Aktuální informace FIT ke koronaviru najdete zde.

Ing. Jan Fesl, Ph.D.

Publikace

Promising new Techniques for Computer Network Traffic Classification: A Survey

Autoři
Fesl, J.; Janeček, J.; Konopa, M.
Rok
2020
Publikováno
2020 10th International Conference on Advanced Computer Information Technologies, ACIT 2020 - Proceedings. IEEE Xplore, 2020. p. 418-421. vol. 10. ISBN 978-1-7281-6760-2.
Typ
Stať ve sborníku
Anotace
This paper aims to give an overview of the application of image processing to network traffic analysis, including a description of the essence of the most important works in the last 15 years. The importance of efficient, automated analysis of network traffic is growing especially today, when huge volumes of diverse data need to be quickly processed. With the rapid development of artificial intelligence in the field of image processing, it seems logical to use it for analyzing network traffic image data. Recent results on this topic are very promising.

Using Machine Learning for DNS over HTTPS Detection

Autoři
Fesl, J.; Janeček, J.; Konopa, M.; Jelínek, J.; Feslová, M.; Cehák, J.; Drdák, F.
Rok
2020
Publikováno
Proceedings of European Conference on Cyber Warfare and Security (ECCWS 2020). Academic Conferences and Publishing International Ltd., 2020. p. 205-211. ISBN 9781912764617.
Typ
Stať ve sborníku
Anotace
DNS over HTTPS (DoH) is a new standard that is being adopted by most of the new versions of web-browsers. This protocol allows translating the canonical domain name to an IP address by using the HTTPS tunnel. The usage of such a protocol has many pros and cons. In our paper, we try to evaluate these aspects from different points of view. One of the most critical disadvantages lies in the much more complicated possibility of network traffic logging. Our team has created a machine learning-based approach allowing automated DoH detection, which seems to be pretty well usable in advanced firewalls.

Efficient Virtual Machine Consolidation Approach Based on User Inactivity Detection

Autoři
Fesl, J.; Gokhale, V.; Feslová, M.
Rok
2019
Publikováno
The Tenth International Conference on Cloud Computing, GRIDs, and Virtualization CLOUD COMPUTING 2019. Silicon Valley: International Academy, Research and Industry Association (IARIA), 2019. p. 105-109. ISSN 2308-4294. ISBN 978-1-61208-703-0.
Typ
Stať ve sborníku
Anotace
Large cloud architectures consist of numerous high-performance servers, each hosting a multitude of Virtual Machines (VMs). Our preliminary investigation suggests that such self-organizing virtualization infrastructure is a promising direction for the design of modern cloud-based services.

Towards HPC-Based Autonomous Cyber Security System

Autoři
Fesl, J.; Janeček, J.; Feslova, M.; Gokhale, V.; Lejtnar, M.; Cehak, J.
Rok
2019
Publikováno
2019 9th International Conference on Advanced Computer Information Technologies, ACIT 2019 - Proceedings. Piscataway: IEEE, 2019. p. 435-438. ISBN 978-1-7281-0449-2.
Typ
Stať ve sborníku
Anotace
Cyber security is the one of the most hot topics of nowadays. Millions of devices which daily communicate via the Internet are permanently under potential danger of many network attacks. The majority of such attacks is caused by various automatic bot nets or malicious cyber systems. Our research group has created an efficient autonomous architecture, which is able to collect information of the traffic from network devices, analyse it and detect an ongoing network attack. The automated AI based network administrator module is able to mitigate the aftermath of such malicious activity by execution of specific blocking action. Regarding to the volume of current network throughputs, our proposed solution is based on modern big data processing technologies, which allow to analyse the data flows of very large network infrastructures.

