|
|
Detection and mitigation of cyber attacks at local area networks
Racka, Jan ; Lieskovan, Tomáš (referee) ; Gerlich, Tomáš (advisor)
The bachelor thesis is focused on the detection and mitigation of flood attacks in local area networks. The thesis can be divided into two parts. In the theoretical part, first flooding attacks are described. Then, the problem of attack detection is discussed in depth, including the implemented detection methods. Subsequently, the classification of detection tools by location is discussed and examples of detection tools are given. The last theoretical section is devoted to network mapping methods and topology detection tools. In the practical part, the design of the IDS and the test network is discussed. The network consists of three end devices namely: the IDS, the victim and the attacker. A Mikrotik router is used to ensure connectivity between all the devices. The IDS has been implemented in Python and is composed of individual modules that extend its functionality. The most important module is the detection module, which contains detection methods against SYN Flood, UDP Flood, ICMP Flood attacks and one universal comprehensive method against all flood attacks. The ARP Scan module allowed the IDS to map the network and use ARP queries to detect the presence of endpoint devices in the network. The learning module made it easier to set up rules for each detection method by monitoring network traffic over a period of time. It then determines appropriate rule values from the detected data. The SSH module provided IDS with the ability to proactively respond to attacks and disconnect the attacker from the rest of the network. ARP Scans also use the SSH module to discover information about guests. The IDS has been tested in both virtual and real environments. The results show that the developed detection methods work and the IDS can stop the attack in a reasonable time. ARP Scanning was also tested and was able to detect new guests on average in the first pass. The effect of IDS on communication was also monitored and found to be minimal.
|
|
|
Performance and security testing of network applications
Matej, Michal ; Martinásek, Zdeněk (referee) ; Zeman, Václav (advisor)
The aim of this Master's thesis is to design and to implement the security test in considering a resistance of the device under test to the effects of the distributed denial of service attack DDoS SYN Flood. After processing the test results is developed a protocol about security test of the device under test. In this thesis are tested two devices, namely CISCO ASA5510 firewall and a server with the specified name Server. The theoretical part of the thesis discusses the primary types of network attacks such as reconnaissance, gain access and denial of service attacks. Explained the concept of DoS and its principle, further types of DoS attacks and distributed denial of service attacks DDoS.
|
|
|
Implementation of plugins for JMeter
Švehlák, Milan ; Člupek, Vlastimil (referee) ; Martinásek, Zdeněk (advisor)
This thesis discusses the load testing tool JMeter and its opportunities for expansion by modules carrying out cyber attacks of the type Denial of Service (DoS). To begin with, there is a theoretical overview of cyber attacks of this type. The following chapter, talks about the JMeter tool, namely its functions and expansion options. After that, it is proceeded to the actual design and realization of the modules. The module implementing the attack HTTP Flood is created first. This module uses internal functions of the program JMeter. This new module is tested. Next chapter folows the procedure of creating modules, that use external generator of network traffic. Modules SYN Flood, ICMP Flood and NTP Flood are implemented using the generator Trafgen. Module implementing attack Slowloris uses a Python script as a generator of the attack. Finally, all the new modules are tested.
|
|
|
MCUXpresso Web application security
Mittaš, Tomáš ; Heriban, Pavel (referee) ; Roupec, Jan (advisor)
This thesis deals with testing of the security of web application MCUXpresso Web SDK Builder using ethical hacking techniques and tools. At the beginning, the history of ethical hacking and structure of web applications are briefly mentioned. The thesis then analyses the application itself from the user’s point of view, its parts before logging in and after logging in and the operation of this application. The following is a list of the most common vulnerabilities and weaknesses found in web applications to understand any vulnerabilities found. Furthemore, the thesis deals with the techniques and tools of web application security and compares them. The penultimate chapter deals with the use of Analysis and vulnerability scanning technique on the application MCUXpresso Web SDK Builder. Finally, an application security test plan is designed, while part of this plan is automated.
