prof. Ing. Róbert Lórencz, CSc.

Specialist supervisor: Ing. Simona Fornůsek, Ph.D.

In contemporary computing environments, the security of Linux-based systems is of paramount importance due to their widespread adoption in critical infrastructure and enterprise settings. Traditional methods of threat monitoring and detection often fall short in effectively identifying and mitigating sophisticated cyber threats. This dissertation thesis will propose an advanced framework leveraging machine learning, anomaly detection and behavioral analysis techniques to enhance the monitoring and detection capabilities of threats within Linux environments.

By integrating various methodologies from the fields of cybersecurity and machine learning, the framework will address the evolving nature of cyber threats while minimizing false positives and false negatives. Through the development and implementation of novel algorithms and models, the proposed framework will seek to provide a proactive approach to security, enabling organizations to detect and respond to threats swiftly and effectively.

The research will also include the exploration of the effectiveness of machine learning, anomaly detection, and behavioral analysis algorithms for threat detection in Linux environments, alongside an in-depth analysis of adversarial defenses such as various exploitation and evasion techniques, and obfuscation, commonly employed by adversaries. Additionally, the efficiency of existing detection techniques against the adversarial techniques currently in use will be evaluated, while proposing improvements to enhance their efficacy.

This research will contribute to the advancement of cybersecurity practices in Linux environments by providing a robust and adaptable solution tailored to the complexities of modern-day cyber threats.

Specialist supervisor: Ing. Jiří Buček, Ph.D.

In the field of hardware cryptographic devices, there is a continual competition between the development of new attacks and, on the contrary, defenses against them. An attack usually aims to reveal secret information, such as a secret symmetric key, a private key, or a message. One of the relatively new attack approaches is a combination of passive and active attacks on cryptographic devices.

The aim of this work is to explore new possibilities of combination of active and passive physical attacks with knowledge of linear, differential or algebraic cryptanalysis.

Cryptocurrencies are a new phenomenon that is based on decentralization and allows us to make anonymous payments. Today, there are over a thousand cryptocurrencies that are based on different concepts such as proof-of-work or proof-of-stake. The goal will be to design a new cryptocurrency that would meet both security and market requirements such as scalability, sufficient transaction processing speed, low latency, and would be environmentally friendly.

The aim is the design and implementation of dedicated hardware architectures for computing modular arithmetic operations. The results are applicable in elliptic curve cryptography, as well as in other systems that utilize modular arithmetic.

Specialist supervisor: Mgr. Martin Jureček, Ph.D.

The number of malware attacks targeting the Linux operating system has increased recently, and existing detection systems are insufficient. This growth is partly due to the growth in the number of IoT devices that use different variants of Linux. Malware detection models for Linux are significantly less studied than detection models for the Windows operating system. As a result, Linux malware detection models are not as advanced and effective, and there is a lot of room for improvement. Machine learning algorithms play an important role in detecting and classifying malware into families and are a common part of Windows antivirus programs. Differences between Linux and Windows operating systems, such as different file formats, must be taken into account when extracting data and preprocessing it. The dissertation ability of the topic is based on solving data preparation problems where deep knowledge of the Linux operating system is required, as well as on designing efficient machine learning-based detection systems that provide the highest possible accuracy with an acceptable false positive rate.

Malicious code or malware is one of the biggest security threats today. A huge amount of new malicious code is generated every day, and since it is not possible to analyze each sample separately, it is necessary to develop automatic mechanisms to detect it. Machine learning algorithms turn out to be a useful tool for automatic detection of malware. With them, zero-day malware can also be detected, but in contrast to standard procedures such as signature-based detection, they achieve higher false positive (FP) ratio. The aim of the dissertation will be to develop an automatic malware detection system that achieves a solid classification accuracy and has a minimum FP.

The solution of an integer system of linear equations (SLE) without rounding errors can be done by dividing the solving process into systems of linear congruences (SLC), and then converting the results into a set of solutions of the original SLE. The so-called MRC algorithm is used for this conversion, which has the complexity O(nm2), where n is the matrix dimension and m is the number of SLK (modules) used.

