The Advanced Cybersecurity group is focused on the methods and technologies for the protection against cyber attacks. Security of cyber-physical systems, is an area where the team is already very active. In its future research, WG5 will focus on particular aspects of cyber-physical security, i.e. cryptography for resource-restricted devices, machine learning for anomaly detection and side-channel attacks and stress testing of heterogeneous networks.
- Project “Cryptographic system for the protection of electronic identity” with OKsystem company. The main outcome is the authentication and access control system with strong privacy protection.
- Project “Application of modern cryptographical methods to increase communication security in telematics systems” with Honeywell company. The main outcome is the design and implementation of cryptographic protection for smart house installations.
- Major Czech bank
Stress testing and security evaluation of network infrastructure
The bank has updated its IT infrastructure recently, including its firewalls and network filters. The bank wanted to 1) find the true performance limits of the newly purchased security devices and 2) to verify that the devices are fully functional in case a massive attack comes.
Solution: The high-speed traffic generator Spirent Avalanche 3100B was connected to the infrastructure of the bank. The testing device was configured to generate legitimate traffic (HTTP(S) requests) and analyze the behavior of the infrastructure. The load was gradually increased from Kbps to Gbps. Malicious traffic, namely various DDoS attacks, were mixed into the legitimate traffic to evaluate the operability of network filters. The complete test was running in a live infrastructure and network administrators had the right to stop the test immediately.
Results: The performance limits of the firewalls and network filters were found. The behavior of the infrastructure under extreme load was analyzed. The functionality of security devices was evaluated and devices not performing as promised by vendors were identified. The main bottleneck of the infrastructure (a particul
- J. Hajný, L. Malina, P. Dzurenda, “Privacy-PAC: Privacy-Enhanced Physical Access Control,” in ACM CCS: WPES 2014 Proceedings. ACM, New York, NY, USA, 93-96. ISBN: 978-1-4503-3148- 7.
- Spirent Avalanche 3100B
Device capable of performance and security testing of network infrastructures and services. Extreme traffic of up to 20 Gbps can be generated by the device to evaluate the scalability and behavior of the infrastructure or service in non-standard conditions.
- Vulnerability Scanners
Wide spectrum of vulnerability scanners is available. The scanners are able to analyze the customer’s network and find the security weaknesses, including misconfigurations, old versions of software or weak protection. Using the analysis results, the security team provides the remedy for the customer.
- Data Storage and Computing Cluster
The TUW network security lab contains a data storage and a computing cluster for network traffic analysis and anomaly detection methods. The infrastructure will also be used to collect and analyze sensor data from the microgrid lab (FUSE testbed) that is currently established at TU Wien.
- Johann Wolfgang Goethe-Universität Frankfurt, Germany
Cooperation in the field of digital identity protection and cryptographic privacy-enhancing technologies.
- Universitat Rovira i Virgili, Spain
Cooperation in the field of cryptologic protocol design, in particular the development of lightweight cryptosystems for low-performance devices, such as smart cards, sensors and microcontrollers.
- UC San Diego
Cooperation in the field of network data analysis and secure smart grid communication.
Cooperation on the design and implementation of cryptographic protocols for data encryption and authentication.
Cooperation on the analysis and evaluation of smart metering technologies with special focus on PLC (Power Line Communication).
Cooperation on the design and implementation of encryption systems for the high speed (upto 100 Gbps) network cards based on the FPGA (Field Programmable Gate Array) circuits.