|
|
Fast Processing of Application-Layer Protocols
Bárta, Stanislav ; Martínek, Tomáš (referee) ; Polčák, Libor (advisor)
This master's thesis describes the design and implementation of system for processing application protocols in high-speed networks using the concept of Software Defined Monitoring. The proposed solution benefits from hardware accelerated network card performing pre-processing of network traffic based on the feedback from monitoring applications. The proposed system performs pre-processing and filtering of network traffic which is handed afterwards passed to application modules. Application modules process application protocols and generate metadata that describe network traffic. Pre-processing consists of parsing of network protocols up to the transport layer, TCP reassembling and forwarding packet flow only to modules that are looking for a given network traffic. The proposed system closely links intercept related information internal interception function (IRI-IIF) and content of communication internal interception function (CC-IIF) to minimize the performing of duplicate operations and increase the efficiency of the system.
|
|
|
Hardware Acceleration of Header Field Extraction
Polčák, Libor ; Martínek, Tomáš (referee) ; Kořenek, Jan (advisor)
Most network devices need to obtain specific packet header fields belonging to different network protocol headers for correct functionality. This work aims to create an efficient unit capable of application-specific packet header analysis and data extraction. The proposed unit deals with protocols used on L2, L3, and L4 layers of ISO/OSI model including tunneled protocols; it is possible to specify protocols which are to be supported. Data analysis is based on right linear grammar transformed to finite automaton. Hardware acceleration has to be exploited in order to achieve data processing of all traffic exchanged over high-speed networks. Using FPGA technology it is possible to achieve both fast and configurable data processing. The designed unit is able to process data on up to 40 Gbps networks. On-the-fly configuration of extracted header fields is supported.
|
|
|
Single-Page Application Generator for Improving Maintainabilty
Ďurčanský, Norbert ; Burget, Radek (referee) ; Polčák, Libor (advisor)
This diploma thesis deals with developing generator for single-page applications. Before developing the application it was necessary to identify problem areas that prevent the development and describe tools that make it easy to create, test, maintain, and deploy single-page applications. Based on the obtained information, the generator Create Sbspa is designed and implemented to efficiently create single-page applications and help to eliminate development problems. It generates configuration and code from semantic templates. The generator is available through a user interface that splits the templates into the groups by applicability. The generator was designed with the need for simplicity and clarity to enable efficient integration with new features. This work also includes design and implementation of the example app which shows features and benefits of the generator.
|
|
|
On Popularity of Web Browser JavaScript APIs
Schauer, Marek ; Burget, Radek (referee) ; Polčák, Libor (advisor)
In this work we present the design and implementation of a platform for automated measurement of the use of JavaScript APIs in a web browser. This platform is based on OpenWPM, which is used to instrument the web browser. In our architecture, the browser is extended with a modified Web API Manager extension, which allows to capture calls to JavaScript methods and log information about these calls. The platform was used to perform measurements on a 10,000 websites. From the analysis of the data obtained by the measurement, we found that the most used APIs over measured websites are APIs specified in HTML and DOM standards, High Resolution Time API and Web Cryptography API. Within the APIs that were implemented in Mozilla Firefox after 2016, we identified the Intersection Observer API, Background Tasks API and Resize Observer API as the most frequently used.
|
|
|
Browser Fingerprinting Using Web Assembly
Škuta, Matúš ; Koutenský, Michal (referee) ; Polčák, Libor (advisor)
The main goal of this bachelor thesis is the implementation of device identification using Web Assembly technology. In this work we are discussing the existing methods of device identification, methods to prevent identification and ways to circumvent these barriers. We are also getting acquainted with the Brave browser, which seeks to reduce the identification of devices on the Internet. We are explaining how Web Assembly works, what are its positives, negatives and if we are able to bypass various defences against device identification thanks to this new technology. Next, we are looking at the several web APIs we are using to identify devices, and we are introducing a few extensions designed to prevent or completely limit device identification. Existing security extensions limit the activity of the Web Assembly, for example this work shows that the Web API Manager extension can neutralize the test page implemented in this work.
