dr. Pieter Robyns A photo of me.
A cyber security consultant and researcher

Hi, I'm Pieter. I am a cyber security consultant and researcher who is interested in wireless security, network security, privacy, machine learning, and cryptography. One of my main goals is to connect these worlds in order to discover new security issues and ways to mitigate them. Besides my work and research, I enjoy playing the guitar, producing electronic music, and spending time on my hobby projects.

pieter.robyns at outlook dot com
robyns.me

Selected projects

5GSniffer
c++
5G Sniffer

5GSniffer is a free and open-source 5G Physical Downlink Control Channel (PDCCH) blind decoder developed in collaboration with Northeastern University. The tool decodes the PDCCH of a specific 5G base station (gNB), which contains the Downlink Control Information (DCI). This reveals the Radio Network Temporary Identifiers (RNTIs) that are present in the cell, as well as other information enabling traffic analysis.

emma
python
ElectroMagnetic Mining Array

EMMA is a framework for capturing and attacking traces of electromagnetic radiation emitted by an electronic device, in order to obtain encryption keys or other sensitive data. It was used to attack a protected AES implementation in my paper published at CHES 2019.

gr-lora
python
c++
GNU Radio blocks for decoding LoRa signals

LoRa is a novel modulation scheme for low power, long range, and low bandwidth machine-to-machine communications that has recently gained popularity in the wireless community. The goal of the gr-lora project is to provide GNU Radio blocks that can decode these LoRa messages on the physical layer using Software Defined Radios (SDRs).

PEAPwn
python
A proof-of-concept implementation of the PEAP / LEAP relay attack

PEAPwn is a proof-of-concept implementation of the PEAP / LEAP relay attack introduced in my paper. It uses a modified version of wpa_supplicant to establish a PEAP or EAP-TTLS session with the target Authentication Server, and a Python script to exploit several vulnerabilities in iOS < 8 and the MSCHAPv2 protocol.

aggr-inject
python
A proof-of-concept for the A-MPDU PIP attack

Proof-of-concept of a remote frame injection vulnerability that was introduced in the 802.11n Wi-Fi standard and discussed in my paper. It is demonstrated how the A-MPDU aggregation mechanism can be exploited to perform a Packet-in-Packet (PIP) attack.

