|
|
User interface for asset management system
Benko, Dávid ; Orsák, Michal (referee) ; Žádník, Martin (advisor)
This thesis focuses on the development of a web user interface for an asset management system called Amfora. Amfora gathers data regarding IP addresses, services and vulnerabilities from 9 other systems. The user interface is based on three tier architecture utilizing REST API. Frontend implementation uses the Vue.js framework (TypeScript/JavaScript language) and backend implementation uses the FastAPI framework (Python language). The system has been deployed into production use in the CESNET network and presented to the security operations center team in CESNET. Amfora has significantly simplified work in solving security incidents and network monitoring.
|
|
|
Information Fusion for Classification of Network Devices
Sedláček, Ondřej ; Tisovčík, Peter (referee) ; Žádník, Martin (advisor)
This work is focused on solving information fusion when dealing with multiple data sources in computer network monitoring. A solution built on the concept of classification rules configured by experts is presented. Configuration is simplified using a designated configuration language interpreted by the solution. The classification rules enable coverage of diverse types of data. The result is given as a label from specified taxonomy. Using a taxonomy maintains the different levels of detail between the data sources, even in the output label. The solution also uses the Dempster-Schafer theory for merging labels from different sources into a single output label. Results of experiments show that information fusion in this context does increase the accuracy of device classification. A process of rule optimization was developed based on testing and experiments with a dataset from a real network. The accuracy was increased by 19 % compared to the original solution using this process.
|
|
|
Dataset for Classification of Network Devices Using Machine Learning
Eis, Pavel ; Tisovčík, Peter (referee) ; Žádník, Martin (advisor)
Automatic classification of devices in computer network can be used for detection of anomalies in a network and also it enables application of security policies per device type. The key to creating a device classifier is a quality data set, the public availability of which is low and the creation of a new data set is difficult. The aim of this work is to create a tool, that will enable automated annotation of the data set of network devices and to create a classifier of network devices that uses only basic data from network flows. The result of this work is a modular tool providing automated annotation of network devices using system ADiCT of Cesnet's association, search engines Shodan and Censys, information from PassiveDNS, TOR, WhoIs, geolocation database and information from blacklists. Based on the annotated data set are created several classifiers that classify network devices according to the services they use. The results of the work not only significantly simplify the process of creating new data sets of network devices, but also show a non-invasive approach to the classification of network devices.
|
|
|
Information Fusion for Classification of Network Devices
Sedláček, Ondřej ; Tisovčík, Peter (referee) ; Žádník, Martin (advisor)
This work is focused on solving information fusion when dealing with multiple data sources in computer network monitoring. A solution built on the concept of classification rules configured by experts is presented. Configuration is simplified using a designated configuration language interpreted by the solution. The classification rules enable coverage of diverse types of data. The result is given as a label from specified taxonomy. Using a taxonomy maintains the different levels of detail between the data sources, even in the output label. The solution also uses the Dempster-Schafer theory for merging labels from different sources into a single output label. Results of experiments show that information fusion in this context does increase the accuracy of device classification. A process of rule optimization was developed based on testing and experiments with a dataset from a real network. The accuracy was increased by 19 % compared to the original solution using this process.
|
|
|
Dataset for Classification of Network Devices Using Machine Learning
Eis, Pavel ; Tisovčík, Peter (referee) ; Žádník, Martin (advisor)
Automatic classification of devices in computer network can be used for detection of anomalies in a network and also it enables application of security policies per device type. The key to creating a device classifier is a quality data set, the public availability of which is low and the creation of a new data set is difficult. The aim of this work is to create a tool, that will enable automated annotation of the data set of network devices and to create a classifier of network devices that uses only basic data from network flows. The result of this work is a modular tool providing automated annotation of network devices using system ADiCT of Cesnet's association, search engines Shodan and Censys, information from PassiveDNS, TOR, WhoIs, geolocation database and information from blacklists. Based on the annotated data set are created several classifiers that classify network devices according to the services they use. The results of the work not only significantly simplify the process of creating new data sets of network devices, but also show a non-invasive approach to the classification of network devices.
|
guest ::
