Modern Tools for Detection and Mitigation of Cyber Criminality on the New Generation Internet

Reseach leader:Matoušek Petr
Team leaders:Herout Adam, Kořenek Jan, Lampa Petr, Martínek Tomáš, Podermański Tomáš (CVIS VUT), Ryšavý Ondřej, Zemčík Pavel
Team members:Čejka Rudolf, Grégr Matěj, Hažmuk Ivo (CVIS VUT), Kajan Michal, Kajan Rudolf, Kašpárek Tomáš, Kaštil Jan, Korček Pavol, Michal Bohumil, Polčák Libor, Ráb Jaroslav, Řezníček Ivo, Skokanová Jana, Veselý Vladimír, Záhořík Vladimír (CVIS VUT), Žádník Martin
Agency:MV
Code:VG20102015022
Start:2010
End:2015
Keywords:IPv6 security, network monitoring, data flow analysis, IPv6 identity, multimedia data extraction, accelerated hardware
Annotation:
The project aims at research and development of tools for monitoring of network traffic, analysis of the records of network traffic, and methods of securing of local networks. The focus is on the new generation networks that exploit IPv6 protocol.

Products

2014Database of samples of VoIP communication with different codecs, software, 2014
Authors: Kmeť Martin, Matoušek Petr
 IP core for application development support on the hetoregous platforms, software, 2014
Authors: Viktorin Jan, Korček Pavol
 Packet filtr for network traffic at 100 Gbps line rate, software, 2014
Authors: Kekely Lukáš, Kořenek Jan, Žádník Martin
2013A tool for monitoring of IPv6 control protocols, software, 2013
Authors: Lampa Petr
 Client of the Content of Communication Control Interface protocol, software, 2013
Authors: Viktorin Jan
 Detector of RTP traffic, software, 2013
Authors: Kmeť Martin, Matoušek Petr
 Functional sample of highspeed network probe designed for monitoring of IPv6 traffic, specimen, 2013
Authors: Kekely Lukáš, Žádník Martin, Kořenek Jan
 H.323 Visualizer, software, 2013
Authors: Karpíšek Filip, Matoušek Petr
 LDP - LIS Deception Proxy 2013, software, 2013
Authors: Hranický Radek, Polčák Libor
 LNC - LIS Noise Cleaner 2013, software, 2013
Authors: Hranický Radek, Polčák Libor
 Microprobe for monitoring of gigabit networks, specimen, 2013
Authors: Korček Pavol, Košař Vlastimil, Viktorin Jan, Fukač Tomáš, Kekely Michal, Kořenek Jan
 ndtrack, software, 2013
Authors: Holkovič Martin, Polčák Libor
 Netfox.Framework - Network traffic decoder and content analyzer, software, 2013
Authors: Pluskal Jan, Veselý Vladimír, Ryšavý Ondřej, Matoušek Petr
 Perl API for manipulating with nfdump files, software, 2013
Authors: Podermański Tomáš, Grégr Matěj
 Perl implementation of Longest Prefix Match algorithm, software, 2013
Authors: Podermański Tomáš, Ministr Martin
 System for data accounting in local IPv6 networks, prototype, 2013
Authors: Grégr Matěj, Podermański Tomáš, Šoltés Miroslav
 S6N Content Visualizer, software, 2013
Authors: Kajan Rudolf, Zachariáš Michal
 VoIP PER Decoder for H.323, software, 2013
Authors: Karpíšek Filip, Matoušek Petr
2012Device Tree Library, software, 2012
Authors: Korček Pavol, Viktorin Jan
 Embedded development platform for gigabit network applications based on FPGA, specimen, 2012
Authors: Korček Pavol, Kořenek Jan, Šimek Václav
 HTTP ReconProxy - Content caching tool for traffic reconstruction, software, 2012
Authors: Olbert Jakub, Veselý Vladimír, Ryšavý Ondřej
 HWIO Library, software, 2012
