|
|
Intrusion detection and prevention systems at border devices
Bína, Zdenko ; Frolka, Jakub (referee) ; Blažek, Petr (advisor)
This bachelor thesis is focusing on testing the endurance of networks against DDoS attacks. The theoretical part consists of an introduction to the problematics of these attacks and current trends regarding DDoS attacks, focusing on IDS and IPS systems, and Spirent Avalanche 3100b machine, designed to generate network traffic. The practical part is about the configuration of the software web server Apache, which runs on Linux Debian OS, and it is testing this system for endurance against five DDoS attacks. The server is put through attacks before and after application of systems NIDS and NIPS, using Snort and Suricata software. The goal of the thesis is comparing NIDS and NIPS servers based on the results of testing.
|
|
|
Automatic Generation of Load Testing Reports
Oškera, Jakub ; Martinásek, Zdeněk (referee) ; Grabovský, Štěpán (advisor)
The diploma thesis deals with the development of a tool for automated generation of load testing reports, which is implemented in the form of a plug-in into the load tester JMeter as one of its components. The theoretical part contains an analysis of load testing and DDoS parameters, which are the output of a web report. The thesis includes an analysis of available template processors. Based on the analysis of processor’s properties, the most appropriate one was chosen. This processor was then used in a tool that, using the web technologies, generates a report in a form of interactive web page. The thesis also mentions the installation and operation of the created JMeter software plug-in. The diploma thesis describes the whole process of the development of the plug-in.
|
|
|
Automation of DDoS Attack Mitigation
Nagy, Peter ; Podermański, Tomáš (referee) ; Grégr, Matěj (advisor)
The aim of this thesis is automation of DDoS attack mitigation. This thesis provides an overview of GNU/Linux network platforms and different approaches for their configuration. The aim is to select a platform that could be extended to automate DDoS mitigation. DDoS attack types are explained as well. Selected methods for DDoS mitigation are described in more detail such as Remote Triggered Black Hole and BGP Flowspec. Existing tools like DDoS Defender and FastNetMon are used to detect a DDoS attack. NETX was chosen as target implementation platform. To communicate with devices, API or BGP protocol with Flowspec extension are used.
|
|
|
Security System for Web Application Attacks Elimination
Vašek, Dominik ; Zobal, Lukáš (referee) ; Jeřábek, Kamil (advisor)
Nowadays, botnet attacks that aim to overwhelm the network layer by malformed packets and other means are usually mitigated by hardware intrusion detection systems. Application layer botnet attacks, on the other hand, are still a problem. In case of web applications, these attacks contain legitimate traffic that needs to be processed. If enough bots partake in this attack, it can lead to inaccessibility of services provided and other problems, which in turn can lead to financial loss. In this thesis, we propose a detection and mitigation system that can detect botnet attacks in realtime using statistical approach. This system is divided into several modules that together cooperate on the detection and mitigation. These parts can be further expanded. During the testing phase, the system was able to capture approximately 60% of botnet attacks that often focused on spam, login attacks and also DDoS. The number of false positive addresses is below 5%.
|
|
|
Intrusion detection and prevention systems
Pitschmann, Andrej ; Blažek, Petr (referee) ; Martinásek, Zdeněk (advisor)
The terminal essay aims to introduce the issue of IDS and IPS and their incorporation into a network. An analysis of pros and cons of used open source IDS/IPS systems will be created together with their inclusion into the network. In addition, we focus on the issue of NIDS that will be located in the network’s path of communication among end users. Following the appropriate setting of NIDS of a client we will be receiving and analyzing all communication directed from the attacker with the help of Snort and Suricata programs. The activities will be conducted thanks to a downloaded package and in the case of a need we will use our own rules that will guide the NIDS system of data control. Regarding the testing phase, we have used the SYN flood attack on server via program Hping3 in OS Linus Kali, which is a distribution created with an aim to conduct a penetration tests and in addition it includes several useful programs. The NIDS will help us to gradually control captured packets.
|
|
|
Stress tester
Lanžhotský, Karel ; Člupek, Vlastimil (referee) ; Zeman, Václav (advisor)
This bachelor thesis deals with the matter of stress testing using open-source tool Apache JMeter and it’s extensions. Main output is the extension of the module which allows to produce DoS (denial of service) attacks. At the beginning of the thesis, there are characteristics for this type of attack, what types of DoS exist with some examples. After that, there’s testing, verification of functionality and finding of errors in extension modules. At the end thesis is dedicated to adding features to DDoS module and testing of capabilities of the attacks on created scenarios.
|
|
|
Stress tester
Shpak, Kyrylo ; Člupek, Vlastimil (referee) ; Zeman, Václav (advisor)
The bachelor thesis deals with the issue of stress testing. The aim of this work is to extend the JMeter tool with amplification modules of DoS attacks. The beginning of the work introduces the issue of DoS attacks, along with a description of selected attacks. One of the points of the work is to verify the functionality and find errors of the stress tester, which is a comprehensive system for testing the information and communication infrastructure based on the JMeter tool. The last chapter deals with the implementation of DoS attacks.
|
|
| |
|
|
Network protection testing and DoS attacks protection
Hanzal, Jan ; Šilhavý, Pavel (referee) ; Hajný, Jan (advisor)
The aim of this Master thesis is a testing of Cisco ASA\,5510 firewall with affect of Denial of Service attacks. Part of the thesis is a teoretical description some of the attacks and practical tests. Practical part covers basic testing of Cisco ASA with Spirent Avalanche 3100B. Number of TCP connections per second and firewalls throughput on 7th layer of ISO/OSI model were tested. Also the effect of Denial of Service attacks on the throughput. In a next part there is described one possible way how to generate Denial of Service attacks from a Linux server to the firewall. Python scripts were used for generation DoS packets. With those scripts it is possible to generate five types of attacks.
|
|
|
Proxy servers in Internet
Henek, Jan ; Burda, Karel (referee) ; Komosný, Dan (advisor)
The goal of this paper is to analyze the representation of proxy servers in cyber attacks conducted by Internet. For this purpose I used method which compares tested IP address with database of open proxy servers. I assembled a list of IP address taken from the blacklist of cyber attacks committed in 2015. Then I checked this list with the created program Proxy checker and compared them with a database of open proxy servers. By measurement I demonstrate the inefficacy of this method for reverse detection of proxy servers in the IP list of past attacks.
|
guest ::
