Nele Mentens

Nele Mentens
Wetenschapspark 27 - box 15152
3590 Diepenbeek
Belgium
room: 01.T109

tel: +32 11 18 03 00 - +32 11 75 17 62
contact

Research

  • configurable computing for security applications
  • security in constrained environments
  • high-speed network intrusion detection using FPGAs

 

Biography


Nele Mentens is a professor at Leiden University and KU Leuven. Her research interests are in the field of configurable computing and hardware security. She was/is the PI in around 25 finished and ongoing research projects with national and international funding. She serves/served as a program committee member of renowned international conferences on security and hardware design. She was the general co-chair of FPL'17 and she was/is the program chair of FPL'20, CARDIS'20, RAW'21, VLSID'22 and DDECS'23. She is (co-)author in around 150 publications in international journals, conferences and books. She received best paper awards and nominations at CHES'19, Asian HOST'17 and DATE'16. Nele serves as an associate editor for IEEE TIFS, IEEE CAS Magazine, IEEE S&P, and IEEE TCAD.
 

  • Industrial Engineering (electronics): Katholieke Hogeschool Limburg (KHLim), 1996-2000
  • Research assistant at KHLim: 2000-2001
  • Master in Electrical Engineering (micro-electronics): KU Leuven, 2001-2003
  • Master thesis: “Power and timing analysis of elliptic curve based cryptosystems”, June 2003
  • Part-time teaching assistant at KHLim: 2001-2007
  • Ph.D. researcher at COSIC: 2003-2007
  • Ph.D. thesis: “Secure and efficient coprocessor design for cryptographic applications on FPGAs”, KU Leuven, June 2007
  • Assistant professor at KHLim + post-doctoral researcher at COSIC: 2007-2014
  • Research visitor at Ruhr University Bochum, Germany: October – December 2013
  • Research visitor at EPFL, Switzerland: January – April 2017
  • Associate professor at KU Leuven: 2014-ongoing
  • Professor at Leiden University: 2020 - ongoing

 

query=user:U0043861 year:[2005 TO 2025] &institution=lirias&from=1&step=20&sort=scdate
showing 1 to 20 of 168
Items per page 10 |20 |50
Sort newest first |author |title |popularity
Type all | articles | presentations | conferences | chapters | other | reports | phd theses | book reviews | books | outreach | edited books | invited lectures
1/9
  • journal-article
    Singh, Satwant;Marin, Carlos EM;Liang, Yun Eric;Chen, Yao;Mentens, Nele;Nijssen, Raymond; 2024. Introduction to the Special Issue on FPGA-based Embedded Systems for Industrial and IoT Applications. Acm Transactions On Reconfigurable Technology And Systems; 2024; Vol. 17; iss. 4
    LIRIAS4207122
    description

    Publisher: Association for Computing Machinery
    Published
  • journal-article
    Hassan, Mujtaba;Sateesan, Arish;Vliegen, Jo;Picek, Stjepan;Mentens, Nele; 2024. A Genetic Programming approach for hardware-oriented hash functions for network security applications. Applied Soft Computing; 2024; Vol. 165
    LIRIAS4180832
    description

