Associate Professor, Head of the Lab
buttyan (at) crysys.hu
web: www.hit.bme.hu/~buttyan/
office: I.E. 431
tel: +36 1 463 1803
fax: +36 1 463 3263
Levente Buttyán was born in 1970 in Salgótarján, Hungary. He received the M.Sc. degree in Computer Science from
the Budapest University of Technology and Economics (BME) in 1995, and earned the Ph.D. degree from the Swiss
Federal Institute of Technology - Lausanne (EPFL) in 2002.
In 2003, he joined the Department of Networked Systems and Services at BME, where he currently holds a position
as an Associate Professor and leads the Laboratory of Cryptography and Systems Security (CrySyS Lab). He has done
research on the design and analysis of secure protocols and privacy enhancing mechanisms for wireless networked
embedded systems (including wireless sensor networks, mesh networks, vehicular communications, and RFID systems).
Recently, he has been involved in the analysis of some high profile targeted malware, such as Duqu, Flame (aka
sKyWIper), MiniDuke, and TeamSpy. Currently, his research interests are in embedded systems security (a.k.a.
security for Internet of Things) and embedded systems forensics.
This BSc course gives an overview of the different areas of IT security with the aim of increasing the security awareness of computer science students and shaping their attitude towards designing and using secure computing systems. The course prepares BSc students for security challenges that they may encounter during their professional career, and at the same time, it provides a basis for those students who want to continue their studies at MSc level (taking, for instance, our IT Security minor specialization). We put special emphasis on software security and the practical aspects of developing secure programs.
This BSc course gives an overview of the different areas of IT security with the aim of increasing the security awareness of computer science students and shaping their attitude towards designing and using secure computing systems. The course prepares BSc students for security challenges that they may encounter during their professional career, and at the same time, it provides a basis for those students who want to continue their studies at MSc level (taking, for instance, our IT Security minor specialization). We put special emphasis on software security and the practical aspects of developing secure programs.
This BSc course introduces problems related to general IT security. It focuses on offensive security to demonstrate the mindset of an attacker. This is good motivational first course for IT security enthusiasts.
This BPorf course gives an overview of the different areas of IT security with the aim of increasing the security awareness of computer science students and shaping their attitude towards designing and using secure computing systems. The course also gives an introduction to source coding and channel coding.
This course introduces problems related to communication security in wired and wireless networks, describes the principles and practical implementations of modern security protocols that address those problems, and sheds light on protocol design issues through the detailed analysis of existing security protocols.
The course introduces security problems in computing systems, as well as the principles, practical mechanisms, and tools used to solve them. The term computer is interpreted in a broad sense, and it includes personal computers, servers, mobile devices, and embedded computers. The course covers physical security and OS level security of computers, software security issues at the application level, secure programming, and the problem of malicious software (malware).
This course fills an important gap in the education of software engineers, - namely developing secure software applications. During this course, students will learn the most common mistakes in software development and how attackers exploit those mistakes (offensive security). Then, students get to know how to mitigate attacks and write secure software applications.
This course gives an introduction to the basics of cryptography, explains how basic building blocks work, and demonstrates how secure systems can be engineered by properly using them. Besides the theoretical background, we use lot of illustrative examples and show practical applications. In addition, besides the technical details, we give an outlook to the legal and business aspects of using cryptography. This course is offered only to students of the Aquincum Institute of Technology, Budapest.
Az Internet ma már nem csak nagy teljesítményű szerverekből, személyi számítógépekből és mobil eszközökből áll, hanem számtalan intelligens beágyazott eszközt is magában foglal. Az előrejelzések szerint 2020-ra 25 milliárd ilyen eszköz lesz hálózatba kötve, és ez számos új és érdekes alkalmazás előtt nyitja meg az utat (pl. okos gyárak és Ipar 4.0, egymással és az útmenti infrastruktúrával kommunikáló járművek, okos városok, épületek, ...). Az intelligens beágyazott eszközökkel kibővült Internet, azaz az Internet of Things (dolgok Internete) vagy röviden IoT, azonban számos informatikai biztonsági kockázatot is magában rejt. Az IoT előre törését a beágyazott számítógépek és a vezeték nélküli kommunikáció fejlődése, illetve ezen technológiák árának folyamatos csökkenése teszi lehetővé. Az alacsony ár, a költségek minimalizálása azonban általában az informatikai biztonság hiányát eredményezi. Ugyanakkor, egyes IoT alkalmazásokban a biztonság hiánya fizikai és anyagi károkhoz vezethet, adott esetben emberéleteket követelhet. Ezekben az alkalmazásokban tehát meg kell találni a megfelelő egyensúlyt a költségek és a rendszer által nyújtott biztonság szintje között.
A CrySyS Lab a vezetője a Nemzeti Kiválósági Programban támogatást nyert SETIT (Security Enhancing Techniques for the Internet of Things) projektnek, ami azt a célt tűzte maga elé, hogy drasztikusan csökkenti az IoT biztonsági kockázatait, és ezzel lehetővé teszi az IoT alkalmazások szélesebb körű elterjedését. A projekten belül, a labor az IoT alkalmazások futtatására szolgáló beágyazott számítási platform biztonságával foglalkozik. Ezen belül jelenleg az IoT malware témakörön dolgozunk, mely magában foglalja a kártékony programok detekcióját erőforrás korlétozott beágyazott eszközökön, illetve az IoT világban megjelenő malware minták elemzését, tárolását, és osztályozását.
A témakör iránt érdeklődő hallgatók a fenti projekt keretében az alábbi konkrét problémákon doglozhatnak:
Napjainkban egyre nagyobb igény jelentkezik az ügyviteli folyamatok automatizálására, a személyes interakciók nélküli ügyintézésre. Ezen igény mentén egyre több helyen jelennek meg önkiszolgáló pontok, más néven kioszkok – gondoljunk csak például a gyorséttermi rendelések leadására szolgáló terminálokra, a csomagok átadására és átvételére használható automatákra, vagy az önkiszolgáló kasszákra. A jövőben várható a kioszkok további területeken történő térhódítása is, akár a korábbiaknál bonyolultabb ügyekben is, mint például a pénzintézetek, biztosítók, közművek ügyfélszolgálatainak tehermentesítésében.
A kioszkok jellemzően nyilvános helyen, gyakran személyes felügyelet, őrzés nélkül hozzáférhetőek az ügyfelek részére. Ugyanakkor a segítségükkel gyakran biztonságkritikus műveletet is végeznek, amelyek korábban rendszerint védett helyen található készülékről, megbízható ügyintézők közreműködésével volt lehetséges. Így a kioszkok megjelenése IT biztonság szempontjából új kihívást jelent.
A Hallgató feladata felmérni a kioszk hálózatok fenyegetettségeit, majd a rendelkezésre álló technológiák vizsgálatán keresztül meghatározni az alkalmazható megoldásokat. A feladat magába foglalja az elérhető VPN technológiák összehasonlítását, biztonságos hálózati kapcsolat kiépítéséhez használható alternatív technológiák felkutatását, a kapcsolat kiépítéséhez szükséges szimmetrikus/aszimmetrikus titkok disztribúciós lehetőségeit, valamint távoli tanúsítványmenedzsment megoldások vizsgálatát.
A téma vizsgálatára valós projekt keretében, ipari konzulens segítségével nyílik lehetőség a Microsec zrt-nél. A Microsec zrt. Magyarország egyik meghatározó informatikai vállalkozása. Piacvezető szerepet tölt be az elektronikus aláírással kapcsolatos szolgáltatások területén, Magyarországon az első eIDAS szerinti minősített bizalmi szolgáltatóként minősített elektronikus aláíró és bélyegző tanúsítványok kibocsátását, minősített időbélyegzést, valamint minősített archiválás szolgáltatást nyújt nagyvállalatoknak, pénzintézeteknek, úttörő szerepet vállalva a biztonságos, PKI alapú digitalizációban.
Napjainkban egyre nagyobb igény jelentkezik az ügyviteli folyamatok automatizálására, a személyes interakciók nélküli ügyintézésre. Ezen igény mentén egyre több helyen jelennek meg önkiszolgáló pontok, más néven kioszkok – gondoljunk csak például a gyorséttermi rendelések leadására szolgáló terminálokra, a csomagok átadására és átvételére használható automatákra, vagy az önkiszolgáló kasszákra. A jövőben várható a kioszkok további területeken történő térhódítása is, akár a korábbiaknál bonyolultabb ügyekben is, mint például a pénzintézetek, biztosítók, közművek ügyfélszolgálatainak tehermentesítésében.
A kioszkok jellemzően nyilvános helyen, gyakran személyes felügyelet, őrzés nélkül hozzáférhetőek az ügyfelek részére. Ugyanakkor a segítségükkel gyakran biztonságkritikus műveletet is végeznek, amelyek korábban rendszerint védett helyen található készülékről, megbízható ügyintézők közreműködésével volt lehetséges. Így a kioszkok megjelenése IT biztonság szempontjából új kihívást jelent.
A Hallgató feladata megvizsgálni, hogy egy kioszk esetében milyen fizikai és szoftveres támadási lehetőségek állnak egy támadó rendelkezésére, és milyen technológiák és megoldások használhatóak ezen fenyegetettségek megszüntetésére.
A téma vizsgálatára valós projekt keretében, ipari konzulens segítségével nyílik lehetőség a Microsec zrt-nél. A Microsec zrt. Magyarország egyik meghatározó informatikai vállalkozása. Piacvezető szerepet tölt be az elektronikus aláírással kapcsolatos szolgáltatások területén, Magyarországon az első eIDAS szerinti minősített bizalmi szolgáltatóként minősített elektronikus aláíró és bélyegző tanúsítványok kibocsátását, minősített időbélyegzést, valamint minősített archiválás szolgáltatást nyújt nagyvállalatoknak, pénzintézeteknek, úttörő szerepet vállalva a biztonságos, PKI alapú digitalizációban.
Hétköznapi ügyintézéseink során a szolgáltatók többségénél a személyazonosítás alappillére a felhasználó és igazolványainak személyes, fizikai jelenléte az azonosítás helyszínén. Gondoljunk csak általános ügyintézési tapasztalatainkra bankoknál, biztosítóknál, közmű-szolgáltatóknál. A személyes jelenlét, illetve a várakozás kellemetlenséggel és egészségügyi kockázattal jár, így egyre több iparágban biztosítanak lehetőséget online, videókapcsolaton keresztül történő azonosításra a személyes jelenlét helyett. A személyes azonosítás online térbe történő áthelyezése azonban új kihívások elé állítja a szolgáltatókat, a megváltozott körülmények között is biztosítani kell az azonosítás megbízhatóságát.
A Hallgató feladata az elérhető videós azonosítási platformok és a velük szemben támasztott követelmények felkutatása, összehasonlítása és legalább egy rendszer esetében az azonosítás megbízhatóságának vizsgálata a tekintetben, hogy milyen mértékben alkalmas a személyes azonosítás kiváltására, és egy esetleges támadó számára milyen lehetőségek állnak rendelkezésre fals pozitív azonosítási eredmény elérésére.
A téma vizsgálatára valós projekt keretében, ipari konzulens segítségével nyílik lehetőség a Microsec zrt-nél. A Microsec zrt. Magyarország egyik meghatározó informatikai vállalkozása. Piacvezető szerepet tölt be az elektronikus aláírással kapcsolatos szolgáltatások területén, Magyarországon az első eIDAS szerinti minősített bizalmi szolgáltatóként minősített elektronikus aláíró és bélyegző tanúsítványok kibocsátását, minősített időbélyegzést, valamint minősített archiválás szolgáltatást nyújt nagyvállalatoknak, pénzintézeteknek, úttörő szerepet vállalva a biztonságos, PKI alapú digitalizációban.