Authors: Korček Pavol, Viktorin Jan, Matoušek Denis
 IMMC - Instant Messaging Metadata Creator, software, 2012
Authors: Bárta Stanislav, Polčák Libor
 IPv6 transition techniques monitoring tool, software, 2012
Authors: Grégr Matěj, Podermański Tomáš
 LDP - LIS Deception Proxy, software, 2012
Authors: Hranický Radek, Polčák Libor
 LNC - LIS Noise Cleaner, software, 2012
Authors: Hranický Radek, Polčák Libor
 PCAPMerger - Tool for chronological merging of multiple PCAP files, software, 2012
Authors: Veselý Vladimír
 pcf - PC fingerprinter, software, 2012
Authors: Jirásek Jakub, Polčák Libor
 Realiable and secure NetFlow transport, software, 2012
Authors: Podermański Tomáš, Štěpánek Adam, Grégr Matěj
2011First-stage SD card bootloader for FPGA-based processors, software, 2011
Authors: Košař Vlastimil, Korček Pavol
2010Network benchmarks for embedded processors, software, 2010
Authors: Korček Pavol, Kořenek Jan, Špinler Martin, Kekely Lukáš, Matoušek Denis, Viktorin Jan

Publications

2014COUFAL, Z. and POLČÁK, L. Anonymizační síť Tor. FIT-TR-2014-02, Brno: Faculty of Information Technology BUT, 2014.
 GRÉGR, M., PODERMAŃSKI, T. and ŠVÉDA, M. Measuring Quality and Penetration of IPv6 Services. In: The Tenth International Conference on Networking and Services. 74400 CHAMONIX MONT-BLANC: Institute for Systems and Technologies of Information, Control and Communication, 2014, pp. 96-101. ISBN 978-1-61208-330-8.
 KEKELY, L., ŽÁDNÍK, M., MATOUŠEK, J. and KOŘENEK, J. Fast Lookup for Dynamic Packet Filtering in FPGA. In: 17th IEEE Symposium on Design and Diagnostics of Electronic Circuits and Systems. Warszawa: IEEE Computer Society, 2014, pp. 219-222. ISBN 978-1-4799-4558-0.
 MATOUŠEK, P., KMEŤ, M. and BASEL, M. On-line Monitoring of VoIP Quality Using IPFIX. In: KTTO 2014. Ostrava, 2014, pp. 123-234.
 MATOUŠEK, P., RYŠAVÝ, O. and KMEŤ, M. Fast RTP Detection and Codecs Classification in Internet Traffic. In: ICDF2C. New Haven, 2014, pp. 123-234.
 MATOUŠEK, P., RYŠAVÝ, O., GRÉGR, M. and VYMLÁTIL, M. Towards Identification of Operating Systems from the Internet Traffic. IPFIX Monitoring with Fingerprinting and Clustering. In: DCNET2014. Wien, 2014, pp. 123-234.
 PLUSKAL, J. NetFox - The network forensic extandable analysis tool. In: 6th AFCEA Student Conference Future of Information and Communication Technology. Bucharest: University Politehnica of Bucharest, 2014, pp. 68-71. ISBN 978-606-551-047-0.
 PLUSKAL, J. NetFox.Framework - The network forensic extandable analysis tool. In: Proceedings of the 20th Conference STUDENT EEICT 2014 Volume 2. Brno: Brno University of Technology, 2014, pp. 280-282. ISBN 978-80-214-4923-7.
 POLČÁK, L. Challenges in Identification in Future Computer Networks. In: ICETE 2014 Doctoral Consortium. Wien: SciTePress - Science and Technology Publications, 2014, pp. 15-24.
 POLČÁK, L. and FRANKOVÁ, B. On Reliability of Clock-skew-based Remote Computer Identification. In: Proceedings of the 11th International Conference on Security and Cryptography. Wien: SciTePress - Science and Technology Publications, 2014, pp. 291-298. ISBN 978-989-758-045-1.
2013DRAŽIL, J., KORČEK, P., VIKTORIN, J. and KOŠAŘ, V. Testování skriptovacích jazyků a webových serverů na procesoru Xilinx MicroBlaze a ARM Cortex-A9. FIT-TR-2013-04, Brno, 2013.
