|
|
Application Firewall Anomaly Detection
Pospěch, Jan ; Homoliak, Ivan (referee) ; Očenášek, Pavel (advisor)
The goal of the presented bachelor thesis is to describe the process of anomaly detection in application firewalls. The thesis focuses on the principles and basics of anomaly detection, the reader is introduced to the techniques and methods of machine learning. The process of analyzing the requests and responses received from the web application protection system is described, and the system design is developed. The practical part describes the implementation of the system and testing on real datasets. Decision tree and Random forest algorithms show the best results with f1-score 0.9987. Among the unsupervised learning methods, the best results are shown by Autoencoder with an f1-score value of 0.8315.
|
|
|
Anomaly Recognition in Advanced Detection Systems
Poposki, Vasil ; Homoliak, Ivan (referee) ; Očenášek, Pavel (advisor)
Cílem této práce je implementovat systém detekce anomálií využívající techniky umělé inteligence, který dokáže detekovat anomálie učením chování systému. Navrhovaný přístup je účinný při identifikaci nových nebo neznámých anomálií, které tradiční metody založené na pravidlech mohou postrádat v datech síťového provozu. Implementace takového systému však zahrnuje i řešení problémů, jako je zpracování dat a extrakce charakteristických rysů. Tato práce pojednává o různých metodách analýzy dat a přístupech k odhalení průniků v systémech Extended Detection and Response a výzvách, kterým čelíme v dnešních rozšiřujících se bezpečnostních technologiích.
|
|
|
Anomaly Detection by IDS Systems
Gawron, Johann Adam ; Homoliak, Ivan (referee) ; Očenášek, Pavel (advisor)
The goal of this thesis is to familiarize myself, and the reader, with the issues surrounding anomaly detection in network traffic using artificial inteligence. To propose and subsequently implement a methodology for creating an anomaly classifier for network communication profiles. The classification method should be able to efficiently and accurately identify anomalies in network traffic to avoid generating false outputs. During the research of the issue, IDS systems, various types of attacks, and approaches to anomaly detection and classification were examined. In evaluating the effectiveness, several standard methods were examined and used to express the quality of classifiers.
|
|
|
UI for the Cooperation of a Surveillance System with a Human
Klem, Václav ; Špaňhel, Jakub (referee) ; Bažout, David (advisor)
This bachelor's thesis discusses the topic of the design and development of an effective user interface for the cooperation of a user and a surveillance system. It offers a study of currently available tools for the annotation of videos and detection/tracking of people in these videos to create an annotation application intended for new way of detecting anomalies. This innovative way is based on detecting anomalies on the level of frames. Anomaly in this sense means any illegal behavior of people in a video. This thesis aims to create a proposition of UI design for the annotation application, confirm the validity of the concept and then implement the full-fledged version of this application based on the testing results. During the testing of the prototype, the annotation success rate of 89% and the rating of overall UI clarity of 83% respectively were reached. Following the results of the testing, the final version of the application was implemented reflecting the user feedback.
|
|
|
Malformations/anomalies in the development of cestodes
Aliaskerova, Madina ; Schreiber, Manfred (advisor) ; Chanová, Marta (referee)
Anomalies in tapeworms can appear spontaneously under natural conditions, at both morphological and developmental level. In adult tapeworms, malformations at morphological level are manifested on the scolex and strobila. Their detailed description can be found in Taenia saginata, Taenia pisiformis, Taenia solium, Dibothriocephalus nihonkaiense, Dibothriocephalus latus, Hymenolepis nana and Hymenolepis microstoma. In the larval stages of Taenia crassiceps, the malformations occur predominantly on the skolex. Morphological malformations may be manifested by multiplication of suckers or change in the appearance and number of hooks, change in the structure of the genitalia, occurrence of lateral segments, fenestration of the strobila or occurrence of multiple planes of symmetry. However, these malformations can also be caused by targeted radiation exposure, temperature stress or anthelmintics. Developmental anomalies are also manifested by spontaneous appearance of tapeworms in different parts of the body in different host species. There is a link between anomalous infections and the immune status of the host. Possible causes of anomalies include damage to neoblasts, lack of a proper immune response by the host, anthelmintics, host diet, or environmental influences.
|
|
|
Detection of Anomalies in Pedestrian Walking
Pokorný, Ondřej ; Orság, Filip (referee) ; Goldmann, Tomáš (advisor)
The goal of this work was to create a system that would be able to detect anomalies in pedestrian walking. As the core of my application, I have used OpenPose, which is an application for detecting human skeletons. Then I used a bidirectional LSTM neural network to detect anomalies in video sequences. This architecture was chosen during the experiment because it outperformed other solutions. I trained my model to detect three types of anomalies. The output of my application is a video with marked sequences of anomalies. The whole system is implemented in Python.
|
|
|
Browser and User Fingerprinting for Practical Deployment
Vondráček, Tomáš ; Malinka, Kamil (referee) ; Polčák, Libor (advisor)
The aim of the diploma thesis is to map the information provided by web browsers, which can be used in practice to identify users on websites. The work focuses on obtaining and subsequent analysis of information about devices, browsers and side effects caused by web extensions that mask the identity of users. The acquisition of information is realized by a designed and implemented library in the TypeScript language, which was deployed on 4 commercial websites. The analysis of the obtained information is carried out after a month of operation of the library and focuses on the degree of information obtained, the speed of obtaining information and the stability of information. The dataset shows that up to 94 % of potentially different users have a unique combination of information. The main contribution of this work lies in the created library, design of new methods of obtaining information, optimization of existing methods and the determination of quality and poor quality information based on their level of information, speed of acquisition and stability over time.
|
|
|
HTTP Application Anomaly Detection
Rádsetoulal, Vlastimil ; Homoliak, Ivan (referee) ; Očenášek, Pavel (advisor)
The goal of this work is to introduce anomaly detection principles and review its possibilities, as one of the intrusion detection methods in HTTP traffic. This work contains theoretical background crucial for performing an anomaly detection on HTTP traffic, and for utilising neural networks in achieving this goal. The work proposes tailored design of an anomaly detection model for concrete web server implementation, describes its implementation and evaluates the results. The result of this work is successful initial experiment, of modeling normal behavior of HTTP traffic and creation of the mechanism, capable of detection of anomalies within future traffic.
|
|
|
Detection of DoS and DDoS attacks targeting a web server
Nguyen, Minh Hien ; Fujdiak, Radek (referee) ; Kuchař, Karel (advisor)
The bachelor thesis deals with the detection of DoS (Denial of service) and DDoS (Distributed Denial of Service) attacks targeting a web server. This work aims to design detection methods, which will be subsequently tested. Analysis of attacks according to the ISO/OSI (International Organization for Standardization/Open Systems Interconnection) reference model will allow an understanding of the features of individual attacks. In the practical part, some tools are used to implement attacks, then there are generators of legitimate network traffic and a secure web server. Substantial data are created from ongoing attacks and communications of ordinary users. These data are an important part of the proposed methods. The purpose of assessing the achieved results is to evaluate the effectiveness of individual detection methods in terms of accuracy and time consumption.
|
|
| |
guest ::
