|
|
Analysis of DDos data with clustering
Krátký, Matěj ; Šišmiš, Lukáš (referee) ; Setinský, Jiří (advisor)
This thesis focuses on the detection of distributed denial of service (DDoS) attacks using clustering algorithms. In the first part, different types of DDoS attacks and approaches to identify them are described. Next, the thesis studies clustering methods, specifically hierarchical and k-means clustering, for analyzing the network traffic associated with these attacks. It also includes the design of a detection system suitable for detecting DDoS attacks. This is followed by a description of the implementation of this system required for the analysis phase. The main part of the work consists of performing experiments on the available dataset and evaluating the effectiveness of the methods, parameters and attributes combinations used. Finally, the thesis discusses the application of the findings and the possibilities for further research in this area.
|
|
|
Honeypot for LoRaWAN protocol
Zhukova, Viktoriia ; Pospíšil, Jan (referee) ; Pospíšil, Ondřej (advisor)
The bachelor’s thesis in the theoretical section focuses on LoRaWAN technology. It describes network communication, LoRaWAN security, vulnerabilities, and mitigation measures. The second half of the theoretical section focuses on describing honeypot technology and its distribution, listing its advantages and disadvantages, and comparing IoT honeypots. The practical section focuses on building an experimental environment. There is a description of the selected hardware and software. It describes the commissioning of the LoRaWAN network, the configuration of the gateway, and the startup of the LoRaWAN server. Next, the whole procedure of honeypot assembly is described. Two variants of high-interaction honeypot are described and investigated. One without the use of sandboxing and using a firewall, the other with the use of sandboxing and an implementation of chroot/jail.
|
|
|
Honeypot: a tool for fighting malware
Karger, David ; Lieskovan, Tomáš (referee) ; Hajný, Jan (advisor)
This bachelor thesis is focused on deploying a honeypot to fight malware. The aim was to study the issue of honeypots and their use in detection and analysis of malware. The first part is dedicated to malware, its history and individual types. The so-called botnet is described in the next part. The last part is devoted on the honeypot itself and its distribution. The practical realization is done through honeypots Cowrie and Mailoney.
|
|
|
Network Anomaly Detection Based on PCA
Krobot, Pavel ; Kováčik, Michal (referee) ; Bartoš, Václav (advisor)
This thesis deals with subject of network anomaly detection. The method, which will be described in this thesis, is based on principal component analysis. Within the scope of this thesis original design of this method was studied. Another two extensions of this basic method was studied too. Basic version and last extension was implemented with one little additional extension. This one was designed in this thesis. There were series of tests made above this implementation, which provided two findings. First, it shows that principal component analysis could be used for network anomaly detection. Second, even though the proposed method seems to be functional for network anomaly detection, it is still not perfect and additional research is needed to improve this method.
|
|
|
Detection of Slow HTTP DoS Attacks
Jakubíček, Patrik ; Kováčik, Michal (referee) ; Bartoš, Václav (advisor)
This thesis deals with the detection of Slowloris attack. Based on the findings a detection module for Nemea system is implemented. It analyzes flow records and performs attack detection. Tests have verified that the module can work in real deployment and detect Slowloris attack quite successfully.
|
|
|
Web Interface for Network Anomaly Detection System
Sládek, Petr ; Kováčik, Michal (referee) ; Bartoš, Václav (advisor)
The goal of this work is to create a web interface for network anomaly detection system called HostStats. Its mission is to enable users to effectively work with data and statistics provided by the system. Web interface works as a plugin to NfSen as a completely independent web applications. Implementation took place in PHP using the Nette Framework, HTML5, CSS3, and JavaScript using the jQuery library.
|
|
|
Network Protection Using NetFlow Data
Czudek, Marek ; Tobola, Jiří (referee) ; Žádník, Martin (advisor)
This thesis deals with the possibility of greater security of network based on NetFlow protocol. Specifically, the detecting network scans based on predefined rules to found this anomaly in the NetFlow data. Next part is the possibility of retrospective data analysis, thereby achieving more accurate detection of attacks on the network. In this work designed application uses predetermined rules to detect the scans and then looks the flows towards the ports witch are protected by the application and than compares with detected scans. In this way, more accurate detection of attacks is achieved.
|
|
|
Honeypot for LoRaWAN protocol
Zhukova, Viktoriia ; Pospíšil, Jan (referee) ; Pospíšil, Ondřej (advisor)
The bachelor’s thesis in the theoretical section focuses on LoRaWAN technology. It describes network communication, LoRaWAN security, vulnerabilities, and mitigation measures. The second half of the theoretical section focuses on describing honeypot technology and its distribution, listing its advantages and disadvantages, and comparing IoT honeypots. The practical section focuses on building an experimental environment. There is a description of the selected hardware and software. It describes the commissioning of the LoRaWAN network, the configuration of the gateway, and the startup of the LoRaWAN server. Next, the whole procedure of honeypot assembly is described. Two variants of high-interaction honeypot are described and investigated. One without the use of sandboxing and using a firewall, the other with the use of sandboxing and an implementation of chroot/jail.
|
|
|
Detection of Slow HTTP DoS Attacks
Jakubíček, Patrik ; Kováčik, Michal (referee) ; Bartoš, Václav (advisor)
This thesis deals with the detection of Slowloris attack. Based on the findings a detection module for Nemea system is implemented. It analyzes flow records and performs attack detection. Tests have verified that the module can work in real deployment and detect Slowloris attack quite successfully.
|
|
|
Honeypot: a tool for fighting malware
Karger, David ; Lieskovan, Tomáš (referee) ; Hajný, Jan (advisor)
This bachelor thesis is focused on deploying a honeypot to fight malware. The aim was to study the issue of honeypots and their use in detection and analysis of malware. The first part is dedicated to malware, its history and individual types. The so-called botnet is described in the next part. The last part is devoted on the honeypot itself and its distribution. The practical realization is done through honeypots Cowrie and Mailoney.
|
guest ::
