Are Encypted Protocols Really a Guarantee of Privacy?
Authors
Year
2021
Published
Proceedings of 20th European Conference on Cyber Warfare and Security ECCWS 2021. Academic Conferences International Limited Reading, 2021. p. 130-138. 20. vol. 1. ISBN 978-1-912764-99-0.
Type
Proceedings paper
Departments
Annotation
Most internet traffic is being encrypted by application protocols that
should guarantee users' privacy and anonymity of data during the transmission.
Our team has developed a unique system that can create a specific pattern of traffic
and further analyze it by using machine learning methods. We investigated the
possibility of identifying the network video streams encrypted within the HTTPS
protocol and explored that it is possible to identify a particular content with a
certain probability. Our paper provides a methodology and results retrieved from
the real measurements. As the testing data set, we used the streams coming from
the popular platform Youtube. Our results confirm that it is possible to identify
encrypted video streams via their specific traffic imprints, although it should not be
possible due to the used encryption.
Promising new Techniques for Computer Network Traffic Classification: A Survey
Authors
Konopa, M.; Fesl, J.; Janeček, J.
Year
2020
Published
2020 10th International Conference on Advanced Computer Information Technologies, ACIT 2020 - Proceedings. IEEE Xplore, 2020. p. 418-421. vol. 10. ISBN 978-1-7281-6760-2.
Type
Proceedings paper
Departments
Annotation
This paper aims to give an overview of the application of image processing to network traffic analysis, including a description of the essence of the most important works in the last 15 years. The importance of efficient, automated analysis of network traffic is growing especially today, when huge volumes of diverse data need to be quickly processed. With the rapid development of artificial intelligence in the field of image processing, it seems logical to use it for analyzing network traffic image data. Recent results on this topic are very promising.
Using Machine Learning for DNS over HTTPS Detection
Authors
Konopa, M.; Fesl, J.; Jelínek, J.; Feslová, M.; Cehák, J.; Janeček, J.; Drdák, F.
Year
2020
Published
Proceedings of European Conference on Cyber Warfare and Security (ECCWS 2020). Academic Conferences and Publishing International Ltd., 2020. p. 205-211. ISBN 9781912764617.
Type
Proceedings paper
Departments
Annotation
DNS over HTTPS (DoH) is a new standard that is being adopted by most of the new versions of web-browsers. This protocol allows translating the canonical domain name to an IP address by using the HTTPS tunnel. The usage of such a protocol has many pros and cons. In our paper, we try to evaluate these aspects from different points of view. One of the most critical disadvantages lies in the much more complicated possibility of network traffic logging. Our team has created a machine learning-based approach allowing automated DoH detection, which seems to be pretty well usable in advanced firewalls.
Towards HPC-Based Autonomous Cyber Security System
Authors
Fesl, J.; Feslova, M.; Gokhale, V.; Lejtnar, M.; Cehak, J.; Janeček, J.
Year
2019
Published
2019 9th International Conference on Advanced Computer Information Technologies, ACIT 2019 - Proceedings. Piscataway: IEEE, 2019. p. 435-438. ISBN 978-1-7281-0449-2.
Type
Proceedings paper
Departments
Annotation
Cyber security is the one of the most hot topics of nowadays. Millions of devices which daily communicate via the Internet are permanently under potential danger of many network attacks. The majority of such attacks is caused by various automatic bot nets or malicious cyber systems. Our research group has created an efficient autonomous architecture, which is able to collect information of the traffic from network devices, analyse it and detect an ongoing network attack. The automated AI based network administrator module is able to mitigate the aftermath of such malicious activity by execution of specific blocking action. Regarding to the volume of current network throughputs, our proposed solution is based on modern big data processing technologies, which allow to analyse the data flows of very large network infrastructures.
Lower-bound complexity and high performance mechanism for scheduling dependent-tasks on heterogeneous grids
Authors
Atef, A.; Hagras, T.; Mahdy, Y.B.; Janeček, J.
Year
2018
Published
2018 International Conference on Innovative Trends in Computer Engineering (ITCE). Piscataway, NJ: IEEE, 2018. p. 1-7. ISBN 978-1-5386-0879-1.
Type
Proceedings paper
Departments
Annotation
List-scheduling caught the spotlights in solving the problem of task scheduling due to its simplicity, low time complexity and high performance. In general, most list-scheduling algorithms consist of two main phases, task prioritization phase and grid-nodes assignment phase. Performance of both phases has a direct influence on the overall algorithm performance. The performance of grid-nodes assignment mechanism may be enhanced using duplication-based heuristics that may lead to an increase in the mechanism complexity. Mainly three lower-bound complexity grid-nodes assignment mechanisms are presented in the literature. These mechanisms are non-insertion based, insertion based and reverse duplicator. This paper presents a lower-bound complexity grid-nodes assignment mechanism that works with any task prioritization mechanism. Random generated application graphs in addition to real world application graphs have been used to evaluate the performance of the proposed mechanism in terms of SLR, efficiency and quality of schedules. Based on the simulation results, the proposed mechanism outperforms the other three mechanisms.
