|
|
Analysis of email spam sources
Caha, Tomáš ; Kubánková, Anna (referee) ; Komosný, Dan (advisor)
The first part of this thesis deals with an approach of designing and developing of application for IP geolocation using various geolocation databases. Methods of geographical location of network devices and amount of available data provided by chosen commercial and freely accessible geolocation databases are presented. The data are summarized with focus on methods of obtaining information about IP addresses from various databases. In the paper there are also presented ways used to develop the Python application and its parts, which can be easily reused in other programs. The command line program was created to demonstrate that all parts of the developed application work properly. The whole application is freely accesible under the conditions of the MIT license, published on GitHub (https://github.com/tomas-net/ip2geotools/) and in the Python package index PyPi. The second part of this thesis deals with the description of cyberthreats and the use of developed application to mass geolocation of IP addresses that are listed in chosen freely accessible lists as sources of email spam or cyberattacks. Geographical analysis of cyberattacks sources shows countries of origin. Results of analysis are presented in graphs and maps.
|
|
|
Antispam software plugin for e-mail filtering based on geolocation of the sender
Kovařík, Martin ; Komosný, Dan (referee) ; Caha, Tomáš (advisor)
This thesis deals with the creation of a module for antispam software providing email filtering using sender geolocation. The theoretical part of the thesis describes spam in general and the threats that spread through email communication, such as social engineering and malware. Then the principle of email and email headers, email filters and their methods to filter messages are described and lastly IP geolocation and machine location methods are described.The created filtering module Geolock was designed for the SpamAssassin antispam software and uses the IP2Location geolocation database. The embedding of the module into SpamAssassin is shown and the module itself and its different parts are described. The module is tested on a dataset and a real-life application is outlined. The Geolock module is published on GitHub under the MIT license (https://github.com/MartinKovarik/Geolock).
|
|
|
Automatic Template Pattern Recognition
Kovařík, David ; Lengál, Ondřej (referee) ; Šimková, Hana (advisor)
Spam se typicky nevyskytuje ve formě samostatných zpráv, ale často bývá sdružován do takzvaných kampaní. Ty bývají automaticky generovány pomocí šablon. Díky tomu jsou jednotlivé zprávy sémanticky, ale ne syntakticky, ekvivalentní. Cílem práce je navrhnout algoritmus schopný z množiny zpráv jedné kampaně zpětně extrahovat šablonu, ze které tyto zprávy byly generovány. Práce se zaměřuje na spam v SMS komunikaci, ale navržené postupy jsou dostatečně obecné pro širší použití. Algoritmus je postaven na metodě zarovnávání dvou sekvencí, používané v bioinformatice pro nalezení podobných oblastí proteinových řetězců. Výstupem je regulární výraz popisující šablonu dané kampaně. Součástí řešení je také nástroj pro vizualizaci šablony pomocí HTML.Řešení bylo ověřeno na přibližně třech stovkách skutečných kampaní z celého světa. V naprosté většině případů je poskytnutý výsledek postačující pro identifikaci kampaně.
|
|
|
Sequential Pattern Mining
Tisoň, Zdeněk ; Zendulka, Jaroslav (referee) ; Hlosta, Martin (advisor)
This master's thesis is focused on knowledge discovery from databases, especially on methods of mining sequential patterns. Individual methods of mining sequential patterns are described in detail. Further, this work deals with extending the platform Microsoft SQL Server Analysis Services of new mining algorithms. In the practical part of this thesis, plugins for mining sequential patterns are implemented into MS SQL Server. In the last part, these algorithms are compared on different data sets.
|
|
|
Preserving Validity of MS Exchange Headers on Filtering SMTP Proxy-Server
Szabó, Peter ; Židek, Stanislav (referee) ; Richter, Jan (advisor)
The aim of this thesis is the localization and finding an optimal solution for a compatibility issue between two products, the AVG Linux Server Edition SMTP proxy-server and the Microsoft Exchange e-mail server. There are several possible solutions of this issue described and the most effective one is suggested as the final solution. In the first part, this thesis is providing a basic overview of the SMTP protocol and the protocols used in the Microsoft Exchanage server. The most common threats in the e-mail communication are also discussed here and several available solutions of protection against them are presented.
|
|
|
Network Protection Using NetFlow Data
Sedlář, Petr ; Žádník, Martin (referee) ; Tobola, Jiří (advisor)
This document provides information about Cisco NetFlow technology and its usage to protect networks from different types of attacks. Part of the document is a summary of common security risks in term of their detection on network and transport layer. There are specified characteristics of NetFlow data containing samples of security risks. On the basis of these characteristics, an application for detection these risks is designed and implemented.
|
|
|
Software for Capturing and Intelligent Parsing of Spam
Chlupová, Silvie ; Hranický, Radek (referee) ; Zobal, Lukáš (advisor)
This work deals with the creation of an SMTP honeypot, which will be ready for rapid deployment and will support advanced features. The thesis describes the theory of SMTP protocol, POP3 protocol and IMAP protocol. Furthermore, the work discusses the issue of unsolicited e-mails and the fight against them. The work presents various types of honeypots as well as existing solutions for e-mail honeypots. One of these solutions uses this work as a model. The new honeypot supports authentication, stores e-mails in a directory, from where they are gradually removed and analyzed. Based on the analysis, some e-mails are forwarded to the recipients. It is also possible to install and run the honeypot with one click. Honeypot also supports the destruction of email content to protect users.
|
|
|
Artificial Intelligence Approaches for Filtering of Spams
Matula, Tomáš ; Žádník, Martin (referee) ; Schwarz, Josef (advisor)
This thesis focuses on the e-mail classification and describes the basic ways of spam filtering. The Bayesian spam classifiers and artificial immune systems are analyzed and applied in this thesis. Furthermore, existing applications and evaluation metrics are described. The aim of this thesis is to design and implement an algorithm for spam filtering. Ultimately, the results are compared with selected known methods.
|
|
|
Methods for Mining Sequential Patterns
Fekete, Martin ; Burgetová, Ivana (referee) ; Bartík, Vladimír (advisor)
Sequential pattern mining is a field of data mining with wide applications. Currently, there are a number of algorithms and approaches to the problem of sequential pattern mining. The aim of this work is to design and implement an application designed for sequential pattern mining and use it to experimentally compare the chosen algorithms. Experiments are performed with both synthetic and real databases. The output of the work is a summary of the advantages and disadvantages of each algorithm for different kinds of input databases and an application implementing the selected algorithms of the SPMF library.
|
|
|
Spam Filter Implementation on the Basis of Artificial Immune Systems
Neuwirth, David ; Schwarz, Josef (referee) ; Sekanina, Lukáš (advisor)
Unsolicited e-mails generally present a major problem within the e-mail communication nowadays. There exist several methods that can detect spam and distinguish it from the requested messages. The theoretical part of the masters thesis introduces the ways of detecting unsolicited messages by using artificial immune systems. It presents and subsequently analyses several methods of the artificial immune systems that can assist in the fight against spam. The practical part of the masters thesis deals with the implementation of a spam filter on the basis of the artificial immune systems. The project ends with comparison of effectiveness of the newly designed spam filter and the one which uses common methods for spam detection.
|
guest ::
