Completed projects
European Union, 1/2019 - 3/2023
The Cyber Security Competence for Research and Innovation (CONCORDIA) project is one of the four projects established under the European Union's Horizon 2020 (H2020) initiative to address cybersecurity policy issues in the European Union.
The four-year CONCORDIA project, launched in January 2019, aims to connect the expertise of cybersecurity institutions across Europe and build a cybersecurity ecosystem. The project's outcomes are directed towards strengthening European cybersecurity and digital sovereignty.
The project is primarily coordinated by the research institute CODE at the Bundeswehr University Munich.
Budování situačního povědomí v kyberprostoru VVŠ a efektivní reakce na krizové situace
MŠMT, 1/2023 - 12/2023
The project focused on enhancing cybersecurity at 26 public universities in the Czech Republic. The key goal was to increase the protection of these institutions' digital environments through modern technologies and shared security policies.
Thanks to the project, we have improved information security and readiness against cyber threats while also enhancing the cognitive abilities of university system users. We integrated top-notch security solutions and developed crisis plans to ensure the continuous operation of the schools and rapid recovery after potential disasters.
The project also included legal preparation for the "NIS2 Directive" and improved risk management associated with the supply chain.
Project Benefits:
- Increased cybersecurity at universities.
- Enhanced user capabilities to prevent and respond to cyber attacks.
- Effective crisis planning and rapid operational recovery.
- Preparation for new European legal requirements.
- Better supply chain risk management.
This project has significantly contributed to a safer and more prepared digital environment for universities in the Czech Republic.
Masaryk University, 11/2021 - 12/2022
The CARE SHARE project was focused on designing procedural, technological, educational, and legal procedures to establish means for ensuring the secure sharing of selected types of healthcare services. The project was built on the principles of establishing a Security Operations Center (SOC), which is responsible for the cybersecurity of organizations providing healthcare services, where there is a higher involvement with sensitive data.
CRP-Kyber - Support For the Implementation of an Information Security Management System in the HEI environment
MSMT, 1/2021 - 12/2022
The CRP-Kyber project consists of two projects: CRP-Kyber21, which was implemented in 2021, and CRP-Kyber22, which is currently in progress.
The goal of the CRP-Kyber21 project was to enhance the level of cybersecurity in the environment of public universities. In addition to improving cybersecurity, this project also aimed to prepare universities for fulfilling legal obligations imposed by the Cybersecurity Act, especially concerning significant information systems managed by public authorities.
In terms of content, the project focuses on seven areas:
- Establishing a secure cyber environment for the university.
- Significant information systems in the context of public universities.
- User awareness.
- Systematic institutional training of staff.
- Cybersecurity in distance and collaborative environments.
- Automated vulnerability scanning.
- Legal aspects of cybersecurity.
The CRP-Kyber22 project, to be carried out in 2022, focuses on strengthening practical collaboration among public universities, integrating technologies supporting the implementation of a security management system, building a common knowledge base and security policies. It also includes raising awareness and educating various academic groups, establishing advanced security for the MS365 environment, and analyzing the legal impacts of changes in legislation related to cybersecurity.
The main coordinator of the entire CRP-Kyber project, which involves a total of 25 Czech universities, is the Cybersecurity Team of Masaryk University (CSIRT-MU).
Masaryk University, 5/2021 - 12/2022
The project focused on researching the monitoring and security of distributed manufacturing information systems. The aim was to design and implement software for monitoring and analyzing non-functional properties of manufacturing information systems (such as computational and memory resource consumption), enabling the detection of operational anomalies in the measured data. The project's output is a solution that allows the collection and preprocessing of data from local instances of manufacturing information systems. The proposed solution also ensures the secure transmission of this data to a central monitoring center. The monitoring center subsequently handles the processing of telemetry data, detects abnormal behavior, and visualizes the status of individual instances of manufacturing information systems.
Masaryk University, 7/2021 - 12/2022
The project focused on remote data collection from smart electricity meters and centralizing the management of security events and incidents in energy networks. Why was the project initiated? In the Czech Republic, in 2020, regulation No. 359/2020 was introduced, defining security and technical requirements for smart meters and related infrastructure. However, at that time, there was neither a methodology for testing them nor a testing laboratory. The project responded to this need by establishing a testing ground for Smart Grids and Smart Metering with the aim of creating laboratories for the security certification of devices used in the energy sector. The project also developed the missing universal testing methodology as part of its efforts.
Ministry of the Interior of the CR, 1/2020 - 12/2022
The project Tools for Attack Simulation and Intrusion Emulation into Critical Information Infrastructure (BEAST) aims to create a set of tools that will partially replace experts in penetration testing. By emphasizing the automation of both static and dynamic cybersecurity testing, it will be possible to reduce the personnel workload of security teams while continuously monitoring and evaluating the security of the tested infrastructure.
