Laboratory for vulnerability testing of desktop and mobile computing devices and algorithms and software (LAVA)

How will AI and ML prevent cybercriminals from organizing acts of cyberterrorism? LAVA can help!

Projekty_LAVA_logo

Challenge

The project assumes that the results of the vulnerability research are intended to prevent cyber criminals from carrying out illegal activities and organizing acts of cyber terrorism, closely involving the use of mobile devices. Especially dangerous for users of PEGI 12, PEGI 16 and PEGI 18 age groups.

The main goal of the project is to build a vulnerability analysis laboratory equipped with:

  • experimental laboratory station for vulnerability testing of devices and software,
  • vulnerability scanning in IT systems using innovative methods developed during the project,
  • tools for static application analysis and behavioral analysis.
Projekty_LAVA_ikona
Project leader
Dr Mateusz Krzysztoń

What we did

The project will develop innovative methods for testing devices and applications using artificial intelligence and machine learning techniques. An important aspect of the work is also the automation of software testing and the development of appropriate procedures and methodologies. One of the products of the LaVa project is a consistent methodology for assessing the security level of IoT devices. As part of the project, we are also conducting a detailed review of existing tools and verifying their suitability in the context of performing tests on IoT devices. Based on this, a coherent tool environment (in the form of a software set) for performing security tests of IoT devices is created.

In the area of artificial intelligence security, we are developing a generic methodology to determine the degree of vulnerability of predictive models enabling their comparison. Our work is focused in the area of cyber-physical systems (robotics, industrial automation) and cybersecurity. For the purpose of testing mobile devices and applications, the project is creating an environment for dynamic long-term analysis of mobile applications under near-real conditions – an isolated, secure testing environment and a repository of behavioral models describing the performance of mobile applications.

Vulnerability testing of mobile applications will take into account various application usage profiles taking into account device movement, location changes, resource sharing with other applications, network connections, different versions of the operating system and software specific to major mobile device producers.