header-based Application Fingerprinting

Riccardo Bortolameotti, Thijs van Ede, Andrea Continella, Thomas Hupperich, Maarten Everts, Reza Rafati, Willem Jonker, Pieter Hartel and Andreas Peter
Proceedings of the ACM Symposium on Applied Computing (SAC), 2020.
PDF Cite Presentation Slides Code

Victim-Aware Adaptive Covert Channels

Riccardo Bortolameotti, Thijs van Ede, Andrea Continella, Maarten Everts, Willem Jonker, Pieter Hartel and Andreas Peter
Proceedings of the International Conference on Security and Privacy in Communication Networks (SecureComm), 2019.
PDF Cite Presentation Slides Code

DECANTeR: DEteCtion of Anomalous outbouNd HTTP TRaffic by Passive Application Fingerprinting

Riccardo Bortolameotti, Thijs van Ede, Marco Caselli, Maarten H Everts, Pieter Hartel, Rick Hofstede, Willem Jonker and Andreas Peter
Proceedings of the 33rd Annual Computer Security Applications Conference (ACSAC), 2017.
PDF Cite Presentation Slides Code

Academic re-implementations

An important part of evaluating academic work is to compare your own approach with the current state-of-the-art. However, sometimes, the original source code of developed tools is not publically available. This can be caused by reasons, such as contractual obligations for original authors to not publish their source code. It is important to reach out to the original authors of the academic works for which you want to obtain source code. Even if they are unable to give you the code, authors can often give helpful pointers for your own re-implementations. This section highlights the re-implemented academic source code for comparison with our own work.

Appscanner: Automatic fingerprinting of smartphone apps from encrypted network traffic

DeepLog: Anomaly detection and diagnosis from system logs through deep learning

Recurrent Memory Array Structures

Tiresias: Predicting Security Events Through Deep Learning

Projects

Besides my publications, I also worked on the projects listed below.

  • ANTIC: A framework for collecting labelled network traffic of Android applications.

  • Authors: An overview of the top publishing authors in the field of systems security.

Teaching

Student Supervision

Let's Get In Touch!



University of Twente
Faculty of Electrical Engineering, Mathematics & Computer Science
Zilverling (building no. 11), room 2042
Hallenweg 19
7522NH Enschede
The Netherlands