|
|
Web application for displaying cyber attacks in local networks
Matušicová, Viktória ; Mikulec, Marek (referee) ; Safonov, Yehor (advisor)
The information sphere is constantly and rapidly developing. This expansion means an increase in the risks of the Internet use. Vulnerabilities and other threats are emerging that provide an opportunity for unauthorized users to penetrate the integrity of protected infrastructures. The main goal of the bachelor’s thesis is to create a tool that allows the system administrator to perform the analysis of end stations in the local network. With the help of the web application, the administrator is able to view all computer attacks performed on his computer infrastructure. That makes it possible for him to implement countermeasures which will improve performance and security of the entire infrastructure. From a theoretical point of view, the bachelor thesis is focused on the issue of computer attacks on the data layer and network layer of the ISO/OSI model. Subsequently, it is focused on the structure of workplace involvement and web application. In the last part the work is focused on the design of the web application and its integration into the experimental workplace. Emphasis during the practical part is placed on the implementation of the workplace and web application on the local network. The practical part is divided into two implementation groups. Initially the experimental workplace is implemented within the local network. Here the web application focuses on the development of the server side – working with databases. In the second phase of implementation the experimental workplace is transferred into a real form. Following application features are added: various graphical displays, filtering and a section for user settings. Large emphasis is placed onto the security of the entire application – login system, server and client configuration settings. After the experimental workplace is connected with the web application, the functionality of the entire solution is tested by three different computer attacks. At the end of the thesis a brief conclusion and summary of the bachelor’s thesis is established.
|
|
|
Intrusion prevention system based on Raspberry Pi
Hirš, David ; Gerlich, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
The number of discovered vulnerabilities rapidly increases. For example in 2019 there were discovered 20 362 vulnerabilities. The probability of cyber-attacks realization is high. Therefore it is necessary to propose and implement automated and low-cost Intrusion Prevention or Intrusion Detection Systems (IPS/IDS). This implemetation can focus on home use or small corporate networks. The main goal of the system is to detect or mitigate cyber-attack impact as fast as possible. The master's thesis proposes IPS/IDS based on Raspberry Pi that can detect and prevent various cyber-attacks. Contents of this thesis are focus on description of cyber-attacks based on ISO/OSI model's Link and Network layers. Then there is description of IPS/IDS systems and theirs open source representatives. The practical part is focus on experimental workspace, hardware consumption of choosen detection systems, cyber-attacks scenarios and own implementation of detection program. Detection program is based on these chosen systems and puts them together to be easily manageable.
|
|
|
Implementácia IDS/IPS do prostredia univerzitnej siete MENDELU
Hevier, Marek
This diploma thesis deals with issue of IDS/IPS systems and possibilities of their utilization within the university network of Mendel University in Brno. The thesis includes a description how to install and configure Snort IDS, including addon modules based on predefined parameters and the ability to detect malious traffic within college computer network of Mendel University in Brno. The results include verification of correct detection of selected attack types and the discussion of False Positive and False Negative.
|
|
|
System for the Protection against DoS Attacks Using IDS
Mjasojedov, Igor ; Fukač, Tomáš (referee) ; Kučera, Jan (advisor)
This bachelor's thesis deals with the use of the Intrusion Detection System in the protection of computer networks against Denial of Service attacks. Suricata is the IDS system chosen for this purpose. The main goal of the thesis is to integrate the Suricata system with the DDoS Protector device. DDoS Protector - DCPro is a security network device, which uses, from a software perspective, DPDK technology for high-speed network traffic processing. Due to this fact, this technology was also integrated into the Suricata system. After this integration, the communication between DDoS Protector and Suricata system was allowed more easily. As a result, two DPDK compatible regimes were created in the Suricata system. The individual regime allows Suricata to process network data directly from the network interface card. The second, integrated regime allows DCPro to send network data to the Suricata system for highly precise analysis, which significantly extends DDoS Protector's attack detection abilities.
|
|
|
Detection of local area network topology
Šípek, Martin ; Gerlich, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
The bachelor thesis focuses on the detection and mitigation of Man-in-the-Middle attacks in the local network using its own implementation in the Python programming language. One of the most common Man-in-the-Middle attacks is ARP spoofing, which should be identified by the detection system and then mitigate it. The theoretical part of the thesis analyzes the current state of the issue, including a detailed description of the network analysis and tools which are used in this analysis. Cyber attacks are also described, namely Man-in-the-Middle and Denial-of-Service attacks. The practical part describes the realization of the experimental workplace and its detailed components and the installation and configuration of MySQL and Elasticsearch databases. It also focuses on the Suricata program, designed to analyze network traffic, on the actual implementation of Man-in-the-Middle attack detection and on the achieved results of testing of the implemented detection system.
|
|
|
Modeling and detection of SlowDrop attack
Mazánek, Pavel ; Smékal, David (referee) ; Sikora, Marek (advisor)
The work's main topic is a recently published slow DoS attack called SlowDrop. The work focuses on the subject of describing the current state of the DoS problem as a whole and the SlowDrop attack as well. It works with this theoretical basis during the implementation of it's own SlowDrop attack model. This model is tested in various scenarios and the outcome results are analyzed and constructively discussed. Furthermore defensive mechanisms against this threat and DoS attacks in general are proposed, specific methods shown and configurations recommended. These methods are followingly tested and evaluated. Last but not least the traffic of a SlowDrop attacker and a legitimate client with bad connection, which the SlowDrop attack is trying to immitate, are compared. From this comparison final conclusions of this work are drawn.
|
|
|
Communications MikroTik and IPS
Golovkova, Nataliya ; Lieskovan, Tomáš (referee) ; Gerlich, Tomáš (advisor)
The bachelor thesis is is focused on network attack problems and possible protection against their consequencies. The theortecical part describes the attacks that are currently among the most widespread with focus on the attack of Denial of Services (DoS). The next part of the thesis deals with detection and prevention systems fornetwork traffic monitoring with emphasis on the Suricata system. The following part is about getting familiar with the Mikrotik devices that are used in the practical part of the thesis. The practical part aims to provide a solution to mitigate the DoS attack in the communication between Mikrotik router and Suricata system. The communication is solved in a script using the php programming language.
|
|
|
Automated Processing of Network Service Logs in Linux
Hodermarsky, Jan ; Jeřábek, Jan (referee) ; Ilgner, Petr (advisor)
This thesis is focused on design and implementation of software for a prophylactic real-time logfile analysis and a consequent threat detection apparent therein. The software is to concentre particularly on network services, respectively, on the log files thereof, on Linux platform. The log files are observed for potential security breach attempts in regard to respective service as defined in the configuration file. The present thesis purports to reach the largest extent of versatility possible for a straightforward configuration of a new service which is to be monitored and protected by the software. An important asset of the work is a web-based interface accessible through HTTP protocol which allows the software to be administered remotely with ease.
|
|
|
Filtering of denial-of-service attacks
Klimeš, Jan ; Blažek, Petr (referee) ; Gerlich, Tomáš (advisor)
This thesis deals with filtering selected DDoS attacks on denial of the service. The the toretical part deals with the problems of general mechanisms used for DDoS attacks, defense mechanisms and mechanisms of detection and filtration. The practical part deals with the filtering of attacks using the iptables and IPS Suricata firewall on the Linux operating system in an experimental workplace using a network traffic generator to verify its functionality and performance, including the statistical processing of output data from filter tools using the Elasticsearch database.
|
|
| |
guest ::
