|
|
Detection of slow-rate DDoS attacks
Sikora, Marek ; Frolka, Jakub (referee) ; Blažek, Petr (advisor)
This diploma thesis is focused on the detection and protection against Slow DoS and DDoS attacks using computer network traffic analysis. The reader is introduced to the basic issues of this specific category of sophisticated attacks, and the characteristics of several specific attacks are clarified. There is also a set of methods for detecting and protecting against these attacks. The proposed methods are used to implement custom intrusion prevention system that is deployed on the border filtering server of computer network in order to protect Web servers against attacks from the Internet. Then created system is tested in the laboratory network. Presented results of the testing show that the system is able to detect attacks Slow GET, Slow POST, Slow Read and Apache Range Header and then protect Web servers from affecting provided services.
|
|
|
Generator of low-rate DoS attacks
Kaiser, Michal ; Gerlich, Tomáš (referee) ; Sikora, Marek (advisor)
The bachelor thesis is focused on the implementation and issues of Low-rate DoS attacks, where based on this information obtained during the compilation of the bachelor thesis, Low-rate DoS attack generators called NewShrew and LoRDAS are constructed. The reader will be introduced to the general issues of DoS attacks, their operation, and the exploitation of network communication, where these basic attacks will then be divided according to their network flow characteristics, and the Low-rate attacks will be described in more detail. After the theoretical introduction, the NewShrew and LoRDAS attacks are described. Subsequently, the methods of their detection and defense techniques will be introduced. Generators of these attacks are implemented in the Python programming language. These attacks will then be tested on test networks. The result of the thesis will be NewShrew and LoRDAS DoS attacks that attempt to make a web server inaccessible, results of correct settings of attacks, and also detection and prevention system are proposed.
|
|
|
Straightening technology of semi-finished products
Sikora, Marek ; Řiháček, Jan (referee) ; Peterková, Eva (advisor)
The main aim of this thesis is to create a general overview of processes that are applied in straightening semi-finished products. These processes include manual methods as well as mechanical ones. This work also informs about advantages and disadvantages of these processes based on published researches. This paper is supposed to give a basic overview of categories of machines and tools that are used in certain straightening technologies.
|
|
|
Manufacturing of the Wall Bracket Bicycle
Sikora, Marek ; Císařová, Michaela (referee) ; Peterková, Eva (advisor)
This master’s thesis presents a proposal for the technology of manufacturing sheet metal part, which is a part of a bicycle wall bracket. The component is made of steel sheet ČSN 11 325 with subsequent surface treatment by galvanizing. Due to the chosen method of manufacturing with a progressive stamping die, the research part is focused on the technology of shearing and bending. Technological calculations were performed for the most suitable production variant, on the basis of which a mechanical press ANDRITZ Metals with the designation KSTU 2000-20-4G-PSE was chosen. Furthermore, the design of the tool itself is presented, which is substantiated by drawing documentation. At the end of the work, a technical and economic evaluation of the produced series of 300 000 workpieces per year is calculated.
|
|
|
Blockchain technology and its use
Hrbotický, Lukáš ; Sikora, Marek (referee) ; Zeman, Václav (advisor)
This diploma theses concerns the matter of blockchain technology and its practical use, especially for nonfinancial services. Theoretical part describes the blockchain technology from the technological and juridical point of view and examples of its practical use are also mentioned. In the practical part two laboratory exercises were designed for further familiarization of the blockchain technology, in which students try some real applications on their own.
|
|
|
Anonymization of users when collecting network traffic
Hamár, Lukáš ; Blažek, Petr (referee) ; Sikora, Marek (advisor)
This thesis deals with anonymization of data, which could lead to disclosure of the identity of end users in network traffic. Work describes algorithms by which individual data parts are anonymized and also tools which use these techniques for network traffic anonymization. The next part of the thesis describes construction of a laboratory network, in which is the network traffic captured, containing pcap and NetFlow data. With using of the captured data, the anonymization tools are tested and the results are compared. In the last part of the thesis is created graphical interface for one of the tested anonymization softwares.
|
|
|
Detection of modern Slow DoS attacks
Jurek, Michael ; Jonák, Martin (referee) ; Sikora, Marek (advisor)
S rozvojem propojených zařízení v síti internet se počet útoků zvětšuje. Útočníci můžou zneužít takového zranitelného zařízení a vytvořit (D)DoS útok proti své oběti. Tyto útoky se stávají čím dál tím víc sofistikovanější. Proto byla vytvořena nová kategorie DoS útoků s názvem Pomalé DoS útoky, u kterých se útočník snaží napodobit chování standardního uživatele. Útočník se snaží využít všech možností, které mu transportní či aplikační protokol umožňují jako např. náhodné zahazování paketů, neodesílání nebo pozdržování zpráv. Na druhou stranu tvorba vlastních aplikačních výplní těchto protokolů může způsobit stav odepření služby na cíleném aplikačním serveru. Tato práce navrhuje klasifikaci síťových toků a volbu parametrů, které můžou pomoci s detekcí pomalých DoS útoků. Mezi vybranými pomalými DoS útoky jsou Slow Read, Slow Drop a Slow Next. Pro každý útok je popsán proces komunikace z pohledu transportní a aplikační vrstvy. Dále jsou vybrány důležité parametry popisující tyto útoky a v neposlední řadě jsou diskutovány metody a nástroje umožňující tvorbu takových útoků. Tato práce se zabývá možnostmi a nástroji tvorby spojení pro útok a diskutuje základní komunikační koncepty tvorby paralelních spojení. Dále je navržen vlastní generátor pomalých DoS útoků s velkým množstvím parametrů, pomocí nichž může útočník definovat vlastní pomalé DoS útoky. Následující část popisuje testovací prostředí pro testování generovaných útoků, scénáře a nástroje zachycování síťového provozu pro tvorbu vlastního datového souboru, jež je dále použit pro detekci pomalých DoS útoků pomocí metod strojového účení s učitelem. Konrétně jsou použity rozhodovací stromy a náhodné lesy k výběrů důležitých paramterů či sloupců použitelných pro detekci pomalých DoS útoků.
|
|
| |
|
|
Anomaly detection by neural networks
Strakoš, Jan ; Sikora, Marek (referee) ; Blažek, Petr (advisor)
This bachelor thesis is focused on anomaly detection represented as computer network attacks by neural network. One of the most common groups of attacks is Distributed Denial of Service (DDoS) attacks, which the system based on neural network should identificate. In the theoretical part of this thesis are described legitimate, non-standard and illegitimate traffic. Another part of this chapter described DDoS attacks, options of their detection, neural networks principle and their use. Practical part describe choosed communication parameters, specifying the threshold intervals of legitimate traffic, constructing a neural network which use of these parameters and threshold intervals, implementation of neural network into the system and presenting results.
|
|
|
Certification authority
Herinek, Denis ; Sikora, Marek (referee) ; Zeman, Václav (advisor)
There is a lot of available services on the internet those need to be more secured and trusted. Public key infrastructure is used in sectors where are higher expectations in case of authentication, integrity and confidentality. It is almost impossible to imagine how internet banking or electronic signatures of important documents would work without PKI. There is a lot of open-source realisations of PKI created by users. Digital certificates as a part of PKI are issued by certificate authorities. This diploma thesis consists of open- source realisation of certificate authority and timestamping authority to demonstrate services which they provide.
|
guest ::
RSS feed.