|
|
Creating Metadata during Interception of Instant Messaging Communication
Bárta, Stanislav ; Veselý, Vladimír (referee) ; Polčák, Libor (advisor)
This thesis deals with the lawful interception of instant messaging communication and meta-information construction (IRI reports) during an interception. This thesis deals with XMPP, IRC, and OSCAR protocols. Format of messages has been described for each protocol. An application that is able to create IRI messages has been developed and tested in proposed testbed. The work also deals with possible problems that may happen during interceptions.
|
|
|
Fake Data in Computer Networks
Hranický, Radek ; Veselý, Vladimír (referee) ; Polčák, Libor (advisor)
This thesis describes basic principles of lawful interception systems in computer networks and it contains an analysis of various methods of their deception. It also contains a description and implementation of two software tools. The first one is designed to demonstrate an attack on the lawful interception system. The goal is to deceive the system by hiding a transmitted message in a noise, in order to make the law enforcement agency interpret a fake message as the real one. The purpose of the second tool is to obtain the original message from data captured by the interception system.
|
|
|
Identification of Useful Data for Lawful Interception
Holomek, Tomáš ; Veselý, Vladimír (referee) ; Polčák, Libor (advisor)
This thesis deals with the identification of useful data in lawful interception. First part summarizes the standards related to computer networks and lawful intercepts. Next part of the project focuses mainly on the HTTP application protocol, which is described in version 1.1. The work also specifies the classes into which the data traffic can be divided according to the importance to law enforcement agency. It introduces several methods of distribution of data streams into the proposed classes. Finally, the implementation of this methods has been tested for usability in network lines used today.
|
|
|
Hiding Data in Computer Networks
Hrebíček, Martin ; Halfar, Patrik (referee) ; Polčák, Libor (advisor)
This diploma thesis deals with hiding data in the Internet traffic. It contains a description of the law interception. Various possibilities of hiding data are mentioned. The practical part of this thesis consists of an application that hides the data of HTTP and HTTPS protocols in a fake VoIP call. The application consists of two parts: a client and a server. Data transmitted between the client and the server parts are masked as multimedia data of the VoIP call. When a user or Internet server does not transmit any data, random data are transmitted between client and server parts in order to simulate the VoIP call. Then, the thesis focuses on detection of the attack.
|
|
|
Acceleration of Network Traffic Encryption
Koranda, Karel ; Kajan, Michal (referee) ; Polčák, Libor (advisor)
This thesis deals with the design of hardware unit used for acceleration of the process of securing network traffic within Lawful Interception System developed as a part of Sec6Net project. First aim of the thesis is the analysis of available security mechanisms commonly used for securing network traffic. Based on this analysis, SSH protocol is chosen as the most suitable mechanism for the target system. Next, the thesis aims at introduction of possible variations of acceleration unit for SSH protocol. In addition, the thesis presents a detailed design description and implementation of the unit variation based on AES-GCM algorithm, which provides confidentiality, integrity and authentication of transmitted data. The implemented acceleration unit reaches maximum throughput of 2,4 Gbps.
|
|
|
Content of Communication Interception Probe
Zima, Štefan ; Kajan, Michal (referee) ; Polčák, Libor (advisor)
This thesis is focused on creation of tool for intercepting content of network communication. It discusses the legal issue of surveillance and techniques for acceleration of processing incoming traffic in the Linux operating system. The aim of this thesis are implementation techniques using PF_RING library. The application implementation in language C is then tested on commodity hardware using the traffic generator.
|
|
|
Identity Detection in TCP/IP Architecture
Holkovič, Martin ; Matoušek, Petr (referee) ; Polčák, Libor (advisor)
This work deals with detection of users within computer networks on different layers of the TCP/IP architecture. These identities are identified by protocols running on the appropriate layers of the given architecture. PPPoE and SLAAC protocols were chosen as protocols that are used for network layer address assignments. The second type of protocol is the application protocol SMTP. We analysed communication using the chosen protocols in order to create metadata about the corresponding communication. The results of the analysis are finite state machines. Based on these finite state machines, software for legal interception was designed and implemented. Implemented software was tested on samples of data, in a specialized laboratory, and in a production network.
|
|
|
Fast Processing of Application-Layer Protocols
Bárta, Stanislav ; Martínek, Tomáš (referee) ; Polčák, Libor (advisor)
This master's thesis describes the design and implementation of system for processing application protocols in high-speed networks using the concept of Software Defined Monitoring. The proposed solution benefits from hardware accelerated network card performing pre-processing of network traffic based on the feedback from monitoring applications. The proposed system performs pre-processing and filtering of network traffic which is handed afterwards passed to application modules. Application modules process application protocols and generate metadata that describe network traffic. Pre-processing consists of parsing of network protocols up to the transport layer, TCP reassembling and forwarding packet flow only to modules that are looking for a given network traffic. The proposed system closely links intercept related information internal interception function (IRI-IIF) and content of communication internal interception function (CC-IIF) to minimize the performing of duplicate operations and increase the efficiency of the system.
|
|
|
Identities in Tunelled Networks and during Network Address Translation
Šeptun, Michal ; Marek, Marcel (referee) ; Polčák, Libor (advisor)
This thesis introduces the design and implementation of the extension of the system for lawful interception. The system is developed as a part of the Sec6Net project at FIT BUT and provides a platform for research activities in determining identities in computer networks. Parts which has the task of monitoring changes in a user's identity will be extended, so that the system is able to determine the identity even in the tunneled and translated networks. It describes the problems encountered during implementation and their solutions. There are described mechanisms for tunneling networks, mainly virtual private networks and transition mechanisms for IPv6, IP addresses and NAT variants. In the end the tests of the individual modules are described.
|
|
|
Lawful Interception in Software Defined Networks
Franková, Barbora ; Ryšavý, Ondřej (referee) ; Polčák, Libor (advisor)
This thesis covers utilization of software defined networks for lawful interception purposes. Based on specific implementation of lawful interception system SLIS developed by Sec6Net group, suggests improvements aiming at more precise identification of intercepted users and better effectivity of system resources. First aim is achieved by implementation of a new module for dynamic identification component while the other one alters configuration mechanism for probes and OpenFlow switches.
|
guest ::
