Mission

The Laboratory of Cryptography and System Security (CrySyS Lab) is committed to carry out internationally recognized, high quality research on security in computer systems and networks, and to teach IT security and applied cryptography at the Budapest University of Technology and Economics. The lab also provides consulting services upon request, including penetration testing (ethical hacking) and technical assistance in incident response. We strongly believe in problem driven, project oriented research, hence we participate in R&D; projects, where we collaborate with industry partners and academic institutions, and maintain strong international connections.

Notes: CrySyS Lab belongs to the Department of Networked Systems and Services at the Budapest University of Technology and Economics. It is not a company, but a university research lab. The official Hungarian name of the lab is CrySyS Adat- és Rendszerbiztonság Laboratórium. Lab members pronounce CrySyS as [kri:sis].

Members

Dr. Levente Buttyán

Associate Professor, Head of the Lab
buttyan (at) crysys.hu

Dr. Boldizsár Bencsáth

Assistant Professor
bencsath (at) crysys.hu

Dr. Márk Félegyházi

Assistant Professor
mfelegyhazi (at) crysys.hu

Dr. Tamás Holczer

Assistant Professor
holczer (at) crysys.hu

Dr. Gergely Biczók

Assistant Professor
biczok (at) crysys.hu

Dr. Gergely Ács

Assistant Professor
acs (at) crysys.hu

PhD Students

András Gazdag

PhD student
agazdag (at) crysys.hu

Máté Horváth

PhD student
mhorvath (at) crysys.hu

Dorottya Papp

PhD student
dpapp (at) crysys.hu

Szilvia Lestyán

PhD student
lestyan (at) crysys.hu

Associate Members

Dr. Gábor Pék

Avatao

Dr. István Vajda

BME

Tamás Koczka

Tresorit

Communities

CrySyS Student Core

The CrySyS Student Core is an invite-only group of exceptionally talented people who proved their ability to solve security problems in a wide range of setups. Core members meet once a week to expand their knowledge by discussing specific topics in system and network security, to prepare for CTF competitions, to socialize, and in general, to have fun by spending time with other geeks of similar interest. The CrySyS Student Core also plays a key role in the talent management program of the CrySyS Lab, which includes the creation of challenges for the annual CrySyS Security Challenge. Currently, the Core has around a dozen members. Junior members are still active students, while senior members are former students who still actively participate in the life of the group.

Interested to become a Core member? Prove your talent by winning the next CrySyS Security Challenge (organized in the fall semester every year), impress us in your semester project, or join our !SpamAndHex CTF team (see below) and show your capabilities during CTF games! If you don't feel qualified yet, but want to invest some work to get better, then join our IT Security Bootcamp!

Need more information? Read our paper, or contact Gábor Pék, Core leader, or Levente Buttyán, head of the CrySyS Lab.

!SpamAndHex

Members of the CrySyS Student Core formed the !SpamAndHex CTF team to participate at international hacking competitions. However, the team welcomes non-Core members as well. If you are a student, then this can be a great way to learn from Core members, improve your hacking skills, prove your talent, and ultimately, get invited to the CrySyS Student Core. The !SpamAndHex team is among the best CTF teams in the world. It won iCTF 2014, the largest CTF organized specifically for universities, and it was among the 15 teams that qualified for the DEFCON CTF Finals in 2015 and 2016, which is considered to be the most prestigious professional CTF in the world. !SpamAndHex was in the top 5 teams in the world ranking by CTFtime.org in 2015. Interested in joining the !SpamAndHex team? Contact Gábor Pék, CrySyS Student Core leader.

Alumni Network

The CrySyS Alumni Network consists of those 100+ persons who did their diploma or PhD projects in the CrySyS Lab. The following PhD graduates are distinguished alumni who received the CrySyS Steel Ring which has the lab logo and the date of graduation graved in it:

Dr. Gábor Pék, CrySyS Student Core leader and CTO of avatao
Dr. Gábor Gulyás, post doctoral researcher at INRIA, France
Dr. Áron Lászka, post doctoral researcher at the University of California, Berkeley, USA
Dr. Vinh Thong Ta, Lecturer in Computing at the University of Lancashire, UK
Dr. Tamás Holczer, Assistant Professor, CrySyS Lab, BME
Dr. Amit Dvir, Assistant Professor, COMAS, Israel
Dr. László Dóra, Mobile Security Engineer at Citi, Hungary
Dr. Gergely Ács, post doctoral researcher at INRIA, France
Dr. Péter Schaffer, IT Security Advisor at EY, Luxemburg
Dr. István Zsolt Berta, Business Information Security Officer at Citi, Hungary
Dr. Boldizsár Bencsáth, Assistant Professor, CrySyS Lab, BME

Godfathers of Duqu

We are probably best known about our contributions to the discovery, naming, and analysis of the Duqu malware.

It all began in September 2011, when a European company sought our help to investigate a security incident that happened in their IT system. During the investigation, we discovered a new malware that was unknown to all mainstream anti-virus products, however, it showed striking similarities to the infamous Stuxnet worm. We named the new malware Duqu, and we carried out its first analysis. Our findings led to the hypothesis that Duqu was probably created by the same people who developed Stuxnet, but with a different purpose: unlike Stuxnet, whose mission was to attack industrial equipment, Duqu was an information stealer rootkit. Nevertheless, both pieces of malware have a modular structure, and they could be re-configured remotely from a Command and Control server to include virtually any kind of functionality. Later, we also identified the dropper of Duqu, which led to the discovery of a zero-day Windows kernel exploit. The story and our results received intensive press coverage at that time.

Since the discovery of Duqu, we have been involved in the analysis of other targeted malware campaigns, including Flame (2012), MiniDuke (2013), TeamSpy (2013), and Duqu 2.0 (2015). More information is available on our blog site at blog.crysys.hu and on our research page.

Spin-offs

Tresorit

Tresorit was started as a student project in the CrySyS Lab and it evolved into a spin-off thanks to the talent and devotion of the students, István Lám and Szilveszter Szebeni, who designed the Tresorit architecture. Tresorit is a cloud based encrypted data storage system that allows for secure sharing of information within closed user groups. In Tresorit, data is encrypted at the client side before it is uploaded into the cloud, hence, users do not need to trust the cloud storage provider.

Avatao

Avatao is an online e-learning platform for IT professionals offering custom-tailored learning paths and detailed analytics about the learning process. Avatao helps users acquiring desired skills by guiding them through a series of hands-on exercises and challenges. Currently, Avatao focuses on providing IT security related challenges at all levels and in multiple sub-domains.

Ukatemi Technologies

Ukatemi Technologies was founded by members of the CrySyS Lab with the mission of addressing the problems of targeted attacks in cyber space. Targeted attacks often use advanced methods, they aim at compromising high profile targets, they are stealthy and persistent, and therefore, difficult to detect and mitigate. Ukatemi provides advanced threat mitigation technologies, including threat intelligence services, custom testing of anti-APT tools, technical assistance in computer security incident response, and advanced malware analysis.

IT-SEC Expert

IT-SEC Expert is a non-profit company specialized in industry oriented research and training in the field of IT security.

Overviews

2003-2013: A decade of experience in IT security research

Please, download our booklet summarizing our work between 2003 and 2013.

Current activities

Please, download our most recent lab presentation slides and posters.