|
|
Web application for displaying cyber attacks in local networks
Matušicová, Viktória ; Mikulec, Marek (referee) ; Safonov, Yehor (advisor)
The information sphere is constantly and rapidly developing. This expansion means an increase in the risks of the Internet use. Vulnerabilities and other threats are emerging that provide an opportunity for unauthorized users to penetrate the integrity of protected infrastructures. The main goal of the bachelor’s thesis is to create a tool that allows the system administrator to perform the analysis of end stations in the local network. With the help of the web application, the administrator is able to view all computer attacks performed on his computer infrastructure. That makes it possible for him to implement countermeasures which will improve performance and security of the entire infrastructure. From a theoretical point of view, the bachelor thesis is focused on the issue of computer attacks on the data layer and network layer of the ISO/OSI model. Subsequently, it is focused on the structure of workplace involvement and web application. In the last part the work is focused on the design of the web application and its integration into the experimental workplace. Emphasis during the practical part is placed on the implementation of the workplace and web application on the local network. The practical part is divided into two implementation groups. Initially the experimental workplace is implemented within the local network. Here the web application focuses on the development of the server side – working with databases. In the second phase of implementation the experimental workplace is transferred into a real form. Following application features are added: various graphical displays, filtering and a section for user settings. Large emphasis is placed onto the security of the entire application – login system, server and client configuration settings. After the experimental workplace is connected with the web application, the functionality of the entire solution is tested by three different computer attacks. At the end of the thesis a brief conclusion and summary of the bachelor’s thesis is established.
|
|
|
Network communication monitoring probe
Klečka, Jan ; Fujdiak, Radek (referee) ; Blažek, Petr (advisor)
Master thesis deals with analysis of single board PC which use Linux as operation system. Analysis of individual NIDS systems and examined their properties for choosing right candidate for single board computer which shall be used as network probe for analysis, filtering and logging of network traffic. Part of the work is aimed on development of a interface which is used for configuration of network probe through the web browser. Web interface allows perform basic operations over network probe which influence network traffic or specify, which information shall be logged. Subsequently network parsers were implemented for network protocols using the Scappy library. The conclusion of the thesis contains the design of the security cover for the device according to the IP54 requirements.
|
|
|
System for the Protection against DoS Attacks Using IDS
Mjasojedov, Igor ; Fukač, Tomáš (referee) ; Kučera, Jan (advisor)
This bachelor's thesis deals with the use of the Intrusion Detection System in the protection of computer networks against Denial of Service attacks. Suricata is the IDS system chosen for this purpose. The main goal of the thesis is to integrate the Suricata system with the DDoS Protector device. DDoS Protector - DCPro is a security network device, which uses, from a software perspective, DPDK technology for high-speed network traffic processing. Due to this fact, this technology was also integrated into the Suricata system. After this integration, the communication between DDoS Protector and Suricata system was allowed more easily. As a result, two DPDK compatible regimes were created in the Suricata system. The individual regime allows Suricata to process network data directly from the network interface card. The second, integrated regime allows DCPro to send network data to the Suricata system for highly precise analysis, which significantly extends DDoS Protector's attack detection abilities.
|
|
|
Detection of local area network topology
Šípek, Martin ; Gerlich, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
The bachelor thesis focuses on the detection and mitigation of Man-in-the-Middle attacks in the local network using its own implementation in the Python programming language. One of the most common Man-in-the-Middle attacks is ARP spoofing, which should be identified by the detection system and then mitigate it. The theoretical part of the thesis analyzes the current state of the issue, including a detailed description of the network analysis and tools which are used in this analysis. Cyber attacks are also described, namely Man-in-the-Middle and Denial-of-Service attacks. The practical part describes the realization of the experimental workplace and its detailed components and the installation and configuration of MySQL and Elasticsearch databases. It also focuses on the Suricata program, designed to analyze network traffic, on the actual implementation of Man-in-the-Middle attack detection and on the achieved results of testing of the implemented detection system.