A Taszk Kft-nél három terület közül is lehet választani. Ezek közül 1 téma elindítására van lehetőség.
Instrumenting Smartphone Firmware Components for Security Analysis
Explore techniques for instrumenting ARM firmware binaries for code analysis purposes. Study various approaches from bare-metal instrumentation by code patching to using existing emulation and/or on-target frameworks (e.g. qemu, unicorn, frida), to utilizing ARM hardware debug extensions. Learn about various dynamic code analysis goals (e.g tracing, hooking, fuzzing, data flow analysis, etc) and their instrumentation requirements.
Stretch Goals: Furthering the research we envision the student creating a fully fledged case study of an either fully on-target or a hybrid emulated/on-target fuzzing framework utilizing instrumentation. We have several real-world targets (various firmware elements of modern smartphone SoCs) in mind for this.
Security Analysis of Custom Android Kernel Self-Defenses
Learn the basics of working with Android kernel image customizations: image formats, OTA updates, extraction, (re)building, writing modules. Study Linux kernel memory management concepts and how they pertain to exploit mitigations. Study the history of Linux kernel privilege escalation techniques and the evolution of known kernel self-defenses to counter them.
Stretch Goals: Building on a firm understanding of the prior art, conduct original research into the current state of Android kernel vendor customizations. We envision two tracks that this research can take. The first is a study of "patch gaping" of Linux kernel security bugs with respect to the mainline Linux kernel vs vendor-customized kernels of high-end smartphones. The second is a study of the (largely undocumented) custom mitigations that the leading Android device manufacturers introduce into their kernels.
Static Vulnerability Analysis Using Code Property Graph-based Query Languages
Study existing frameworks (such as bjoern and hexrays decompiler) that automate the extraction of semantic information from compiled binaries and expose a code property graph that can be used with a query language for identifying vulnerable code patterns.
Research how such frameworks could be extended or have alternatives developed for them on top of existing binary analysis solutions (such as disassembler/decompiler engines). Discover the advantages and limitations of this approach and what kinds of memory safety vulnerabilities can be efficiently queried with it.
Identify a target binary, study its attack surface, and define bug patterns of interest. Use/extend a framework to develop the desired bug pattern queries and carry out the manual analysis of the findings of the automated queries.
IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT), 2020.
@inproceedings {
author = {Marton Bak, Dorottya Papp, Csongor Tamás, Levente Buttyán},
title = {Clustering IoT Malware based on Binary Similarity},
booktitle = {IEEE/IFIP Workshop on Security for Emerging Distributed Network Technologies (DISSECT)},
year = {2020}
}
Conference of PhD Students in Computer Science (CSCS), 2020.
@conference {
author = {Roland Nagy, Levente Buttyán},
title = {Rootkit Detection on Embedded IoT Devices},
booktitle = {Conference of PhD Students in Computer Science (CSCS)},
year = {2020}
}
3rd International Workshop on Emerging Technologies for Authorization and Authentication (Co-Located with ESORICS 2020) - ETAA 2020, 2020.
@inproceedings {
author = {Gergely Biczók, Máté Horváth, Szilveszter Szebeni, Istvan Lam, Levente Buttyán},
title = {The cost of having been pwned: a security service provider's perspective},
booktitle = {3rd International Workshop on Emerging Technologies for Authorization and Authentication (Co-Located with ESORICS 2020) - ETAA 2020},
year = {2020}
}
Information Security and Cryptology – ICISC 2019 : Revised selected papers, Springer, 2020, pp. 1-17.
@inproceedings {
author = {Máté Horváth, Levente Buttyán, Gábor Székely, Dóra Neubrandt},
title = {There Is Always an Exception: Controlling Partial Information Leakage in Secure Computation},
booktitle = {Information Security and Cryptology – ICISC 2019 : Revised selected papers},
publisher = {Springer},
year = {2020},
pages = {1-17},
howpublished = "\url{https://eprint.iacr.org/2019/1302}"
}
The 12th Conference of PhD Students in Computer Science - Volume of short papers, 2020, pp. 70-73.
@inproceedings {
author = {Gábor Székely, Gergõ Ládi, Tamas Holczer, Levente Buttyán},
title = {Towards Reverse Engineering Protocol State Machines},
booktitle = {The 12th Conference of PhD Students in Computer Science - Volume of short papers},
year = {2020},
pages = {70-73}
}
Conference of PhD Students in Computer Science (CSCS), 2020.
@conference {
author = {Márton Juhász, Dorottya Papp, Levente Buttyán},
title = {Towards Secure Remote Firmware Update on Embedded IoT Devices},
booktitle = {Conference of PhD Students in Computer Science (CSCS)},
year = {2020}
}
Infocommunications Journal, 2nd Issue, 2019.
@article {
author = {Dorottya Papp, Kristóf Tamás, Levente Buttyán},
title = {IoT Hacking - A Primer},
journal = {Infocommunications Journal, 2nd Issue},
year = {2019}
}
International Conference on Software Engineering and Formal Methods (SEFM), 2019.
@inproceedings {
author = {Dorottya Papp, Thorsten Tarrach, Levente Buttyán},
title = {Towards Detecting Trigger-based Behavior In Binaries: Uncovering the Correct Environment},
booktitle = {International Conference on Software Engineering and Formal Methods (SEFM)},
year = {2019}
}
International Workshop on Cyber Security for Intelligent Transportation Systems, Held in Conjunction with ESORICS 2018, Springer, 2018.
@inproceedings {
author = {András Gazdag, Dóra Neubrandt, Levente Buttyán, Zsolt Szalay},
title = {Detection of Injection Attacks in Compressed CAN Traffic Logs},
booktitle = {International Workshop on Cyber Security for Intelligent Transportation Systems, Held in Conjunction with ESORICS 2018},
publisher = {Springer},
year = {2018}
}
26th International Conference on Software, Telecommunications and Computer Networks, Workshop on Information and Communication Technologies, Proceedings, FESB, University of Split, 2018, pp. 1-6, ISBN 978-9-5329-0087-3.
@inproceedings {
author = {Gergõ Ládi, Levente Buttyán, Tamas Holczer},
title = {Message Format and Field Semantics Inference for Binary Protocols Using Recorded Network Traffic},
booktitle = {26th International Conference on Software, Telecommunications and Computer Networks, Workshop on Information and Communication Technologies, Proceedings},
publisher = {FESB, University of Split},
year = {2018},
pages = {1-6},
note = {ISBN 978-9-5329-0087-3}
}
Euro-CYBERSEC 2018. Communications in Computer and Information Science, Springer, 2018, Gelenbe E. et al. (eds.), pp. 57-67, vol. 821.
@incollection {
author = {Levente Buttyán, Máté Horváth},
title = {Problem Domain Analysis of IoT-Driven Secure Data Markets},
booktitle = {Euro-CYBERSEC 2018. Communications in Computer and Information Science},
publisher = {Springer},
year = {2018},
editor = {Gelenbe E. et al. (eds.)},
pages = {57-67},
note = {vol. 821}
}
Vehicle and Automotive Engineering 2, Lecture Notes in Mechanical Engineering, University of Miskolc, Miskolc, Hungary, 2018.
@inproceedings {
author = {András Gazdag, Tamas Holczer, Levente Buttyán, Zsolt Szalay},
title = {Vehicular Can Traffic Based Microtracking for Accident Reconstruction},
booktitle = {Vehicle and Automotive Engineering 2, Lecture Notes in Mechanical Engineering},
publisher = {University of Miskolc, Miskolc, Hungary},
year = {2018}
}
IEEE Conference on Software, Telecommunications and Computer Networks (SoftCom), IEEE, 2017.
@inproceedings {
author = {Zsolt Szalay, Levente Buttyán, András Gazdag},
title = {Efficient Lossless Compression of CAN Traffic Logs},
booktitle = {IEEE Conference on Software, Telecommunications and Computer Networks (SoftCom)},
publisher = {IEEE},
year = {2017}
}
Scientific Letters of the University of Zilina, 2017.
@article {
author = {András Gazdag, Levente Buttyán, Zsolt Szalay},
title = {Forensics aware lossless compression of CAN traffic logs},
journal = {Scientific Letters of the University of Zilina},
year = {2017}
}
Balázs Vehovszky, Krisztián Bán, János Takács, 34th International Colloquium on Advanced Manufacturing and Repairing Technologies in Vehicle Industry: 17-19 May 2017, Visegrád, Hungary. 190 p., Budapest University of Technology and Economics, 2017.
@inproceedings {
author = {Zsolt Szalay, Levente Buttyán, András Gazdag},
title = {Towards Efficient Compression of CAN Traffic Logs},
editor = {Balázs Vehovszky, Krisztián Bán, János Takács},
booktitle = {34th International Colloquium on Advanced Manufacturing and Repairing Technologies in Vehicle Industry: 17-19 May 2017, Visegrád, Hungary. 190 p.},
publisher = {Budapest University of Technology and Economics},
year = {2017}
}
Workshop on Software Assurance at ARES 2017, 2017.
@conference {
author = {Dorottya Papp, Levente Buttyán, Zhendong Ma},
title = {Towards Semi-automated Detection of Trigger-based Behavior for Software Security Assurance},
booktitle = {Workshop on Software Assurance at ARES 2017},
year = {2017}
}
EMC2 Summit at CPS Week 2016, 2016.
@conference {
author = {Dorottya Papp, Zhendong Ma, Levente Buttyán},
title = {RoViM: Rotating Virtual Machines for Security and Fault-Tolerance},
booktitle = {EMC2 Summit at CPS Week 2016},
year = {2016}
}
BME CrySyS Lab, 2015.
@techreport {
author = {Boldizsár Bencsáth, Levente Buttyán, Roland Kamarás, Gábor Vaspöri, Gábor Molnár, Gábor Ács-Kurucz},
title = {Duqu 2.0:A comparison to Duqu},
institution = {BME CrySyS Lab},
year = {2015}
}
IEEE International Confenrence on Privacy, Security, and Trust, 2015.
@conference {
author = {Dorottya Papp, Zhendong Ma, Levente Buttyán},
title = {Embedded System Security: Threats, Vulnerabilities, and Attack Taxonomy},
booktitle = {IEEE International Confenrence on Privacy, Security, and Trust},
year = {2015}
}
Virus Bulletin, 2015.
@conference {
author = {Boldizsár Bencsáth, Levente Buttyán, Tamas Holczer, Balázs Kócsó, Dorottya Papp},
title = {ROSCO: Repository of signed code},
booktitle = {Virus Bulletin},
year = {2015}
}
Proceedings of International Conference on Computer Security in a Nuclear World: Expert Discussion and Exchange, IAEA, 2015.
@inproceedings {
author = {Levente Buttyán, Mark Felegyhazi, Tamas Holczer},
title = {The design and implementation of a PLC honeypot for detecting cyber attacks against industrial control systems},
booktitle = {Proceedings of International Conference on Computer Security in a Nuclear World: Expert Discussion and Exchange},
publisher = {IAEA},
year = {2015}
}
MRG Effitas and BME CrySyS Lab, 2014.
@techreport {
author = {Roland Kamarás, Gábor Vaspöri, Gábor Molnár, Gábor Ács-Kurucz, Zoltán Balázs, Levente Buttyán, Boldizsár Bencsáth},
title = {An independent test of APT attack detection appliances},
institution = {MRG Effitas and BME CrySyS Lab},
year = {2014}
}
Annual Scientific Conference of the Hungarian National Coordinating Center for Infocommunications (NIKK) 2014, Veszprém, Springer, 2014.
