Network security

Today's networks are not strictly speaking "safe" places. New attacks on connected infrastructures are reported literally every day leading to loss of connectivity, reduced performance or violation of privacy. Moreover, while these attacks used to originate mostly from the Internet, nowadays however, the majority of them are performed by insiders, acting directly from within the network. The advent of the Internet-of-Things (IoT) obviously does not help — many of these devices have serious security vulnerabilities.

Our group investigates how we can build more secure networked systems by: (i) analyzing the effects of important attack vectors such as Internet routing attacks; and (ii) enabling the network itself to detect and mitigate insider attacks instead of relying purely on perimeter-based protection.



Bitcoin Routing Attacks


External funding

Armasuisse & Zurich Information Security and Privacy Center (ZISC)
 “Improving network security through programmability”


(Self) Driving Under the Influence: Intoxicating Adversarial Network Inputs

Roland Meier, Thomas Holterbach, Stephan Keck, Matthias Stähli, Vincent Lenders, Ankit Singla, Laurent Vanbever

ACM HotNets 2019. Princeton, NJ, USA (November 2019).

SABRE: Protecting Bitcoin against Routing Attacks

Maria Apostolaki, Gian Marti, Jan Müller, Laurent Vanbever

NDSS Symposium 2019. San Diego, CA, USA (February 2019).

NetHide: Secure and Practical Network Topology Obfuscation

Roland Meier, Petar Tsankov, Vincent Lenders, Laurent Vanbever, Martin Vechev

USENIX Security 2018. Baltimore, MD, USA (August 2018).

Screen Watermarking for Data Theft Investigation and Attribution

David Gugelmann, David Sommer, Vincent Lenders, Markus Happe, Laurent Vanbever

NATO CCD COE CyCon 2018. Tallinn, Estonia (May 2018).

FeedRank: A Tamper-resistant Method for the Ranking of Cyber Threat Intelligence Feeds

Roland Meier, Cornelia Scherrer, David Gugelmann, Vincent Lenders, Laurent Vanbever

NATO CCD COE CyCon 2018. Tallinn, Estonia (May 2018).

Unsupervised Detection of APT C&C Channels using Web Request Graphs

Pavlos Lamprakis, Ruggiero Dargenio, David Gugelmann, Vincent Lenders, Markus Happe, Laurent Vanbever

DIMVA 2017. Bonn, Germany (July 2017).

Hijacking Bitcoin: Routing Attacks on Cryptocurrencies.

Maria Apostolaki, Aviv Zohar, Laurent Vanbever

IEEE Symposium on Security and Privacy 2017. San Jose, CA, USA (May 2017).

iTAP: In-network Traffic Analysis Prevention Using Software-Defined Networks

Roland Meier, David Gugelmann, Laurent Vanbever

ACM SOSR 2017. Santa Clara, CA, USA (April 2017).

RAPTOR: Routing Attacks on Privacy in Tor.

Yixin Sun, Anne Edmundson, Laurent Vanbever, Oscar Li, Jennifer Rexford, Mung Chiang, Prateek Mittal

USENIX Security 2015. Washington, D. C. , USA (August 2015).

Anonymity on QuickSand: Using BGP to Compromise Tor.

Laurent Vanbever, Oscar Li, Jennifer Rexford, Prateek Mittal

ACM HotNets 2014. Los Angeles, CA, USA (October 2014).