Network Traffic Monitoring Lab

J. Koumar, K. Hynek, T. Čejka, and P. Šiška, “CESNET-TimeSeries24: Time Series Dataset for Network Traffic Anomaly Detection and Forecasting,” Scientific Data, vol. 12, no. 1, 2025. Link
K. Jeřábek, K. Hynek, and O. Ryšavý, “Comparative analysis of DNS over HTTPS detectors,” Computer Networks, vol. 247, no. 247, Jun. 2024. Link
K. Hynek, J. Luxemburk, J. Pešek, T. Čejka, and P. Šiška, “CESNET-TLS-Year22: A year-spanning TLS network traffic dataset from backbone lines,” Scientific Data, vol. 11, no. 1, 2024. Link
J. Luxemburk and K. Hynek, “Towards reusable models in traffic classification,” in Proceedings of the 8th Network Traffic Measurement and Analysis Conference, Piscataway, US, 2024. Link
R. Plný, K. Hynek, and P. Šiška, “WIF: Efficient Library for Network Traffic Analysis,” in 2024 20th International Conference on Network and Service Management (CNSM), New York, US, 2024. Link
J. Koumar, K. Hynek, J. Pešek, and T. Čejka, “NetTiSA: Extended IP flow with time-series features for universal bandwidth-constrained high-speed network traffic classification,” Computer Networks, vol. 240, 2024.
T. Martínek, J. Kořenek, and T. Čejka, “LGBM2VHDL: Mapping of LightGBM Models to FPGA,” in 2024 IEEE 32nd Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM), Vancouver, CA, 2024. Link
D. Soukup, D. Uhříček, D. Vašata, and T. Čejka, “Machine Learning Metrics for Network Datasets Evaluation,” in ICT Systems Security and Privacy Protection, Cham, CH, 2024, vol. 679. Link
J. Luxemburk, K. Hynek, and T. Čejka, “Encrypted traffic classification: the QUIC case,” in 2023 7th Network Traffic Measurement and Analysis Conference (TMA), 2023, pp. 1–10. Link
J. Koumar and T. Čejka, “Unevenly Spaced Time Series from Network Traffic,” in 2023 7th Network Traffic Measurement and Analysis Conference (TMA), 2023, pp. 1–4. Link
K. Jerabek, K. Hynek, O. Rysavy, and I. Burgetova, “DNS Over HTTPS Detection Using Standard Flow Telemetry,” IEEE Access, vol. 11, pp. 50000–50012, 2023. Link
K. Wasielewska, D. Soukup, T. Čejka, and J. Camacho, “Evaluation of the Limit of Detection in Network Dataset Quality Assessment with PerQoDA,” in Machine Learning and Principles and Practice of Knowledge Discovery in Databases, Cham, 2023, pp. 170–185. Link
M. Hulák, V. Bartoš, and T. Čejka, “Evaluation of passive OS fingerprinting methods using TCP/IP fields,” in 2023 8th International Conference on Smart and Sustainable Technologies (SpliTech), 2023. Link
J. Pesek, R. Plny, J. Koumar, K. Jerabek, and T. Cejka, “Augmenting Monitoring Infrastructure For Dynamic Software-Defined Networks,” in 2023 8th International Conference on Smart and Sustainable Technologies (SpliTech), 2023. Link
J. Pešek, D. Soukup, and T. Čejka, “Active Learning Framework For Long-term Network Traffic Classification,” in 2023 IEEE 13th Annual Computing and Communication Workshop and Conference (CCWC), 2023, pp. 0893–0899. Link
D. Uhříček, K. Hynek, T. Čejka, and D. Kolář, “BOTA: Explainable IoT Malware Detection in Large Networks,” IEEE Internet of Things Journal, vol. 10, no. 10, pp. 8416–8431, 2023. Link
J. Luxemburk and T. Čejka, “Fine-grained TLS services classification with reject option,” Computer Networks, vol. 220, p. 109467, 2023. Link
J. Luxemburk, K. Hynek, T. Čejka, A. Lukačovič, and P. Šiška, “CESNET-QUIC22: A large one-month QUIC network traffic dataset from backbone lines,” Data in Brief, vol. 46, p. 108888, 2023. Link
