Use Cases

There are three basic uses of the KYPO - Cyber Exercise & Research Platform. First, it can be used to train security specialists and security staff. Second, it can be used for testing, evaluating, and demonstrating new methods of detecting and mitigating attacks on critical information infrastructure. Third, the KYPO environment can be used to conduct forensic analyses and security experiments on computer networks.

Security Training

KYPO facilitates user training and exercises in many areas of computer security. In designing training sessions, project staff utilize their experience gained from participating in other training exercises (such as ENISA’s CyberEurope and NATO’s Cyber Coalition). Staff also apply their experience gained teaching at the Faculty of Informatics of Masaryk University.

The main benefit of this platform for training is the high degree of user interactivity. As infrastructure can be accurately modeled, the realism of training exercises is guaranteed. User activity is monitored during training exercises and is closely evaluated to provide individualized feedback.

Cyber Defence Research

The KYPO - Cyber Exercise & Research Platform has been designed with the needs of security research in mind. KYPO provides an environment for developing, testing, and demonstrating new methods for detecting and mitigating network attacks on critical infrastructure. Its built-in monitoring infrastructure allows it to monitor all network traffic, which can then be analyzed in detail.

Thanks to scenario templates and the cloud, experiments can be repeated with precision at any time. Another useful feature is the ability to quickly transfer recorded data.

Forensic Analysis And Network Simulation

With the KYPO platform it is possible to create virtual environments with predefined virtual machines, including mobile devices (running Android). Their network connectivity, network capacity, and allow them to connect to the internet. If predefined virtual machines do not meet your requirements, new features may be added. The platform has a built-in infrastructure for monitoring the state of the machines and the network with the help of an expandable set of variables.

KYPO facilitates the forensic investigation of machines that have been compromised. In the virtual environment an attacked machine can be run repeatedly and its behavior analyzed. The KYPO’s built-in monitoring infrastructure makes machine communication data available immediately upon startup.