|
| |
|
|
Intrusion detection and prevention systems at border devices
Bína, Zdenko ; Frolka, Jakub (referee) ; Blažek, Petr (advisor)
This bachelor thesis is focusing on testing the endurance of networks against DDoS attacks. The theoretical part consists of an introduction to the problematics of these attacks and current trends regarding DDoS attacks, focusing on IDS and IPS systems, and Spirent Avalanche 3100b machine, designed to generate network traffic. The practical part is about the configuration of the software web server Apache, which runs on Linux Debian OS, and it is testing this system for endurance against five DDoS attacks. The server is put through attacks before and after application of systems NIDS and NIPS, using Snort and Suricata software. The goal of the thesis is comparing NIDS and NIPS servers based on the results of testing.
|
|
|
Static methods for detection DDoS attacks
Miško, Lukáš ; Dvořák, Jan (referee) ; Blažek, Petr (advisor)
This thesis contains a theoretical basic for solution to issue of network anomalies with use of static methods and it also contains software as a solution for detection of network attacks. The main point of thesis is detection of DoS (Denial of Service) attacks. In thesis is located an analysis of DoS attacks rate categorization. Further in thesis is located analysis of protocols TCP (Transmission Control Protocol) and UDP (User Datagram Protocol), their possible use to attacks SYN flood and UDP flood. Here are analysed three static methods and their detailed description. There is also a analysis of collected data and their comparison in the thesis. Thesis contains description and the results testing of software which is used to detect attacks in network, at the end.
|
|
|
Intrusion detection and prevention systems
Pitschmann, Andrej ; Blažek, Petr (referee) ; Martinásek, Zdeněk (advisor)
The terminal essay aims to introduce the issue of IDS and IPS and their incorporation into a network. An analysis of pros and cons of used open source IDS/IPS systems will be created together with their inclusion into the network. In addition, we focus on the issue of NIDS that will be located in the network’s path of communication among end users. Following the appropriate setting of NIDS of a client we will be receiving and analyzing all communication directed from the attacker with the help of Snort and Suricata programs. The activities will be conducted thanks to a downloaded package and in the case of a need we will use our own rules that will guide the NIDS system of data control. Regarding the testing phase, we have used the SYN flood attack on server via program Hping3 in OS Linus Kali, which is a distribution created with an aim to conduct a penetration tests and in addition it includes several useful programs. The NIDS will help us to gradually control captured packets.
|
|
|
Comparison of Project Management Tools
Tomášek, Pavel ; Blažek, Petr (referee) ; Juřica, Pavel (advisor)
Thesis deals with evaluation of possibilities and conditions for application of key project management methods. Particular parts involve description and delimitation of chosen project management. Traditional methods that are represented by CPM and PERT methods. Furthermore, the thesis is enriched on the basis facts of the Theory of Constraints, which led to the creation of a separate project management system based on the Critical Chain method. This part is followed by an analysis and comparison of these methods in the phase of planning, managing and controlling from a perspective of single project case. Thesis is followed by the using of selected method in real environment conditions, its implementation and evaluation of risks and economic differences.
|
|
|
Filtering and aggregation of network traffic
Zubov, Artem ; Blažek, Petr (referee) ; Martinásek, Zdeněk (advisor)
V této práci jsou zkoumaní základní principy odporů servisních útoků, nejběžnějších typů a účelu použití. Popsané dostupné techniky zmírnění různých typu útoků, nástrojů a přístupů v operačních systémech postavených na Linuxu. Nakonfigurován filtrcni server a pro účely testování simulovan SYN Flood, UDP Flood a ICMP Flood útoky. Bylo zjištěno, vhodne techniky vyrovnání tehto druhu útoku a realizováné příslušna konfigurace filtrování.
|
|
|
Network Anomaly Detection
Lieskovan, Tomáš ; Blažek, Petr (referee) ; Hajný, Jan (advisor)
This semester project presents an analysis of network traffic and detection of anomalies in network traffic by several various means. In the first part of the paper there is an explanation of the methods aiming at denial of service. Then in the second part an implementation of protection by means of selected solutions is presented. The intent is to compare these means which are supposed to detect cyber attacks aiming at denial of service. Another intent is to choose the best solutions from the categories of open-source and commercial solutions. The target of the master thesis was to work out a comparison between actual solutions for detection of DoS and DDoS attacks.
|
|
|
Detection of slow-rate DDoS attacks
Sikora, Marek ; Frolka, Jakub (referee) ; Blažek, Petr (advisor)
This diploma thesis is focused on the detection and protection against Slow DoS and DDoS attacks using computer network traffic analysis. The reader is introduced to the basic issues of this specific category of sophisticated attacks, and the characteristics of several specific attacks are clarified. There is also a set of methods for detecting and protecting against these attacks. The proposed methods are used to implement custom intrusion prevention system that is deployed on the border filtering server of computer network in order to protect Web servers against attacks from the Internet. Then created system is tested in the laboratory network. Presented results of the testing show that the system is able to detect attacks Slow GET, Slow POST, Slow Read and Apache Range Header and then protect Web servers from affecting provided services.
|
|
|
Packet generator on the FPGA platform
Bari, Lukáš ; Blažek, Petr (referee) ; Smékal, David (advisor)
The thesis deals with the theory and design of the network traffic generator on the FPGA platform. The VHDL programming language is used for the description. The work involves getting acquainted with the development processes and design tools needed to create the overall project. It also includes familiarity with the necessary FPGA, NetCOPE and COMBO cards. Based on this information, was designed, tested and implemented packet generator project for the Combo-80G card. For implementation was used framework from NetCOPE.
|
|
|
Generator of illegitimate network traffic
Blažek, Ondřej ; Smékal, David (referee) ; Blažek, Petr (advisor)
The diploma thesis deals with the problems of DoS/DDoS attacks and development of a tool, in C lanugage, for generating them. In the first chapter the principles of DoS attacks targeting the internet and transport layers of ISO/OSI model are described and also according to their characteristics divided. Selected attacks on the application layer are also described here in detail togehter with protocols which they are based on. In the following chapter there has been created a comparison of freely available tools, which could be used as a attack generators. The practical part is dedicated to a development of a tool for DoS attacks, especially design, general description and usage. Further there is a summary of the newly created library, including results of web server testing, and extensions of a web interface, which is part of the developed tool.
|
guest ::
RSS feed.