|
|
Inference of DDoS Mitigation Rules
Jacko, Daniel ; Tisovčík, Peter (referee) ; Žádník, Martin (advisor)
This thesis focuses on DDoS attacks, their types and means of their mitigation. The aim of the thesis is to design and implement an algorithm which would be able to derive rules to block DDoS attacks. For this, we chose the algorithm of machine learning, a decision tree, which starts operating as soon as the attack is detected. The algorithm operates with a sample of data detected during the attack, and with a sample of legitimate communication. A part of this thesis is also a description of a BPF format and an overview of executed experiments.
|
|
|
Packet Filtering Using XDP
Mackovič, Jakub ; Podermański, Tomáš (referee) ; Grégr, Matěj (advisor)
Počítačové systémy, ktoré musia poskytovať svoje služby s vysokou dostupnosťou vyžadujú isté bezpečnostné opatrenia na to, aby ostali dostupné aj pod paketovými sieťovými útokmi. Nevyžiadané pakety musia byť zahodené čo najskôr a čo najrýchlejšie. Táto práca analyzuje eXpress Data Path (XDP) ako techniku skorého zahodenia paketov a extended Berkeley Packet Filter (eBPF) ako mechanizmus rýchlej analýzy obsahu packetov. Poskytuje sa pohľad na dnešnú prax v oblasti firewallov v systémoch s linuxovým jadrom a navrhne sa systém rýchlej filtrácie paketov založený na eBPF a XDP. Do detailov popisujeme naimplementované filtračné riešenie. Nakoniec sa vyzdvihujú výhody XDP oproti ostatným súčasným technikám filtrácie paketov na sérii výkonnostných testov.
|
|
|
Detection of P2P Networks
Březina, Matej ; Matoušek, Petr (referee) ; Tobola, Jiří (advisor)
This document deals with design, implementation and testing of software system for detecting p2p (peer-to-peer) networks based on combination of BPF prefiltering and POSIX regular expressions packet payload matching with known p2p protocol communications. The proposed detection system includes a database with some rules of most effuse p2p protocols in format resembling to definitions for L7-filter classifier. The application is implemented in C, runs in userspace and is targeted to all POSIX compatible platforms. The combination of detector with user attached QoS controlling is complete solution for traffic reduction of common p2p protocols.
|
|
|
Network Protocol Analyzer
Pšorn, Daniel ; Žádník, Martin (referee) ; Tobola, Jiří (advisor)
Object of this thesis is to find the way how to program network protocol analyzer on the highest level of ISO/OSI model. We need to use some of the methods for detection of application protocols. The software described in this thesis uses traditional application level traffic identification method and signature-mapping-based method. Basic platform is FreeBSD operating system. Programming language is C using libpcap library.
|
|
|
Inference of DDoS Mitigation Rules
Jacko, Daniel ; Tisovčík, Peter (referee) ; Žádník, Martin (advisor)
This thesis focuses on DDoS attacks, their types and means of their mitigation. The aim of the thesis is to design and implement an algorithm which would be able to derive rules to block DDoS attacks. For this, we chose the algorithm of machine learning, a decision tree, which starts operating as soon as the attack is detected. The algorithm operates with a sample of data detected during the attack, and with a sample of legitimate communication. A part of this thesis is also a description of a BPF format and an overview of executed experiments.
|
|
|
Packet Filtering Using XDP
Mackovič, Jakub ; Podermański, Tomáš (referee) ; Grégr, Matěj (advisor)
Počítačové systémy, ktoré musia poskytovať svoje služby s vysokou dostupnosťou vyžadujú isté bezpečnostné opatrenia na to, aby ostali dostupné aj pod paketovými sieťovými útokmi. Nevyžiadané pakety musia byť zahodené čo najskôr a čo najrýchlejšie. Táto práca analyzuje eXpress Data Path (XDP) ako techniku skorého zahodenia paketov a extended Berkeley Packet Filter (eBPF) ako mechanizmus rýchlej analýzy obsahu packetov. Poskytuje sa pohľad na dnešnú prax v oblasti firewallov v systémoch s linuxovým jadrom a navrhne sa systém rýchlej filtrácie paketov založený na eBPF a XDP. Do detailov popisujeme naimplementované filtračné riešenie. Nakoniec sa vyzdvihujú výhody XDP oproti ostatným súčasným technikám filtrácie paketov na sérii výkonnostných testov.
|
|
|
Network Protocol Analyzer
Pšorn, Daniel ; Žádník, Martin (referee) ; Tobola, Jiří (advisor)
Object of this thesis is to find the way how to program network protocol analyzer on the highest level of ISO/OSI model. We need to use some of the methods for detection of application protocols. The software described in this thesis uses traditional application level traffic identification method and signature-mapping-based method. Basic platform is FreeBSD operating system. Programming language is C using libpcap library.
|
|
|
Detection of P2P Networks
Březina, Matej ; Matoušek, Petr (referee) ; Tobola, Jiří (advisor)
This document deals with design, implementation and testing of software system for detecting p2p (peer-to-peer) networks based on combination of BPF prefiltering and POSIX regular expressions packet payload matching with known p2p protocol communications. The proposed detection system includes a database with some rules of most effuse p2p protocols in format resembling to definitions for L7-filter classifier. The application is implemented in C, runs in userspace and is targeted to all POSIX compatible platforms. The combination of detector with user attached QoS controlling is complete solution for traffic reduction of common p2p protocols.
|
guest ::
