Wouter Bokslag scite author profile

Wouter Bokslag

4Publications

9Citation Statements Received

69Citation Statements Given

How they've been cited

How they cite others

Affiliations

Eindhoven University of Technology

Publications

Order By: Most citations

On Emulation-Based Network Intrusion Detection Systems

Abbasi

Wetzels

Bokslag

et al. 2014

View full text Add to dashboard Cite

Abstract. Emulation-based network intrusion detection systems have been devised to detect the presence of shellcode in network traffic by trying to execute (portions of) the network packet payloads in an instrumented environment and checking the execution traces for signs of shellcode activity. Emulation-based network intrusion detection systems are regarded as a significant step forward with regards to traditional signature-based systems, as they allow detecting polymorphic (i.e., encrypted) shellcode. In this paper we investigate and test the actual effectiveness of emulation-based detection and show that the detection can be circumvented by employing a wide range of evasion techniques, exploiting weakness that are present at all three levels in the detection process. We draw the conclusion that current emulation-based systems have limitations that allow attackers to craft generic shellcode encoders able to circumvent their detection mechanisms.

show abstract

$$\mu $$ Shield

Abbasi¹,

Wetzels

Bokslag

et al. 2017

View full text Add to dashboard Cite

Embedded devices are playing a major role in our way of life. Similar to other computer systems embedded devices are vulnerable to code-reuse attacks. Compromising these devices in a critical environment constitute a significant security and safety risk. In this paper, we present µShield, a memory corruption exploitation mitigation system for embedded COTS binaries with configurable protection policies that do not rely on any hardware-specific feature. Our evaluation shows that µShield provides its protection with a limited performance overhead.

show abstract

Evaluating e-voting: theory and practice

Bokslag¹,

Vries²

2016

Preprint

View full text Add to dashboard Cite

Reverse Engineering of RFID devices

Bokslag¹

2015

Preprint

View full text Add to dashboard Cite

This paper discusses the relevance and potential impact of both RFID and reverse engineering of RFID technology, followed by a discussion of common protocols and internals of RFID technology. The focus of the paper is on providing an overview of the different approaches to reverse engineering RFID technology and possible countermeasures that could limit the potential of such reverse engineering attempts.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Wouter Bokslag

On Emulation-Based Network Intrusion Detection Systems

$$\mu $$ Shield

Evaluating e-voting: theory and practice

Reverse Engineering of RFID devices

Contact Info

Product

Resources

About