Are Encypted Protocols Really a Guarantee of Privacy?
Autoři
Rok
2021
Publikováno
Proceedings of 20th European Conference on Cyber Warfare and Security ECCWS 2021. Academic Conferences International Limited Reading, 2021. p. 130-138. 20. vol. 1. ISBN 978-1-912764-99-0.
Typ
Stať ve sborníku
Pracoviště
Anotace
Most internet traffic is being encrypted by application protocols that
should guarantee users' privacy and anonymity of data during the transmission.
Our team has developed a unique system that can create a specific pattern of traffic
and further analyze it by using machine learning methods. We investigated the
possibility of identifying the network video streams encrypted within the HTTPS
protocol and explored that it is possible to identify a particular content with a
certain probability. Our paper provides a methodology and results retrieved from
the real measurements. As the testing data set, we used the streams coming from
the popular platform Youtube. Our results confirm that it is possible to identify
encrypted video streams via their specific traffic imprints, although it should not be
possible due to the used encryption.
Promising new Techniques for Computer Network Traffic Classification: A Survey
Autoři
Konopa, M.; Fesl, J.; Janeček, J.
Rok
2020
Publikováno
2020 10th International Conference on Advanced Computer Information Technologies, ACIT 2020 - Proceedings. IEEE Xplore, 2020. p. 418-421. vol. 10. ISBN 978-1-7281-6760-2.
Typ
Stať ve sborníku
Pracoviště
Anotace
This paper aims to give an overview of the application of image processing to network traffic analysis, including a description of the essence of the most important works in the last 15 years. The importance of efficient, automated analysis of network traffic is growing especially today, when huge volumes of diverse data need to be quickly processed. With the rapid development of artificial intelligence in the field of image processing, it seems logical to use it for analyzing network traffic image data. Recent results on this topic are very promising.
Using Machine Learning for DNS over HTTPS Detection
Autoři
Konopa, M.; Fesl, J.; Jelínek, J.; Feslová, M.; Cehák, J.; Janeček, J.; Drdák, F.
Rok
2020
Publikováno
Proceedings of European Conference on Cyber Warfare and Security (ECCWS 2020). Academic Conferences and Publishing International Ltd., 2020. p. 205-211. ISBN 9781912764617.
Typ
Stať ve sborníku
Pracoviště
Anotace
DNS over HTTPS (DoH) is a new standard that is being adopted by most of the new versions of web-browsers. This protocol allows translating the canonical domain name to an IP address by using the HTTPS tunnel. The usage of such a protocol has many pros and cons. In our paper, we try to evaluate these aspects from different points of view. One of the most critical disadvantages lies in the much more complicated possibility of network traffic logging. Our team has created a machine learning-based approach allowing automated DoH detection, which seems to be pretty well usable in advanced firewalls.
Towards HPC-Based Autonomous Cyber Security System
Autoři
Fesl, J.; Feslova, M.; Gokhale, V.; Lejtnar, M.; Cehak, J.; Janeček, J.
Rok
2019
Publikováno
2019 9th International Conference on Advanced Computer Information Technologies, ACIT 2019 - Proceedings. Piscataway: IEEE, 2019. p. 435-438. ISBN 978-1-7281-0449-2.
Typ
Stať ve sborníku
Pracoviště
Anotace
Cyber security is the one of the most hot topics of nowadays. Millions of devices which daily communicate via the Internet are permanently under potential danger of many network attacks. The majority of such attacks is caused by various automatic bot nets or malicious cyber systems. Our research group has created an efficient autonomous architecture, which is able to collect information of the traffic from network devices, analyse it and detect an ongoing network attack. The automated AI based network administrator module is able to mitigate the aftermath of such malicious activity by execution of specific blocking action. Regarding to the volume of current network throughputs, our proposed solution is based on modern big data processing technologies, which allow to analyse the data flows of very large network infrastructures.
Lower-bound complexity and high performance mechanism for scheduling dependent-tasks on heterogeneous grids
Autoři
Atef, A.; Hagras, T.; Mahdy, Y.B.; Janeček, J.
Rok
2018
Publikováno
2018 International Conference on Innovative Trends in Computer Engineering (ITCE). Piscataway, NJ: IEEE, 2018. p. 1-7. ISBN 978-1-5386-0879-1.
Typ
Stať ve sborníku
Pracoviště
Anotace
List-scheduling caught the spotlights in solving the problem of task scheduling due to its simplicity, low time complexity and high performance. In general, most list-scheduling algorithms consist of two main phases, task prioritization phase and grid-nodes assignment phase. Performance of both phases has a direct influence on the overall algorithm performance. The performance of grid-nodes assignment mechanism may be enhanced using duplication-based heuristics that may lead to an increase in the mechanism complexity. Mainly three lower-bound complexity grid-nodes assignment mechanisms are presented in the literature. These mechanisms are non-insertion based, insertion based and reverse duplicator. This paper presents a lower-bound complexity grid-nodes assignment mechanism that works with any task prioritization mechanism. Random generated application graphs in addition to real world application graphs have been used to evaluate the performance of the proposed mechanism in terms of SLR, efficiency and quality of schedules. Based on the simulation results, the proposed mechanism outperforms the other three mechanisms.
Lower-bound complexity algorithm for task scheduling on heterogeneous grid
Autoři
Atef, A.; Hagras, T.; Mahdy, Y.B.; Janeček, J.
