Research work

KC KB UPJŠ

Research work

KC KB UPJŠ

The research activities of the Competence Center for Cybersecurity at UPJŠ (KC KB UPJŠ) are focused on connecting theoretical and applied research in the field of information and cybersecurity (KIB). Researchers are engaged in the systematic collection, processing and analysis of data, the designing of new methodologies and the application of advanced analytical approaches (machine learning, data analysis) with the aim of increasing the level of protection of information systems and understanding of cybersecurity threats. Emphasis is placed on the practical usability of the results in the form of tools, methodologies and decision-making support for security practice.

Research Focuses of the KC KB UPJŠ

1. Situational Awareness in Cybersecurity

A significant part of the research is devoted to modeling and predicting the security situation in cyberspace. The research covers all three levels of situational awareness – perception, understanding and projection of the future development of security events. Time series methods and neural networks (e.g. LSTM) are mainly used to predict security incidents and trends.

2. Application of Machine Learning and Artificial Intelligence in Cybersecurity

The research includes the implementation of machine learning methods of artificial intelligence in the analysis of security data, including malware detection, behavioral analysis and processing of large data sets. Special attention is paid to the automation of the response to cyber security incidents, the implementation of digital forensic analysis and the detection of cyber threats.

3. Analysis of legal aspects of cybersecurity and artificial intelligence

The research connects technical and legal aspects of cybersecurity, especially in the areas of artificial intelligence regulation, data protection and liability for damages. It focuses on the analysis of EU legal frameworks (e.g. GDPR, NIS2, AI Act) and their application in practice, while identifying areas of legal uncertainty and proposing solutions.

Sub-activities of the KC KB UPJŠ in the research area

1. Scientific publications

The research activities of the KC KB UPJŠ are presented through scientific publications published in international conferences and journals. Publication outputs cover areas such as cyber situational awareness, time series analysis of security events, digital forensic analysis and application of AI in security.

List of articles can be found at this link.

Older articles by members of the KC KB UPJŠ in the field of cybersecurity, data protection and cybercrime can be found at this link

2. Analysis of current approaches and trends in cybersecurity research (state of the art)

The KC KB UPJŠ systematically monitors and analyses current approaches and trends in cybersecurity research, especially in the field of data analysis and artificial intelligence. The result is the creation of overviews of research directions, identification of new challenges and formulation of research topics.

Analysis of current approaches and trends in the areas of:

Cyber ​​Situational Awareness

Research in this area focuses on modeling the security situation in cyberspace through three levels, namely perception, understanding and projection of future developments. The emphasis is on processing large volumes of heterogeneous data (e.g. logs, IDS alerts, network traffic) and transforming them into understandable analytical outputs for operators. An important research topic is the prediction of cyber security incidents using methods such as time series, Bayesian networks or Markov models. The research also reflects challenges such as "data overload", the lack of quality datasets and the need for real-time analysis.

Formal Concept Analysis

Research in this area focuses on the use of formal concept analysis (FCA) as a mathematical tool for identifying relationships, patterns, and anomalies in cybersecurity data. FCA allows for the structuring of digital traces, the analysis of temporal relationships, and the support of forensic analysts' decision-making. Research also includes applications in fraud detection, malware analysis, and phishing attacks, with an emphasis on the interpretability of results. Current trends are towards extensions of FCA (e.g. fuzzy FCA or combination with TF-IDF and machine learning methods) for processing complex and large-scale data

Artificial Intelligence and Large Language Models in Cybersecurity

Research in this area focuses on the use of advanced artificial intelligence techniques, especially deep learning and transformer architectures, in the detection and analysis of cyber security threats. Modern approaches allow the processing of various types of data (binary files, API calls, network communication) and the capture of complex relationships between them. A significant trend is the transition from manually designed features to end-to-end models and the use of "self-supervised learning". Research also addresses the issues of efficiency, interpretability and scalability of models in practical deployment.

3. Datasets for cybersecurity research

KC KB UPJŠ is actively involved in the creation and provision of datasets for cybersecurity research, including data from honeypots and security sensors. These datasets enable realistic experimentation, testing of detection algorithms and validation of research approaches. At the same time, they solve one of the key problems of research – the lack of high-quality and annotated data for security incident analysis.

Datasets are available at this link.

4. PhD projects (VVGS UPJŠ)

The VVGS UPJŠ grant scheme supports research activities of PhD students and young scientists that are thematically related to the research areas of KC KB UPJŠ.

Description of the call can be found at this link

List of calls can be found at this link

List of supported projects can be found at this linkThe projects focus on:

  • legal aspects of AI and cybersecurity, including data protection and liability,
  • research into disinformation and hybrid threats in the information space and their impact on cybersecurity,
  • application of formal concept analysis to cybersecurity data to identify patterns and anomalies in alerts from detection systems (e.g. IDS).

Description of supported projects

Legal aspects of artificial intelligence and cybersecurity: Data protection and liability in the time of cyber threats

The project focused on analyzing the legal aspects of the use of artificial intelligence in the context of cybersecurity, especially from the perspective of data protection and liability for damage caused by AI systems. The main output was a scientific publication that systematically analyzes the legal frameworks of the European Union, including the AI ​​Act, GDPR and the NIS2 Directive. The research identified several areas of legal uncertainty, such as issues of liability for autonomous systems or the conflict between data protection and the needs of training AI models. The results were presented at professional events and within the framework of international scientific mobility, thus contributing to their validation and dissemination in the academic community. The project also strengthened interdisciplinary research at the interface of law and technology and created a basis for further scientific activities in this area. Published article – Legal aspects of artificial intelligence and cybersecurity: data protection and liability in the era of cyber threats (link to article).

Challenges of information security: Disinformation as a tool of hybrid action

The project focused on researching disinformation campaigns and their role within hybrid threats in the information space. The research made it possible to identify dominant narratives, analyze factors influencing the spread of disinformation and reveal the main vulnerabilities of the information environment in the countries of Central and Eastern Europe and the Baltics. A significant result was also a comparative assessment of the approaches of individual states to the protection of the information space. The project contributed to the expansion of professional knowledge through a scientific article and the establishment of international cooperation, including research trips and expert consultations. The knowledge gained provides a basis for designing more effective defense mechanisms against hybrid information threats. 

Application of formal concept analysis methods to cybersecurity data

The project focused on researching disinformation campaigns and their role within hybrid threats in the information space. The research made it possible to identify dominant narratives, analyze factors influencing the spread of disinformation and reveal the main vulnerabilities of the information environment in the countries of Central and Eastern Europe and the Baltics. A significant result was also a comparative assessment of the approaches of individual states to the protection of the information space. The project contributed to the expansion of professional knowledge through a scientific article and the establishment of international cooperation, including research trips and expert consultations. The knowledge gained provides a basis for designing more effective defense mechanisms against hybrid information threats. Application of formal concept analysis methods to cybersecurity data The project focused on applying formal concept analysis (FCA) methods to cybersecurity data in order to identify patterns, dependencies and anomalies in IDS alerts. The research worked with the CIC-IDS2017 dataset and used the Snort tool with various rule sets for generating and analyzing alerts. A significant contribution was the extension of the classic FCA approach to the attribute implication chaining method, which allows linking knowledge from multiple data contexts. The results showed that FCA is a suitable tool not only for knowledge extraction, but also for supporting situational awareness and identifying anomalous phenomena in security data. The project output was a scientific article presented at an international conference, while the results were also discussed in a foreign academic environment, which supported their further validation and development. Published article – Formal Concept Analysis as a Framework for Cyber Situational Awareness (link to article).