“CrySyS Lab”的意思、由来-开放百科全书

The Laboratory of Cryptography and System Security (CrySyS Lab, spelling: [kri:sis]) is part of the Department of Telecommunications at the Budapest University of Technology and Economics. The full Hungarian name is CrySys Adat- és Rendszerbiztonság Laboratórium.

History

CrySyS Lab. was founded in 2003 by a group of security researchers at the Budapest University of Technology and Economics. Currently, it is located in the Infopark Budapest. The heads of the lab were Dr. István Vajda (2003–2010) and Dr. Levente Buttyán (2010-now). Since its establishment, the lab participated in several research and industry projects, including successful EU FP6 and FP7 projects (SeVeCom,^[1] a UbiSecSens ^[2] and WSAN4CIP^[3]).

Research results

CrySyS Lab is recognized in research for its contribution to the area of security in wireless embedded systems. In this area, the members of the lab produced

The above publications had an impact factor of 30+ and obtained more than 7500 references. Several of these publications appeared in highly cited journals (e.g., IEEE Transactions on Dependable and Secure Systems, IEEE Transactions on Mobile Computing).

Forensics analysis of malware incidents

The laboratory was involved in the forensic analysis of several high-profile targeted attacks.^[4]

In October 2011, CrySyS Lab discovered the Duqu malware;^[5] pursued the analysis of the Duqu malware and as a result of the investigation, identified a dropper file with an MS 0-day kernel exploit inside;^[6] and finally released a new open-source Duqu Detector Toolkit^[7] to detect Duqu traces and running Duqu instances.

In May 2012, the malware analysis team at CrySyS Lab participated in an international collaboration aiming at the analysis of an as yet unknown malware, which they call sKyWIper. At the same time Kaspersky Lab analyzed the malware Flame^[8] and Iran National CERT (MAHER)^[9] the malware Flamer. Later, they turned out to be the same.

Other analysis published by CrySyS Lab include the password analysis of the Hungarian ISP, Elender, and a thorough Hungarian security survey of servers after the publications of the Kaminsky DNS attack.^[10]

References

1. ^{{cite web|url=http://www.sevecom.org/ |title=Sevecom |publisher=Sevecom |date= |accessdate=2012-07-03}}
2. ^{{cite web|url=http://www.ist-ubisecsens.org |title=UbiSec&Sens |publisher=Ist-ubisecsens.org |date= |accessdate=2012-07-03}}
3. ^{{cite web|url=http://www.wsan4cip.eu/ |title=Home: WSAN4CIP Project |publisher=Wsan4cip.eu |date= |accessdate=2012-07-03}}
4. ^{{cite web |url=http://www.crysys.hu/targeted-attacks.html |title=CrySyS Lab. - Targeted attacks |publisher=Crysys.hu |date= |accessdate=2012-07-03 |deadurl=yes |archiveurl=https://web.archive.org/web/20120703073954/http://www.crysys.hu/targeted-attacks.html |archivedate=2012-07-03 |df= }}
5. ^{{cite web|url=http://www.securelist.com/en/blog/208193178/Duqu_FAQ |title=Duqu FAQ |publisher=Securelist |date= |accessdate=2012-07-03}}
6. ^{{cite web|author=|url=http://www.symantec.com/connect/w32-duqu_status-updates_installer-zero-day-exploit |title=Duqu: Status Updates Including Installer with Zero-Day Exploit Found | Symantec Connect Community |publisher=Symantec.com |date=2011-11-03 |accessdate=2012-07-03}}
7. ^{{cite web |url=http://www.crysys.hu/duqudetector.html |title=CrySyS Lab. - Duqu detector |publisher=Crysys.hu |date=2012-03-15 |accessdate=2012-07-03 |deadurl=yes |archiveurl=https://web.archive.org/web/20120626010636/http://www.crysys.hu/duqudetector.html |archivedate=2012-06-26 |df= }}
8. ^{{cite web|url=http://www.securelist.com/en/blog/208193522/The_Flame_Questions_and_Answers |title=The Flame: Questions and Answers |publisher=Securelist |date=2012-05-28 |accessdate=2012-07-03}}
9. ^{{cite web |url=http://www.certcc.ir/index.php?name=news&file=article&sid=1894 |title=مركز مدیریت امداد و هماهنگی عملیات رخدادهای رایانه ای:: Identification of a New Targeted Cyber-Attack |publisher=Certcc.ir |date=2012-05-28 |accessdate=2012-07-03 |deadurl=yes |archiveurl=https://web.archive.org/web/20120613232802/http://www.certcc.ir/index.php?name=news&file=article&sid=1894 |archivedate=2012-06-13 |df= }}
10. ^http://www.crysys.hu/publications/files/BencsathB08DNS.pdf