1. Home
  2. Research
  3. Research groups
  4. Details
Centre of Expertise Cyber Security

Research Group Network and Systems Engineering Cyber Security

It is surprisingly often that the world, usually unconscious of the risks though sometimes conscious of them, falls on new developments such as the Internet of Things (the linking of devices via the ‘cloud’). This already leads to record DDoS (Distributed Denial of Service) attacks, but in the future, may also lead, for example, to mobile network failures or power cuts or a combination of both. Cybersecurity is relevant to all disciplines.

Jaarverslag 2020 (pdf)
About the research group

The Network and Systems Engineering Cyber Security research group focuses on three key areas:

  • Identity and Access Management
    How we determine who can access a system and when that access is acceptable.
  • System Security, with an emphasis on the Internet of Things
    New applications enable uses to use the data in their devices safely
  • Usable Security
    Finally, Usable Security investigates the intersection between application security and human factors: how can we build secure systems that users want to use rather that looking for ways around them?

All of these are increasingly important, as they are of great societal and economic significance. As cybersecurity is relevant to all disciplines and a must for every professional, whether we are talking about the health industry or in the economic domain where new e-commerce business models arise continuously. That is why the research group works together with all the research platforms, but primarily with Good Governance for a Safe World. This requires multidisciplinary research combined with the expertise from, for example, legal specialists and public administration officials.

Examples of practice-based research

5G Research

Mobile communications became an essential part of our human interactions, contributing to the economic and social development of the world population. From developed to developing countries, mobile communications is woven into communicative practices of millions of people everywhere, shaped and adjusted by people and organizations according to their needs. Previous generations of mobile networks have delivered communications services such as voice, messaging and data, using respectively 1G, 2G, 3G & 4G. Mobile communications has become one of the most important technology in the modern world. But the demand for data throughput and information exchange capabilities have increased beyond people’s needs.

The 5th generation, 5G NR, is expected to transform the future society, by enabling pervasive computerization of various physical objects with sensors, controller and transmitter. This principle is called the Internet of Things (IoT). The foreseen adoption of 5G NR raises security and privacy concerns. Indeed each previous iteration of mobile communications protocol faced various security and privacy issues. Furthermore the security and privacy results from the previous mobile communications set a dubious scene for the 5th generation. The Research Group Network and Systems Engineering, part of the Centre of Expertise Cyber Security, decided to investigate signal communications from a security and privacy approach including previous mobile communications and explore the 5th generation of mobile communication protocols.

Health care

The research group studies how the use of smartphones connected to smart devices like blood pressure monitors and scales can be optimised for both patients and their doctors. The limiting condition here is that patient privacy is guaranteed and personal and private data only shared with the treating physician.

IoT

The research group studies information ‘leaked’ in the market by IoT devices. Even if information cannot be read directly from a device due to encryption, there is still much information that can be accessed based on the data traffic. For example, if we monitor the rough data traffic to and from door sensors and see that there is indeed a flow of data, we can assume that the sensors are in use.

Trusted IoT

Trusted computing in general deals with making sure that the systems that you interact with are trustworthy. Does the hardware match what you ordered from the supplier, or has a malicious actor managed to compromise the supply chain and insert some components that spy on you, or exfiltrate your data? Can you be sure that the firmware that controls your network or graphics adapter, or even your power supply, has not been modified? What about the boot loader and the operating system kernel? There are a number of different steps you can take to make sure you can trust the system you provide your secrets to: Verified and measured boot processes, trusted platform modules and remote attestation, and trusted execution environments. In desktop and server environments, these things are approaching maturity, but in the IoT space, there is still room for improvement. We investigate what is currently being done in commodity IoT devices, and see what can be done with available systems suitable for deployment into the Internet of Things.

Team

Saman Barjas

Michael Gilhespy

Bernard van der Helm

Daniel Meinsma

Saman Barjas

Contact:
s.barjas@hhs.nl

Michael Gilhespy

Mike joined the Haagse Hogeschool as a member of the HBO-ICT teaching staff in 2020.  His focus is on teaching technical security topics with a focus on the offensive perspective, which is also his primary research interest.  As well as teaching undergraduates, Michael also teaches on the Master Cybersceurity Engineering program, where he is the core teacher for the module "Hacking and Malware".
m.d.gilhespy@hhs.nl

