|
|
Performance Measurement Tool for DNS Servers
Postolka, Matěj ; Kučera, Jan (referee) ; Vrána, Roman (advisor)
Tato práce popisuje návrh a tvorbu testovacího prostředí pro měření výkonnosti DNS serverů nad transportními protokoly TCP a UDP. Obsahuje výsledky výkonnostního měření tří různých implementací autoritativních DNS serverů nad síťovým provozem složeným z různých typů DNS dotazů zaslaných pomocí různých síťových a transportních protokolů. Je provedeno srovnání výkonnosti těchto implementací.
|
|
|
Implementation of advanced filters based on packet classification using Linux
Malár, Lukáš ; Holešinský, Pavel (referee) ; Matocha, Tomáš (advisor)
The Master’s thesis ”The Implementation of the Advanced Filtering Based on the Packets’ Classification using Linux” is intended to the realization of an internet gateway. The gateway serves to make the connection between local network and the internet. The thesis contains a short theoretic description of parameters and types of QoS services. The classful and classless queues are mentioned in detail. The last theoretic part refers to the introducing of LDAP protocol and its usage. The practical part of this thesis captures the configuration of firewall, dns and radius server connected with LDAP databases. The thesis also contains detailed description of the production QoS by HTB with L7-filter including the compilation of system’s core. The end of the thesis contains the series of tests of created scripts.
|
|
|
Malware Detection Using DNS Traffic Analysis
Daniš, Daniel ; Ovšonka, Daniel (referee) ; Kováčik, Michal (advisor)
This master thesis deals with the design and implementation of a tool for malware detection using DNS traffic analysis. Text of the thesis is divided into theoretical and practical part. In theoretical part the reader will be acknowledged with the domain of malware and botnet detection. Consequently, various options and methods of malware detection will be described. Practical part of the thesis contains description of malware detection tool architecture as well as key aspects of its implementation. Moreover, the emphasis is being placed on testing and experiments. The result of the thesis is a tool, written in python, for malware detection using DNS traffic analysis, that uses a combination of several methods of detection.
|
|
|
The DPDK DNS Probe Application Extension
Doležal, Pavel ; Kučera, Jan (referee) ; Vrána, Roman (advisor)
This master's thesis is focused on extension of the DPDK DNS Probe application that monitors DNS traffic in high speed networks. It presents framework DPDK, which can be used for fast packet processing. General architecture of the DNS system is described as well as details of its components. Basic principles of transport protocol TCP are described. It introduces an effective design and implementation of DNS packet parsing to optimize DPDK DNS Probe's performance. It also introduces a design and implementation of processing DNS messages sent over TCP for export of traffic statistics. The application's performance was tested using a high speed traffic generator Spirent.
|
|
| |
|
|
Network topologies and their monitoring
Sirotný, Miroslav ; Jeřábek, Jan (referee) ; Polívka, Michal (advisor)
The master’s thesis deals with computer networks, which are currently the global communication infrastructure and play a very important role in today’s society. Most of us can be unaware of how often we interact with these networks. We almost constantly come into contact with them. They allow us to communicate through the Internet via services such as: email, skype, icq, facebook, etc... The work focuses on the design and implementation of a robot designed for exploration and mapping of computer network topology and protocols HTTP and ICMP. The theoretical part is dedicated to computer networks, seventh and third-layer ISO/OSI model, protocol HTTP and ICMP attacks against DNS, DoS attacks and detection systems and avoiding distortaions.
|
|
|
Universal linux server for small and medium companies enabling simple network control
Juřena, Stanislav ; Pust, Radim (referee) ; Burda, Karel (advisor)
The main object of this thesis was to design a computer network for small and medium companies which will be made among others from network server providing simple network control. The next task was to provide internet connection to subscribers of local area network, their security and access to common services. There had been discussed the choice of distribution of Linux operation system with regarding to demanded services, stability and long lasting operation in theoretical part. One part of the work is a theoretic preliminary to separate services, to the purpose of their using and to their weaknesses. The practical part deals with an installation and configuration of Debian operating system, launching the base services and the setting of selected monitoring programs.
|
|
|
Obfuscation of Anomalies and Security Incidents in DNS Traffic
Štěrba, Ondřej ; Kováčik, Michal (referee) ; Homoliak, Ivan (advisor)
The work analyze current detection methods of anomalies and security incidents in DNS traffic, and than design new obfuscation techniques which are capable of evading anomaly detection. Network attacks, exploiting the DNS protocol for tunneling of other network traffic, were selected for implementation part of the work. Control of botnet is considered as malicious application of tunneling through the DNS protocol. The main result of the work is to emphasize the necessity of discovering new detection principles of anomalies and security incidents in DNS traffic.
|
|
|
Malicious Domains Detection Using Analysis of DNS Traffic
Ambrušová, Eva ; Žádník, Martin (referee) ; Kováčik, Michal (advisor)
The aim of this thesis is the detection of malicious domains based on passive analysis of DNS traffic. It represents the design and implementation of a system which proceeds DNS anomaly detection based on a structure of the domain name by using the entropy and a frequency characteristics of n-grams. The system was tested on DNS data obtained from the real traffic and the functionality of implemented detectors was verified by testing and analysis of results.
|
|
|
Effective Network Anomaly Detection Using DNS Data
Fomiczew, Jiří ; Žádník, Martin (referee) ; Kováčik, Michal (advisor)
This thesis describes the design and implementation of system for effective detection of network anomaly using DNS data. Effective detection is accomplished by combination and cooperation of detectors and detection techniques. Flow data in NetFlow and IPFIX formats are used as input for detection. Also packets in pcap format can be used. Main focus is put on detection of DNS tunneling. Thesis also describes Domain Name System (DNS) and anomalies associated with DNS.
|
guest ::
