I’m full professor of Data-Driven Internet Security in the Design and Analysis of Communication Systems (DACS) group at the Faculty of Electrical Engineering, Maths and Computer Science (EEMCS) at the University of Twente.

My research focuses on defending the Internet against malicious activity and on strengthening the security and resilience of the Internet by improving protocols and operations, and the deployment of new security protocols and mechanisms. I use an empirical approach to these challenges by performing global Internet-scale passive and active measurements.

Expertise

  • Computer Science

    • Domain Name System
    • Internet
    • Domains
    • Attack
    • Service
    • Public Key Infrastructure
    • Distributed Denial of Service Attack
    • Denial of Service Attack

Organisations

Ancillary activities

  • Stichting NLnet LabsScientific Advisor
  • IPNSecretary IPN Equity, Diversity and Inclusion Working Group

My research focuses on defending the Internet against malicious activity and on strengthening the security and resilience of the Internet by improving protocols and operations, and the deployment of new security protocols and mechanisms. I use an empirical approach to these challenges by performing global Internet-scale passive and active measurements.

I currently have two particular areas of interest:

  • The Domain Name System (DNS) – after IP, DNS is the most critical protocol on the Internet, without which the Internet effectively stops working for most users. I explore the security of the DNS using large scale measurements and statistical analysis, for instance studying the effects of the deployment of the DNS Security Extensions (DNSSEC), both in the positive (added security) and the negative (larger potential for abuse in DDoS attacks) sense. DNS also plays an important role in other security issues on the Internet, such as botnets, phishing and malware.
  • Routing Security (RPKI) – much like other early core protocols of the Internet, the interdomain routing protocol BGP was not designed with security in mind. The Resource Public Key Infrastructure (RPKI) aims to remedy this by allowing resource holders to manage authorizations for their resources. Apart from having an interest in the gradual deployment of this technology on the global Internet, I am also interested in studying new applications that further enhance the security of the routing ecosystem.

My research is supported by SURF, the collaborative organisation for ICT in Dutch higher education and research, by the Netherlands Organisation for Scientific Research (NWO), by SIDN Fonds and by European Commission Framework Project grants.

Publications

2024
Exploring the Benefit of Path Plausibility Algorithms in BGPIn Proceedings of the 2024 Network Operations and Management Symposium (NOMS 2024). IFIP (Accepted/In press). Rodday, N. M., Dreo Rodosek, G., Pras, A. & van Rijswijk - Deij, R. M.ERAFL: Efficient Resource Allocation for Federated Learning Training in Smart Homes (Accepted/In press). Rezaei, T., Bayhan, S., Continella, A. & van Rijswijk - Deij, R. M.
2023
Your Vulnerability Disclosure Is Important To Us: An Analysis of Coordinated Vulnerability Disclosure Responses Using a Real Security Issue (Submitted). van Hove, K., van der Ham, J. & van Rijswijk - Deij, R. M.https://doi.org/10.48550/arXiv.2312.07284Advancing in Reverse: A Comprehensive Characterization of IN-ADDR. ARPA DeploymentIn AINTEC '23: Proceedings of the 18th Asian Internet Engineering Conference (pp. 37-45). Association for Computing Machinery. Arouna, A., Livadariu, I., van Rijswijk-Deij, R. M. & Jonker, M.https://doi.org/10.1145/3630590.3630595rpkiller: Threat Analysis of the BGP Resource Public Key InfrastructureDigital Threats, 4(4), Article 58, 1-24. Hove, K. v., Vos, J. v. d. H.-d. & Rijswijk-Deij, R. v.https://doi.org/10.1145/3617182Anycast in the age of hypergiants: Towards tools and techniques for the other 99% of ASes. University of Twente. Bertholdo, L.https://doi.org/10.3990/1.9789036557320Everything in Its Right Place: Improving DNS resilience. University of Twente. Sommese, R.https://doi.org/10.3990/1.9789036556699Stranger VPNs: Investigating the Geo-Unblocking Capabilities of Commercial VPN ProvidersIn Passive and Active Measurement: 24th International Conference, PAM 2023, Virtual Event, March 21–23, 2023, Proceedings (pp. 46-68). Khan, E., Sperotto, A., Ham, J. v. d. & Rijswijk-Deij, R. v.https://doi.org/10.1007/978-3-031-28486-1_3An Anycast Federation for DNS Resolvers. Bertholdo, L. M., Holz, R., van Rijswijk - Deij, R. M., Granville, L. Z. & Hesselman, C. E. W.https://ant.isi.edu/events/dinr2023/program.html
2022
On the Asymmetry of Internet eXchange Points - Why Should IXPs and CDNs Care?In 18th International Conference on Network and Service Management. Bertholdo, L., Ferreira, S. L. A., Ceron, J. M., Holz, R., Granville, L. Z. & van Rijswijk - Deij, R. M.

Research profiles

In the bachelor, I'm on the teaching team for the High-Tech Human Touch minor on Cybersecurity and Cybercrime, in which I teach the basics of Privacy and Information Security. In the master I teach courses on Internetworking, such as Internet Measurements and Advanced Networking.

I also regularly supervise bachelor and master theses, if you're looking for a topic feel free to contact me or drop by my office. I have an extensive network in industry, both in the Netherlands and abroad, so if you're looking for an internship assignment or an external master topic you can also contact me.

Affiliated study programs

Courses academic year 2023/2024

Courses in the current academic year are added at the moment they are finalised in the Osiris system. Therefore it is possible that the list is not yet complete for the whole academic year.

Courses academic year 2022/2023

Address

University of Twente

Zilverling (building no. 11), room 5061
Hallenweg 19
7522 NH Enschede
Netherlands

Navigate to location

Organisations

Scan the QR code or
Download vCard