Research Areas and Collaborations
Our research interest spans multiple areas. We draw from our broad experience from successful research projects and collaborations with academia, industry, and government partners.
We research ways to improve technologies and skills of computer security incident response teams. We focus on maintaining network situational awareness and security operations management, modeling, and automation. We research automated cyber threat identification and attack modeling based on threat intelligence acquisition and network data analysis.
- HOFSTEDE Rick, Pavel ČELEDA, Brian TRAMMELL, Idilio DRAGO, Ramin SADRE, Anna SPEROTTO and Aiko PRAS. Flow Monitoring Explained: From Packet Capture to Data Analysis with NetFlow and IPFIX. IEEE Communications Surveys and Tutorials, 2014, vol. 16, No 4, p. 2037-2064. ISSN 1553-877X. DOI: 10.1109/COMST.2014.2321898.
- VELAN, Petr, Milan ČERMÁK, Pavel ČELEDA and Martin DRAŠAR. A Survey of Methods for Encrypted Traffic Classification and Analysis. International Journal of Network Management. John Wiley & Sons, Ltd., 2015, vol. 25, No 5, p. 355-374. ISSN 1055-7148. DOI: 10.1002/nem.1901.
- SADLEK Lukáš, Pavel ČELEDA and Daniel TOVARŇÁK. Identification of Attack Paths Using Kill Chain and Attack Graphs. In NOMS 2022 - 2022 IEEE/IFIP Network Operations and Management Symposium. Budapest, Hungary: IEEE Xplore Digital Library, 2022. p. 1-6. ISBN 978-1-6654-0601-7. DOI: 10.1109/NOMS54207.2022.9789803.
Simulation and Emulation Environments
We research and develop environments to simulate and emulate complex cyber systems, networks, and applications. These environments are used for hands-on education and research, development, and testing of cybersecurity systems. In this context, we explore applications of artificial intelligence for creating more realistic and advanced scenarios, including the emulation of human users. We develop methods for automation of sophisticated network attacks and focus on their large-scale simulations and evaluation.
- VYKOPAL Jan, Pavel ČELEDA, Pavel ŠEDA, Valdemar ŠVÁBENSKÝ and Daniel TOVARŇÁK. Scalable Learning Environments for Teaching Cybersecurity Hands-on. In 2021 IEEE Frontiers in Education Conference (FIE). New York, NY, USA: IEEE, 2021. p. 1-9. ISBN 978-1-6654-3851-3. DOI:10.1109/FIE49875.2021.9637180.
- ČELEDA Pavel, Jan VYKOPAL, Valdemar ŠVÁBENSKÝ and Karel SLAVÍČEK. KYPO4INDUSTRY: A Testbed for Teaching Cybersecurity of Industrial Control Systems. In Proceedings of the 51st ACM Technical Symposium on Computer Science Education (SIGCSE '20). Portland, Oregon, USA: ACM, 2020. 7 p. ISBN 978-1-4503-6793-6. DOI:10.1145/3328778.3366908.
Interactive Learning Environments
We research and develop environments for learning technical and operational cybersecurity skills. These learning environments are built on top of our emulation environments so that they enable learning using authentic tools, systems, and methods used in practice. We apply these learning environments in our teaching, and they are open-source for everyone to adopt or adapt. The MUNI KYPO Portal presents our achievements in this area.
- BEURAN, Razvan, Jan VYKOPAL, Daniela BELAJOVÁ, Pavel ČELEDA, Yasuo TAN and Yoichi SHINODA. Capability Assessment Methodology and Comparative Analysis of Cybersecurity Training Platforms. Computers & Security. Elsevier, 2023. ISSN 0167-4048. DOI:10.1016/j.cose.2023.103120.
- VYKOPAL, Jan, Pavel ŠEDA, Valdemar ŠVÁBENSKÝ and Pavel ČELEDA. Smart Environment for Adaptive Learning of Cybersecurity Skills. IEEE Transactions on Learning Technologies. 2022, ISSN 1939-1382. DOI:10.1109/TLT.2022.3216345.