 KORČEK, P. uG4-150 embedded platform for wire-speed network packet processing. FIT-TR-2013-03, Brno: Faculty of Information Technology BUT, 2013.
 KOVÁČIK, M., KAJAN, M. and ŽÁDNÍK, M. Detecting IP-spoofing by modelling history of IP address entry points. In: Emerging Management Mechanisms for the Future Internet. Barcelona: Springer Verlag, 2013, pp. 73-83. ISBN 978-3-642-38997-9. ISSN 0302-9743.
 PODERMAŃSKI, T. S IPv6 na věčné časy a nikdy jinak. Praha, 2013.
 POLČÁK, L., HOLKOVIČ, M. and MATOUŠEK, P. A New Approach for Detection of Host Identity in IPv6 Networks. In: Proceedings of the 4th International Conference on Data Communication Networking, 10th International Conference on e-Business and 4th International Conference on Optical Communication Systems. Reykjavík: SciTePress - Science and Technology Publications, 2013, pp. 57-63. ISBN 978-989-8565-72-3.
 POLČÁK, L., HRANICKÝ, R. and MATOUŠEK, P. Hiding TCP Traffic: Threats and Counter-measures. In: Security and Protection of Information 2013, Proceedings of the Conference. Brno: Brno University of Defence, 2013, pp. 83-96. ISBN 978-80-7231-922-0.
 POLČÁK, L., JIRÁSEK, J. and MATOUŠEK, P. Comment on "Remote Physical Device Fingerprinting". IEEE Transactions on Dependable and Secure Computing. Los Alamitos: IEEE Computer Society, 2013, vol. 99, no. 99, pp. 1-3. ISSN 1545-5971.
 VESELÝ, V., RYŠAVÝ, O. and ŠVÉDA, M. IPv6 Unicast and IPv4 Multicast Routing in OMNeT++. In: Proceedings of the IEEE 6th International ICST Conference on Simulation Tools and Techniques. Cannes: International Communication Sciences and Technology Association, 2013, pp. 1-4. ISBN 978-1-936968-47-3.
 VIKTORIN, J., KORČEK, P., KOŠAŘ, V. and KOŘENEK, J. Framework for Fast Prototyping of Applications running on Reconfigurable Systems on Chip. In: Proceedings of the 2013 Conference on Design & Architectures for Signal & Image Processing. Cagliari: European Electronic Chips & Systems design Initiative, 2013, pp. 355-356. ISBN 979-10-92279-01-6.
2012GRÉGR, M. Analysis of tunneled traffic. Brno, 2012.
 GRÉGR, M. Testing implementations of NAT66. Helsinki, 2012.
 GRÉGR, M., PODERMAŃSKI, T. and ŠOLTÉS, M. Flow Based Monitoring of IPv6. Brno, 2012.
 GRÉGR, M., PODERMAŃSKI, T. and ŠVÉDA, M. Deploying IPv6 - practical problems from the campus perspective. Reykjavik, 2012.
 GRÉGR, M., PODERMAŃSKI, T. and ŠVÉDA, M. User identification in IPV6 network. IP Networking 1 -- Theory and Practice. Žilina: Zilina University Publisher, 2012, pp. 5-8. ISBN 978-80-554-0494-3.
 KAJAN, M., KORANDA, K. and POLČÁK, L. Spolehlivá a zabezpečená komunikace v rámci systému pro zákonné odposlechy. FIT-TR-2012-007, Brno: Faculty of Information Technology BUT, 2012.
 KEKELY, L. and ŽÁDNÍK, M. Hardwarově akcelerovaná sonda pro legální odposlechy. FIT-TR-2012-005, Brno: Faculty of Information Technology BUT, 2012.
 KORČEK, P. and ŽÁDNÍK, M. Lightweight benchmarking of platforms for network traffic processing. In: Proceedings of the 2012 IEEE 15th International Symposium on Design and Diagnostics of Electronic Circuits and Systems (DDECS). Tallin: IEEE Computer Society, 2012, pp. 278-283. ISBN 978-1-4673-1185-4.
