Home  |  NARL  | 中文 
Wed, November 22, 2017

| Network and Information Security

The National Center for High-performance Computing (NCHC) maintains the Taiwan Advanced Research and Education Network (TWAREN) and developed Light Path monitoring technology in order to provide more stable backbone networking services. In an effort to provide a better networking environment and facilitate the development of advanced networking technologies, the NCHC uses TWAREN to implement research projects including Future Internet, SDN, all-optical network control, and network performance measurements.

In terms of information security and in order to enhance Taiwan’s network security and defense capabilities, the NCHC’s Security Operation Center (SOC) executes R&D in systems security, network security, information mining, and digital evidence analysis. The NCHC's network and information security research achievements include the free software, TWMAN, which is used for malware analysis research, a large-scale Honeyp Pot, Honeynet establishment technology, a malware knowledge database, and the development of an information security platform that is used for experimentation.

Core technologies
  • Development of an integrated monitoring platform: Integrated the monitoring of the 100GB optical network and routing network onto a single platform.
  • Developed various all-optical network control technologies (i.e. OXC, ROADM, DWDM, and GMPLS): The NCHC developed optical network and routing network path controls and integration to reduce construction and maintenance costs, strengthen its wavelength service, and increase the networks flexibility.
  • Established a large multi-national software-defined networking (SDN) testing platform (currently shared between the U.S., Europe, and Japan) as well as developed cross-SDN management and control mechanisms for future cross-organization and cross-cloud operations.
  • Developed a network performance measurement and monitoring system for the network, developed IPv4/IPv6 high speed online speed test service, and exchanged performance measurement information with other academic networks from around the world.
  • Developed the fully automatic malware analysis platform, TWMAN.
  • 24/7 information security incident handling: Established a global information security platform by deploying Honeynet and information security equipment over TWAREN, thus, strengthening information security incident handling and response procedures.
  • Developed digital forensics, malware analysis, big data analysis, and open data platform technologies.

Collaborative projects

  • Technical consultation services for the planning and establishment of large networks.
  • Remote online monitoring services.
  • Network security research cooperation in FLOW-based network intrusion and attack detection.
  • Cloud IDC virtual switch system establishment and consultation services.
  • Consultation services for SDN Future Internet testing platform system use, expansion, and establishment.
  • Big data transmission services- research and cooperation in network performance measurement technology.
  • Information security-related training courses.
  • Security operation center (SOC) information security system and management platform establishment services.
  • Information system and security management platform establishment services.
  • System and Internet digital evidence analysis services.
  • Information security incident investigation and analysis services.
  • Reverse engineering and information analysis technology transfer.
  • Malware analysis and knowledge base application services.

Achievements

  • Developed an integrated monitoring platform for the centralized management and analysis of network administrator messages from Layer1 to Layer3 heterogeneous networks, thus, identifying the most crucial issues and sending warnings.
  • Developed a backbone network global joint defense system that utilizes the characteristics of backbone networks for cross analysis of information security equipment and information from routers in the backbone. The system can detect possible attack incidents and victims in real-time.
  • Developed a cross-domain topology automatic detection and flow monitoring system on a multinational SDN testing platform, thus, resolving the issue of controllers in different domains not being able to exchange information. The results were published at the Supercomputing Conference.
  • Used perfSONAR to establish a cross-domain TWAREN backbone network performance measurement, thus, providing IPv4/IPv6 high speed online speed testing services.
  • Developed TWMAN, Taiwan’s first free software for malware analysis platform
  • Integrated major Information Sharing and Analysis Centers (ISAC) in Taiwan, gathered data on information security incidents, and established rapid response mechanisms.
  • Integrated a domestic large-scale Honeynet, big data collection and analysis, and released Taiwan’s first “Malware Knowledge DatabBase.”
  • Developed an information security network virtual attack-defense platform in the cloud. The platform can be used for network attack-defense exercises and education.

Contact information

Te-Lung Liu 886-6-5050940 ext.728 * tlliu@narlabs.org.tw
Yi-Lang Tsai 886-6-5050940 ext.749 * yilang@narlabs.org.tw

Links
Home | Top | Back