In the R&D Department of Cryptomage, Inc. we employ specialists from several fields of research:
We use unique results-oriented methods of work. Many years of experience in scientific research have helped us to develop this approach so we are at the cutting edge of the industry and are able to effectively manage a team of scientists using modern methods of project management and the psychology of motivation. Our experience was gained during numerous research and development projects that enjoyed completed deployments, as well as during internships and research visits at the best research centers, including Silicon Valley, California (USA).
We have ambitious research goals that are correlated with the needs of our customers. Finally, we can observe the results of our work under real conditions, and not only in the laboratory.
Our offer includes brand new research contracts in our specialized fields, and to participate in interdisciplinary projects.
Abstract: Over the last few years many techniques have been applied to find and mitigate vulnerabilities, misuses, cyber-attacks and other cyber-security flaws. One of the approaches, which we consider in this paper, is a model-based technique applied to network communication protocols. This idea is not brand new, and model-based techniques have been successfully used to verify and validate the standard models of communication protocols. However, the implementation of network protocols varies from one system to another, and in many cases they miss standards or recommendations. Attackers know these flaws very often and try to use them before everybody else finds them, what can be called “zero-day exploit of communication protocol.” To address this issue, a combination of the best features of model-based and anomaly detection techniques could be applied. (...)
Abstract: In this paper a new method for information hiding in open social networks is introduced. The method, called StegHash, is based on the use of hashtags in various open social networks to connect multimedia files (like images, movies, songs) with embedded hidden messages. The evaluation of the system was performed on two social media services (Twitter and Instagram) with a simple environment as a proof of concept. The experiments proved that the initial idea was correct, thus the proposed system could create a completely new area of threats in social networks.
Abstract: In this paper a new method for information hiding in club music is introduced. The method called StegIbiza is based on using the music tempo as a carrier. The tempo is modulated by hidden messages with a 3-value coding scheme, which is an adoption of Morse code for StegIbiza. The evaluation of the system was performed for several music samples (with and without StegIbiza enabled) on a selected group of testers who had a music background. Finally, for the worst case scenario, none of them could identify any differences in the audio with a 1% margin of changed tempo.
The system for identification and monitoring of anomalies and risks in ICT networks
1.10.2016 - 30.09.2018
Co-financed by European Union in the amount of EUR 1,044,534.63 from European Regional Development Fund, Operational
We are developing a probe to detect cyberattacks on the basis of a totally different paradigm than the solutions currently used, which are designed to detect web anomalies. The existing solutions rely on pre-defined attack signatures. A new kind of attack has to have been discovered previously for the firewalls to be able to detect it. Our solution will allow the detection of cyberattacks, irrespective of the method used by the intruder.
Network anomaly detection platform
1.08.2017 - 31.07.2020
Co-financed by the National Centre for Research and Development in the amount of EUR 1,004,397.57 from the
The objective of the project is to create and develop a prototype version of an intelligent hardware and software solution for network attack of information leak detection. The solution utilizes a unique approach for network protocol observation from different perspectives. The solution will analyze internal network traffic focusing on network protocol behavior in real time. The system will be able to detect network steganography techniques and network attacks. An observation of network protocol behavior strictly depends on the point in which the observation is conducted thus the objective of the project is to observe a network traffic from multiple perspectives.