Detekcia sieťových útokov vo vysoko-rýchlostných počítačových sieťach
Autor práce: Ing. Jakub HrabovskýŠkoliteľ: doc. Mgr. Ondrej Šuch, PhD.
Dátum obhajoby: 21.8.2019
Študijný program: 9.2.9 Aplikovaná informatika
Oponent 1: prof. Ing. Ivan Kotuliak, PhD.
Oponent 2: prof. Ing. Martin Klimo, PhD.
Slovenský abstrakt:
JAKUB HRABOVSKY: Detekcia siet'ovych utokov vo vysoko-rychlostnych poctacovych
siet'ach [Dizertacna praca] - Zilinska univerzita v Ziline. Fakulta riadenia a informatiky.
Katedra informacnych siet. - Skolitel': doc. Mgr. Ondrej Such, PhD. - Stupen odbornej
kvalikacie: Doktor lozoe v studijnom odbore 9.2.9 aplikovana informatika. - Zilina,
FRI ZU, aprl 2019, 152 s.
Nedostatocna kvalita zabezpecenia sucasnych siet'ovych sluzieb, sp^osobena najma vyskytom
masvnych siet'ovych utokov typu DoS/DDoS, vedie casto k nedostupnosti tychto
sluzieb. Detekcia siet'ovych utokov spada do oblasti bezpecnosti poctacovych siet a predstavuje
problem, ktoremu sa venuje aj predkladana praca. Ciel'om prace je vytvorenie
metodiky navrhu detektora DoS/DDoS utokov s pouzitm strojoveho ucenia vo vysokor
ychlostnej poctacovej sieti. Praca analyzuje klady a nedostatky aktualnych detekcnych
metod, ktore su zalozene na strojovom ucen. Takto zskane trendy su nasledne aplikovane
pri tvorbe vlastnej metodiky navrhu detektora siet'ovych utokov. Predlohou specikacie
jednotlivych etap metodiky je oblast' rozpoznavania vzorov. Okrem metodiky sa praca zaober
a aj generickym navrhom systemu konvolucnej neuronovej siete a jeho implementaciou
do FPGA obvodov. V navrhu tohto systemu je pouzity systemovy prstup, ktory viedol
ku specikacii jednotlivych subsystemov. Najvacsia pozornost' je venovana navrhu origin
alnej struktury 2D konvolutora, ako kl'ucoveho vypoctoveho prvku konvolucnej siete.
Pre popis subsystemov, navrhnutych v tejto praci, je vytvoreny gracky model v nastroji
Matlab/Simulink a RTL model v jazyku VHDL. Korektna funkcia modelov je overena
formou simulacie.
Kl'ucove slova: siet'ovy utok, odopretie sluzby, distribuovane odopretie sluzby, system
detekcie siet'ovych prienikov, hlboke ucenie, konvolucna neuronova siet', programovatel'ne
hradlove polia
Anglický abstrakt:
JAKUB HRABOVSKY: Network-based Intrusion Detection in High-Speed Computer
Networks [Dissertation thesis] - The University of Zilina in Zilina. Faculty of Management
Science and Informatics. Department of InfoComm Networks. - Supervisor: doc.
Mgr. Ondrej Such, PhD. - Qualication level: Philosophiae doctor in the study eld 9.2.9
Applied Informatics. - Zilina, FRI ZU, april 2019, 152 p.
Unsatisfactory quality of security in current network services, caused primarily by massive
computer network intrusions such as DoS/DDoS attacks, leads often to an unavailability
of these services. Network intrusion detection is a part of computer network security eld
and represents a problem that is also addressed in this thesis. The aim of the thesis is
a methodology for a design of DoS/DDoS attacks detector with application of machine
learning in high-speed computer network. The thesis analyzes pluses and minuses of current
intrusion detection methods based on the principles of machine learning. Identied
trends are subsequently applied during the creation of own methodology for a design
of network intrusion detector. The eld of pattern recognition serves as a template for
a specication of the individual methodology stages. Beside the methodology, the thesis
deals with a generic design of a convolutional neural network system and its implementation
into FPGA circuits. The systematic approach used in this system design helped
in a specication of the individual subsystems. The most attention is given to the novel
structure of 2D convolver as a key processing element of the convolutional network. The
graphical model (built in development tools Matlab/Simulink) and RTL model (written
in VHDL) were created in order to describe subsystems, designed in this thesis. The
correct function of the models is veried and validated through the simulation.
Keywords: network intrusion, denial of service, distributed denial of service, networkbased
intrusion detection system, deep learning, convolutional neural network, eld programmable
gate arrays
Autoreferát dizertačnej práce
Text práce