K. Hynek, D. Vekshin, J. Luxemburk, T. Cejka, and A. Wasicek, “Summary of DNS Over HTTPS Abuse,” IEEE Access, vol. 10, pp. 54668–54680, 2022. Link
J. Koumar and T. and Čejka, “Network traffic classification based on periodic behavior detection,” in 2022 18th International Conference on Network and Service Management (CNSM), 2022. Link
L. Melcher, K. Hynek, and T. Čejka, “Tunneling through DNS over TLS providers,” in 2022 18th International Conference on Network and Service Management (CNSM), 2022. Link
M. Zadnik, J. Wrona, K. Hynek, T. Cejka, and M. Husák, “Discovering Coordinated Groups of IP Addresses Through Temporal Correlation of Alerts,” IEEE Access, vol. 10, pp. 82799–82813, 2022. Link
K. Jeřábek, K. Hynek, T. Čejka, and O. Ryšavý, “Collection of datasets with DNS over HTTPS traffic,” Data in Brief, vol. 42, p. 108310, 2022. Link
R. Plný, K. Hynek, and T. Čejka, “DeCrypto: Finding Cryptocurrency Miners on ISP Networks,” in Secure IT Systems, Cham, 2022, pp. 139–158. Link
Z. Tropková, K. Hynek, and T. Čejka, “Novel HTTPS classifier driven by packet bursts, flows, and machine learning,” in 2021 17th International Conference on Network and Service Management (CNSM), 2021, pp. 345–349. Link
D. Soukup, P. Tisovčík, K. Hynek, and T. Čejka, “Towards Evaluating Quality of Datasets for Network Traffic Domain,” in 2021 17th International Conference on Network and Service Management (CNSM), 2021, pp. 264–268. Link
M. Orsak and T. Benes, “High-speed stateful packet classifier based on TSS algorithm optimized for off-chip memories,” in Proceedings - 2021 24th International Symposium on Design and Diagnostics of Electronic Circuits and Systems, DDECS 2021, 2021, pp. 151–156. Link
J. Luxemburk, K. Hynek, and T. Čejka, “Detection of HTTPS Brute-Force Attacks with Packet-Level Feature Set,” in 2021 IEEE 11th Annual Computing and Communication Workshop and Conference (CCWC), 2021, pp. 0114–0122. Link
D. Vekshin, K. Hynek, and T. Cejka, “DoH Insight: Detecting DNS over HTTPS by Machine Learning,” in Proceedings of the 15th International Conference on Availability, Reliability and Security, New York, NY, USA, 2020. Link
T. Beneš, M. Kekely, K. Hynek, and T. Čejka, “Pipelined ALU for effective external memory access in FPGA,” in 2020 23rd Euromicro Conference on Digital System Design (DSD), 2020, pp. 97–100.
K. Hynek and T. Cejka, “Privacy Illusion: Beware of Unpadded DoH,” in 2020 11th IEEE Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON), 2020, pp. 621–628. Link
K. Hynek, T. Beneš, T. Čejka, and H. Kubátová, “Refined Detection of SSH Brute-Force Attackers Using Machine Learning,” in ICT Systems Security and Privacy Protection, Cham, 2020, pp. 49–63. Link
K. Hynek, T. Čejka, M. Žádník, and H. Kubátová, “Evaluating Bad Hosts Using Adaptive Blacklist Filter,” in 9th Mediterranean Conference on Embedded Computing (MECO), 2020, pp. 1–5. Link
M. Hulák and T. Cejka, “Classification of Network Traffic using Traffic Features,” in 8th Prague Embedded Systems Workshop, 2020, pp. 17–18. Link
T. Beneš, T. Cejka, and H. Kubátová, “The next step of P4 FPGA architectures: External Memories,” in 8th Prague Embedded Systems Workshop, 2020, pp. 5–7. Link
D. Soukup, K. Hynek, and T. Cejka, “QoD: Ideas about Evaluating Quality of Datasets,” in 8th Prague Embedded Systems Workshop, 2020, pp. 8–9. Link
