Thesis Details
Odvozování pravidel pro mitigaci DDoS
This thesis is aimed at monitoring of computer networks using NetFlow data. It describes main aspects of detection network anomalies using IDS systems. Next part describes Nemea framework, which is used for creating modules. These modules are able to detect network incidents and attacks. Following chapters contain a brief overview of common network attacks with their specific remarks which can help in process of their detection. Based on this analysis, the concept of mitigation rules was created. These rules can be used for mitigation of DDoS attack. This method was tested on several data sets and it produced multiple mitigation rules. These rules were applied on data sets and they marked most of the suspicious flows.
NetFlow, IDS systems, DDoS attack, Time machine system, Mitigation rules
Bartík Vladimír, Ing., Ph.D. (DIFS FIT BUT), člen
Křivka Zbyněk, Ing., Ph.D. (DIFS FIT BUT), člen
Švéda Miroslav, prof. Ing., CSc. (DIFS FIT BUT), člen
Veselý Vladimír, Ing., Ph.D. (DIFS FIT BUT), člen
Zeman Václav, doc. Ing., Ph.D. (UTKO FEEC BUT), člen
@mastersthesis{FITMT19930,
author = "Marek Hurta",
type = "Master's thesis",
title = "Odvozov\'{a}n\'{i} pravidel pro mitigaci DDoS",
school = "Brno University of Technology, Faculty of Information Technology",
year = 2017,
location = "Brno, CZ",
language = "czech",
url = "https://www.fit.vut.cz/study/thesis/19930/"
}