Skip to content

CyberSec Lab:UM

CyberSec Lab: UM is a multidisciplinary team of researchers, developers and consultants who design, develop and evaluate cybersecurity solutions and services. Our activities are aimed at promoting and facilitating the use of appropriate security and protection mechanisms related to ICT technology. 

Our mission is to raise the level of information/cybersecurity, awareness of privacy and data protection, and to provide state-of-the-art knowledge and know-how enriched with good practices.

Projekti

  • CyberSec4Europe - Cybersecurity for Europe, Horizon 2020 project, 2019 - 2022

    In February 2019, as a part of the Horizon 2020 program, the CyberSec4Europe project was launched. The main objective of the project is to establish and operate a pilot for a Cybersecurity Competence Network with the aim to strengthen research and deepen cooperation in the field of cyber security in the EU. Part of the project consortium with 43 partners from 22 EU Member States and associated countries is also the Laboratory of Data Technologies, Institute of Informatics, Faculty of Electrical Engineering and Computer Science, University of Maribor. CyberSec4Europe has been selected as one of four projects to establish and operate a pilot for a Cybersecurity Competence Network and to develop and implement a common cybersecurity research and innovation roadmap. With its goal to boost the effectiveness of the Security Union, the EU wishes to ensure that it retains and develops essential capacities to secure its digital economy, infrastructures, society and democracy. The EU has recognised that cybersecurity research, competences and investments are spread across Europe with too little alignment, and that there is an urgent need to step up investment in technological advancements that could make the Digital Single Market more cybersecure and overcome the fragmentation of the EU research capacities. The projects will pilot and demonstrate the possibilities of operating and managing a network of competence centres through the use of good practices resulting from the expertise of the project partners.

  • CONCORDIA - Cyber Security Competence for Research and Innovation, Horizon 2020 project, 2019 - 2022

    CONCORDIA is a major H2020 consortium to interconnect Europe’s Cybersecurity capabilities. It will establish a pilot for a Cybersecurity Competence Network and will lead the development of a common Cybersecurity Research & Innovation Roadmap for Europe. A dedicated EU-wide consortium involving prominent industry, academia, SMEs and especially national cyber security centers launches the H2020 project CONCORDIA (Cyber Security Competence for Re-search and Innovation). CONCORDIA will pilot an EU Cybersecurity Competence Network to provide technological, societal and policy leadership for Europe. CONCORDIA aims to implement a common Cybersecurity Research & Innovation Roadmap for Europe. CONCORDIA is a four-year multi-disciplinary research and innovation project, and will play a leadership role in boosting the effectiveness of EU’s security union. The project, started in January 2019, is coordinated by the Research Institute CODE from the Bundeswehr University Munich and involves 46 partners in total. “With CONCORDIA we are integrating cybersecurity competences to enhance Europe's digital sovereignty”, said Prof. Gabi Dreo (who received her Bachelor’s degree at the Faculty of Electrical Engineering and Computer Science at the University of Maribor), executive director of CODE. The consortium includes 23 partners from industry and other organizations, and 23 partners from academia.

  • An analysis of models predicting privacy and self-disclosure on social networks, bilateral project with the School of Information Sciences, University of Pittsburgh, Pittsburgh, USA, 2019 - 2021

    In the scope of the project, a literature review and analysis will be done with the aim of identification and evaluation of factors, which have an effect on disclosure and comprehension of privacy. An objective of the proposed project is to discover possible effects on disclosure of personal information on social networking sites and effects on users’ comprehension of privacy. There are many possibilities for development of new research contents in the field of social networking sites and the proposed project could help to better understand users while they are using social networking sites and could have an effect on following research. Based on the results recommendations for raising awareness and information security will be formed.

  • Privacy-preserving Distributed Data Processing for IoT applications, bilateral project with the School of Information Sciences, University of Pittsburgh, Pittsburgh, ZDA, 2018 - 2019

    In this project, we aim at addressing some of the key challenges of secure and privacy-preserving processing of distributed data in IoT systems. The proposed effort will conduct an analysis of the current state of the art, an analysis of the relative merits and demerits of potential candidate solutions in terms of performance efficiency, security and privacy guarantees and usability. In particular, the study will focus on a novel application of two classical private query processing techniques namely (i) differential privacy and (ii) query processing over encrypted data. In contrast to traditional methods, the proposed approach aims to develop a unique combination of differential privacy with encryption-based private data processing in order to achieve a fine tradeoff between the overhead of data processing and the level of security/privacy guaranteed by the scheme.

  • Security of multi-agent systems, bilateral project with the Univerzitet u Novom Sadu, Fakulteta tehničkih nauka, Novi Sad, Srbija, 2016 - 2017

    Software agents are executable software entities which are characterized by autonomous behaviour, interaction with other agents, reactivity to environmental changes, and the ability to take the initiative and express goal-directed behaviour. As agent perform different tasks and are situated in different environments, there are several parts in which security plays and important role: message exchange, agent mobility and agent framework signalling. These three main aspects need adequate security measures. Messages between agents should be encrypted and signed. When an agent moves from one node to another, the agent source code and the internal state are transferred. In both cases the data has to be encrypted and signed. All types of messages exchanged between agent frameworks also have to be protected meaning that cryptography has to be applied. The goal and main contribution of the project would include building an infrastructure for the secure agent framework which would address the security issues raised.

