Assistant Professor
gabor.pek (at) crysys.hu
office: I.E. 429
tel: +36 1 463 2063
Gábor earned his M.Sc. diploma in computer science in 2011 and his Ph.D. degree in 2015 from the Budapest
University of Technology and Economics, Hungary. He did research in the CrySyS Lab. together with prof. Levente
Buttyán, but completed internships at iSecLab at Eurecom, France and TU Wien, Austria, too. He participated in
several industrial projects (e.g., penetration testing, securing virtualization, cloud computing security) also.
One of the hardware-level vulnerabilities he found (XSA-59/CVE-2013-3495) affected several Intel chipsets that
enabled attacks against hypervisors such as Xen or KVM. He was one of the key members of the Duqu, Flame,
Miniduke and Teamspy targeted attack investigation teams.
He founded and coordinates CrySyS Student Core since April 2013, which is an invite-only group for exceptionally
talented (graduate + undergraduate) students who are interested in system security. This group gave birth to the
!SpamAndHex CTF team, which became one of the top CTF teams in the world in 2 years. As a member of !SpamAndHex
he is a three-times DEFCON CTF finalist, that is widely regarded as the hacker world championship.
He co-founded a spin-off called Ukatemi Technologies with some of his colleagues from the CrySyS Lab in December
2012 to mitigate current targeted attacks. He also co-founded avatao to build a cloud-based virtual lab to teach
people to build secure software and systems.
This laboratory extends and deepens the knowledge and skills obtained in the Software Security course by solving practical, hands-on exercises in real, or close-to-real environments.
ACM Computing Surveys (CSUR), vol. 45 , no. 3, June , 2013, doi:10.1145/2480741.2480757.
@article {
author = {Boldizsár Bencsáth and Levente Buttyán and Gábor PÉK},
title = {A Survey of Security Issues in Hardware Virtualization},
journal = { ACM Computing Surveys (CSUR)},
volume = {45 },
number = {3},
month = {June },
year = {2013},
note = {doi:10.1145/2480741.2480757}
}
Presentation at Hactivity Conference, October, 2013.
@misc {
author = {Gábor PÉK},
title = {eNeMI: Evading the state-of-the-art hardware protection of I/O virtualization},
howpublished = {Presentation at Hactivity Conference},
month = {October},
year = {2013}
}
Xen Security Advisory CVE-2013-3495 / XSA-59, 2013.
@misc {
author = {Gábor PÉK},
title = {Intel VT-d Interrupt Remapping engines can be evaded by native NMI interrupts},
howpublished = {Xen Security Advisory CVE-2013-3495 / XSA-59},
year = {2013}
}
Presentation at Power of Community (POC 2013, Seoul, South Korea), November, 2013.
@misc {
author = {Mark Felegyhazi and Levente Buttyán and Boldizsár Bencsáth and Gábor PÉK},
title = {Technical Trends in Recent Targeted Attacks },
howpublished = {Presentation at Power of Community (POC 2013, Seoul, South Korea)},
month = {November},
year = {2013}
}
Budapest New Tech Meetup, Budapest, Hungary., December, 2012.
@misc {
author = {Boldizsár Bencsáth and Gábor PÉK and Levente Buttyán and Mark Felegyhazi},
title = {Célzott informatikai támadások napjainkban},
howpublished = {Budapest New Tech Meetup, Budapest, Hungary.},
month = {December},
year = {2012}
}
EuroNOG 2012 conference, Budapest, 10-11 Sept 2012, September, 2012.
@misc {
author = {Boldizsár Bencsáth and Levente Buttyán and Mark Felegyhazi and Gábor PÉK},
title = {Duqu, Flame, Gauss - new challenges for a new era },
howpublished = {EuroNOG 2012 conference, Budapest, 10-11 Sept 2012},
month = {September},
year = {2012}
}
ACM European Workshop on System Security (EuroSec), ACM, 2012.
@inproceedings {
author = {Boldizsár Bencsáth and Gábor PÉK and Levente Buttyán and Mark Felegyhazi},
title = {Duqu: Analysis, Detection, and Lessons Learned},
booktitle = {ACM European Workshop on System Security (EuroSec)},
publisher = {ACM},
year = {2012}
}
In collaboration with the sKyWIper Analysis Team , 2012.
@techreport {
author = {Boldizsár Bencsáth and Gábor PÉK and Levente Buttyán and Mark Felegyhazi},
title = {sKyWIper (a.k.a. Flame a.k.a. Flamer): A complex malware for targeted attacks},
institution = {In collaboration with the sKyWIper Analysis Team },
year = {2012}
}
SCADA and Smart Grid Cyber Security Summit, 26-27 April 2012, April, 2012, London.
@misc {
author = {Boldizsár Bencsáth and Gábor PÉK and Levente Buttyán and Mark Felegyhazi},
title = {Targeted attacks against Critical infrastructure: Stuxnet and beyond},
howpublished = {SCADA and Smart Grid Cyber Security Summit, 26-27 April 2012},
month = {April},
year = {2012},
note = {London}
}
Kaspersky SAS 2012 - Security Analyst Summit, Cancun, Mexico, February, 2012.