Ministry of the Interior of the CR, 1/2020 - 12/2022
The project focuses on the research and development of advanced tools that ensure the automation and efficiency of operational activities for security teams in the context of protecting critical information infrastructure (CII) and significant information systems (SIS). Thanks to the developed tools, it will be possible to determine the status of the protected infrastructure and obtain information about relevant threats. Furthermore, they will enable the streamlining of selected phases of the cybersecurity threat lifecycle management through security orchestration support in conjunction with a contextualized user environment for collaboration.
European Union, 5/2019 - 4/2022
The goal of the Sharing and Automation for Privacy Preserving Attack Neutralization (SAPPAN) project was to address cybersecurity policy issues in the European Union and was supported under the European Union's Horizon 2020 (H2020) initiative.
The four-year implementation of the SAPPAN project began in May 2019 with the aim of effectively protecting ICT infrastructures from cyberattacks.
On the path to a safer virtual environment, the project relied primarily on threat analysis, advanced data collection techniques, and collaboration across institutions, especially in terms of sharing security information and experiences. It placed great emphasis on preserving the privacy of all involved parties.
The consortium of the SAPPAN project consisted of partners from the academic and industrial sectors, which helped maximize societal impact and increase the effectiveness of the results. Specifically, the consortium included the Fraunhofer-Gesellschaft research institute, the national research and education network CESNET, the multinational company Hewlett Packard Enterprise, F-Secure Oyj, and Dreamlab Technologies AG. The academic representation included Masaryk University, RWTH Aachen University, and the University of Stuttgart.
MSMT, 1/2019 - 12/2022
Masaryk University's Center of Excellence for Cybercrime, Cybersecurity, and Critical Information Infrastructure Protection (C4e) project connects expert units at Masaryk University and investigates comprehensive issues in the cyber domain.
The primary goal of this project was to establish a national center for training and education in the field of cybercrime prevention and repression.
While the core target audience of C4e is the Czech Republic's Police Force, the center was designed to provide services to other target groups as well, including courts, prosecution offices, legal practitioners, government agencies, private organizations, and the academic sector.
Technology Agency of the Czech Republic, 1/2019 - 12/2022
The abbreviation NC3 stands for the National Competence Center for Cybersecurity (NCC), which brings together leading research institutions and industry representatives to collaborate on research and development of technical solutions in cybersecurity at both hardware and software levels, as well as certification mechanisms for security features of technological products. The participating institutions include Masaryk University, Brno University of Technology, and CESNET, which have a long-standing commitment to cutting-edge research in the field of cybersecurity from various perspectives. The project emphasized the involvement of partners from the application sphere in research with the goal of creating products that can be applied in relevant markets and practical use.
Masaryk University, 5/2019 - 3/2021
Within the project, a solution was developed based on network monitoring, which secures industrial systems by increasing the visibility of ICS communication, collecting domain-specific information, and providing rich and expressive visual data. The project responded to the increasing number of cyberattacks on industrial systems, which raised concerns about whether the cybersecurity of industrial control systems (ICS) is at an appropriate level.
Technology Agency of the Czech Republic, 1/2019 - 12/2021
The goal of the project was to create intelligent sensors for measuring and analyzing network traffic in a cloud environment. These sensors would provide precise and reliable information about activities in the cloud while also aiming to minimize operational costs.
(The Cybersecurity Team of Masaryk University ensured that the management, control, and data transfer from the measurement sensors were secured against unauthorized manipulation and misuse.)
The results will be applied to Flowmon's products and introduced to the market for cloud monitoring solutions as soon as possible.
Masaryk University, 10/2019 - 12/2020
The Asset Management ANd Diagnostics (AMANDA) project was created with the aim of expanding the set of protocols supported within the automatic diagnostic tool to include protocols used in the field of Industrial Control Systems (ICS). This diagnostics was based on manually created models - decision trees. The second goal of the project was to create an asset management system that would simplify resource management. The developed system also allowed mapping these resources to monitored data and network traffic metrics, including relevant visualization methods, along with generating configuration for individual modules of Flowmon's Flowmon Networks solution.
CRUSOE - Research of Tools for Cyber Situational Awareness and Decision Support of CSIRT Teams in Protection of Critical Infrastructure
Ministry of the Interior of the CR, 1/2017 - 12/2020
The aim of the CRUSOE project was to research tools that help maintain so-called situational awareness of a protected network and thereby support correct and effective decision-making in the protection of critical information infrastructures.
