ELTE OTP Kiberlab Logo
← Back to topics

ELTE-OTP CYBERLAB TOPICS 2025/2026 Semester 2

1. Incident Management

1.1. Designing a Honeypot

The goal is to analyze the architectures of state-of-the-art Honeypot systems to investigate potential internet attacks and to design and validate new solutions most suitable for banking applications.

1.2. Attacker Profiling

The aim of graph-based modeling is to make the activities, tools, infrastructures, TTPs, and relationships of an attacker (or attacker group) analyzable as an interconnected network.

1.3. Detection and Monitoring of Phishing Websites

Developing new methods to search for and detect phishing or potentially phishing sites using internet resources and search engines, and examining the effectiveness of these new methods by identifying sites that abuse the OTP brand and pose a potential threat to OTP customers.

1.4. Combating Phishing using AI Agents

Researching AI agent-based defense solutions against phishing websites. The student’s task is to research the applicability of AI agents in combating phishing websites and the frauds carried out through them.

1.5. Transaction Fraud Detection using AI

The goal is to create new methods based on artificial intelligence that enable the development of an effective transaction fraud monitoring system.

1.6. Evaluating the Reliability of Account Numbers

The task of the research is to determine how reliable an account number is. It is also highly important to recognize and mark as reliable even unique account numbers belonging to known and large organizations or companies.

1.7. Detection of Artificial Intelligence Generated Content

The student analyzes, evaluates, and compares different AI systems and the systems created to detect them, with a special focus on voice and image-based “deep fake” solutions.

1.8. Automated Incident Analysis using Artificial Intelligence

The student’s task is to learn about state-of-the-art systems and set up their own testing environment in which an artificial intelligence’s ability to classify incidents by severity (triage), correlate events, and provide solution suggestions can be tested.

2. Research on Defense Solutions Against Financial Fraud

2.1. Research and Examination of New and Existing Customer Identification Methods

The goal of the project is to learn about the technologies used for customer identification, map their weaknesses and strengths, test them, and create prototypes of possible new technologies.

2.2. Research on Tools for Assessing Vulnerabilities and Incident Management Capabilities

The aim of the research is to explore innovative methods that allow the assessment of an organization’s vulnerabilities and incident management capabilities, even against sophisticated attacks requiring special tools.

2.3. Analysis of Web Dependencies

Creating new methods and procedures for testing websites from a security perspective, with a special focus on external dependencies and embedded codes.

3. Risk Management

3.1. Establishing an LLM Security Testing and Compliance Process

Researching the memorization of LLMs, assessing the possibilities related to extracting data from the training set processed by them.

3.2. Testing the Hungarian Language Proficiency of LLMs

Researching testing methods for the language knowledge of LLMs. Testing various LLMs based on their Hungarian language proficiency and their ability to solve problems in Hungarian.

3.3. Examination of Post-Quantum Solutions

The goal is to examine the threat Q-day poses to various systems and how to defend against it, for example, to prevent the encryption of messaging and file storage from being cracked, or digitally signed documents from losing their authenticity.

3.4. Protection of Personal Data During Client-Server Communication

Researching a cryptographic protocol that allows data collection from clients with verifiable data protection solutions while protecting privacy.

3.5. Evaluating the Reliability of Source Code Libraries

Many source codes and source libraries are available on the internet, but their reliability, maintainability, language, and legal status all vary.

3.6. Federated Learning

Training AI systems requires a huge amount of data. Centralized training is not always feasible for security and legal reasons. The student’s task is to get acquainted with federated learning algorithms and to research possible banking applications.

4. Other

4.1. News Crawler

The main goal of the project is to develop an AI news analysis system that downloads, evaluates, classifies news relevant from an IT security perspective, and then displays the highly important ones.

4.2. Freely Chosen Topics

Students who have an interesting cyber defense research idea of their own should feel free to contact us, and we are happy to start topics other than those listed above.