|
|
Analysis of DDos data with clustering
Krátký, Matěj ; Šišmiš, Lukáš (referee) ; Setinský, Jiří (advisor)
This thesis focuses on the detection of distributed denial of service (DDoS) attacks using clustering algorithms. In the first part, different types of DDoS attacks and approaches to identify them are described. Next, the thesis studies clustering methods, specifically hierarchical and k-means clustering, for analyzing the network traffic associated with these attacks. It also includes the design of a detection system suitable for detecting DDoS attacks. This is followed by a description of the implementation of this system required for the analysis phase. The main part of the work consists of performing experiments on the available dataset and evaluating the effectiveness of the methods, parameters and attributes combinations used. Finally, the thesis discusses the application of the findings and the possibilities for further research in this area.
|
|
|
Detection of Slow HTTP DoS Attacks
Jakubíček, Patrik ; Kováčik, Michal (referee) ; Bartoš, Václav (advisor)
This thesis deals with the detection of Slowloris attack. Based on the findings a detection module for Nemea system is implemented. It analyzes flow records and performs attack detection. Tests have verified that the module can work in real deployment and detect Slowloris attack quite successfully.
|
|
|
Web Interface for Network Anomaly Detection System
Sládek, Petr ; Kováčik, Michal (referee) ; Bartoš, Václav (advisor)
The goal of this work is to create a web interface for network anomaly detection system called HostStats. Its mission is to enable users to effectively work with data and statistics provided by the system. Web interface works as a plugin to NfSen as a completely independent web applications. Implementation took place in PHP using the Nette Framework, HTML5, CSS3, and JavaScript using the jQuery library.
|
|
|
Detection of Slow HTTP DoS Attacks
Jakubíček, Patrik ; Kováčik, Michal (referee) ; Bartoš, Václav (advisor)
This thesis deals with the detection of Slowloris attack. Based on the findings a detection module for Nemea system is implemented. It analyzes flow records and performs attack detection. Tests have verified that the module can work in real deployment and detect Slowloris attack quite successfully.
|
|
|
Web Interface for Network Anomaly Detection System
Sládek, Petr ; Kováčik, Michal (referee) ; Bartoš, Václav (advisor)
The goal of this work is to create a web interface for network anomaly detection system called HostStats. Its mission is to enable users to effectively work with data and statistics provided by the system. Web interface works as a plugin to NfSen as a completely independent web applications. Implementation took place in PHP using the Nette Framework, HTML5, CSS3, and JavaScript using the jQuery library.
|
|
|
Attack Detection by Analysis of the System's Logs
Holub, Ondřej ; Puš, Viktor (referee) ; Kaštil, Jan (advisor)
The thesis deals with the attack detection possibilities and the nonstandard behaviour. It focuses on problems with the IDS detection systems, the subsequent classification and methods which are being used for the attack detection. One part of the thesis presents the existing IDS systems and their properties which are necessary for the successful attack detection. Other parts describe methods to obtain information from the operating systems Microsoft Windows and it also analyses the theoretical methods of data abnormalities. The practical part focuses on the design and implementation of the HIDS application. The final application and its detection abilities are tested at the end of the practical part with the help of some model situations. In the conclusion, the thesis sums up the gained information and shows a possible way of the future development.
|
guest ::
