|
|
Security System for Web Application Attacks Elimination
Vašek, Dominik ; Zobal, Lukáš (referee) ; Jeřábek, Kamil (advisor)
Nowadays, botnet attacks that aim to overwhelm the network layer by malformed packets and other means are usually mitigated by hardware intrusion detection systems. Application layer botnet attacks, on the other hand, are still a problem. In case of web applications, these attacks contain legitimate traffic that needs to be processed. If enough bots partake in this attack, it can lead to inaccessibility of services provided and other problems, which in turn can lead to financial loss. In this thesis, we propose a detection and mitigation system that can detect botnet attacks in realtime using statistical approach. This system is divided into several modules that together cooperate on the detection and mitigation. These parts can be further expanded. During the testing phase, the system was able to capture approximately 60% of botnet attacks that often focused on spam, login attacks and also DDoS. The number of false positive addresses is below 5%.
|
|
|
Inference of DDoS Mitigation Rules
Jacko, Daniel ; Tisovčík, Peter (referee) ; Žádník, Martin (advisor)
This thesis focuses on DDoS attacks, their types and means of their mitigation. The aim of the thesis is to design and implement an algorithm which would be able to derive rules to block DDoS attacks. For this, we chose the algorithm of machine learning, a decision tree, which starts operating as soon as the attack is detected. The algorithm operates with a sample of data detected during the attack, and with a sample of legitimate communication. A part of this thesis is also a description of a BPF format and an overview of executed experiments.
|
|
|
Detection and mitigation of cyber attacks at local area networks
Racka, Jan ; Lieskovan, Tomáš (referee) ; Gerlich, Tomáš (advisor)
The bachelor thesis is focused on the detection and mitigation of flood attacks in local area networks. The thesis can be divided into two parts. In the theoretical part, first flooding attacks are described. Then, the problem of attack detection is discussed in depth, including the implemented detection methods. Subsequently, the classification of detection tools by location is discussed and examples of detection tools are given. The last theoretical section is devoted to network mapping methods and topology detection tools. In the practical part, the design of the IDS and the test network is discussed. The network consists of three end devices namely: the IDS, the victim and the attacker. A Mikrotik router is used to ensure connectivity between all the devices. The IDS has been implemented in Python and is composed of individual modules that extend its functionality. The most important module is the detection module, which contains detection methods against SYN Flood, UDP Flood, ICMP Flood attacks and one universal comprehensive method against all flood attacks. The ARP Scan module allowed the IDS to map the network and use ARP queries to detect the presence of endpoint devices in the network. The learning module made it easier to set up rules for each detection method by monitoring network traffic over a period of time. It then determines appropriate rule values from the detected data. The SSH module provided IDS with the ability to proactively respond to attacks and disconnect the attacker from the rest of the network. ARP Scans also use the SSH module to discover information about guests. The IDS has been tested in both virtual and real environments. The results show that the developed detection methods work and the IDS can stop the attack in a reasonable time. ARP Scanning was also tested and was able to detect new guests on average in the first pass. The effect of IDS on communication was also monitored and found to be minimal.
|
|
|
Detection of DoS and DDoS attacks targeting a web server
Nguyen, Minh Hien ; Fujdiak, Radek (referee) ; Kuchař, Karel (advisor)
The bachelor thesis deals with the detection of DoS (Denial of service) and DDoS (Distributed Denial of Service) attacks targeting a web server. This work aims to design detection methods, which will be subsequently tested. Analysis of attacks according to the ISO/OSI (International Organization for Standardization/Open Systems Interconnection) reference model will allow an understanding of the features of individual attacks. In the practical part, some tools are used to implement attacks, then there are generators of legitimate network traffic and a secure web server. Substantial data are created from ongoing attacks and communications of ordinary users. These data are an important part of the proposed methods. The purpose of assessing the achieved results is to evaluate the effectiveness of individual detection methods in terms of accuracy and time consumption.
|
|
|
Recommended adaptation and mitigation measures in risk areas of natural occurrence fires in the light of the changing climate
Trnka, Miroslav ; Čermák, Petr ; Kudláčková, Lucie ; Balek, Jan ; Semerádová, Daniela ; Brovkina, Olga ; Zemek, František ; Štěpánek, Petr ; Zahradníček, Pavel ; Bláhová, Monika ; Cienciala, Emil ; Beranová, J. ; Zatloukal, V. ; Albert, J. ; Tumajer, J. ; Možný, M. ; Hájková, L. ; Chuchma, F.
