|
|
Network-wide Security Analysis
de Silva, Hidda Marakkala Gayan Ruchika ; Šafařík,, Jiří (oponent) ; Šlapal, Josef (oponent) ; Švéda, Miroslav (vedoucí práce)
The objective of the research is to model and analyze the effects of dynamic routing protocols. The thesis addresses the analysis of service reachability, configurations, routing and security filters on dynamic networks in the event of device or link failures. The research contains two main sections, namely, modeling and analysis. First section consists of modeling of network topology, protocol behaviors, device configurations and filters. In the modeling, graph algorithms, routing redistribution theory, relational algebra and temporal logics were used. For the analysis of reachability, a modified topology table was introduced. This is a unique centralized table for a given network and invariant for network states. For the analysis of configurations, a constraint-based analysis was developed by using XSD Prolog. Routing and redistribution were analyzed by using routing information bases and for analyzing the filtering rules, a SAT-based decision procedure was incorporated. A part of the analysis was integrated to a simulation tool at OMNeT++ environment. There are several innovations introduced in this thesis. Filtering network graph, modified topology table, general state to reduce the state space, modeling devices as filtering nodes and constraint-based analysis are the key innovations. Abstract network graph, forwarding device model and redistribution with routing information are extensions of the existing research. Finally, it can be concluded that this thesis discusses novel approaches, modeling methods and analysis techniques in the area of dynamic networks. Integration of these methods into a simulation tool will be a very demanding product for the network designers and the administrators.
|
|
|
A NEW DAWN OF NAMING, ADDRESSING AND ROUTING ON THE INTERNET
Veselý, Vladimír ; Muntan,, Jordi Perelló (oponent) ; Grasa, Eduard (oponent) ; Day, John (oponent) ; Švéda, Miroslav (vedoucí práce)
nternet of the year 2015 struggles with problems that are just implications of flawed naming and addressing the concept of TCP/IP, which have an impact on overall routing scalability. Problems such as default-free zone routing table growth, cumbersome multihoming or mobility motivate question whether the Internet deserves major architecture redesign. In the theoretical part, the impact of problems above is evaluated, solutions are discussed and unifying theory compiled and described using formal methods taking into account revered papers about naming, addressing and routing. This work provides in-depth Investigation of two technologies - Locator/Id Separation Protocol a Recursive InterNetwork Architecture. Research contribution is an operational improvement of above-mentioned technologies. New OMNeT++, full-fledged simulation modules compliant with behavior in the specification are used to as verification tool.
|
|
|
Sector coupling a budoucí podoba sektoru elektroenergetiky a plynárenství
Švéda, Miroslav ; MA, Martin Šik, (oponent) ; Radil, Lukáš (vedoucí práce)
Práce je věnována problematice Sector couplingu. Nejprve je zde řešen vývoj a aktuální stav ve výrobě a spotřebě elektrické energie a také vývoj a aktuální stav těžby a spotřeby zemního plynu v České republice a v Evropské unii. Dále se práce zabývá Sector couplingem, tento pojem je vysvětlen a je zde nastíněno, jakou problematikou se zabývá. Poté jsou popsány jednotlivé technologie, kterými se může v budoucnosti Sector couplingu dosáhnout. V rámci pojednání o těchto technologiích jsou také představeny pilotní projekty těchto technologií. Nakonec je uvedena úvaha o budoucím využití technologií Sector couplingu v České republice.
|
|
|
Lawful Interception: Identity Detection
Polčák, Libor ; Baggili, Ibrahim (oponent) ; Hudec,, Ladislav (oponent) ; James, Joshua I. (oponent) ; Švéda, Miroslav (vedoucí práce)
{Internet has became a regular communication channel between law offenders performing malicious activities. Courts or prosecutors authorise lawful interception that targets individual suspects. Lawful interception systems have to identify traffic of the suspects. However, the identifiers that appear in each network packet are short-lived, dynamically assigned, and a single communication session may be split into multiple flows identified by different identifiers. A lawful interception system has to immediately detect that a new identifier covered by an intercept appeared or disappeared. This thesis describes identification in modern computer networks compatible with lawful interception. The focus is on two partial identity detectors: IPv6 address assignment tracking based on monitoring of neighbor discovery and clock-skew-based remote computer identification. Additionally, this thesis proposes identity graphs that link partial identities according to optional constraints that reflect the wording of a warrant. Results of partial identity linking can be utilised by lawful interception systems. The results of this thesis are also applicable in network forensic, and in networks controlled according to user roles.
