Technological and social aspects of cybersecurity

Systemy cyberbezpieczeństwa

Cybersecurity is a key area of our scientific research and R&D work. This is where the results of our research are applied. New technologies that improve the security of network infrastructure and digital services are born here.

How to build a reliable and accurate picture of cybersecurity threats based on network traffic samples, distributed security incident information, and vulnerabilities of network devices and services? How to mitigate the harmful impact of detected threats? How to secure network communications? We develop our cybersecurity systems by carefully addressing these questions and many more.

Pracownik Zakladu Metod Systemow Bezpieczenstwa Informacji

Detecting, modeling propagation and mitigating cybersecurity threats require advanced technologies for processing large sets of (diverse) data, as well as technologies for controlling network devices and service servers.

#AI and DDoS attack mitigation

 

Security of mobile systems requires lightweight and adaptive methods of detecting cyberattacks, behavioral profiling tools for users, and alerting mechanisms for web services. The outcome of our work in this area is technology: #BotSense.

 

The security of networks and network applications provides great technological challenges. We address them by developing cyber security and network control systems, ICT data processing systems, early detection and mitigation systems for security incidents in IT/OT networks, and network traffic monitoring systems: #FLDX and #ARAKIS.

 

Information security involves IT systems and the information stored in them, IoT protection, research on the effectiveness and reliability of trust and reputation management systems, and their resistance to attacks of various types.

 

We have developed technology for clustering and searching data on the vulnerabilities of IoT systems and devices, as well as methods of exploiting them. We create tools for analyzing network traffic and cyber attacks, perform testing and analysis of software security, especially of IoT devices: #VariotDB

 

We are working on:

  • Mathematical foundations of threat detection, propagation and mitigation
  • Interdisciplinary research related to the human aspect of cybersecurity, studies social, psychological and technical aspects of cybersecurity, and researches the skills gap and the effectiveness of educational methods in cybersecurity
  • Monitoring technologies for digital networks, systems and services
  • Distributed cybersecurity systems
  • Detection of dangerous content

 

