|
|
Distributed system for suppression of DoS attacks
Beneš, Dalibor ; Žádník, Martin (referee) ; Šišmiš, Lukáš (advisor)
Ochrana před distribuovanými útoky odepření služby (DDoS) patří mezi klíčové oblastí síťové bezpečnosti. Jednou z možných forem ochrany je využití zařízení DCPro DDoS Protector vyvíjeného sdružením CESNET. Sdružení CESNET provozuje také systémy pro monitorování a analýzu síťového provozu IPFIXcol2 a NEMEA, a dále poskytuje možnost využít protokol pro monitorování sítě sFlow. Cílem této práce je navrhnout a uskutečnit integraci těchto systémů a vytvořit tak efektivní systém potlačení útoků odepření služby. Při vypracování tohoto cíle byl kladen důraz na efektivní využití stávajích řešení, znovupoužitelnost a možnosti budoucího rozšíření celé distribuované architektury.
|
|
|
IP Flow Filter
Štoffa, Imrich ; Krobot, Pavel (referee) ; Wrona, Jan (advisor)
This thesis is focused on unification of filtering languages used by IP flow collecting program and library for their analysis. At the moment these implementations use different filtering modules and file formats. Because of this, inconsistencies in results arise and as a response to this, creation of one filtering module was proposed as part of effort to better integrate collection and analysis of IP flows using these programs. The one filtering module aims to provide one implementation and support for popular filtering language for use in the programs. Thesis contains theoretical introduction to flow monitoring in networks, describes algorithms useful for evaluation of conditions on flow records and packets. The core of authors work is design and implementation of the filtering module and its wrappers for the collector and analysis library. Results of performance tests and evaluation of features can be found in the thesis's conclusion.
|
|
|
Optimization of Distributed Network Flow Collector
Wrona, Jan ; Grégr, Matěj (referee) ; Žádník, Martin (advisor)
This thesis is focused on the optimization of distributed IP flow information collector. Nowadays, the centralized collector is a frequently used solution but is already reaching its performance limits in large scale and high-speed networks. The implementation of the distributed collector is in its early phase and it is necessary to look for solutions that will use it to its full potential. Therefore this thesis proposes a shared nothing architecture without a single point of failure. Using the above proposed architecture, the distributed collector is tolerant to the failure of at least one node. A distributed flow data analysis software, whose performance scales linearly with the number of nodes, is also part of this thesis.
|
|
|
IP Flow Filter
Štoffa, Imrich ; Krobot, Pavel (referee) ; Wrona, Jan (advisor)
This thesis is focused on unification of filtering languages used by IP flow collecting program and library for their analysis. At the moment these implementations use different filtering modules and file formats. Because of this, inconsistencies in results arise and as a response to this, creation of one filtering module was proposed as part of effort to better integrate collection and analysis of IP flows using these programs. The one filtering module aims to provide one implementation and support for popular filtering language for use in the programs. Thesis contains theoretical introduction to flow monitoring in networks, describes algorithms useful for evaluation of conditions on flow records and packets. The core of authors work is design and implementation of the filtering module and its wrappers for the collector and analysis library. Results of performance tests and evaluation of features can be found in the thesis's conclusion.
|
|
|
Optimization of Distributed Network Flow Collector
Wrona, Jan ; Grégr, Matěj (referee) ; Žádník, Martin (advisor)
This thesis is focused on the optimization of distributed IP flow information collector. Nowadays, the centralized collector is a frequently used solution but is already reaching its performance limits in large scale and high-speed networks. The implementation of the distributed collector is in its early phase and it is necessary to look for solutions that will use it to its full potential. Therefore this thesis proposes a shared nothing architecture without a single point of failure. Using the above proposed architecture, the distributed collector is tolerant to the failure of at least one node. A distributed flow data analysis software, whose performance scales linearly with the number of nodes, is also part of this thesis.
|
guest ::
