|
|
Network Attack Analysis Using Honeypots
Galetka, Josef ; Chmelař, Petr (referee) ; Drozd, Michal (advisor)
This text deals with computer network security using honeypot technology, as a tool of intentional trap for attackers. It closely describes basic thoughts, together with advantages and disadvantages of this concept. The main aim is a low interaction honeypot Honeyd, its functionality and possible extensional features. As a practical part of the text there is a description of principles of implementation Honeyd service scripts, which are represented as a simulation of behavior of computer worm Conficker. Further it describes creation of automated script used for analysis and processing of gathered data, captured during actual deployment of Honeyd in Internet network.
|
|
| |
|
|
Honey-Pot: System for Attack Detection
Michlovský, Zbyněk ; Malinka, Kamil (referee) ; Cvrček, Daniel (advisor)
This thesis deals with the area of honeypots and honeynets. It defines their classification and contains detailed descriptions of their properties and features. It further elaborates on several freely available systems. The main focus is given to honeypot Nepethes that was being run for one month on an unfiltered Internet connection. A detailed analysis of the collected data is then given.
|
|
|
Metrics for Intrusion Detection in Network Traffic
Homoliak, Ivan ; Chmelař, Petr (referee) ; Drozd, Michal (advisor)
Publication aims to propose and apply new metrics for intrusion detection in network traffic according to analysis of existing metrics, analysis of network traffic and behavioral characteristics of known attacks. The main goal of the thesis is to propose and implement new collection of metrics which will be capable to detect zero day attacks.
|
|
|
Analysis of Automated Generation of Signatures Using Honeypots
Bláha, Lukáš ; Barabas, Maroš (referee) ; Drozd, Michal (advisor)
In this paper, system of automatic processing of attacks using honeypots is discussed. The first goal of the thesis is to become familiar with the issue of signatures to detect malware on the network, especially the analysis and description of existing methods for automatic generation of signatures using honeypots. The main goal is to use the acquired knowledge to the design and implementation of tool which will perform the detection of new malicious software on the network or end user's workstation.
|
|
|
Network Attack Capture Using Honeyd Tool
Bláha, Lukáš ; Chmelař, Petr (referee) ; Drozd, Michal (advisor)
The bachelor thesis deals with Honeyd tool and its effectivity in capturing network attacks. At the beginning, there is a description of honeypots and its utilization in network security. An important part of the thesis is constituted by a practical implementation of network attacks and their analysis. The main goal is to create an extension for Honeyd tool which can emulate file sharing in operation systems Microsoft Windows XP, especially its free accessible part called null session. As results there are tests evaluating the level of detection of computer attacks by the created tool.
|
|
|
Network Attack Capture Using Honeypots
Mlčoch, Tomáš ; Chmelař, Petr (referee) ; Richter, Jan (advisor)
This bachelor thesis deals with honeypot tools and adapting a Linux operating system into such tool. The thesis presents general categories of malicious codes and current trends in this area. The thesis also presents an existing honeypot tool Honeyd and its features. Next there are introduced tools and techniques to monitor a Linux system, compared the selected virtualization technology and explained the process of creating a virtual Linux honeypot.
|
|
|
Automated Development of Network Attack Detectors
Huták, Lukáš ; Kováčik, Michal (referee) ; Žádník, Martin (advisor)
The thesis is focused on automated development of network attack detectors. It describes a design of patterns developed for normal and offensive behaviors based on monitoring network traffic of selected services. Patterns are represented by statistics with a focus on suitable metrics. Using machine learning algorithms attack detectors are created from behavioral patterns. Finally, a module was implemented for Nemea system in C/C++ programming language based on the proposal.
|
|
| |
|
|
Extended Functionality of Honeypots
Soóky, Peter ; Polčák, Libor (referee) ; Matoušek, Petr (advisor)
Bakalářska práce pod názvem Rozšířené funkce honeypotů je zaměřena na vývoj bezpečnostních systémů určitých typů nazvaných honeypoty. Po představení principů technik honeypotů se zabýva s výhodami ich používaní v porovnaní s inými bezpečnostními systémy. Následne popisuje rozdelení typů honeypotu a ich charakteristiky. Další část je věnován obeznámení nástrojů CONPOT a GLASTOPF. Cílem práce je navrhnút a implementovat rozšíření těchto nástrojů zaměrem ich vylepšení. Součástí popisů jednotlivých rozšíření je představení a analýza problému, implementace a testování navrhnutých rozšíření. Použití rozšíření poskytují užívatelům těchto honeypotů zvýšenú bezpečnost a širší okruh využití. V závěre jsou popsány možnosti dalšího rozšíření.
|
guest ::
