The group maintains two specialised research labs:
The NSRL contains, among other infrastructure, an isolated network that simulates the Internet and various wireless network environments, where experiments concerning new threats are being conducted in a regular basis.
Furthermore, a state of the art intrusion detection system (IDS) is used for monitoring the infrastructure of the university, gathering threat data that are being used in the various research projects of the group.
A local computer cloud is being used in order to perform password and encrypted files analysis (e.g. implementing “brute force” attacks against password files of all kinds of operating systems). The computer cloud is also being used for the development of a new generation of intrusion detection system.
The CFRL is a restricted access lab used for analysing computer files in a manner that makes the information gained presentable as evidence in a court. Methods and tools are developed that, in an evidentially sound manner, extract information from the information system to address problems that are currently being encountered in the forensic process.
We offer commercial services to organisations such as the Police and other public and private bodies. A number of forensic servers are used, running various computer forensic tools for retrieving and analysing files and systems.