Selected Publications

For a list of all my publications, click here, or visit my Google Scholar profile.

In Proceedings of the 29th USENIX Security Symposium (USENIX Security ‘20), Boston, MA, USA, 12-14 August, 2020.

In proceedings of the ACM Internet Measurement Conference 2019 (IMC 2019), Amsterdam, The Netherlands, 21-23 October, 2019.

This paper discusses a comprehensive study of the 20172018 rollover of the DNSSEC Root Key Signing Key.
In proceedings of the ACM Internet Measurement Conference 2019 (IMC 2019), Amsterdam, The Netherlands, 21-23 October, 2019.

Snowshoe spam is a notoriously hard to detect form of spam e-mail. Senders of this type of spam spread the load of sending mail over tens or hundreds of hosts, in order to remain below the detection radar of classic spam blacklists. In this paper, we show how we can leverage active DNS measurements combined with machine learning to detect domains crafted for snowshoe spam. Our results show that we can detect snowshoe spam domains up to 180 days earlier than they appear on existing blacklists.
In Proceedings of IEEE/IFIP Network Operations and Management Symposium (NOMS 2018), Taipei, Taiwan, 23-27 April, 2018.

In this paper we study the role of domain name registrars in deployment of the Domain Name System Security Extensions (DNSSEC). We find a number of significant hurdles to deployment of DNSSEC as a consequence of a general lack of implementation at large registrars or poor implementation choices at those registrars that do support DNSSEC.
In ACM Internet Measurement Conference 2017 (IMC 2017), London, United Kingdom, 1-3 November, 2017.

This paper provides an end-to-end view of the state of the DNSSEC ecosystem. It covers both DNSSEC-signed domains and a survey of DNSSEC validation by DNS resolvers. The paper paints a bleak picture of the state of DNSSEC deployment, with just over 1% of domains in .com, .net and .org signed and just over 12% of the observed DNS resolvers correctly validating DNSSEC signatures.
In Proceedings of the 26th USENIX Security Symposium (USENIX Security ‘17), Vancouver, BC, Canada, 16-18 August, 2017.

In this work, we study the impact of a switch to elliptic curve cryptography on the performance of DNSSEC-validating DNS resolvers.
In IEEE/ACM Transactions on Networking, Volume 25, Issue 2, April, 2017.

In this paper we present OpenINTEL: a large-scale high-performance active measurement infrastructure for the DNS.
In IEEE Journal on Selected Areas in Communications (JSAC), Volume 34, Issue 7, May, 2016.

This paper establishes ground truth for the amplification attack potential in 70% of all DNSSEC-signed domains. The paper demonstrates that DNSSEC-signed domains have an average amplification factor that is 6 to 12 times higher than that of unsigned domains.
In Proceedings of the ACM Internet Measurement Conference 2014 (IMC 2014), Vancouver, BC, Canada, 5-7 November, 2014.


Ph.D. Candidates


I supervise the following Ph.D. candidates in our group:

All Ph.D. candidates I supervise are advised by prof. dr. ir. Aiko Pras


  • Wouter B. de Vries (2019)thesis

Master Students


  • Etiënne Khan (University of Twente) – co-supervising with dr. Anna Sperotto
  • Lucas de Vries (University of Twente) – on Detecting Malicious DNS-over-HTTPS traffic (at TNO)
  • Christian Scholten (University of Twente) – on High-interaction IoT Honeypots (at SIDN Labs)
  • Eric Lanfer (Universität Osnabrück) – on Improving Distance Estimation in Contact-tracing Applications (co-supervising, first supervisor Dr. Nils Aschenbruck)


  • Caspar Schutijser (2018)thesis
  • Gijs Rijnders (2018)thesis
  • Olivier van der Toorn (2017, co-supervisor)paper
  • Tho Le (2017)thesis
  • Romanos Dodopoulos (2015)thesis
  • Kaspar Hageman (2015)thesis
  • Sean Rijs (2014)report
  • Gijs van den Broek (2012)paper
  • Niels Monen (2011)report
  • Boudewijn Ector (2009)thesis (in Dutch)

Bachelor Students


I am currently not supervising any bachelor students. If you are a bachelor student enrolled in the CS, EE or BIT curriculum at the University of Twente and looking for a bachelor assignment, contact me, or pass by my office.


  • Anja Scherjon (2020)thesis
  • Bjorn Oude Roelink (2020)thesis
  • Jorik van Nielen (2020) – thesis
  • J.J. Yu (2017)thesis
  • Breus Blaauwendraad (2017)thesis (best paper in track)
  • Eva van den Eijnden (2017)thesis
  • Jeroen Vollenbrock (2016)thesis (best paper in track)
  • Remy Bien (2014)thesis (in Dutch)


  • Zilverling room 5098, University of Twente, Enschede, NL
  • Thursday and Friday 9:00h-16:00h (email for appointment)