Projects

Automated attack processing

Czech title:Automatizované zpracování útoků
Reseach leader:Švéda Miroslav
Team leaders:Barabas Maroš, Drahanský Martin, Drozd Michal, Hanáček Petr, Chmelař Petr, Orság Filip
Team members:Antal Lukáš (FIT VUT), Bláha Lukáš (FIT VUT), Homoliak Ivan (FIT VUT)
Agency:Ministry of Industry and Trade of the Czech Republic
Code:FR-TI1/037
Start:2009-10-01
End:2013-09-30
Keywords:Enterprise networks, Honeypot, KDD-99, behavioral model, signatures
Annotation:
Large-scale computer networks resilience against attacks and malware -- development and implementation of a new method for automatic detection of attacks and malware

Products

2013High interaction Honeypot with taint analysis, software, 2013
Authors: Barabas Maroš, Drozd Michal, Homoliak Ivan, Chmelař Petr
2011Linux based Honeypot, software, 2011
Authors: Mlčoch Tomáš, Chmelař Petr, Richter Jan

Related projects

2008Safety and security of networked embedded system applications, GACR, GA102/08/1429, 2008-2010, completed
Research leader: Srovnal Vilém
Team leaders: Bílek Jan, Švéda Miroslav
2007Security-Oriented Research in Information Technology, CEZ MŠMT, MSM0021630528, 2007-2013, completed
Research leader: Hruška Tomáš
Team leaders: Burget Lukáš, Burget Radek, Cvrček Daniel, Černocký Jan, Češka Milan, Drahanský Martin, Dvořák Václav, Fučík Otto, Hanáček Petr, Herout Adam, Hrubý Martin, Janoušek Vladimír, Jaroš Jiří, Kočí Radek, Kolář Dušan, Kořenek Jan, Kotásek Zdeněk, Kršek Přemysl, Křena Bohuslav, Kunovský Jiří, Martínek Tomáš, Masopust Tomáš, Matějka Pavel, Matoušek Petr, Meduna Alexander, Očenášek Pavel, Orság Filip, Růžička Richard, Ryšavý Ondřej, Sekanina Lukáš, Smrž Pavel, Strnadel Josef, Švéda Miroslav, Vojnar Tomáš, Zbořil František, Zbořil František V., Zemčík Pavel, Zendulka Jaroslav

Preceding projects

2005A Framework for Formal Specifications and Prototyping of Information System's Network Applications, GACR, GA102/05/0723, 2005-2007, completed
Research leader: Švéda Miroslav
Team leaders: Hruška Tomáš, Zendulka Jaroslav
2004Information system security - research of attacks on tamper-resistant cryptographic hardware, GACR, GA102/04/0871, 2004-2006, completed
Research leader: Hanáček Petr
Team leaders: Cvrček Daniel, Hrubý Martin, Hruška Tomáš, Peringer Petr, Rábová Zdeňka
 Reputation-based Security in Information Systems, MŠMT CR, 1K04106, 2004-2007, completed
Research leader: Hanáček Petr
Team leaders: Cvrček Daniel

