|
|
Generating of DNS Service Attacks
Tutko, Jakub ; Bartoš, Václav (referee) ; Kováčik, Michal (advisor)
Availability and security are the most important requirements for Internet services. It is therefore necessary to detect the network anomalies, which have the greatest impact on these requirements. Therefore the great emphasis must be placed on development of detection mechanisms that keep pace with increasingly sophisticated network anomalies. The aim of this work is to analyze and replicate the most common DNS service attacks. Collected data from these attack generators can be used for better understanding of their behavior, what leads to improved and more effective detection mechanisms.
|
|
|
Malware Detection Using DNS Traffic Analysis
Daniš, Daniel ; Ovšonka, Daniel (referee) ; Kováčik, Michal (advisor)
This master thesis deals with the design and implementation of a tool for malware detection using DNS traffic analysis. Text of the thesis is divided into theoretical and practical part. In theoretical part the reader will be acknowledged with the domain of malware and botnet detection. Consequently, various options and methods of malware detection will be described. Practical part of the thesis contains description of malware detection tool architecture as well as key aspects of its implementation. Moreover, the emphasis is being placed on testing and experiments. The result of the thesis is a tool, written in python, for malware detection using DNS traffic analysis, that uses a combination of several methods of detection.
|
|
| |
|
|
Packet Filtering in Computer Networks
Šrůtka, Petr ; Kováčik, Michal (referee) ; Kajan, Michal (advisor)
This bachelor thesis contains an introduction to packet classification, types of packet classification techniques and different metrics. It describes different algorithms used for packet classification and implementation of Recursive flow classification algorithm is also part of this bachelors thesis. It presents different configuration parameters of RFC algorithm and describes its advantages and disadvantages. This work is concluded with a set of experiments describing characteristics of implemented algorithm together with comparison of other classification approaches.
|
|
|
Network Anomaly Detection Based on PCA
Krobot, Pavel ; Kováčik, Michal (referee) ; Bartoš, Václav (advisor)
This thesis deals with subject of network anomaly detection. The method, which will be described in this thesis, is based on principal component analysis. Within the scope of this thesis original design of this method was studied. Another two extensions of this basic method was studied too. Basic version and last extension was implemented with one little additional extension. This one was designed in this thesis. There were series of tests made above this implementation, which provided two findings. First, it shows that principal component analysis could be used for network anomaly detection. Second, even though the proposed method seems to be functional for network anomaly detection, it is still not perfect and additional research is needed to improve this method.
|
|
|
Efficient Transport of Electronic Mail with Microsoft Exchange Plugin
Jakubis, Tomáš ; Homoliak, Ivan (referee) ; Kováčik, Michal (advisor)
This project discusses optimization of e-mail and SMTP traffic in proprietary product of Microsoft Exchange 2013 in regard of marine industry. The goal is at first to analyze the requirements of this service on slow and unreliable network connections, SMTP traffic and then the product itself. Afterwards it defines specification for the final product and prepares the test environment. Design and implementation of transport agent using Exchange Management Shell is described for synchronization of two installations of Microsoft Exchange 2013; and focuses on emerged problems during the development, discusses different approaches and possible solutions. Testing shows various shortcomings of found solution. Finally, analysis of final solution shows possible future improvements and a need of security upgrade before applying to production environment.
|
|
|
Obfuscation of Anomalies and Security Incidents in DNS Traffic
Štěrba, Ondřej ; Kováčik, Michal (referee) ; Homoliak, Ivan (advisor)
The work analyze current detection methods of anomalies and security incidents in DNS traffic, and than design new obfuscation techniques which are capable of evading anomaly detection. Network attacks, exploiting the DNS protocol for tunneling of other network traffic, were selected for implementation part of the work. Control of botnet is considered as malicious application of tunneling through the DNS protocol. The main result of the work is to emphasize the necessity of discovering new detection principles of anomalies and security incidents in DNS traffic.
|
|
|
Detection of Slow HTTP DoS Attacks
Jakubíček, Patrik ; Kováčik, Michal (referee) ; Bartoš, Václav (advisor)
This thesis deals with the detection of Slowloris attack. Based on the findings a detection module for Nemea system is implemented. It analyzes flow records and performs attack detection. Tests have verified that the module can work in real deployment and detect Slowloris attack quite successfully.
|
|
|
Malicious Domains Detection Using Analysis of DNS Traffic
Ambrušová, Eva ; Žádník, Martin (referee) ; Kováčik, Michal (advisor)
The aim of this thesis is the detection of malicious domains based on passive analysis of DNS traffic. It represents the design and implementation of a system which proceeds DNS anomaly detection based on a structure of the domain name by using the entropy and a frequency characteristics of n-grams. The system was tested on DNS data obtained from the real traffic and the functionality of implemented detectors was verified by testing and analysis of results.
|
|
|
Energy Consumption Management System
Kováčik, Michal ; Solár, Peter (referee) ; Ruttkay, Ladislav (advisor)
The goal of the bachelor's thesis is an implementation of web application for monitoring and evidence of energy consumptions in households. System allows user to store and monitor energy consumptions in his household. System also compares and nominates solutions from other providers, if it is possible with concrete energy. Programming language of implementation is C# with the use of Microsoft's .NET technology and object-oriented programming metodology.
|
guest ::
RSS feed.