The aim of this work is to find a more efficient way of using the MRC algorithm that benefits from the knowledge of mutual data dependency of the SLE solution. It is also possible to design a parallelization of the newly designed algorithm. The result is an MRC-based method with less than O(nm2) complexity for solving the conversion process of SLC results to SLE results.

The behavior of various semiconductor circuits is also dependent, among other factors, on the environment in which they operate. Desirable information for users of various HW devices is the reliability of these devices on age, and to some extent the associated resistance of the semiconductor components to ionizing radiation.

The topic of the dissertation is mathematical modeling of the behavior of HW semiconductor components at various technological levels, depending on irradiation with ionizing/particulate radiation. The aim of this work is to create a model of HW device behavior including aging factors and material degradation due to radiation. The results will be useful for determining the reliability/error-free lifetime of circuitry exposed to radiation or long-term use.

The study of suitable post-quantum cryptosystems has long been in the interest of cryptologists. The reason for this is the thriving field of quantum computer technology, which could endanger the security of asymmetric cryptosystems by using suitable factorization algorithms.

The topic of the dissertation is the study and analysis of existing and new methods of post-quantum cryptographic algorithms. The goal is to create an asymmetric cryptosystem that is resistant against quantum-based attacks and is simple to implement and secure.

One of the candidates for post-quantum cryptosystems suitable for analysis and eventual improvement is the McEliece asymmetric encryption algorithm based on binary Goppa codes. This algorithm complies with the security requirements for asymmetric cryptosystems of today, but there is a problem with its large spatial complexity. Trying to reduce the size of the keys in this algorithm can be a good initial challenge for further research.

Specialist supervisor: Aurél Gábor Gábris, Ph.D.

The increase in computing power, along with the growing amount of data, has recently resulted in the use of machine learning, which has achieved impressive results in various domains, including malware detection. On average, almost 1.5 million new malware samples are generated every day, and due to the increasing size of data, as well as the physical limitations of classical computers, machine learning algorithms are running into limits due to computing power. For this reason, scientists are investigating the possibility of using quantum computing to speed up machine learning algorithms, while some works [1,2] in malware detection have already appeared. The thesis aims to apply quantum machine learning (e.g., Quantum Support Vector Machine [3] or Quantum Neural Networks [4]) to the problem of malware detection and compare it with classical machine learning algorithms. A quantum computing simulator or a quantum computer from IBM, currently available based on an agreement with CTU, can be used. The dissertation ability of the topic is based on the review of the use of quantum machine learning algorithms for classification tasks from the domain of malware detection and the identification of its advantages and disadvantages compared to classical machine learning models.

• [1] Mercaldo, F., Ciaramella, G., Iadarola, G., Storto, M., Martinelli, F., & Santone, A. (2022). Towards explainable quantum machine learning for mobile malware detection and classification. Applied Sciences, 12(23), 12025.
• [2] Barrué, G., & Quertier, T. (2023). Quantum Machine Learning for Malware Classification. arXiv preprint arXiv:2305.09674.
• [3] Havlíček, V., Córcoles, A. D., Temme, K., Harrow, A. W., Kandala, A., Chow, J. M., & Gambetta, J. M. (2019). Supervised learning with quantum-enhanced feature spaces. Nature, 567(7747), 209-212.
• [4] Wan, K. H., Dahlsten, O., Kristjánsson, H., Gardner, R., & Kim, M. S. (2017). Quantum generalisation of feedforward neural networks. npj Quantum information, 3(1), 36.

A quality TRNG is essential for current hardware components of cryptographic. Reliable key generators based on PUF are also required. Such key generation is very much in demand, because the key generated in this way remains the "secret" of the cryptosystem hardware itself.

The topic of the dissertation is the study of the proposed PUF and TRNG in terms of their long-term stable response. The aim of this work is to explore existing and propose new PUF and TRNG solutions that are suitable for long-term generation of high-quality output by TRNG and which also guarantee stable key generation based on PUF responses. The work includes the study and understanding of the behavior of these components at the statistical level and also at the physical/technological level.

prof. Ing. Róbert Lórencz, CSc.

Ing. Jiří Buček, Ph.D.

Department of Computer Systems

prof. Ing. Róbert Lórencz, CSc.