Publications

2013BARABAS Maroš, HOMOLIAK Ivan, DROZD Michal and HANÁČEK Petr. Automated Malware Detection Based on Novel Network Behavioral Signatures. International Journal of Engineering and Technology. Singapore: International Association of Computer Science and Information Technology, 2013, vol. 5, no. 2, pp. 249-253. ISSN 1793-8236.
 HOMOLIAK Ivan, BARABAS Maroš, CHMELAŘ Petr, DROZD Michal and HANÁČEK Petr. ASNM: Advanced Security Network Metrics for Attack Vector Description. In: Proceedings of the 2013 International Conference on Security & Management. Las Vegas: Computer Science Research, Education, and Applications Press, 2013, pp. 350-358. ISBN 1-60132-259-3.
 HOMOLIAK Ivan, BARABAS Maroš, CHMELAŘ Petr, DROZD Michal and HANÁČEK Petr. Advanced Security Network Metrics. Emerging Trends in ICT Security. Waltham: Elsevier Science, 2013, pp. 187-202. ISBN 978-0-12-411474-6.
 OČENÁŠEK Pavel and ŠVÉDA Miroslav. On the Effective Internet Communication Filtering. Applied Mechanics and Materials. Zurich: Trans Tech Publications Inc., 2013, vol. 2013, no. 307, pp. 478-481. ISSN 1660-9336.
 ŠVÉDA Miroslav and RYŠAVÝ Ondřej. Dependable Cyber-Physical Systems Networking: An Approach for Real-Time, Software Intensive Systems. In: Programmable Devices and Embedded Systems. Laxenburg: IFAC, 2013, pp. 1-4. ISBN 978-3-902823-21-2. ISSN 1474-6670.
 ŠVÉDA Miroslav. Time in Cyber-Physical Systems: Specifications, Modeling and Measurements. In: Proceedings of the SCSI 2013. Rhodes Island: European Society for Environmental Research and Sustainable Development, 2013, pp. 413-419. ISBN 978-1-61804-204-0.
2012BARABAS Maroš, DROZD Michal and HANÁČEK Petr. Behavioral signature generation using shadow honeypot. World Academy of Science, Engineering and Technology. 2012, vol. 2012, no. 65, pp. 829-833. ISSN 2010-376X.
 CHMELAŘ Petr, ŠEBEK Michal and ZENDULKA Jaroslav. ReTIN: Indexing Schema for Soft Real-Time Data Streams. In: CISSE Conference 2012. Bridgeport, 2012, pp. 1-6.
 OČENÁŠEK Pavel and ŠVÉDA Miroslav. Analysis and Filtering of Network Communication in ISP Firewalls. In: Proceedings of the Third International Conference on Theoretical and Mathematical Foundations of Computer Science. Denpasar: Information Engineering Research Institute, 2012, pp. 1-4.
 VESELÝ Vladimír and ŠVÉDA Miroslav. L2 protocols in OMNeT++. IP Networking 1 -- Theory and Practice. Žilina: Zilina University Publisher, 2012, pp. 37-40. ISBN 978-80-554-0494-3.
 ŠVÉDA Miroslav, RYŠAVÝ Ondřej, DE Silva Gayan, MATOUŠEK Petr and RÁB Jaroslav. Static Analysis of Routing and Firewall Policy Configurations. In: e-Business and Telecommunications. Heidelberg: Springer Science+Business Media B.V., 2012, pp. 39-53. ISBN 978-3-642-25205-1. ISSN 1865-0929.
 ŠVÉDA Miroslav, SEKLETÁR Michal, FIDLER Tomáš and RYŠAVÝ Ondřej. A High-level Network-wide Router Configuration Language. In: Proceedings ICN 2012. Saint Gilles, Reunion Island: International Academy, Research, and Industry Association, 2012, pp. 18-21. ISBN 978-1-61208-183-0.
2011DROZD Michal, BARABAS Maroš, GRÉGR Matěj and CHMELAŘ Petr. Buffer Overflow Attacks Data Acquisition. In: Proceedings of the 6th IEEE International Conference on IDAACS 2011. Praha: Institute of Electrical and Electronics Engineers, 2011, pp. 775-779. ISBN 978-1-4577-1423-8.
 ŠVÉDA Miroslav, RYŠAVÝ Ondřej and MATOUŠEK Petr. Supporting Safe and Secure Networked System Design. In: Computer Aided Systems Theory (EUROCAST´11), Extended Abstracts. Las Palmas de Gran Canaria: The Universidad de Las Palmas de Gran Canaria, 2011, pp. 22-23. ISBN 978-84-693-9560-8.
