|
|
Library and Tools for Server-Side DNSSEC Implementation
Včelák, Jan ; Grégr, Matěj (referee) ; Matoušek, Petr (advisor)
Tato práce se zabývá analýzou současných open source řešení pro zabezpečení DNS zón pomocí technologie DNSSEC. Na základě provedené rešerše je navržena a implementována nová knihovna pro použití na autoritativních DNS serverech. Cílem knihovny je zachovat výhody stávajících řešení a vyřešit jejich nedostatky. Součástí návrhu je i sada nástrojů pro správu politiky a klíčů. Funkčnost vytvořené knihovny je ukázána na jejím použití v serveru Knot DNS.
|
|
|
Ransomware Traffic Analysis
Šrubař, Michal ; Grégr, Matěj (referee) ; Ryšavý, Ondřej (advisor)
The focus of this work is crypto-ransomware; a variant of malware, an analysis of this malware’s network communication, and the identification of means by which it may be detected in the network. The thesis describes the methodology and environment in which the malware’s network communications were studied. The first part of the thesis provides a network traffic analysis of this type of malware with a focus on HTTP and DNS communication, including anomalies that can be observed in the network during this malware’s activity. The thesis also includes a discussion of the user behavior of devices infected by this type of malware. The resulting data was used to identify and describe four detection methods that are able to recognize the malware from its network communication using the HTTP protocol. Finally, a description of several signatures that can be used as indicators of a possible infection by this malware are provided.
|
|
|
Framework for DNS Server Testing
Novák, Martin ; Grégr, Matěj (referee) ; Matoušek, Petr (advisor)
This thesis deals with the modifications of the framework designed for DNS servers testing. Framework is developed by NIC.CZ association and is used primarily for testing the DNS server Knot DNS. The aim of this work are modifications of the framework that will allow simpler testing with this framework, such as: support for multiple implementations of DNS servers, parallel testing, components dummy server and box-in-the-middle, division into multiple components and overall modification of the existing framework. Introduction of thesis is dedicated to the authoritative DNS servers and to the foundations of testing. The remaining part of the thesis deals with the state of the existing framework and the state and testing of modified framework.
|
|
|
Load Balancing in OpenFlow Networks
Marciniak, Petr ; Ryšavý, Ondřej (referee) ; Grégr, Matěj (advisor)
The aim of this thesis is to develop a load balancing tool for OpenFlow networks. Software-defined networking (SDN) principles are introduced (OpenFlow protocol used as an example) and compared to the legacy routing and switching technology. Openflow is the first protocol/API enabling communication between the control and infrastructure planes of the software-defined networking model. Key features of the protocol are described and several OpenFlow controllers are introduced. Current best practices in computer networks load balancing are discussed as well. The load balancing application development process is described including the test laboratory setups - Mininet (SW) and OFELIA (HW). The application test results are evaluated and possible further enhancements to the program are discussed.
|
|
|
Modelling of L2 Loop-Preventing Protocols
Hrnčiřík, Matej ; Grégr, Matěj (referee) ; Veselý, Vladimír (advisor)
This thesis informs about currently used technologies, which provide loop protection on data link layer of computer networks. It clarifies issues of Ethernet networks. Chosen protocols are then closely described. There are presented advantages and disadvantages of chosen protocols and they are compared to other technologies. Practical section describes the initial implementation of IS-IS in OMNeT++ environment, which serves as the basic building block of TRILL protocol. An important issue is to verify correctness of implementation.
|
|
|
An Analysis of Selected IPv6 Network Attacks
Pivarník, Jozef ; Podermański, Tomáš (referee) ; Grégr, Matěj (advisor)
This master's thesis analyses and demonstrates selected IPv6 attacks including two Man-in-the-Middle attacks and one Denial of Service attack - Rogue Router Advertisement, Neighbor Cache Poisoning and Duplicate Address Detection DoS, respectively. In the first part the author presents necessary information related to the issue and provides detailed information on how to realize these attacks in practice using publicly available tools. The second part of the thesis presents various ways of mitigating presented attacks, analyses implementations of some of those countermeasures on Cisco and H3C devices and discussess their applicability.
|
|
|
SNMP Agent for IoT Devices
Polishchuk, Kateryna ; Grégr, Matěj (referee) ; Matoušek, Petr (advisor)
The aim of this work is to create a SNMP agent for monitoring IoT devices. Because most IoT devices do not support SNMP, we want to implement a SNMP agent that will collect device information and write the collected data to the values of the variables in the MIB. The procedure will be demonstrated on D-Link devices, as a door sensor and signaling device that communicate with the adapter via the Z-Wave radio signal.
|
|
|
Analysis of Security Incidents from Network Traffic
Serečun, Viliam ; Grégr, Matěj (referee) ; Ryšavý, Ondřej (advisor)
Analýza bezpečnostních incidentů se stala velmi důležitým a zajímavým oborem počítačové vědy. Monitorovací nástroje a techniky pomáhají při detekci a prevenci proti tímto škodlivým aktivitám. Tento dokument opisuje počítačové útoky a jejich klasifikaci. Také jsou tady opsaný některé monitorovací nástroje jako Intrusion Detection System nebo NetFlow protokol a jeho monitorovací software. Tento dokument také opisuje konfiguraci experimentální topologie a prezentuje několik experimentů škodlivých aktivit, které byly detailně kontrolovány těmito monitorovacími nástroji.
|
|
|
Modelling of OSPFv3 Link-State Routing Protocol
Ruprich, Michal ; Grégr, Matěj (referee) ; Veselý, Vladimír (advisor)
The thesis deals with simulation of routing protocols. The aim is to create a functioning model of OSPF link-state protocol in the simulation framework OMNET++. OMNET++ is a discrete simulation environment which was created to provide means to build models of various network protocols and technologies. Chapters in the first part of the thesis focuson the theoretical foundation of OSPFv2 and OSPFv3 and their differences. Important data structures, finite state automata and communication techniques are described and the information is later used to implement the model itself. The chapters in the second part deal with the implementation of the model in C++. The created model reflects the functionality of OSPF on Cisco devices.
|
|
|
Video Quality Monitoring Using NetFlow
Havlík, Jan ; Grégr, Matěj (referee) ; Matoušek, Petr (advisor)
This bachelor's thesis is about creating new tools for a video transfer quality monitoring. It consists of a client-server architecture, where the client is gathering video quality statistics and passes those statistics to the server. The server updates relevant NetFlow IPFIX records with these statistics. The project includes video encoding, packet encapsulation and Internet protocols related to this topic. The architecture is written in a C language for a UNIX operating system.
|
guest ::
RSS feed.