    Publisher: Elsevier
    Published
  • journal-article
    Sateesan, Arish;Vliegen, Jo;Scherrer, Simon;Hsiao, Hsu-Chun;Perrig, Adrian;Mentens, Nele; 2024. SPArch: A Hardware-oriented Sketch-based Architecture for High-speed Network Flow Measurements. Acm Transactions On Privacy And Security; 2024; Vol. 27; iss. 4; pp. 1 - 34
    LIRIAS4171008
    description
    Network flow measurement is an integral part of modern high-speed applications for network security and data-stream processing. However, processing at line rate while maintaining the required data structure within the on-chip memory of the hardware platform is a challenging task for measurement algorithms, especially when accuracy is of primary importance, such as in network security applications. Most of the existing measurement algorithms are no exception to such issues when deployed in high-speed networking environments and are also not tailored for efficient hardware implementation. Sketch-based measurement algorithms minimize the memory requirement and are suitable for high-speed networks but possess a low memory-accuracy trade-off and lack the versatility of individual flow mapping. To address these challenges, we present a hardware-friendly data structure named Sketch-based Pseudo-associative array Architecture (SPArch). SPArch is highly accurate and extremely memory-efficient, making it suitable for network flow measurement and security applications. The parallelism in SPArch ensures minimal and constant memory access cycles. Unlike other sketch architectures, SPArch provides the functionality of individual flow mapping similar to associative arrays, and the optimized version of SPArch allows the organization of counters in multiple buckets based on the flow sizes. An in-depth analysis of SPArch is carried out in this paper and implemented SPArch on the Alveo data center accelerator card, demonstrating its suitability for high-speed networks.
    Publisher: Association for Computing Machinery
    Published
  • journal-article
    Remmerswaal, Mick GD;Wu, Lichao;Tiran, Sebastien;Mentens, Nele; 2024. AutoPOI: automated points of interest selection for side-channel analysis. Journal of Cryptographic Engineering; 2024; Vol. 14; iss. 3; pp. 463 - 474
    LIRIAS4097376
    description

    Publisher: Springer Verlag
    Published
  • journal-article
    Qu, Gang;Mukhopadhyay, Debdeep;Mentens, Nele;Liu, Weiqiang; 2024. Special Section on Emerging Topics in Hardware Computing Systems Security. Ieee Transactions On Emerging Topics In Computing; 2024; Vol. 12; iss. 2; pp. 482 - 482
    LIRIAS4165086
    description

    Publisher: Institute of Electrical and Electronics Engineers
    Published
  • journal-article
    Mentens, Nele; 2024. Hardware Security in the Era of Emerging Device and System Technologies. Ieee Security & Privacy; 2024; Vol. 22; iss. 3; pp. 4 - 6
    LIRIAS4162912
    description

    Publisher: Institute of Electrical and Electronics Engineers
    Published
  • thesis-dissertation
    Sateesan, Arish; 2024. FPGA design for large flow detection in high-speed networks.
    LIRIAS4130489
    description
    This project concentrates on the acceleration of large flow detection algorithms using configurable hardware. On the one hand, existing algorithms will be considered, which are effective and efficient for the detection of very large data flows, with a bandwidth that is, e.g., 100x larger than the allowed bandwidth. On the other hand, an algorithm-architecture co-design approach will be followed to develop novel algorithms and implementations for data flows that only exceed the allowed bandwidth to a limited extent. The goal is to integrate the configurable hardware in network devices and demonstrate efficient and effective protection against large flow network attacks.

    Published
  • conference
    Braeken, An;da Silva, Bruno;Segers, Laurent;Knoedtel, Johannes;Reichenbach, Marc;Wulf, Cornelia;Pertuz, Sergio;Goehringer, Diana;Vliegen, Jo;Rabbani, Md Masoom;Mentens, Nele; 2024. Trusted Computing Architectures for IoT Devices. APPLIED RECONFIGURABLE COMPUTING. ARCHITECTURES, TOOLS, AND APPLICATIONS, ARC 2024; 2024; Vol. 14553; pp. 241 - 254 Publisher: Springer Verlag
    LIRIAS4162703
    description


    Published
  • conference
    Vliegen, Jo;Rabbani, Masoom;Hellemans, Wouter;Mentens, nele; 2024. HAGAR: Hashgraph-based Aggregated Communication and Remote Attestation. Proceedings of the 21st ACM International Conference on Computing Frontiers Workshops and Special Sessions; 2024; pp. 10 - 16 Publisher: ACM
    LIRIAS4152130
    description


