Dissertation theses
Adaptive algorithms for flow control and congestion control in data center communication networks
Specialist supervisor: Ing. Jan Fesl, Ph.D.
Typical tasks addressed in high-speed internet computer networks are flow control and congestion control. Both of these tasks are solved by network protocols at different layers of the OSI/OSI model.
In comparison with the Internet, data center (DC) communication networks are specific in their conditions and differ significantly in terms of flow control or congestion control. Communication links have higher speed and throughput and high reliability. More importantly, in DC networks compared to the Internet, there is a real possibility to process more global information about the status and load of communication links or network elements (their computer resources), or the possibility of adaptive reconfiguration of the entire DC network according to current communication requirements.
Analyze the properties of published algorithms for flow control and congestion control in DC communication networks. Create a realistic model of a data center communication network and use it to investigate the liḿtations of these algorithms. Develop a methodology for evaluating the quality of these algorithms based on the specific requirements on network traffic in DCs. Based on this analytical survey, design adaptive algorithms for flow control and congestion protection in DC networks utilizing more global network traffic information. Then validate your designs by testing them within the model and evaluate their quality according to your methodology.
Algorithms for optimal deployment of virtual machines in data centers
Specialist supervisor: Ing. Jan Fesl, Ph.D.
Data centers (DCs) play an important role in many different fields due to the growing importance of cloud computing, but their efficient management and administration pose non-trivial algorithmic problems. A prominent example is the problem of optimal placement of virtual machines (VMs) (or containers) across virtualization nodes. Some variants of this problem can be formulated as an multidimensional bin packing problem, which belongs to the class of NP-hard problems that can be approximately solved using optimization heuristics such as genetic algorithms, tabu search, simulated annealing, etc. The problem can also be solved by reformulating it to another computationally equivalent problem, such as SAT, where existing advanced solvers can be used.
Design a methodology to set various optimization criteria, such as energy consumption of running DC infrastructure, network load, communication latency of running applications, guaranteeing high availability, etc. Construct a model of a DC to simulate and test the properties of optimization algorithms for VM placement on DC virtualization nodes. Using this model, analyze the properties of existing algorithms for solving the problem of optimal VM placement on virtualization nodes, identify their shortcomings, and design, validate, and evaluate new algorithms.
Distributed IDS
Specialist supervisor: Ing. Jan Fesl, Ph.D.
Classic Intrusion Detection Systems (IDS) have been playing an important role in the security of computer networks or data centers for many years. In the case of networks with ultra-high data flow, the classic IDS concept can no longer be used due to limited local computing power. In order to eliminate this limitation, it appears promising to use a solution based on distributed IDSs (DIDS). The task of the dissertation will be to study algorithms and methods that will be used both for load distribution between network traffic probes and for the analysis of network traffic within a specific DIDS. To increase efficiency or refining the performance of the prediction of a specific network activity using DIDS collaborative machine learning appears perspective since it fully supports the DIDS concept.
Formal models of DDOS detection/elimination
Specialist supervisor: Ing. Jan Fesl, Ph.D.
Distributed DDOS attacks (classic or slow) pose a major threat in today's Internet as well as in software-defined networks and clouds. An effective defense against such attacks is their fast and reliable detection, which is, however, non-trivial given the number of parameters that need to be taken into account. The topic of the dissertation is the research of mathematical models enabling the design of algorithms for the detection of both types of DDOS attacks. Currently, models based on a combination of machine learning and traditional analytical and statistical methods, which enable fast data preprocessing and thus can significantly reduce the time for making decisions, which is absolutely essential in the case of DDOS attacks, seem to be promising.
Formal verification of network configuration models
The configuration of efficiently functioning computer networks arranged in complex topologies is nowadays considered a non-trivial problem. It often happens that a change in the configuration of a particular element within a computer network affects its other parts (e.g., in terms of availability, latency, quality of service, etc.). However, at the time of activation of the configuration, its effect may not be immediately apparent and it is therefore advisable to first verify the possible effects of the configuration. The task of the dissertation is the development of algorithms and methods for the formal verification of the state of network elements, which can point out a potential problem before the actual activation of the configuration.