Ing. Jan Fesl, Ph.D.

Publications

Decentralized Evaluation of Trust in Ad Hoc Networks using Neural Networks

Year
2022
Published
2022 18th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob). USA: IEEE Computer Society, 2022. p. 30-35. ISSN 2160-4894. ISBN 978-1-6654-6975-3.
Type
Proceedings paper
Annotation
Trust is an essential concept in ad hoc network security. Creating and maintaining trusted relationships between nodes is a challenging task. This paper proposes a decentralized method for evaluating trust in ad hoc networks. The method uses neural networks and local information to predict the trust of neighboring nodes. The method was compared with the original centralized version, showing that even without global information knowledge, the method has, on average, 97% accuracy in classification and 94% in regression problem. An important contribution of this paper is overcoming the main limitation of the original method, which is the centralized evaluation of trust. Moreover, the decentralized method output is a perfect fit to use as an input to enhance routing in ad hoc networks.

Are Encypted Protocols Really a Guarantee of Privacy?

Year
2021
Published
Proceedings of 20th European Conference on Cyber Warfare and Security ECCWS 2021. Academic Conferences International Limited Reading, 2021. p. 130-138. 20. vol. 1. ISBN 978-1-912764-99-0.
Type
Proceedings paper
Annotation
Most internet traffic is being encrypted by application protocols that should guarantee users' privacy and anonymity of data during the transmission. Our team has developed a unique system that can create a specific pattern of traffic and further analyze it by using machine learning methods. We investigated the possibility of identifying the network video streams encrypted within the HTTPS protocol and explored that it is possible to identify a particular content with a certain probability. Our paper provides a methodology and results retrieved from the real measurements. As the testing data set, we used the streams coming from the popular platform Youtube. Our results confirm that it is possible to identify encrypted video streams via their specific traffic imprints, although it should not be possible due to the used encryption.

Performance Analysis of Neural Network Approach for Evaluation of Trust in Ad-Hoc Networks

Year
2021
Published
11th International Conference on Advanced Computer Information Technologies (ACIT). IEEE (Institute of Electrical and Electronics Engineers), 2021. p. 691-695. ISBN 978-1-6654-1854-6.
Type
Proceedings paper
Annotation
With the world becoming more mobile and dynamic each year, the application of ad-hoc networks has broadened. Ad-hoc networks do not have a predefined infrastructure; each node serves as a router, bringing security challenges. Trust and trustworthiness mechanisms are among the most common methods for ensuring security in an ad-hoc network. In [1], we proposed a method for the evaluation of trust in ad-hoc networks. This paper aims to describe the method formally and analyze its performance. The original paper showed that neural networks could do trust estimation with an average 98% accuracy of the classification and 94% of the regression problem. This paper aims to investigate the capabilities of our method under malicious conditions. The analysis could also provide insight for tuning trust parameters, such as the threshold of trust. Furthermore, this paper presents a mathematical model behind the problem to show that the neural network approach is reasonable.

Promising new Techniques for Computer Network Traffic Classification: A Survey

Authors
Konopa, M.; Fesl, J.; Janeček, J.
Year
2020
Published
2020 10th International Conference on Advanced Computer Information Technologies, ACIT 2020 - Proceedings. IEEE Xplore, 2020. p. 418-421. vol. 10. ISBN 978-1-7281-6760-2.
Type
Proceedings paper
Annotation
This paper aims to give an overview of the application of image processing to network traffic analysis, including a description of the essence of the most important works in the last 15 years. The importance of efficient, automated analysis of network traffic is growing especially today, when huge volumes of diverse data need to be quickly processed. With the rapid development of artificial intelligence in the field of image processing, it seems logical to use it for analyzing network traffic image data. Recent results on this topic are very promising.

Using Machine Learning for DNS over HTTPS Detection

Authors
Konopa, M.; Fesl, J.; Jelínek, J.; Feslová, M.; Cehák, J.; Janeček, J.; Drdák, F.
Year
2020
Published
Proceedings of European Conference on Cyber Warfare and Security (ECCWS 2020). Academic Conferences and Publishing International Ltd., 2020. p. 205-211. ISBN 9781912764617.
Type
Proceedings paper
Annotation
DNS over HTTPS (DoH) is a new standard that is being adopted by most of the new versions of web-browsers. This protocol allows translating the canonical domain name to an IP address by using the HTTPS tunnel. The usage of such a protocol has many pros and cons. In our paper, we try to evaluate these aspects from different points of view. One of the most critical disadvantages lies in the much more complicated possibility of network traffic logging. Our team has created a machine learning-based approach allowing automated DoH detection, which seems to be pretty well usable in advanced firewalls.

Efficient Virtual Machine Consolidation Approach Based on User Inactivity Detection

Authors
Fesl, J.; Gokhale, V.; Feslová, M.
Year
2019
Published
The Tenth International Conference on Cloud Computing, GRIDs, and Virtualization CLOUD COMPUTING 2019. Silicon Valley: International Academy, Research and Industry Association (IARIA), 2019. p. 105-109. ISSN 2308-4294. ISBN 978-1-61208-703-0.
Type
Proceedings paper
Annotation
Large cloud architectures consist of numerous high-performance servers, each hosting a multitude of Virtual Machines (VMs). Our preliminary investigation suggests that such self-organizing virtualization infrastructure is a promising direction for the design of modern cloud-based services.

