The Laboratory of Cryptography and System Security (CrySyS Lab) is committed to carry out internationally recognized, high-quality research on security and privacy in computer systems and networks, and to teach related subjects at the Budapest University of Technology and Economics. We strongly believe in problem driven, project oriented research, therefore we participate in R&D projects, where we collaborate with industry partners and academic institutions, and maintain international relationships.
Notes: CrySyS Lab belongs to the Department of Networked Systems and Services at the Budapest University of Technology and Economics. It is not a company, but a university research lab. The official Hungarian name of the lab is CrySyS Adat- és Rendszerbiztonság Laboratórium. Lab members pronounce CrySyS as [kri:sis].
Professor, Head of the Lab
buttyan (at) crysys.hu
bencsath (at) crysys.hu
holczer (at) crysys.hu
biczok (at) crysys.hu
acs (at) crysys.hu
pejo (at) crysys.hu
agazdag (at) crysys.hu
dpapp (at) crysys.hu
gabor.pek (at) crysys.hu
gergo.ladi (at) crysys.hu
sliu (at) crysys.hu
roland.nagy (at) crysys.hu
The CrySyS Student Core is an invite-only group of talented students who expressed strong interest in the field of IT security. Core members meet once a week to expand their knowledge by discussing specific topics in system and network security, to prepare for CTF competitions, to socialize, and to have fun by spending time with other geeks of similar interest. The CrySyS Student Core also plays a key role in the talent management program of the CrySyS Lab, including the creation of challenges for the annual CrySyS Security Challenge.
Interested to become a Core member? Prove your talent by scoring high at the next CrySyS Security Challenge (organized in the spring semester every year) or impress us in your semester project! If you don't feel qualified yet, but want to invest some work to get better, then join our IT Security Bootcamp!
The CrySyS Alumni Network consists of those 100+ persons who did their diploma or PhD projects in the CrySyS Lab. The following PhD graduates are distinguished alumni who received the CrySyS Steel Ring which has the lab logo and the date of graduation graved in it:
Members of the !SpamAndHex and c0r3dump hacker teams are also part of our Alumni Network. Both teams have grown out from the CrySyS Student Core and became one of the best CTF teams in the world. !SpamAndHex won iCTF 2014, the largest CTF organized specifically for universities, and it was among the 15 teams that qualified for the DEFCON CTF Finals, the most prestigious professional CTF in the world, in 2015, 2016, and 2017. C0r3dump is a younger, but an equally enthusiastic team achieving nice results at different CTFs.
We are probably best known about our contributions to the discovery, naming, and analysis of the Duqu malware.
It all began in September 2011, when a European company sought our help to investigate a security incident that happened in their IT system. During the investigation, we discovered a new malware that was unknown to all mainstream anti-virus products, however, it showed striking similarities to the infamous Stuxnet worm. We named the new malware Duqu, and we carried out its first analysis. Our findings led to the hypothesis that Duqu was probably created by the same people who developed Stuxnet, but with a different purpose: unlike Stuxnet, whose mission was to attack industrial equipment, Duqu was an information stealer rootkit. Nevertheless, both pieces of malware have a modular structure, and they could be re-configured remotely from a Command and Control server to include virtually any kind of functionality. Later, we also identified the dropper of Duqu, which led to the discovery of a zero-day Windows kernel exploit. The story and our results received intensive press coverage at that time.
Since the discovery of Duqu, we have been involved in the analysis of other targeted malware campaigns, including Flame (2012), MiniDuke (2013), TeamSpy (2013), and Duqu 2.0 (2015). More information is available on our blog site at blog.crysys.hu and on our research page.
Tresorit was started as a student project in the CrySyS Lab and it evolved into a spin-off thanks to the talent and devotion of the students, István Lám and Szilveszter Szebeni, who designed the Tresorit architecture. Tresorit is a cloud based encrypted data storage system that allows for secure sharing of information within closed user groups. In Tresorit, data is encrypted at the client side before it is uploaded into the cloud, hence, users do not need to trust the cloud storage provider.
Avatao is an online e-learning platform for IT professionals offering custom-tailored learning paths and detailed analytics about the learning process. Avatao helps users acquiring desired skills by guiding them through a series of hands-on exercises and challenges. Currently, Avatao focuses on providing IT security related challenges at all levels and in multiple sub-domains.
Ukatemi Technologies was founded by members of the CrySyS Lab with the mission of addressing the problems of targeted attacks in cyber space. Ukatemi Technologies provides malware analysis services and offers solutions for building malware analysis laboratory environments. It also has a large local malware repository, containing 350+ million samples, and featuring a fast search method based on binary similarity. The company is also active in the ICS/SCADA cybersecurity domain, providing consulting services and offering an asset inventory and network discovery tool that is based on passive monitoring of network traffic.
IT-SEC Expert is a non-profit company specialized in industry oriented research and training in the field of IT security.