Within FETA project, a unique method for detecting IoT malware has been developed

Prague, 11 April 2023. The Analysis of Encrypted Traffic Using Network Flows (FETA) project, led by Tomáš Čejka, a research team leader at the CESNET association, has undergone its first evaluation by the Ministry of the Interior of the Czech Republic, which is the provider of the grant. The evaluation indicates that the project’s solution is progressing according to plan. Moreover, the evaluator has labelled one of the project’s previous results as outstanding. Thanks to the collaboration of three excellent teams from the CESNET association, the Faculty of Information Technology at the Czech Technical University in Prague, and the Faculty of Information Technology at the Brno University of Technology, a unique and highly accurate method for detecting IoT malware has been developed.

Furthermore, the method has been successfully published in the prestigious impact-factor journal IEEE Internet of Things (IEEE IoT) in an article titled “BOTA: Explainable IoT malware detection in large networks” (available here). The co-authors listed on the article are Daniel Uhříček, Karel Hynek, Tomáš Čejka (all from CESNET), and Dušan Kolář (FIT VUT). The IEEE IoT journal is among the most prestigious publications in the field of the Internet of Things. It is considered the best in the category of computing systems according to the Google Scholar ranking and one of the most cited journals in the field of IoT according to the international journal database Web of Science.

The first year of the FETA project’s implementation has also brought another significant success in the form of a scientific article published by Jan Luxemburk (FIT ČVUT) and Tomáš Čejka (CESNET) titled “Fine-grained TLS service classification with reject option” in another prestigious impact-factor journal, Computer Networks (available here). This text describes a unique architecture of a neural network capable of classifying encrypted traffic into 190 different categories (individual network services) with high accuracy using only statistical traffic data.

The unique results have caught the attention of the professional community, and the article has been published in the newsletter of the Feisty Duck website (available here), which is a valuable source of information for anyone involved in cybersecurity. The website’s founder is a renowned security expert and researcher, Ivan Ristić, the author of the book “Bulletproof SSL and TLS,” which serves as a reference guide for secure use of the SSL/TLS protocol for encrypted communication. He is also the creator of well-known services such as SSL Labs and Hardenize, used for testing the security of web servers and their communication.

The FETA project aims to develop new technologies, tools, and procedures capable of monitoring encrypted communication and identifying security threats to network infrastructure, devices, and services, thereby enhancing their cyber defence capabilities. The project has a duration of four years and has been running since 2022.

The Analysis of Encrypted Traffic Using Network Flows (FETA, VJ02010024) project has been supported by the Ministry of the Interior of the Czech Republic under the VJ Program – Strategic Support for the Development of Security Research in the Czech Republic 2019-2025 (IMPAKT 1).

The CESNET Association was founded by various Czech universities and the Czech Academy of Sciences in 1996. Its objective is the operation and development of ICT services that comprise the national e-infrastructure for research, development and education e-INFRA CZ. Integral components of its activities include research and development in information and communications technology. CESNET is an active partner in numerous international research infrastructures, such as the Pan-European GÉANT research, development, and education network, the European Grid Infrastructure EGI.eu and the European infrastructure for open science EOSC. For more details, visit www.cesnet.cz and www.e-infra.cz.

Last change: 26.5.2023