News

FIT will co-operate on the development of the BringAuto autonomous vehicle

The Faculty of Information Technology will co-operate on the development of an autonomous control system for the autonomous vehicle called BringAuto. Beginning next year, researchers from the Department of Computer Graphics and Multimedia will train deep neural networks and "teach" the vehicle to drive itself, as a part of the new project called H2020 5G-ERA. At this point, trial runs of the vehicle are being conducted in an Ostrava industrial site, where it collects chemical samples from individual production facilities and transports them to a laboratory. In future, it may also be used to deliver shipments, serve as a food truck or disinfect buildings. You can read more about autonomous vehicles in Forbes, which mentions the co-operation with FIT as well; an article on BringAuto can be found online at zVUT.cz.     

[img]

FIT works together with Microsoft Research on protection against DoS attacks

Members of the VeriFIT group (Lenka Turoňová, Lukáš Holík, Ondřej Lengál, and Tomáš Vojnar) and their colleague Margus Veanes from Microsoft Research (Redmond, USA) found an innovative approach to protection against a class of DoS attacks. DoS attacks overwhelm the target service with such amount of traffic that it depletes its resources and makes the service unavailable for legitimate users. VeriFIT focuses primarily on ReDoS attacks, i.e. attacks against services using regular expressions.

Regular expressions are supported in all common programming languages. They allow searching for patterns, replace text and also validate user input. If a regular expression is used, for example, to look for patterns in network traffic (e.g. within an intrusion detection system (IDS)) or to validate user input to a network service, hackers can attack it and, for instance, shut down the target service or the intrusion detection system (and then do whatever they want on the network without running the risk of being detected).

First, the hacker tries to create an input string so that it takes a disproportionately long time to validate against the regular expression. If, for example, the login when creating a new user of a service is authenticated using the regular expression /(([\-.]|[_]+)?([a-zA-Z0-9]+)){10,30}/, a ReDoS attack could be caused by the string "aaaaaaaaaaaaaaaaaaaaaaaa!". This is because validators based on backtracking and non-deterministic finite automata will search through all possibilities to split the input string into 10 to 30 substrings before rejecting it. This type of attack shut down Stack Overflow for several days, for example.

[img]

Validators based on deterministic finite automata do not suffer from this problem, but they have another issue: deterministic finite automata can be huge (e.g. the smallest deterministic automaton accepting the language of the regular expression /[ab]*a[ab]{300}/ has more states than the estimated number of atoms in the observable universe).

Developed as part of basic research into automata theory in collaboration between VeriFIT and Microsoft Research, the method can verify input efficiently using a newly introduced formal model called counting-set automaton. It is a special type of deterministic automaton, in which the configuration of the automaton contains the status and also certain counting sets, which can effectively represent limited repetition in regular expressions (e.g. the part with the number 300 in the expression/[ab]*a[ab]{300}/). Thanks to these counting sets, a compact automaton can be created even for regular expressions that contain large repetition values, which can then be used for pattern searching or validation. For a certain class of regular expressions, this method provides a more robust pattern-searching algorithm than, for example, the well-known grep tool or Google's optimised RE2 library.

This innovation by the VeriFIT group shows that the theory of finite automata, which was conceived 70 years ago and is often considered to be an unchanging fundamental pillar of theoretical computer science, is still subject to rapid developments with many practical applications.

A video presentation by Lenka Turoňová, who was able to spend her summer at an internship in Microsoft thanks to the co-operation, is available here and the paper on the method is provided at this link.

[img]

[img]

FIT graduates' GINA helps Italian paramedics to handle the pandemic

The Brno-based software company GINA, founded by Brno University of Technology (BUT) graduates, together with its Italian partner Beta 80, received a grant from the European Space Agency for the development of a technology which should be of great help to Italian paramedics in the fight against the coronavirus pandemic. The first version is expected to be deployed by the end of this year. "This year marks the tenth anniversary of our establishment; ironically, this anniversary came at a time when our products might be needed more than ever," says Zbyněk Poulíček, one of the company's founders and a FIT graduate.

[img]

Online workshop called "Business projekty"

On Wednesday, 9 December, an instalment of the Startup Booster event series programme, an online workshop named Business projekty (Business Projects), will take place.  In this online workshop, the programme consultants Martin Jírovec and Milan Brabec will discuss market and competition analysis, business plans and differences between student and commercial projects. But most importantly, the session shall serve as a platform enabling the participants to ask questions, present their ideas, and discuss ways to take their projects further. The workshop is a part of the Star(t)up@FIT programme.

[img]

The BUT Student Entrepreneurial Spirit Award was won by Discyo, an app that can tell what you like

The BUT Student Entrepreneurial Spirit Award competition, which was held by BUT for the very first time this year, was won by the Discyo application, a project of four students from the Faculty of Information Technology. Their solution can give the user advice on what film to watch, what podcast to listen to or what videogame to play. The algorithm can tell what are the user's preferences across various media and what the user might like. The competition of student ideas is held by the Brno University of Technology in co-operation with the South Moravian Innovation Centre. For more information, read the article

[img]
Back to top