K. Hynek, T. Cejka, and D. Vekshin, “DoH detection: Discovering hidden DNS,” in 8th Prague Embedded Systems Workshop, 2020, pp. 14–16. Link
D. Soukup, O. Hujňák, S. Štefunko, Krejčı́ Radek, and E. Grešák, “Security Framework for IoT and Fog Computing Networks,” in 2019 Third International conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud)(I-SMAC), 2019, pp. 87–92. Link
D. Soukup, T. Cejka, and K. Hynek, “Behavior Anomaly Detection in IoT Networks,” in International conference on Computer Networks, Big data and IoT, 2019, pp. 465–473. Link
D. Soukup, T. Čejka, and S. Štefunko, “Multi-level Anomaly Detection in IoT Networks,” in The 7th Prague Embedded Systems Workshop, Roztoky u Prahy, Czech Republic, 2019. Link
J. Havránek, T. Čejka, and P. Benáček, “L7 capable flow exporter described in P4,” in The 7th Prague Embedded Systems Workshop, Roztoky u Prahy, Czech Republic, 2019. Link
K. Hynek, T. Beneš, T. Čejka, and H. Kubátová, “Future approaches to monitoring in high-speed backbone networks ,” in The 7th Prague Embedded Systems Workshop, Roztoky u Prahy, Czech Republic, 2019. Link
T. Jánský, T. Čejka, Žádnı́k Martin, and V. Bartoš, “Augmented DDoS Mitigation with Reputation Scores,” in Proceedings of the 13th International Conference on Availability, Reliability and Security, New York, NY, USA, 2018, pp. 54:1–54:7. Link
T. Jánský, T. Čejka, M. Žádník, and V. Bartoš, “Informed DDoS Mitigation at 100 Gb/s,” in Proceedings of the 6th Prague Embedded Systems Workshop, 2018, pp. 41–42.
F. Šuster and T. Čejka, “Stream-wise adaptive blacklist filter based on flow data,” in Proceedings of the 6th Prague Embedded Systems Workshop, 2018, pp. 38–39.
M. Slabihoudek and T. Čejka, “Stream-wise Aggregation of Flow Data,” in Proceedings of the 6th Prague Embedded Systems Workshop, 2018, p. 37.
L. Stejskalová and T. Čejka, “Grouping evil IP addresses,” in Proceedings of the 6th Prague Embedded Systems Workshop, 2018, p. 30.
P. Benáček, V. Puš, H. Kubátová, and T. Čejka, “P4-To-VHDL: Automatic generation of high-speed input and output network blocks,” Microprocessors and Microsystems, vol. 56, pp. 22–33, 2018. Link
J. Havránek, P. Velan, T. Cejka, and P. Benáček, “Enhanced Flow Monitoring with P4 Generated Flexible Packet Parser,” in AIMS 2018, 2018.
T. Čejka and M. Žádník, “Preserving Relations in Parallel Flow Data Processing,” in Security of Networks and Services in an All-Connected World: 11th IFIP WG 6.6 International Conference on Autonomous Infrastructure, Management, and Security, AIMS 2017, Zurich, Switzerland, July 10-13, 2017, Proceedings, D. Tuncer, R. Koch, R. Badonnel, and B. Stiller, Eds. Cham: Springer International Publishing, 2017, pp. 153–156. Link
M. Švepeš and T. Čejka, “Making Flow-Based Security Detection Parallel,” in Security of Networks and Services in an All-Connected World: 11th IFIP WG 6.6 International Conference on Autonomous Infrastructure, Management, and Security, AIMS 2017, Zurich, Switzerland, July 10-13, 2017, Proceedings, D. Tuncer, R. Koch, R. Badonnel, and B. Stiller, Eds. Cham: Springer International Publishing, 2017, pp. 3–15. Link
T. Čejka, M. Švepeš, and J. Viktorin, “Gateway for IoT security,” in The 5th Prague Embedded Systems Workshop, Roztoky u Prahy, Czech Republic, 2017. Link
T. Jánský, T. Čejka, and V. Bartoš, “Hunting SIP Authentication Attacks Efficiently,” in Security of Networks and Services in an All-Connected World: 11th IFIP WG 6.6 International Conference on Autonomous Infrastructure, Management, and Security, AIMS 2017, Zurich, Switzerland, July 10-13, 2017, Proceedings, D. Tuncer, R. Koch, R. Badonnel, and B. Stiller, Eds. Cham: Springer International Publishing, 2017, pp. 125–130. Link
