KYPO: A Tool for Collaborative Study of Cyberattacks in Safe Cloud Environment

  • Zdenek Eichler
  • Radek OšlejšekEmail author
  • Dalibor Toth
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9190)


This paper introduces the KYPO – a cloud-based virtual environment faithfully simulating real networks and enabling users to study cyber attacks as well as to train users in isolated and controlled environment. Particularly, the paper focuses on the user environment and visualizations, providing views and interactions improving the understanding of processes emerged during experiments. Web user interface of the KYPO system supports several collaboration modes enabling the participants to experiment and replay different types of security related tasks.


Human-Computer interaction Collaboration KYPO Cyber security 



This work has been supported by the project “Cybernetic Proving Ground” (VG20132015103) funded by the Ministry of the Interior of the Czech Republic. We appreciate the access to computing facilities (a) owned by parties and projects contributing to the National Grid Infrastructure MetaCentrum, provided under the program “Projects of Large Infrastructure for Research, Development, and Innovations” (LM2010005), and (b) provided under the programme Center CERIT Scientific Cloud, part of the Operational Program Research and Development for Innovations, reg. no. CZ. 1.05/3.2.00/08.0144.


  1. 1.
    Arnes, A., Haas, P., Vigna, G., Kemmerer, R.A.: Using a virtual security testbed for digital forensic reconstruction. J. Comput. Virol. 2(4), 275–289 (2007)CrossRefGoogle Scholar
  2. 2.
    Benzel, T.: The science of cyber security experimentation: the deter project. In: Proceedings of the 27th Annual Computer Security Applications Conference, ACSAC 2011, pp. 137–148. ACM, New York (2011)Google Scholar
  3. 3.
    Chen, L.: Construction of the new generation network security testbed-Testbed@ TWISC: integration and implementation on software aspect. Institute of Computer and Communication, National Cheng Kung University, Tainan (2008)Google Scholar
  4. 4.
    Duchamp, D., de Angelis, G.: A hypervisor based security testbed. In: Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007, DETER, Berkeley. USENIX Association (2007)Google Scholar
  5. 5.
    Hofstede, R., Celeda, P., Trammell, B., Drago, I., Sadre, R., Sperotto, A., Pras, A.: Flow monitoring explained: from packet capture to data analysis with Netflow and IPFIX. IEEE Commun. Surv. Tutor. 16(4), 2037–2064 (2014)CrossRefGoogle Scholar
  6. 6.
    Jirsík, T., Husák, M., Čeleda, P., Eichler, Z.: Cloud-based security research testbed: a DDoS use case. In: Lutfiyya, H., Cholda, P. (eds.) Proceedings of the Network Operations and Management Symposium (NOMS 2014). IEEE Xplore Digital Library, Krakow (2014)Google Scholar
  7. 7.
    Kouřil, D., Rebok, T., Jirsík, T., Čegan, J., Drašar, M., Vizvǎry, M., Vykopal, J.: Cloud-based testbed for simulation of cyber attacks. In: Lutfiyya, H., Cholda, P. (eds.) Proceedings of the Network Operations and Management Symposium (NOMS 2014). IEEE Xplore Digital Library, Krakow (2014)Google Scholar
  8. 8.
    Krishna, K., Sun, W., Rana, P., Li, T., Sekar, R.: V-NetLab: a cost-effective platform to support course projects in computer security. In: Proceedings of 9th Colloquium for Information Systems Security Education (2005)Google Scholar
  9. 9.
    Milojicic, D., Llorente, I.M., Montero, R.S.: OpenNebula: a cloud management tool. IEEE Internet Comput. 15(2), 11–14 (2011)CrossRefGoogle Scholar
  10. 10.
    Shneiderman, B.: The eyes have it: a task by data type taxonomy for information visualizations. In: Proceedings of the 1996 IEEE Symposium on Visual Languages, VL 1996, pp. 336–343. IEEE Computer Society, Washington (1996)Google Scholar
  11. 11.
    Van Leeuwen, B., Urias, V., Eldridge, J., Villamarin, C., Olsberg, R.: Performing cyber security analysis using a live, virtual, and constructive (LVC) testbed. In: Military Communications Conference 2010 - MILCOM 2010, pp. 1806–1811 (2010)Google Scholar
  12. 12.
    Velan, P., Krejčí, R.: Flow information storage assessment using IPFIXcol. In: Sadre, R., Novotný, J., Čeleda, P., Waldburger, M., Stiller, B. (eds.) AIMS 2012. LNCS, vol. 7279, pp. 155–158. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  13. 13.
    White, B., Lepreau, J., Stoller, L., Ricci, R., Guruprasad, S., Newbold, M., Hibler, M., Barb, C., Joglekar, A.: An integrated experimental environment for distributed systems and networks. In: OSDI02, pp. 255–270, ACM, Boston, December 2002Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Zdenek Eichler
    • 1
  • Radek Ošlejšek
    • 1
    Email author
  • Dalibor Toth
    • 1
  1. 1.Faculty of InformaticsMasaryk UniversityBrnoCzech Republic

Personalised recommendations