Ing. Jiří Kašpar

Department of Computer Systems

This bachelor thesis should make it possible for administrators, IT specialists and security managers to look into problems security logs related to management in enterprise environment. The first part of the thesis is focused on introduction to the problem and explanation of elementary terms, which are closely connected with generating log events. The second part is primary aimed at practice demonstration of automatic collecting log events and analyze of them. It describes a methodological process how the organization should proceed correctly in a case of collecting log events. This practical part is focused on the actual environment of an organization which operates in a public sector where is majority implemented the MS Windows platform.

Thesis on DSpace

prof. Ing. Róbert Lórencz, CSc.

Ing. Jiří Buček, Ph.D.

Department of Computer Systems

prof. Ing. Róbert Lórencz, CSc.

Ing. Jiří Buček, Ph.D.

Department of Computer Systems

prof. Ing. Róbert Lórencz, CSc.

Ing. Jiří Buček, Ph.D.

Department of Computer Systems

prof. Ing. Róbert Lórencz, CSc.

Ing. Tomáš Zahradnický, Ph.D.

Department of Theoretical Computer Science

prof. Ing. Róbert Lórencz, CSc.

Ing. Jiří Buček, Ph.D.

Department of Computer Systems

This thesis focuses on adding a new authenticated encryption cipher suite in the OpenSSL implementation of the TLS protocol using the EVP API. The cipher was selected from CAESAR competition submissions. The new cipher suite was successfully tested by analysing TLS network communication between server and client.

Thesis on DSpace

prof. Ing. Róbert Lórencz, CSc.

Ing. Josef Kokeš

Department of Computer Systems

In this Theses we deal with algebraic cryptanalysis of Baby Rijndael cipher. Baby Rijndael is a simplified version of the most used symetric block cipher AES. We do the attacks with knowledge of the open text and the cipher text. Gradually, we attack one, two and four rounds of this cipher. We can express each round as a system of equations with maximum degree of terms equal to two. During attacks we try to solve this system using algorithms XL, XSL, T' and some heuristics. For one round we managed to break the cipher. For two rounds we must know one quarter of bits of the key and for four rounds we must know almost half of bits of the key.

Thesis on DSpace

prof. Ing. Róbert Lórencz, CSc.

Ing. Josef Kokeš

Department of Computer Systems

In this work, we deal with a code-based public-key cryptosystem McEliece which is one of the candidates for post-quantum cryptography. We provide a definition of the cryptosystem, its variant for digital signature scheme, and we focus on the practical aspects of this cryptosystem and its cryptanalysis. We evaluate the time complexity of the algorithms using an illustrative implementation in Wolfram Mathematica.

Thesis on DSpace

prof. Ing. Róbert Lórencz, CSc.

Ing. Jiří Buček, Ph.D.

Department of Computer Systems

This thesis deals with Physical Unclonable Functions (PUFs) on FPGAs. First, we provide a literature research concerning PUFs in general and their various constructions with a focus on PUFs suitable for FPGAs. Then we introduce PUF design proposed in our previous work which is based on ring oscillators and we discuss its properties. The proposed PUF is analysed and tested at varying temperature and voltage. Based on the results of the experiments, we propose suitable modifications of the PUF design in order to improve the quality of its output.

Thesis on DSpace

prof. Ing. Róbert Lórencz, CSc.

Ing. Filip Kodýtek

Department of Digital Design

This thesis deals with Physical Unclonable Functions (PUFs) and bit selection algorithms for PUF on cheap microcontroller. First, we provide a literature research concerning PUFs in general with a focus on PUFs suitable for SRAMs. Then we introduce bit selection algorithm for PUF and we use it as cryptographic key generator. We extend the research of [1] and [2]. The result of this work is the implementation of SRAM PUF on microcontroller. The PUF can be used for device identification or as a cryptographic key generator. The proposed PUF is analysed and tested at varying temperatures.

Thesis on DSpace

prof. Ing. Róbert Lórencz, CSc.

Ing. Jiří Buček, Ph.D.

Department of Information Security

Modular inverse is a widely used operation in modern science and technology, particularly in cryptography. There are many ways how to find modular inverse of an integer and the research to find the ideal one is still active. In this work, we present a complexity analysis of several chosen algorithms and some of the ideas about improving them drawn from relevant literature.

Thesis on DSpace