Lower-bound complexity algorithm for task scheduling on heterogeneous grid
Authors
Atef, A.; Hagras, T.; Mahdy, Y.B.; Janeček, J.
Year
2017
Published
Computing. 2017, 99(11), 1125-1145. ISSN 0010-485X.
Type
Article
Departments
Annotation
The paper prposes a scheduling algorithm based on list scheduling and duplication-based heuristics BNCP (Best-Node based Critical-Parent).
CloudEVBench – Virtualization Technology Efficiency Testing Tool for the Distributed Infrastructures
Authors
Fesl, J.; Cehák, Jiří; Doležalová, Marie; Janeček, J.
Year
2016
Published
International Journal of Grid and Distributed Computing. 2016, 9(8), 249-260. ISSN 2005-4262.
Type
Article
Departments
Annotation
The virtualized systems are today a very popular topic and their using plays the great role in current datacenters. The virtualization efficiency is a very important aspect in the real system deployment. Some studies have been published about this topic [1], mainly are based on various benchmarking techniques and are integrated into the specialized testing tools. Such a benchmark tool, which is able to simulate the behavior of a real computing system under the stress of different virtualization configurations, can e.g. well answer the question how many virtual machines could be simultaneously executed on it and how big the virtualization overhead is [2]. We developed and applied a new benchmark tool, which is able to measure the virtualization efficiency and overhead in the virtualization environment.
New Approach for Virtual Machines Consolidation In Heterogeneous Computing Systems
Authors
Fesl, J.; Cehák, Jiří; Doležalová, Marie; Janeček, J.
Year
2016
Published
International Journal of Hybrid Information Technology. 2016, 9(12), 321-332. ISSN 1738-9968.
Type
Article
Departments
Annotation
The energy consumption is one of the most important factors in the virtual machines deployment in the current data centres. Various studies proved that the energy aware management of the virtual machines can reduce the total energy consumption about tens of percents. We developed the new approach, based on the distributed algorithm, which is able to consolidate the virtual machines between various virtualization nodes without the central coordinator. The input data for this algorithm is collected online from the electronic wattmeters, which are placed before the energy input of each virtualization node.
Virtual parallel infrastructures for the Big data in metabolomics
Authors
Fesl, J.; Doležalová, Marie; Cehák, Jiří; Moos, M.; Janeček, J.; Šimek, P.
Year
2016
Published
Konferenční sborník ENBIK 2016. Praha: Centrální laboratoře, 2016. ISBN 978-80-7080-960-0.
Type
Proceedings paper
Departments
Annotation
The modern high volume data and their analyse are the hot phenomenon of nowdays. Our team has inveted a dedicated system for such data processing and called it CMU. Our system is a protype of an universal elastic distributed platform, which is able to solve complicated bioinformatics problems by using of many computing resources.
The CMU platform is currently used as a chemomectrics data interpretation platform. The inhouse developed software Metabolite Mapper (M2) is able to use all possibilities of this system. M2 is able to process the large raw data mesured by the Thermo mass spectrometer devices witin a relatively short time.
New Techniques of IEEE 802.11 Family Hotspots Attacks, Principles and Defense
Authors
Fesl, J.; Doležalová, M.; Drdák, F.; Janeček, J.
Year
2015
Published
PROCEEDINGS OF THE 14TH EUROPEAN CONFERENCE ON CYBER WARFARE AND SECURITY. CURTIS FARM, KIDMORE END, NR READING: ACAD CONFERENCES LTD, 2015, pp. 61-70. ISSN 2048-8602. ISBN 978-1-910810-28-6.
Type
Proceedings paper
Departments
Annotation
Today many places in the world allow paid internet connection via wireless hotspots. These solutions are available in places such as hotels, airports and conference halls. Because a wireless hotspot is accessible for any new potential user, common security techniques based on WPA/WPA2 encryption cannot be used. In the last few years a new type of an attack, based on DNS tunneling has been described. We will focus on detail analysis of this attack and we will propose a possible defense strategy. DNS tunneling attack has been implemented in several applications and inspired us to look at another type of a wireless hotspot attack. We will describe in detail all parts of the solution necessary to understand the defense against this type of an attack. At this time, there is no way to prevent this attack, except switching off all unencrypted common wireless hotspots infrastructures.
Distributed phase-shift beamforming power balancing in ad-hoc and sensor networks
Authors
Year
2014
Published
Telecommunication Systems. 2014, 57(4), 367-377. ISSN 1018-4864.
Type
Article
Departments
Annotation
Ad-hoc and sensor networks are a well-studied area which gained a lot of attention in the research in the last decades. Two of the problems of battery-powered radio devices are limited transmitter power and finite amount of energy. This paper continues the path opened by the development of a new technology for radio communication which allows cluster communication beyond the horizon of each individual transmitter and the distribution of power need among the modules forming a cluster. This in terms decreases the average power need per device and contributes to a longer lifetime of the entire network.