|
|
Network Anomaly Detection
Lieskovan, Tomáš ; Blažek, Petr (referee) ; Hajný, Jan (advisor)
This semester project presents an analysis of network traffic and detection of anomalies in network traffic by several various means. In the first part of the paper there is an explanation of the methods aiming at denial of service. Then in the second part an implementation of protection by means of selected solutions is presented. The intent is to compare these means which are supposed to detect cyber attacks aiming at denial of service. Another intent is to choose the best solutions from the categories of open-source and commercial solutions. The target of the master thesis was to work out a comparison between actual solutions for detection of DoS and DDoS attacks.
|
|
|
DoS a DDoS útoky na SIP protokol
Staněk, Jan ; Peterka, Jiří (advisor) ; Vozňák, Miroslav (referee)
The aim of this diploma thesis is to get accustomed with the SIP protocol and with the problematics of attacks targeting this protocol, with the emphasis on DoS and DDoS attacks. The thesis focuses on detailed classification of the attacks, possibilities and forms of generation of the attacks and methodics of defense against them. The attacks of the flood type are especially stressed because they are easily generated and the SIP components are very prone to these attacks. Prototype implementations of the most important ideas concerning attack generation and protection against these attacks are also part of this thesis. Practical tests of the implementations performed in a simulated SIP environment are also included. 1
|
|
|
Wi-Fi network security
Gec, Ivo ; Šimek, Pavel (advisor) ; Vasilenko, Alexandr (referee)
Bachelor thesis is thematically focused on the security of wireless networks operating on frequency bands of 2.4 GHz and 5 GHz. The theoretical part of bachelor thesis is devoted to problemacy of wireless technology. In teoretical part of bachelor thesis are contained various standards, modes of operations, possible attacks, mechanisms and security, which prevent probably attacks or threats. Practical part of bachelor thesis describes a possible design of security for this company, which deals with accounting and taxes.
|
|
|
Application Layer DOS Attack Generator and Protection
Juhaňák, Pavel ; Kula, Michal (referee) ; Musil, Petr (advisor)
This bachelor’s thesis is focused on generating DoS attacks and protect against them. It should introduce the reader to the problems of DoS attacks, explain their division and the basic principles of their operation to him. Furthermore, it provides methods and advices how to defend against such attacks or to prevent their occurrence. It provides a preview of the available DoS tools and their evaluation to the reader. The tool able to generate DoS attacks is designed and implemented as a part of this work. It is capable of generating HTTP GET, HTTP POST and DNS amplification attacks. The DoS tool was successfully tested during attacks on a web server Apache 2.2.21. The records and evaluation of these tests are also part of this work.
|
|
|
Cyber Attacks
Zmeškal, Jiří ; Člupek, Vlastimil (referee) ; Číka, Petr (advisor)
Theoretical part of this thesis is dedicated to describing basic terms of network communication. Usage of network communication has become a necessity and is used on daily basis for a number of purposes, starting with communication between people, going across internet shopping and banking all the way to remote controlling industrial machinery. Another theoretically described topic is how attackers abuse attributes and shortcomings of communication protocols in order to commit illegal activities, specifically denial of service type of attacks. Finally, theoretical part includes a list of found open source applications capable of launching such attacks. Practical part describes development of application, capable of launching two selected forms of attack. These attacks are HTTP GET Flood, based on sending massive amounts of GET request, and Slow HTTP GET, based on imitating a user with slow internet connection. The development is described step by step and includes multithread processing, used publicly available components (Boost library for example) and challenges encountered during development (such as library limitations and cross platform compatibility).
|
|
| |
|
|
Generating of flood attacks
Hudec, David ; Hajný, Jan (referee) ; Smékal, David (advisor)
The assessment comprises of two parts, describing theory and generating of flood attacks respectively. The first part covers flood attacks' analysis, deals with their available techniques and practices, known in the area, and a computer simulation program, revealing the behavior of a contested network as well as the attacker's procedure. In the following part, data generating solutions itself are described. These are represented by two hardware programs, adapted from existing solutions, and one C# application, created by the author. The comparison of these two approaches is included, as well as are the generation results and mitigation proposal.
|
|
|
Detection of anomalies in network traffic using compression methods
Blažek, Libor ; Dvořák, Jan (referee) ; Blažek, Petr (advisor)
The objective of the thesis is to design a practical demonstration of the functionality of selected compression methods. The following chapters will discuss the attacks on terminals and mentioned some measures. The show will be processed using two methods development environment. The attacks will detect anomalies in the network and subsequently carried out at one of the sample data compression methods. Data will be collected as normal operation at the terminal station, and then in the attack.
|
|
| |
|
|
Stress testing of computer networks
Bolek, Daniel ; Martinásek, Zdeněk (referee) ; Hajný, Jan (advisor)
Bachelor's thesis deals with stress testing of server running on operating system Linux. Theoretical part of this project briefly describes the history of Linux, choice of distribution Debian and the server's applications Apache and Vsftpd. Then I describe device Spirent Avalanche 3100, which is designed to generate load and interprets results of tests. Semestral project also deals with DDoS attacks, analyzes current state in this field and describe those DDoS attacks, which provides device Avalanche 3100. Then shows possible solution, how to proceed, if we want to design protection against DDoS attacks. Practical part of semestral project is focused on installation of a operating system Linux, implementation and configuration web, FTP and SSH server services and firewall settings. After that the server is subjected to stress testing. The main aim is to test the success of HTTP and FTP server for different load height and determine, whether size of downloaded file has an effect to response time of the server. The aim of following section is to measure the impact of the choosen DDoS attacks. Protection against SynFlood attack is tested in the last part.
|
guest ::