    Published online
  • conference
    Adhikary, Asmita;Basurto, Abraham;Batina, Lejla;Buhan, Ileana;Daemen, Joan;Mella, Silvia;Mentens, Nele;Picek, Stjepan;Ramachandran, Durga Lakshmi;Sajadi, Abolfazl;Stefanov, Todor;Vermoen, Dennis;Zidaric, Nusa; 2024. PROACT - Physical Attack Resistance of Cryptographic Algorithms and Circuits with Reduced Time to Market. APPLIED RECONFIGURABLE COMPUTING. ARCHITECTURES, TOOLS, AND APPLICATIONS, ARC 2024; 2024; Vol. 14553; pp. 255 - 266 Publisher: Springer Verlag
    LIRIAS4169317
    description


    Published
  • conference
    Baron, Alex;Le Jeune, Laurens;Hellemans, Wouter;Rabbani, Md Masoom;Mentens, Nele; 2024. Evaluation of Lightweight Machine Learning-Based NIDS Techniques for Industrial IoT. APPLIED CRYPTOGRAPHY AND NETWORK SECURITY WORKSHOPS, PT I, ACNS 2024-AIBLOCK 2024, AIHWS 2024, AIOTS 2024, SCI 2024, AAC 2024, SIMLA 2024, LLE 2024, AND CIMSS 2024; 2024; Vol. 14586; pp. 246 - 264 Publisher: Springer Verlag
    LIRIAS4185560
    description


    Published
  • conference
    Hassan, Mujtaba;Vliegen, Jo;Picek, Stjepan;Mentens, Nele; 2024. A Systematic Exploration of Evolutionary Computation for the Design of Hardware-oriented Non-cryptographic Hash Functions. PROCEEDINGS OF THE 2024 GENETIC AND EVOLUTIONARY COMPUTATION CONFERENCE, GECCO 2024; 2024; pp. 1255 - 1263 Publisher: ASSOC COMPUTING MACHINERY
    LIRIAS4212029
    description


    Published
  • conference
    Rizi, Mahnaz Namazi;Zidaric, Nusa;Batina, Lejla;Mentens, Nele; 2024. Optimised AES with RISC-V Vector Extensions. 2024 27TH INTERNATIONAL SYMPOSIUM ON DESIGN & DIAGNOSTICS OF ELECTRONIC CIRCUITS & SYSTEMS, DDECS; 2024; pp. 57 - 60 Publisher: IEEE
    LIRIAS4166850
    description


    Published
  • conference
    Sajadi, Abolfazl;Zidaric, Nusa;Stefanov, Todor;Mentens, Nele; 2024. A Systematic Comparison of Side-channel Countermeasures for RISC-V-based SoCs. 2024 IEEE NORDIC CIRCUITS AND SYSTEMS CONFERENCE, NORCAS; 2024 Publisher: IEEE
    LIRIAS4229430
    description


    Published
  • thesis-dissertation
    Le Jeune, Laurens; 2023. Machine Learning for Network Intrusion Detection on FPGA.
    LIRIAS4120937
    description
    Network intrusion detection refers to the monitoring and detection of malicious network activity leading to an attack or unauthorized access to network-connected resources. While an intrusion detection system can identify known attacks, it is a big challenge to detect new or unknown attacks. Furthermore, attackers aim at bypassing intrusion detection systems by adapting their attack strategy to commonly known detection mechanisms. In this project, we will apply machine learning techniques to detect both known and unknown attacks. FPGAs are increasingly used in commercial network routers and switches to process the received and transmitted data. The benefits of using FPGAs over general-purpose processors are the large amount of input/output pins and the parallel computing capabilities. In this project, we will embed machine learning algorithms on FPGA-based Systems-on-Chip for the purpose of network intrusion detection.​