|
|
|
Detection of Cyber Attacks in Local Networks
Sasák, Libor ; Gerlich, Tomáš (referee) ; Malina, Lukáš (advisor)
This bachelor thesis focuses on the detection of attacks in the local network and the use of open source tools for this purpose. The first chapter deals with cyber attacks and also describes some of them. The second chapter focuses primarily on intrusion detection systems in general and also mentions and describes some open source systems. The third chapter briefly deals with the general division of attack detection methods. The fourth chapter introduces and describes the selected tool Suricata, which is also tested in the fifth chapter in the detection of various attacks, during which the behaviour and output of this tool are tracked. In the sixth chapter, the ARPwatch tool is presented and tested for ARP spoofing attack detection. The seventh and eighth chapters deal with the design and successful implementation of an attack detection system that provides output in the form of logs indicating malicious or suspicious traffic on the network. The ninth chapter deals with the design and implementation of the application with a graphical user interface, which clearly presents the mentioned logs and also allows other operations, including the essential control of the detection tools.
|
|
|
Communications MikroTik and IPS
Golovkova, Nataliya ; Lieskovan, Tomáš (referee) ; Gerlich, Tomáš (advisor)
The bachelor thesis is is focused on network attack problems and possible protection against their consequencies. The theortecical part describes the attacks that are currently among the most widespread with focus on the attack of Denial of Services (DoS). The next part of the thesis deals with detection and prevention systems fornetwork traffic monitoring with emphasis on the Suricata system. The following part is about getting familiar with the Mikrotik devices that are used in the practical part of the thesis. The practical part aims to provide a solution to mitigate the DoS attack in the communication between Mikrotik router and Suricata system. The communication is solved in a script using the php programming language.
|
|
|
Distributed denial of service filtering based on Mikrotik network devices
Rajj, Jakub ; Martinásek, Zdeněk (referee) ; Gerlich, Tomáš (advisor)
The bachelor thesis is focused on the issue of denial of service attacks. These types of attacks are still up to date, but are currently being used in their distributed form. The theoretical part of the thesis describes the basic mechanisms of attacks and the division of attacks. Also there are described the most famous type of attacks. The theoretical part also includes a description of how to respond to these attacks. Four basick methods are described (prevention, detection, identification and response), as well as intrusion detection and prevention systems (IDPS). The practical part deals with connection of intrusion detection system and router, for detection and filtration on said router.
|
|
|
Filtering of denial-of-service attacks
Klimeš, Jan ; Blažek, Petr (referee) ; Gerlich, Tomáš (advisor)
This thesis deals with filtering selected DDoS attacks on denial of the service. The the toretical part deals with the problems of general mechanisms used for DDoS attacks, defense mechanisms and mechanisms of detection and filtration. The practical part deals with the filtering of attacks using the iptables and IPS Suricata firewall on the Linux operating system in an experimental workplace using a network traffic generator to verify its functionality and performance, including the statistical processing of output data from filter tools using the Elasticsearch database.
|
|
|
Intrusion detection and prevention systems at border devices
Bína, Zdenko ; Frolka, Jakub (referee) ; Blažek, Petr (advisor)
This bachelor thesis is focusing on testing the endurance of networks against DDoS attacks. The theoretical part consists of an introduction to the problematics of these attacks and current trends regarding DDoS attacks, focusing on IDS and IPS systems, and Spirent Avalanche 3100b machine, designed to generate network traffic. The practical part is about the configuration of the software web server Apache, which runs on Linux Debian OS, and it is testing this system for endurance against five DDoS attacks. The server is put through attacks before and after application of systems NIDS and NIPS, using Snort and Suricata software. The goal of the thesis is comparing NIDS and NIPS servers based on the results of testing.
|
|
|
Laboratory task demonstrates Intrusion Protection System
Bronda, Samuel ; Malina, Lukáš (referee) ; Martinásek, Zdeněk (advisor)
This bachelor thesis is divided into two parts. The theoretical part describes security systems, various types of attacks and details of systems to protect computer networks. The practical part focuses on the workplace, where will operate IDS / IPS system Snort and Suricata, the necessary adjustments and simulation of attacks. The bachelor thesis also includes putting the system into real terms.
|
guest ::
