|
|
Inference of DDoS Mitigation Rules
Jacko, Daniel ; Tisovčík, Peter (referee) ; Žádník, Martin (advisor)
This thesis focuses on DDoS attacks, their types and means of their mitigation. The aim of the thesis is to design and implement an algorithm which would be able to derive rules to block DDoS attacks. For this, we chose the algorithm of machine learning, a decision tree, which starts operating as soon as the attack is detected. The algorithm operates with a sample of data detected during the attack, and with a sample of legitimate communication. A part of this thesis is also a description of a BPF format and an overview of executed experiments.
|
|
|
Mitigation of Volumetric DDoS Attacks in SDN Environment
Hodes, Vojtěch ; Křepelka, Václav (referee) ; Škorpil, Vladislav (advisor)
The aim of this Master's thesis is to explore different attitudes and to design various monitoring and detection concepts of volumetric DDoS attacks in core networks. The thesis deals with data flow control protocols with an emphasis on a modern technology of Software Defined Networks. The last part of the thesis describes verification of the theory by setting up a laboratory environment for volumetric DDoS UDP Flood simulation, detection and automated mitigation.
|
|
|
Automation of DDoS Attack Mitigation
Nagy, Peter ; Podermański, Tomáš (referee) ; Grégr, Matěj (advisor)
The aim of this thesis is automation of DDoS attack mitigation. This thesis provides an overview of GNU/Linux network platforms and different approaches for their configuration. The aim is to select a platform that could be extended to automate DDoS mitigation. DDoS attack types are explained as well. Selected methods for DDoS mitigation are described in more detail such as Remote Triggered Black Hole and BGP Flowspec. Existing tools like DDoS Defender and FastNetMon are used to detect a DDoS attack. NETX was chosen as target implementation platform. To communicate with devices, API or BGP protocol with Flowspec extension are used.
|
|
|
Security System for Web Application Attacks Elimination
Vašek, Dominik ; Zobal, Lukáš (referee) ; Jeřábek, Kamil (advisor)
Nowadays, botnet attacks that aim to overwhelm the network layer by malformed packets and other means are usually mitigated by hardware intrusion detection systems. Application layer botnet attacks, on the other hand, are still a problem. In case of web applications, these attacks contain legitimate traffic that needs to be processed. If enough bots partake in this attack, it can lead to inaccessibility of services provided and other problems, which in turn can lead to financial loss. In this thesis, we propose a detection and mitigation system that can detect botnet attacks in realtime using statistical approach. This system is divided into several modules that together cooperate on the detection and mitigation. These parts can be further expanded. During the testing phase, the system was able to capture approximately 60% of botnet attacks that often focused on spam, login attacks and also DDoS. The number of false positive addresses is below 5%.
|
|
|
Detection of DoS and DDoS attacks targeting a web server
Nguyen, Minh Hien ; Fujdiak, Radek (referee) ; Kuchař, Karel (advisor)
The bachelor thesis deals with the detection of DoS (Denial of service) and DDoS (Distributed Denial of Service) attacks targeting a web server. This work aims to design detection methods, which will be subsequently tested. Analysis of attacks according to the ISO/OSI (International Organization for Standardization/Open Systems Interconnection) reference model will allow an understanding of the features of individual attacks. In the practical part, some tools are used to implement attacks, then there are generators of legitimate network traffic and a secure web server. Substantial data are created from ongoing attacks and communications of ordinary users. These data are an important part of the proposed methods. The purpose of assessing the achieved results is to evaluate the effectiveness of individual detection methods in terms of accuracy and time consumption.
