|
|
Inference of DDoS Mitigation Rules
Jacko, Daniel ; Tisovčík, Peter (referee) ; Žádník, Martin (advisor)
This thesis focuses on DDoS attacks, their types and means of their mitigation. The aim of the thesis is to design and implement an algorithm which would be able to derive rules to block DDoS attacks. For this, we chose the algorithm of machine learning, a decision tree, which starts operating as soon as the attack is detected. The algorithm operates with a sample of data detected during the attack, and with a sample of legitimate communication. A part of this thesis is also a description of a BPF format and an overview of executed experiments.
|
|
|
Cyberpropaganda and its Communication Models
Gladiš, Michal ; Marcelli, Miroslav (advisor) ; Mucha, Ivan (referee)
Cyberpropaganda and its Communication Models In this thesis, communication models representing the functioning of communication in a network of social interactions are analyzed. Understanding the communication of new media can contribute to understanding the processes that take place in cyberspace. The aim of this thesis is to decipher the forms of propaganda that operate in it. This work can contribute to the understanding of several forms of current social events, such as public relations, influencing public opinion or political struggle, which have significantly moved into cyberspace. The presentation of cyberspace and new media from several perspectives, together with the complex characterization of the communication that takes place in them, creates its overall image, in which the thesis reveals possible penetrations of propaganda tendencies of targeted manipulation with its members. In this thesis, cyberpropaganda is approached from several points of view. It is about updating propaganda models from the mass media to the emergence of new forms, techniques and tools that have enabled the new media. The starting point of this research is to clarify the complexity of communication, which is not shaped exclusively by its new technical aspects, but is to some extent a continuation of its previous...
|
|
|
User and Device Metadata Collection from the Darkweb
Gula, Ján ; Matoušek, Petr (referee) ; Veselý, Vladimír (advisor)
This bachelor's thesis solves the problem of anonymization on the Internet, that is widely used for dealing with illegal substances. This problem drives law enforcement agencies to be interested in web pages that represent markets with forbidden content which are hidden behind anonymity networks. My goal is to focus on the biggest markets with such content and to gather as much information as possible about subjects that posture on similar types of web pages either as sellers or as buyers. I have resolved the given problem by choosing the most impactful markets according to the number of users signed in. I have become one of the users and applied algorithms for data scraping to get information from web pages into a structured form that is more suitable for a deeper analysis. The results of this thesis will help law enforcement agencies with the analysis of metadata of users that commit illegal activities as they will not have to manually search through the illegal markets, and they will have all available data summed up in a structured form in a database. Unifying data into a structured form will help speeding up the investigation and address the biggest drug sellers.
|
|
|
Automation of DDoS Attack Mitigation
Nagy, Peter ; Podermański, Tomáš (referee) ; Grégr, Matěj (advisor)
The aim of this thesis is automation of DDoS attack mitigation. This thesis provides an overview of GNU/Linux network platforms and different approaches for their configuration. The aim is to select a platform that could be extended to automate DDoS mitigation. DDoS attack types are explained as well. Selected methods for DDoS mitigation are described in more detail such as Remote Triggered Black Hole and BGP Flowspec. Existing tools like DDoS Defender and FastNetMon are used to detect a DDoS attack. NETX was chosen as target implementation platform. To communicate with devices, API or BGP protocol with Flowspec extension are used.
|
|
|
Measurement of PlanetLab experimental network
Andrašov, Ivan ; Bečková, Zuzana (referee) ; Komosný, Dan (advisor)
This thesis deals with measurement of transfer parameters for nodes in experimental network PlanetLab. In theoretical part of this thesis we analyse experimental network PlanetLab, basic terminology in this network, its goals and some current projects run- ning under this network. Next we analyse measured network parameters specifically Ping, SSH delay and respond to SCP. Practical part of this thesis is formed around real im- plementation of measurement where in specific sub chapters are written exact problems of said parameter together with source code.
|
|
|
Al-Qaeda Before and After 09.11.2001
Andraščíková, Diana ; Makariusová, Radana (advisor) ; Ditrych, Ondřej (referee)
The objective of the master thesis is to evaluate the factors that have influenced the operational capability of al-Qaeda. In order to determine current operational capacity of al-Qaeda, the analysis is divided into three time periods and on the basis of external and internal factors affecting the changes in the structure and thus the functioning of the group, then the network, we have achieved results that we can consider as a basis for assessment of its ability to act today. Analysis of the structure of the al-Qaeda by network analysis based on the theory derived from the article of Ronald Diebert and Janice Stein entitled "Hacking Networks of Terror" is in the thesis considered to be a basis for understanding of the functioning of the network structure as well as its impact on the internal functioning of the network compared with hierarchically organized structure characteristic for the period before the terrorist attacks of 11 September 2001. The other two periods analyzed in the work are: the period after the invasions of Afghanistan and Iraq, their impacts and the third period is the period after 2011, when bin Laden, leader of al-Qaeda was killed, the revolutions of Arab Spring took place and the long-term impact of the war on terror will be included in the analysis as well. Analysis of...
|
|
|
Laboratory task demonstrates Intrusion Protection System
Bronda, Samuel ; Malina, Lukáš (referee) ; Martinásek, Zdeněk (advisor)
This bachelor thesis is divided into two parts. The theoretical part describes security systems, various types of attacks and details of systems to protect computer networks. The practical part focuses on the workplace, where will operate IDS / IPS system Snort and Suricata, the necessary adjustments and simulation of attacks. The bachelor thesis also includes putting the system into real terms.
|
|
|
Measurement of PlanetLab experimental network
Andrašov, Ivan ; Polešáková, Zuzana (referee) ; Komosný, Dan (advisor)
This thesis deals with measurement of transfer parameters for nodes in experimental network PlanetLab. In theoretical part of this thesis we analyse experimental network PlanetLab, basic terminology in this network, its goals and some current projects run- ning under this network. Next we analyse measured network parameters specifically Ping, SSH delay and respond to SCP. Practical part of this thesis is formed around real im- plementation of measurement where in specific sub chapters are written exact problems of said parameter together with source code.
|
|
|
Secure Network Based on Virtual Next-Generation Firewall
Varmus, Pavol ; Burda, Karel (referee) ; Malina, Lukáš (advisor)
The bachelors thesis aims to study the issue of security of the networks that use firewalls. The next goal is to evaluate the characteristics of a different types of firewalls and to summarize its results. The other object is to design a small or medium sized network with description of best practice. The main objective of the thesis is to design a lecture task for students to test with a step-by-step solution. This task is for students to undertand the importance of firewalls as a network protection service tools and to try out different types of filters for maintainin network security. The task ends with a practical stress test made by a network attack in order to see its resistance to the attack.
|
|
|
Network Configuration Synthesis and Verification
Černeková, Alžbeta ; Veselý, Vladimír (referee) ; Ryšavý, Ondřej (advisor)
The subject of this master's thesis is to address the topic of network devices configuring. It resolves the problems related to simplifying certain parts of configuration while eliminating frequent errors or issues. It introduces a solution to setting of IP addresses on router's interfaces. Furthermore it presents the generation of configuration for particular dynamic routing scenarios and its application and methods for its verification on network devices. It also demonstrates the preparation of configuration of VPN tunnel between two devices. The conclusion of this thesis contains possibilities for further extensions or improvements.
|
guest ::
