Project Details
Integrovaná platforma pro zpracování digitálních dat z bezpečnostních incidentů
Project Period: 1. 1. 2017 – 30. 6. 2020
Project Type: grant
Code: VI20172020062
Agency: Ministerstvo vnitra ČR
Program: Bezpečnostní výzkum České republiky 2015-2020
English title
Integrated platform for analysis of digital data from security incidents
Type
grant
Keywords
network security, forensics data analysis, cyber crime, machine learning, data
mining
Abstract
The proposed project deals with the experimental development of advanced methods
and tools of network security analysis based on data mining, machine learning,
visual analytics and their implementation as a forensic platform. The project
outcome will be demonstrated using practical cases studies, namely,
identification of P2P traffic, forensics analysis of mobile devices and
investigation of Bitcoin incidents.
Team members
Matoušek Petr, doc. Ing., Ph.D., M.A.
(DIFS)
– research leader
Burget Radek, doc. Ing., Ph.D. (DIFS)
Burgetová Ivana, Ing., Ph.D. (DIFS)
Grégr Matěj, Ing., Ph.D. (DIFS)
Hranický Radek, Ing., Ph.D. (DIFS)
Hynek Jiří, Ing., Ph.D. (DIFS)
Jeřábek Kamil, Ing., Ph.D. (DIFS)
Pluskal Jan, Ing., Ph.D. (DIFS)
Podermański Tomáš, Ing. (CIS ‒ Infrastructure)
Polčák Libor, Ing., Ph.D. (DIFS)
Rychlý Marek, RNDr., Ph.D. (DIFS)
Ryšavý Ondřej, doc. Ing., Ph.D. (DIFS)
Veselý Vladimír, Ing., Ph.D. (DIFS)
Burget Radek, doc. Ing., Ph.D. (DIFS)
Burgetová Ivana, Ing., Ph.D. (DIFS)
Grégr Matěj, Ing., Ph.D. (DIFS)
Hranický Radek, Ing., Ph.D. (DIFS)
Hynek Jiří, Ing., Ph.D. (DIFS)
Jeřábek Kamil, Ing., Ph.D. (DIFS)
Pluskal Jan, Ing., Ph.D. (DIFS)
Podermański Tomáš, Ing. (CIS ‒ Infrastructure)
Polčák Libor, Ing., Ph.D. (DIFS)
Rychlý Marek, RNDr., Ph.D. (DIFS)
Ryšavý Ondřej, doc. Ing., Ph.D. (DIFS)
Veselý Vladimír, Ing., Ph.D. (DIFS)
Files
Publication Results
2021
- MATOUŠEK, P.; BURGETOVÁ, I.; RYŠAVÝ, O.; VICTOR, M. On Reliability of JA3 Hashes for Fingerprinting Mobile Applications. In Digital Forensics and Cyber Crime. ICDF2C 2020. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering. Boston: Springer International Publishing, 2021.
p. 1-22. ISBN: 978-3-030-68733-5. Detail
2020
- POLČÁK, L. Soukromí uživatelů v prostředí internetové reklamy na českém webu. DSM Data Security Management, 2020, roč. 2020, č. 1,
s. 11-16. ISSN: 1211-8737. Detail
2019
- BURGET, R. Model-Based Integration of Unstructured Web Data Sources Using Graph Representation of Document Contents. In 15th International Conference on Web Information Systems and Technologies. Vienna: SciTePress - Science and Technology Publications, 2019.
p. 326-333. ISBN: 978-989-758-386-5. Detail - HRANICKÝ, R.; LIŠTIAK, F.; MIKUŠ, D.; RYŠAVÝ, O. On Practical Aspects of PCFG Password Cracking. In Data and Applications Security and Privacy. Lecture Notes in Computer Science. Charleston: Springer Nature Switzerland AG, 2019. no. 11559,
p. 43-60. ISBN: 978-3-030-22478-3. ISSN: 0302-9743. Detail - HRANICKÝ, R.; ZOBAL, L.; RYŠAVÝ, O.; KOLÁŘ, D. Distributed password cracking with BOINC and hashcat. Digital Investigation, 2019, vol. 30, no. 1,
p. 161-172. ISSN: 1742-2876. Detail - JEŘÁBEK, K.; RYŠAVÝ, O. Big Data Network Flow Processing Using Apache Spark. In Proceedings of the 6th Conference on the Engineering of Computer Based Systems (ECBS 2019), 2019. Bukurešť: Association for Computing Machinery, 2019.
