Research fields:

CrySyS Lab

applied cryptography • computer security • cybersecurity • economics of security and privacy • ethical hacking • game theory • honeypot technology • ICS/SCADA security • information security • IoT security • IT security • machine learning • malware analysis and detection • network security • penetration testing • post-quantum cryptography • privacy • privacy enhancing technologies • provable security • reverse engineering • security of autonomous systems (e.g. vehicles) • security of cyber-physical systems • security of embedded systems • software security • V2X security

👤
Buttyán Levente
associate professor
I.E.431
(+36) 1 463-1803
buttyan@hit.bme.hu
A kutatócsoport tagjai:
👤
Buttyán Levente
associate professor
👤
Biczók Gergely
associate professor
👤
Holczer Tamás
assistant professor
👤
Horváth Máté
lecturer
👤
Ács Gergely
assistant professor
👤
Pejó Balázs
research fellow
👤
Futóné Papp Dorottya
assistant lecturer
👤
Vajda István
full professor
👤
Bencsáth Boldizsár
assistant professor
👤
Gazdag András Gábor
assistant lecturer
👤
Lestyán Szilvia
assistant research fellow
crysys_fig1
crysys_fig2
crysys_fig3
crysys_fig4
crysys_fig5
previous arrow
next arrow

Activity of the research group:

Our research group works in 3 domains within the field of security and privacy:
  1. security of cyber-physical systems,
  2. security and privacy problems in machine learning-based systems,
  3. economics of security and privacy.
In domain (1), we work on the security of industrial automation and control systems, security of modern vehicles and intelligent transport systems, and security of IoT systems and applications. The common in these topics is that attacks originating from cyberspace may have physical consequences, resulting in equipment or environmental damage, or potentially even loss of human life, and therefore, security is an important requirement. In domain (2), we study how machine learning can be used to solve security and privacy problems, and also how machine learning–based systems may be exploited maliciously. More specifically, we focus on the security of federated learning algorithms and the problem of adversarial examples (e.g., in machine learning-based malware detection). In domain (3), we apply game theoretic models to study the incentive structures in different systems, and the cause of security and privacy problems. Besides the domains mentioned above, we have strong competency in applied cryptography, privacy enhancing technologies, malware analysis, reverse engineering, and secure operation of networks and network-based systems, including IT infrastructure automation.

Recent results:

  • In the SETIT project, we developed an efficient anti-virus solution for resource constrained IoT devices, which detects malware with more than 90% accuracy.
  • We developed many further security enhancing solutions for IoT devices.
  • We constructed new attacks on the vehicle CAN bus, and proposed multiple attack detection mechanisms.
  • We analyzed what information can be extracted from recorded CAN traffic, and showed that it is possible to identify the driver solely from the raw CAN data.
  • We designed and implemented honeypots for ICS/SCADA systems.
  • We achieved pioneering results in the field of interdependent privacy, which gave the theoretical explanations for the Cambridge Analytica scandal.
  • We proposed new privacy-preserving federated machine learning algorithms.

Special infrastructure:

IoT devices, PLCs, industrial devices, servers • PIRAMID ICS/SCADA security testbed

Recent projects:

PrOTectME (EIT Digital) • H2020 MELLODDY • H2020 SECREDAS • H2020 SETIT

International relations:

NTNU, Trondheim, Norway • KU Leuven, Belgium • INRIA Rhones-Alpes, France • University of California, Irvine, CA • New York Institute of Technology

Industrial partners:

Microsec Zrt. • Tresorit Kft. • Ukatemi Technologies Kft.
👤