|
|
Profiling of Network Entities to Improve Situational Awareness
Bolf, René ; Tisovčík, Peter (referee) ; Žádník, Martin (advisor)
Having a good situational awareness is an important part of computer security. Knowing what is connected to the network, where it is located, and who is communicating can help make better and faster decisions when security incidents occur. This thesis is focusing on the profiling of network entities at the device level. More specifically, it focuses on the passive identification of operating systems. Every packet transferred in the network carries a specific information in its packet header that reflects the initial settings of a host's operating system. The set of these information is called the "fingerprint" of an operating system. In the thesis, there is described an implementation of a machine learning classifier using the decision tree method, which uses features from TCP and IP headers. The classifier was evaluated on a data set containing data from real network traffic and has achieved accuracy of 96 % when classifying into 9 classes of operating systems.
|
|
|
Spracovanie a analýza dát pomocou mäkkých výpočtov
Bolf, René
This thesis focuses on the development and application of soft computing methods for data classification and analysis. Specifically, the work deals with the analysis of data from ten paracetamol drugs obtained through UV spectral analysis using the UV-IFS method. In addition to the experimental part, the thesis also addresses the development of a web application, which provides a platform for storing, analyzing, and classifying the obtained data.
|
|
|
Profiling of Network Entities to Improve Situational Awareness
Bolf, René ; Tisovčík, Peter (referee) ; Žádník, Martin (advisor)
Having a good situational awareness is an important part of computer security. Knowing what is connected to the network, where it is located, and who is communicating can help make better and faster decisions when security incidents occur. This thesis is focusing on the profiling of network entities at the device level. More specifically, it focuses on the passive identification of operating systems. Every packet transferred in the network carries a specific information in its packet header that reflects the initial settings of a host's operating system. The set of these information is called the "fingerprint" of an operating system. In the thesis, there is described an implementation of a machine learning classifier using the decision tree method, which uses features from TCP and IP headers. The classifier was evaluated on a data set containing data from real network traffic and has achieved accuracy of 96 % when classifying into 9 classes of operating systems.
|
guest ::
