ELTE-OTP KIBERLAB TOPICS 2024/2025 Semester 2

1. Incident Management

1.1. Designing a Honeypot (based on real machine architectures), planning statistical data collection, prototype development

The goal is to analyze the architectures of state-of-the-art Honeypot systems to investigate potential internet attacks and to design and validate new solutions most suitable for banking applications. The student designs a honeypot system to be implemented and develops its prototype. A related task is also to implement logging and to prepare the processing of results.

1.2. Detection of Phishing Websites

Searching for and detecting phishing or potentially phishing sites using internet resources and search engines. Identifying sites that abuse the OTP brand and pose a potential threat to OTP customers.

1.3. Monitoring of Phishing and Malicious Websites

The goal is to monitor previously identified potentially phishing sites, to observe, and analyze changes occurring on them, and to recognize phishing content affecting OTP. Initiating takedown processes. The student’s task will be to create a solution suitable for effectively identifying, categorizing, and logging the activity of potentially phishing sites.

1.4. Structured Storage and Technical Analysis of Phishing Site Data

The goal is to build a database from discovered phishing sites that can be analyzed later, storing as much information as possible from the sites (including temporal changes).

1.5. Analysis of Phishing Activity

The goal is to feed in data and then use it to gather intelligence about perpetrator groups.

1.6. Phishing Reporting Interface

The goal is to create a public interface where citizens can report receiving phishing or suspicious content. The reporting interface should be intuitive and convenient; multiple interfaces may be provided (e.g., web, SMS, instant messaging). The submitted data must be analyzed and can serve as input for the monitoring and analysis subsystems.

1.7. Transaction Fraud Detection using AI

The goal is to create an effective transaction fraud monitoring system based on artificial intelligence.

1.8. Evaluating the Reliability of Account Numbers

The task of the research is to determine how reliable an account number is. It is also particularly important to recognize and mark as reliable unique account numbers belonging to known and large organizations or companies (e.g., NAV, MÁK, service providers). The research may employ databases, web content, and artificial intelligence algorithms.

1.9. Detection of Malicious AI Use

The student develops a prototype for detecting malicious use in AI systems based on large language models. Among the solutions, AI-based approaches are preferred.

1.10. Detection of Artificial Intelligence Generated Content

The student becomes acquainted with various AI systems and the systems created to detect them, with particular focus on voice and image-based “deep fake” analysis. The student’s further task is to search for and learn about AI systems that may be suitable for facial recognition and capable of detecting fraud. This topic is closely related to the Research on Face Recognition-Based Identification Solutions topic, so the students working on both topics must collaborate closely.

2. Research on Defense Solutions Against Financial Fraud

The goal is to learn about the tools and methods used by perpetrators, to strengthen defense solutions, and to research new defense solutions.

2.1. Research and Examination of New and Existing Customer Identification Methods

The goal of the project is to learn about the technologies used for customer identification, map their weaknesses and strengths, test them, and create prototypes of possible new technologies.

2.2. Research on MFA Methods Not Requiring User Interaction

The goal is to research MFA methods that do not require user interaction to function, making them easy to implement while increasing the security of banking operations.

2.3. Research on Face Recognition-Based Identification Solutions

The goal is to learn about face recognition-based identification systems available on the market and to compare them from a security perspective. This topic is closely related to the Detection of Artificial Intelligence Generated Content topic, so the students working on both topics must collaborate closely.

2.4. Security Testing of Android-Based Systems

The goal is to become familiar with the security testing of Android applications (reverse engineering, pentest).

2.5. Analysis of Web Dependencies

Testing websites from a security perspective, with particular focus on external dependencies and embedded codes.

3. Risk Management

3.1. Analysis of Practically Applicable Post-Quantum Solutions

The goal is to identify security-critical banking application areas in terms of the need to introduce post-quantum cryptography, and to develop risk analyses and cost models. The focus is on which areas could already accommodate a quantum-resistant cryptographic algorithm, with particular attention to mobile applications.

3.2. Examination of Post-Quantum Solutions for Digital Signatures

An examination of the extent to which Q-day poses a threat to digitally signed documents, and how to defend against digitally signed documents losing their authenticity.

3.3. Quantum Communication

The goal is to learn about the possibilities offered by current research. The student becomes acquainted with quantum communication procedures and writes a study analyzing their practical feasibility.

3.4. Development of an AI Security Testing Methodology

The goal of the research is to develop a methodology for examining whether the security controls of AI systems can be circumvented. Using the methodology developed during the research, the student prepares a security recommendation for testing LLM systems.

3.5. Testing the Training Dataset of AI Models

The goal is to develop a methodology or PoC system that makes it possible to determine what data can be extracted from a large language model-based system, what data it may contain — with particular focus on personal and other sensitive training data.

3.6. Evaluating the Reliability of Source Code Libraries

Many source codes and source libraries are available on the internet, but their reliability, maintainability, language, and legal status all vary. The student’s task is to research search methods and solutions that enable searching based on given criteria (e.g., language, legal status, purpose) and that also evaluate the results from a security perspective (e.g., number of commits, number of maintainers, CVEs, download counts, code analysis).

3.7. Federated Learning

Training AI systems requires a huge amount of data. Centralized training is not always feasible for security and legal reasons. The student’s task is to get acquainted with federated learning algorithms and to research possible banking applications.

4. Governance

4.1. AI Training and Querying for Time-Varying Content

The goal is to design an AI-based system suitable for searching a set of documents that changes over time (e.g., legislation, internal policy documents, conditions), and to produce PoC code. It is important that the system can interpret what was in force at any given point in time, not just maintain the current state.

4.2. Examination of Legal Issues Related to KIBERLAB Research

After becoming familiar with the other — primarily technical — topics, the student maps their legal aspects, collecting and analyzing the applicable domestic, EU, and international legislation. They examine which areas carry the greatest legal risk during the operation of a bank, how these are regulated, and which are unregulated or risky areas.

5. Other

5.1. News Crawler

The main goal of the project is to develop an AI news analysis system that downloads, evaluates, and classifies news relevant from an IT security perspective, and then displays the highly important ones.

The student’s task during the semester is to write an automated IT security news and article downloader program/script that can later be used for the system. Solutions already exist for this, but the completion requires creating a well-functioning, independently developed solution.

5.2. AI API Prompt Engineering

During the semester, the student’s task is to find the exact expressions and instructions that, when given to an open AI system, yield an appropriate summary of an IT security article or news item. In addition, the news must be categorized, articles on the same topic grouped, and the identical and differing pieces of information highlighted.

5.3. Freely Chosen Topics

Students who have an interesting cyber defense research idea of their own should feel free to contact us, and we are happy to start topics other than those listed above.