|
|
|
Attacks on active network elements
Ščepko, Richard ; Kacálek, Jan (referee) ; Polívka, Michal (advisor)
The bachelor thesis deals with the topic of the security of computer networks. The tasks of the bachelor thesis are the attacks on active network elements with the aim of the catching of data between two users. In the created structure with a stellate topology, the user stations have connect to the active element (switch). In the thesis, the individual ways of attacks and the significance of ARP proceedings to MAC addresses have describ. Several programmes have use in order to take control over the device. Due to a big amount of these active elements the source code of the programmes had to be alter. The work with the programmes ARPtool and ARPoison demanded the operational system Linux, in our case the distribution of Ubunt. The programme WinArpAttacker could be set off under the system Windows XP as well. The achieved results and the description of the practical part are discuss in detail in the summary of the thesis. The result is the catching communication with the help of the programme WireShark.
|
|
|
Generating of flood attacks
Hudec, David ; Hajný, Jan (referee) ; Smékal, David (advisor)
The assessment comprises of two parts, describing theory and generating of flood attacks respectively. The first part covers flood attacks' analysis, deals with their available techniques and practices, known in the area, and a computer simulation program, revealing the behavior of a contested network as well as the attacker's procedure. In the following part, data generating solutions itself are described. These are represented by two hardware programs, adapted from existing solutions, and one C# application, created by the author. The comparison of these two approaches is included, as well as are the generation results and mitigation proposal.
|
|
|
Wireless networks security and possible attacks on these networks
Vlček, Peter ; Vymazal, Michal (referee) ; Vychodil, Petr (advisor)
The first of the main objectives of this work was to examine and study the different types of attacks on wireless networks. This work is focused on the most commonly occurring types of attacks such as WEP/WPA/WPA2 cracking, a Man in the Middle attack (MIM), Dictionary attacks, MAC spoofing and finally Denial of Service attacks. Description of individual attacks is also accompanied by detailed instructions on how to carry out these attacks on the Windows platform. It is described how to detect various attacks and identified. It is then implemented software that is able to identify possible risk of selected types of attacks. This software belongs to a group of wireless intrusion prevention system (WIDS). It focuses on attacks WEP/WPA/WPA2 type of cracking, Dictionary attacks and MAC spoofing. For the implementation of defense against attack by a Man in the Middle (MIM) and Denial of Service attack would need special monitoring equipment.
|
|
|
Switches security risks
Halaška, Peter ; Novotný, Bohumil (referee) ; Sobek, Jiří (advisor)
The aim of this thesis was to study and subsequently process issues of securing switches operating at the data link layer of OSI/ISO model. Map individual switch attacks with their review. On the basis of this information realize chosen attacks with presented results.
|
|
|
Generator of Cyber Attacks
Halaška, Peter ; Burda, Karel (referee) ; Hajný, Jan (advisor)
This work deals with the security of computer networks based on TCP/IP protocol stack. The main objective is to develop a generator of DoS flooding attacks which carries out attacks such SYN flood, RST flood, UDP flood, ICMP flood, ARP flood, DNS flood and DHCP starvation. The theoretical part describes the features of the mentioned attacks and protocols or mechanisms associated with them. Next part deals with the comparison of selected tools (Hping3, Mausezahn, Trafgen) in terms of number of packets per second (pps) and the link utilization (MB/s). The practical part describes design and implementation of the new attacking tool. There is explained the importance of it’s individual modules, it’s installation and usage options. New tool is also being tested. Then there is described the development, options and installation of control interface which is in the form of web application.
|
|
|
Generator of illegitimate network traffic
Blažek, Ondřej ; Smékal, David (referee) ; Blažek, Petr (advisor)
The diploma thesis deals with the problems of DoS/DDoS attacks and development of a tool, in C lanugage, for generating them. In the first chapter the principles of DoS attacks targeting the internet and transport layers of ISO/OSI model are described and also according to their characteristics divided. Selected attacks on the application layer are also described here in detail togehter with protocols which they are based on. In the following chapter there has been created a comparison of freely available tools, which could be used as a attack generators. The practical part is dedicated to a development of a tool for DoS attacks, especially design, general description and usage. Further there is a summary of the newly created library, including results of web server testing, and extensions of a web interface, which is part of the developed tool.
|
guest ::
