Cybersecurity

Systemy cyberbezpieczeństwa

In the Cybersecurity Research and Development Division, we create technologies that enhance the security of network infrastructure and digital services.

We develop technologies to build a reliable and accurate picture of threats based on network traffic samples, distributed information about security incidents, and data on vulnerabilities in devices and network services. In parallel, we deliver solutions that safely and rapidly mitigate the impact of detected threats on digital services and network infrastructure, and that secure network communications.

Pracownik Zakladu Metod Systemow Bezpieczenstwa Informacji

Security of mobile systems calls for lightweight, adaptive attack-detection methods, tools for behavioural user profiling, and early-warning mechanisms for threats to network services. One of the outcomes of our work in this area is the BotSense technology. #BotSense.

In the area of network and application security, we develop cybersecurity and network control systems, ICT data processing systems that enable early detection, propagation modelling, and effective mitigation of security incidents. Achieving these objectives requires the use of advanced technologies for processing large, heterogeneous datasets, as well as technologies for controlling network devices and application servers #AI and mitigation of DDoS attacks.. We also develop solutions for the early detection and mitigation of security incidents in IT/OT networks, and network traffic monitoring systems. We are developing and commercialising our proprietary technology for countering DDoS attacks #FLDX. An important part of our portfolio in network threat monitoring is the #ARAKIS technology. Achieving these objectives requires the use of ensuring information security requires continuous verification of ICT system protection. We therefore conduct security testing and analysis of software and hardware, particularly IoT devices, and we develop tools and methods that support cybersecurity tasks. Since non-technical aspects also matter, we research the effectiveness and reliability of trust and reputation management systems, as well as their resilience to attacks. We are also engaged in disseminating and expanding knowledge on the protection of ICT systems and the data stored within them.

We have created technology for clustering and searching data on vulnerabilities in ICT systems and IoT devices, as well as on methods of exploiting them. We develop tools for network-traffic and cyberattack analysis and perform security testing and analysis of software, with a particular focus on IoT devices. #VariotDB: IoT vulnerability and exploit database

Research areas:

  • mathematical foundations of threat detection, propagation modelling, and mitigation modelling
  • interdisciplinary research into the human aspect of cybersecurity (cognitive, personality, and behavioural factors), and its social and technological determinants
  • the competence gap and the effectiveness of cybersecurity education methods.
  • technologies for monitoring networks, systems, and digital services
  • distributed cybersecurity systems
  • detection of harmful content
  • application of spiking neural networks and neuromorphic hardware to detecting malicious network traffic and computer vision
  • cyberspace monitoring using a network telescope
  • analysis of events and malware collected with various types of honeypots.

Projects

AI-Powered Innovative Toolkit for Cybersecurity Hubs (AIPITCH)
Laboratory for vulnerability testing of desktop and mobile computing devices and algorithms and software (LAVA)
Comprehensive system for early detection and analysis of cybersecurity incidents in IT/OT environments (ARAKIS Enterprise)
Financial sector protection systems (BotSense)
System to categorize, evaluate and moderate web content for new services and advertising selection (KOMTUR)
Autonomous detection and mitigation of DDoS attacks (FLDX)
Strategic programs for advanced research and technology in Europe (SPARTA)
Vulnerability and Attack Repository for IoT (VARIoT)
Mobile Threat Defense (MTD) platform for continuous, automated and multidimensional device security threat level assessment (SKAM)
Cybersecurity and privacy dialogue between Europe and Japan (EUNITY)