- VYKOPAL Jan, Martin VIZVÁRY, Radek OŠLEJŠEK, Pavel ČELEDA and Daniel TOVARŇÁK. Lessons Learned from Complex Hands-on Defence Exercises in a Cyber Range. In 2017 IEEE Frontiers in Education Conference (FIE). Indianapolis, USA: IEEE, 2017. p. 1-8. ISBN 978-1-5090-5919-5. DOI: 10.1109/FIE.2017.8190713.
Cybersecurity Education Research
We research innovative methods for learning cybersecurity skills, such as gamified hands-on exercises. Our training is enhanced by state-of-the-art techniques of educational data mining and learning analytics. We analyze data about learners' interactions with the training system to better understand and improve learning. The analysis results are used to provide learning interventions, such as automated feedback and adaptive assignments. As a result, students can train effective and timely responses to the current cyber threats.
- ŠVÁBENSKÝ Valdemar, Jan VYKOPAL, Pavel ČELEDA, Kristián TKÁČIK and Daniel POPOVIČ. Student Assessment in Cybersecurity Training Automated by Pattern Mining and Clustering. Education and Information Technologies. Springer, 2022, -, No. 03, p. 1-32. ISSN 1360-2357. DOI:10.1007/s10639-022-10954-4.
- VYKOPAL Jan, Valdemar ŠVÁBENSKÝ, Pavel ŠEDA and Pavel ČELEDA. Preventing Cheating in Hands-on Lab Assignments. In Proceedings of the 53rd ACM Technical Symposium on Computer Science Education (SIGCSE '22). New York, NY, USA: ACM, 2022. p. 78-84. ISBN 978-1-4503-9070-5. DOI:10.1145/3478431.3499420. (Best Paper Award)
- ŠVÁBENSKÝ, Valdemar, Jan VYKOPAL and Pavel ČELEDA. What Are Cybersecurity Education Papers About? A Systematic Literature Review of SIGCSE and ITiCSE Conferences. In Proceedings of the 51st ACM Technical Symposium on Computer Science Education (SIGCSE '20). Portland, Oregon, USA: ACM, 2020. p. 2-8. ISBN 978-1-4503-6793-6. DOI:10.1145/3328778.33668168. (Best Paper Award)
- ŠVÁBENSKÝ Valdemar, Jan VYKOPAL, Milan ČERMÁK and Martin LAŠTOVIČKA. Enhancing Cybersecurity Skills by Creating Serious Games. In Proceedings of the 23rd Annual ACM Conference on Innovation and Technology in Computer Science Education (ITiCSE). Larnaca, Cyprus: ACM, 2018. p. 194-199. DOI: 10.1145/3197091.3197123.
International Research Collaborations
Since the year 2020, we have been collaborating with Dr. Richard Weiss and Dr. Jens Mache, authors of the EDURange platform for training cybersecurity skills. Our team also includes Dr. Ankur Chattopadhyay, who focuses on hands-on cybersecurity education. Together, we published a paper titled Evaluating Two Approaches to Assessing Student Progress in Cybersecurity Exercises, which we presented at the ACM SIGCSE 2022 conference in Providence, Rhode Island. Currently, we continue the collaboration by working on another paper and sharing experiences in teaching cybersecurity.
Collaboration with National University of Singapore (NUS) and Prof. Ee-Chien Chang started in 2018, when Jan joined NUS as a postdoc researcher. Jan shared his experience gained during research and development of KYPO Cyber Range Platform and running training sessions at this platform. He also enhanced a cybersecurity curriculum at NUS and ran research study of learning experience with hands-on activities. This resulted in two joint papers: Benefits and Pitfalls of Using Capture The Flag Games in University Courses and Collaborative Paradigm of Teaching Penetration Testing using Real-World University Applications. Another topic we are working on is emulation of users for realistic cybersecurity training and experimentation.