http://hdl.handle.net/2268.2/6044 Thu, 05 Mar 2026 22:08:41 GMT 2026-03-05T22:08:41Z http://hdl.handle.net/2268.2/25187 Title: Master thesis : SNAC Compliance and Augmentation of the OpenThread Border Router Abstract: The fast expansion of the Internet of Things industry has created the need for a low-power, IPv6-based networking technology specifically designed for battery-powered devices, a solution provided by the Thread protocol. This thesis focuses on OpenThread, the open source implementation of this protocol developed by Google, and more particularly on the analysis and enhancement of the OpenThread Border Router (OTBR), the gateway responsible for connecting the Thread network to other IP networks. This project is divided into four main parts. A dedicated laboratory test environment is deployed for the successful realization of the tasks described below. One of the primary goals of this thesis is to analyze and study the conformity of the implementation of the OTBR with the SNAC draft specification, defined by the IETF which describes how to link a stub network such as a Thread network to a standard Wi-Fi network. As a result, this work confirms the OTBR’s compliance as it successfully supports all core services required by SNAC. Secondly, the project focuses on the development of an IPFIX functionality for the OTBR as an internal additional service. This involves the definition of observation points within the observation domain and the creation of a metering process responsible for measuring flow statistics in the OpenThread core. Simultaneously, an exporting process service is implemented in the OTBR source code to transmit these records to the IPFIX collector as IPFIX messages. As a continuation of the previous objective, this thesis also involves the deployment and configuration of a IPFIX collector tailored specifically for the IPFIX messages send by the OTBR IPFIX exporter module which includes some Thread network specific statistics. The solution relies on pmacct combined with Telegraf for collecting and aggregating the IPFIX messages and ingesting the flow data into a PostgreSQL database configured with the TimescaleDB extension. Furthermore, Grafana is used to visualize and monitor the collected flow information stored in the database. As a result, a complete IPFIX solution is obtained for the OTBR, which allows to perform network troubleshooting, unusual device behavior detection and performance analysis of the Thread network. Finally, the thesis also focuses on the development of an Time Exceeded Detector functionality for the OTBR as an internal additional service. This development work involves the implementation of a simulation mechanism which predicts the path taken by every packet coming from the infrastructure network using topology information obtained in the OTBR via OpenThread mesh diagnostics messages and the Dijkstra’s algorithm. If the hop limit of such a packet is detected to expire before reaching the destination, an ICMPv6 time exceeded message is sent back to the sender of the original packet. As a result, this prevents injecting useless packets into the Thread network and also enables the traceroute functionality in Thread. Thu, 22 Jan 2026 23:00:00 GMT http://hdl.handle.net/2268.2/25187 2026-01-22T23:00:00Z http://hdl.handle.net/2268.2/24935 Title: Introduction to Virtual Machine Introspection for System Monitoring of Legacy Windows Environments Abstract: This master's thesis explores the field of Virtual Machine Introspection (VMI) with two focuses: firstly, to establish a solid understanding of VMI, its principles, and its implementation in existing frameworks. Secondly, to apply this knowledge to extend an existing VMI framework, DRAKVUF, to support legacy Windows systems. The work demonstrates the feasibility and value of extending VMI capabilities to legacy systems. This master's thesis is organized in the following way: Chapter 1 is the introduction, Chapter 2 the objectives and structure of the thesis, Chapter 3 review the technical background needed to understand this work, Chapter 4 presents the virtualized setups used to test the frameworks explored, Chapter 5 introduces VMI for system monitoring, exploring both the broad VMI concept and the technical implementations of VMI by VMI frameworks, Chapter 6 performs an exploratory study of API monitoring with and without VMI, reviewing both traditional API monitoring techniques and frameworks, and a concrete VMI API monitoring, Chapter 7 presents the implementation, testing, and evaluation work made in this thesis (although other chapters also contain practical parts), and finally, Chapter 8 presents the conclusions. Sun, 07 Sep 2025 22:00:00 GMT http://hdl.handle.net/2268.2/24935 2025-09-07T22:00:00Z http://hdl.handle.net/2268.2/24856 Title: CAFÉ 2.0 : A module supporting the collaborative design and build activity Abstract: A Collaborative Design-Build (CDB) module integrated into the CAFÉ platform. It provides an educational environment for students and instructors to run real-time, digitally mediated collaborative work sessions, replacing paper-based workflows. Commentary: repo of the code on gitlab : https://gitlab.uliege.be/ALabrahimi/CDB Sun, 07 Sep 2025 22:00:00 GMT http://hdl.handle.net/2268.2/24856 2025-09-07T22:00:00Z http://hdl.handle.net/2268.2/24459 Title: Over-the-top Advanced File Protection Abstract: Operating systems traditionally provide per-user file access control. This is indeed very useful is some settings, such as the cloud, but is rather inadequate to protect personal computers from modern threats such as ransomware. Inadequacies for modern threats are related to the fact that issues arises when malware, such as ransomware, infiltrates a personal computer and typically runs under the permissions of the user who accidentally launched it. It can access, modify or encrypt all of the user’s file. This makes traditional per-user protection ineffective against certain types of malware that exploit user privileges. Indeed, in such a context, files would be safer if per-application isolation was in place. Given the scale of the work to be done and the high relevance for personal computers, only one operating system was chosen by the author and the implementation as well as the theoretical knowledge are based solely on Windows operating system. Moreover, this master thesis aims to follow three important principles : investigation, design and implementation. For that purpose, the structure of the thesis intends to stick to specific objectives aligned with theses principles such as defining the threat model, studying existing solutions to similar problems, designing per-application protection, creating a proof-of-concept and an enhanced version defined as a kind of minimal viable product and evaluating it in the domain of application with a use case. To achieve these objectives, a deep understanding of certain Windows concepts is needed and therefore the author conducted research and synthesis work made available in annexes as well as analysis and testing environment defined in appendices to reproduce and independently develop kernel-mode Windows drivers. Indeed, the thesis presents a solution that consists of a kernel-mode minifilter plus a user-mode service acting as policy decision engine. This design can protect against unauthorized file access and secure personal data. However, the solution presented still exhibits some limitations and better security enhancements could be researched for future improvements. Sun, 07 Sep 2025 22:00:00 GMT http://hdl.handle.net/2268.2/24459 2025-09-07T22:00:00Z