I am a postdoctoral researcher at New York University Abu Dhabi in
the CSP (Cyber Security & Privacy) lab of Christina Pöpper. I was previously affiliated with the DistriNet (Distributed Systems and Computer
Networks) group at KU Leuven in Belgium. I obtained my PhD at KU Leuven
in 2016 under supervision of Frank Piessens, and obtained my Master and Bachelor degree at Hasselt University in Belgium.
My PGP key fingerprint is 40FE C75D 8E27 439B 2FCF BFF9 D2F5 B295 95A9 87F5.
My main research interests are in network and system security, where I like to analyze the security of real-world systems over the full network stack. This often encompasses analyzing software security and applied cryptography aspects of systems. I especially focus on wireless protocols where I analyze the security of implementations, privacy properties of deployed protocols and systems, authentication and security protocols, denial of service attacks, and so on.
Recent PC Memberships
- 28th ACM Conference on Computer and Communications Security (CCS '21)
- 30th ACM The Web Conference (formerly WWW - TheWebConf '21)
- 16th ACM ASIA Conference on Computer and Communications Security (ASIA CCS '21)
- 5th IEEE European Symposium on Security and Privacy (Euro S&P '20)
- 13th ACM Conference on Security and Privacy in Wireless & Mobile Networks (WiSec '20)
- 29th ACM The Web Conference (formerly WWW - TheWebConf '20)
- 16th International Workshop on Security and Trust Management (STM '20)
- 17th SIG SIDAR Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA '20)
- 14th IARIA International Conference on Emerging Security Information, Systems and Technologies (SECURWARE '20)
- 4th IEEE European Symposium on Security and Privacy (Euro S&P '19)
- 12th ACM Conference on Security and Privacy in Wireless & Mobile Networks (WiSec '19)
- 15th Workshop on Security and Trust Management (STM '19)
- 12th USENIX Workshop on Offensive Technologies (USENIX WOOT '18)
Selected Academic Service
- Chair of the 3rd Workshop on Attacks in Cryptography (WAC '20), co-located with the CRYPTO conference.
- Chair of the Demo and Poster session at the 13th Conference on Security and Privacy in Wireless & Mobile Network (WiSec '20).
- Chaired sessions at the EuroS&P '20, WiSec '20, WiSec '19, and USENIX WOOT '18 conferences.
T. Van Goethem, C. Pöpper, W. Joosens, and M. Vanhoef. Timeless Timing Attacks: Exploiting Concurrency to Leak Secrets over Remote Connections. In USENIX Security Symposium, 2020. Presents a new paradigm to perform highly accurate remote timing attacks.
M. Vanhoef, P. Adhikari, and C. Pöpper. Protecting Wi-Fi Beacons from Outsider Forgeries. In 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2020. On the roadmap to become part of WPA3.
M. Vanhoef and E. Ronen. Dragonblood: Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd. In Proceedings of the IEEE Symposium on Security & Privacy (SP '20), 2020. Won the Best Cryptographic Attack Award (Pwnie) at Black Hat USA.
M. Vanhoef and F. Piessens. Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2. In Proceedings of the 24th ACM Conference on Computer and Communication Security (CCS 2017), 2017. Won the Real-World Impact Award at CCS and received the Industry Recognition Award from the Wi-Fi Alliance for outstanding research contributions
M. Vanhoef and F. Piessens. Advanced WiFi Attacks Using Commodity Hardware. In Annual Computer Security Applications Conference (ACSAC), 2014. The test-bed that this paper describes has been used in more than a dozen independent research projects.
See Publications for all other publications.