Selected Publications

Articles

Marek Janiszewski, Krzysztof Szczypiorski, "Methodological reliability evaluation of trust and reputation management systems", Computers & Security, 158, 2025, 104620.
See publication
Jakub Koman, Marek Janiszewski, "SCAnME – scanner comparative analysis and metrics for evaluation", International Journal of Information Security, 24(3), 2025, .
See publication
Jan Adamski, Marek Janiszewski, Marcin Rytel, "IoT Mobile Applications Pentesting Methodology and Results of Research", IEEE Internet of Things Journal, 12(11), 2025, 18209-18219.
See publication
Piotr Arabas, Marek Dawidiuk, "Filter aggregation for DDoS prevention systems: hardware perspective", International Journal of Information Security, 24(3), 2025, .
See publication
Wojciech Nowakowski, "Social Engineering Analysis Framework: A Comprehensive Playbook for Human Hacking", IEEE Access, 13, 2025, 18827-18849.
See publication
Giuseppe Stragapede et al., "KVC-onGoing: Keystroke Verification Challenge", Pattern Recognition, , 2024, 111287.
See publication
Anna Felkner, Jan Adamski, Jakub Koman, Marcin Rytel, Marek Janiszewski, Piotr Lewandowski, Rafał Pachnia, Wojciech Nowakowski, "Vulnerability and Attack Repository for IoT: Addressing Challenges and Opportunities in Internet of Things Vulnerability Databases", Applied Sciences, 14(22), 2024, 10513.
See publication
Andrzej Karbowski, Przemysław Jaskóła, "A Markovian Model of Dynamic Cyber Risk Assessment Based on Questionnaires", 16th International Conference on Signal Processing and Communication System (ICSPCS), Bydgoszcz, Poland, 2023, 1-6.
See publication
Mateusz Krzysztoń, Bartosz Bok, Marcin Lew, Andrzej Sikora, "Lightweight On-Device Detection of Android Malware Based on the Koodous Platform and Machine Learning", Sensors, 22(17), 2022, 6562.
See publication
Yufeng Xiao, Yingzi Huo, Cai Jiahong, Yinyan Gong, Wei Liang, Joanna Kołodziej, "ERF-XGB: An Edge-IoT-Based Explainable Model for Predictive Maintenance", IEEE Transactions on Consumer Electronics, vol. 70, no. 1, Feb. 2024, 4016-4025.
See publication
Piotr Szuster, Joanna Kołodziej, "Convective cells algorithm for storm data tracking", Communications of the ECMS, ECMS 2023, 37th Proceedings, 37(1), 2023,
See publication
Joanna Kołodziej, Mateusz Krzysztoń, Paweł Szynkiewicz, "Anomaly Detection in TCP/IP Networks", Communications of the ECMS, ECMS 2023, 37th Proceedings, Volume 37, Issue 1, 2023,
See publication
Marek Amanowicz, "Cybersecurity Awareness Provision: Case Study", In: Kołowrocki K, Dąbrowska E, eds. Advances in Reliability, Safety and Security. ESREL 2024 Contributions. Part 4 Simulation Based Methods for Reliability, Safety and Security; Risk and Reliability Assessment and Management, Gdynia, Poland, 2024, 9-18.
See publication
Maciej Grzenda, Stanisław Kaźmierczak, Marcin Luckner, Grzegorz Borowik, Jacek Mańdziuk, "Evaluation of machine learning methods for impostor detection in web applications", Expert Systems with Applications, Volume 231, 2023, 120736.
See publication
Grzegorz Borowik, Michał Balicki, Michał Kasprzak, Piotr Cukier, "Improved Mesh Processing Using Distorted Pole Spherical Coordinates", Selvaraj H, Chmaj G, Zydek D, eds. Advances in Systems Engineering, Lecture Notes in Networks and Systems. Cham: Springer Nature Switzerland, 2023, 337–347.
See publication
Jakub Skłodowski, Piotr Arabas, "Wykorzystanie drzew sufiksowych do efektywnej prezentacji podobieństw sesji z systemu pułapek honeypot", Cybersecurity and Law, 1(9), 2023, 298–315.
See publication
Marek Janiszewski, Marcin Rytel, Piotr Lewandowski, Hubert Romanowski, "Creating vulnerabilities and exploits database of IoT devices", Proceedings of the 2022 European Interdisciplinary Cybersecurity Conference, EICC 2022, 2022, 91–92.
See publication
Marek Janiszewski, Marcin Rytel, Piotr Lewandowski, Hubert Romanowski, "VARIoT – Vulnerability and Attack Repository for the Internet of Things", 22nd IEEE International Symposium on Cluster, Cloud and Internet Computing (CCGrid), 2022, 752–755.
See publication
Anna Felkner, "Źródła użytecznych informacji o zagrożeniach w internecie rzeczy", Cybersecurity and Law, 1(9), 2023, 144–154.
See publication
Anna Felkner, Marcin Rytel, "A Repository of Actionable Information on the Internet of Things", Proceedings of the 19th International Conference on Wireless Networks and Mobile Systems. Lizbona, Portugalia, Vol. 1, 2022, 69–75.
See publication
Marek Janiszewski, Anna Felkner, Piotr Lewandowski, Marcin Rytel, Hubert Romanowski, "Actionable Information Processing and Trust Management Towards Safer Internet of Things", Sensors, 21(13), 2021, 4359.
See publication
Marek Amanowicz, Mariusz Kamola, "Świadomość bezpieczeństwa cybernetycznego operatora usług kluczowych", Przegląd Telekomunikacyjny/Wiadomości Telekomunikacyjne, 4, 2022, 138929.
See publication
Marek Amanowicz, Mariusz Kamola, "Building Security Awareness of Interdependent Services, Business Processes, and Systems in Cyberspace", Electronics, 11(22), 2022, 3835.
See publication
Marek Amanowicz, Damian Jankowski, "Detection and Classification of Malicious Flows in Software-Defined Networks using Data Mining Techniques", Sensors, 21(9), 2021, 2972.
See publication

Book Chapters

Mateusz Krzysztoń, "Weryfikacja wiarygodności systemów w erze uczenia maszynowego", Cyberbezpieczeństwo AI. AI w cyberbezpieczeństwie, Warszawa: NASK PIB, 2023, 45–58.
See publication
Mateusz Krzysztoń, Marcin Lew, Michał Marks, "NAD: Machine Learning Based Component for Unknown Attack Detection in Network Traffic", Cybersecurity of Digital Service Chains. Challenges, Methodologies, and Tools, Switzerland: Springer Cham, 2022, 83–102.
See publication

Books

Joanna Kołodziej, Matteo Repetto, Armend Duzha, eds., "Cybersecurity of Digital Service Chains. Challenges, Methodologies, and Tools", Switzerland: Springer Cham, volume 13300, 2022, XI, 257.
See publication
Marek Amanowicz, Sebastian Szwaczyk, Konrad Wrona, "Data-Centric Security in Software Defined Networks (SDN)", Springer, eBook, 2024,
See publication
Anna Felkner, Youki Kadobayashi, Marek Janiszewski, Stefano Fantin, Jose Francisco Ruiz, Adam Kozakiewicz, Gregory Blanc, "Cybersecurity Research Analysis Report of Europe and Japan", Switzerland: Springer International Publishing, Vol. 75, 2021, XIV, 172.
See publication