@inproceedings {
author = {Levente Buttyán, András Gazdag},
title = {Android Malware Analysis Based On Memory Forensics},
booktitle = {Annual Scientific Conference of the Hungarian National Coordinating Center for Infocommunications (NIKK) 2014, Veszprém},
publisher = {Springer},
year = {2014}
}
ACM Computing Surveys (CSUR), vol. 45 , no. 3, June , 2013, doi:10.1145/2480741.2480757.
@article {
author = {Boldizsár Bencsáth, Levente Buttyán, Gábor PÉK},
title = {A Survey of Security Issues in Hardware Virtualization},
journal = { ACM Computing Surveys (CSUR)},
volume = {45 },
number = {3},
month = {June },
year = {2013},
note = {doi:10.1145/2480741.2480757}
}
Pervasive and Mobile Computing, Elsevier, vol. 9, no. 4, August, 2013, pp. 546 - 563, (http://dx.doi.org/10.1016/j.pmcj.2012.05.001).
@article {
author = {Dávid Szeszlér, Levente Buttyán, Aron Laszka},
title = {Designing Robust Network Topologies for Wireless Sensor Networks in Adversarial Environments},
journal = {Pervasive and Mobile Computing, Elsevier},
volume = { 9},
number = {4},
month = {August},
year = {2013},
pages = {546 - 563},
note = {(http://dx.doi.org/10.1016/j.pmcj.2012.05.001)}
}
ISRN Sensor Networks Journal, Hindawi, December, 2013, In Press.
@article {
author = {Amit Dvir, Levente Buttyán, Ta Vinh Thong},
title = {On formal and automatic security verification of WSN transport protocols },
journal = {ISRN Sensor Networks Journal, Hindawi},
month = {December},
year = {2013},
note = {In Press}
}
IEEE International Confenrence on Communications (ICC), 2013, pp. 1-6, Budapest, Hungary, June.
@conference {
author = {Ta Vinh Thong, Levente Buttyán, Amit Dvir},
title = {SDTP+: Securing a Distributed Transport Protocol for WSNs using Merkle Trees and Hash Chains},
booktitle = {IEEE International Confenrence on Communications (ICC)},
year = {2013},
pages = {1-6},
address = {Budapest, Hungary},
month = {June}
}
Presentation at Power of Community (POC 2013, Seoul, South Korea), November, 2013.
@misc {
author = {Mark Felegyhazi, Levente Buttyán, Boldizsár Bencsáth, Gábor PÉK},
title = {Technical Trends in Recent Targeted Attacks },
howpublished = {Presentation at Power of Community (POC 2013, Seoul, South Korea)},
month = {November},
year = {2013}
}
Proceedings of the IEEE Workshop on SEcurity and SOCial Networking (SESOC), IEEE, IEEE, Lugano, Switzerland, March, 2012, pp. 1-6.
@inproceedings {
author = {Gergely Kótyuk, Levente Buttyán},
title = {A Machine Learning Based Approach for Predicting Undisclosed Attributes in Social Networks},
booktitle = {Proceedings of the IEEE Workshop on SEcurity and SOCial Networking (SESOC)},
organization = {IEEE},
publisher = {IEEE},
address = {Lugano, Switzerland},
month = {March},
year = {2012},
pages = {1-6}
}
no. CRYSYS-TR-2012-11-15, CrySyS Lab, BME, Nov, 2012.
@techreport {
author = {Levente Buttyán, Mark Felegyhazi, Aron Laszka},
title = {A Survey of Interdependent Security Games},
number = {CRYSYS-TR-2012-11-15},
institution = {CrySyS Lab, BME},
month = {Nov},
year = {2012}
}
Euro-NF Conference on Next Generation Internet (NGI), IEEE, 2012.
@inproceedings {
author = {Antonio M. Grilo, Augusto Casaca, Paulo Pereira, Levente Buttyán, José Goncalves, Carlos Fortunato},
title = {A Wireless Sensor and Actuator Network for Improving the Electrical Power Grid Dependability},
booktitle = {Euro-NF Conference on Next Generation Internet (NGI)},
publisher = {IEEE},
year = {2012}
}
Budapest New Tech Meetup, Budapest, Hungary., December, 2012.
@misc {
author = {Boldizsár Bencsáth, Gábor PÉK, Levente Buttyán, Mark Felegyhazi},
title = {Célzott informatikai támadások napjainkban},
howpublished = {Budapest New Tech Meetup, Budapest, Hungary.},
month = {December},
year = {2012}
}
F. Flammini (ed), Wireless Sensor Networks for Critical Infrastructure Protection, pp. 155-167, WIT Press, 2012.
@inbook {
author = {Peter Langendoerfer, Levente Buttyán, Augusto Casaca, Evgeny Osipov, Alban Hessler, Claude Castelluccia, Ammar Alkassar},
editor = {F. Flammini (ed)},
title = {Critical Infrastructure Security: Assessment, Prevention, Detection, Response},
chapter = {Wireless Sensor Networks for Critical Infrastructure Protection},
pages = {155-167},
publisher = {WIT Press},
year = {2012}
}
Hackin9 Extra, vol. 8, no. 1, January, 2012, pp. 8-11.
@article {
author = {Levente Buttyán, Boldizsár Bencsáth},
title = {Cryptography: The strongest link in the chain},
journal = {Hackin9 Extra},
volume = {8},
number = {1},
month = {January},
year = {2012},
pages = {8-11}
}
EuroNOG 2012 conference, Budapest, 10-11 Sept 2012, September, 2012.
@misc {
author = {Boldizsár Bencsáth, Levente Buttyán, Mark Felegyhazi, Gábor PÉK},
title = {Duqu, Flame, Gauss - new challenges for a new era },
howpublished = {EuroNOG 2012 conference, Budapest, 10-11 Sept 2012},
month = {September},
year = {2012}
}
ACM European Workshop on System Security (EuroSec), ACM, 2012.
@inproceedings {
author = {Boldizsár Bencsáth, Gábor PÉK, Levente Buttyán, Mark Felegyhazi},
title = {Duqu: Analysis, Detection, and Lessons Learned},
booktitle = {ACM European Workshop on System Security (EuroSec)},
publisher = {ACM},
year = {2012}
}
3rd International Conference on Game Theory for Networks (GameNets), 2012, May.
@conference {
author = {Levente Buttyán, Dávid Szeszlér, Aron Laszka},
title = {Game-theoretic Robustness of Many-to-one Networks},
booktitle = {3rd International Conference on Game Theory for Networks (GameNets)},
year = {2012},
month = {May}
}
3rd Conference on Decision and Game Theory for Security (GameSec 2012), LNCS , November, 2012, pp. 152-170, Volume 7638.
@inproceedings {
author = {Levente Buttyán, Dávid Szeszlér, Aron Laszka},
title = {Linear Loss Function for the Network Blocking Game: An Efficient Model for Measuring Network Robustness and Link Criticality},
booktitle = {3rd Conference on Decision and Game Theory for Security (GameSec 2012)},
publisher = {LNCS },
month = {November},
year = {2012},
pages = {152-170},
note = {Volume 7638}
}
9th International Conference on Trust, Privacy & Security in Digital Business (TrustBus), Springer LNCS, July, 2012, pp. 1-15.
@inproceedings {
author = {Ta Vinh Thong, Levente Buttyán},
title = {Query Auditing for Protecting Max/Min Values of Sensitive Attributes in Statistical Databases},
booktitle = {9th International Conference on Trust, Privacy & Security in Digital Business (TrustBus)},
publisher = {Springer LNCS},
month = {July},
year = {2012},
pages = {1-15}
}
accepted for publication in Elsevier Computer Networks, 2012.
@article {
author = {Peter Schaffer, Károly Farkas, Ádám Horváth, Tamas Holczer, Levente Buttyán},
title = {Secure and Reliable Clustering in Wireless Sensor Networks: A Critical Survey},
journal = {accepted for publication in Elsevier Computer Networks},
year = {2012}
}
In collaboration with the sKyWIper Analysis Team , 2012.
@techreport {
author = {Boldizsár Bencsáth, Gábor PÉK, Levente Buttyán, Mark Felegyhazi},
title = {sKyWIper (a.k.a. Flame a.k.a. Flamer): A complex malware for targeted attacks},
institution = {In collaboration with the sKyWIper Analysis Team },
year = {2012}
}
SCADA and Smart Grid Cyber Security Summit, 26-27 April 2012, April, 2012, London.
@misc {
author = {Boldizsár Bencsáth, Gábor PÉK, Levente Buttyán, Mark Felegyhazi},
title = {Targeted attacks against Critical infrastructure: Stuxnet and beyond},
howpublished = {SCADA and Smart Grid Cyber Security Summit, 26-27 April 2012},
month = {April},
year = {2012},
note = {London}
}
Kaspersky SAS 2012 - Security Analyst Summit, Cancun, Mexico, February, 2012.
@misc {
author = {Boldizsár Bencsáth, Levente Buttyán, Gábor PÉK, Mark Felegyhazi},
title = {Targeted Attacks of Recent Times },
howpublished = {Kaspersky SAS 2012 - Security Analyst Summit, Cancun, Mexico},
month = {February},
year = {2012}
}
2012 Workshop on Cyber Security and Global Affairs and Global Security Forum, 1-3 June 2012, June, 2012, Barcelona, Spain.
@misc {
author = {Boldizsár Bencsáth, Levente Buttyán, Gábor PÉK, Mark Felegyhazi},
title = {Technical analysis and information sharing in the handling of high-profile targeted attacks },
howpublished = {2012 Workshop on Cyber Security and Global Affairs and Global Security Forum, 1-3 June 2012},
month = {June},
year = {2012},
note = {Barcelona, Spain}
}
ISCD 2012, Balatonöszöd, 3-4 Sep., September, 2012.
@misc {
author = {Levente Buttyán, Boldizsár Bencsáth, Gábor PÉK, Mark Felegyhazi},
title = {The cousins of Stuxnet:Duqu, Flame, Gauss, …},
howpublished = {ISCD 2012, Balatonöszöd, 3-4 Sep.},
month = {September},
year = {2012}
}
Future Internet 2012, 4(4), doi:10.3390/fi4040971, 2012, pp. 971-1003, doi:10.3390/fi4040971, http://www.mdpi.com/journal/futureinternet/special_issues/stuxnet.
@article {
author = {Boldizsár Bencsáth, Gábor PÉK, Levente Buttyán, Mark Felegyhazi},
title = {The Cousins of Stuxnet: Duqu, Flame, and Gauss},
journal = {Future Internet 2012, 4(4), doi:10.3390/fi4040971},
year = {2012},
pages = {971-1003},
note = {doi:10.3390/fi4040971, http://www.mdpi.com/journal/futureinternet/special_issues/stuxnet}
}
IEEE Workshop on Data Security and Privacy in Wireless Networks (D-SPAN), IEEE, June, 2012.
@inproceedings {
author = {Levente Buttyán, Tamas Holczer},
title = {Traffic Analysis Attacks and Countermeasures in Wireless Body Area Sensor Networks},
booktitle = {IEEE Workshop on Data Security and Privacy in Wireless Networks (D-SPAN)},
publisher = {IEEE},
month = {June},
year = {2012}
}
BME CrySyS Lab., October, 2011., First published in cut-down form as appendix to the Duqu report of Symantec.
