|
|
Optimization of DDoS Attack Mitigation based on Machine Learning
Banák, Filip ; Šišmiš, Lukáš (referee) ; Kučera, Jan (advisor)
Útoky DDoS, ktoré využívajú protokol TCP patria stále medzi tie najbežnejšie. Táto práca cieli zlepšiť úspešnosť detekcie DDoS útokov využitím informácií dostupných v TCP SYN správach. Odtlačky TCP SYN správ sú navrhnuté ako dodatočný zdroj dát pri počítaní charakteristík na vyhodnotie prítomnosti DDoS útoku. Kombinácia existujúceho systému na extrakciu a agregáciu charakteristík s existujúcim detektorom anomálií založeným na autokodéroch je zoptimalizovaná a rozšírená na využitie SYN odtlačkov. Experimentálne výsledky ukazujú obstojné zlepšenie detekcie DDoS útokov na relevantných dátových sadách. Detektor sa trénuje a testuje respektívne 16-krát a 95-krát rýchlejšie. Systém na extrakciu a agregáciu je 23-krát rýchlejší.
|
|
|
Autonomous Tractors
Kučera, Jan ; Řehák, Kamil (referee) ; Prokop, Aleš (advisor)
This thesis discusses autonomous tractors, describing the difference between standart tractors and autonomous tractors, which are then discussed in further detail. It describes the steering and control options for autonomous tractors, electronic control and agregation control options.
|
|
|
Prostředí pro testování algoritmů potlačení útoků DDoS
Patová, Pavlína ; Šišmiš, Lukáš (referee) ; Kučera, Jan (advisor)
The work is focused on creating a test environment for simulating DoS attacks. This environment is useful for verifying the vulnerability of networks and services against the phenomenon of DDoS attacks, therefore it will be used to test the tools and techniques developed to defend against DDoS attacks. The outputs of these experiments can then be used as recommendations for network administrators to help improve the refensibility of their systems. The resulting tool is implemented in Python using the PyTest module. We were able to implement many of today’s most common DoS attacks, such as floods and amplification attacks. It is thus possible to test services against these most serious DDoS threats. The resulting tool is easily extensible to other methodologies or attack types, so it can also be used for emerging DoS attacks in the future.
|
|
|
Design, Creation and Implementation of Software Applications in the Corporate Environment
Kučera, Ján ; Koch, Miloš (referee) ; Novák, Lukáš (advisor)
Aim of this thesis is to design and implement a backend for internal web application that will be responsible for the aggregation of statistics and visualization of given statistics. The outcome of this thesis will also be executable as a stand-alone script for specific data. Outputs of said web application are going to help upper management with decision-making in the area of online gambling games, especially their development, modification, and modernization. This thesis will evaluate design, implementation and economic value of the given web application for the company in comparison to alternatives.
|
|
|
The analysis of Cu-Sn-Sb ternary alloy
Kučera, Jan ; Doubrava, Marek (referee) ; Jan, Vít (advisor)
This bacholor thesis deals with substituting silver-based material, currently used for experimental semi-liquid extrusion. The proposed material is from the Cu-Sb-Sn system. The theoretical part of the work deals with soldering and phase diagrams. The experimental part is devoted to the analysis of three proposed alloys from the Cu-Sb-Sn system, their structural and mechanical properties. Thermal analyzes of the alloys were performed using differential scanning calorimetry (DSC), the microstructure using a light microscope and a scanning electron microscope, and a hardness tester was also used to determine the hardness. The results are summarized in the discussion.