Other projects on my Github

Publications

Norbert Ludant, Pieter Robyns, Guevara Noubir. From 5G Sniffing to Harvesting Leakages of Privacy-Preserving Messengers. Proceedings of the 2023 IEEE Symposium on Security and Privacy (SP). San Francisco, CA, USA. DOI: https://doi.ieeecomputersociety.org/10.1109/SP46215.2023.00110. 2023.
Pieter Robyns, Mariano Di Martino, Dennis Giese, Wim Lamotte, Peter Quax, Guevara Noubir. Practical Operation Extraction from Electromagnetic Leakage for Side-Channel Analysis and Reverse Engineering. Proceedings of the 13th ACM Conference on Security & Privacy in Wireless and Mobile Networks. Linz (Virtual Event), Austria. DOI: https://doi.org/10.1145/3395351.3399362. 2020. [pdf]
Pieter Robyns. Ph. D. Thesis: Explicit and Implicit Information Leakage in Wireless Communication. Ph. D. thesis at Fonds voor Wetenschappelijk Onderzoek (1S14918N) and Hasselt University. Diepenbeek, Belgium. 2019. [pdf]
Mariano Di Martino, Pieter Robyns, Winnie Weyts, Peter Quax, Wim Lamotte, Ken Andries. Personal Information Leakage by Abusing the GDPR "Right of Access". Proceedings of the Fifteenth Symposium on Usable Privacy and Security (SOUPS). Santa Clara, CA, USA. 2019. [pdf]
Pieter Robyns, Peter Quax, Wim Lamotte. Improving CEMA using Correlation Optimization. IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES). Atlanta, USA. DOI: https://doi.org/10.13154/tches.v2019.i1.1-24. 2019 (1), 1-24. [pdf]
Mariano Di Martino, Pieter Robyns, Peter Quax, Wim Lamotte. IUPTIS: A Practical, Cache-resistant Fingerprinting Technique for Dynamic Webpages. Proceedings of the 14th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST. Seville, Spain. DOI: http://dx.doi.org/10.5220/0007226501020112. 2018. [pdf]
Pieter Robyns, Peter Quax, Wim Lamotte, William Thenaers. A Multi-Channel Software Decoder for the LoRa Modulation Scheme. Proceedings of the 3rd International Conference on Internet of Things, Big Data and Security. Madeira, Portugal. DOI: 10.5220/0006668400410051. 2018. [pdf]
Pieter Robyns, Eduard Marin, Wim Lamotte, Peter Quax, Dave Singelée and Bart Preneel. Physical-Layer Fingerprinting of LoRa devices using Supervised and Zero-Shot Learning. Proceedings of the 10th ACM Conference on Security & Privacy in Wireless and Mobile Networks. Boston, MA, USA. DOI: 10.1145/3098243.3098267. 2017. [pdf]
Pieter Robyns, Peter Quax, and Wim Lamotte. Opinion: PHY-Layer Security is no Alternative to Cryptography. Proceedings of the 10th ACM Conference on Security & Privacy in Wireless and Mobile Networks. Boston, MA, USA. DOI: 10.1145/3098243.3098271. 2017. [pdf]
Pieter Robyns, Bram Bonné, Peter Quax and Wim Lamotte. Non-cooperative 802.11 MAC layer fingerprinting and tracking of mobile devices, Security and Communication Networks. Hindawi. DOI: 10.1155/2037. 2017. [pdf]
Pieter Robyns, Bram Bonné, Peter Quax and Wim Lamotte. Assessing the Impact of 802.11 Vulnerabilities using Wicability. Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks. Darmstadt, Germany. 2016. [pdf] [poster]
Pieter Robyns, Peter Quax and Wim Lamotte. Injection Attacks on 802.11n MAC Frame Aggregation. Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks. New York, NY, USA. 2015. [pdf] [errata]
Pieter Robyns, Bram Bonné, Peter Quax and Wim Lamotte. Short Paper: Exploiting WPA2-enterprise Vendor Implementation Weaknesses Through Challenge Response Oracles. Proceedings of the 2014 ACM Conference on Security and Privacy in Wireless & Mobile Networks. Oxford, United Kingdom. 2014. [pdf]
Pieter Robyns. Master's Thesis: Wireless Network Privacy. Master's thesis at Hasselt University. Diepenbeek, Belgium. 2014. [pdf]

Certifications

GIAC Security Essentials Certification (GSEC)GIAC Certified Incident Handler (GCIH)GIAC Assessing and Auditing Wireless Networks (GAWN)GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)GIAC Mobile Device Security Analyst (GMOB)
GIAC Certified Intrusion Analyst (GCIA)GIAC Assessing and Auditing Wireless Networks (GAWN)

Experience

Hasselt University
Visiting professor (part-time)
Since July, 2024 (current)

Guiding students during their master's thesis and co-teaching the following courses at Hasselt University as visiting professor:

  • 4555 Basics of Network Security
  • 4556 Advanced Topics in Networking and Security
    Cyber security consultant
    Since June, 2020 (current)
    1. Working as a GIAC-certified consultant in the cyber security domain on projects involving Wi-Fi and 4G/5G wireless security, reverse engineering, penetration testing, education and training, web security, secure application development, and red teaming.
    2. Performing cyber security research as a guest research fellow at Hasselt University.
      FWO
      PhD fellow at Research Foundation Flanders (FWO) and Hasselt University
      Since January, 2016
      1. Performed research related to computer security and privacy with a focus on wireless security, machine learning, software defined radio, side channel attacks, and embedded security under the FWO Strategic Basic Research (SBO) grant.
      2. Published and presented papers in several reputed international conferences and academic journals, such as ACM WiSec, CHES, IoT BDS, Security and Communication Networks, and SOUPS. Some of these works were also presented at non-academic conferences, such as FOSDEM 2018 and FOSDEM 2019.
      3. Reviewed academic works of others for the IEEE Internet of Things Journal and the ACM WiSec poster sessions.
      4. Assisted in the creation and teaching of cyber security related courses at Hasselt University, and guiding students during their course projects, lab assignments, bachelor's thesis, and master's thesis.
      5. Published all of my research and code to the public domain, resulting in over 15 new open-source projects and 3 open datasets on Github.
      Hasselt University
      PhD student at Hasselt University
      September, 2014 - December, 2015
      1. Extended master thesis to look for vulnerabilities in 802.1X EAP methods (WPA2-Enterprise) and other authentication protocols, such as WPS.
      2. Researched privacy related weaknesses in the 802.11 (Wi-Fi) standard, including amendments such as 802.11n, 802.11ac, 802.11u, and others.
      3. Participated in several Coursera courses, and performed a broad literature study of digital signal processing with SDRs (using GNU Radio), the GSM protocol, and machine learning.
      4. Assisted in guiding students during their course projects, lab assignments and thesis.
      Hasselt University
      Job student at Hasselt University
      August, 2014

