|
|
IP Flow Filter
Štoffa, Imrich ; Krobot, Pavel (referee) ; Wrona, Jan (advisor)
This thesis is focused on unification of filtering languages used by IP flow collecting program and library for their analysis. At the moment these implementations use different filtering modules and file formats. Because of this, inconsistencies in results arise and as a response to this, creation of one filtering module was proposed as part of effort to better integrate collection and analysis of IP flows using these programs. The one filtering module aims to provide one implementation and support for popular filtering language for use in the programs. Thesis contains theoretical introduction to flow monitoring in networks, describes algorithms useful for evaluation of conditions on flow records and packets. The core of authors work is design and implementation of the filtering module and its wrappers for the collector and analysis library. Results of performance tests and evaluation of features can be found in the thesis's conclusion.
|
|
|
Compression of IP Flow Records
Kaščák, Andrej ; Kajan, Michal (referee) ; Žádník, Martin (advisor)
My Master's thesis deals with the problems of flow compression in network devices. Its outcome should alleviate memory consumption of the flows and simplify the processing of network traffic. As an introduction I provide a description of protocols serving for data storage and manipulation, followed by discussion about possibilities of compression methods that are employed nowadays. In the following part there is an in-depth analysis of source data that shows the structure and composition of the data and brings up useful observations, which are later used in the testing of existing compression methods, as well as about their potential and utilization in flow compression. Later on, I venture into the field of lossy compression and basing on the test results a new approach is described, created by means of flow clustering and their subsequent lossy compression. The conclusion contains an evaluation of the possibilities of the method and the final summary of the thesis along with various suggestions for further development of the research.
|
|
|
IP Flow Filtration and Profiling
Sedlák, Michal ; Tisovčík, Peter (referee) ; Kučera, Jan (advisor)
This thesis addresses the problem of filtering and profiling IP flows, primarily data of IPFIXsystems. Within the work, a general filtering component is designed and implemented, whichaims to be sufficiently efficient and flexible for use in other projects related to IP flows. Thiscomponent is then adapted to work with data in the IPFIX protocol format and integratedinto the existing modular collector IPFIXcol2 in the form of plugins adding the support forfiltering of passing IPFIX data and their sorting into profiles.
|
|
|
Extraction of Available Information from SSH Protocol Headers
Ďurčanský, Norbert ; Bartoš, Václav (referee) ; Kořenek, Jan (advisor)
This paper analyzes issue regarding to extraction of available information from SSH protocol. To achieve this aim, knowledge about SSH protocol were used to implement plugin for FlowMon exporter. During the testing plugin was tested on real network and validated in terms of stability, efficiency and accuracy. The result plugin allows us to extract information from SSH protocol and futher analysis without decryption of traffic.
|
|
|
IP Flow Filtration and Profiling
Sedlák, Michal ; Tisovčík, Peter (referee) ; Kučera, Jan (advisor)
This thesis addresses the problem of filtering and profiling IP flows, primarily data of IPFIXsystems. Within the work, a general filtering component is designed and implemented, whichaims to be sufficiently efficient and flexible for use in other projects related to IP flows. Thiscomponent is then adapted to work with data in the IPFIX protocol format and integratedinto the existing modular collector IPFIXcol2 in the form of plugins adding the support forfiltering of passing IPFIX data and their sorting into profiles.
|
|
|
IP Flow Filter
Štoffa, Imrich ; Krobot, Pavel (referee) ; Wrona, Jan (advisor)
This thesis is focused on unification of filtering languages used by IP flow collecting program and library for their analysis. At the moment these implementations use different filtering modules and file formats. Because of this, inconsistencies in results arise and as a response to this, creation of one filtering module was proposed as part of effort to better integrate collection and analysis of IP flows using these programs. The one filtering module aims to provide one implementation and support for popular filtering language for use in the programs. Thesis contains theoretical introduction to flow monitoring in networks, describes algorithms useful for evaluation of conditions on flow records and packets. The core of authors work is design and implementation of the filtering module and its wrappers for the collector and analysis library. Results of performance tests and evaluation of features can be found in the thesis's conclusion.
|
|
|
Extraction of Available Information from SSH Protocol Headers
Ďurčanský, Norbert ; Bartoš, Václav (referee) ; Kořenek, Jan (advisor)
This paper analyzes issue regarding to extraction of available information from SSH protocol. To achieve this aim, knowledge about SSH protocol were used to implement plugin for FlowMon exporter. During the testing plugin was tested on real network and validated in terms of stability, efficiency and accuracy. The result plugin allows us to extract information from SSH protocol and futher analysis without decryption of traffic.
|
|
|
Compression of IP Flow Records
Kaščák, Andrej ; Kajan, Michal (referee) ; Žádník, Martin (advisor)
My Master's thesis deals with the problems of flow compression in network devices. Its outcome should alleviate memory consumption of the flows and simplify the processing of network traffic. As an introduction I provide a description of protocols serving for data storage and manipulation, followed by discussion about possibilities of compression methods that are employed nowadays. In the following part there is an in-depth analysis of source data that shows the structure and composition of the data and brings up useful observations, which are later used in the testing of existing compression methods, as well as about their potential and utilization in flow compression. Later on, I venture into the field of lossy compression and basing on the test results a new approach is described, created by means of flow clustering and their subsequent lossy compression. The conclusion contains an evaluation of the possibilities of the method and the final summary of the thesis along with various suggestions for further development of the research.
|
guest ::