p. 1-9. ISBN: 978-1-4503-7636-5. Detail - POLČÁK, L. Wireless M-Bus: Kdo ví, že perete?. DSM Data Security Management, 2019, roč. 2019, č. 4,
s. 13-17. ISSN: 1211-8737. Detail
2018
- MATOUŠEK, P.; SCHMIEDECKER, M. Digital Forensics and Cyber Crime. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering. Cham: Springer International Publishing, 2018. 235 p. ISBN: 978-3-319-73697-6. Detail
- RYCHLÝ, M.; RYŠAVÝ, O. Big Data Security Analysis with TARZAN Platform. Journal of Cyber Security and Mobility, 2018, vol. 8, no. 2,
p. 165-188. ISSN: 2245-1439. Detail - VONDRÁČEK, M.; PLUSKAL, J.; RYŠAVÝ, O. Automated Man-in-the-Middle Attack Against Wi-Fi Networks. Journal of Digital Forensics Security and Law, 2018, vol. 2018, no. 13,
p. 59-80. ISSN: 1558-7215. Detail
2017
- HRANICKÝ, R.; ZOBAL, L.; VEČEŘA, V.; MATOUŠEK, P. Distributed Password Cracking in a Hybrid Environment. Proceedings of SPI 2017. Brno: University of Defence in Brno, 2017.
p. 75-90. ISBN: 978-80-7231-414-0. Detail - RYCHLÝ, M.; RYŠAVÝ, O. TARZAN: An Integrated Platform for Security Analysis. In Proceedings of the 2017 Federated Conference on Computer Science and Information Systems. Annals of Computer Science and Information Systems, Volume 11. Praha: IEEE Computer Society, 2017.
p. 561-567. ISBN: 978-83-946253-7-5. Detail
Applied Results
2020
- JavaScript Restrictor, software, 2020
Authors: POLČÁK, L.; TIMKO, M.; POHNER, P.; HORŇÁK, P.; ČERVINKA, Z.; BEDNÁŘ, M. - Platforma pro digitální forenzní analýzu, functioning sample, 2020
Authors: RYŠAVÝ, O.; BURGET, R.; JEŘÁBEK, K.; MATOUŠEK, P.; POLČÁK, L.; RYCHLÝ, M.; VESELÝ, V.; HYNEK, J. - Tool for mobile app fingerprinting, software, 2020
Authors: MATOUŠEK, P. - Toreator, software, 2020
Authors: POLČÁK, L.
2019
- Big Data Containerized Cluster, software, 2019
Authors: JEŘÁBEK, K. - DeMixer, software, 2019
Authors: VESELÝ, V.; ANTON, M. - proof_platform: Platform for automated analysis and archiving of data from the web, software, 2019
Authors: KOCMAN, T.; POLČÁK, L. - Tool for Distributed Extraction of Timestamped Events from Files, software, 2019
Authors: RYCHLÝ, M.; BURGET, R. - Tool for mobile device profiling, software, 2019
Authors: MATOUŠEK, P. - Winit, software, 2019
Authors: KOCMAN, T.; POLČÁK, L.
2018
- Banana Pi BPI-R2 Cluster Prototype, functioning sample, 2018
Authors: LETAVAY, V.; PLUSKAL, J.; JEŘÁBEK, K. - Cryptoalarm, software, 2018
Authors: VESELÝ, V.; VOKRÁČKO, L. - DHT-crawler, software, 2018
Authors: VAŠKO, M.; POLČÁK, L. - Distributed Forensic Digital Data Repository, software, 2018
Authors: JOSEFÍK, M.; RYCHLÝ, M. - Docker Infrastructure for TARZAN Platform, software, 2018
Authors: RYCHLÝ, M. - Filtrační jednotka pro eliminaci DDoS útoků s využitím komoditního hardware, functioning sample, 2018
Authors: NAGY, P.; GRÉGR, M.; PODERMAŃSKI, T. - Fitcrack 2.0, functioning sample, 2018
Authors: HRANICKÝ, R.; ZOBAL, L.; VEČEŘA, V.; MÚČKA, M. - Java library for PCAP files processing in Apache SPARK, software, 2018
Authors: BÉDER, M.; RYŠAVÝ, O. - Nástroj pro distribuované získávání dat ze sociálních sítí, software, 2018
Authors: TUTKO, J.; BURGET, R. - NTPAC - Network Traffic Packet Analysing Cluster, software, 2018
Authors: LETAVAY, V.; PLUSKAL, J. - sMaSheD - Mining Server Detector, software, 2018
Authors: VESELÝ, V.; KELEČÉNI, J.; CAGAŠ, M.
2017
- AppIdent - Nástroj pro identifikaci aplikačních protokolů, software, 2017
Authors: PLUSKAL, J. - DDoSGen, software, 2017
Authors: PODERMAŃSKI, T. - Nástroj pro extrakci dat ze zařízení Android, software, 2017
Authors: BAŽÍK, M.; MATOUŠEK, P. - Nástroj pro zachycení síťové komunikace spolu s identifikací aplikací na platformách Windows, Linux, (BSD), software, 2017
Authors: ZUZELKA, J.; PLUSKAL, J.; RYŠAVÝ, O.; MATOUŠEK, P. - Netfox Detective 2.0 - Nástroj pro síťovou forenzní analýzu, software, 2017
Authors: PLUSKAL, J. - RDF4J Class Builder, software, 2017
Authors: BURGET, R. - Softwarový nástroj pro detekci mobilní komunikace v síťovém provozu, software, 2017
Authors: HAVLÍK, J.; MATOUŠEK, P. - Timeline Analyzer, software, 2017
Authors: BURGET, R.
