|
|
IP Flow Filter
Štoffa, Imrich ; Krobot, Pavel (referee) ; Wrona, Jan (advisor)
This thesis is focused on unification of filtering languages used by IP flow collecting program and library for their analysis. At the moment these implementations use different filtering modules and file formats. Because of this, inconsistencies in results arise and as a response to this, creation of one filtering module was proposed as part of effort to better integrate collection and analysis of IP flows using these programs. The one filtering module aims to provide one implementation and support for popular filtering language for use in the programs. Thesis contains theoretical introduction to flow monitoring in networks, describes algorithms useful for evaluation of conditions on flow records and packets. The core of authors work is design and implementation of the filtering module and its wrappers for the collector and analysis library. Results of performance tests and evaluation of features can be found in the thesis's conclusion.
|
|
|
Using NetFlow Data to Create Filtering Rules
Pločicová, Dominika ; Nagy, Peter (referee) ; Grégr, Matěj (advisor)
Cieľom práce je navrhnúť a implementovať systém, ktorý bude schopný detegovať prebiehajúci DDoS útok z dát NetFlow a vytvoriť filtračné pravidlo na jeho zastavenie. Po načítaní definície profilov danej administrátorom by sa mala skúmať sieťová prevádzka. V prípade prebiehajúceho DDoS útoku z jedného alebo viacerých definovaných profilov by sa malo vytvoriť filtračné pravidlo pre elimináciu prevádzky spadajúcej pod daný profil (prípadne profily).
|
|
|
Finding Attack Pattern from NetFlow Data
Jireš, Michal ; Podermański, Tomáš (referee) ; Grégr, Matěj (advisor)
This thesis deals with detection of possible attacks in computer networks and subsequent generation of the most specific rules used for filtration. The goal of this thesis is to create tool, that will analyze incoming NetFlow data and will try to detect ongoing attacks. If there is ongoing attack detected, the tool will generate the most specific rules, based on recent NetFlow history, that can be used to filter packets associated with the attack.
|
|
|
IP Flow Filter
Štoffa, Imrich ; Krobot, Pavel (referee) ; Wrona, Jan (advisor)
This thesis is focused on unification of filtering languages used by IP flow collecting program and library for their analysis. At the moment these implementations use different filtering modules and file formats. Because of this, inconsistencies in results arise and as a response to this, creation of one filtering module was proposed as part of effort to better integrate collection and analysis of IP flows using these programs. The one filtering module aims to provide one implementation and support for popular filtering language for use in the programs. Thesis contains theoretical introduction to flow monitoring in networks, describes algorithms useful for evaluation of conditions on flow records and packets. The core of authors work is design and implementation of the filtering module and its wrappers for the collector and analysis library. Results of performance tests and evaluation of features can be found in the thesis's conclusion.
|
guest ::