 KOŘENEK, J., KORČEK, P., KOŠAŘ, V., ŽÁDNÍK, M. and VIKTORIN, J. A New Embedded Platform for Rapid Development of Networking Applications. In: Proceedings of the 2012 Seventh ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS 2012). Austin: IEEE Computer Society, 2012, pp. 81-82. ISBN 978-1-4503-1684-2.
 MARTÍNEK, T., KRAMOLIŠ, P., HOLKOVIČ, M. and POLČÁK, L. Dynamická identifikace uživatelů v prostředí sítí IPv4 a IPv6. FIT-TR-2012-006, Brno: Faculty of Information Technology BUT, 2012.
 PODERMAŃSKI, T. IPv6 v praxi. Brno, 2012.
 PODERMAŃSKI, T. Security challenges in IPv6 from the campus perspective. Oslo, 2012.
 POLČÁK, L. and HRANICKÝ, R. Útoky na systémy pro zákonné odposlechy. FIT-TR-2012-008, Brno: Faculty of Information Technology BUT, 2012.
 VESELÝ, V. Comparison Study on Merging PCAP Files. In: Proceedings of the 18th Conference Student EEICT 2012 Volume 3. Brno: Faculty of Information Technology BUT, 2012, pp. 457-461. ISBN 978-80-214-4462-1.
 VESELÝ, V. Extended Comparison Study on Merging PCAP Files. ElectroScope. Plzeň: University of West Bohemia in Pilsen, 2012, vol. 2012, no. 5, pp. 1-6. ISSN 1802-4564.
 ŠVÉDA, M., RYŠAVÝ, O., DE, S., G., MATOUŠEK, P. and RÁB, J. Static Analysis of Routing and Firewall Policy Configurations. e-Business and Telecommunications. Heidelberg: Springer Science+Business Media B.V., 2012, pp. 39-53. ISBN 978-3-642-25205-1.
2011ELICH, M., GRÉGR, M. and ČELEDA, P. Monitoring of Tunneled IPv6 Traffic Using Packet Decapsulation and IPFIX. In: Traffic Monitoring and Analysis. Vienna: Springer Verlag, 2011, pp. 64-71. ISBN 978-3-642-20304-6.
 GRÉGR, M. and PODERMAŃSKI, T. Deploying IPv6 in University Campus Network - Practical Problems. Toulouse, 2011.
 GRÉGR, M. and PODERMAŃSKI, T. Monitoring datových toků IPv6. Praha, 2011.
 GRÉGR, M., MATOUŠEK, P., PODERMAŃSKI, T. and ŠVÉDA, M. Practical IPv6 Monitoring - Challenges and Techniques. In: Proceedings of the 12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011). Dublin: IEEE Computer Society, 2011, pp. 660-663. ISBN 978-1-4244-9220-6.
 GRÉGR, M., PODERMAŃSKI, T., ŠOLTÉS, M. and ŽÁDNÍK, M. Design of Data Retention System in IPv6 network. FIT-TR-2011-07, Brno: Faculty of Information Technology BUT, 2011.
 KORČEK, P., KOŠAŘ, V., ŽÁDNÍK, M., KORANDA, K. and KAŠTOVSKÝ, P. Hacking NetCOPE to run on NetFPGA-10G. In: Proceedings of the 2011 Seventh ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS 2011). Brooklyn, New York: IEEE Computer Society, 2011, pp. 1-2. ISBN 978-0-7695-4521-9.
 KOŘENEK, J., KORČEK, P. and KAŠTIL, J. Sondy pro monitorování provozu. FIT-TR-2011-09, Brno: Faculty of Information Technology BUT, 2011.
 PODERMAŃSKI, T. IPv6 - bezpečnostní hrozby. Brno, 2011.
 PODERMAŃSKI, T. IPv6 - mýty a skutečnost. Brno, 2011.
 PODERMAŃSKI, T. Security concerns and solutions with IPv6. Helsinki, 2011.
 PODERMAŃSKI, T. IPv6 - bezpečnostní hrozby (aneb IPSec to srovná). In: Sborník příspěvků z 38. konference EurOpen.CZ, 8.-11. května 2011. Plzeň: Czech Open Systems User's Group, 2011, pp. 37-50. ISBN 978-80-86583-21-1.
