• Home

• Contact

• Curriculum Vitae  

• Teaching

• Research

• Publications

Research of Harald Vranken

My research concentrates on network security and software security. I am (or recently have been) actively researching the following subjects:

• botnet detection with machine learning and deep learning
• vulnerability detection in source code with machine learning and deep learning
• virtual security labs
• (usable) security of on-line banking
• energy analysis and environmental footprint of distributed systems with consensus algorithms
• resilience of distributed networks

Postdocs:

• Ashish Rajendra Kumar Sai worked as a postdoc in the 'Econsensus-project' with Protocol Labs on the environmental footprint of distributed systems that apply consensus mechanisms from April to December 2022 (see postdoc-position with Protocol Labs).
• Hassan Alizadeh worked as a postdoc in the 'Dagobert-project' on botnet detection from October 2017 to February 2020 (see postdoc-position on botnet detection).
• Manuel Herrador worked as a postdoc in the 'Well-being in Smart Cities' project from October 2018 to April 2019 (see postdoc position on well-being in smart cities).

PhD students (promotor):

• Vincent van der Meer: Improving foundations of file recovery: A digital forensics perspective on file fragmentation, timestamps, and JPEG validation. Open Universiteit, Heerlen, September 5, 2024
• Benjamin Krumnow: Web Scrapology: Overcoming limits of automating web measurements. Open Universiteit, Heerlen, December 8, 2023

PhD students (co-promotor):

• Jens Haag: DVCL: A Distributed Virtual Computer Lab for security and network education. Open Universiteit, Heerlen, June 22, 2018
• Sven Kiljan: Exploring, expanding and evaluating usable security in online banking. Open Universiteit, Heerlen, June 9, 2017.

Graduated MSc students:

