The Laboratory of Cryptography and System Security (CrySyS Lab) is committed to carry out internationally recognized, high quality research on security and privacy in computer systems and networks, and to teach IT security and applied cryptography at the Budapest University of Technology and Economics. The lab also provides consulting services upon request, including penetration testing (ethical hacking) and technical assistance in computer security incident response. We strongly believe in problem driven, project oriented research, hence we participate in R&D projects, where we collaborate with industry partners and academic institutions, and maintain strong international connections.
Notes: CrySyS Lab belongs to the Department of Networked Systems and Services at the Budapest University of Technology and Economics. It is not a company, but a university research lab. The official Hungarian name of the lab is CrySyS Adat- és Rendszerbiztonság Laboratórium. Lab members pronounce CrySyS as [kri:sis].
Associate Professor, Head of the Lab
buttyan (at) crysys.hu
bencsath (at) crysys.hu
holczer (at) crysys.hu
biczok (at) crysys.hu
acs (at) crysys.hu
agazdag (at) crysys.hu
mhorvath (at) crysys.hu
dpapp (at) crysys.hu
lestyan (at) crysys.hu
gergo.ladi (at) crysys.hu
Zero IT Lab
The CrySyS Student Core is an invite-only group of talented students who expressed strong interest in the field of IT security. Core members meet once a week to expand their knowledge by discussing specific topics in system and network security, to prepare for CTF competitions, to socialize, and in general, to have fun by spending time with other geeks of similar interest. The CrySyS Student Core also plays a key role in the talent management program of the CrySyS Lab, which includes the creation of challenges for the annual CrySyS Security Challenge.
Interested to become a Core member? Prove your talent by scoring high at the next CrySyS Security Challenge (organized in the spring semester every year) or impress us in your semester project! If you don't feel qualified yet, but want to invest some work to get better, then join our IT Security Bootcamp!
The CrySyS Alumni Network consists of those 100+ persons who did their diploma or PhD projects in the CrySyS Lab. The following PhD graduates are distinguished alumni who received the CrySyS Steel Ring which has the lab logo and the date of graduation graved in it:
Members of the !SpamAndHex hacker team are also part of our Alumni Network. The !SpamAndHex team has grown out from the CrySyS Student Core and became one of the best CTF teams in the world. It won iCTF 2014, the largest CTF organized specifically for universities, and it was among the 15 teams that qualified for the DEFCON CTF Finals, the most prestigious professional CTF in the world, in 2015, 2016, and 2017. The team was in the top 5 teams in the world ranking by CTFtime.org in 2015.
We are probably best known about our contributions to the discovery, naming, and analysis of the Duqu malware.
It all began in September 2011, when a European company sought our help to investigate a security incident that happened in their IT system. During the investigation, we discovered a new malware that was unknown to all mainstream anti-virus products, however, it showed striking similarities to the infamous Stuxnet worm. We named the new malware Duqu, and we carried out its first analysis. Our findings led to the hypothesis that Duqu was probably created by the same people who developed Stuxnet, but with a different purpose: unlike Stuxnet, whose mission was to attack industrial equipment, Duqu was an information stealer rootkit. Nevertheless, both pieces of malware have a modular structure, and they could be re-configured remotely from a Command and Control server to include virtually any kind of functionality. Later, we also identified the dropper of Duqu, which led to the discovery of a zero-day Windows kernel exploit. The story and our results received intensive press coverage at that time.
Since the discovery of Duqu, we have been involved in the analysis of other targeted malware campaigns, including Flame (2012), MiniDuke (2013), TeamSpy (2013), and Duqu 2.0 (2015). More information is available on our blog site at blog.crysys.hu and on our research page.
Tresorit was started as a student project in the CrySyS Lab and it evolved into a spin-off thanks to the talent and devotion of the students, István Lám and Szilveszter Szebeni, who designed the Tresorit architecture. Tresorit is a cloud based encrypted data storage system that allows for secure sharing of information within closed user groups. In Tresorit, data is encrypted at the client side before it is uploaded into the cloud, hence, users do not need to trust the cloud storage provider.
Avatao is an online e-learning platform for IT professionals offering custom-tailored learning paths and detailed analytics about the learning process. Avatao helps users acquiring desired skills by guiding them through a series of hands-on exercises and challenges. Currently, Avatao focuses on providing IT security related challenges at all levels and in multiple sub-domains.
Ukatemi Technologies was founded by members of the CrySyS Lab with the mission of addressing the problems of targeted attacks in cyber space. Targeted attacks often use advanced methods, they aim at compromising high profile targets, they are stealthy and persistent, and therefore, difficult to detect and mitigate. Ukatemi provides advanced threat mitigation technologies, including threat intelligence services, custom testing of anti-APT tools, technical assistance in computer security incident response, and advanced malware analysis.
IT-SEC Expert is a non-profit company specialized in industry oriented research and training in the field of IT security.