Attack Modeling. Improving attack graph scalability and enriching them with information beyond network vulnerabilities, including application and human factors.
Binary Code Representation. Automated techniques using deep neural networks for large-scale binary analysis, covering binary similarity and automated function naming, developed in collaboration with industry and universities.
Blockchain. Studying blockchain performance and security, addressing scalability and resilience against attacks in decentralized systems.
Cyber-Physical Systems. Protecting SCADA-controlled infrastructures and robots through control-theoretical and machine learning approaches, using anomaly detection and behavioral analysis to enhance resilience and safety.
Analysis-Resistant Code. Developing methods for analyzing adversarial code, protecting software from reverse engineering, and studying evasive malware with dynamic instrumentation and weird-machine abstractions.
Malware Analysis Tools. Semi-automatic triage systems prioritize malware samples for human analysis, reducing computational and analyst overload.
Privacy-Preserving Applications. Encrypted computation for secure biometric matching, biomedical signals, IoT sensor fusion, and private malware analysis.
Code Reuse Attacks and Defenses. Investigating ROP attacks, building exploit datasets, developing analysis tools, and optimizing defenses using modern processor primitives.
Side Channels. Researching software hardening and hardware vulnerabilities to protect sensitive data from microarchitectural attacks.
Swarm Attestation. Improving IoT device attestation performance using noninteractive collective protocols suitable for low-end devices and unstructured networks.
Symbolic Execution. Advancing symbolic execution for vulnerability detection, protocol reconstruction, and hybrid fuzzing, with applications in malware analysis and program verification.
Visual Analytics. Interactive tools to analyze large cybersecurity datasets, support proactive risk assessment, real-time incident response, and explain AI-driven malware classifiers.
Multimedia Forensics. Methods for verifying image/video authenticity, detecting forgeries and deepfakes, and tracing digital content origins for investigations and information warfare.
Group members also contribute to the Research Center for Cyber Intelligence and Information Security (CIS), conducting applied research in cyber intelligence, critical infrastructure protection, trend prediction, and threat mitigation. CIS develops strategies and tools for real-world challenges such as cyberwarfare, fraud detection, stock market stability, tax evasion, mission-critical monitoring, early warning systems, and smart environments.
