|
|
Specific anomaly detection methods in wireless communication networks
Holasová, Eva ; Blažek, Petr (referee) ; Fujdiak, Radek (advisor)
The diploma thesis is focuses on technologies and security of the wireless networks in standard IEEE 802.11, describes the most used standards, definition of physical layer, MAC layer and specific technologies for wireless networks. The diploma thesis is focused on description of selected security protocols, their technologies as well as weaknesses. Also, in the thesis, there are described security threats and vectors of attacks towards wireless networks 802.11. Selected threats were simulated in established experimental network, for these threats were designed detection methods. For testing and implementing designed detection methods, IDS system Zeek is used together with network scripts written in programming language Python. In the end there were trained and tested models of machine learning both supervised and unsupervised machine learning.
|
|
|
Network Traffic Analysis Based on Sketches
Dřevo, Aleš ; Kekely, Lukáš (referee) ; Bartoš, Václav (advisor)
Aim of this thesis is to create a program for network traffic analysis and for detection of anomallies in the traffic. The Heavy-Changes Detection technique which falls within the Data stream algorithm category is used to do so. Special structures called sketches are used for data processing. These structures are capable of maintaining large amounts of data with low memory consumption. Programs from Nemea system for which this project is created are used for gathering necessary network data.
|
|
|
Anomaly Detection in Generated Incident Ticket Volumes
Šurina, Timotej ; Rychlý, Marek (referee) ; Trchalík, Roman (advisor)
Táto bakalárska práca sa zaoberá problematikou detekcie anomálií v časových radoch. Predstavuje metódy STL decomposition, ARIMA, Exponential Smoothing a LSTM Networks. Cieľom je pomocou týchto metód vytvoriť algoritmus, ktorý dokáže analyzovať trend v množstve generovaných záznamov o incidentoch a detekovať anomálie z trendu. Riešenie bolo vytvorené na základe dátovej sady poskytnutej firmou AT&T Global Network Services Czech Republic s.r.o. a implementované v programovacom jazyku Python.
|
|
|
Anomaly detection by neural networks
Strakoš, Jan ; Sikora, Marek (referee) ; Blažek, Petr (advisor)
This bachelor thesis is focused on anomaly detection represented as computer network attacks by neural network. One of the most common groups of attacks is Distributed Denial of Service (DDoS) attacks, which the system based on neural network should identificate. In the theoretical part of this thesis are described legitimate, non-standard and illegitimate traffic. Another part of this chapter described DDoS attacks, options of their detection, neural networks principle and their use. Practical part describe choosed communication parameters, specifying the threshold intervals of legitimate traffic, constructing a neural network which use of these parameters and threshold intervals, implementation of neural network into the system and presenting results.
|
|
|
The weather and stock returns
Černý, Patrik ; Kukačka, Jiří (advisor) ; Čornanič, Aleš (referee)
This thesis examines a behavioral finance topic, the effect of weather on stock returns. The research was performed with the aim to verify formerly published results of various weather variables like sunshine, precipitation or temperature influencing stock markets. For the analysis Ordinary Least Squares regressions were implemented to investigate the relationships of stock returns and weather variables proposed in the previous literature as well as other market efficiency effects, a Monday and a January effect. In addition, GARCH model was carried out to check the influence of weather conditions on stock return volatility. Data used for the analysis consists of 24 emerging and 23 developed markets worldwide in the period 2006-2017. The results are not in support of the theory of weather affecting market trading which corresponds to the market efficiency theory. There seems to be no difference between the developed and emerging countries, not even countries' land area plays a role. However, in the thesis repeatedly appears significant evidence of the presence of the Monday effect. Keywords Behavioral finance, Weather effect, Market efficiency, Anomaly, GARCH 1
|
|
|
Detection of anomalies in network traffic using compression methods
Blažek, Libor ; Dvořák, Jan (referee) ; Blažek, Petr (advisor)
The objective of the thesis is to design a practical demonstration of the functionality of selected compression methods. The following chapters will discuss the attacks on terminals and mentioned some measures. The show will be processed using two methods development environment. The attacks will detect anomalies in the network and subsequently carried out at one of the sample data compression methods. Data will be collected as normal operation at the terminal station, and then in the attack.
|
|
|
Detection of Unusual Events in Temporal Data
Černík, Tomáš ; Bartík, Vladimír (referee) ; Zendulka, Jaroslav (advisor)
Bachelor thesis deals with detection of unusual events (anomalies) in available temporal data. Theoretical part describes existing techniques and algorithms used to detect outliers. There are also introduced meteorological data that are after that used for experimental verification of implemented detection algorithms. Second part, practical one, describes design and implementation of application and algorithms. Algorithms are also tested in search for point, contextual and collective anomalies.
|
|
|
Knowledge Discovery in Spatio-Temporal Data
Pešek, Martin ; Bartík, Vladimír (referee) ; Zendulka, Jaroslav (advisor)
This thesis deals with knowledge discovery in spatio-temporal data, which is currently a rapidly evolving area of research in information technology. First, it describes the general principles of knowledge discovery, then, after a brief introduction to mining in the temporal and spatial data, it focuses on the overview and description of existing methods for mining in spatio-temporal data. It focuses, in particular, on moving objects data in the form of trajectories with an emphasis on the methods for trajectory outlier detection. The next part of the thesis deals with the process of implementation of the trajectory outlier detection algorithm called TOP-EYE. In order to testing, validation and possibility of using this algorithm is designed and implemented an application for trajectory outlier detection. The algorithm is experimentally evaluated on two different data sets.
|
|
| |
|
|
Statistical anomaly detection methods of data communication
Woidig, Eduard ; Mangová, Marie (referee) ; Slavíček, Karel (advisor)
This thesis serves as a theoretical basis for a practical solution to the issue of the use of statistical methods for detecting anomalies in data traffic. The basic focus of anomaly detection data traffic is on the data attacks. Therefore, the main focus is the analysis of data attacks. Within the solving are data attacks sorted by protocols that attackers exploit for their own activities. Each section describes the protocol itself, its usage and behavior. For each protocol is gradually solved description of the attacks, including the methodology leading to the attack and penalties on an already compromised system or station. For the most serious attacks are outlined procedures for the detection and the potential defenses against them. These findings are summarized in the theoretical analysis, which should serve as a starting point for the practical part, which will be the analysis of real data traffic. The practical part is divided into several sections. The first of these describes the procedures for obtaining and preparing the samples to allow them to carry out further analysis. Further described herein are created scripts that are used for obtaining needed data from the recorded samples. These data are were analyzed in detail, using statistical methods such as time series and descriptive statistics. Subsequently acquired properties and monitored behavior is verified using artificial and real attacks, which is the original clean operation modified. Using a new analysis of the modified traffics compared with the original samples and an evaluation of whether it has been some kind of anomaly detected. The results and tracking are collectively summarized and evaluated in a separate chapter with a description of possible further attacks, which were not directly part of the test analysis.
|
guest ::
