On May 22, 2021 Rob van Emous has received the ENIAC Thesis Award 2018-2019 for his thesis titled “Towards Systematic Black-Box Testing for Exploitable Race Conditions in Web Apps“. A delegation of the ENIAC board, including our very own TV personality, visited Rob at home to hand over the big cheque (worth €500,-) and the physical trophy. The award for study year 2018 – 2019 was delayed quite a bit due to the current circumstances, so we are very happy to finally present the award.
The jury consisted of Meike Nauta (the previous winner), Rom Langerak (FMT) and Maurice van Keulen (DMB). They scored all nominated theses on a number of criteria:
- Scientific approach
- Practical approach (“engineering approach”)
- Difficulty of research
- Readability and usability of thesis to specialists and computer scientists in general
- Benefits of research / development for greater good
The jury came to the following conclusion:
The jury enjoyed reading the theses of the four nominees. It was immediately clear why these theses have been nominated. All had written an outstanding thesis, tackled complex problems that were communicated in engaging language, and managed to combine thorough research with critical reflection. Selecting a winner was therefore not an easy task and we can definitely say that it was a close contest. But in the end, the jury decided that Rob J. van Emous is the winner of the ENIAC thesis award, with his thesis entitled “Towards Systematic Black-Box Testing for Exploitable Race Conditions in Web Apps”.
Rob developed a systematic method to test for race conditions in web apps from a black-box perspective, an often neglected problem that is important for securing web apps against cyber attacks. He showed to have a deep technical understanding of the topic, while being able to describe it in an accessible and well-written thesis. The jury especially appreciated the strong structure, the good visual support and the convincing motivation of the problem. Rob used a sound scientific approach, discussed relevant literature and came up with a novel solution that he compared with existing state-of-the-art. Additionally, he provided a practical solution by creating a well-documented open-sourced software tool to support the exploitation. His thesis is therefore a perfect example of coming up with a novel scientific solution, and then bringing this scientific theory to practice.
The other nominees were:
- Jan Trienes – Comparing rule-based, feature-based and deep neural methods for de-identification of Dutch medical records
- Christian Versloot – Amplifying the Analyst: Machine Learning Approaches for Buried Utility Characterization
- Olivia H. Plant – Development of a framework for achieving internal control and effectively managing risks in a DevOps environment
We would like to thank the departments for the nominations and the jury for reading and grading the theses. We wish all nominees the best of luck with their future careers!
The nominations for the thesis award 2019 – 2020 are currently being reviewed, so we will be able to present yet another award soon!