@techreport {
author = {Boldizsár Bencsáth, Gábor PÉK, Levente Buttyán, Mark Felegyhazi},
title = {Duqu: A Stuxnet-like malware found in the wild},
institution = {BME CrySyS Lab.},
month = {October},
year = {2011.},
note = {First published in cut-down form as appendix to the Duqu report of Symantec}
}
Kiberbiztonsági Konferencia, ZMNE, November 25, 2011..
@misc {
author = {Boldizsár Bencsáth, Levente Buttyán},
title = {Targeted attacks of recent days},
howpublished = {Kiberbiztonsági Konferencia, ZMNE},
month = {November 25},
year = {2011.}
}
Proceedings of the IEEE International Confenrence on Communications (ICC), IEEE, Kyoto, Japan, June 5-9, 2011, pp. 1-6.
@inproceedings {
author = {Levente Buttyán, Antonio M. Grilo},
title = {A Secure Distributed Transport Protocol for Wireless Sensor Networks},
booktitle = {Proceedings of the IEEE International Confenrence on Communications (ICC)},
publisher = {IEEE},
address = {Kyoto, Japan},
month = {June 5-9},
year = {2011},
pages = {1-6}
}
International Journal of Distributed Sensor Networks, 2011, pp. 1-18, Article ID 828414.
@article {
author = {Tamas Holczer, Levente Buttyán},
title = {Anonymous Aggregator Election and Data Aggregation in Wireless Sensor Networks},
journal = {International Journal of Distributed Sensor Networks},
year = {2011},
pages = {1-18},
note = {Article ID 828414}
}
IEEE INFOCOM, Demo/Posters, Shanghai, China, April 11-15, 2011, pp. 1.
@inproceedings {
author = {Levente Buttyán, Amit Dvir},
title = {Backpressure Approach for Bypassing Jamming Attacks in Wireless Sensor Networks},
publisher = {IEEE INFOCOM, Demo/Posters},
address = {Shanghai, China},
month = {April 11-15},
year = {2011},
pages = {1}
}
Proceedings of the First SysSec Workshop SysSec 2011, SysSec, Amsterdam, The Netherlands, July 6, 2011, pp. 73-76.
@inproceedings {
author = {Levente Buttyán, Mark Felegyhazi, Boldizsár Bencsáth},
title = {CLEARER: CrySyS Laboratory Security and Privacy Research Roadmap},
booktitle = {Proceedings of the First SysSec Workshop SysSec 2011},
publisher = {SysSec},
address = { Amsterdam, The Netherlands},
month = {July 6},
year = {2011},
pages = {73-76}
}
Kiberbiztonsági Konferencia, ZMNE, November 25, 2011.
@misc {
author = {Boldizsár Bencsáth, Levente Buttyán},
title = {Cryptography - the strongest chain element in the practice of cyber security},
howpublished = {Kiberbiztonsági Konferencia, ZMNE},
month = {November 25},
year = {2011}
}
IEEE Transactions on Dependable and Secure Computing, vol. 8, no. 6, November/December, 2011.
@article {
author = {László CZAP, Levente Buttyán, István VAJDA},
title = {Detection and Recovery From Pollution Attacks in Coding Based Distributed Storage Schemes},
journal = {IEEE Transactions on Dependable and Secure Computing},
volume = {8},
number = {6},
month = {November/December},
year = {2011}
}
Periodica Polytechnica Journal, accepted for publication, 2011.
@article {
author = {Ta Vinh Thong, Levente Buttyán},
title = {Formal verification of secure ad-hoc network routing protocols using deductive model-checking},
journal = {Periodica Polytechnica Journal},
month = {accepted for publication},
year = {2011}
}
ACM European Workshop on System Security (EuroSec), ACM, Salzburg, Austria, April 10, 2011, pp. 1-6.
@inproceedings {
author = {Gábor PÉK, Boldizsár Bencsáth, Levente Buttyán},
title = {nEther: In-guest Detection of Out-of-the-guest Malware Analyzers},
booktitle = {ACM European Workshop on System Security (EuroSec)},
publisher = {ACM},
address = {Salzburg, Austria},
month = {April 10},
year = {2011},
pages = {1-6}
}
Springer Telecommunication Systems, accepted for publication, 2011, pp. 1-30, Article ID: 10.1007/s11235-011-9592-3.
@article {
author = {Ta Vinh Thong, Levente Buttyán},
title = {On automating the verification of secure ad-hoc network routing protocols},
journal = {Springer Telecommunication Systems},
month = {accepted for publication},
year = {2011},
pages = {1-30},
note = {Article ID: 10.1007/s11235-011-9592-3}
}
IEEE Workshop on Data Security and Privacy in Wireless Networks (D-SPAN), 2011, pp. 1-6, Lucca, Italy, June 20.
@conference {
author = {Aron Laszka, Levente Buttyán, Dávid Szeszlér},
title = {Optimal Selection of Sink Nodes in Wireless Sensor Networks in Adversarial Environments},
booktitle = {IEEE Workshop on Data Security and Privacy in Wireless Networks (D-SPAN)},
year = {2011},
pages = {1-6},
address = {Lucca, Italy},
month = {June 20}
}
Fókuszban a CrySyS Lab. , December 14, 2011.
@misc {
author = {Boldizsár Bencsáth, Levente Buttyán, Gábor PÉK, Mark Felegyhazi},
title = {Recent advances in targeted malware attacks },
howpublished = {Fókuszban a CrySyS Lab. },
month = {December 14},
year = {2011}
}
Schönherz - Simonyi Szakkollégium ., December 13, 2011.
@misc {
author = {Boldizsár Bencsáth, Levente Buttyán, Gábor PÉK, Mark Felegyhazi},
title = {Recent advances in targeted malware attacks },
howpublished = {Schönherz - Simonyi Szakkollégium .},
month = {December 13},
year = {2011}
}
7th IEEE International Workshop on Wireless and Sensor Networks Security, IEEE, Valencia, Spain, October 17-22, 2011, pp. 709 - 714.
@inproceedings {
author = {Levente Buttyán, Tamas Holczer, Amit Dvir},
title = {VeRA - Version Number and Rank Authentication in RPL},
booktitle = {7th IEEE International Workshop on Wireless and Sensor Networks Security},
publisher = {IEEE},
address = {Valencia, Spain},
month = {October 17-22},
year = {2011},
pages = {709 - 714}
}
Proceedings of the IEEE Conference on Software, Telecommunications and Computer Networks (SoftCom), IEEE, Split-Hvar-Dubrovnik, September 15-17, 2011, pp. 1-6.
@inproceedings {
author = {Boldizsár Bencsáth, Levente Buttyán, Tamás Paulik},
title = {XCS based hidden firmware modification on embedded devices},
booktitle = {Proceedings of the IEEE Conference on Software, Telecommunications and Computer Networks (SoftCom)},
publisher = {IEEE},
address = {Split-Hvar-Dubrovnik},
month = {September 15-17},
year = {2011},
pages = {1-6}
}
IEEE Wireless Communications Magazine, vol. 17, no. 5, October, 2010, pp. 44 - 49.
@article {
author = {Levente Buttyán, Dennis Gessner, Alban Hessler, Peter Langendoerfer},
title = {Application of Wireless Sensor Networks in Critical Infrastructure Protection -- Challenges and Design Options},
journal = {IEEE Wireless Communications Magazine},
volume = {17},
number = {5},
month = {October},
year = {2010},
pages = {44 - 49}
}
Elsevier Ad Hoc Networks, vol. 8, no. 1, January 10, 2010, pp. 1-14.
@article {
author = {István VAJDA, Mark Felegyhazi, László DÓRA, Levente Buttyán},
title = {Barter Trade Improves Message Delivery in Opportunistic Networks},
journal = {Elsevier Ad Hoc Networks},
volume = {8},
number = {1},
month = {January 10},
year = {2010},
pages = {1-14}
}
N. Zorba, C. Skianis, and C. Verikoukis (eds), Cross Layer Designs in WLAN Systems, Troubador Publishing Ltd, Emerging Communication and Service Technologies Series, 2010.
@inbook {
author = {A. Traganitis, Vasilios SIRIS, László DÓRA, Levente Buttyán, Boldizsár Bencsáth, Ioannis ASKOXYLAKIS},
editor = {N. Zorba, C. Skianis, and C. Verikoukis (eds)},
title = {Cross-layer security and resilience in wireless mesh networks},
publisher = {Cross Layer Designs in WLAN Systems, Troubador Publishing Ltd, Emerging Communication and Service Technologies Series},
year = {2010}
}
vol. LNCS 6442, Springer, 2010.
@book {
author = {Tansu Alpcan, Levente Buttyán, John Baras},
title = {Decision and Game Theory for Security},
volume = {LNCS 6442},
publisher = {Springer},
year = {2010}
}
Elsevier Computer Communications, vol. 33, April, 2010, pp. 907-922.
@article {
author = {Marinella PETROCCHI, Fabio MARTINELLI, László DÓRA, Levente Buttyán},
title = {Fast Certificate-based Authentication Scheme in Multi-operator maintained Wireless Mesh Networks},
journal = {Elsevier Computer Communications},
volume = {33},
month = {April},
year = {2010},
pages = {907-922}
}
Proceedings of the IFIP Wireless and Mobile Networking Conference (WMNC), IFIP, Budapest, Hungary, October 18-20, 2010, pp. 1-6.
@inproceedings {
author = {Levente Buttyán, Ta Vinh Thong},
title = {Formal verification of secure ad-hoc network routing protocols using deductive model-checking},
booktitle = {Proceedings of the IFIP Wireless and Mobile Networking Conference (WMNC)},
publisher = {IFIP},
address = {Budapest, Hungary},
month = {October 18-20},
year = {2010},
pages = {1-6}
}
In Proceedings of the Second IEEE WoWMoM Workshop on Hot Topics in Mesh Networking (HotMESH'10), Montreal, Canada, June 14-17, 2010.
@inproceedings {
author = {László DÓRA, Levente Buttyán, Gergely Ács},
title = {Misbehaving Router Detection in Link-state Routing for Wireless Mesh Networks},
booktitle = {In Proceedings of the Second IEEE WoWMoM Workshop on Hot Topics in Mesh Networking (HotMESH'10)},
address = {Montreal, Canada},
month = {June 14-17},
year = {2010}
}
International Journal of Distributed Sensor Networks, vol. 2010, no. Article ID 679205, 2010.
@article {
author = {Levente Buttyán, Peter Schaffer},
title = {PANEL: Position-based Aggregator Node Election in Wireless Sensor Networks},
journal = {International Journal of Distributed Sensor Networks},
volume = {2010},
number = {Article ID 679205},
year = {2010}
}
Proceedings of The 7th IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS 2010), IEEE, San Francisco, November 8-12, 2010.
@inproceedings {
author = {Tamas Holczer, Levente Buttyán},
title = {Perfectly Anonymous Data Aggregation in Wireless Sensor Networks},
booktitle = {Proceedings of The 7th IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS 2010)},
publisher = {IEEE},
address = {San Francisco},
month = {November 8-12},
year = {2010}
}
Proceedings of the International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC), IEEE, California, USA, June 7-9, 2010.
@inproceedings {
author = {Levente Buttyán, László CZAP, István VAJDA},
title = {Pollution Attack Defense for Coding Based Sensor Storage},
booktitle = {Proceedings of the International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC)},
publisher = {IEEE},
address = {California, USA},
month = {June 7-9},
year = {2010}
}
Proceedings fof the IEEE Workshop on Sensor Networks and Systems for Pervasive Computing (PerSeNS), IEEE, Seattle, USA, March 21-25, 2010, pp. 1-6.
