|
|
Mobile Application for Network Scanning
Teuchner, Marek ; Bartoš, Václav (referee) ; Kováčik, Michal (advisor)
The subject of this bachelor's thesis is to design and implement an application for Android operating system that allows the discovery of all connected devices in a local network and to display information about it and all of its devices. The application would allow the user to assign a custom icon and a note to each device within the network. Logs and statistics are also collected by the application. In addition, it is possible to attack the selected device using various Denial of Service attacks.
|
|
|
Mobile Application for DNS Administration
Galajda, Denis ; Ovšonka, Daniel (referee) ; Kováčik, Michal (advisor)
This bachelor's thesis deals with possibilities and specifics of developing a custom mobile applicaion for DNS administration on Android. The goal is to create an easy-to-use application which will allow the user to manage zones and resource records of BIND9 nameserver. This issue is solved by manipulation of zone files over SSH connection, controlled through the modern user interface. The resulting programm allows the users to comfortably manage a DNS server from their smartphone practically anywhere.
|
|
|
Spam Detection Using DNS MX Records
Plotěný, Ondřej ; Krobot, Pavel (referee) ; Kováčik, Michal (advisor)
The aim of this thesis is the detection of malicious spammer hosts based on passive analysis of captured DNS traffic. It represents the design and implementation of a system which proceeds DNS anomaly detection based on high volume of MX query per host and high NXDomain ratio. The system was tested on DNS data obtained from the real traffic and the functionality of implemented detectors was verified by testing and analysis of results.
|
|
|
Detection and Automatic Analysis of Network Scans
Procházka, Aleš ; Kováčik, Michal (referee) ; Krobot, Pavel (advisor)
This bachelor thesis is focused on a computer network monitoring that utilizes flows. Firstly, there is a framework Nemea described, which can be used to build a complex system for network attack detection, and whose module is developed within the thesis. Secondly, port scanning is explained and different methods that can be used to scan ports are defined. The module is designed to detect horizontal scanning. The idea behind this method is to compare a unique number of destination IP addresses, which were asked for with a specific port, with a given threshold in a specific time window. Finally, in the practical part of the thesis the implementation of the module is described and results of the experiments on real data from Cesnet are presented.
|
|
|
Visualization of Network Security Events
Stehlík, Petr ; Kováčik, Michal (referee) ; Krobot, Pavel (advisor)
This thesis focuses on visualization of network security events via modern web technologies. Multiple technologies for creating modern web application supporting visualising large volume of security events were studied. The application was designed for NEMEA system which thanks to this thesis acquired graphical user interface allowing big data visual analysis. Visualized events allow drill-down analysis. The application operates on security events stored in IDEA format which is used among other network security services and the application is therefore transferrable to them. NEMEA Dashboard has been tested on the target group of network administrators using acceptance tests.
|
|
|
Mobile Application for DNS Vulnerabilities Testing
Béder, Michal ; Ovšonka, Daniel (referee) ; Kováčik, Michal (advisor)
The aim of this thesis is to show the way how to implement an Android application, which allows full control over DNS packets creation. This was achieved by partial implementation of the application in C++ programming language. Furthermore, in this thesis are described topics as Android security model and possibilities of combining native and Java code. Resulting application allows to generate network attacks, which are exploiting some of the known DNS vulnerabilities.
|
|
|
DNS Tunnelling Detection Based on Application Layer Data Analysis
Koutenský, Michal ; Krobot, Pavel (referee) ; Kováčik, Michal (advisor)
This bachelor's thesis deals with designing and implementing a detection algorithm for detecting DNS tunnelling using application layer data. The algorithm's design is preceded by overview and analysis of current tunneling tools and their shared characteristics. The tunnelling tool iodine is given extra attention and is used to carry out more complex tests and benchmarks. The thesis concludes by testing the implemented algorithm on real data and highlighting its strengths and shortcomings.
|
|
|
Aggregation of Security Incident Reports
Kapičák, Daniel ; Kováčik, Michal (referee) ; Bartoš, Václav (advisor)
In this thesis, I present analysis of security incident reports in IDEA format from Mentat and their aggregation and correlation methods design and implementation. In data analysis, I show huge security reports diversity. Next, I show design of simple framework and system of templates. This framework and system of templates simplify aggregation and correlation methods design and implementation. Finally, I evaluate designed methods using Mentat database dumps. The results showed that designed methods can reduce the number of security reports up to 90% without loss of any significant information.
|
|
|
Efficient Transport of Electronic Mail with Microsoft Exchange Plugin
Jakubis, Tomáš ; Homoliak, Ivan (referee) ; Kováčik, Michal (advisor)
This project discusses optimization of e-mail and SMTP traffic in proprietary product of Microsoft Exchange 2013 in regard of marine industry. The goal is at first to analyze the requirements of this service on slow and unreliable network connections, SMTP traffic and then the product itself. Afterwards it defines specification for the final product and prepares the test environment. Design and implementation of transport agent using Exchange Management Shell is described for synchronization of two installations of Microsoft Exchange 2013; and focuses on emerged problems during the development, discusses different approaches and possible solutions. Testing shows various shortcomings of found solution. Finally, analysis of final solution shows possible future improvements and a need of security upgrade before applying to production environment.
|
|
|
Obfuscation of Anomalies and Security Incidents in DNS Traffic
Štěrba, Ondřej ; Kováčik, Michal (referee) ; Homoliak, Ivan (advisor)
The work analyze current detection methods of anomalies and security incidents in DNS traffic, and than design new obfuscation techniques which are capable of evading anomaly detection. Network attacks, exploiting the DNS protocol for tunneling of other network traffic, were selected for implementation part of the work. Control of botnet is considered as malicious application of tunneling through the DNS protocol. The main result of the work is to emphasize the necessity of discovering new detection principles of anomalies and security incidents in DNS traffic.
|
guest ::
