|
|
Intrusion detection system for Mikrotik-based network
Zvařič, Filip ; Frolka, Jakub (referee) ; Krajsa, Ondřej (advisor)
This bachelor's thesis focuses on network attacks and ways to defend against them. It discusses the most common attacks that can be encountered and their impact on computer networks and end user. Finally, it includes steps for implementing a protection system in collaboration with the preventive software Snort and RouterOS operating system. This system's toughness is tested and results are processed.
|
|
| |
|
|
Intrusion Detection in Computer Network
Hank, Andrej ; Martínek, Tomáš (referee) ; Kořenek, Jan (advisor)
Continuous spreading and growing bandwidth of computer networks brings many security threats. Intrusion Detection System (IDS) is a mean to provide network security. Software IDS aplications gain only low throughput and that is why hardware accelerators are under heavy development. Probe Traffic Scanner is a hardware accelerator developed in Liberouter project with use of FPGA technology. Main core of acceleration is searching packet payload for simple suspicious strings. Regular expressions provide complex way of describing strings. This bachelor thesis adds feature of searching according to Perl Compatible Regular Expressions (PCRE) to Traffic Scanner Probe by implemented transformer. In addition design and implementation of control software allowing users to use functions provided by the Probe have been created. Conception of intrusion detection in network utilizing Traffic Scanner is outlined so as possibilities of cooperation with other security devices.
|
|
|
Construction of Nondeterministic Finite Automata
Stanek, Timotej ; Šimek, Václav (referee) ; Kaštil, Jan (advisor)
This thesis discuss about dilemma in construction of nondeterministic finite automata from PCRE expressions with respect of their parameters with use in Intrusion Detection Systems. There is showed PCRE expressions syntax too. We discussed two different approaches to construct nondeterministic finite automata from PCRE expressions. The implementation of these two algorithms is described. We constructed finite automata with them from expressions of three Intrusion Detection Systems: SNORT, Bro IDS and L7-Filter, and finally we compared their parameters and deduced conclusions.
|
|
|
Reliability Measurement of the Pattern Matching
Dvořák, Milan ; Košař, Vlastimil (referee) ; Kaštil, Jan (advisor)
This thesis deals with the pattern matching methods based on finite automata and describes their optimizations. It presents a methodology for the measurement of reliability of pattern matching methods, by comparing their results to the results of the PCRE library. Experiments were conducted for a finite automaton with perfect hashing and faulty transition table. Finally, the resulting reliability evaluation of the algorithm is shown and possible solutions of the identified problems are proposed.
|
|
|
Eluding and Evasion of IDS Systems
Černý, Marek ; Tobola, Jiří (referee) ; Žádník, Martin (advisor)
This paper analyzes network security devices called intrusion detection (ID) systems. In order to point out possible flaws, especially ID systems using signature analysis are examined. Based on this, methods to exploit possible vulnerabilities of these systems were designed. These methods were implemented into a simple program for ID systems efficiency evaluation. It can be used in a way entirely independent of particular network attack used in the test.
|
|
|
Analysis of Security Incidents from Network Traffic
Serečun, Viliam ; Grégr, Matěj (referee) ; Ryšavý, Ondřej (advisor)
Analýza bezpečnostních incidentů se stala velmi důležitým a zajímavým oborem počítačové vědy. Monitorovací nástroje a techniky pomáhají při detekci a prevenci proti tímto škodlivým aktivitám. Tento dokument opisuje počítačové útoky a jejich klasifikaci. Také jsou tady opsaný některé monitorovací nástroje jako Intrusion Detection System nebo NetFlow protokol a jeho monitorovací software. Tento dokument také opisuje konfiguraci experimentální topologie a prezentuje několik experimentů škodlivých aktivit, které byly detailně kontrolovány těmito monitorovacími nástroji.
|
|
|
Open source PBX security against attacks
Orsák, David ; Daněček, Vít (referee) ; Šilhavý, Pavel (advisor)
This master's thesis deals with open source PBX security against security attacks. In the theoretical part is detailed description of problematic about attacks that could be used on VoIP systems with high focus on the Denial of Service attack. Furthermore are in theoretical part described methods of security of initialization protocol SIP. Individual chapter is devoted to intrusion detection and prevention of IDS and IPS systems, focusing on Snort and OSSEC. In the practical part of the work was created generator of attacks against various PBX systems, which was subsequently used for detailed testing. Special tests of PBX system are then used against DoS attacks, for which was created protection in form of active elements consisting of IDS Snort & OSSEC. These are capable to provide protection in real-time. The protection was tested on particular PBX systems and in matter of comparison were measured possibilities before and after of security implementation. The output of this work is attacks generator VoIPtester and creation of configuration rules for Snort and OSSEC.
|
|
|
Network infrastructure attacks and their mitigation using an IPS/IDS Snort
Olexa, Martin ; Mészáros, Jan (advisor) ; Buchalcevová, Alena (referee)
This paper gives an insight to detection and prevention systems regarding a network infrastructure. First part of the paper concentrates on key concepts in an information systems security and describes examples of attacks with tools used to mitigate them. A broader description is reserved for IDS/IPS systems with a focus on the Snort software. Second part of the paper analysis a sample attack abusing a vulnerable version of the OpenSSL library. This attack is used to describe a process of getting the necessary information, creating a Snort rule and testing the fixed vulnerability. Aim of this paper is to provide a manual and theoretical background regarding implementing an IDS/IPS solution in a computer network through an example attack.
|
guest ::
