|
|
Detection of Malicious Domain Names
Setinský, Jiří ; Perešíni, Martin (referee) ; Tisovčík, Peter (advisor)
The bachelor thesis deals with the detection of artificially generated domain names (DGA). The generated addresses serve as a means of communication between the attacker and the infected computer. By detection, we can detect and track infected computers on the network. The detection itself is preceded by the study of machine learning techniques, which will then be applied in the creation of the detector. To create the final classifier in the form of a decision tree, it was necessary to analyze the principle of DGA addresses. Based on their characteristics, the attributes were extracted, according to which the final classifier will be decided. After learning the classification model on the training set, the classifier was implemented in the target platform NEMEA as a detection module. After final optimizations and testing, we achieved a accuracy of the classifier of 99%, which is a very positive result. The NEMEA module is ready for real-world deployment to detect security incidents. In addition to the NEMEA module, another model was created to predict the accuracy of datasets with domain names. The model is trained based on the characteristics of the dataset and the accuracy of the DGA detector, whose behavior we want to predict.
|
|
|
Mitigation of DDoS Attacks Using IDS/IPS
Litwora, Martin ; Tisovčík, Peter (referee) ; Kučera, Jan (advisor)
This This bachelor's thesis focuses on the detection and mitigation of DDoS attacks (Distributed Denial of Service). The main goal is to analyze and practically verify the capabilities of various IDS/IPS, especially the open-source tool Suircata, to mitigate DDoS attacks. Three main DDoS attack groups are analyzed in this thesis. These groups are flood attacks, amplification attacks, and slow attacks. A set of rules has to be created for each attack type from these groups in order for Suricata to mitigate those DDoS attacks. This thesis also implements a set of tools and scripts to check the functionality and effectiveness of the created rules. These tools are used to generate selected DDoS attacks with different parameters. Testing took place in a virtual environment where special nodes had to be created which represent real subjects during a real DDoS attack. The set of tools and scripts was designed in a way that it can easily be used outside this virtual environment where it is possible to have larger network loads, various variants and combinations of systems, and more.
|
|
|
System for Opening a Window Based on the Temperature and CO2 Concentration in the Room
Jůza, Tadeáš ; Bardonek, Petr (referee) ; Tisovčík, Peter (advisor)
The purpose of this work is to enable an automated maintenance of fresh air in a room. Using automated ventilation, so the smallest possible heat losses occur. The data from sensors of indoor and outdoor temperature, CO2, humidity, and window opening status have been collected and analyzed. Then a suitable algorithm has been selected to accomplish the required values. The program also contains an algorithm for predicting the system's behavior so the controlled appliances (window and heating) work together appropriately.
|
|
|
Wi-Fi Password Cracking
Šopf, Petr ; Tisovčík, Peter (referee) ; Orsák, Michal (advisor)
This bachelor's thesis deals with the issues of Wi-Fi networks security. The first part of thesis is about security options and issues related to those options. Next part compares most used tools for Wi-Fi attacks and lists features of those tools. Best tool is then used and software for sniffing communication between access point and client is created. Sniffing tool is created in two version, one version is used for standalone devices and another one for probe developed on FIT BUT.
|
|
|
Automated Inference of User Interface for NETCONF Protocol
Man, Jakub ; Orsák, Michal (referee) ; Tisovčík, Peter (advisor)
Tato práce se zaměřuje na vytvoření uživatelsky přívětivého grafického rozhraní pro zařízení komunikující protokolem NETCONF. Bylo zvoleno řešení pomocí webového rozhraní, aby bylo použití co nejjednodušší a z pohledu uživatele nevyžadovalo další instalaci. V práci bylo vytvořeno uživatelské rozhraní obsahující systém pro rozšíření a knihovnu pro operace nad protokolem NETCONF. Knihovna pro NETCONF umožňuje uživatelům připojení k zařízením, uložení informací o zařízení do databáze, připojování ke skupinám zařízení pomocí profilů a modifikace konfiugrace zařízení. Systém rozšíření umožňuje výrobcům zařízení poskytnout uživatelům grafické rozhraní, které nevyžaduje další zaškolování uživatelů, aniž by museli vyvýjet celou aplikaci.
|
|
|
IP Flow Filtration and Profiling
Sedlák, Michal ; Tisovčík, Peter (referee) ; Kučera, Jan (advisor)
This thesis addresses the problem of filtering and profiling IP flows, primarily data of IPFIXsystems. Within the work, a general filtering component is designed and implemented, whichaims to be sufficiently efficient and flexible for use in other projects related to IP flows. Thiscomponent is then adapted to work with data in the IPFIX protocol format and integratedinto the existing modular collector IPFIXcol2 in the form of plugins adding the support forfiltering of passing IPFIX data and their sorting into profiles.
|
|
|
Traffic Analysis of Network Protocols Kerberos, NTLM, and SAML 2.0
Krůl, Michal ; Orsák, Michal (referee) ; Tisovčík, Peter (advisor)
This thesis engages the problem consisting of analysis and detection of the attacks carried out on the authentication protocols in the environment of network structures, like those used in big corporations. In~this thesis, the problem is examined in the light of the netflow analysis. Main content of the thesis is a simulation of the attacks targeting network architectures, where the authentication is served by mentioned protocols, and effort to detect these attack by the netflow monitoring. The outcome of this thesis is a draft, how to automatically detect the attacks carried out in the network structures, and plugin for the exporter of the Flowmon sond, the product of Flowmon Networks company, which will be extracting the information needed for the performance of the detection.
|
|
|
Automatic Testing of Software
Mrázik, Matej ; Tisovčík, Peter (referee) ; Korček, Pavol (advisor)
The main goal of the bachelor thesis is to automate the testing of IQRF Gateway Daemon software. The practical output is a tool capable of testing the IQRF Gateway Daemon through an emulated virtual network of intelligent devices. In the theoretical part, the work outlines the issues of software testing to the reader. These principles are then applied in testing the IQRF GW Daemon. The reader will get acquainted with the resulting tool and its functionality, which will be able to further expand if necessary.
|
|
|
Air Quality Analysis in Office and Residential Areas
Tisovčík, Peter ; Korček, Pavol (referee) ; Kořenek, Jan (advisor)
The goal of the thesis was to study the indoor air quality measurement focusing on the concentration of carbon dioxide. Within the theoretical part, data mining including basic classification methods and approaches to dimensionality reduction was introduced. In addition, the principles of the developed system within IoTCloud project and available possibilities for measurement of necessary quantities were studied. In the practical part, the suitable sensors for given rooms were selected and long-term measurement was performed. Measured data was used to create the system for window opening detection and for the design of appropriate way of air change regulation in a room. The aim of regulation was to improve air quality using natural ventilation.
|
|
|
Smart Home with the Third Party Sensors
Tisovčík, Peter ; Hujňák, Ondřej (referee) ; Viktorin, Jan (advisor)
The aim of this thesis was to acquaint with selected wireless sensors, which use Z-Wave and OASiS protocol and to create the uniform interface for BeeeOn system providing communication with the selected sensors. The theoretical part of the thesis describes sensors and USB devices that serve for communication with sensors or operating system to which they are connected. In the practical part, the BeeeOn application was extended by device manager which can support the other communication protocols.
|
guest ::
