Return to search

Analýza zpětně rozptýleného DDoS provozu v datech o síťových tocích / Analysis of DDoS Backscatter Traffic in Network Flow Data

This work focuses on detection of denial of service (DoS) attacks which utilize random spoofing of source IP address in attack packets. These types of attacks lead to generation of side effect in a form of backscatter that can be used to identify victims of such attacks. Backscatter analysis has so far been limited to unused address space ranges referred to as network telescopes. This work therefore proposes a new method of DoS attack detection via backscatter outside of network telescope environment where legitimate user traffic is also present. Furthermore proposed approach uses only abstracted traffic in a form of network flows. Presented method was implemented as part of NEMEA system and tested on real flow data capture provided by CESNET.

Identiferoai:union.ndltd.org:nusl.cz/oai:invenio.nusl.cz:445542
Date January 2021
CreatorsMarušiak, Martin
ContributorsTisovčík, Peter, Žádník, Martin
PublisherVysoké učení technické v Brně. Fakulta informačních technologií
Source SetsCzech ETDs
LanguageCzech
Detected LanguageEnglish
Typeinfo:eu-repo/semantics/masterThesis
Rightsinfo:eu-repo/semantics/restrictedAccess

Page generated in 0.0021 seconds