|
| |
|
|
Network Attack Analysis Using Honeypots
Galetka, Josef ; Chmelař, Petr (referee) ; Drozd, Michal (advisor)
This text deals with computer network security using honeypot technology, as a tool of intentional trap for attackers. It closely describes basic thoughts, together with advantages and disadvantages of this concept. The main aim is a low interaction honeypot Honeyd, its functionality and possible extensional features. As a practical part of the text there is a description of principles of implementation Honeyd service scripts, which are represented as a simulation of behavior of computer worm Conficker. Further it describes creation of automated script used for analysis and processing of gathered data, captured during actual deployment of Honeyd in Internet network.
|
|
|
Generator of Network Attack Traces
Daněk, Jakub ; Kořenek, Jan (referee) ; Bartoš, Václav (advisor)
The thesis describes a design and implementation of Nemea system module purposed on generation of records about simulated network attacks. This thesis also contains brief description of Nemea system and several network attacks. Finally, part of this work is description of simulated attacks and methods of simulations.
|
|
| |
|
|
The Implementation of ISMS in Small Company Focused on ICT
Kosek, Jindřich ; Sedlák, Petr (referee) ; Ondrák, Viktor (advisor)
The diploma thesis is focused on the design implementation of information security management system in a small business and is applying theoretical knowledge to real-life situations in a manufacturing company. First of all is performed analysis of current status and the consequent threats which can affect the company's assets. Thereafter are proposed measures based on identified risks and requirements of the owner.
|
|
|
Automated Development of Network Attack Detectors
Huták, Lukáš ; Kováčik, Michal (referee) ; Žádník, Martin (advisor)
The thesis is focused on automated development of network attack detectors. It describes a design of patterns developed for normal and offensive behaviors based on monitoring network traffic of selected services. Patterns are represented by statistics with a focus on suitable metrics. Using machine learning algorithms attack detectors are created from behavioral patterns. Finally, a module was implemented for Nemea system in C/C++ programming language based on the proposal.
|
|
|
Case Study of Selected Network Vulnerabilities
Kolajová, Jana ; Malinka, Kamil (referee) ; Homoliak, Ivan (advisor)
The main goal of this thesis is to deal with databases of vulnerable code bases and vulnerable applications, and to implement a tool for autonomous search and saving data from those databases to a local one. The thesis is divided into theoretical and practical parts. The theoretical part deals with my current knowledge of the main topic and creates a foundation for the implementation. Various kinds of vulnerabilities and network attacks are described in detail in this part. The practical part describes implementation of the tool and its real use.
|
|
|
Penetration testing of ANC
Dušek, Jakub ; Jakub,, Přibyl (referee) ; Sedlák, Petr (advisor)
This diploma thesis deals with the evaluation of a security solution that was recently deployed by a British company renting office space. This validation system is based on a database of MAC addresses, a database of clients and active filtering of connected devices. The first part explains the concepts of computer network, VLAN and basic concepts needed to understand the function of dynamic assignment of VLAN and IP addresses. The second part is devoted to measurements based on hypotheses, according to which measures are proposed in the last part to solve these security problems.
|
|
|
Detection of Network Attacks Based on NetFlow Data
Kulička, Vojtěch ; Tobola, Jiří (referee) ; Žádník, Martin (advisor)
With rising popularity of the internet there is also rising number of people misusing it. This thesis analyzes the problem of network attack detection based on NetFlow data. A program is designed to point out anomalous behaviour by analyzing the flow records using data mining techniques. The method of TCM-KNN utilizing the fact that attacks statistically deviate is implemented. Thus even new types of attacks are detected
|
|
|
Automatické nasazování bezpečnostních pravidel na základě sledování provozu v síti
Fišer, Patrik
This thesis deals with the implementation of rules for automatic deployment of security rules on devices from MikroTik or sending notifications to the administrator in case of detection of unsafe traffic on the corporate network. This will be monitored by an IDS system, the choice of which is part of this thesis. All logs will be collected in the central logging system Graylog. It is expected to work with open-source solutions and test of the functionality of the whole system by simulating the traffic.
|
guest ::
