Check out our new article in the European Cyber Security Perspectives 2020!
The European Cyber Security Perspectives is a partnership of the Dutch National Police, the Dutch National Cyber Security Centre and a number of companies including KPN. The purpose of the report is to collaborate between the parties and share essential cybersecurity knowledge.
![]() |
![]() |
We have setup our Startup AnalyzeData to further develop the Eventpad technology and to make data analysis more accessible to companies.
Check out awards, grants, and traction.
![]() |
![]() |
My Thesis Interactive Visualization of Event Logs for Cybersecurity has won an Honorable mention for the Gerrit van Dijk prijs 2019!!!
Check out the article.
![]() |
![]() |
My Thesis is nominated for the TU/e Academic awards 2019!
The thesis is chosen as the best PhD thesis of Mathematics and Computer Science department
Check out the article.
![]() |
![]() |
Check out my dissertation on Interactive Visualization of Events Logs for Cybersecurity.
![]() |
![]() |
Eventpad is fighting Ransomware
Check out my talk at VizSec 2018!
Eventpad: Rapid Malware Analysis and Reverse Engineering using Visual Analytics
![]() |
![]() |
5 countries, 22 startups, 1 best paper. EventPad has won the best 2-pager award at the European Venture Program 2018! Read more about the program here
![]() |
![]() |
EventPad is published in the European Cyber Security Perspectives 2018!
The European Cyber Security Perspectives is a partnership of the Dutch National Police, the Dutch National Cyber Security Centre and a number of companies including KPN. The purpose of the report is to collaborate between the parties and share essential cybersecurity knowledge.
![]() |
![]() |
EventPad strikes again! Eventpad won the ICTOpen 2018 award for Best Demo and Technology
The Dutch Scientific Institute NWO announced Eventpad as the most impactful Dutch technology for ICT environments and industries of 2018!
|
![]() |
EventPad has won the VAST Challenge 2017 award for Elegant Support For Hypothesis Generation and Testing!
Exploring Lekagul Sensor Events using Rules, Aggregations, and Selections
![]() |
![]() |
Check out my talk at SHA 2017!
Network Traffic Analysis using Deep Packet Inspection and Data Visualization
Eventpad: the Sublime editor for network traffic
![]() |
![]() |
or download the video here
Check out the demo of my new system EventPad
![]() |
![]() |
Check out the EventPad website for demos and downloads Eventpad
Also check the fastForward presentation and preview video
Check out my talk at VizSec 2016!
Understanding the Context of Network Traffic Alerts
![]() |
![]() |
Check out the reactions on Twitter!
Introduction |
---|
I'm Bram and I am a computer scientist from Eindhoven University of Technology. Ever since I was little, I have been fascinated about the functioning and actuation of electronic devices. I love to puzzle on mathematical problems and try to come up with a creative solution. My interests are in particular in the area of data visualization, information systems, formal system analysis, and language engineering. Currently, I have finished my PhD in the area of data visualization and co-founder of the startup AnalyzeData to assist companies in better understanding and processing their data Besides my academic career, I work as a freelancer in the area of web design and (integration of) information systems. Occasionally, I provide training material and consult third parties about software development and process automation. When I am back at home, I love to watch a movie and hang out with my friends. My hobbies are drawing, playing music, and modeling. |
Research |
---|
The main research question for my PhD project SpySpot is: ``How can we use visualization techniques to detect (or aid in the detection of) cyber espionage and targeted malware in computer networks using deep packet inspection and automated anomaly detection techniques?''’ ![]() One of the main challenges in the area of network traffic analysis is how to detect when a network is being exploited (e.g., cyber espionage, exfiltration, targeted malware). Especially for critical infrastructures (such as power plants), hackers nowadays are willing to design complex viruses to maximize the damage in one specific infrastructure. The main difficulty with Advanced Persistent Threats (APTs) is the involvement of domain knowledge such that their traffic can no longer be distinguished from regular activity by simple inspection of high level properties (e.g., message length and destination address). Current methods focus on the analysis of these properties, since in practice they have shown to be sufficient for the discovery of traditional attacks (e.g., buffer overflows, DDOS attacks). The fact that these techniques consider traffic content as a black box makes them unaware of anomalies at the level of semantics. The goal of SpySpot is to combine anomaly based deep packet inspection with visualization to lay the basis of a new generation of security monitoring tools that are suitable to detect advanced persistent threats. The analysis part enables the system to automatically “spot” anomalous behavior in network traffic whereas visualization enables the user to gain insight in these alerts and allow them to act accordingly. The motivation for visualizing network traffic is three-fold:
|
Teaching (Instructor) |
---|
2IP90 2016: Programming |
2IPG0 2015: Introduction to object-oriented programming |
2IPG0 2014: Introduction to object-oriented programming |
Dissertation: | |
---|---|
Check out my dissertation on Interactive Visualization of Events Logs for Cybersecurity. | |
![]() | |
Chapter 3 | Chapter 4 |
Chapter 5 | Chapter 6 |
Chapter 7 | |
Cool stuff: |
---|