This thesis is aimed at monitoring of computer networks using NetFlow data. It describes main aspects of detection network anomalies using IDS systems. Next part describes Nemea framework, which is used for creating modules. These modules are able to detect network incidents and attacks. Following chapters contain a brief overview of common network attacks with their specific remarks which can help in process of their detection. Based on this analysis, the concept of mitigation rules was created. These rules can be used for mitigation of DDoS attack. This method was tested on several data sets and it produced multiple mitigation rules. These rules were applied on data sets and they marked most of the suspicious flows.
| Identifer | oai:union.ndltd.org:nusl.cz/oai:invenio.nusl.cz:363809 |
| Date | January 2017 |
| Creators | Hurta, Marek |
| Contributors | Krobot, Pavel, Žádník, Martin |
| Publisher | Vysoké učení technické v Brně. Fakulta informačních technologií |
| Source Sets | Czech ETDs |
| Language | Czech |
| Detected Language | English |
| Type | info:eu-repo/semantics/masterThesis |
| Rights | info:eu-repo/semantics/restrictedAccess |
Page generated in 0.0018 seconds