|
|
|
User accounting in next generation networks
Grégr, Matěj ; Pustka,, Martin (oponent) ; Satrapa,, Pavel (oponent) ; Švéda, Miroslav (vedoucí práce)
The number of devices connected to the Internet is such enormous that it is impossible to assign a globally unique address to every device in today’s TCP/IPv4 architecture. Since the discussion how to solve the problem began in 1990s, there has been several proposals of new protocols and architectures trying to solve the problem. However, the only proposal that is widely deployed today is the IPv6 protocol. The IPv6 protocol enlarges the network address size, thus, it is possible to assign a globally unique IPv6 address to unlimited number of devices. Furthermore, the protocol introduces a paradigm shift, especially for address assignment and length of the IPv6 header. The IPv6 protocol is, however, incompatible with IPv4. To overcome the limitation, several transition mechanisms were proposed. The thesis discusses issues introduced by IPv6 protocol to user accounting process. In particular, it focuses on new approaches that can eliminate problems of current accounting methods that use NetFlow or IPFIX protocols. The aim of the thesis is to solve user accounting process for networks running a transition mechanism or a network address translation. Part of the thesis discusses the global IPv6 deployment and measures IPv6 penetration among content providers, internet service providers and transit operators.
|
|
|
Problematika měření a vyhodnocování impedance vypínací smyčky
Švéda, Miroslav ; Bárta, Jan (oponent) ; Veselka, František (vedoucí práce)
Práce je věnována problematice impedance vypínací smyčky. Je zde řešena problematika měření impedance vypínací smyčky, různé postupy měření a přesnost těchto měření. Dále se práce zabývá následným vyhodnocováním měření impedance vypínací smyčky a zápisem výsledků měření. Práce se také zaměřuje na impedanci vypínací smyčky z hlediska činnosti jistících prvků elektrizační soustavy. Nakonec je jako součást práce provedeno praktické měření impedance vypínací smyčky v reálných elektrických obvodech.
|
|
|
Network-wide Security Analysis
de Silva, Hidda Marakkala Gayan Ruchika ; Šafařík,, Jiří (oponent) ; Šlapal, Josef (oponent) ; Švéda, Miroslav (vedoucí práce)
The objective of the research is to model and analyze the effects of dynamic routing protocols. The thesis addresses the analysis of service reachability, configurations, routing and security filters on dynamic networks in the event of device or link failures. The research contains two main sections, namely, modeling and analysis. First section consists of modeling of network topology, protocol behaviors, device configurations and filters. In the modeling, graph algorithms, routing redistribution theory, relational algebra and temporal logics were used. For the analysis of reachability, a modified topology table was introduced. This is a unique centralized table for a given network and invariant for network states. For the analysis of configurations, a constraint-based analysis was developed by using XSD Prolog. Routing and redistribution were analyzed by using routing information bases and for analyzing the filtering rules, a SAT-based decision procedure was incorporated. A part of the analysis was integrated to a simulation tool at OMNeT++ environment. There are several innovations introduced in this thesis. Filtering network graph, modified topology table, general state to reduce the state space, modeling devices as filtering nodes and constraint-based analysis are the key innovations. Abstract network graph, forwarding device model and redistribution with routing information are extensions of the existing research. Finally, it can be concluded that this thesis discusses novel approaches, modeling methods and analysis techniques in the area of dynamic networks. Integration of these methods into a simulation tool will be a very demanding product for the network designers and the administrators.
|
|
|
A NEW DAWN OF NAMING, ADDRESSING AND ROUTING ON THE INTERNET
Veselý, Vladimír ; Muntan,, Jordi Perelló (oponent) ; Grasa, Eduard (oponent) ; Day, John (oponent) ; Švéda, Miroslav (vedoucí práce)
nternet of the year 2015 struggles with problems that are just implications of flawed naming and addressing the concept of TCP/IP, which have an impact on overall routing scalability. Problems such as default-free zone routing table growth, cumbersome multihoming or mobility motivate question whether the Internet deserves major architecture redesign. In the theoretical part, the impact of problems above is evaluated, solutions are discussed and unifying theory compiled and described using formal methods taking into account revered papers about naming, addressing and routing. This work provides in-depth Investigation of two technologies - Locator/Id Separation Protocol a Recursive InterNetwork Architecture. Research contribution is an operational improvement of above-mentioned technologies. New OMNeT++, full-fledged simulation modules compliant with behavior in the specification are used to as verification tool.
|
|
|
Síťová architektura a propojování vestavěných systémů
Trchalík, Roman ; Drábek, Vladimír (oponent) ; Srovnal, Vilém (oponent) ; Švéda, Miroslav (vedoucí práce)
Tato práce se věnuje architektuře vestavěných systémů. Shrnuje současný stav přijatých standardů z rodiny IEEE 1451, které se zabývají vytvářením prostředí pro senzory a jejich zapojení do různých komunikačních sítí. Tyto standardy popisují otevřenou a síťově nezávislou komunikační architekturu pro systém založený na senzorech. Těžištěm práce jsou architektury uvedené jako případové studie, které mohou být využity jako návrhové vzory vestavěných aplikací demonstrované na bezdrátové technologii ZigBee vhodné pro malá zařízení s velmi nízkou spotřebou elektrické energie. Na základě těchto studií jen navržena univerzální brána, která umožňuje aplikační propojení koncových uzlů z různých bezdrátových architektur určených pro senzorové sítě. Práce se dále zabývá modifikováním směrovacího protokolu v síti ZigBee s cílem snížit spotřebu elektrické energie na přenos jednoho datového paketu.
|
|
| |
host ::
RSS.