T. Jánský, T. Čejka, and V. Bartoš, “Detection of SIP Scans and Bruteforce Attacks,” in The 5th Prague Embedded Systems Workshop, Roztoky u Prahy, Czech Republic, 2017. Link
Z. Rosa, T. Cejka, M. Zadnik, and V. Puš, “Building a Feedback Loop to Capture Evidence of Network Incidents,” in 12th International Conference on Network and Service Management (CNSM 2016), Montreal, Canada, 2016. Link
T. Cejka and M. Svepes, “Analysis of Vertical Scans Discovered by Naive Detection,” in Management and Security in the Age of Hyperconnectivity: 10th IFIP WG 6.6 International Conference on Autonomous Infrastructure, Management, and Security, AIMS 2016, R. Badonnel, R. Koch, A. Pras, M. Drašar, and B. Stiller, Eds. Munich, Germany: Springer International Publishing, 2016, pp. 165–169. Link
M. Svepes and T. Cejka, “Overload-resistant Network Traffic Analysis,” in The 4th Prague Embedded Systems Workshop, Roztoky u Prahy, Czech Republic, 2016. Link
T. Čejka and R. Krejčí, “Configuration of open vSwitch using OF-CONFIG,” in NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium, Istanbul, Turkey, 2016, pp. 883–888. Link
T. Cejka, V. Bartoš, M. Svepes, Z. Rosa, and H. Kubatova, “NEMEA: A Framework for Network Traffic Analysis,” in 12th International Conference on Network and Service Management (CNSM 2016), Montreal, Canada, 2016. Link
T. Čejka and A. Robledo, “Detecting Spoofed Time in NTP Traffic,” in The 4th Prague Embedded Systems Workshop, Roztoky u Prahy, Czech Republic, 2016. Link
T. Čejka, R. Bodó, and H. Kubátová, “Nemea: Searching for Botnet Footprints,” in The 3th Prague Embedded Systems Workshop, Roztoky u Prahy, Czech Republic, 2015. Link
T. Cejka, V. Bartos, L. Truxa, and H. Kubatova, “Using Application-Aware Flow Monitoring for SIP Fraud Detection,” in Intelligent Mechanisms for Network Configuration and Security: 9th IFIP WG 6.6 International Conference on Autonomous Infrastructure, Management, and Security, AIMS 2015, S. Latré, M. Charalambides, J. François, C. Schmitt, and B. Stiller, Eds. Ghent, Belgium: Springer International Publishing, 2015, pp. 87–99. Link
D. Alexa and T. Čejka, “Easy configuration of NETCONF devices,” in The 3th Prague Embedded Systems Workshop, Roztoky u Prahy, Czech Republic, 2015. Link
P. Benáček, R. B. Blažek, T. Čejka, and H. Kubátová, “Change-point Detection Method on 100 Gb/s Ethernet Interface,” in Proceedings of the Tenth ACM/IEEE Symposium on Architectures for Networking and Communications Systems, New York, NY, USA, 2014, pp. 245–246. Link
T. Cejka, Z. Rosa, and H. Kubatova, “Stream-wise detection of surreptitious traffic over dns,” in 2014 IEEE 19th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), Athens, Greece, 2014, pp. 300–304. Link
T. Čejka, L. Kekely, P. Benček, R. B. Blažek, and H. Kubátová, “FPGA Accelerated Change-Point Detection Method for 100 Gb/s Networks,” in 9th Doctoral Workshop on Mathematical and Engineering Methods in Computer Science (MEMICS 2014), Telč, Czech Republic, 2014. Link
V. Bartoš, M. Žádník, and T. Čejka, “Nemea: Framework for stream-wise analysis of network traffic,” CESNET, a.l.e., 2013. Link
T. Čejka, P. Benáček, Š. Friedl, and R. Krejčí, “COMET-COMBO Ethernet Tester,” CESNET, a.l.e., 2012. Link