Results with Impact on Practice
2019
- Cryptocurrency Investigation Workshop, audiovisual work, 2019
Authors: VESELÝ, V. - Hunting Down Cryptocurrency Users, audiovisual work, 2019
Authors: VESELÝ, V. - Hunting Down Cryptocurrency Users, audiovisual work, 2019
Authors: VESELÝ, V. - SSL/TLS Interception Workshop, audiovisual work, 2019
Authors: PLUSKAL, J.; VESELÝ, V. - SSL/TLS Interception Workshop (TLS1.3 edition), audiovisual work, 2019
Authors: PLUSKAL, J.; VESELÝ, V. - Towards Fully Automated Infinitely Scalable and Maximally Effective Password Cracking of Encrypted Documents, audiovisual work, 2019
Authors: VESELÝ, V. - Towards Fully Automated Infinitely Scalable and Maximally Effective Password Cracking of Encrypted Documents, audiovisual work, 2019
Authors: VESELÝ, V. - Workshop on Evidence Collection and Analysis of Webpages, audiovisual work, 2019
Authors: VESELÝ, V.
2018
- Cryptocurrency Forensics Utilizing a Multi-currency Blockchain Explorer, audiovisual work, 2018
Authors: VESELÝ, V. - Hunting Down Cryptocurrency Users, audiovisual work, 2018
Authors: VESELÝ, V. - SSL/TLS Interception Workshop, audiovisual work, 2018
Authors: VESELÝ, V.; PLUSKAL, J. - TLS/SSL Decryption Workshop, audiovisual work, 2018
Authors: PLUSKAL, J.; VESELÝ, V. - Towards Fully Automated Infinitely Scalable and Maximally Effective Password Cracking of Encrypted Documents, audiovisual work, 2018
Authors: VESELÝ, V.
2017
- Detection, and Analysis of SIP Fraud Attack on 100Gb Ethernet with NEMEA System, audiovisual work, 2017
Authors: PLUSKAL, J.; RYŠAVÝ, O.
Other Results
2020
- Extrakce událostí ze souborových systémů - Návrh a implementace distribuované architektury, report, 2020
Authors: BURGET, R.; RYCHLÝ, M. - Mobile Device Fingerprinting, report, 2020
Authors: MATOUŠEK, P.; BURGETOVÁ, I.; VICTOR, M. - The architecture of Fitcrack distributed password cracking system, version 2, report, 2020
Authors: HRANICKÝ, R.; ZOBAL, L.; VEČEŘA, V.; MÚČKA, M.; HORÁK, A.; BOLVANSKÝ, D.; ŽENČÁK, T.
2019
- Big Data cluster založený na kontejnerech, report, 2019
Authors: JEŘÁBEK, K. - DNS Over HTTPS Analysis and Detection in Regular HTTPS, report, 2019
Authors: JEŘÁBEK, K. - Lámání hesel pomocí pravděpodobnostních gramatik, report, 2019
Authors: HRANICKÝ, R.; MIKUŠ, D.; ZOBAL, L.
2018
- Co skrývá síť BitTorrent?, report, 2018
Authors: POLČÁK, L. - Distribuce výpočtů pro nástroj hashcat, report, 2018
Authors: HRANICKÝ, R.; ZOBAL, L.; VEČEŘA, V.; MÚČKA, M. - Distribuované zpracování a analýza dat ze sociálních sítí - Návrh a implementace distribuované architektury, report, 2018
Authors: BURGET, R. - The architecture of Fitcrack distributed password cracking system, report, 2018
Authors: HRANICKÝ, R.; ZOBAL, L.; VEČEŘA, V.; MÚČKA, M.
2017
- Detekce kryptoměnových těžařů, report, 2017
Authors: VESELÝ, V. - Detekce mobilních zařízení v síťové komunikaci, report, 2017
Authors: MATOUŠEK, P. - Netfox Detective - Identifikace aplikačních protokolů pomocí algoritmů strojového učení, report, 2017
Authors: PLUSKAL, J.; LICHTNER, O.; RYŠAVÝ, O. - Netfox Detective 2.0 - Nástroj pro síťovou forenzní analýzu, report, 2017
Authors: PLUSKAL, J. - Platforma pro zpracovaní dat síťové forenzní analýzy, report, 2017
Authors: RYCHLÝ, M.; RYŠAVÝ, O. - Sociální sítě: Sběr a analýza dat v souvislosti s bezpečnostními incidenty, report, 2017
Authors: BURGET, R. - Základní informace o síti Tor, report, 2017
Authors: POLČÁK, L.