|
|
Detection of Brute-Force Password Attack in Network Traffic
Hurta, Marek ; Grégr, Matěj (referee) ; Žádník, Martin (advisor)
This bachelor's thesis is aimed at monitoring of computer networks using IP flows. It describes NEMEA framework which is used for creating modules. These modules are able to detect network anomalies and attacks. Next part describes a few methods how SSH, RDP and Telnet protocols could be attacked. Following chapters analyze some types of attacks such as Dictionary or Brute-Force attack and tries to find their common characteristics. Based on this analysis, signature of attack is created. Proposed detection algorithm uses these signatures for computing detection thresholds which are used in histogram analysis. Finally, results of proposed detection algorithm are compared with the results from other known methods.
|
|
|
Deriving DDoS Mitigation Rules
Hurta, Marek ; Krobot, Pavel (referee) ; Žádník, Martin (advisor)
This thesis is aimed at monitoring of computer networks using NetFlow data. It describes main aspects of detection network anomalies using IDS systems. Next part describes Nemea framework, which is used for creating modules. These modules are able to detect network incidents and attacks. Following chapters contain a brief overview of common network attacks with their specific remarks which can help in process of their detection. Based on this analysis, the concept of mitigation rules was created. These rules can be used for mitigation of DDoS attack. This method was tested on several data sets and it produced multiple mitigation rules. These rules were applied on data sets and they marked most of the suspicious flows.
|
|
|
Deriving DDoS Mitigation Rules
Hurta, Marek ; Krobot, Pavel (referee) ; Žádník, Martin (advisor)
This thesis is aimed at monitoring of computer networks using NetFlow data. It describes main aspects of detection network anomalies using IDS systems. Next part describes Nemea framework, which is used for creating modules. These modules are able to detect network incidents and attacks. Following chapters contain a brief overview of common network attacks with their specific remarks which can help in process of their detection. Based on this analysis, the concept of mitigation rules was created. These rules can be used for mitigation of DDoS attack. This method was tested on several data sets and it produced multiple mitigation rules. These rules were applied on data sets and they marked most of the suspicious flows.
|
|
|
Detection of Brute-Force Password Attack in Network Traffic
Hurta, Marek ; Grégr, Matěj (referee) ; Žádník, Martin (advisor)
This bachelor's thesis is aimed at monitoring of computer networks using IP flows. It describes NEMEA framework which is used for creating modules. These modules are able to detect network anomalies and attacks. Next part describes a few methods how SSH, RDP and Telnet protocols could be attacked. Following chapters analyze some types of attacks such as Dictionary or Brute-Force attack and tries to find their common characteristics. Based on this analysis, signature of attack is created. Proposed detection algorithm uses these signatures for computing detection thresholds which are used in histogram analysis. Finally, results of proposed detection algorithm are compared with the results from other known methods.
|
guest ::
RSS feed.