IoT – CrySyS Blog

Posted on May 26, 2026May 26, 2026 by Andras Gazdag — Leave a comment

CAN We Trust Your Results? A Cross-Dataset Study of Automotive IDS Evaluation

Our new paper is available now here.

Modern vehicles are no longer just mechanical machines. They are complex computer systems on wheels, with many electronic control units constantly talking to each other. One of the main communication systems inside vehicles is the Controller Area Network, or CAN bus.

The CAN bus was designed to be fast and reliable, but not necessarily secure. As cars have become more connected, this has become a serious concern. If an attacker gains access to the vehicle network, they may try to inject fake messages, block legitimate ones, or modify vehicle signals. This is why many researchers have worked on intrusion detection systems, or IDSs, for automotive networks.

These systems are meant to detect suspicious activity on the CAN bus. But there is an important question behind this work:

If an IDS performs well in one study, can we trust that it will also work well in another vehicle, another dataset, or another attack scenario? Or in other words: Are some current methods too dependent on the specific datasets they used?

Continue reading CAN We Trust Your Results? A Cross-Dataset Study of Automotive IDS Evaluation

Posted on April 26, 2021May 27, 2021 by Levente Buttyan — Leave a comment

SIMBIoTA: Similarity-Based Malware Detection for the Internet of Things

CrySyS Lab researchers developed a new anti-virus solution running on resource constrained embedded IoT devices.

Embedded devices connected to the Internet are threatened by malware, but no anti-virus product is available for them. Anti-virus products developed for traditional IT systems have higher resource needs than that offered by embedded IoT devices. The required amount of free storage space and memory to run these products is often measured in gigabytes, which exceeds the capacity of typical IoT devices, such as WiFi routers, IP cameras, smart house hold appliances, wearable devices, etc. In addition, many existing anti-virus products do not even support the operating systems (typically some embedded Linux or some more exotic OS) used on IoT devices. Therefore, they could not be installed, even if a particular IoT device met their system requirements.

Posted on March 26, 2021May 27, 2021 by Levente Buttyan — Leave a comment

Félidőnél tart a SETIT projekt

Buttyán Levente, BME
Ferenc Rudolf és Nagy Gábor Péter, SZTE
Huszti Andrea, DE

Az Internet ma már több beágyazott eszközt köt össze, mint hagyományos PC-t és szervert. A beágyazott eszközökkel kiterjesztett Internetet nevezzük Internet-of-Things-nek, vagy röviden IoT-nek. Az IoT számos alkalmazási területen biztosíthatja az új megoldások és a dinamikus fejlődés lehetőségét. IoT technológiákat használva otthonainkat okos otthonokká, városainkat okos városokká, gyárainkat okos gyárakká, és közlekedési rendszereinket intelligens közlekedési rendszerekké alakíthatjuk. Mindez azonban alakulhat máshogyan is, ha nem gondoskodunk arról, hogy az a technológia, amire a jövőnket építjük, kellően biztonságos és megbízható legyen. „Okos” otthonaink személyes szokásaink és adataink kiszivárogtatójává, „okos” városaink és „intelligens” közlekedési rendszereink masszív megfigyelési platformmá válhatnak.

Posted on June 12, 2018February 26, 2020 by Levente Buttyan — Leave a comment

Linux integrity monitoring on the Raspberry Pi

This blog post, written by István Telek, is the last post in a series of blog posts on transforming the Raspberry Pi into a security enhanced IoT platform. This last post describes how we implemented a very basic integrity monitoring function as a trusted application running in OP-TEE. Continue reading Linux integrity monitoring on the Raspberry Pi

Posted on June 12, 2018February 26, 2020 by Levente Buttyan — 3 Comments

Enabling WiFi and converting the Raspberry Pi into a WiFi AP

This blog post, written by Márton Juhász, is the fifth in a series of blog posts on transforming the Raspberry Pi into a security enhanced IoT platform. This post specifically will explain how to convert the Raspberry Pi into a WiFi access point such that it can perform some gateway-like functionality. First, we describe how to enable WiFi and then how to enable other software components to make the Pi an access point. Continue reading Enabling WiFi and converting the Raspberry Pi into a WiFi AP

Posted on June 10, 2018February 26, 2020 by Levente Buttyan — Leave a comment

OS hardening on the Raspberry Pi

This blog post, written by Márton Juhász, is the fourth in a series of blog posts on transforming the Raspberry Pi into a security enhanced IoT platform. Previous posts discussed building a custom Linux system with Buildroot, installing OP-TEE, and verified boot on the Raspberry Pi. This post will describe some OS hardening options you can use to reduce the attacks surface. Continue reading OS hardening on the Raspberry Pi

Posted on June 10, 2018February 26, 2020 by Levente Buttyan — Leave a comment

Verified boot on the Raspberry Pi

This blog post, written by István Telek, is the third post in a series of blog posts on transforming the Raspberry Pi into a security enhanced IoT platform. It describes how you can implement a verified boot process on the Raspberry pi. Continue reading Verified boot on the Raspberry Pi

Posted on June 10, 2018February 26, 2020 by Levente Buttyan — 2 Comments

Using Buildroot to create custom Linux system images

This blog post, written by Szilárd Dömötör, is the second post in a series of blog posts on transforming the Raspberry Pi into a security enhanced IoT platform. The first post explained how to build and install the default OP-TEE implementation for the Raspberry Pi 3. This one describes how you can build your own custom Linux system (with OP-TEE) using the Buildroot environment. Continue reading Using Buildroot to create custom Linux system images

Posted on June 10, 2018February 26, 2020 by Levente Buttyan — Leave a comment

OP-TEE default build and installation on the Raspberry Pi

This blog post, written by Márton Juhász, is the first in a series of blog posts on transforming the Raspberry Pi into a security enhanced IoT platform.

This blog post explains how to build and install the default OP-TEE implementation for the Raspberry Pi 3. The easiest way is to follow the steps described in the corresponding git repo of OP-TEE. However, for the sake of completeness (and because some steps may actually be a bit confusing in the original description), we provide a comprehensive description here. Continue reading OP-TEE default build and installation on the Raspberry Pi

Posted on June 10, 2018February 26, 2020 by Levente Buttyan — 1 Comment

Enhancing the Security of the Internet of Things

The Internet has grown beyond a network of laptops, PCs, and large servers: it also connects millions of small embedded devices. This new trend is called the Internet of Things, or IoT in short, and it enables many new and exciting applications. At the same time, IoT also comes with a number of risks related to information security. The lack of security, however, cannot be tolerated in certain applications of IoT, including connected vehicles and smart factories. In those applications, security failures may lead to substantial physical damage or monetary loss. Therefore, one of the biggest challenges today, which hinders the application of IoT technologies in certain application areas, is the lack of security guarantees. Continue reading Enhancing the Security of the Internet of Things