Bernard van der Helm

Contact:
b.vanderhelm@hhs.nl

Daniel Meinsma

Daniel is a member of THUAS’ HBO-ICT teaching staff. Besides developing and providing education on technical security topics, he is an active facilitator of student participation in a wide range of technical research projects. Since January 2022, Daniel fulfills a parttime PhD position at Delft Technical University, with a focus on Automated Vulnerability Research. Furthermore, Daniel is one of the initiators of the Dutch Joint Cyber Range and actively contributes to Capture the Flag education.
d.j.meinsma@hhs.nl

About the professor

LinkedIn LinkedIn profile

dr. Mathias Björkqvist

Mathias Björkqvist is a lector of Network and Systems Cyber Security at The Hague University of Applied Sciences, and a security researcher at Thales Research and Technology Nederland. Prior to joining Thales, he spent 12 years at IBM Research - Zurich, working on storage security, encryption key management, and blockchain. Mathias completed his MSc in computer networking at the Helsinki University of Technology (now Aalto University), during which time he also studied for a year at Institut Eurécom in Sophia-Antipolis, France. He later obtained his PhD on resource management of replicated service systems in the cloud, from the Università della Svizzera italiana in Lugano. Mathias' research interests include key management and security for distributed systems, and security of embedded and IoT devices.
m.a.bjorkqvist@hhs.nl
Projects
Projects

Projects

DurableCASE: robotic vehicles in the agricultural sec-tor

DurableCASE: robotic vehicles in the agricultural sec-tor

A large number of parties, including The Hague University of Applied Sciences through the Network & Systems Engineering research group of the CoECS, will be working together in the coming years to develop solutions for collaborative robot vehicles in the agricultural sector. The DurableCASE project kicked off on 1 October 2019. DurableCASE stands for Durable Cooperative Agrobotics Systems Engineering.
Read more
Internship & Thesis Projects

Internship & Thesis Projects

During the course of the year, students fulfill their internships or participate in course projects within the lectorate. Below is an overview of current projects, with specification of students’ required skills.

Read more
Previous student projects

Previous student projects

Below is a summary of student internship and semester projects that have been done with the lectorate. If there is no topic of interest in the list of currently available projects, then something along the lines of these projects can also be proposed - chances are that similar ideas can be accommodated!
Read more
About the research group
Publications
Publications

Publications

Thesis

Secure Naming for Distributing Computing using the Condensed Graph Model

Implementing a distributed computation architecture has several basis functional requirements, such as load balancing, fault tolerance and security. The challenge is in how you manage these requirements as a whole.

Article

Cloud-Based Intelligence Aquisition and Processing for Crisis Management

Contemporary crisis management has to deal with complex socio-technical environments involving many interdependent elements. Many dependencies in such settings result in complex cascading processes that can have adverse effects on the population, environment, and economy.

Thesis

Secure Naming for Distributing Computing using the Condensed Graph Model

Implementing a distributed computation architecture has several basis functional requirements, such as load balancing, fault tolerance and security. The challenge is in how you manage these requirements as a whole. Security is a specific problem in that it is made up of a number of important aspects, such as confidentiality, integrity and availability. Each of these aspects is vital in a distributed system.One important aspect of security is access control. The central premise of this thesis is: “If you can name it, you can control access to it”.This dissertation examines the security requirements of the WebCom distributed computing environment and develops the security architecture for WebCom, primarily to provide a systematic access control mechanism for condensed graph applications.The flexibility of this architecture is demonstrated with a number of case studies, including a micropayment architecture for distributed computations, an automated administration architecture for Grid and an activity based secure workflow architecture.

T.B. Quillinan. Secure Naming for Distributing Computing using the Condensed Graph Model. Ph.D. Thesis. University College Cork, Cork, Ireland. July 2006.

Article

Cloud-Based Intelligence Aquisition and Processing for Crisis Management

Contemporary crisis management has to deal with complex socio-technical environments involving many interdependent elements. Many dependencies in such settings result in complex cascading processes that can have adverse effects on the population, environment, and economy. Adequate situation awareness and the capability to
predict the development of a crisis situation under different circumstances is a critical element of effective, and timely, crisis management and response.

de Oude, Patrick; Pavlin, Gregor;  Quillinan, Thomas; Jeraj, Julij, and Abouhafc, Abdelhaq. (2017). Cloud-Based Intelligence Aquisition and Processing for Crisis Management. 133-153. 10.1007/978-3-319-52419-1_9

List of publications T.B. Quillinan (pdf)
Projects
Publications