 ŠVÉDA Miroslav, RYŠAVÝ Ondřej, DE Silva Gayan, MATOUŠEK Petr and RÁB Jaroslav. Reachability Analysis in Dynamically Routed Networks. In: Proceedings of the IEEE ECBS 2011. Piscataway, NJ: IEEE Computer Society, 2011, pp. 197-205. ISBN 978-0-7695-4379-6.
 ŠVÉDA Miroslav. Design Experience with Routing SW and Related Applications. In: Proceedings of The Tenth International Conference on Networks - ICN 2011. St. Maarten: International Academy, Research, and Industry Association, 2011, pp. 133-138. ISBN 978-1-61208-002-4.
2010KORNECKI Andrew J., GREGA Wojciech, HILBURN Thomas B., THIRIET Jean-Marc, ŠVÉDA Miroslav, RYŠAVÝ Ondřej and PILAT Adam. Transatlantic Engineering Programs: An Experience in International Cooperation. Safeeullah Soomro (Editor): Engineering the Computer Science and IT. Vienna: IN-TECH Education and Publishing, 2010, pp. 65-84. ISBN 978-953-307-012-4.
 PIWKO Karel, CHMELAŘ Petr, HERNYCH Radim and KUBÍČEK Daniel. NAXD: Native XML Interface for a Relational Database. In: XML Prague Conference Proceedings. Prague: Charles University, 2010, pp. 307-316. ISBN 978-80-7378-115-6.
 ŠVÉDA Miroslav and TRCHALÍK Roman. Development of Interconnecting SW for Intranets and Fieldbuses. IFAC-PapersOnLine. Laxenburg: IFAC, 2010, vol. 2010, no. 10, pp. 119-124. ISSN 1474-6670.
 ŠVÉDA Miroslav, RYŠAVÝ Ondřej, MATOUŠEK Petr and RÁB Jaroslav. An Approach for Automated Network-Wide Security Analysis. In: Proceedings of the Ninth International Conference on Networks ICN 2010. Les Menuires: IEEE Computer Society, 2010, pp. 294-299. ISBN 978-0-7695-3979-9.
 ŠVÉDA Miroslav, RYŠAVÝ Ondřej, MATOUŠEK Petr, RÁB Jaroslav and ČEJKA Rudolf. SECURITY ANALYSIS OF TCP/IP NETWORKS -- An Approach to Automatic Analysis of Network Security Properties. In: Proceedings of the International Conference on Data Communication Networking ICETE-DCNET 2010. Athens: Institute for Systems and Technologies of Information, Control and Communication, 2010, pp. 5-11. ISBN 978-989-8425-25-6.
 ŠVÉDA Miroslav. Fault Management Driven Design with Safety and Security Requirements. In: Proceedings 17th IEEE International Conference and Workshops on Engineering of Computer-Based Systems ECBS 2010. Oxford: IEEE Computer Society, 2010, pp. 113-120. ISBN 978-0-7695-4005-4.
 ŠVÉDA Miroslav. NETWORK CONVERGENCY AND MODELING -- Design Experience with Routing SW for Intranets and Fieldbusses. In: Proceedings of the Fifth International Conference on Software and Data Technologies, ICSOFT 2010. Athens: Institute for Systems and Technologies of Information, Control and Communication, 2010, pp. 173-178. ISBN 978-989-8425-22-5.
2009DROZD Michal. Bezpečnost: 1:0 pro malware?. DSM Data Security Management. 2009, vol. 13, no. 4, pp. 16-19. ISSN 1211-8737.
 ŠVÉDA Miroslav, KORNECKI Andrew J., HILBURN Thomas B., GREGA Wojciech, THIRIET Jean-Marc and RYŠAVÝ Ondřej. Real-Time Software-Intensive Systems Engineering: An International Perspective. In: European Association for Education in Electrical and Information Engineering Council's Annual Conference 2009. Valencia: Politechnical University of Valencia, 2009, p. 6. ISBN 978-84-8363-428-8.
 ŠVÉDA Miroslav. Fault Management for Secure Embedded Systems. In: International Conference on Systems Proceedings, ICONS 2009. New York, NY: IEEE Computer Society, 2009, pp. 23-28. ISBN 978-0-7695-3551-7.
 ŠVÉDA Miroslav. Safe and Secure Networked Embedded Applications. In: Proceedings of the 4th International Conference on Broadband Communication. Wroclaw: Institute of Electrical and Electronics Engineers, 2009, p. 6. ISBN 978-83-7493-405-3.