Security of Data and Services in Complex Networks
The PR 706 lab is a space dedicated to teaching and research activities within the Security of Complex Information Networks (SRIC) Masters program. The main goal of this lab is to provide students and researchers with an advanced technological environment for exploring and developing innovative solutions in the field of cybersecurity. Activities include detecting and preventing DDoS attacks, auditing the security of cloud infrastructures, developing advanced encryption mechanisms, and monitoring and detecting anomalies in computer networks. The lab also supports research on the integration of artificial intelligence in cyber security and the development of protection solutions for machine learning and AI models, thus contributing to the training of specialists able to address the challenges in this field.
Research services:
- Auditing security in cloud architectures.
- Detect and prevent Distributed Denial of Service (DDoS) attacks in complex networks.
- Early detection of cyber security vulnerabilities.
- Securing complex IT systems through advanced encryption and data protection mechanisms.
- Developing monitoring and anomaly detection solutions for computer networks.
- Integrating artificial intelligence (AI) into cyber security to optimize threat detection and response.
- Creating dedicated cybersecurity solutions to protect machine learning (ML) and artificial intelligence (AI) models against attacks and vulnerabilities.
Research projects:
- OPTIMIZE – Innovative Solution for Optimizing User Productivity through Multi-Modal Activity and Profile Monitoring (2021-2023)
- SOLUTII 25 – SCIPRO System for scanning and mapping IP resources in Romania with the aim of early cyberthreat detection (2024 – 2026)
The project Solutions 25 – SCIPRO aims to develop an information system that must have the capability of active scanning, identification and indexing of specific information belonging to resources and equipment exposed on the Internet, on the Romanian territory. The solution will be developed at hardware and software level and will implement functionalities such as: Web Crawling; Network Crawling; Port Scanning; Banner-Grabbing; Analysis of metadata available on the identified services; Database populated with CVE-type indicators of common vulnerabilities, used for the association of risk factors between them and the scanned information systems; Parallelized scanning component, through multiple instances of the scanning engines; Internet access to the solution will be provided through multiple outlets (multi-homing architecture) and the possibility to change the IP address in order to avoid generating large scanner traffic from a single IP address, which could lead to blacklisting of that address; Scanning will be performed automatically and periodically at defined time increments in order to maintain an up-to-date picture of the resources exposed in the Internet environment; Possibility to start a customized scan on demand by selecting specific IP addresses and ports. The information collected will be used to identify potential cyber threats that could affect the infrastructures indexed by the solution, providing visibility of the attack surface that a cyber attacker could exploit, with the objective of identifying and remediating them. The aim will be to keep a solution-wide record of cyber resources exposed in the Internet environment and associate them with common vulnerabilities by querying a vulnerability database correlated with the services identified on the scanned cyber resources. Statistical and relevant data on the most common points of exposure will also be sought.
- Prof. dr. ing. Răzvan Rughiniș
- Conf. dr. ing. Alexandru Radovici
- Ș.l. dr. ing. Flavia Oprea
- Ș.l. dr. ing. Florin Stancu
- Asist. drd. ing. Gabriel Badea
- Asist. drd. ing. Andrei Ouatu