|
|
|
Soil carbon sequestration: ways and potential
Valentová, Mariana ; Vindušková, Olga (advisor) ; Bartuška, Martin (referee)
By choosing appropriate practices, carbon can be stored in the soil as a means of mitigating (mitigating) climate change. The paper clearly summarize our current understanding of the principles (e.g., soil organic matter, level of C saturation) anf factors (e.g., parent rocks, climate, human) influencing the potential of soils to sequester carbon and its importance in terms of implemeting effective mitigation measures. This is followed by an introduction of method for estimating the carbon sequestration capacity of soils and its relevance to sequestration potential is discussed. The main focus of the paper is the comparison of the land use changes (e.g., forest or peatlands restoration) and land management (e.g., use of crops rotation, no-till agriculture) that can achieve soil carbon sequestration, including the quantitative estimates of their sequestration potential. Finally, there is summary of the estimates of global sequestration potential of soils. Key words: carbon, soil, sequestration, mitigation, climate change, land-use, soil capacity
|
|
|
Mapping Cyber Security Measures: From Legislation to Technical Implementation
Hopp, Jiří ; MSc, Mezera Michal, (referee) ; Sedlák, Petr (advisor)
In my thesis, I focused on creating a systematic tool for mapping technical measures and mitigations to national legislative cybersecurity requirements. I conducted an analysis of the addressed issue, which revealed opportunities for developing the tool and revealed forthcoming changes in legislative requirements based on the EU directive NIS2. In the following part of the thesis, I described the design and development of the mentioned tool in the form of a table. The tool met the client's requirements and mapped relevant technical measures to individual points of the current and NIS2-derived legislative requirements. Based on consultations with the client, I determined that the objectives outlined in the thesis were successfully met and that the developed tool will be utilized in a real-world environment.
|
|
|
Fenomén urban gardening
Kozáková, Petra
The diploma thesis aims to introduce the phenomenon of urban gardening and identify the benefits provided by the urban environment and society. The benefits of urban horticulture are identified as a possible adaptation measure concerning ongoing climate change. The types of urban gardening, approaches and possibilities of its application in practice are presented. Trends in urban horticulture and individual aspects are described on the example in the Czech Republic, the Netherlands and Sweden. The specific benefits of urban gardening were expressed on a specific example of a community garden in Brno using CBA analysis (cost-benefit analysis). The author worked here with data provided to her directly from the staff of the selected community garden and also based on the "willingness to pay" method, in which she addressed 100 respondents. The result of the CBA analysis was an evaluation of the community garden project, which determined the return on investment and its net present value.
|
|
|
Game Over: Death in video games and impact of videogame Brothers: Tale of Two Sons on gamers
Khan, Jakub ; Švelch, Jaroslav (advisor) ; Švelch, Jan (referee)
Videogames are no longer just an entertainment product for certain interest groups, they are a global mass medium for all generations that can be used for purposes other than entertainment. The subject of this thesis is videogames and their influence on gamers. The aim is then to find out how male and female gamers perceive death in videogames, what emotions and reactions this contact evokes in them, and whether videogames can change their perception of death. The research was conducted through a qualitative study, conducted through semi- structured interviews with male and female gamers who first played the videogame Brothers: A Tale of Two Sons, which contained a narrative type of death. From the conducted research it was found that the videogame was able to evoke strong emotions in the male and female players, especially negative ones such as sadness, fear, or regret, caused by contact with the unexpected death of the main character they had been playing all along. The evocation of these emotions was enhanced by the simple controls and simple puzzles, allowing for a greater focus on the story, as well as the interactivity of the videogame and belonging to the protagonist. Only one participant out of six in the research succeeded in changing the perception of death in a positive direction, but...
|
|
|
Cyber security for power engineering
Sedláková, Dáša ; Kohout, David (referee) ; Mlýnek, Petr (advisor)
Due to the IT and OT networks convergence, industrial systems are becoming vulnerable to different forms of security threats including rapidly growing cyber-attacks. Thesis is focused on an analysis of security recommendations in IEC 62351, vulnerability testing of industrial communication protocols (e.g., IEC 61850) and mitigations proposal. An ATT&CK framework for ICS was chosen to become a methodology base for vulnerability testing. ATT&CK tactics and techniques were used to practically test vulnerability scans, SMV time synchronization, GOOSE spoofing, MMS Man in the Middle and ICMP Flood attacks. Attacks tested were evaluated with a risk analysis. Subsequently, mitigation measures were proposed on several levels (OT, IT, perimeter and physical level).
|
guest ::