|
|
|
Computer Identification Using Time Information
Jirásek, Jakub ; Grégr, Matěj (referee) ; Polčák, Libor (advisor)
This work deals with the identification of a remote computer by monitoring TCP timestamps of the tracked device. It is possible to determine computer's clock skew from these timestamps as the clock skew is unique for every device. We are able to differentiate devices even though they have changed location, network address or connection type. Passive data capturing ensures that the identification process is invisible to the fingerprinted computer. It is necessary that the network communication of fingerprinted computer is visible to the observing device. We are able to utilise only TCP traffic with timestamps enabled.
|
|
|
Behaviour-Based Identification of Network Devices
Polák, Michael Adam ; Holkovič, Martin (referee) ; Polčák, Libor (advisor)
Táto práca sa zaoberá problematikou identifikácie sieťových zariadení na základe ich chovania v sieti. S neustále sa zvyšujúcim počtom zariadení na sieti je neustále dôležitejšia schopnosť identifikovať zariadenia z bezpečnostných dôvodov. Táto práca ďalej pojednáva o základoch počítačových sietí a metódach, ktoré boli využívané v minulosti na identifikáciu sieťových zariadení. Následne sú popísané algoritmy využívané v strojovom učení a taktiež sú popísané ich výhody i nevýhody. Nakoniec, táto práca otestuje dva tradičné algorithmy strojového učenia a navrhuje dva nové prístupy na identifikáciu sieťových zariadení. Výsledný navrhovaný algoritmus v tejto práci dosahuje 89% presnosť identifikácii sieťových zariadení na reálnej dátovej sade s viac ako 10000 zariadeniami.
|
|
|
Computer Identification Using JavaScript Timestamps
Jireš, Michal ; Večeřa, Vojtěch (referee) ; Polčák, Libor (advisor)
This thesis deals with remote computer identification based on its internal clock skew. This clock skew will be determined using JavaScript timestamps. The goal of this thesis is to create web page, that will use clock skew to identify computer. This web page will also be used to test time distortion capabilities of browser extension JavaScript Restrictor. Web page will try to identify computer using different security presents thus testing their efficiency.
|
|
|
International Alphabets in Network Traffic Monitoring
Talašová, Irena ; Vrána, Roman (referee) ; Polčák, Libor (advisor)
This work deals with the implementation of support for network identifiers containing national characters in the SProbe software project, which is designed to monitor network flows. It was necessary to test and evaluate the status of selected network applications working over SMTP, POP3, IMAP, FTP or SIP protocols. On the basis of the information obtained, an extension of the current software project SProbe was proposed - a module to support network traffic monitoring with national alphabet characters. The proposed solution was then implemented and the functionality of the entire resulting system was tested. In addition, this work proposes and implements a modification of the test environment for faster and more efficient testing of the system focusing on tests containing diacritics.
|
|
|
Tool for Analysis of JavaScript to Detect DOM XSS Vulnerabilities in Web Applications
Barnová, Diana ; Polčák, Libor (referee) ; Homoliak, Ivan (advisor)
The main goal of this thesis is to design a tool for analisys of JavaScript to detect DOM--based XSS vulnerability in web applications. Then to implement it and test it ethically. Cross--side Scripting (XSS) is one of the most common injection attacks on web applications that insert malicious code in an otherwise trusted site. An interpreted response by the browser is required for the detection and subsequent exploitation of DOM--based XSS vulnerabilities, therefore the tool captures the response from the Burp Suite proxy server. The analysis of this response uses two separate regular expressions aimed at searching for sources and sinks in the source code of the response. A set of payloads is used to determine if a site is exploitable. Subsequently, the user is warned of the possible danger. The output is a text file summarizing the results for the URL.
|
guest ::
