ELTE-OTP KIBERLAB TOPICS 2023/2024 Semester 2
1. Analysis of Honeypot System Architectures Suitable for Banking Applications
The goal is to analyze the architectures of state-of-the-art Honeypot systems to investigate potential internet attacks and to design and validate new solutions most suitable for banking applications.
Tasks for the semester in this topic:
- Designing a Honeypot (based on real machine architectures), planning statistical data collection, prototype development. The student explores the types, purposes, and possible implementation approaches of Honeypot systems, then begins designing and developing a prototype of the system with the chosen architecture. A related task is also to prepare logging and the processing of results.
Who should apply?- We are looking for a student with good networking knowledge who enjoys participating in the design of larger systems.
What can you learn from this research? - Practical experience can be gained with network attack and defense solutions, and the student will become familiar with banking IT infrastructure.
- We are looking for a student with good networking knowledge who enjoys participating in the design of larger systems.
2. Development and Validation of Cyber Defense Methods for Identifying Phishing
The goal, as a continuation of previously started lab work, is to plan the use of the completed news crawler for cyber defense purposes and to develop the necessary prototype.
Tasks for the semester in this topic:
-
Examination and analysis of phishing websites. The student’s task is the continuous monitoring of continuously changing phishing domains from external input, reloading pages when changes occur, and conducting comparative analysis of the results.
Who should apply?- We are looking for students with experience in using crawlers and in designing and building databases.
What can you learn from this research? - Learning about phishing techniques and the processes used to defend against them.
- We are looking for students with experience in using crawlers and in designing and building databases.
-
Examining the uniqueness and grouping of articles. The student examines the uniqueness of cyber defense news in the database built by the news crawler, and designs a system that groups articles written on the same topic and can effectively evaluate the importance of these news items. Another goal is to automatically extract new Indicators of Compromise (IoC) described in articles deemed important.
Who should apply?- We are looking for students with experience in data processing who are interested in the practical application of text processing.
What can you learn from this research? - The student will become familiar with text comparison and classification algorithms.
- We are looking for students with experience in data processing who are interested in the practical application of text processing.
3. Post-Quantum Cryptography
The goal is to identify security-critical banking application areas in terms of the need to introduce post-quantum cryptography, and to develop risk analyses and cost models.
Tasks that can be performed during this semester in this topic:
-
Design and analysis of practically applicable solutions. The student examines which areas could already accommodate a quantum-resistant cryptographic algorithm, with particular attention to mobile applications.
Who should apply?- We are looking for students interested in post-quantum cryptography and mathematics, who also have knowledge of web technologies.
What can you learn from this research? - The student will become familiar with the latest encryption algorithms in the field and can also gain deeper networking knowledge.
- We are looking for students interested in post-quantum cryptography and mathematics, who also have knowledge of web technologies.
-
Risk analysis and summary. By thoroughly studying the Bank’s central systems, the student produces an analysis based on various cost models to determine how protected each system currently is, where the critical points are, and how these could be improved.
Who should apply?- We are looking for students interested in post-quantum cryptography and mathematics, as well as in risk analysis and the analysis of large-scale systems.
What can you learn from this research? - The student will become familiar with banking IT infrastructure and risk analysis methodologies used in banking.
- We are looking for students interested in post-quantum cryptography and mathematics, as well as in risk analysis and the analysis of large-scale systems.
-
Digital signatures. An examination of the extent to which Q-day poses a threat to digitally signed documents, and how to defend against digitally signed documents losing their authenticity.
Who should apply?- We are looking for students interested in post-quantum cryptography and mathematics, as well as in the topic of financial digital signatures.
What can you learn from this research? - The research enables a deeper understanding of digital signatures and the latest post-quantum algorithms, from both practical and theoretical perspectives.
- We are looking for students interested in post-quantum cryptography and mathematics, as well as in the topic of financial digital signatures.
4. Security Issues of Artificial Intelligence and LLM Systems
The research examines the security of artificial intelligence, with particular emphasis on large language models (LLMs).
Tasks that can be performed during this semester in this topic:
- Secure design and development. The student’s task is to learn about, analyze, and test the security controls applied during the development of such models, and then to develop a recommendation based on these findings.
- Development of a testing methodology. The goal of the research is to develop a methodology for examining whether the security controls of such systems can be circumvented. Using the methodology developed during the research, the student prepares a security recommendation for testing LLM systems.
- Detection of malicious use. The student prepares an analysis of what methods can be used to detect malicious use in systems based on large language models. Among the solutions, AI-based approaches are preferred.
- Examination of legal issues related to AI-based systems. The student collects and analyzes the applicable domestic, EU, and international legislation. They examine which areas carry the greatest legal risk during the operation of a bank, how these are regulated, and which are unregulated or risky areas.
5. Examination of DRM-Protected Video-Based Defense Solutions
The goal of the project is to design a usable DRM system.
- Media packaging research. The student identifies and presents as a case study the appropriate tool for the task — one capable of encrypting and efficiently packaging media files. The student also proposes designs for new methods.
Who should apply?- We are looking for students interested in digital signal and image processing and the related protection technologies.
What can you learn from this research? - The student will learn about the technology behind DRM systems and their practical applications.
- We are looking for students interested in digital signal and image processing and the related protection technologies.
6. Security Analysis of Open-Source Systems
The goal of the project is to examine freely available offensive tools from a security perspective.
- Examination of pentest tools. The goal of the research is to learn about and analyze from a security perspective open-source cybersecurity tools that use artificial intelligence — to examine their strengths and weaknesses — in order to be able to use them later and to defend against them more effectively.
Who should apply?- We are looking for students interested in ethical hacking and artificial intelligence.
What can you learn from this research? - The student will become familiar with the latest penetration testing applications and the challenges associated with them.
- We are looking for students interested in ethical hacking and artificial intelligence.