Abstract [eng] |
Quality of online networking is relevant to today's business, industry, education, science, medicine and society. Internet networks are regularly confronted with various disruptions - including DDoS attacks. As networks grow, attacks also grow, creating the need to detect and protect them. The goal of this final thesis is to create a system that detects DDoS attacks by monitoring the routes of BGP networks. In order to fulfill the goal, the tasks are set to analyze the relevant topics necessary for the realization of the system. The work analyzes the operation of BGP routing and networking and the influence of DDoS and other large-scale events on their operation. The most current methods of network analysis, route tracking and DDoS attack detection are analyzed. For DDoS attack detection, the comparison of the data samples of standard traffic and attack traffic is chosen. The most popular machine learning algorithms for data classification are analyzed for this comparison. 4 different algorithms are selected for the realization of the work. During implementation, a system is designed to automatically collect data on addresses and routes. Analyze module is developed to analyze and provide data on request. 100 addresses and routes are prepared for data analysis. Two routes are selected for the final test of the analysis module. The analysis module successfully reports about a potential attack, with a confidence factor ranging from 60% to 100%, depending on the data being investigated. |