WEITI » Research » News »

Our Faculty’s first implementation doctorate

Grafika przedstawiająca system Mixway

Grzegorz Siewruk, PhD, Eng, has designed and built the Mixeway system, which significantly improves the security of applications operating in the infrastructure of telecommunication operators. More than 20,000 people have already used the solution, developed as a result of the first successfully defended implementation doctorate at our Faculty.

The required security tests may be run more than 30 times more frequently, while the time necessary to deliver a report to the development team can be cut by more than 90% – all thanks to the Mixeway system, developed by Grzegorz Siewruk, PhD, Eng, and implemented at Orange Polska. The solution, which has been used by more than 20,000 people so far, is the result of an implementation doctorate completed under the supervision of Professor Wojciech Mazurczyk of the Institute of Computer Science, Faculty of Electronics and Information Technology of the WUT.

“This is the first successfully defended implementation doctorate in the history of our Faculty. And defended with merit at that" - emphasized Professor Wojciech Mazurczyk - "Thanks to the solution developed by Mr Grzegorz Siewruk, PhD, Eng, telecom operators now have a tool to significantly improve the security of their critical infrastructure. Our research included an analysis of the use of machine learning mechanisms for the classification of security vulnerabilities detected by software testing solutions. In other words, we were trying to identify gaps and then to develop a mechanism to determine which of the detected problems require action and which are false alarms. More than 10,000 resources were tested, including online apps and source code repositories, where more than 40,000 security vulnerabilities were detected. The numbers speak for themselves, reflecting the importance of this achievement.”

Today, telecom operators have to deal with an incredible amount of data and are especially prone to cyberattacks. For them to keep offering top quality services, their infrastructure must meet a series of strict security requirements. Growing transfer speeds and amounts of data also require ever more efficient solutions based on artificial intelligence algorithms.

“To efficiently work under such conditions, it is necessary to have a tool to administer the entire vulnerability management process. Mixeway is just such an orchestrator of all the tools wielded by a telecom operator to enable automatic verification of ICT system safeguards” explains Grzegorz Siewruk, PhD, Eng. - “You can say that it is in charge of the security of the entire host of tools which protect the effective implementation of new app versions.”

Mechanisms which verify online app and software security have a significant impact on the security of the entire organisation. It is estimated that more than 50% of events which have resulted in an information leak or unauthorized access to an IT system happened due to security gaps in business processes or apps. They have led to enormous losses. Research shows that the cost of removing an error detected during programming is more than ten times lower than at the stage of implementation, as well as disproportionately smaller than any losses which may be caused by the error being overlooked altogether.

Mixeway has already received two awards, both locally and globally (Orange Group). The results of the work have also been used in the ”Context-Aware Software Vulnerability Classification Using Machine Learning“ publication in 2021, and presented at industry conferences, including: PLNOG19, What The H@ck 2019, Advanced Threat Summit 2020.