@inproceedings {
author = {Levente Buttyán, László Csik},
title = {Security Analysis of Reliable Transport Layer Protocols for Wireless Sensor Networks},
booktitle = {Proceedings fof the IEEE Workshop on Sensor Networks and Systems for Pervasive Computing (PerSeNS)},
publisher = {IEEE},
address = {Seattle, USA},
month = {March 21-25},
year = {2010},
pages = {1-6}
}
Híradástechnika, vol. LXIV, August, 2009..
@article {
author = {Boldizsár Bencsáth, Levente Buttyán, István VAJDA},
title = {Security of Communication Networks (In Hungarian)},
journal = {Híradástechnika},
volume = {LXIV},
month = {August},
year = {2009.}
}
In Proceedings of the First IEEE WoWMoM Workshop on Hot Topics in Mesh Networking (HotMESH'09), IEEE, Kos, Greece, June 15, 2009.
@inproceedings {
author = {László DÓRA, Levente Buttyán},
title = {An Authentication Scheme for QoS-aware Multi-operator maintained Wireless Mesh Networks},
booktitle = {In Proceedings of the First IEEE WoWMoM Workshop on Hot Topics in Mesh Networking (HotMESH'09)},
publisher = {IEEE},
address = {Kos, Greece},
month = {June 15},
year = {2009}
}
Infocommunications Journal, vol. LXIV, no. 2009/2-3, March, 2009, pp. 1-8.
@article {
author = {Levente Buttyán, Gábor PÉK, Ta Vinh Thong},
title = {Consistency verification of stateful firewalls is not harder than the stateless case},
journal = {Infocommunications Journal},
volume = {LXIV},
number = {2009/2-3},
month = {March},
year = {2009},
pages = {1-8}
}
Elsevier Ad Hoc Networks, vol. 7, no. 6, 2009, pp. 1035-1050.
@article {
author = {Levente Buttyán, Peter Schaffer, István VAJDA},
title = {CORA: Correlation-based Resilient Aggregation in Sensor Networks},
journal = {Elsevier Ad Hoc Networks},
volume = {7},
number = {6},
year = {2009},
pages = {1035-1050}
}
Infocommunications Journal, vol. LXIV., no. no. 4., 2009, pp. pp. 3-7..
@article {
author = {Boldizsár Bencsáth, Levente Buttyán, István VAJDA},
title = {On the security of communication network: now and tomorrow},
journal = {Infocommunications Journal},
volume = {LXIV.},
number = {no. 4.},
year = {2009},
pages = {pp. 3-7.}
}
Proceedings of the Fifth IEEE International Workshop on Wireless and Sensor Networks Security (WSNS'09), IEEE, IEEE, Macau SAR, PRC, October 12 , 2009, pp. 1048-1053.
@inproceedings {
author = {Tamas Holczer, Levente Buttyán},
title = {Private Cluster Head Election in Wireless Sensor Networks},
booktitle = {Proceedings of the Fifth IEEE International Workshop on Wireless and Sensor Networks Security (WSNS'09)},
organization = {IEEE},
publisher = {IEEE},
address = {Macau SAR, PRC},
month = {October 12 },
year = {2009},
pages = {1048-1053}
}
Wireless Communications and Mobile Computing (Special Issue on QoS and Security in Wireless Networks), vol. 10, no. 5, 2009, pp. 622-646.
@article {
author = {István VAJDA, Dávid SZILI, Vasilios SIRIS, László DÓRA, Levente Buttyán, Boldizsár Bencsáth, Ioannis ASKOXYLAKIS},
title = {Securing Multi-operator Based QoS-aware Mesh Networks: Requirements and Design Options},
journal = {Wireless Communications and Mobile Computing (Special Issue on QoS and Security in Wireless Networks)},
volume = {10},
number = {5},
year = {2009},
pages = {622-646}
}
Proceedings of the IEEE Vehicular Networking Conference, IEEE, IEEE, Tokyo, Japan, October 28-29, 2009, pp. 1-8.
@inproceedings {
author = {William Whyte, Andre Weimerskirch, Tamas Holczer, Levente Buttyán},
title = {SLOW: A Practical Pseudonym Changing Scheme for Location Privacy in VANETs},
booktitle = {Proceedings of the IEEE Vehicular Networking Conference},
organization = {IEEE},
publisher = {IEEE},
address = {Tokyo, Japan},
month = {October 28-29},
year = {2009},
pages = {1-8}
}
International Journal of Distributed Sensor Networks, September, 2008.
@article {
author = {Levente Buttyán, Peter Schaffer},
title = {PANEL: Position-based Aggregator Node Election in Wireless Sensor Networks},
journal = {International Journal of Distributed Sensor Networks},
month = {September},
year = {2008}
}
IEEE Communications Magazine, vol. 46, no. 11, November, 2008, pp. 100-109.
@article {
author = {Jean-Pierre Hubaux, Antonio Kung, Frank Kargl, Zhendong Ma, Maxim Raya, Julien Freudiger, Elmar Schoch, Tamas Holczer, Levente Buttyán, Panagiotis Papadimitratos},
title = {Secure vehicular communication systems: design and architecture},
journal = {IEEE Communications Magazine},
volume = {46},
number = {11},
month = {November},
year = {2008},
pages = {100-109}
}
IEEE Communications Magazine, vol. 46, no. 11, November, 2008, pp. 110-118.
@article {
author = {Jean-Pierre Hubaux, Antonio Kung, Albert Held, Giorgo Calandriello, Ta Vinh Thong, Björn Wiedersheim, Elmar Schoch, Michael Müter, Levente Buttyán, Panagiotis Papadimitratos, Frank Kargl},
title = {Secure vehicular communication systems: implementation, performance, and research challenges},
journal = {IEEE Communications Magazine},
volume = {46},
number = {11},
month = {November},
year = {2008},
pages = {110-118}
}
IEEE Workshop on Wireless and Sensor Network Security (WSNS), Atlanta, Georgia, USA, September 29-October 2, 2008.
@inproceedings {
author = {Levente Buttyán, László CZAP, István VAJDA},
title = {Securing Coding Based Distributed Storage in Wireless Sensor Networks},
booktitle = {IEEE Workshop on Wireless and Sensor Network Security (WSNS)},
address = {Atlanta, Georgia, USA},
month = {September 29-October 2},
year = {2008}
}
Cambridge University Press, 2008.
@book {
author = {Levente Buttyán, Jean-Pierre Hubaux},
title = {Security and Cooperation in Wireless Networks},
publisher = {Cambridge University Press},
year = {2008}
}
Hiradástechnika, vol. LXIII, January, 2008, pp. 16-21.
@article {
author = {Levente Buttyán, Ta Vinh Thong},
title = {Security API analysis with the spi-calculus},
journal = {Hiradástechnika},
volume = {LXIII},
month = {January},
year = {2008},
pages = {16-21}
}
In Proceedings of the Third Annual International Wireless Internet Conference, ACM, Austin, Texas, USA, October 22-23, 2007, pp. 1-6, (invited paper).
@inproceedings {
author = {András BOHÁK, Levente Buttyán, László DÓRA},
title = {An User Authentication Scheme for Fast Handover Between WiFi Access Points},
booktitle = {In Proceedings of the Third Annual International Wireless Internet Conference},
publisher = {ACM},
address = {Austin, Texas, USA},
month = {October 22-23},
year = {2007},
pages = {1-6},
note = {(invited paper)}
}
Proceedings of the International Conference on ITS Telecommunications (ITST), -, Sophia Antipolis, France, June 6-8, , 2007, pp. 1-6.
@inproceedings {
author = {Panagiotis Papadimitratos, Levente Buttyán, Jean-Pierre Hubaux, Frank Kargl, Antonio Kung, Maxim Raya},
title = {Architecture for Secure and Private Vehicular Communications},
booktitle = {Proceedings of the International Conference on ITS Telecommunications (ITST)},
publisher = {-},
address = {Sophia Antipolis, France},
month = {June 6-8, },
year = {2007},
pages = {1-6}
}
In Proceedings of the First IEEE WoWMoM Workshop on Autonomic and Opportunistic Communications, IEEE Computer Society Press, Helsinki, Finland, June 18 , 2007, pp. 1-6.
@inproceedings {
author = {Levente Buttyán, László DÓRA, Mark Felegyhazi, István VAJDA},
title = {Barter-based cooperation in delay-tolerant personal wireless networks},
booktitle = {In Proceedings of the First IEEE WoWMoM Workshop on Autonomic and Opportunistic Communications},
publisher = {IEEE Computer Society Press},
address = {Helsinki, Finland},
month = {June 18 },
year = {2007},
pages = {1-6}
}
Hiradástechnika, vol. LXII/8, August, 2007, pp. 43-49.
@article {
author = {Levente Buttyán, Ta Vinh Thong},
title = {Biztonsági API analízis a spi-kalkulussal},
journal = {Hiradástechnika},
volume = {LXII/8},
month = {August},
year = {2007},
pages = {43-49}
}
In Proceedings of the International Workshop on Trust, Security, and Privacy for Ubiquitous Computing (TSPUC 2007), IEEE, Helsinki, Finland, Jun 18 , 2007.
@inproceedings {
author = {Gildas Avoine, Levente Buttyán, Tamas Holczer, István VAJDA},
title = {Group-Based Private Authentication},
booktitle = {In Proceedings of the International Workshop on Trust, Security, and Privacy for Ubiquitous Computing (TSPUC 2007)},
publisher = {IEEE},
address = {Helsinki, Finland},
month = {Jun 18 },
year = {2007}
}
In Proceedings of the Fourth European Workshop on Security and Privacy in Ad hoc and Sensor Networks (ESAS2007), Springer, Cambridge, UK, July 2-3, , 2007.
@inproceedings {
author = {István VAJDA, Tamas Holczer, Levente Buttyán},
title = {On the Effectiveness of Changing Pseudonyms to Provide Location Privacy in VANETs},
booktitle = {In Proceedings of the Fourth European Workshop on Security and Privacy in Ad hoc and Sensor Networks (ESAS2007)},
publisher = {Springer},
address = {Cambridge, UK},
month = {July 2-3, },
year = {2007}
}
In Proceedings of the 4th IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS), IEEE Press, Pisa, Italy, October 8-11, 2007.
@inproceedings {
author = {Levente Buttyán, Peter Schaffer},
title = {PANEL: Position-based Aggregator Node Election in Wireless Sensor Networks},
booktitle = {In Proceedings of the 4th IEEE International Conference on Mobile Ad-hoc and Sensor Systems (MASS)},
publisher = {IEEE Press},
address = {Pisa, Italy},
month = {October 8-11},
year = {2007}
}
in J. Lopez and J. Zhou (eds.): Wireless Sensor Network Security (Cryptology and Information Security Series), IOS Press, 2007.
@inbook {
author = {Gergely Ács, Levente Buttyán},
title = {Secure Routing in Wireless Sensor Networks},
publisher = {in J. Lopez and J. Zhou (eds.): Wireless Sensor Network Security (Cryptology and Information Security Series), IOS Press},
year = {2007}
}
vol. LNCS 4357, Springer, 2007.
@book {
author = {Levente Buttyán, Virgil Gligor, Dirk Westhoff},
title = {Security and Privacy in Ad Hoc and Sensor Networks},
volume = {LNCS 4357},
publisher = {Springer},
year = {2007}
}
October 8-11, In Proceedings of the 3rd IEEE Workshop on Wireless and Sensor Networks Security (WSNS 2007), IEEE Press, Pisa, Italy, 2007.