  • Security Issues of Data Analysis, bilateral project with the School of Information Sciences, University of Pittsburgh, Pittsburgh, ZDA, 2015 - 2016

    The project aims to address the security issues of data analysis, more specifically possibilities of data protections with means of cryptography. The analysis of the current state of research has to be conducted, followed by a critical review of proposed data protection methods, their benefits and drawbacks. Based on the finding, guidelines, technologies or best practices of data protection in data analysis would be developed. Performance plays an important role when security measures are applied and this has to be considered. In this sense the combined research experience and efforts of both partners in the project will provide a fundament for exchange of ideas and research results of the participating institutions and will enable both partners to facilitate the development of new findings as well as better understanding of both research topics and their matching.

Theses

Publications

Members of Working Groups and Professional Bodies

In the Media​

Guest Lectures

  • Hölbl, Marko, Nemec Zlatolas, Lili, Taneski, Viktor, Turkanović, Muhamed. Kibernetska varnost v vsakdanjem življenju, delavnica za nadarjene dijake na UM FERI, 26.-28. 4. 2021.
  • Hölbl, Marko, Taneski, Viktor. Najpogostejše ranljivosti spletnih aplikacij, delavnice za Sekcije za Kibernetsko Varnost (SeKV), Združenje za informatiko in telekomunikacije (ZIT), IKT Horizontalno mrežo - Gospodarska zbornica Slovenije (GZS), 25.3.2020
  • Hölbl, Marko. Pitfalls when embedding cryptography into applications, predavanje na online Konferenci etičnega hekinga HEK.SI 2021, online, 11. 2. 2021.
  • Hölbl, Marko. Testiranje phishing napadov, okrogla miza na online Konferenci etičnega hekinga HEK.SI 2021, online, 12. 2. 2021.
  • Hölbl, Marko. Cybersecurity for Europe: fostering rights through technology, online panel at 14th international conference on computer privacy & data protection - CPDP 2021, Enforcing rights in a changing world, 27 - 29 Jan 2021, Bruxel, Belgium.
  • Hölbl, Marko, Taneski, Viktor. Varnost spletnih rešitev, delavnica za Šolski center Celje, 16.2.2018.
  • Hölbl, Marko. (Ne)uporabnost tehnologije veriženja podatkovnih blokov, predavanje na Agenciji za komunikacijska omrežja in storitve Republike, Slovenije, Ljubljana, 4. 12. 2018.
  • Kežmah, Boštjan. Vpliv Uredbe eIDAS na elektronsko poslovanje v Sloveniji , predavanje na posvetu Slovenskega društva INFORMATIKA - Digitalna varnost, UM FERI, Maribor, 10. 1. 2017.
  • Nemec Zlatolas, Lili. Disclosure of personal information on Facebook and privacy related issues, predavanje na Carnegie Mellon University, CUPS lab, Pittsburgh, Pensilvania ZDA, 1. 12. 2015.
  • Hölbl, Marko. Review of existing European practice for Cyber security education, predavanje na posvetu INFOFEST - 21st festival of information technology achievements, Budva, Črna Hora, 30. 9. 2014.
  • Nemec Zlatolas, Lili. Facebook and privacy, predavanje na Helsinki Institute for information technology HIT, Helsinki, Finska, 9. 5. 2012.

Team

Assist. Prof. Marko Hölbl, PhD

  • applied cryptography
  • security protocols
  • security and privacy of IoT
  • user aspect of security
  • privacy
  • distributed ledger technology and blockchain

Assist. Prof. Muhamed Turkanović, PhD

  • applied cryptography
  • big data
  • distributed ledger technology and blockchain
  • smart contracts
  • security and privacy of IoT
  • security protocols
  • databases

Sen. Lect. Boštjan Kežmah, PhD

  • legal aspects of cybersecurity
  • security protocols

Marko Kompara​, PhD

  • applied cryptography
  • security protocols security
  • and privacy of IoT

Asist. Prof. Lili Nemec Zlatolas, PhD

  • user aspects on security
  • privacy
  • security & privacy in social networking sites
  • security & privacy of mobile applications

Prof. Tatjana Welzer, PhD

  • databases
  • conceptual modelling
  • cybsercurity education
  • ethical aspects of cybersecurity

assist. Nika Jeršič

  • user aspects on security
  • cybersecurity training
  • digital forensics
  • online privacy and security

assist. Viktor Taneski

  • passwords
  • user aspects on security
  • authentication methods

About Us

Social Networks

Facebook Twitter

Contact

Where to find us?