|
|
Reprezentace síťových toků s využitím neuronových sítí
Pycz, Lukasz ; Jeřábek, Kamil (referee) ; Poliakov, Daniel (advisor)
This thesis explores the application of self-supervised learning (SSL) methods such as data masking, data order shuffling, and contrastive learning, to extract meaningful representations from network flow data, specifically using the CESNET TLS22 dataset from CESNET DataZoo. The main goal is to develop a robust model that improves the understanding and analysis of network flows through effective representation learning without relying on labeled data. The research utilizes the PyTorch computational framework for designing, training, and evaluating the performance of the model.
|
|
|
Detection of DGA-based Botnets
Keznikl, Matej ; Setinský, Jiří (referee) ; Hranický, Radek (advisor)
Botnets represent significant cybersecurity threats due to their potential to cause extensive damage to computer networks and systems. One primary method by which botnets conceal their existence and communicate with servers is through the use of Domain Generation Algorithms (DGA), which enable the dynamic creation of domain names for controlling the botnet. This thesis focuses on the design and development of a highly efficient and distributed detection system for analyzing communication patterns and behaviors of botnets within DNS network traffic and identifying domain names created based on DGA. Several machine learning techniques were compared, utilizing lexical features of domain names characteristic of DGA, to determine the classifier exhibiting the best results. The LightGBM classifier, achieving a ROC-AUC score of up to 99.18%, was subsequently integrated into the detection system. Unit testing of individual blocks and integration testing were performed to ensure the functionality and reliability of the entire system and the mutual compatibility of its components. The resulting implementation of the detection system achieves high accuracy in the binary classification of domain names created based on DGA, ensuring its readiness for effective deployment in real-world operational environments.
|
|
|
Optimization of network entity reputation system
Magda, Jakub ; Setinský, Jiří (referee) ; Žádník, Martin (advisor)
This thesis addresses the problem of designing and reimplementing a Network Entity Reputation Database (NERD) to the Dynamic Profile Processing Platform (DP3). This thesis presents the design of the new NERD system and its data model. The non-functioning parts of the system are removed, and those that will also be needed on the new platform are selected. A proposal is then made for adapting them to DP. The data model has been designed based on the original version, which has been improved and converted to the DP3 platform. The outcome of this endeavour is a reputation system that is operational on a more general platform. This facilitates future extensions.
|
|
|
Distributed system for suppression of DoS attacks
Beneš, Dalibor ; Žádník, Martin (referee) ; Šišmiš, Lukáš (advisor)
Ochrana před distribuovanými útoky odepření služby (DDoS) patří mezi klíčové oblastí síťové bezpečnosti. Jednou z možných forem ochrany je využití zařízení DCPro DDoS Protector vyvíjeného sdružením CESNET. Sdružení CESNET provozuje také systémy pro monitorování a analýzu síťového provozu IPFIXcol2 a NEMEA, a dále poskytuje možnost využít protokol pro monitorování sítě sFlow. Cílem této práce je navrhnout a uskutečnit integraci těchto systémů a vytvořit tak efektivní systém potlačení útoků odepření služby. Při vypracování tohoto cíle byl kladen důraz na efektivní využití stávajích řešení, znovupoužitelnost a možnosti budoucího rozšíření celé distribuované architektury.
|
|
|
SRv6 protocol and its use in education
Považan, Martin ; Zeman, Václav (referee) ; Slavíček, Karel (advisor)
SRv6 je protokol novej generácie, ktorý kombinuje segmentové smerovanie a IPv6 pomocou flexibilných rozširujúcich hlavičiek IPv6. SRv6 je plynulo implementovaný v súčasných chrbticových sieťach poskytovateľov služieb a jeho cieľom je stať sa nástupcom v súčasnosti používaného protokolu MPLS. Táto bakalárska práca analyzuje protokol SRv6 a opisuje jeho možnosti zabezpečenia a emulácie. Protokol SRv6 je analyzovaný a porovnávaný s protokolom MPLS z hľadiska kybernetickej bezpečnosti. V praktickej časti bolo navrhnuté laboratórne cvičenie demonštrujúce vlastnosti protokolu SRv6 s využitím emulátora siete Containerlab.
|
|
|
Methods for Network Traffic Classification
Jacko, Michal ; Ovšonka, Daniel (referee) ; Barabas, Maroš (advisor)
This paper deals with a problem of detection of network traffic anomaly and classification of network flows. Based on existing methods, paper describes proposal and implementaion of a tool, which can automatically classify network flows. The tool uses CUDA platform for network data processing and computation of network flow metrics using graphics processing unit. Processed flows are subsequently classified by proposed methods for network anomaly detection.
|
|
|
Eluding and Evasion of IDS Systems
Černý, Marek ; Tobola, Jiří (referee) ; Žádník, Martin (advisor)
This paper analyzes network security devices called intrusion detection (ID) systems. In order to point out possible flaws, especially ID systems using signature analysis are examined. Based on this, methods to exploit possible vulnerabilities of these systems were designed. These methods were implemented into a simple program for ID systems efficiency evaluation. It can be used in a way entirely independent of particular network attack used in the test.
|
|
| |
|
|
Implementation Methodology of Network Security in the Software Company
Tomaga, Jakub ; Sopuch, Zbyněk (referee) ; Sedlák, Petr (advisor)
This thesis deals with network security and its deployment in the real environment of the software company. The thesis describes information management framework with a specific concentration on computer networks. Network security policy is designed as well as network infrastructure modifications in order to increase the level of security. All parts of the solution are also analyzed from financial point of view.
|
|
|
OMNeT++ Extension with ACL Filtering Module
Suchomel, Tomáš ; Ryšavý, Ondřej (referee) ; Matoušek, Petr (advisor)
This bachelor's thesis describes discrete simulation of network in OMNeT++. We are exploring effective representation and evaluation of ACL rules by advanced data structures based on interval decision diagrams. OMNeT++ is extended by filtering properties of packets using access control lists. Because ACL filtering is not supported in OMNeT++, it was added as a brand-new module, whose concept and implementation is described here. Practical usage of the implemented module is demonstrated on a simulation of real nontrivial network. We also analyse results of the simulation and verify them by comparison with real network behaviour.
|
guest ::
