Analysis-Resistant Code. Developing methods for analyzing adversarial code, protecting software from reverse engineering, and studying evasive malware with dynamic instrumentation and weird-machine abstractions.
Attack Modeling. Improving attack graph scalability and enriching them with information beyond network vulnerabilities, including application and human factors.
Binary Code Representation. Automated techniques using deep neural networks for large-scale binary analysis, covering binary similarity and automated function naming, developed in collaboration with industry and universities.
Blockchain. Studying blockchain performance and security, addressing scalability and resilience against attacks in decentralized systems.
Code Reuse Attacks and Defenses. Investigating ROP attacks, building exploit datasets, developing analysis tools, and optimizing defenses using modern processor primitives.
Cryptography for E-Government. Building cryptographic protocols for major e-government services such as e-voting, contact tracing, and digital identity wallets.
Cyber-Physical Systems. Protecting SCADA-controlled infrastructures and robots through control-theoretical and machine learning approaches, using anomaly detection and behavioral analysis to enhance resilience and safety.
Foundations of Cryptography. Identifying lower and upper bounds on the number of communication rounds, amount of communication, hardness assumptions, computational complexity, and setup assumptions required by algorithms realizing cryptographic tasks.
Malware Analysis Tools. Semi-automatic triage systems prioritize malware samples for human analysis, reducing computational and analyst overload.
Multimedia Forensics. Methods for verifying image/video authenticity, detecting forgeries and deepfakes, and tracing digital content origins for investigations and information warfare.
Post-Quantum Cryptography. Upgrading existing cryptographic infrastructures to maintain the desired level of security even against quantum adversaries.
Privacy-Enhancing Cryptography. Improving privacy-preserving cryptographic schemes (e.g., blind signatures, ring signatures, zero-knowledge proofs, secure multi-party computation) to guarantee user privacy while enabling computation over confidential data.
Privacy-Preserving Applications. Encrypted computation for secure biometric matching, biomedical signals, IoT sensor fusion, and private malware analysis.
Side Channels. Researching software hardening and hardware vulnerabilities to protect sensitive data from microarchitectural attacks.
Swarm Attestation. Improving IoT device attestation performance using noninteractive collective protocols suitable for low-end devices and unstructured networks.
Symbolic Execution. Advancing symbolic execution for vulnerability detection, protocol reconstruction, and hybrid fuzzing, with applications in malware analysis and program verification.
Visual Analytics. Interactive tools to analyze large cybersecurity datasets, support proactive risk assessment, real-time incident response, and explain AI-driven malware classifiers.
Group members also contribute to the Research Center for Cyber Intelligence and Information Security (CIS), conducting applied research in cyber intelligence, critical infrastructure protection, trend prediction, and threat mitigation. CIS develops strategies and tools for real-world challenges such as cyberwarfare, fraud detection, stock market stability, tax evasion, mission-critical monitoring, early warning systems, and smart environments.
