|
|
Detection and mitigation of DDoS attacks
Brázda, Mikuláš ; Hranický, Radek (referee) ; Žádník, Martin (advisor)
This work deals with the detection of DDoS attacks in the CESNET3 network infrastructure, utilizing NetFlow record analysis. Considering the dynamic nature of network traffic, it treats the data as an infinite stream. To store and efficiently process large volumes of data, it employs the sketch method, which allows for a compact representation of data without losing key information about the network traffic. The core of the detection mechanism is the adaptive CUSUM algorithm, which accumulates deviations from a long-term moving average. An alert is triggered when a threshold is exceeded. The module was tested on real network data with various parameter settings to demonstrate its properties. The implemented module is part of the NEMEA system.
|
|
|
Detection of Harmfulness of Communication Partners and Their Networks
Kučera, Rostislav ; Homoliak, Ivan (referee) ; Očenášek, Pavel (advisor)
With the growing dependence of the population on electronic devices, the risk of data loss or misuse also increases. As the number of attacks in computer networks rises, systems for detecting malicious traffic become more important. The goal of this work is a theoretical analysis and implementation of modules for detecting malicious computer communication using machine learning methods, specifically a neural network model, and statistical analysis, which are deployed within the extended intrusion detection system Snort.
|
|
|
Rating Log Events using Reputation and Anomaly Scores
Zbořil, Jan ; Burgetová, Ivana (referee) ; Matoušek, Petr (advisor)
Pro administrátory, bezpečnostní inženýry a síťové experty je nemožné sledovat současné množství dat proudící v počítačových sítích. Komplexní systémy jako IDS nebo IPS jsou navrženy tak, aby kromě své primární funkce také ukládaly síťový provoz. Cílem této práce je automaticky redukovat počet záznamů v lozích generovaných těmito systémy tak, aby obsahovaly pouze nejdůležitější informace. Anomální a reputační skóre představují metriky pro rozhodování tohoto problému - zda je záznam v logu důležitý či nikoliv. Cílem práce je prozkoumat současný stav metod běžně používaných pro tyto účely a navrhnout řešení, jak využít data síťových analyzátorů, jako je Suricata, k detekci anomálií v provozu a ohodnocení reputace síťových uzlů. Je vyvinuto kompletní řešení od zpracování dat, výpočtu skóre, redukce velikosti logů výběrem důležitých záznamů, a interpretace výsledků. Řešení je demonstrováno na reálných datech. Jsou diskutovány možnosti využití výsledků a použitých metod, jejich možné vylepšení a možné rozšíření v budoucích pracech.
|
|
|
Automatic Tire Inspection Using Surface Scans
Toth Vaňo, Pavol ; Materna, Zdeněk (referee) ; Španěl, Michal (advisor)
This thesis deals with automatic detection of defects on tire treads using their depth scans. The approach proposed in the thesis doesn’t require a faultless reference tire for the inspected tire. The first step is the detection of anomalies, which is done using a modification of the PatchCore method proposed in the thesis, taking advantage of the repetition of patterns on the tire tread. Subsequently, anomalies corresponding to special elements on the tire are detected using the deep neural networks Faster R-CNN and Deep Hough transform, and they are filtered out. Applying the proposed approach on the prepared dataset, the value 0.584 of Average Precision metric for detection was obtained. The biggest weakness of the proposed method is its limited ability to detect defects with a very small depth.
|
|
|
Surface defect detection of metal parts based on neural networks
Hadwiger, Tomáš ; Jonák, Martin (referee) ; Ježek, Štěpán (advisor)
The goal of this thesis is focused on surface anomaly detection on metal parts. The goal was to implement different neural network architectures using the method CutPaste and compare them on three different datasets: MVTec AD, MPDD, MPDD2. For the object classes of the dataset MVTec AD the most accurate architecture turned out to be ResNet-18 with average precision of 84,45 AUROC, for the materials it was the EfficientNet architecture with average precision of 87,22 AUROC. For the MPDD and MPDD2 datasets, the most accurate architecture was ResNet50 with average precision of 88,64 AUROC and 61,10 AUROC respectively. Based on the measure values, the most difficult dataset for anomaly detection turned out to be MPDD2.
|
|
| |
|
| |
|
|
Forensic method for recognizing the authenticity of artworks using multispectral analysis
Lánský, David ; Mezina, Anzhelika (referee) ; Burget, Radim (advisor)
Detecting forgeries is crucial for protecting the art market and preserving the authenticity of artworks. This thesis focuses on forgery detection using convolutional neural networks (CNNs). The main goal was to develop advanced methods capable of identifying anomalies, and thus potential forgeries, in images with their X-ray photographs. During this research, U-net architectures and binary semantic segmentation techniques were applied, enabling successful anomaly detection. The main contribution of this work is 112 models of four different U-net and U-net++ architectures, which effectively highlight anomalies through the method of binary semantic segmentation. The models were trained on a set of images with their synthetically created X-ray images and artificially generated anomalies. In this way, the models can detect lead spots, nails, layers of hidden paintings, and other defects, while also being able to ignore insignificant elements, such as picture frames and overexposed X-ray images. The testing of the models occurred in two phases. In the first phase, they were evaluated using the IoU metric on a set of 400 synthetically generated data, where in the best cases, they achieved up to 83.5 % IoU. In the second phase, they were evaluated subjectively on images with real X-rays and natural anomalies. This approach combines traditional X-ray techniques with modern computer vision, revealing deviations that might be overlooked during standard visual inspection. By bridging these technologies, this work opens new possibilities for the protection of art collections and provides a solid foundation for further research in the field of art forgery detection using artificial intelligence.
|
|
|
Visual Anomaly Detection in Industrial Production
Hrabica, Jan ; Richter, Miloslav (referee) ; Horák, Karel (advisor)
This thesis deals with the problem of unary classifiers for anomaly detection in industrial production. It starts with a discussion of classification as a general problem, classification methods and some of their evaluations, and then discusses the main categories of architectures used. Practical part describes the process of scene creation for the acquisitions of a datesed. Acquired dataset is then used for teaching a classifier, on which is then performer a number of experiments to determine its performance.
|
|
|
Anomaly and threat detection in audit logs using machine learning
Ludes, Adam ; Ježek, Štěpán (referee) ; Tomašov, Adrián (advisor)
Tato práce představuje softwarové architektury založené na cloudu, techniky detekce anomálií, strojové učení a analýzu dat za účelem vytvoření modelu pro detekci anomálií v audit lozích z Red Hat OpenShift Container Platform. Jsou představeny statistické metody a analýza časových řad pro detekci anomálií, zatímco jsou implementovány a hodnoceny modely strojového učení a techniky předzpracování dat. Výsledky ukazují omezení tradičních modelů při zpracování anomálií v hluboce vnořených datech, zatímco model zpracovávající přirozený jazyk prokazuje robustní výkon. Tato práce poskytuje cenné poznatky a může být použita jako reference pro výzkum i praxi v oblasti softwarových architektur založených na cloudu, detekce anomálií, strojového učení a analýzy dat.
|
guest ::