• Frank Bottinga (OU:SE): Significant feature contribution to effective IoT botnet detection. July 2024.
• Maurice Joren (OU:SE): SimaticFuzz: Fuzzing the S7 communication protocol. March 2024.
• Ruben van Baaren (RU:CS): An exploratory evaluation of ASPA's security in common network topologies. November 2023.
• Ahmed Hifnawy (RU:CS): Evaluating the effectiveness of features used for machine learning-based botnet detection. August 2023.
• Dominique Ruts (OU:CS): Improved DGA-based botnet detection through context-related feature selection based on packet flow information. June 2023.
• Huy Nguyen (RU:CS): Exploring DNS queries for privacy and security sensitive information. April 2023.
• Mauk Lemmen (RU:CS): Automating payload delivery & detonation testing. March 2023.
• Davey Mathijssen (OU:SE): Detecting software vulnerabilities in source code and the influence of variable naming: Demonstrated for C# code and code2vec. December 2022.
• Lars Kuipers (RU:CS): Effectiveness of TCP features in botnet detection. July 2022.
• Wesley de Kraker (OU:SE): Combining program slicing and graph neural networks to detect software vulnerabilties. July 2022.
• René Dohmen (OU:SE): Determining paths to injection vulnerabilities in PHP-code using symbolic execution June 2022.
• Hylke Foeken (OU:SE): Explaining and improving vulnerability detection using Layer-wise Relevance Propagation. April 2022
• Jeroen Kivits (RU:CS/TUe): Testing if SIEM detection rules are operational, with minimal impact for a SOC and its customers. March 2022
• Mischa van Reede (RU:IS): An investigation into the hashrate distribution between mining pools within the bitcoin mining network. January 2022.
• Jason Kleuskens (OU:SE): Model-based whitebox fuzzing rest web services to detect vulnerabilities. July 2021.
• Else Maria van der Meulen (OU:CS): DNS: The Achilles Heel of flux botnets? Detection of Flux Botnets with recursive DNS data using Machine Learning. July 2021.
• Marco van Renswou (OU:SE): Detecting the presence of botnets by analysing TCP/IP network traffic. February 2021.
• Ruud Linssen (RU:CS/TUe): SNPFuzz: A scalable stateful protocol fuzzer for embedded network devices. December 2020.
• Arjan Gerritsen (OU:SE). Model-based fuzzing REST web services to detect vulnerabilities. November 2020.
• Bart Elema (OU:SE). Software vulnerability prediction using deep learning on graph representations of source code. March 2020.
• Tim van Dijk (RU:CS): Stealthy and in-depth behavioral malware analysis with Zandbak. August 2019.
• Robert Beisicht (OU:SE): Injection attack mitigation: a secure multi-execution approach. April 2019.
• William Verkooijen (OU:CS): Maintaining data confidentiality and data integrity when using Cloud Based Security Providers for webapplication attack identification. March 2019.
• Alex van Klaveren (OU:SE): Understanding the inner workings of a deep neural network. March 2019.
• Tho Poon (OU:SE): Botnet detection using recurrent neural networks. October 2018.
• Gert Jan Schouten (OU:SE): Jamming attacks in an IEEE 802.15.4 wireless sensor network. July 2018.
• Jacob Merkus (OU:CS): Security evaluation of the NFC contactless payment protocol using Model Based testing. April 2018.
• Jorrit Kronjee (OU:SE): Discovering vulnerabilities using data-flow analysis and machine learning. March 2018.
(This thesis received the Best Master Thesis Award 2017-2018 of the master Software Engineering at the OU.)
• Eef van Es (OU:CS): LoRaWAN vulnerability analysis: (in)validation of possible vulnerabilities in the LoRaWAN protocol specification. March 2018.
• Franck Coucke (OU:SE): Centrale access control in SOA-omgevingen en het reference monitor concept. January 2018.
• Jos van Roosmalen (OU:CS): The feasibility of deep learning approaches for P2P-botnet detection. January 2017.
• Renaud Vande Langerijt (OU:SE): Elimination of integrity threats in web applications: a secure multi-execution approach. December 2016.
• Reinier Beeckman (OU:CS): A no-limit poker-bot using neural networks. October 2016.
• Lars Bade (RU): Resilience of the Domain Name System: A case study for .nl. August 2016.(This thesis received the Best Cybersecurity Master Thesis (BCMT) Award by dcypher at ICT.OPEN 2017 (see news message).)
• Jeroen Jonkman (OU:SE). Botnetsimulatie in een gedistribueerd virtueel computer security lab. July 2016.
• Jeroen Pijpker (OU:BPMIT): De rol van Internet Service Providers bij de bestrijding van botnets. November 2015.
• Youri Lammerts van Bueren (OU:BPMIT): Hoe iBewust zijn medewerkers van Nederlandse gemeenten? Een methodiek om kennis, houding en gedrag op het gebied van informatiebeveiliging bij medewerkers van Nederlandse gemeenten te meten. November 2015.
• Eduardo Pablo Novella Lorente (RU): Reverse Engineering WirelessHART Hardware. August 2015.
• Chris Vrolings (OU:BPMIT): The use of FIAM and BPM in the disintegration of business processes: a single case study of the disentanglement of ING and Nationale Nederlanden. February 2015.
• Peter Schoofs (OU:BPMIT): Phishing in relation to the Belgian government. December 2014.
• Patrick Molijn (OU:SE): P2P network classification; a both port and payload agnostic approach. September 2014.
• Pedro Marques da Luz (RU): Botnet detection using passive DNS. July 2014.
• Leon Cuijpers (OU:CS): Modeling a workload in virtualized environments; a method for modeling the performance behavior of applications when migrating from a physical to a virtual Linux infrastructure. June 2014.
• René van Giersbergen (OU:BPMIT): Outsourcing to cloud computing by Dutch government organizations in the field of public order and security; rationale and impact on information security. September, 2013.
• Timo Schless (OU:BPMIT): The organisation of counter botnet activities in the Netherlands. September 2013. (This thesis received the René Olthuisprijs by Vereniging Informatici Defensie.)
• André Schild (OU:BPMIT): Security and privacy with BYOD; a survey of the applied BYOD security policy and implemented security measures within organizations and their impact on employee privacy. June 2013.
• Tim Piepers (OU:BPMIT): Cloud Identity & Access Management Model; success factors for Identity & Access Management in cloud computing. February 2013.
• Gert-Jan Schouten (OU:BPMIT): Cybersecurity as a business process; a generic applicable processmodel. February 2013.
• Jack van der Goes (OU:BPMIT): Social engineering and the municipalities of the province Limburg. December, 2012.
• Koen Dreijer (OU:BPMIT): Online fishing without license; a thesis research into the possibilities, effectively, and acceptation of anti-phishing measures from the point-of-view of financial institutions. September, 2012.
• Jeroen Verhoeven (OU:BPMIT): Data security in the cloud. June 2012.
• Yvonne van Boxmeer (OU:BPMIT): Risks by the cloud; organizational and legal issues & measures. April 2012.
• Gert Kiewiet (OU:BPMIT): Technical impact of hybrid cloud computing on IAM. December 2011.
• Jurriaan Kamer (OU:BPMIT): The impact of server virtualization on ITIL processes. December 2010.

Graduated BSc students:

• Mike Schopman (RU): Validating the accuracy of the MaxMind GeoLite2 City database. June 2021.
• Chris Hoorenman & Henk-Jan Hopman (OU:CS): Geolocation of Bitcoin mining. June 2019.
• David Korsman (RU): De oorzaken en gevolgen van het uitstellen van de IPv6-adoptie. March 2019.
• Patrick Verleg (RU): Cache Cookies; searching for hidden browser storage. June 2014.
• Joël Craenhals, Ron Melger & Thomas van Poucke (OU:CS): iTables; visualization of firewall-configurations. April 2014.

Please contact me if you are interested in a project.