The Secure Software Systems (SSS) research group focuses on various security and privacy aspects of computing systems and networks. In the era of ubiquitous digitalization and new technology trends that are transforming traditional industrial and business models, our goal is to push forward innovative research in order to identify new attack vectors and design countermeasures.
Our research agenda includes a broad range of topics in the following four domains:
- Software security. Despite decades of research, software vulnerabilities and bugs persist in modern software and their exploitation remain one of the major attack vectors.
- Mobile security and privacy. Mobile platforms became common computing platforms and while providing valuable user experience, they collect, process and store vast amount of information about their users and, thus, became attractive attack targets.
- IoT Security. Billions of low-cost embedded Internet-of-Things (IoT) devices are gradually penetrating our daily life. Securing those devices are especially challenging, since they feature low computational resources and pressing cost issues, which often makes it impossible to implement proper security mechanisms for their protection.
- Security of decentralized systems. Decentralized systems rely on consensus protocols to reach an agreement in a distributed setting. Since the rise of Bitcoin, consensus protocols are widely used by various cryptocurrency and smart contract platforms, yet they have limitations and need improvements with regard to scalability, efficiency, and sustainability.
We also aim to educate our students, the future software engineers, about state-of-the-art attacks and best programming practices, in order to enhance their competence and increase security awareness.