Return to search

Detekce síťových útoků pomocí nástroje Tshark / Detection of Network Attacks Using Tshark

This diploma thesis deals with the design and implementation of a tool for network attack detection from a captured network communication. It utilises the tshark packet analyser, the meaning of which is to convert the input file with the captured communications to the PDML format. The objective of this conversion being, increasing the flexibility of input data processing. When designing the tool, emphasis has been placed on the ability to expand it to detect new network attacks and on integrating these additions with ease. For this reason, the thesis also includes the design of a complex declarative descriptions for network attacks in the YAML serialization format. This allows us to specify the key properties of the network attacks and the conditions for their detection. The resulting tool acts as an interpreter of proposed declarative descriptions allowing it to be expanded with new types of attacks.

Identiferoai:union.ndltd.org:nusl.cz/oai:invenio.nusl.cz:385934
Date January 2018
CreatorsDudek, Jindřich
ContributorsRyšavý, Ondřej, Holkovič, Martin
PublisherVysoké učení technické v Brně. Fakulta informačních technologií
Source SetsCzech ETDs
LanguageCzech
Detected LanguageEnglish
Typeinfo:eu-repo/semantics/masterThesis
Rightsinfo:eu-repo/semantics/restrictedAccess

Page generated in 0.0022 seconds