ELTE OTP Kiberlab Logo
← Back to topics

ELTE-OTP KIBERLAB TOPICS 2025/2026 Semester 1

1. Incident Management

1.1. Designing a Honeypot (based on real machine architectures), planning statistical data collection, prototype development

The goal is to analyze the architectures of state-of-the-art Honeypot systems to investigate potential internet attacks and to design and validate new solutions most suitable for banking applications.

To validate the research results, the student designs a honeypot system to be implemented and develops its prototype. A related task is also to implement logging and to prepare the processing of results.

1.2. Detection of Phishing Websites

Developing new methods for searching for and detecting phishing or potentially phishing sites using internet resources and search engines, and examining the effectiveness of these new methods by identifying sites that abuse the OTP brand and pose a potential threat to OTP customers.

1.3. Monitoring of Phishing and Malicious Websites

The goal is to monitor previously identified potentially phishing sites, to observe and analyze changes occurring on them, and to recognize phishing content affecting OTP. Initiating takedown processes.

The student’s task will be to develop new methods suitable for effectively identifying, categorizing, and logging the activity of potentially phishing sites.

1.4. Structured Storage and Technical Analysis of Phishing Site Data

The goal is to create a database architecture capable of handling temporal changes, enabling the construction of an optimally analyzable database from discovered phishing sites by storing as much information as possible from the sites (including temporal changes).

1.5. Transaction Fraud Detection using AI

The goal is to create new methods based on artificial intelligence that enable the development of an effective transaction fraud monitoring system.

1.6. Evaluating the Reliability of Account Numbers

The task of the research is to determine how reliable an account number is. It is also particularly important to recognize and mark as reliable unique account numbers belonging to known and large organizations or companies (e.g., NAV, MÁK, service providers). The aim of the research is to create new methods that combine the analysis of databases and web content with the application of artificial intelligence algorithms.

1.7. Detection of Artificial Intelligence Generated Content

The student analyzes, evaluates, and compares different AI systems and the systems created to detect them, with a special focus on voice and image-based “deep fake” solutions. The student’s further task is to search for and learn about AI systems that may be suitable for facial recognition and capable of detecting fraud. This topic is closely related to the Research on Face Recognition-Based Identification Solutions topic, so the students working on both topics must collaborate closely.

2. Research on Defense Solutions Against Financial Fraud

The goal is to learn about the tools and methods used by perpetrators, to strengthen defense solutions, and to research new defense solutions.

2.1. Research and Examination of New and Existing Customer Identification Methods

The goal of the project is to learn about the technologies used for customer identification, map their weaknesses and strengths, test them, and create prototypes of possible new technologies.

2.2. Security Testing of Android-Based Systems

The goal is to become familiar with the methods of security testing Android applications, and to analyze, evaluate, and compare them (reverse engineering, pentest).

2.3. Analysis of Web Dependencies

Creating new methods and procedures for testing websites from a security perspective, with a special focus on external dependencies and embedded codes.

3. Risk Management

3.1. Examination of Post-Quantum Encrypted Messaging

The goal is to develop algorithms and prototypes for a messaging system that uses cryptography resistant to quantum computers.

3.2. Examination of Post-Quantum Secure Cloud Storage

The goal is to create algorithms and prototypes for cloud-based data storage and access solutions capable of protecting confidential banking information against quantum computing attacks.

3.3. Examination of Post-Quantum Solutions for Digital Signatures

An examination of the extent to which Q-day poses a threat to digitally signed documents, and how to defend against digitally signed documents losing their authenticity.

3.4. Quantum Communication

The goal is to learn about the possibilities offered by current research. The student becomes acquainted with quantum communication procedures and writes a study analyzing their practical feasibility.

3.5. Evaluating the Reliability of Source Code Libraries

Many source codes and source libraries are available on the internet, but their reliability, maintainability, language, and legal status all vary. The student’s task is to research search methods and solutions that enable searching based on given criteria (e.g., language, legal status, purpose) and that also evaluate the results from a security perspective (e.g., number of commits, number of maintainers, CVEs, download counts, code analysis).

3.6. Federated Learning

Training AI systems requires a huge amount of data. Centralized training is not always feasible for security and legal reasons. The student’s task is to get acquainted with federated learning algorithms and to research possible banking applications.

4. Other

4.1. News Crawler

The main goal of the project is to develop an AI news analysis system that downloads, evaluates, and classifies news relevant from an IT security perspective, and then displays the highly important ones.

The student’s task during the semester is to develop a new method for automated IT security news and article downloading and to create a program/script prototype for it, which can later be used for the system. Solutions already exist for this, but the completion requires creating a well-validated solution that also incorporates new approaches.

4.2. Freely Chosen Topics

Students who have an interesting cyber defense research idea of their own should feel free to contact us, and we are happy to start topics other than those listed above.