|
|
Effective Network Anomaly Detection Using DNS Data
Fomiczew, Jiří ; Žádník, Martin (referee) ; Kováčik, Michal (advisor)
This thesis describes the design and implementation of system for effective detection of network anomaly using DNS data. Effective detection is accomplished by combination and cooperation of detectors and detection techniques. Flow data in NetFlow and IPFIX formats are used as input for detection. Also packets in pcap format can be used. Main focus is put on detection of DNS tunneling. Thesis also describes Domain Name System (DNS) and anomalies associated with DNS.
|
|
|
Mobile Application for DNS Administration
Galajda, Denis ; Ovšonka, Daniel (referee) ; Kováčik, Michal (advisor)
This bachelor's thesis deals with possibilities and specifics of developing a custom mobile applicaion for DNS administration on Android. The goal is to create an easy-to-use application which will allow the user to manage zones and resource records of BIND9 nameserver. This issue is solved by manipulation of zone files over SSH connection, controlled through the modern user interface. The resulting programm allows the users to comfortably manage a DNS server from their smartphone practically anywhere.
|
|
|
Mobile Application for Network Scanning
Teuchner, Marek ; Bartoš, Václav (referee) ; Kováčik, Michal (advisor)
The subject of this bachelor's thesis is to design and implement an application for Android operating system that allows the discovery of all connected devices in a local network and to display information about it and all of its devices. The application would allow the user to assign a custom icon and a note to each device within the network. Logs and statistics are also collected by the application. In addition, it is possible to attack the selected device using various Denial of Service attacks.
|
|
|
Web Interface for Network Anomaly Detection System
Sládek, Petr ; Kováčik, Michal (referee) ; Bartoš, Václav (advisor)
The goal of this work is to create a web interface for network anomaly detection system called HostStats. Its mission is to enable users to effectively work with data and statistics provided by the system. Web interface works as a plugin to NfSen as a completely independent web applications. Implementation took place in PHP using the Nette Framework, HTML5, CSS3, and JavaScript using the jQuery library.
|
|
|
Mobile Application for DNS Vulnerabilities Testing
Béder, Michal ; Ovšonka, Daniel (referee) ; Kováčik, Michal (advisor)
The aim of this thesis is to show the way how to implement an Android application, which allows full control over DNS packets creation. This was achieved by partial implementation of the application in C++ programming language. Furthermore, in this thesis are described topics as Android security model and possibilities of combining native and Java code. Resulting application allows to generate network attacks, which are exploiting some of the known DNS vulnerabilities.
|
|
| |
|
|
Malicious Domains Detection Using Analysis of DNS Traffic
Podešvová, Vlasta ; Bartoš, Václav (referee) ; Kováčik, Michal (advisor)
The aim of this bachelor's thesis is to design, implement and test a system for malicious domain detection in data sets obtained from real network traffic. It is aimed specifically on detection of DGA botnet activities. This detection is provided by analysis of domain name syntax. Part of the solution is focused at building a model from a set of legal domain names. This model is used for domain name syntax analysis and user of the final system is allowed to choose his own model data. Overall this thesis brings a view on the efficiency of implemented methods of malicious domain detection.
|
|
|
Detection of Malicous Traffic in Local Network
Šabík, Erik ; Kováčik, Michal (referee) ; Žádník, Martin (advisor)
This bachelor's thesis discusses monitoring local networks using IP flows. It describes Nemea framework which is used for building complex systems for detecting malicious traffic. Analysis of data from three different networks was performed by using this framework. Based on this analysis a design for detection of malicious traffic in local network was created. The detection method monitors network traffic for suspicious communication targeting IP or URL addresses that are listed in public blacklists. The detection method is evaluated on various traffic samples and the results show that three analysed samples belong to networks that are well managed and secured since the communication with the blacklisted entities is rare.
|
|
|
Automated Development of Network Attack Detectors
Huták, Lukáš ; Kováčik, Michal (referee) ; Žádník, Martin (advisor)
The thesis is focused on automated development of network attack detectors. It describes a design of patterns developed for normal and offensive behaviors based on monitoring network traffic of selected services. Patterns are represented by statistics with a focus on suitable metrics. Using machine learning algorithms attack detectors are created from behavioral patterns. Finally, a module was implemented for Nemea system in C/C++ programming language based on the proposal.
|
|
|
Longest Prefix Match Algorithms
Kováčik, Michal ; Tobola, Jiří (referee) ; Kořenek, Jan (advisor)
This thesis focuses on algorithms for longest prefix match (LPM), which is the key operation in packet classification and routing in TCP/IP networks. A space for analysis of commonly used algorithms with emphasis on their speed and memory efficiency is dedicated along with necessary theory. Focus is then oriented on IPv6 networks, their typical prefix sets and comparison of suitable algorithms. Afterwards, the optimization for selected algorithm is suggested and implemented in programming language Python.
|
guest ::
RSS feed.