@inproceedings {
author = {István VAJDA, Levente Buttyán, Gergely Ács},
title = {The Security Proof of a Link-state Routing Protocol for Wireless Sensor Networks},
editor = {October 8-11},
booktitle = {In Proceedings of the 3rd IEEE Workshop on Wireless and Sensor Networks Security (WSNS 2007)},
organization = {IEEE Press},
address = {Pisa, Italy},
year = {2007}
}
Híradástechnika, December, 2006.
@article {
author = {Levente Buttyán, Gergely Ács},
title = {A taxonomy of routing protocols for wireless sensor networks},
journal = {Híradástechnika},
month = {December},
year = {2006}
}
In Proceedings of the Fourth ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN'06), October, 2006.
@inproceedings {
author = {Gergely Ács, Levente Buttyán, István VAJDA},
title = {Modelling Adversaries and Security Objectives for Routing Protocols in Wireless Sensor Networks},
booktitle = {In Proceedings of the Fourth ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN'06)},
month = {October},
year = {2006}
}
In Proceedings of the International Workshop on Privacy Enhancing Technologies (PET), June, 2006, Springer.
@inproceedings {
author = {István VAJDA, Tamas Holczer, Levente Buttyán},
title = {Optimal Key-Trees for Tree-Based Private Authentication},
booktitle = {In Proceedings of the International Workshop on Privacy Enhancing Technologies (PET)},
month = {June},
year = {2006},
note = {Springer}
}
IEEE Transactions on Mobile Computing, vol. 5, no. 11, 2006.
@article {
author = {István VAJDA, Levente Buttyán, Gergely Ács},
title = {Provably Secure On-demand Source Routing in Mobile Ad Hoc Networks},
journal = {IEEE Transactions on Mobile Computing},
volume = {5},
number = {11},
year = {2006}
}
In Proceedings of the 15th IST Mobile and Wireless Communication Summit, Mykonos, Greece, June, 2006.
@inproceedings {
author = {István VAJDA, Tamas Holczer, Levente Buttyán},
title = {Providing Location Privacy in Automated Fare Collection Systems},
booktitle = {In Proceedings of the 15th IST Mobile and Wireless Communication Summit, Mykonos, Greece},
month = {June},
year = {2006}
}
In Proceedings of the Fourth ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN), ACM Press, Alexandria, VA, USA, October, 2006.
@inproceedings {
author = {István VAJDA, Peter Schaffer, Levente Buttyán},
title = {RANBAR: RANSAC-Based Resilient Aggregation in Sensor Networks},
booktitle = {In Proceedings of the Fourth ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN)},
publisher = {ACM Press},
address = {Alexandria, VA, USA},
month = {October},
year = {2006}
}
Second IEEE International Workshop on Sensor Networks and Systems for Pervasive Computing (PerSeNS), IEEE Computer Society Press, Pisa, Italy, March, 2006.
@inproceedings {
author = {Levente Buttyán, Peter Schaffer, István VAJDA},
title = {Resilient Aggregation with Attack Detection in Sensor Networks},
booktitle = {Second IEEE International Workshop on Sensor Networks and Systems for Pervasive Computing (PerSeNS)},
publisher = {IEEE Computer Society Press},
address = {Pisa, Italy},
month = {March},
year = {2006}
}
Chapter 10, in N.P.Mahalik (ed.): Sensor Networks and Configuration, Springer, 2006.
@inbook {
author = {Levente Buttyán, Peter Schaffer, István VAJDA},
title = {Resilient Aggregation: Statistical Approaches},
chapter = {Chapter 10},
publisher = {in N.P.Mahalik (ed.): Sensor Networks and Configuration, Springer},
year = {2006}
}
IST Mobile Summit, ??, June, 2006.
@inproceedings {
author = {Tim Leinmueller, Levente Buttyán, Jean-Pierre Hubaux, Frank Kargl, Panagiotis Papadimitratos, Maxim Raya, Elmar Schoch},
title = {SEVECOM - Secure Vehicle Communication},
booktitle = {IST Mobile Summit},
publisher = {??},
month = {June},
year = {2006}
}
Híradástecnika, November, 2006.
@article {
author = {Levente Buttyán, Gergely Ács},
title = {Útvonalválasztó protokollok vezeték nélküli szenzorhálózatokban},
journal = {Híradástecnika},
month = {November},
year = {2006}
}
Híradástechnika, May, 2006.
@article {
author = {László DÓRA, Levente Buttyán},
title = {WiFi biztonság - A jó, a rossz, és a csúf},
journal = {Híradástechnika},
month = {May},
year = {2006}
}
IEEE Transactions on Secure and Dependable Computing, vol. (Vol. 2, No. 3), July-September, 2005, pp. 268-272, http://csdl2.computer.org/....
@article {
author = {István Zsolt BERTA, Levente Buttyán, István VAJDA},
title = {A framework for the revocation of unintended digital signatures initiated by malicious terminals},
journal = {IEEE Transactions on Secure and Dependable Computing},
volume = {(Vol. 2, No. 3)},
month = {July-September},
year = {2005},
pages = {268-272},
note = {http://csdl2.computer.org/...}
}
Híradástechnika, March, 2005.
@article {
author = {Gergely Ács, Levente Buttyán, István VAJDA},
title = {Ad hoc útvonalválasztó protokollok bizonyított biztonsága},
journal = {Híradástechnika},
month = {March},
year = {2005}
}
Proceedings of the First International Workshop on Sensor Networks and Systems for Pervasive Computing (PerSeNS 2005), March, 2005.
@inproceedings {
author = {Mark Felegyhazi, , Levente Buttyán},
title = {Cooperative Packet Forwarding in Multi-Domain Sensor Networks},
booktitle = {Proceedings of the First International Workshop on Sensor Networks and Systems for Pervasive Computing (PerSeNS 2005)},
month = {March},
year = {2005}
}
IEEE Transactions on Mobile Computing, to appear, 2005.
@article {
author = {, , Levente Buttyán},
title = {Mobility Helps Peer-to-Peer Security},
journal = {IEEE Transactions on Mobile Computing},
month = {to appear},
year = {2005}
}
IEEE Transactions on Mobile Computing, to appear, 2005.
@article {
author = {Mark Felegyhazi, , Levente Buttyán},
title = {Nash Equilibria of Packet Forwarding Strategies in Wireless Ad Hoc Networks},
journal = {IEEE Transactions on Mobile Computing},
month = {to appear},
year = {2005}
}
IEEE Transactions on Mobile Computing, to appear, 2005.
@article {
author = {N. Ben Salem, Levente Buttyán, , Markus Jakobsson},
title = {Node Cooperation in Hybrid Ad hoc Networks},
journal = {IEEE Transactions on Mobile Computing},
month = {to appear},
year = {2005}
}
Híradástechnika, June, 2005.
@article {
author = {Gergely Ács, Levente Buttyán, István VAJDA},
title = {Provable Security for Ad Hoc Routing Protocols},
journal = {Híradástechnika},
month = {June},
year = {2005}
}
In Proceedings of the Second European Workshop on Security and Privacy in Ad Hoc and Sensor Networks (ESAS 2005), Visegrád, Hungary, July 13-14, 2005, 2005.
@inproceedings {
author = {Gergely Ács, Levente Buttyán, István VAJDA},
title = {Provable Security of On-Demand Distance Vector Routing in Wireless Ad Hoc Networks},
booktitle = {In Proceedings of the Second European Workshop on Security and Privacy in Ad Hoc and Sensor Networks (ESAS 2005), Visegrád, Hungary, July 13-14, 2005},
year = {2005}
}
In Proceedings of the 2nd European Workshop on Security and Privacy in Ad-hoc and Sensor Networks (ESAS), Springer, Visegrád, Hungary, July, 2005.
@inproceedings {
author = {Peter Schaffer, Tamas Holczer, Levente Buttyán},
title = {Spontaneous Cooperation in Multi-domain Sensor Networks},
booktitle = {In Proceedings of the 2nd European Workshop on Security and Privacy in Ad-hoc and Sensor Networks (ESAS)},
publisher = {Springer},
address = {Visegrád, Hungary},
month = {July},
year = {2005}
}
Chapter 53, in IT Security Handbook, edited by Hossein Bidgoli, John Wiley and Sons, 2005, (to appear).
@inbook {
author = {István Zsolt BERTA, Levente Buttyán, István VAJDA},
title = {Standards for Product Security Assessment},
chapter = {Chapter 53},
publisher = {in IT Security Handbook, edited by Hossein Bidgoli, John Wiley and Sons},
year = {2005},
note = {(to appear)}
}
Refik Molva, Gene Tsudik, Dirk Westhoff, Lecture Notes in Computer Science, Springer-Verlag GmbH, 2005, pp. Volume 3813/ 2005, pp. 128 - 141, Security and Privacy in Ad-hoc and Sensor Networks: Second European Workshop, ESAS 2005, Visegrad, Hungary, July 13-14, 2005.
@inproceedings {
author = {László DÓRA, Levente Buttyán, István VAJDA},
title = {Statistical Wormhole Detection in Sensor Networks},
editor = {Refik Molva, Gene Tsudik, Dirk Westhoff},
booktitle = {Lecture Notes in Computer Science},
publisher = {Springer-Verlag GmbH},
year = {2005},
pages = {Volume 3813/ 2005, pp. 128 - 141},
note = {Security and Privacy in Ad-hoc and Sensor Networks: Second European Workshop, ESAS 2005, Visegrad, Hungary, July 13-14, 2005}
}
Journal on Computer Security, vol. 12, no. 3-4, 2004, pp. 551-587.
@article {
author = {Levente Buttyán, , },
title = {A Formal Model of Rational Exchange and Its Application to the Analysis of Syverson's Protocol},
journal = {Journal on Computer Security},
volume = {12},
number = {3-4},
year = {2004},
pages = {551-587}
}
Proceedings of the 2nd Workshop on Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks (WiOpt 2004), March, 2004.
@inproceedings {
author = {Mark Felegyhazi, , Levente Buttyán},
title = {Equilibrium Analysis of Packet Forwarding Strategies in Wireless Ad Hoc Networks -- the Dynamic Case},
booktitle = {Proceedings of the 2nd Workshop on Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks (WiOpt 2004)},
month = {March},
year = {2004}
}
Ministry of Informatics and Telecommunications (www.ihm.hu), http://www.itktb.hu/engine.aspx?page=showcontent&content=ias, 2004.
@techreport {
author = {István Zsolt BERTA, István VAJDA, Levente Buttyán, Boldizsár Bencsáth, Tamás Veiland},
title = {HUNEID - Hungarian Electronic ID smart card specifications},
institution = {Ministry of Informatics and Telecommunications (www.ihm.hu)},
address = {http://www.itktb.hu/engine.aspx?page=showcontent&content=ias},
year = {2004}
}
Híradástechnika, vol. LIX, no. 3, March, 2004, pp. 30--34, (in Hungarian).
@article {
author = {Levente Buttyán, Tamas Holczer, Peter Schaffer},
title = {Incentives for Cooperation in Multi-hop Wireless Networks},
journal = {Híradástechnika},
volume = {LIX},
number = {3},
month = {March},
year = {2004},
pages = {30--34},
note = {(in Hungarian)}
}
Typotex Kiadó, 2004, Budapest, 445p.