Towards HPC-Based Autonomous Cyber Security System

Authors
Fesl, J.; Feslova, M.; Gokhale, V.; Lejtnar, M.; Cehak, J.; Janeček, J.
Year
2019
Published
2019 9th International Conference on Advanced Computer Information Technologies, ACIT 2019 - Proceedings. Piscataway: IEEE, 2019. p. 435-438. ISBN 978-1-7281-0449-2.
Type
Proceedings paper
Annotation
Cyber security is the one of the most hot topics of nowadays. Millions of devices which daily communicate via the Internet are permanently under potential danger of many network attacks. The majority of such attacks is caused by various automatic bot nets or malicious cyber systems. Our research group has created an efficient autonomous architecture, which is able to collect information of the traffic from network devices, analyse it and detect an ongoing network attack. The automated AI based network administrator module is able to mitigate the aftermath of such malicious activity by execution of specific blocking action. Regarding to the volume of current network throughputs, our proposed solution is based on modern big data processing technologies, which allow to analyse the data flows of very large network infrastructures.

CloudEVBench – Virtualization Technology Efficiency Testing Tool for the Distributed Infrastructures

Authors
Fesl, J.; Cehák, Jiří; Doležalová, Marie; Janeček, J.
Year
2016
Published
International Journal of Grid and Distributed Computing. 2016, 9(8), 249-260. ISSN 2005-4262.
Type
Article
Annotation
The virtualized systems are today a very popular topic and their using plays the great role in current datacenters. The virtualization efficiency is a very important aspect in the real system deployment. Some studies have been published about this topic [1], mainly are based on various benchmarking techniques and are integrated into the specialized testing tools. Such a benchmark tool, which is able to simulate the behavior of a real computing system under the stress of different virtualization configurations, can e.g. well answer the question how many virtual machines could be simultaneously executed on it and how big the virtualization overhead is [2]. We developed and applied a new benchmark tool, which is able to measure the virtualization efficiency and overhead in the virtualization environment.

New Approach for Virtual Machines Consolidation In Heterogeneous Computing Systems

Authors
Fesl, J.; Cehák, Jiří; Doležalová, Marie; Janeček, J.
Year
2016
Published
International Journal of Hybrid Information Technology. 2016, 9(12), 321-332. ISSN 1738-9968.
Type
Article
Annotation
The energy consumption is one of the most important factors in the virtual machines deployment in the current data centres. Various studies proved that the energy aware management of the virtual machines can reduce the total energy consumption about tens of percents. We developed the new approach, based on the distributed algorithm, which is able to consolidate the virtual machines between various virtualization nodes without the central coordinator. The input data for this algorithm is collected online from the electronic wattmeters, which are placed before the energy input of each virtualization node.

Virtual parallel infrastructures for the Big data in metabolomics

Authors
Fesl, J.; Doležalová, Marie; Cehák, Jiří; Moos, M.; Janeček, J.; Šimek, P.
Year
2016
Published
Konferenční sborník ENBIK 2016. Praha: Centrální laboratoře, 2016. ISBN 978-80-7080-960-0.
Type
Proceedings paper
Annotation
The modern high volume data and their analyse are the hot phenomenon of nowdays. Our team has inveted a dedicated system for such data processing and called it CMU. Our system is a protype of an universal elastic distributed platform, which is able to solve complicated bioinformatics problems by using of many computing resources. The CMU platform is currently used as a chemomectrics data interpretation platform. The inhouse developed software Metabolite Mapper (M2) is able to use all possibilities of this system. M2 is able to process the large raw data mesured by the Thermo mass spectrometer devices witin a relatively short time.

New Techniques of IEEE 802.11 Family Hotspots Attacks, Principles and Defense

Authors
Fesl, J.; Doležalová, M.; Drdák, F.; Janeček, J.
Year
2015
Published
PROCEEDINGS OF THE 14TH EUROPEAN CONFERENCE ON CYBER WARFARE AND SECURITY. CURTIS FARM, KIDMORE END, NR READING: ACAD CONFERENCES LTD, 2015, pp. 61-70. ISSN 2048-8602. ISBN 978-1-910810-28-6.
Type
Proceedings paper
Annotation
Today many places in the world allow paid internet connection via wireless hotspots. These solutions are available in places such as hotels, airports and conference halls. Because a wireless hotspot is accessible for any new potential user, common security techniques based on WPA/WPA2 encryption cannot be used. In the last few years a new type of an attack, based on DNS tunneling has been described. We will focus on detail analysis of this attack and we will propose a possible defense strategy. DNS tunneling attack has been implemented in several applications and inspired us to look at another type of a wireless hotspot attack. We will describe in detail all parts of the solution necessary to understand the defense against this type of an attack. At this time, there is no way to prevent this attack, except switching off all unencrypted common wireless hotspots infrastructures.