Thesis Details
Detekce škodlivých domén pomocí analýzy DNS provozu
English title
Malicious Domains Detection Using Analysis of DNS Traffic
Language
Czech
Abstract
The aim of this thesis is the detection of malicious domains based on passive analysis of DNS traffic. It represents the design and implementation of a system which proceeds DNS anomaly detection based on a structure of the domain name by using the entropy and a frequency characteristics of n-grams. The system was tested on DNS data obtained from the real traffic and the functionality of implemented detectors was verified by testing and analysis of results.
Keywords
DNS, malicious domain, detection, passive DNS analysis
Department
Degree Programme
Information Technology
Files
Status
defended, grade C
Date
17 June 2015
Reviewer
Committee
Švéda Miroslav, prof. Ing., CSc. (DIFS FIT BUT), předseda
Bartík Vladimír, Ing., Ph.D. (DIFS FIT BUT), člen
Beran Vítězslav, doc. Ing., Ph.D. (DCGM FIT BUT), člen
Kunovský Jiří, doc. Ing., CSc. (DITS FIT BUT), člen
Martínek Tomáš, doc. Ing., Ph.D. (DCSY FIT BUT), člen
Bartík Vladimír, Ing., Ph.D. (DIFS FIT BUT), člen
Beran Vítězslav, doc. Ing., Ph.D. (DCGM FIT BUT), člen
Kunovský Jiří, doc. Ing., CSc. (DITS FIT BUT), člen
Martínek Tomáš, doc. Ing., Ph.D. (DCSY FIT BUT), člen
Citation
AMBRUŠOVÁ, Eva. Detekce škodlivých domén pomocí analýzy DNS provozu. Brno, 2015. Bachelor's Thesis. Brno University of Technology, Faculty of Information Technology. 2015-06-17. Supervised by Kováčik Michal. Available from: https://www.fit.vut.cz/study/thesis/17699/
BibTeX
@bachelorsthesis{FITBT17699,
author = "Eva Ambru\v{s}ov\'{a}",
type = "Bachelor's thesis",
title = "Detekce \v{s}kodliv\'{y}ch dom\'{e}n pomoc\'{i} anal\'{y}zy DNS provozu",
school = "Brno University of Technology, Faculty of Information Technology",
year = 2015,
location = "Brno, CZ",
language = "czech",
url = "https://www.fit.vut.cz/study/thesis/17699/"
}