Ministry of the Interior of the CR, 1/2015 - 12/2020
Within the Security Events Sharing and Analysis (SABU) project, researchers worked on developing a system for intelligent analysis and efficient information sharing among security teams. This system enables the prediction of attack developments and the limitation of their impacts on the national cyberspace.
CSIRT-MU collaborates on the project with the CESNET association.
ITOA - Research and Development of Advanced Analytics Tools for Security and Performance Analysis of Network Infrastructure, Applications and Services
Technology Agency of the Czech Republic, 1/2017 - 12/2019
The IT Operation Analytics (ITOA) project focused on two main objectives. The first was the analysis of network traffic measurement data in terms of the performance characteristics of applications in the network, and the second was the comprehensive processing of events from security and performance monitoring.
The goal was to create a tool that would comprehensively evaluate the outputs from advanced monitoring technologies, thereby helping network administrators to quickly and accurately understand the connections between events occurring in the computer network.
Masaryk University, 2015 - 2018
In the Czech Republic, Cyber Czech is the only regular cybersecurity exercise of its kind. The combination of technical and non-technical means creates a comprehensive and realistic situation for practicing defense against cyberattacks.
The exercise is conducted in collaboration with the National Cyber and Information Security Agency (NÚKIB) within the Cyber Polygon (KYPO) environment, contributing to the development of more efficient solutions for potential security incidents.
The knowledge gained from organizing the Cyber Czech security exercises is also applied to other offered services. Specifically, this includes exercise-as-a-service within Masaryk University and a commercial form of exercises for interested parties from other organizations.
Technology Agency of the Czech Republic, 11/2014 - 10/2017
The Security Cloud project focused on creating a technological solution for modern services and infrastructure.
The project aimed to enable both network infrastructure providers and users to detect operational and security issues (such as attacks, anomalies, or outages).
As part of the project, the key technology called Stream4Flow was developed. This is a tool for real-time analysis of network data, leveraging leading contemporary tools for distributed stream processing of large data volumes, visualization, and network traffic monitoring.
CESNET, 1/2011 - 12/2016
In the WARDEN project, we contributed to the development of a system designed for the easy and fast exchange of detected threats among participating CSIRT teams.
WARDEN allows for straightforward and rapid sharing of detected anomalies among teams. This data is subsequently passed on by the system, providing teams with additional valuable information needed to ensure network security and health monitoring
Ministry of the Interior of the CR, 5/2013 - 12/2015
The goal of the Optical Component Security in Data and Communication Networks (BOP) project was the research and development of cybersecurity tools for high-speed networks.
The project addressed the current needs of the Ministry of the Interior. The outputs of the project were used by The Cybersecurity Team of Masaryk University (CSIRT-MU) to enhance the security of the university network.
Ministry of Defence of the CR, 5/2013 - 12/2015
The project Mobile Dedicated Device for Fulfilling Cyber Incident Response Capabilities (CIRC) aimed to create a mobile dedicated device for enhancing cyber incident response capabilities. During its implementation, the project fell within one of the main thematic priorities of defense research and development for the Ministry of Defense of the Czech Republic.
Masaryk University, 4/2013 - 9/2015
The Cyber Polygon (KYPO) is a unique virtual environment for research and development of methods to protect critical information structures against cyberattacks. Among its core features are flexibility, scalability, and resource efficiency. Within the exceptional facilities of the KYPO laboratory, comprehensive security training and exercises can be conducted.
The Cyber Polygon project team was awarded the Minister of the Interior's Prize for outstanding achievements in the field of security research.
CYBER - Security of Czech Army Information and Communication Systems - On-line Monitoring, Visualization and Packet Filtration. Computer Incident Response Capability Development in the Cyber Defence Environment
Ministry of Defence of the CR, 11/2008 - 12/2012
The goal of the CYBER project was to design protection for information and communication systems against cyberattacks, known as Cyber Defence.
During the project's implementation, it fell within one of the main thematic priorities of defense research and development for the Ministry of Defense of the Czech Republic.
CAMNEP - Cooperative Adaptive Mechanism for Network Protection
U.S. Army RDECOM Acquisition Center, 1-12/2007
The project Cooperative Adaptive Mechanism for Network Protection (CAMNEP) focused on the design and implementation of a system for intrusion detection in high-speed computer networks.
The system is based on monitoring computer networks using hardware-accelerated Flowmon probes, detecting network anomalies with an agent layer, and visualizing malicious traffic for the operator.
The investor of this program was the United States Army (U.S. Army Command, Control, Communications, Computers, Cyber, Intelligence, Surveillance and Reconnaissance Center - C5ISR Center).
IDENTIFICATION CODE
N62558-07-C-0001