|
|
Malicious Domains Detection Using Analysis of DNS Traffic
Podešvová, Vlasta ; Bartoš, Václav (referee) ; Kováčik, Michal (advisor)
The aim of this bachelor's thesis is to design, implement and test a system for malicious domain detection in data sets obtained from real network traffic. It is aimed specifically on detection of DGA botnet activities. This detection is provided by analysis of domain name syntax. Part of the solution is focused at building a model from a set of legal domain names. This model is used for domain name syntax analysis and user of the final system is allowed to choose his own model data. Overall this thesis brings a view on the efficiency of implemented methods of malicious domain detection.
|
|
|
Malicious Domains Detection Using Analysis of DNS Traffic
Ambrušová, Eva ; Žádník, Martin (referee) ; Kováčik, Michal (advisor)
The aim of this thesis is the detection of malicious domains based on passive analysis of DNS traffic. It represents the design and implementation of a system which proceeds DNS anomaly detection based on a structure of the domain name by using the entropy and a frequency characteristics of n-grams. The system was tested on DNS data obtained from the real traffic and the functionality of implemented detectors was verified by testing and analysis of results.
|
|
|
Analysis of Captured DNS Traffic
Hmeľár, Jozef ; Kekely, Lukáš (referee) ; Kováčik, Michal (advisor)
This thesis is focused on the analysis of captured DNS traffic. Introduction of this thesis is focused of basic desciption of computer networks , DNS and description of network flows. Then, the work focused on analysis Netflow format, IPFIX and PCAP, the analysis and implementation of tool for analyzing DNS traffic in C++ programming language. The conclusion is devoted to the results of the implemented tools.
|
|
|
Effective Network Anomaly Detection Using DNS Data
Fomiczew, Jiří ; Žádník, Martin (referee) ; Kováčik, Michal (advisor)
This thesis describes the design and implementation of system for effective detection of network anomaly using DNS data. Effective detection is accomplished by combination and cooperation of detectors and detection techniques. Flow data in NetFlow and IPFIX formats are used as input for detection. Also packets in pcap format can be used. Main focus is put on detection of DNS tunneling. Thesis also describes Domain Name System (DNS) and anomalies associated with DNS.
|
|
|
Framework for DNS Server Testing
Novák, Martin ; Grégr, Matěj (referee) ; Matoušek, Petr (advisor)
This thesis deals with the modifications of the framework designed for DNS servers testing. Framework is developed by NIC.CZ association and is used primarily for testing the DNS server Knot DNS. The aim of this work are modifications of the framework that will allow simpler testing with this framework, such as: support for multiple implementations of DNS servers, parallel testing, components dummy server and box-in-the-middle, division into multiple components and overall modification of the existing framework. Introduction of thesis is dedicated to the authoritative DNS servers and to the foundations of testing. The remaining part of the thesis deals with the state of the existing framework and the state and testing of modified framework.
|
|
| |
|
|
IPv6 Protocol Implementation Concept in Company
Dvořák, Petr ; Dolníček, Petr (referee) ; Ondrák, Viktor (advisor)
Diploma thesis is focused on IPv6 protocol implementation in real company´s enviroment. In the beginning we are introduced with theoretical knowledge about this protocol. After analysis of current state of XXX spol s r.o. we can use this knowledge in practical part of thesis for proposal of possible solutions including physical devices.
|
|
|
Marketing service for customer relationship management systems
Jakubík, Juraj ; Červenka, Vladimír (referee) ; Číka, Petr (advisor)
This work deals with the analysis, design and implementation of the portal, which works as a service and allows the identification of corporate visitors of the website. Classified visits are available through a interface of web portal with ability to set automatic export to Microsoft Dynamics CRM Online. The functionality of the implementation respectively identification of corporate visitors is then practically tested using the collected data.
|
|
|
Technology for comprehensive support of multimedia services in heterogeneous networks
Dosoudil, Petr ; Krkoš, Radko (referee) ; Novotný, Vít (advisor)
The theses explains the Evolution Packet System (EPS) and subsystem IP Multimedia Subsystem (IMS). It also informs how these systems cooperate and through which interfaces the main data and signals between these two technologies are transfered. The thesis includes practical section, in which installation and configuration of sections of the IMS system including its "core", and application and medial server. For verification of the functionality of the system, two dissimilar clients are installed, and emulator WAN is applied for simulation of Internet. The product of the theses is the design of the laboratory exercise drafted in such a way that it can be solved by students less knowledgeable of the issues.
|
|
|
DNS protocol client with a graphical interface suitable for lecturing
Sousedík, Tomáš ; Lattenberg, Ivo (referee) ; Jeřábek, Jan (advisor)
This thesis describes DNS protocol and messages it uses to obtain desired information. The protocol is described from its creation and occasions that caused the creation of the protocol. Later on are discussed multicast capabilities of name resolution this section is focused on mDNS and LLMNR. In the second part is detailed description of the structure of the messages and their useage. In the last part is described the design of the application, which was based on the specifications listed in RFCs. One chapter is devoted to a detailed description of the application and its individual parts. A large part is devoted to the testing. There are also described problems that occurred during application development and their solutions.
|
guest ::