Selected Publications

Articles

Anna Felkner, Jan Adamski, Jakub Koman, Marcin Rytel, Marek Janiszewski, Piotr Lewandowski, Rafał Pachnia, Wojciech Nowakowski, "Vulnerability and Attack Repository for IoT: Addressing Challenges and Opportunities in Internet of Things Vulnerability Databases", Applied Sciences, 14(22), 2024, 10513.
Andrzej Karbowski, Przemysław Jaskóła, "A Markovian Model of Dynamic Cyber Risk Assessment Based on Questionnaires", 16th International Conference on Signal Processing and Communication System (ICSPCS), Bydgoszcz, Poland, 2023, 1-6.
Mateusz Krzysztoń, Bartosz Bok, Marcin Lew, Andrzej Sikora, "Lightweight On-Device Detection of Android Malware Based on the Koodous Platform and Machine Learning", Sensors, 22(17), 2022, 6562.
Yufeng Xiao, Yingzi Huo, Cai Jiahong, Yinyan Gong, Wei Liang, Joanna Kołodziej, "ERF-XGB: An Edge-IoT-Based Explainable Model for Predictive Maintenance", IEEE Transactions on Consumer Electronics, vol. 70, no. 1, Feb. 2024, 4016-4025.
Piotr Szuster, Joanna Kołodziej, "Convective cells algorithm for storm data tracking", Communications of the ECMS, ECMS 2023, 37th Proceedings, 37(1), 2023,
Joanna Kołodziej, Mateusz Krzysztoń, Paweł Szynkiewicz, "Anomaly Detection in TCP/IP Networks", Communications of the ECMS, ECMS 2023, 37th Proceedings, Volume 37, Issue 1, 2023,
Marek Amanowicz, "Cybersecurity Awareness Provision: Case Study", In: Kołowrocki K, Dąbrowska E, eds. Advances in Reliability, Safety and Security. ESREL 2024 Contributions. Part 4 Simulation Based Methods for Reliability, Safety and Security; Risk and Reliability Assessment and Management, Gdynia, Poland, 2024, 9-18.
Maciej Grzenda, Stanisław Kaźmierczak, Marcin Luckner, Grzegorz Borowik, Jacek Mańdziuk, "Evaluation of machine learning methods for impostor detection in web applications", Expert Systems with Applications, Volume 231, 2023, 120736.
Grzegorz Borowik, Michał Balicki, Michał Kasprzak, Piotr Cukier, "Improved Mesh Processing Using Distorted Pole Spherical Coordinates", Selvaraj H, Chmaj G, Zydek D, eds. Advances in Systems Engineering, Lecture Notes in Networks and Systems. Cham: Springer Nature Switzerland, 2023, 337–347.
Jakub Skłodowski, Piotr Arabas, "Wykorzystanie drzew sufiksowych do efektywnej prezentacji podobieństw sesji z systemu pułapek honeypot", Cybersecurity and Law, 1(9), 2023, 298–315.
Marek Janiszewski, Marcin Rytel, Piotr Lewandowski, Hubert Romanowski, "Creating vulnerabilities and exploits database of IoT devices", Proceedings of the 2022 European Interdisciplinary Cybersecurity Conference, EICC 2022, 2022, 91–92.
Marek Janiszewski, Marcin Rytel, Piotr Lewandowski, Hubert Romanowski, "VARIoT – Vulnerability and Attack Repository for the Internet of Things", 22nd IEEE International Symposium on Cluster, Cloud and Internet Computing (CCGrid), 2022, 752–755.
Anna Felkner, "Źródła użytecznych informacji o zagrożeniach w internecie rzeczy", Cybersecurity and Law, 1(9), 2023, 144–154.
Anna Felkner, Marcin Rytel, "A Repository of Actionable Information on the Internet of Things", Proceedings of the 19th International Conference on Wireless Networks and Mobile Systems. Lizbona, Portugalia, Vol. 1, 2022, 69–75.
Marek Janiszewski, Anna Felkner, Piotr Lewandowski, Marcin Rytel, Hubert Romanowski, "Actionable Information Processing and Trust Management Towards Safer Internet of Things", Sensors, 21(13), 2021, 4359.
Marek Amanowicz, Mariusz Kamola, "Świadomość bezpieczeństwa cybernetycznego operatora usług kluczowych", Przegląd Telekomunikacyjny/Wiadomości Telekomunikacyjne, 4, 2022, 138929.
Marek Amanowicz, Mariusz Kamola, "Building Security Awareness of Interdependent Services, Business Processes, and Systems in Cyberspace", Electronics, 11(22), 2022, 3835.
Marek Amanowicz, Damian Jankowski, "Detection and Classification of Malicious Flows in Software-Defined Networks using Data Mining Techniques", Sensors, 21(9), 2021, 2972.

Book Chapters

Mateusz Krzysztoń, "Weryfikacja wiarygodności systemów w erze uczenia maszynowego", Cyberbezpieczeństwo AI. AI w cyberbezpieczeństwie, Warszawa: NASK PIB, 2023, 45–58.
Mateusz Krzysztoń, Marcin Lew, Michał Marks, "NAD: Machine Learning Based Component for Unknown Attack Detection in Network Traffic", Cybersecurity of Digital Service Chains. Challenges, Methodologies, and Tools, Switzerland: Springer Cham, 2022, 83–102.

Books

Joanna Kołodziej, Matteo Repetto, Armend Duzha, eds., "Cybersecurity of Digital Service Chains. Challenges, Methodologies, and Tools", Switzerland: Springer Cham, volume 13300, 2022, XI, 257.
Marek Amanowicz, Sebastian Szwaczyk, Konrad Wrona, "Data-Centric Security in Software Defined Networks (SDN)", Springer, eBook, 2024,
Anna Felkner, Youki Kadobayashi, Marek Janiszewski, Stefano Fantin, Jose Francisco Ruiz, Adam Kozakiewicz, Gregory Blanc, "Cybersecurity Research Analysis Report of Europe and Japan", Switzerland: Springer International Publishing, Vol. 75, 2021, XIV, 172.