 PODERMAŃSKI, T. IPv6 Mýty a skutečnost, díl I. - Jak jsme na tom. Lupa.cz. Praha: Internet Info s.r.o, 2011, vol. 2011, no. 1, p. 9. ISSN 1213-0702.
 PODERMAŃSKI, T. IPv6 Mýty a skutečnost, díl II. - Adresový prostor. Lupa.cz. Praha: Internet Info s.r.o, 2011, vol. 2011, no. 1, p. 9. ISSN 1213-0702.
 PODERMAŃSKI, T. IPv6 Mýty a skutečnost, díl IX. - Quo Vadis, IPv6?. Lupa.cz. Praha: Internet Info s.r.o, 2011, vol. 2011, no. 1, p. 9. ISSN 1213-0702.
 PODERMAŃSKI, T. IPv6 Mýty a skutečnost: díl III. - podpora end-to-end služeb. Lupa.cz. Praha: Internet Info s.r.o, 2011, vol. 2011, no. 1, p. 9. ISSN 1213-0702.
 PODERMAŃSKI, T. and GRÉGR, M. IPv6 Mýty a skutečnost, díl IV. - Podpora autokonfigurace. Lupa.cz. Praha: Internet Info s.r.o, 2011, vol. 2011, no. 1, p. 9. ISSN 1213-0702.
 PODERMAŃSKI, T. and GRÉGR, M. IPv6 Mýty a skutečnost, díl V. - Zjednodušené hlavičky. Lupa.cz. Praha: Internet Info s.r.o, 2011, vol. 2011, no. 1, p. 6. ISSN 1213-0702.
 PODERMAŃSKI, T. and GRÉGR, M. IPv6 Mýty a skutečnost, díl VI. - Bezpečnostní mechanizmy. Lupa.cz. Praha: Internet Info s.r.o, 2011, vol. 2011, no. 1, p. 6. ISSN 1213-0702.
 PODERMAŃSKI, T. and GRÉGR, M. IPv6 Mýty a skutečnost, díl VIII. - Přechodové mechanizmy. Lupa.cz. Praha: Internet Info s.r.o, 2011, vol. 2011, no. 1, p. 7. ISSN 1213-0702.
 PODERMAŃSKI, T. and VESELÝ, V. IPv6 Mýty a skutečnost, díl VII. - Podpora Multicast a anycast provozu. Lupa.cz. Praha: Internet Info s.r.o, 2011, vol. 2011, no. 1, p. 10. ISSN 1213-0702.
 POLČÁK, L. Designing Lawful Interception System. In: Proceedings of the 17th Conference STUDENT EEICT 2011 Volume 3. Brno: Faculty of Information Technology BUT, 2011, pp. 569-573. ISBN 978-80-214-4273-3.
 POLČÁK, L., GRÉGR, M., KAJAN, M., MATOUŠEK, P. and VESELÝ, V. Designing Lawful Interception in IPv6 Networks. In: Security and Protection of Information. Brno: Brno University of Defence, 2011, pp. 114-126. ISBN 978-80-7231-777-6.
 POLČÁK, L., KRAMOLIŠ, P., KAJAN, M. and MARTÍNEK, T. Architektura systému pro zákonné odposlechy. FIT-TR-2011-008, Brno: Faculty of Information Technology BUT, 2011.
2010PODERMAŃSKI, T. Je libo IPv6 na přepínačích HP ProCurve ?. Lupa.cz. Praha: Internet Info s.r.o, 2010, vol. 2010, no. 1, p. 5. ISSN 1213-0702.
 PODERMAŃSKI, T. Redundance od síťové vrstvy až po zařízení (Maximum pro síťovou jistotu). CONNECT!. Brno: Computer Press, s.r.o, 2010, vol. 10, no. 4, pp. 18-20. ISSN 1211-3085.

Your IPv4 address: 54.90.93.170
Switch to IPv6 connection

DNSSEC [dnssec]