At FIT, we are researching new ways to monitor network data without decrypting and reading

7. 3. 2022Ivana Macnarová

Researchers from FIT CTU, in cooperation with the FIT BUT and CESNET association, are currently researching new ways of monitoring encrypted data in high-speed computer networks without the need to decrypt them and the disruption of users’ privacy by reading their data on end devices, within the project “Analysis of encrypted traffic using network flows” supported by the Ministry of the Interior of the Czech Republic.

Encrypted communication is nowadays a modern and recommended element for secure data transmission, and therefore most communication on the Internet is already encrypted. With encryption, we can confidentially transmit data that we do not want to be seen or even misused by strangers on the Internet. For example, by eavesdropping on a password, fraudulently placing an order in an e-shop, or information on any website. On the other hand, encryption can also hide hackers from security threat detectors. This, of course, brings with it greater monitoring and detection challenges at the endpoint devices, i.e., users and services. 

Most of today’s modern technologies do not work without an internet connection and network infrastructure. To give you an idea, this includes online services that we can hardly imagine being without today or vital equipment (such as machines in hospitals). These services and devices depend on the transmission of data over computer networks, and this dependency increases the importance of network security and the defence of cyberspace.

“We need to see the security threats, and therefore, it is essential to monitor the situation and traffic on the network. This is also why we want to improve existing monitoring systems so that it is not necessary to decrypt communications and read end-user data to analyse encrypted traffic. We are addressing this issue, which represents a current global research challenge in network security,” adds project solver Ing. Tomáš Čejka, Ph.D.

Recent research results globally show significant progress in analysing encrypted traffic using machine learning, but much more work is still needed to be done to implement these technologies in practice. Therefore, a new security research project – “Analysis of encrypted traffic using network flows” – was launched at the beginning of 2022 and was selected among the supported projects under the IMPAKT 1 call of the Ministry of the Interior of the Czech Republic. The project is co-operated by the CESNET association as coordinator and main solver, the Faculty of Information Technology of the Czech Technical University in Prague, the Faculty of Information Technology of the Brno University of Technology.

The person responsible for the content of this page: Bc. Veronika Dvořáková