JR's CTTC



Functional Components Description

Due to the rapidly increasing complexity of networked systems, checking for the vulnerability or resilience of such systems requires not only the relatively expensive development of powerful, partially automated detection, analysis, and defense methods, but also the existence of dedicated laboratory environments consisting of hardware and software components allow simulation and virtualization of systems to be tested outside the production environment.

The Joanneum Research CTTC (Cyber Test and Training Centre), is as a lab environment, designed to be used in different projects in cyber security and defence field, to help in better concepts understanding, and providing testing environment and data.

The Joanneum Research CTTC setup is an on-going project consisting of several stages. As a hardware and test setup, new components and gadgets can be added without much effort, in order to test these components and to be able to examine vulnerabilities. These components include:

  • Stage1: IoT Cyber range environment

    • IoT environment (Smart Home)

    • Industry 4.0 environment

    • Connected Car environment

  • Stage 2: Penetration and hacker gadgets

    • Software defined radio

    • IoT device detection tools

  • Stage 3: APT red-teaming environment

    • Fully-capable modular network environment including physical and virtual network components

    • APT red-teaming tools and infrastructure

    • Data recording and analysis infrastructure

The current status of CTTC is Stage 1 – finished, Stage 2 – setup in progress, Stage 3 – concept is finished.


Services provided

Support platform for R + D + I projects

JR CTTC should allow to easily capture and analyse the traffic of different infrastructures – smart home and industrial IoT environments, and campus network environment. It can be used to capture and parse different protocols to validate the effectiveness of IDS systems and formal methods, to capture real traffic from a campus network infrastructure in order to train artificial neural networks, etc.

Isolated environment

In order to enable the cyber security analysis with different tests (security, penetration) of both external and internal software, the software can be isolated and deployed in the CTTC. The secure environment enables isolated analysis, whether it is a web application, a native application or malware. This includes:

  • Penetration Testing

  • Security Testing

  • Blackbox Testing

  • Whitebox Testing

  • OWASP Top 10

  • Reverse Engineering

  • Malwareanalysis

Data collection and analysis

CTTC will enable researchers to set up isolated network environment, perform red-teaming and collect data for further analysis.

Training

CTTC may be used as a platform for offering and developing a wide-range of training activities related to PenTesting, IoT and IT network infrastructure protection and anomaly detection.

Consultancy

CTTC may be used as a platform to support consultancy services.


Keywords

Data collection, data analysis, IoT security, intrusion detection, APT


Services

  • Support platform for R + D + I projects: allows to easily capture and analyse the traffic of different infrastructures – smart home and industrial IoT environments, and campus network environment. It can be used to capture and parse different protocols to validate the effectiveness of IDS systems and formal methods, to capture real traffic from a campus network infrastructure in order to train artificial neural networks, etc.

  • Isolated environment: enables isolated analysis, whether it is a web application, a native application or malware. This includes: penetration testing, security testing, blackbox testing, whitebox testing, OWASP Top 10, reverse engineering, malware analysis.

  • Data collection and analysis: set up isolated network environment, perform red-teaming and collect data for further analysis.

  • Training: platform for offering and developing a wide-range of training activities related to PenTesting, IoT and IT network infrastructure protection and anomaly detection.

  • Consultancy: platform to support consultancy services.


Technical equipment

  • IoT cyber-range:

    • Setups for Smart Home use cases

    • Setups for Connected Car use cases

    • IoT devices (Smart Lightbulbs, IoT Gateways, Sensors, …)

    • Raspberry Pi’s (15 * Model 3B+, 3 * Model 4)

    • Raspberry Pi Extension Kits (4G/3G/2G/GSM/GPRS/GNSS, Z-Wave, Zigbee, LowaWan, CAN)

  • Penetration and hacker gadgets:

    • In order to perform/train penetration testing, the CTTC is equipped with various network devices (switches/router/IoT devices) to be able to create certain use cases.

    • The training is performed using Kali Linux with the extension of JR developed tools for IoT devices detection in network. Furthermore, Software Defined Radio (SDR) gadgets like the HackRF One are used to create and test more advanced attack scenarios on IoT devices and protocols.

  • APT red-teaming environment:

    • Complete HW/SW infrastructure, and separate internet access:

      • network environment with internet access

      • networking equipment (routers, switches)

      • workstations (physical and virtual)

      • user-behaviour simulator

      • APT red-teaming tools

      • data recording and analysis tools


Use request

Non-profit (NDA and/or acknowledgement required)