|
|
Effective Network Anomaly Detection Using DNS Data
Fomiczew, Jiří ; Žádník, Martin (referee) ; Kováčik, Michal (advisor)
This thesis describes the design and implementation of system for effective detection of network anomaly using DNS data. Effective detection is accomplished by combination and cooperation of detectors and detection techniques. Flow data in NetFlow and IPFIX formats are used as input for detection. Also packets in pcap format can be used. Main focus is put on detection of DNS tunneling. Thesis also describes Domain Name System (DNS) and anomalies associated with DNS.
|
|
|
Parametrization of network attacks
Jelínek, Michael ; Sikora, Pavel (referee) ; Blažek, Petr (advisor)
This bachelor thesis is dedicated to the definition of suitable parameters for network attack identification with the use of neural networks. In the theoretical part of this thesis are methods for anomaly detection in network communication, structure of artificial neural networks and DDoS attacks used for verification of detection capabilities. The practical part of this thesis is focused on the process of preparing data, the subsequent implementation into neural networks and a summary of the results achieved for the different setups of neural networks.
|
|
|
Machine Learning from Intrusion Detection Systems
Dostál, Michal ; Očenášek, Pavel (referee) ; Hranický, Radek (advisor)
The current state of intrusion detection tools is insufficient because they often operate based on static rules and fail to leverage the potential of artificial intelligence. The aim of this work is to enhance the open-source tool Snort with the capability to detect malicious network traffic using machine learning. To achieve a robust classifier, useful features of network traffic were choosed, extracted from the output data of the Snort application. Subsequently, these traffic features were enriched and labeled with corresponding events. Experiments demonstrate excellent results not only in classification accuracy on test data but also in processing speed. The proposed approach and the conducted experiments indicate that this new method could exhibit promising performance even when dealing with real-world data.
|
|
|
Anomaly Detection by IDS Systems
Gawron, Johann Adam ; Homoliak, Ivan (referee) ; Očenášek, Pavel (advisor)
The goal of this thesis is to familiarize myself, and the reader, with the issues surrounding anomaly detection in network traffic using artificial inteligence. To propose and subsequently implement a methodology for creating an anomaly classifier for network communication profiles. The classification method should be able to efficiently and accurately identify anomalies in network traffic to avoid generating false outputs. During the research of the issue, IDS systems, various types of attacks, and approaches to anomaly detection and classification were examined. In evaluating the effectiveness, several standard methods were examined and used to express the quality of classifiers.
|
|
|
Capital Market Anomalies
ALEŠ, Petr
This Master thesis deals with the anomalies in capital markets. Through statistical testing of data from five companies on the US stock exchange NASDAQ seeks to prove or disprove their presence on this market.
|
|
|
Mispricing in leveraged value small-capitalization stocks
Picálek, Jan ; Hronec, Martin (advisor) ; Novák, Jiří (referee)
We study returns in the universe of leveraged value small-capitalization stocks, a universe with historically significant exposure to common risk factors. We sep- arate future winners and losers within this universe of risky stocks by adopting machine-learning-based mispricing strategy. The strategy considers 34 stock- level characteristics to predict 1-month-ahead returns and construct a long- short portfolio accordingly. The portfolio yields abnormal risk-adjusted re- turns of 0.42% per month out-of-sample, uncovering statistically significant mispricing. The machine-learning algorithm is trained on leveraged value small- capitalization stocks, so it captures universe-specific nonlinearities and variable interactions. The nonlinear effects and predictive power of individual variables are extracted and presented as well. We found no evidence of a relationship between the magnitude of the mispricing and credit cycles, or market volatility. JEL Classification G11, G12, G14, Keywords Anomalies, Predictability of returns, Asset pricing tests, Leveraged equities, Value stocks Title Mispricing in leveraged value small-capitalization stocks
|
|
|
Multi-horizon equity returns predictability via machine learning
Nechvátalová, Lenka ; Baruník, Jozef (advisor) ; Krištoufek, Ladislav (referee)
We examine the predictability of expected stock returns across horizons using machine learning. We use neural networks, and gradient boosted regression trees on the U.S. and international equity datasets. We find that predictabil- ity of returns using neural networks models decreases with longer forecasting horizon. We also document the profitability of long-short portfolios, which were created using predictions of cumulative returns at various horizons, be- fore and after accounting for transaction costs. There is a trade-off between higher transaction costs connected to frequent rebalancing and greater returns on shorter horizons. However, we show that increasing the forecasting hori- zon while matching the rebalancing period increases risk-adjusted returns after transaction cost for the U.S. We combine predictions of expected returns at multiple horizons using double-sorting and buy/hold spread, a turnover reduc- ing strategy. Using double sorts significantly increases profitability on the U.S. sample. Buy/hold spread portfolios have better risk-adjusted profitability in the U.S. JEL Classification G11, G12, G15, C55 Keywords Machine learning, asset pricing, horizon pre- dictability, anomalies Title Multi-horizon equity returns predictability via machine learning
|
|
| |
|
|
Parametrization of network attacks
Jelínek, Michael ; Sikora, Pavel (referee) ; Blažek, Petr (advisor)
This bachelor thesis is dedicated to the definition of suitable parameters for network attack identification with the use of neural networks. In the theoretical part of this thesis are methods for anomaly detection in network communication, structure of artificial neural networks and DDoS attacks used for verification of detection capabilities. The practical part of this thesis is focused on the process of preparing data, the subsequent implementation into neural networks and a summary of the results achieved for the different setups of neural networks.
|
|
| |
guest ::
