Bachelor theses
Crypto-currency miner detection from periodic behavior of network communication
Author
Vojtěch Chvojka
Year
2023
Type
Bachelor thesis
Supervisor
Ing. Josef Koumar
Reviewers
Ing. Michal Štepanovský, Ph.D.
Department
Summary
This bachelor's thesis deals with the detection of cryptocurrency mining from network traffic. Such traffic is usually encrypted. Periodic properties of network communication are suitable as machine learning input because they can be applied to encrypted communication as well. A program was created that, based on the analysis and testing of statistical classifiers, selected the XGBoost classifier and selected the periodic properties of network flows that it evaluated as the most significant for the detection of cryptocurrency mining. A specificity of 99.77 \% and a sensitivity of 98.39 \% were achieved on the test data.
Time series analysis in network flow exporter
Author
David Kežlínek
Year
2023
Type
Bachelor thesis
Supervisor
Ing. Josef Koumar
Reviewers
Ing. Jaroslav Pešek
Department
Summary
The first part of this thesis deals with the problem of monitoring computer networks using IP flows. Then it deals with the analysis of time series obtained from these IP flows, focusing on the extraction of their attributes.
The result of this work is a new module for the open source IP flow exporter ipfixprobe. This new module allows to extend IP flow records with attributes extracted from time series analysis. These attributes can be used as input data for machine learning based threat detection in the future.hese attributes can be used as input data for machine learning based threat detection in the future.