@book {
author = {Levente Buttyán, István VAJDA},
title = {Kriptográfia és alkalmazásai},
publisher = {Typotex Kiadó},
year = {2004},
note = {Budapest, 445p}
}
Proceedings of International Conference on Information Technology ITCC 2004, IEEE, Las Vegas, NV, USA, April, 2004.
@inproceedings {
author = {István Zsolt BERTA, Levente Buttyán, István VAJDA},
title = {Mitigating the Untrusted Terminal Problem Using Conditional Signatures},
booktitle = {Proceedings of International Conference on Information Technology ITCC 2004},
publisher = {IEEE},
address = { Las Vegas, NV, USA},
month = {April},
year = {2004}
}
Periodica Polytechnica, vol. 48, no. 1-2, 2004, pp. 85-100.
@article {
author = {Laszlo Zombik, Levente Buttyán},
title = {Modelling Location Reveal Attacks in Mobile Systems},
journal = { Periodica Polytechnica},
volume = {48},
number = {1-2},
year = {2004},
pages = {85-100}
}
Proceedings of Cardis 2004, Toulouse, France (to appear), Kluwer, 2004.
@inproceedings {
author = {István Zsolt BERTA, Levente Buttyán, István VAJDA},
title = {Privacy Protecting Protocols for Revokable Digital Signatures},
booktitle = {Proceedings of Cardis 2004, Toulouse, France (to appear)},
publisher = {Kluwer},
year = {2004}
}
http://eprint.iacr.org/ under report number 2004/159., March, 2004.
@techreport {
author = {Gergely Ács, Levente Buttyán, István VAJDA},
title = {Provably Secure On-demand Source Routing in Mobile Ad Hoc Networks},
institution = {http://eprint.iacr.org/ under report number 2004/159.},
month = {March},
year = {2004}
}
Proceedings of the 2nd ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN 2004), ACM, October, 2004.
@inproceedings {
author = {Levente Buttyán, István VAJDA},
title = {Towards Provable Security for Ad Hoc Routing Protocols},
booktitle = {Proceedings of the 2nd ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN 2004)},
publisher = {ACM},
month = {October},
year = {2004}
}
4th ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC 2003), June, 2003.
@inproceedings {
author = {N. Ben Salem, Levente Buttyán, , Markus Jakobsson},
title = {A Charging and Rewarding Scheme for Packet Forwarding in Multi-hop Cellular Networks},
booktitle = {4th ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC 2003)},
month = {June},
year = {2003}
}
Proceedings of SoftCOM 2003 11. International conference on software, telecommunications and computer networks, Faculty of Electrical Engineering, Mechanical Engineering and Naval Architecture, University of Split, 2003, pp. 763-767.
@inproceedings {
author = {Boldizsár Bencsáth, Levente Buttyán, István VAJDA},
title = {A game based analysis of the client puzzle approach to defend against DoS attacks},
booktitle = {Proceedings of SoftCOM 2003 11. International conference on software, telecommunications and computer networks},
publisher = {Faculty of Electrical Engineering, Mechanical Engineering and Naval Architecture, University of Split},
year = {2003},
pages = {763-767}
}
Proceedings of Financial Crypto 2003, La Guadeloupe, January, 2003.
@inproceedings {
author = {Markus Jakobsson, , Levente Buttyán},
title = {A Micropayment Scheme Encouraging Collaboration in Multi-Hop Cellular Networks},
booktitle = {Proceedings of Financial Crypto 2003},
address = {La Guadeloupe},
month = {January},
year = {2003}
}
8th International Conference on Personal Wireless Communications (PWC 2003), September, 2003.
@inproceedings {
author = {Mark Felegyhazi, Levente Buttyán, },
title = {Equilibrium Analysis of Packet Forwarding Strategies in Wireless Ad Hoc Networks -- the Static Case},
booktitle = {8th International Conference on Personal Wireless Communications (PWC 2003)},
month = {September},
year = {2003}
}
IEEE Distributed Systems Online, vol. 4, no. 9, 2003.
@article {
author = {Felix Gaertner, Levente Buttyán, Klaus Kursawe},
title = {From Fault-Tolerance to Security and Back},
journal = { IEEE Distributed Systems Online},
volume = {4},
number = {9},
year = {2003}
}
2nd Workshop on Security in Ubiquitous Computing, in conjunction with Ubicomp 2003, October, 2003.
@inproceedings {
author = {István VAJDA, Levente Buttyán},
title = {Lightweight Authentication Protocols for Low-Cost RFID Tags},
booktitle = {2nd Workshop on Security in Ubiquitous Computing, in conjunction with Ubicomp 2003},
month = {October},
year = {2003}
}
4th ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC 2003), June, 2003.
@inproceedings {
author = {, , Levente Buttyán},
title = {Mobility Helps Security in Ad Hoc Networks},
booktitle = {4th ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC 2003)},
month = {June},
year = {2003}
}
ACM Mobile Computing and Communications Review (MC2R), vol. 7, no. 1, March, 2003.
@article {
author = {Levente Buttyán, },
title = {Report on a Working Session on Security in Wireless Ad Hoc Networks},
journal = {ACM Mobile Computing and Communications Review (MC2R)},
volume = {7},
number = {1},
month = {March},
year = {2003}
}
Proceedings of the ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN 2003), ACM, October, 2003.
@inproceedings {
author = {, Levente Buttyán, },
title = {SECTOR: Secure Tracking of Node Encounters in Multi-hop Wireless Networks},
booktitle = {Proceedings of the ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN 2003)},
publisher = {ACM},
month = {October},
year = {2003}
}
IEEE Transactions on Mobile Computing, vol. 2, no. 1, January-March, 2003.
@article {
author = {, Levente Buttyán, },
title = {Self-Organized Public-Key Management for Mobile Ad Hoc Networks},
journal = {IEEE Transactions on Mobile Computing},
volume = {2},
number = {1},
month = {January-March},
year = {2003}
}
ACM/Kluwer Mobile Networks and Applications, vol. 8, no. 5, October, 2003.
@article {
author = {Levente Buttyán, },
title = {Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks},
journal = {ACM/Kluwer Mobile Networks and Applications},
volume = {8},
number = {5},
month = {October},
year = {2003}
}
Proceedings of IEEE Computer Security Foundations Workshop, Cape Breton, Nova Scotia, Canada, June, 2002.
@inproceedings {
author = {Levente Buttyán, , },
title = {A Formal Analysis of Syverson`s Rational Exchange Protocol},
booktitle = {Proceedings of IEEE Computer Security Foundations Workshop},
address = {Cape Breton, Nova Scotia, Canada},
month = {June},
year = {2002}
}
Workshop organised by the IST Coordination Point of the Ministry of Education, Budapest, 2002.
@misc {
author = {Levente Buttyán, István Zsolt BERTA, István VAJDA},
title = {Eliminating Man-in-the-Middle attacks of Malicious Terminals},
howpublished = {Workshop organised by the IST Coordination Point of the Ministry of Education, Budapest},
year = {2002}
}
Communication with a remote partner is considered over an insecure network, where the user can gain access only to a terminal, which cannot be trusted: an attacker is assumed to be able to fully control the terminal, so the user must consider the terminal as a potential attacker. Surprisingly many terminals belong to this class.
Assuming such an environment the problem of sending authentic messages is considered. Various cryptographic algorithms exist for algorithmic protection, however to run such highly complex algorithms, the user must rely on the computational power of an insecure terminal. Smart cards are often considered the ultimate tool for secure messaging from untrusted terminals. Although they are secure tamper-resistant microcomputers with strong cryptographic power, their lack of user interface (i.e. lack of direct access to its input/output channels) enables man-in-the middle attack from the terminal. Therefore involving a smart card cannot eliminate the basic problem, because any protocol between the user and the smart card would rely - once again - on the insecure terminal. It might seem obvious that the user should give all security goals up as hopeless.
We have come to the conclusion that the user is unable to send authentic messages to the card, so in case of untrusted terminals the signature of the card does not prove that the message originates from the user. This is why the authenticity of plaintext messages from insecure terminals cannot be guaranteed.
However the user as a human being has additional resources that can be exploited to increase the security level of the system. The user is an excellent 'biometric device'. Biometric data (e.g. speech, video, handwriting) carry the information content (plaintext) together with the identity of the sender, which is far more difficult to counterfeit than plaintext content. Moreover the human user has limited but trusted algorithmic capabilities too, having some secure memory and computational power.
Apart from encapsulating the identity of the user and the content of the message, biometric messages (or multimedia messages) also have structure. If the structure is violated, the message has obviously been tampered with.
The manipulation of biometric messages requires considerably more time and resources than that of plaintext ones. If the chosen biometric method is properly calibrated, the attacker may not only need massive computational power, but human interaction or biometric laboratories could be required to successfully counterfeit a biometric message. Thus, not only a large percentage of attackers have been excluded, but even the most advanced ones may require significantly more time to create a counterfeited biometric message than a plaintext one.
A protocol has been developed in our laboratory that combines the biometric powers of the user and cryptographic powers of the smart card to dramatically limit the time the attacker has to manipulate a message. In this case, the smart card acts as a secure time gate. The protocol verifies that only a small amount of time has passed between the recording of the biometric message and card signing it. Naturally, after the message passes through the smart card, attackers have no chance to manipulate.
The protocol also uses the smart card to securely introduce the user to the remote partner, so the latter would already be familiar with the biometric features of the user. Thus, the smart card not only ensures authenticity, but also enables communication without having to exchange biometric identities in advance.
Having investigated the problem of secure communication via insecure terminals, we propose a solution that enables the everyday user to send authentic messages. Combined usage of biometry and smart cards can increase security to a level suitable for several practical applications.
Proceedings of The ACM New Security Paradigms Workshop 2002, Norfolk, Virginia Beach, USA, September, 2002, pp. 8.
@inproceedings {
author = {Levente Buttyán, , },
title = {Small Worlds in Security Systems: an Analysis of the PGP Certificate Graph},
booktitle = {Proceedings of The ACM New Security Paradigms Workshop 2002},
address = {Norfolk, Virginia Beach, USA},
month = {September},
year = {2002},
pages = {8}
}
Proceedings of 6th IEEE Symposium on Computers and Communications, Hammamet, Tunisia, July, 2001.
@inproceedings {
author = {N. Ben Salem, Levente Buttyán},
title = {A Payment Scheme for Broadcast Multimedia Streams},
booktitle = {Proceedings of 6th IEEE Symposium on Computers and Communications},
address = {Hammamet, Tunisia},
month = {July},
year = {2001}
}
Swiss Federal Institute of Technology (EPFL), December, 2001.
@phdthesis {
author = {Levente Buttyán},
title = {Building Blocks for Secure Services: Authenticated Key Transport and Rational Exchange Protocols},
school = {Swiss Federal Institute of Technology (EPFL)},
month = {December},
year = {2001}
}
Periodica Polytechnica, vol. 45, no. 1, April, 2001, pp. 43-64.
@article {
author = {Levente Buttyán, , István VAJDA},
title = {Efficient Multi-Party Challenge-Response Protocols for Entity Authentication},
journal = {Periodica Polytechnica},
volume = {45},
number = {1},
month = {April},
year = {2001},
pages = {43-64}
}
May, 2001, International Patent Application.
@misc {
author = {Levente Buttyán, , },
title = {Method for transmitting payment information between a terminal and a third equipment},
month = {May},
year = {2001},
note = {International Patent Application}
}
no. DSC/2001/001, EPFL-DI-ICA, January, 2001.
