Thesis Details
Efektivní detekce síťových anomálií s využitím DNS dat
English title
Effective Network Anomaly Detection Using DNS Data
Language
Czech
Abstract
This thesis describes the design and implementation of system for effective detection of network anomaly using DNS data. Effective detection is accomplished by combination and cooperation of detectors and detection techniques. Flow data in NetFlow and IPFIX formats are used as input for detection. Also packets in pcap format can be used. Main focus is put on detection of DNS tunneling. Thesis also describes Domain Name System (DNS) and anomalies associated with DNS.
Keywords
DNS, anomalies, tunneling, DoS, detection, NetFlow, IPFIX, pcap, IP
Department
Degree Programme
Information Technology, Field of Study
Computer Networks and Communication
Files
Status
defended, grade A
Date
23 June 2015
Reviewer
Committee
Švéda Miroslav, prof. Ing., CSc. (DIFS FIT BUT), předseda
Drábek Vladimír, doc. Ing., CSc. (DCSY FIT BUT), člen
Hladká Eva, doc. RNDr., Ph.D. (FI MUNI), člen
Holík Lukáš, doc. Mgr., Ph.D. (DITS FIT BUT), člen
Jaroš Jiří, doc. Ing., Ph.D. (DCSY FIT BUT), člen
Matoušek Petr, doc. Ing., Ph.D., M.A. (DIFS FIT BUT), člen
Drábek Vladimír, doc. Ing., CSc. (DCSY FIT BUT), člen
Hladká Eva, doc. RNDr., Ph.D. (FI MUNI), člen
Holík Lukáš, doc. Mgr., Ph.D. (DITS FIT BUT), člen
Jaroš Jiří, doc. Ing., Ph.D. (DCSY FIT BUT), člen
Matoušek Petr, doc. Ing., Ph.D., M.A. (DIFS FIT BUT), člen
Citation
FOMICZEW, Jiří. Efektivní detekce síťových anomálií s využitím DNS dat. Brno, 2015. Master's Thesis. Brno University of Technology, Faculty of Information Technology. 2015-06-23. Supervised by Kováčik Michal. Available from: https://www.fit.vut.cz/study/thesis/15194/
BibTeX
@mastersthesis{FITMT15194,
author = "Ji\v{r}\'{i} Fomiczew",
type = "Master's thesis",
title = "Efektivn\'{i} detekce s\'{i}\v{t}ov\'{y}ch anom\'{a}li\'{i} s vyu\v{z}it\'{i}m DNS dat",
school = "Brno University of Technology, Faculty of Information Technology",
year = 2015,
location = "Brno, CZ",
language = "czech",
url = "https://www.fit.vut.cz/study/thesis/15194/"
}