Cyber Security Laboratory
Cyber Security Laboratory (CyberSecLab) – it is a unique unit that develops national competence in counteracting cyberattacks, with one of the largest supercomputers in Poland (195 TFLOPS). Unlike other scientific entities, this equipment is used exclusively in the area of cybersecurity and cryptology.
LAAC has a modern ICT infrastructure that applies virtualisation technologies, cloud and software-defined networks. It can be used for testing to ensure cybersecurity, including identification, analysis and protection against cyber security threats such as:
- conducting scientific research and development on detecting unauthorised activities in ICT networks:
- malware research (creating detection algorithms and modelling attacks),
- identifying anomalies within network traffic (creating patterns of attacks, patterns of "correct" and malicious traffic, creating paths of attacks, determining the most effective places and methods of counteraction),
- detection of attacks and anomalies on end devices (hosts, workstations);
- continuous analysis of vulnerability of systems used by the Polish Armed Forces to new generations of cyberattacks:
- creating environments to model and test vulnerability of devices and networks to modelled threats (based on network infrastructure and LAAC computing power - more than 5,000 nodes can be emulated);
- developing mechanisms for creating situational awareness for events in cyberspace:
- modelling methods of conducting passive and active defence operations in cyberspace, taking into account the development of systems of visualisation and planning operations and construction of defensive and offensive tools,
- development of methods to recognize the cyberspace environment of the opponent, in terms of network topology, vulnerabilities and possibilities of their exploration,
- development of risk management methods, including assessment of the impact of cyber-incidents on activities in other domains of military operations, taking into account physical resources and the need to ensure continuity of operations;
- conducting training in cyber security at various levels of advancement to the benefit of MON [Ministry of National Defence];
- maintaining and further development of the Cyber Security Laboratory.
The CyberSecLab infrastructure will also enable research related to functioning of command and control systems, including the creation of a secure ICT infrastructure, through:
- research on the possibility of implementing Federated Mission Networking (FMN) standards and safe cooperation in the federal environment,
- testing mechanisms to ensure reliability and survivability of command and communication systems,
- exploring options related to using machine learning and artificial intelligence methods to build advanced recognition functions.
The supercomputer (195 TFLOPS) operates under system control:
- OpenStack – a cloud computing system that allows to create separate computer environments and networks;
- HPC – High Performance Computing environment management system;
- VMware – virtualisation platform;
- KVM – virtualisation hypervisor;
- DellEMC – disk array environment of about 200 TB;
- OpenDayLight – Software-defined networking (SDN) controller.
WIŁ is supplied with its own 24-fibre single-mode fibre optic cable connecting CyberSecLab with the largest colocation centre in Poland (LIM centre).