@techreport {
author = {Levente Buttyán, },
title = {Nuglets: a Virtual Currency to Stimulate Cooperation in Self-Organized Mobile Ad Hoc Networks},
number = {DSC/2001/001},
institution = {EPFL-DI-ICA},
month = {January},
year = {2001}
}
Proceedings of 2nd International Workshop on Electronic Commerce (WELCOM 2001), Heidelberg, Germany, November, 2001.
@inproceedings {
author = {Levente Buttyán, },
title = {Rational Exchange -- A Formal Model Based on Game Theory},
booktitle = {Proceedings of 2nd International Workshop on Electronic Commerce (WELCOM 2001)},
address = {Heidelberg, Germany},
month = {November},
year = {2001}
}
IEEE Communications Magazine, vol. 39, no. 6, June, 2001.
@article {
author = {, Levente Buttyán, , , , },
title = {Self-Organization in Mobile Ad-Hoc Networks: the Approach of Terminodes},
journal = {IEEE Communications Magazine},
volume = {39},
number = {6},
month = {June},
year = {2001}
}
no. DSC/2001/046, EPFL-DI-ICA, August, 2001.
@techreport {
author = {Levente Buttyán, },
title = {Stimulating Cooperation in Self-Organizing Mobile Ad Hoc Networks},
number = {DSC/2001/046},
institution = {EPFL-DI-ICA},
month = {August},
year = {2001}
}
Proceedings of ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC), Long Beach, CA, USA, October, 2001.
@inproceedings {
author = {, Levente Buttyán, },
title = {The Quest for Security in Mobile Ad Hoc Networks},
booktitle = {Proceedings of ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC)},
address = {Long Beach, CA, USA},
month = {October},
year = {2001}
}
IEEE Internet Computing, vol. 4, no. 5, September, 2000, pp. 40-48.
@article {
author = {, , Levente Buttyán},
title = {A Pessimistic Approach to Trust in Mobile Agent Platforms},
journal = {IEEE Internet Computing},
volume = {4},
number = {5},
month = {September},
year = {2000},
pages = {40-48}
}
no. DSC/2000/025, EPFL-DI-ICA, May, 2000.
@techreport {
author = {Levente Buttyán, },
title = {Enforcing Service Availability in Mobile Ad-Hoc WANs},
number = {DSC/2000/025},
institution = {EPFL-DI-ICA},
month = {May},
year = {2000}
}
Proceedings of IEEE/ACM Workshop on Mobile Ad Hoc Networking and Computing (MobiHOC), Boston, MA, USA, August, 2000.
@inproceedings {
author = {Levente Buttyán, },
title = {Enforcing Service Availability in Mobile Ad-Hoc WANs},
booktitle = {Proceedings of IEEE/ACM Workshop on Mobile Ad Hoc Networking and Computing (MobiHOC)},
address = {Boston, MA, USA},
month = {August},
year = {2000}
}
IEEE Transactions on Communications, vol. 48, no. 3, March, 2000.
@article {
author = {Levente Buttyán, , , },
title = {Extensions to an Authentication Technique Proposed for the Global Mobility Network},
journal = {IEEE Transactions on Communications},
volume = {48},
number = {3},
month = {March},
year = {2000}
}
September, 2000, International Patent Application.
@misc {
author = {Levente Buttyán, , },
title = {Method for securing communications between a terminal and an additional user equipment},
month = {September},
year = {2000},
note = {International Patent Application}
}
IEE Electronics Letters, vol. 36, no. 2, January, 2000, pp. 132-133.
@article {
author = {Levente Buttyán},
title = {Removing the financial incentive to cheat in micropayment schemes},
journal = {IEE Electronics Letters},
volume = {36},
number = {2},
month = {January},
year = {2000},
pages = {132-133}
}
no. DSC/2000/006, EPFL-DI-ICA, February, 2000.
@techreport {
author = {, , , , , Levente Buttyán, },
title = {Toward Mobile Ad-Hoc WANs: Terminodes},
number = {DSC/2000/006},
institution = {EPFL-DI-ICA},
month = {February},
year = {2000}
}
Proceedings of 18th IEEE Symposium on Reliable Distributed Systems, Workshop on Electronic Commerce, Lausanne, Switzerland, October, 1999, pp. 384-389.
@inproceedings {
author = {Levente Buttyán, },
title = {Accountable Anonymous Access to Services in Mobile Communication Systems},
booktitle = {Proceedings of 18th IEEE Symposium on Reliable Distributed Systems, Workshop on Electronic Commerce},
address = {Lausanne, Switzerland},
month = {October},
year = {1999},
pages = {384-389}
}
no. SSC/99/16, EPFL-DI-ICA, May, 1999.
@techreport {
author = {Levente Buttyán, },
title = {Accountable Anonymous Service Usage in Mobile Communication Systems},
number = {SSC/99/16},
institution = {EPFL-DI-ICA},
month = {May},
year = {1999}
}
Proceedings of DAIS`99, Helsinki, June, 1999.
@inproceedings {
author = {Levente Buttyán, , , , , },
title = {Closed User Groups in Internet Service Centres},
booktitle = {Proceedings of DAIS`99},
address = {Helsinki},
month = {June},
year = {1999}
}
no. SSC/1999/38, EPFL-DI-ICA, November, 1999.
@techreport {
author = {Levente Buttyán},
title = {Formal methods in the design of cryptographic protocols (state of the art)},
number = {SSC/1999/38},
institution = {EPFL-DI-ICA},
month = {November},
year = {1999}
}
in J. Vitek, C. Jensen: Proceedings of Secure Internet Programming: Security Issues for Mobile and Distributed Objects, Springer-Verlag (LNCS 1603), 1999.
@inbook {
author = {, , Levente Buttyán},
title = {Introducing Trusted Third Parties to the Mobile Agent Paradigm},
publisher = {in J. Vitek, C. Jensen: Proceedings of Secure Internet Programming: Security Issues for Mobile and Distributed Objects, Springer-Verlag (LNCS 1603)},
year = {1999}
}
in G. Mueller, K. Rannenberg, Proceedings of Multilateral Security in Communications, Addison-Wesley, 1999.
@inbook {
author = {, , Levente Buttyán},
title = {Multilateral Security in Middleware Based Telecommunications Architectures},
publisher = {in G. Mueller, K. Rannenberg, Proceedings of Multilateral Security in Communications, Addison-Wesley},
year = {1999}
}
no. SSC/1999/39, EPFL-DI-ICA, December, 1999.
@techreport {
author = {Levente Buttyán, },
title = {Toward a Formal Model of Fair Exchange - a Game Theoretic Approach},
number = {SSC/1999/39},
institution = {EPFL-DI-ICA},
month = {December},
year = {1999}
}
no. SSC/98/18, EPFL-DI-ICA, April, 1998.
@techreport {
author = {, , , Levente Buttyán},
title = {A Note on an Authentication Technique Based on Distributed Security Management for the Global Mobility Network},
number = {SSC/98/18},
institution = {EPFL-DI-ICA},
month = {April},
year = {1998}
}
Proceedings of IEEE Computer Security Foundations Workshop, Rockport, MA, USA, June, 1998, pp. 153-162.
@inproceedings {
author = {Levente Buttyán, , },
title = {A Simple Logic for Authentication Protocol Design},
booktitle = {Proceedings of IEEE Computer Security Foundations Workshop},
address = {Rockport, MA, USA},
month = {June},
year = {1998},
pages = {153-162}
}
no. SSC/98/4, EPFL-DI-ICA, January, 1998.
@techreport {
author = {, , Levente Buttyán},
title = {CrySTINA: Security in the Telecommunications Information Networking Architecture},
number = {SSC/98/4},
institution = {EPFL-DI-ICA},
month = {January},
year = {1998}
}
Proceedings of Internet Society`s Symposium on Network and Distributed System Security, San Diego, CA, USA, March, 1998.
@inproceedings {
author = {, , Levente Buttyán},
title = {On the Problem of Trust in Mobile Agent Systems},
booktitle = {Proceedings of Internet Society`s Symposium on Network and Distributed System Security},
address = {San Diego, CA, USA},
month = {March},
year = {1998}
}
Proceedings of ECOOP Workshop on Mobile Object Systems: Secure Internet Mobile Communications, Brussels, Belgium, June, 1998.
@inproceedings {
author = {, , Levente Buttyán},
title = {Protecting the Itinerary of Mobile Agents},
booktitle = {Proceedings of ECOOP Workshop on Mobile Object Systems: Secure Internet Mobile Communications},
address = {Brussels, Belgium},
month = {June},
year = {1998}
}
no. SSC/98/4, EPFL-DI-ICA, January, 1998.
@techreport {
author = {, , Levente Buttyán},
title = {Security in the Telecommunication Information Networking Architecture - the CrySTINA Approach},
number = {SSC/98/4},
institution = {EPFL-DI-ICA},
month = {January},
year = {1998}
}
Proceedings of IFIP-SEC`98, Wienna-Budapest, August, 1998.
@inproceedings {
author = {, , Levente Buttyán},
title = {Security in TINA},
booktitle = {Proceedings of IFIP-SEC`98},
address = {Wienna-Budapest},
month = {August},
year = {1998}
}
Magyar Távközlés (Selected Papers from the Hungarian Telecommunications), 1997, pp. 50-57..
@article {
author = {Levente Buttyán},
title = {Data Security Issues of Computer Networks},
journal = {Magyar Távközlés (Selected Papers from the Hungarian Telecommunications)},
year = {1997},
pages = {50-57.}
}
Budapest University of Technology, January, 1997.
@techreport {
author = {Levente Buttyán, István VAJDA},
title = {On the Design of Strong Bit Permutations and Substitutions},
institution = {Budapest University of Technology},
month = {January},
year = {1997}
}
Budapest University of Technology, January, 1997.
@techreport {
author = {István VAJDA, Levente Buttyán},
title = {On the Design of Substitution-Permutation Ciphers},
institution = {Budapest University of Technology},
month = {January},
year = {1997}
}
Proceedings of TINA`97, November, 1997.
@inproceedings {
author = {, , , Levente Buttyán, },
title = {Security in the Telecommunication Information Networking Architecture - the CrySTINA Approach},
booktitle = {Proceedings of TINA`97},
month = {November},
year = {1997}
}
Magyar Távközlés, vol. VII., no. 4., April, 1996, pp. 11-19..
@article {
author = {Levente Buttyán},
title = {Data Security Issues of Computer Networks (in Hungarian)},
journal = {Magyar Távközlés},
volume = {VII.},
number = {4.},
month = {April},
year = {1996},
pages = {11-19.}
}
Hiradástechnika, vol. XLVI., March, 1995, pp. 10-18., (awarded with the Pollak-Virag Award of the Hungarian Telecommunication Scientific Society).
@article {
author = {István VAJDA, Levente Buttyán},
title = {On Design Criteria of Conventional Block Ciphers (in Hungarian)},
journal = {Hiradástechnika},
volume = {XLVI.},
month = {March},
year = {1995},
pages = {10-18.},
note = {(awarded with the Pollak-Virag Award of the Hungarian Telecommunication Scientific Society)}
}
Budapest University of Technology, May, 1995.
@mastersthesis {
author = {Levente Buttyán},
title = {S-box Design, (in Hungarian)},
school = {Budapest University of Technology},
month = {May},
year = {1995}
}
IEE Electronics Letters, vol. 31, no. 11, May, 1995, pp. 873-874.
@article {
author = {Levente Buttyán, István VAJDA},
title = {Searching for the best linear approximation of DES-like cryptosystems},
journal = {IEE Electronics Letters},
volume = {31},
number = {11},
month = {May},
year = {1995},
pages = {873-874}
}