|
|
|
Technology to remove nitrogen oxides (NOx) from flue gases for large combustion plants
Kučera, Jan ; Brummer, Vladimír (referee) ; Jecha, David (advisor)
This diploma thesis deals with selected abatement techniques of nitrogen oxides (NOx) developed for large combustion plants. The first part describes selected NOx, their properties and explains the formation during combustion. Furthermore, there is an analysis of current legal legislation regulating the issue of emission limits. The third part presents selected primary and secondary measures that are widely used. The emphasis is placed on the description of selective catalytic (SCR) and non-catalytic reduction (SNCR). Finally, the basic design of these technologies for model combustion equipment is performed. The consumption of reducing medium and the volume of the catalyst for the mentioned techniques are calculated here. The estimate of selected operating and investment costs is a part of the basic scheme.
|
|
|
Application Specific Processor for Stateful Network Traffic Processing
Kučera, Jan ; Matoušek, Jiří (referee) ; Kekely, Lukáš (advisor)
This bachelor's thesis deals with the design and implementation of an application-specific processor for high-speed network traffic processing. The main goal is to provide complex system for hardware acceleration of various network security and monitoring applications. The application-specific processor (hardware part of the system) is implemented on an FPGA card and has been designed with respect to be used in 100 Gbps networks. The design is based on the unique combination of high-speed hardware processing and flexible software control using a new concept called Software Defined Monitoring (SDM). The performance and throughput of the proposed system has been verified and measured.
|
|
|
Similarity Search in Network Security Alerts
Štoffa, Imrich ; Kučera, Jan (referee) ; Žádník, Martin (advisor)
Network monitoring systems generate a high number of alerts reporting on anomalies and suspicious activity of IP addresses. From a huge number of alerts, only a small fraction is high priority and relevant from human evaluation. The rest is likely to be neglected. Assume that by analyzing large sums of these low priority alerts we can discover valuable information, namely, coordinated IP addresses and type of alerts likely to be correlated. This knowledge improves situational awareness in the field of network monitoring and reflects the requirement of security analysts. They need to have at their disposal proper tools for retrieving contextual information about events on the network, to make informed decisions. To validate the assumption new method is introduced to discover groups of coordinated IP addresses that exhibit temporal correlation in the arrival pattern of their events. The method is evaluated on real-world data from a sharing platform that accumulates 2.2 million alerts per day. The results show, that method indeed detected truly correlated groups of IP addresses.
|
|
|
Netdev Driver for Acceleration COMBO Cards
Tran, Dominik ; Vrána, Roman (referee) ; Kučera, Jan (advisor)
This thesis deals with the development of the network device driver for the FPGA network COMBO cards, which should enable receiving and sending packets through standard network interface of Linux kernel. CESNET is developing a device called DDoS Protector for protection against an amplification (D)DoS attacks, which uses COMBO cards to achieve high performance. A SZE2 interface is used for high speed transfers of network data between COMBO card and a controlling software application, using technique of bypassing kernel network stack and other methods. DDoS Protector has to support standard network protocols, whose implementation directly on top of the SZE2 is very difficult. Instead, using kernel network stack, which is, by default, bypassed to achieve high performance, is much easier to implement and supports all sorts of protocols. Creation of the network device driver enables us to use kernel network stack and other network applications for COMBO cards. Based on the study of SZE2 interface and driver development, I designed and then successfully implemented network device driver. Driver was tested to ensure standard protocols work. It was also tested from the performance point of view. I have also developed the same type of driver for the newer interface - NDP and an application for an accelerated packet forwarding, both of which are functional and were not part of the thesis specification.
|
|
|
IPv6 Prefix Generator
Obrusník, Vojtěch ; Kučera, Jan (referee) ; Matoušek, Jiří (advisor)
Incoming deployment of IPv6 technology in larger scale requires existence of effective route lookup algorithms suitable of manipulation with long IPv6 prefixes. Development of such algorithms is dependent on an huge amount of test data sets, which do not exist at the moment. This paper is focused on design and implementation of a tool, that would be able to generate such test data sets. Study phase of IPv6 address allocation polices and analysis of currently available pieces of prefix sets took place before the implementation. Validation of results was performed by bit value and prefix length scatter measurement.
|
guest ::
RSS feed.