IT Security Research Group

Our group is currently focussed on addressing the following information security issues:

• Deepfakes and their security issues: Deepfakes is a popular term nowadays, but few people know what deepfakes are and what threats they pose to us. That is why we are actively researching this relatively new technology. The goal of our research is to become familiar with the possibilities of using deepfakes (or other synthetic media) for malicious use and to design appropriate protection methods. In addition to using deepfakes to deceive computers (e.g., biometric systems), deepfakes can also be used to deceive people as fake messages or in identity theft phone calls. We want to focus on both areas and thus to understand what risks deepfakes pose to machines and us humans and to see what protection options are available to us. Our current research objective is the resilience of voice biometrics systems against deepfakes, deepfake speech detectors and human perception of deepfakes. We try to uncover all threats that deepfakes might pose to society, and how to mitigate these threats.
• Blockchain technologies: Security analysis of blockchain consensus protocols in general. Designing improvements to blockchain protocols such as DoS-resilience, anonymity, uncensorability and throughput attributes. Identity management in blockchains. Simulation of blockchains in relistic scenarious analysis of data. DAG-based consensus specializations and their aspects and enhancements. Scalable electronic voting. Semi-centralized hybrid cryptocurrencies and interoperability protocols.
• Wireless security (IoT): We are working on security and monitoring of wireless networks for the Internet of Things (IoT). We operate a LoRaWAN gateway connected to The Things Network project, analyze Bluetooth communication for which we are developing a monitoring tool, and investigate differences in IoT gateways for home use (Amazon Alexa, Google Nest). In our research we have collaborated with CESNET, Microrisc (developing the IQRF wireless technology) or Espressif.
• Threat intelligence and malware detection: The next area of our research is Threat Intelligence. The research includes an analysis of effective methods of malware campaign detection based on data from various sources, such as anti rootkits or antivirus detections. We also work on the study of detected campaigns and try to propose proactive campaign approaches and their prediction. Our research extends to other sub-fields of Threat Intelligence, such as malware taxonomy and threat classification using heuristic and machine learning methods.
• Usable security
• Secure hardware devices
• Financial protocols
• Anonymity systems
• Applied cryptography

In the past, we have published research concerning:

• Smart-card security
• Reputation/trust-based systems
• Biometric security

List of defended PhD theses:

• Privacy Protection on Mobile Devices. ARON, Lukáš, Brno, 2017. PhD thesis. Brno University of Technology, Faculty of Information Technology. Supervisor Hanáček Petr.
• Intrusion Detection in Network Traffic. Ivan Homoliak. PhD thesis, Brno, FIT BUT, 2016
• Analysis of attacks on wireless networks. KAČIC, Matej. Brno, 2017. Dissertation. Brno University of Technology, Faculty of Information Technology. Supervisor Doc. Dr. Ing. Petr Hanáček
• Security analysis of network traffic using behavioural signatures. Maroš Barabas. dissertation, Brno, FIT BUT, 2016
• Security of Contactless Smart Card Protocols. Martin Henzl. Dissertation, Brno, FIT BUT, 2016
• Design patterns in parallel and distributed systems. Peter Jurnečka. dissertation, Brno, FIT BUT, 2016
• Security of Tamper-Resistant Nodes in Wireless Sensor Networks. Peter Pecho. dissertation, Brno, FIT BUT, 2009
• Trust and reputation in distributed systems. Jan Samek. PhD thesis, Brno, FIT BUT, 2011
• On Selected Issues of Behavioural Patterns in Computer Security. Kamil Malinka. dissertation, Brno, FIT BUT, 2010