The methodology formulates graded adaptation and mitigation measures to mitigate fire risk and spread fire in the countryside (forest and agricultural land). To this end, a variant assessment procedure is presented fire risk according to the user's data capabilities. The algorithmization of fire risk in forests is based on forest typology to assess habitats, and adds forest vegetation characteristics. On agricultural Soil agronomic factors include crop type, cover cover, habitat and water characteristics regime. For both territorial categories, the expected impacts of climate change on fire risk are given habitat in the medium term (by 2050). Methodology in conclusion on a case study demonstrates the possibilities of using the model tool FlamMap for the analysis of fire characteristics.
|
|
|
Slow Dos Attacks Detection And Mitigation
Sikora, Marek
This article investigates the detection and mitigation methods against Slow DoS (Demand of Service) attacks. This research is focused on Slowloris, Slow POST, Slow Read, and Apache Range Header attacks. Detection methods are based on network traffic analysis and anomalous traffic monitoring. When the attack is detected, the attacker is blocked and web server resources are released. Methods are implemented as an intrusion prevention system software.
|
|
|
Effort sharing as a legal measure of climate protection
Srb, Jáchym ; Pokorný, Jiří (advisor) ; Sobotka, Michal (referee)
Master thesis "Effort sharing as a legal measure of climate protection" strives to give a comprehensive account of the key characteristics of the effort sharing system, which is one of the two principal EU mitigation tools of the EU. In order to provide a better insight, the thesis first discusses the topic in context of economic theory and international law on climate. The thesis itself is divided into four chapters. First chapter defines the object of climate regulation i.e. greenhouse gases their production and the legal framework of their measuring and accounting.Second chapter focuses on the economic background of climate regulation and it compares different theoretical approaches with existing regulation in force on international and European level. Third chapter gives basic account of the international framework of climate law and specifically on the international mitigation obligations of the EU, which are relevant for the EU law. Fourth and final chapter describes the main aspects of the effort sharing system in contrast to the EU ETS. It draws mainly from the Decision no. 406/2009/ES, which is currently in force and the Regulation no. 2018/842, which will shape the effort sharing system for the 2021 - 2030 period. In four sub- chapters it focuses on the definition of regulated emission...
|
|
|
Automation of DDoS Attack Mitigation
Nagy, Peter ; Podermański, Tomáš (referee) ; Grégr, Matěj (advisor)
The aim of this thesis is automation of DDoS attack mitigation. This thesis provides an overview of GNU/Linux network platforms and different approaches for their configuration. The aim is to select a platform that could be extended to automate DDoS mitigation. DDoS attack types are explained as well. Selected methods for DDoS mitigation are described in more detail such as Remote Triggered Black Hole and BGP Flowspec. Existing tools like DDoS Defender and FastNetMon are used to detect a DDoS attack. NETX was chosen as target implementation platform. To communicate with devices, API or BGP protocol with Flowspec extension are used.
|
|
|
Mitigation of Volumetric DDoS Attacks in SDN Environment
Hodes, Vojtěch ; Křepelka, Václav (referee) ; Škorpil, Vladislav (advisor)
The aim of this Master's thesis is to explore different attitudes and to design various monitoring and detection concepts of volumetric DDoS attacks in core networks. The thesis deals with data flow control protocols with an emphasis on a modern technology of Software Defined Networks. The last part of the thesis describes verification of the theory by setting up a laboratory environment for volumetric DDoS UDP Flood simulation, detection and automated mitigation.
|
|
|
Legal and Ethical Aspects of Foundations and Foundation Funds
NOVOTNÁ, Lucie
The work deals with the legal and ethical aspects of Christian foundations and endowment funds. The first step is to familiarize ourselves with the basic concepts. The next part of the thesis deals with donations from an ethical a Christian perspective. A brief introduction to the historical development of the foundations and endowment funds, description of the current legislation, foundations and endowment funds and their comparison are integral part parts. In conclusion, the work discusses the possible problems associated with the activities of foundations and endowment funds, the very credibility of Foundations and the degree of people's willingness to participate in fundraisers. The thesis analyzes the compliance with obligations for these entities, including the available public and private mitigation activities, are a foundations and endowment funds greatest problems in complying with the requirement to prepare and publish an annual report. These annual reports should include a true picture of the activities of the foundation.
|
guest ::
