Thesis Details
Detekce nežádoucího provozu v lokální síti
This bachelor's thesis discusses monitoring local networks using IP flows. It describes Nemeaframework which is used for building complex systems for detecting malicious traffic. Analysisof data from three different networks was performed by using this framework. Basedon this analysis a design for detection of malicious traffic in local network was created. Thedetection method monitors network traffic for suspicious communication targeting IP orURL addresses that are listed in public blacklists. The detection method is evaluated onvarious traffic samples and the results show that three analysed samples belong to networksthat are well managed and secured since the communication with the blacklisted entities israre.
Nemea,IDS,NetFlow,IPFIX,Blacklist
Rychlý Marek, RNDr., Ph.D. (DIFS FIT BUT), člen
Sekanina Lukáš, prof. Ing., Ph.D. (DCSY FIT BUT), člen
Šátek Václav, Ing., Ph.D. (DITS FIT BUT), člen
Španěl Michal, Ing., Ph.D. (DCGM FIT BUT), člen
@bachelorsthesis{FITBT16956, author = "Erik \v{S}ab\'{i}k", type = "Bachelor's thesis", title = "Detekce ne\v{z}\'{a}douc\'{i}ho provozu v lok\'{a}ln\'{i} s\'{i}ti", school = "Brno University of Technology, Faculty of Information Technology", year = 2015, location = "Brno, CZ", language = "czech", url = "https://www.fit.vut.cz/study/thesis/16956/" }