@misc {
author = {Boldizsár Bencsáth and Levente Buttyán and Gábor PÉK and Mark Felegyhazi},
title = {Targeted Attacks of Recent Times },
howpublished = {Kaspersky SAS 2012 - Security Analyst Summit, Cancun, Mexico},
month = {February},
year = {2012}
}
2012 Workshop on Cyber Security and Global Affairs and Global Security Forum, 1-3 June 2012, June, 2012, Barcelona, Spain.
@misc {
author = {Boldizsár Bencsáth and Levente Buttyán and Gábor PÉK and Mark Felegyhazi},
title = {Technical analysis and information sharing in the handling of high-profile targeted attacks },
howpublished = {2012 Workshop on Cyber Security and Global Affairs and Global Security Forum, 1-3 June 2012},
month = {June},
year = {2012},
note = {Barcelona, Spain}
}
ISCD 2012, Balatonöszöd, 3-4 Sep., September, 2012.
@misc {
author = {Levente Buttyán and Boldizsár Bencsáth and Gábor PÉK and Mark Felegyhazi},
title = {The cousins of Stuxnet:Duqu, Flame, Gauss, …},
howpublished = {ISCD 2012, Balatonöszöd, 3-4 Sep.},
month = {September},
year = {2012}
}
Future Internet 2012, 4(4), doi:10.3390/fi4040971, 2012, pp. 971-1003, doi:10.3390/fi4040971, http://www.mdpi.com/journal/futureinternet/special_issues/stuxnet.
@article {
author = {Boldizsár Bencsáth and Gábor PÉK and Levente Buttyán and Mark Felegyhazi},
title = {The Cousins of Stuxnet: Duqu, Flame, and Gauss},
journal = {Future Internet 2012, 4(4), doi:10.3390/fi4040971},
year = {2012},
pages = {971-1003},
note = {doi:10.3390/fi4040971, http://www.mdpi.com/journal/futureinternet/special_issues/stuxnet}
}
BME CrySyS Lab., October, 2011., First published in cut-down form as appendix to the Duqu report of Symantec.
@techreport {
author = {Boldizsár Bencsáth and Gábor PÉK and Levente Buttyán and Mark Felegyhazi},
title = {Duqu: A Stuxnet-like malware found in the wild},
institution = {BME CrySyS Lab.},
month = {October},
year = {2011.},
note = {First published in cut-down form as appendix to the Duqu report of Symantec}
}
ACM European Workshop on System Security (EuroSec), ACM, Salzburg, Austria, April 10, 2011, pp. 1-6.
@inproceedings {
author = {Gábor PÉK and Boldizsár Bencsáth and Levente Buttyán},
title = {nEther: In-guest Detection of Out-of-the-guest Malware Analyzers},
booktitle = {ACM European Workshop on System Security (EuroSec)},
publisher = {ACM},
address = {Salzburg, Austria},
month = {April 10},
year = {2011},
pages = {1-6}
}
Fókuszban a CrySyS Lab. , December 14, 2011.
@misc {
author = {Boldizsár Bencsáth and Levente Buttyán and Gábor PÉK and Mark Felegyhazi},
title = {Recent advances in targeted malware attacks },
howpublished = {Fókuszban a CrySyS Lab. },
month = {December 14},
year = {2011}
}
Schönherz - Simonyi Szakkollégium ., December 13, 2011.
@misc {
author = {Boldizsár Bencsáth and Levente Buttyán and Gábor PÉK and Mark Felegyhazi},
title = {Recent advances in targeted malware attacks },
howpublished = {Schönherz - Simonyi Szakkollégium .},
month = {December 13},
year = {2011}
}
Infocommunications Journal, vol. LXIV, no. 2009/2-3, March, 2009, pp. 1-8.
@article {
author = {Levente Buttyán and Gábor PÉK and Ta Vinh Thong},
title = {Consistency verification of stateful firewalls is not harder than the stateless case},
journal = {Infocommunications Journal},
volume = {LXIV},
number = {2009/2-3},
month = {March},
year = {2009},
pages = {1-8}
}
4th IEEE Int. Conf. on Autonomous Robots and Agents (ICARA' 2009), February, 2009.
@conference {
author = {Varlaki Péter and Gábor PÉK and Varkonyi-Koczy, A.R. and Aron Laszka},
title = {Universal Autonomous Robot Navigation Using Quasi Optimal Path Generation},
booktitle = {4th IEEE Int. Conf. on Autonomous Robots and Agents (ICARA' 2009)},
month = {February},
year = {2009}
}
7th Int. Conf. On Global Research and Education in Intelligent Systems (Inter-Akademia' 2008), September, 2008.
@conference {
author = {Varkonyi-Koczy, A.R. and Aron Laszka and Gábor PÉK},
title = {An Improved Hybrid Navigation Method},
booktitle = {7th Int. Conf. On Global Research and Education in Intelligent Systems (Inter-Akademia' 2008)},
month = {September},
year = {2008}
}