CloudEVBench – Virtualization Technology Efficiency Testing Tool for the Distributed Infrastructures

Autoři
Fesl, J.; Janeček, J.; Cehák, Jiří; Doležalová, Marie
Rok
2016
Publikováno
International Journal of Grid and Distributed Computing. 2016, 9(8), 249-260. ISSN 2005-4262.
Typ
Článek
Anotace
The virtualized systems are today a very popular topic and their using plays the great role in current datacenters. The virtualization efficiency is a very important aspect in the real system deployment. Some studies have been published about this topic [1], mainly are based on various benchmarking techniques and are integrated into the specialized testing tools. Such a benchmark tool, which is able to simulate the behavior of a real computing system under the stress of different virtualization configurations, can e.g. well answer the question how many virtual machines could be simultaneously executed on it and how big the virtualization overhead is [2]. We developed and applied a new benchmark tool, which is able to measure the virtualization efficiency and overhead in the virtualization environment.

New Approach for Virtual Machines Consolidation In Heterogeneous Computing Systems

Autoři
Fesl, J.; Janeček, J.; Cehák, Jiří; Doležalová, Marie
Rok
2016
Publikováno
International Journal of Hybrid Information Technology. 2016, 9(12), 321-332. ISSN 1738-9968.
Typ
Článek
Anotace
The energy consumption is one of the most important factors in the virtual machines deployment in the current data centres. Various studies proved that the energy aware management of the virtual machines can reduce the total energy consumption about tens of percents. We developed the new approach, based on the distributed algorithm, which is able to consolidate the virtual machines between various virtualization nodes without the central coordinator. The input data for this algorithm is collected online from the electronic wattmeters, which are placed before the energy input of each virtualization node.

Virtuální paralelní infrastruktury pro velká data v metabolomice

Autoři
Fesl, J.; Janeček, J.; Doležalová, Marie; Cehák, Jiří; Moos, M.; Šimek, P.
Rok
2016
Publikováno
Konferenční sborník ENBIK 2016. Praha: Centrální laboratoře, 2016. ISBN 978-80-7080-960-0.
Typ
Stať ve sborníku
Anotace
Metabolomická data, jejich analýza a interpretace jsou žhavým fenoménem posledních let. Stále objemnější a komplikovanější data vyžadují pro své zpracování dostatečně výkonné výpočetní infrastruktury v podobě dedikovaných paralelních počítačů či distribuovaných počítačových clusterů, jejichž vytváření a správa vyžaduje nemalé finanční prostředky. Náš tým navrhl a sestavil prototyp univerzálního elastického distribuovaného výpočetního systému (Centrální Mozek Univerzity, CMU) založeného na virtualizační technologii, který lze využít k řešení náročných bioinformatických problémů. Elasticita systému spočívá v tom, že během několika minut lze změnit jednu konkrétní výpočetní infrastrukturu na jinou bez nutnosti použití jiného hardwaru. Prototyp systému obsahuje sofistikovaný modul pro alokaci výpočetních zdrojů, vyvažování zátěže a monitorování stavu systému. Další předností našeho řešení je možnost dynamické rozšiřitelnosti výpočetní kapacity přímo za běhu, včetně možnosti hardwarových úprav či údržby.

New Techniques of IEEE 802.11 Family Hotspots Attacks, Principles and Defense

Autoři
Fesl, J.; Janeček, J.; Doležalová, M.; Drdák, F.
Rok
2015
Publikováno
PROCEEDINGS OF THE 14TH EUROPEAN CONFERENCE ON CYBER WARFARE AND SECURITY. CURTIS FARM, KIDMORE END, NR READING: ACAD CONFERENCES LTD, 2015, pp. 61-70. ISSN 2048-8602. ISBN 978-1-910810-28-6.
Typ
Stať ve sborníku
Anotace
Today many places in the world allow paid internet connection via wireless hotspots. These solutions are available in places such as hotels, airports and conference halls. Because a wireless hotspot is accessible for any new potential user, common security techniques based on WPA/WPA2 encryption cannot be used. In the last few years a new type of an attack, based on DNS tunneling has been described. We will focus on detail analysis of this attack and we will propose a possible defense strategy. DNS tunneling attack has been implemented in several applications and inspired us to look at another type of a wireless hotspot attack. We will describe in detail all parts of the solution necessary to understand the defense against this type of an attack. At this time, there is no way to prevent this attack, except switching off all unencrypted common wireless hotspots infrastructures.