Project Details
Analýza šifrovaného provozu pomocí síťových toků
Project Period: 1. 1. 2022 - 30. 6. 2025
Project Type: grant
Code: VJ02010024
Agency: Ministry of Interior of the Czech Republic
Program: Strategická podpora rozvoje bezpečnostního výzkumu ČR 20192025 (IMPAKT 1) PODPROGRAMU 1 SPOLEČNÉ VÝZKUMNÉ PROJEKTY (BV IMP1/2VS)
cyber security, network traffic monitoring, threat detection, SIEM, network flows, encrypted communication
The project focuses on the research of new methods of effective protection against cyber threats that misuse secured communication for compromise attacks such as servers and computers in the environment of high-speed networks. Machine learning methods suitable for determining the characteristics of the encrypted network flows and associated risks only from available metadata will be investigated. The system will be implemented using a hardware-accelerated traffic monitor and a software prototype for high-speed detection of security incidents and their reporting to the SIEM tool. Further, the incident analysis module in the form of a plug-in to the QRadar system will be developed. Additionally, the project outcomes will also include reference data sets of network traffic and a system for their collection and annotation.
Čiháková Lucie, Ing. (VCIT FIT VUT)
Foltová Jana, Mgr. (UPSY FIT VUT)
Fukač Tomáš, Ing. (UPSY FIT VUT)
Gaďorek Petr, Ing. (CVT FIT VUT)
Hranický Radek, Ing., Ph.D. (UIFS FIT VUT)
Hynek Jiří, Ing., Ph.D. (UIFS FIT VUT)
Jeřábek Kamil, Ing. (UIFS FIT VUT)
Korček Pavol, Ing., Ph.D. (UPSY FIT VUT)
Košař Vlastimil, Ing., Ph.D. (UPSY FIT VUT)
Lichtner Ondrej, Ing. (UIFS FIT VUT)
Martínek Tomáš, Ing., Ph.D. (UPSY FIT VUT)
Matoušek Petr, doc. Ing., Ph.D., M.A. (UIFS FIT VUT)
Šmolová Martina, Ing. (VCIT FIT VUT)