|
|
Eliminating IPv4 in a dual-stack network
Vrábel, Ondrej ; Radek,, ZAJÍC (referee) ; Ondrák, Viktor (advisor)
The bachelor's thesis focuses on the implementation of the IPv6 protocol in the computer network of the Sobotište Elementary School, with the aim of deploying IPv6-only and IPv6-mostly with NAT64 and DNS64. The thesis describes the theoretical basis and analyzes the current state of the network. The output is proposed solutions, their practical application and practical findings.
|
|
|
User interface for asset management system
Benko, Dávid ; Orsák, Michal (referee) ; Žádník, Martin (advisor)
This thesis focuses on the development of a web user interface for an asset management system called Amfora. Amfora gathers data regarding IP addresses, services and vulnerabilities from 9 other systems. The user interface is based on three tier architecture utilizing REST API. Frontend implementation uses the Vue.js framework (TypeScript/JavaScript language) and backend implementation uses the FastAPI framework (Python language). The system has been deployed into production use in the CESNET network and presented to the security operations center team in CESNET. Amfora has significantly simplified work in solving security incidents and network monitoring.
|
|
|
Analysis of email spam sources
Caha, Tomáš ; Kubánková, Anna (referee) ; Komosný, Dan (advisor)
The first part of this thesis deals with an approach of designing and developing of application for IP geolocation using various geolocation databases. Methods of geographical location of network devices and amount of available data provided by chosen commercial and freely accessible geolocation databases are presented. The data are summarized with focus on methods of obtaining information about IP addresses from various databases. In the paper there are also presented ways used to develop the Python application and its parts, which can be easily reused in other programs. The command line program was created to demonstrate that all parts of the developed application work properly. The whole application is freely accesible under the conditions of the MIT license, published on GitHub (https://github.com/tomas-net/ip2geotools/) and in the Python package index PyPi. The second part of this thesis deals with the description of cyberthreats and the use of developed application to mass geolocation of IP addresses that are listed in chosen freely accessible lists as sources of email spam or cyberattacks. Geographical analysis of cyberattacks sources shows countries of origin. Results of analysis are presented in graphs and maps.
|
|
|
Implement Security Service for Preventing Internet Attacks
Fajkus, Karel ; Trchalík, Roman (referee) ; Očenášek, Pavel (advisor)
The main purpose of this work is to design and implement a system, that would allow to ban users based on their actions. Currently, cyber attacks have become very common, which leads to a necessity to develop great application and system protections. This project offers a solution, that could decrease a number of cyber attacks, and also prevent banning common users because of the same public IP address as attacker.
|
|
|
Web application for getting location of IP nodes
Modrák, Zdeněk ; Kubánková, Anna (referee) ; Komosný, Dan (advisor)
Thesis deal with geolocation in internet network. There are described possibilities of geolocation and thesis is mainly focused on passive geolocation methods. Under passive geolocation belongs location databases which there are described as in theoretical way as used in practical part of thesis. In practical part there is created complex system for geolocation in internet environment which used paid and free geolocation databases. Another used database is WHOIS. Data from paid databases is processed and accuracy of databases is evaluated.
|
|
|
Anonymization of users when collecting network traffic
Hamár, Lukáš ; Blažek, Petr (referee) ; Sikora, Marek (advisor)
This thesis deals with anonymization of data, which could lead to disclosure of the identity of end users in network traffic. Work describes algorithms by which individual data parts are anonymized and also tools which use these techniques for network traffic anonymization. The next part of the thesis describes construction of a laboratory network, in which is the network traffic captured, containing pcap and NetFlow data. With using of the captured data, the anonymization tools are tested and the results are compared. In the last part of the thesis is created graphical interface for one of the tested anonymization softwares.
|
|
|
Similarity Search in Network Security Alerts
Štoffa, Imrich ; Kučera, Jan (referee) ; Žádník, Martin (advisor)
Network monitoring systems generate a high number of alerts reporting on anomalies and suspicious activity of IP addresses. From a huge number of alerts, only a small fraction is high priority and relevant from human evaluation. The rest is likely to be neglected. Assume that by analyzing large sums of these low priority alerts we can discover valuable information, namely, coordinated IP addresses and type of alerts likely to be correlated. This knowledge improves situational awareness in the field of network monitoring and reflects the requirement of security analysts. They need to have at their disposal proper tools for retrieving contextual information about events on the network, to make informed decisions. To validate the assumption new method is introduced to discover groups of coordinated IP addresses that exhibit temporal correlation in the arrival pattern of their events. The method is evaluated on real-world data from a sharing platform that accumulates 2.2 million alerts per day. The results show, that method indeed detected truly correlated groups of IP addresses.
|
|
|
Registration database for IP nodes
Smrčka, Lukáš ; Vlček, Lukáš (referee) ; Komosný, Dan (advisor)
This thesis is focused on finding the physical location of stations by the passive geolocation techniques, particularly using the registration database of IP addresses. The first two part are focused on a theoretical analysis of this problem, the next two parts of this thesis deal with the solution of this problem and discussion of the results.
|
|
|
Simulation of finding a computer position in Internet
Vrzal, Tomáš ; Jeřábek, Jan (referee) ; Komosný, Dan (advisor)
This bachelor’s thesis puts mind to problematic transmission multimedia data via RTP/RTCP protocol with hierarchical aggregation. In next parts of thesis are explaining design principle and use this transmission via tree structure. In last part is description application in which the simulation ambient uses tree structure. For best results of simulation is use algorithm called “binning”. Application has graphic interface, so that easy manipulation with it. In insertion are pictures and application code.
|
|
|
Location of Internet nodes
Janoušek, Jiří ; Křupka, Aleš (referee) ; Komosný, Dan (advisor)
The aim of this thesis is to determine the geographical position of the stations on the internet using publicly available geolocation databases. The theoretical part describes different methods and aplications used for the geolocation. The next part is dedicated to the describtion of the applied databases in more details. The practical part includes the process of developing of the functions necessary to locate the stations. The conclusion consist of the evaluation of the database‘s accuracy and the comparison of applied databases.
|
guest ::