      Performed an audit of the security of uhasselt.be for all publicly accessible pages and pages accessible by students. Topics covered include the discovery of hidden content, security of client side controls (SQLi, XSS, LDAP injection, ...), password and authentication security, random number generator entropy analysis, multi-stage form security, session management, access controls, and basic server application security.

      CERN
      Summer student at CERN
      July, 2013 - September, 2013
      1. Developed manageability tools for EOS, a multi petabyte disk storage system used by physicists of all 4 LHC experiments.
      2. EOS quota visualization using Google Chart API and Python.
      3. EOS permission check: syntax checking of ACL attributes and correcting dangerous permissions by analyzing large metadata files (~5 GB).
      4. Hadoop file history view, 'grep-like' search and long term log file archival (~50 GB).

      A report can be found here (pdf).

      Education

      Hasselt University
      Hasselt University
      2014 - 2020

      Ph. D. degree, Doctor of Science, with congratulations of the jury

      Ph. D. thesis: Explicit and Implicit Information Leakage in Wireless Communication

      Hasselt University
      Hasselt University
      2012 - 2014

      Master's degree, Computer Science: Multimedia, Magna Cum Laude

      Master's thesis: Wireless Network Privacy

      Hasselt University
      Hasselt University
      2009 - 2012

      Bachelor's degree, Information and Communications Technology (ICT), Cum Laude

      Bachelor's thesis: Latency Hiding in Networked Virtual Environments (Dutch)

      Teaching

      • Advanced Topics in Network Security (3490)
        [study guide]
      • Basics of Network Security (3489)
        [study guide]
      • Security and computer networks (2178)
        [study guide]
      • Students
        • Mariano Di Martino, Social Profiling of Users through Information Leakages, Master's thesis, 2018
        • Jef Timmermans, Locally Secured Cloud Backup, Bachelor's thesis, 2016
        • Rick Habets, Bots in the Beehive, Bachelor's thesis, 2015

      Honors and awards

      • WiSec poster session chair (2020)
        Served as a poster session chair at the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks.
      • IoTBDS session chair (2018)
        Served as a session chair at the 3rd International Conference on Internet of Things, Big Data and Security.
      • BELCLIV Award for best thesis in ICT security (2014)
        Award granted by BELCLIV for my Master's thesis 'Wireless Network Privacy'. BELCLIV is an organisation that promotes initiatives which aim to improve information and network security.
      • Master Award for Computer Science (2013)
        A yearly award given by Hasselt University to a student with admirable achievements.

      Press

      Miscellaneous

      Languages

      Natural languages

      Dutch
      Native
      English
      Excellent
      French
      Average
      German
      Basic

      Programming languages

      Excellent knowledge of

      Python
      C
      C++

      Very good knowledge of

      Java
      Javascript
      HTML
      CSS
      SQL
      C#
      LaTeX

      Average knowledge of

      Rust
      Kotlin
      PHP
      Matlab

      Basic knowledge of

      Bash
      Verilog
      Actionscript

      Social

      • In 2011 - 2012 I was president of the student organization 'Filii Lamberti', which organizes events for students such as the 'Intro TD', 'Filii Comedy Night', 'Jungle Love TD', and a debate at the university featuring speakers from IBM.
      • During my time as a student at Hasselt University, I was a member of the student council. It was our task to provide feedback to the university staff about the quality of courses, infrastructure, and exams.