Rok
2017
Publikováno
Computing. 2017, 99(11), 1125-1145. ISSN 0010-485X.
Typ
Článek
Pracoviště
Anotace
The paper prposes a scheduling algorithm based on list scheduling and duplication-based heuristics BNCP (Best-Node based Critical-Parent).
CloudEVBench – Virtualization Technology Efficiency Testing Tool for the Distributed Infrastructures
Autoři
Fesl, J.; Cehák, Jiří; Doležalová, Marie; Janeček, J.
Rok
2016
Publikováno
International Journal of Grid and Distributed Computing. 2016, 9(8), 249-260. ISSN 2005-4262.
Typ
Článek
Pracoviště
Anotace
The virtualized systems are today a very popular topic and their using plays the great role in current datacenters. The virtualization efficiency is a very important aspect in the real system deployment. Some studies have been published about this topic [1], mainly are based on various benchmarking techniques and are integrated into the specialized testing tools. Such a benchmark tool, which is able to simulate the behavior of a real computing system under the stress of different virtualization configurations, can e.g. well answer the question how many virtual machines could be simultaneously executed on it and how big the virtualization overhead is [2]. We developed and applied a new benchmark tool, which is able to measure the virtualization efficiency and overhead in the virtualization environment.
New Approach for Virtual Machines Consolidation In Heterogeneous Computing Systems
Autoři
Fesl, J.; Cehák, Jiří; Doležalová, Marie; Janeček, J.
Rok
2016
Publikováno
International Journal of Hybrid Information Technology. 2016, 9(12), 321-332. ISSN 1738-9968.
Typ
Článek
Pracoviště
Anotace
The energy consumption is one of the most important factors in the virtual machines deployment in the current data centres. Various studies proved that the energy aware management of the virtual machines can reduce the total energy consumption about tens of percents. We developed the new approach, based on the distributed algorithm, which is able to consolidate the virtual machines between various virtualization nodes without the central coordinator. The input data for this algorithm is collected online from the electronic wattmeters, which are placed before the energy input of each virtualization node.
Virtuální paralelní infrastruktury pro velká data v metabolomice
Autoři
Fesl, J.; Doležalová, Marie; Cehák, Jiří; Moos, M.; Janeček, J.; Šimek, P.
Rok
2016
Publikováno
Konferenční sborník ENBIK 2016. Praha: Centrální laboratoře, 2016. ISBN 978-80-7080-960-0.
Typ
Stať ve sborníku
Pracoviště
Anotace
Metabolomická data, jejich analýza a interpretace jsou žhavým fenoménem posledních let. Stále objemnější a komplikovanější data vyžadují pro své zpracování dostatečně výkonné výpočetní infrastruktury v podobě dedikovaných paralelních počítačů či distribuovaných počítačových clusterů, jejichž vytváření a správa vyžaduje nemalé finanční prostředky. Náš tým navrhl a sestavil prototyp univerzálního elastického distribuovaného výpočetního systému (Centrální Mozek Univerzity, CMU) založeného na virtualizační technologii, který lze využít k řešení náročných bioinformatických problémů. Elasticita systému spočívá v tom, že během několika minut lze změnit jednu konkrétní výpočetní infrastrukturu na jinou bez nutnosti použití jiného hardwaru. Prototyp systému obsahuje sofistikovaný modul pro alokaci výpočetních zdrojů, vyvažování zátěže a monitorování stavu systému. Další předností našeho řešení je možnost dynamické rozšiřitelnosti výpočetní kapacity přímo za běhu, včetně možnosti hardwarových úprav či údržby.
New Techniques of IEEE 802.11 Family Hotspots Attacks, Principles and Defense
Autoři
Fesl, J.; Doležalová, M.; Drdák, F.; Janeček, J.
Rok
2015
Publikováno
PROCEEDINGS OF THE 14TH EUROPEAN CONFERENCE ON CYBER WARFARE AND SECURITY. CURTIS FARM, KIDMORE END, NR READING: ACAD CONFERENCES LTD, 2015, pp. 61-70. ISSN 2048-8602. ISBN 978-1-910810-28-6.
Typ
Stať ve sborníku
Pracoviště
Anotace
Today many places in the world allow paid internet connection via wireless hotspots. These solutions are available in places such as hotels, airports and conference halls. Because a wireless hotspot is accessible for any new potential user, common security techniques based on WPA/WPA2 encryption cannot be used. In the last few years a new type of an attack, based on DNS tunneling has been described. We will focus on detail analysis of this attack and we will propose a possible defense strategy. DNS tunneling attack has been implemented in several applications and inspired us to look at another type of a wireless hotspot attack. We will describe in detail all parts of the solution necessary to understand the defense against this type of an attack. At this time, there is no way to prevent this attack, except switching off all unencrypted common wireless hotspots infrastructures.
Distributed phase-shift beamforming power balancing in ad-hoc and sensor networks
Autoři
Rok
2014
Publikováno
Telecommunication Systems. 2014, 57(4), 367-377. ISSN 1018-4864.
Typ
Článek
Pracoviště
Anotace
Ad-hoc and sensor networks are a well-studied area which gained a lot of attention in the research in the last decades. Two of the problems of battery-powered radio devices are limited transmitter power and finite amount of energy. This paper continues the path opened by the development of a new technology for radio communication which allows cluster communication beyond the horizon of each individual transmitter and the distribution of power need among the modules forming a cluster. This in terms decreases the average power need per device and contributes to a longer lifetime of the entire network.