    Published
  • preprint
    Scherrer, Simon;Vliegen, Jo;Sateesan, Arish;Hsiao, Hsu-Chun;Mentens, Nele;Perrig, Adrian; 2023. ALBUS: a Probabilistic Monitoring Algorithm to Counter Burst-Flood Attacks. arXiv; 2023
    LIRIAS4126672
    description
    Modern DDoS defense systems rely on probabilistic monitoring algorithms to identify flows that exceed a volume threshold and should thus be penalized. Commonly, classic sketch algorithms are considered sufficiently accurate for usage in DDoS defense. However, as we show in this paper, these algorithms achieve poor detection accuracy under burst-flood attacks, i.e., volumetric DDoS attacks composed of a swarm of medium-rate sub-second traffic bursts. Under this challenging attack pattern, traditional sketch algorithms can only detect a high share of the attack bursts by incurring a large number of false positives. In this paper, we present ALBUS, a probabilistic monitoring algorithm that overcomes the inherent limitations of previous schemes: ALBUS is highly effective at detecting large bursts while reporting no legitimate flows, and therefore improves on prior work regarding both recall and precision. Besides improving accuracy, ALBUS scales to high traffic rates, which we demonstrate with an FPGA implementation, and is suitable for programmable switches, which we showcase with a P4 implementation..

  • journal-article
    Dushku, Edlira;Rabbani, Md Masoom;Vliegen, Jo;Braeken, An;Mentens, Nele; 2023. PROVE: Provable remote attestation for public verifiability. Journal Of Information Security And Applications; 2023; Vol. 75
    LIRIAS4091542
    description

    Publisher: Elsevier
    Published
  • journal-article
    Jaeger, Trent;Kang, Brent ByungHoon;Mentens, Nele;Sturton, Cynthia; 2023. Impact of Emerging Hardware on Security and Privacy. Ieee Security & Privacy; 2023; Vol. 21; iss. 3; pp. 6 - 7
    LIRIAS4089286
    description

    Publisher: Institute of Electrical and Electronics Engineers
    Published
  • conference
    Hassan, Mujtaba;Sateesan, Arish;Vliegen, Jo;Picek, Stjepan;Mentens, Nele; 2023. Evolving Non-cryptographic Hash Functions Using Genetic Programming for High-speed Lookups in Network Security Applications. Lecture Notes in Computer Science; 2023; Vol. 13989; pp. 302 - 318 Publisher: Springer Cham
    LIRIAS4081816
    description
    Non-cryptographic (NC) hash functions are the core part of many networking and security applications such as traffic flow monitoring and deep packet inspection. For these applications, speed is more important than strong cryptographic properties. In Terabit Ethernet networks, the speed of the hash functions can have a significant impact on the overall performance of the system when it is required to process the packets at a line rate. Hence, improving the speed of hash functions can have a significant impact on the overall performance of such architectures. Designing a good hash function is a challenging task because of the highly non-linear and complex relationship between input and output variables. Techniques based on Evolutionary Computation (EC) excel in addressing such challenges. In this paper, we propose novel fast non-cryptographic hash functions using genetic programming, and we call the resulting hash functions the GPNCH (Genetic Programming-based Non-Cryptographic Hash) family. We choose to employ avalanche metrics as a fitness function because the networking and security applications we consider require hash functions to be uniform and independent. We evaluate the performance of GPNCH functions on FPGA and compare the delay, throughput, and resource occupation with the state-of-the-art NC hash functions that satisfy the avalanche criteria. We show that GPNCH functions outperform the other algorithms in terms of latency, operating frequency, and throughput at the modest cost of hardware resources.

    Published online
  • journal-article
    Sateesan, Arish;Biesmans, Jelle;Claesen, Thomas;Vliegen, Jo;Mentens, Nele; 2023. Optimized algorithms and architectures for fast non-cryptographic hash functions in hardware. Microprocessors And Microsystems; 2023; Vol. 98
    LIRIAS4067216
    description

    Publisher: Elsevier
    Published online

1/9

Last update: Jun 18, 2025

Comments on the content and accessibility: Nele Mentens