|
|
Generating non-standard packets and data flows on Ethernet networks for teaching purposes
Mošnerová, Tereza ; Dvořák, Jan (referee) ; Jeřábek, Jan (advisor)
This diploma thesis is aimed at the process of generating non-standard data streams that contain hidden information. For this purpose a software called Ostinato is used. Ostinato allows to select protocols on the individual layers of the TCP/IP network model according to the needs and preferences, and moreover, data bytes can be inserted and modified arbitrarily using the HexDump fields. Various fields of the TCP/IP protocols are used to hide data on the network, transport and application layers. The generated data packets can be easily modified which enables to create several other versions of them. These can serve, for example, as a semestral project assignment for the subjects Communication Technology and Modern Communication Techniques taught at BUT. In addition, the size limits of the inserted data of the individual data packet options are tested. The functionality of the generated packets is verified by Wireshark. As a result, several .ostm and .pcapng files including a text file with their clear description are provided.
|
|
|
XGPON module for Wireshark
Šuba, Patrik ; Horváth, Tomáš (referee) ; Tomašov, Adrián (advisor)
The master's thesis deals with the design of a PcapNG file format for supporting XG-PON data and explores the possibilities of creating a module. The aim is to create a module as a technical tool for detailed analysis and diagnostics of XG-PON networks. The file design proposal consists of packet processing by a network analyzer and the creation of PcapNG format blocks. This file design proposal is implemented in a program written in the Python language. The Wireshark module is implemented in the LUA programming language which have native support for utilizing the new link layer. The use of the module involves configuring the application to support the XG-PON protocol and utilizing the module itself, which can process XG-PON frames in both directions of communication in the proposed PcapNG file. An important part was the verification of the module's functionality on data from an available XG-PON network, demonstrating its ability to correctly process data from a real environment. The result of the work is a tool for the analysis and diagnosis of XG-PON networks, which can contribute to better management of these modern optical networks.
|
|
|
Identification of industrial devices
Šotola, Bohuslav ; Blažek, Petr (referee) ; Pospíšil, Ondřej (advisor)
This thesis, titled Identification of Industrial Devices, deals with the use of machine learning for the passive identification of exclusively programmable logic controllers (PLCs) from Siemens, communicating via network traffic. The identification is performed to obtain information about vulnerabilities in the devices currently in use. The motivation for introducing identification in the industry is to minimize the likelihood of attacks and thus reduce losses in production. Datasets in the field of Industrial Control Systems (ICS) are created for targeted device identification within 5 minutes of capturing network traffic. These datasets are statistically processed to find input parameters showing independence from topology and time. The statistically processed parameters are then subjected to machine learning models. If they are found to be sufficiently independent, the idea is verified on independent data not related to previous ones. In identification, there is also an attempt to utilize network transmission parameters that are independent of the PLC device manufacturer. Identification of PLC devices is possible, with the ideal use of the older version of the proprietary S7 protocol, as it allows identification within 5 minutes of capturing traffic. Identification based on the older version of the protocol is also relevant because it is used in practice. An obstacle to capturing traffic for identification is the fact that potential users often need appropriate permissions. Firmware updates must be taken into account, providing new data security features.
|
|
|
Multi-protocol sniffer and analyzer
Lukáš, Vojtěch ; Zeman, Kryštof (referee) ; Krajsa, Ondřej (advisor)
The subject of this thesis is the design of a device that captures Bluetooth Low Energy or IEEE 802.15.4 frames and sends them via Ethernet interface to a computer for further analysis using Wireshark. The device is based on the CC2652RB microchip from Texas Instruments, which is accompanied by WIZnet W5500 Ethernet controller. This thesis describes software and hardware aspects of said device, furthermore it briefly mentions a custom designed Wireshark dissector. In addition, this thesis contains a quick handbook for Texas Instruments microcontrollers software development.
|
|
|
Detailed analysis of the cybersecurity of photovoltaic systems
Turek, Adam ; Bohačík, Antonín (referee) ; Mikulášek, Michal (advisor)
Cílem diplomové práce je seznámení se s metodami útoků na fotovoltaické systémy a jejich komponenty. Dále analyzování jednotlivých typů fotovoltaických systémů, jednotlivých komponent a možných bezpečnostních nedostatků. Dále navržení a sestavení testovacího pracoviště umožnující sledování fotovoltaických prvku a síťového provozu s implementovaním několika kybernetických útoků. Práce popisuje teoretickou část fotovoltaických systémů a jejich komponent, kybernetickou bezpečnost a možné útoky. Krom toho také analýzu konkrétních zranitelností na fotovoltaické systémy, která byla provedena prostřednictvím veřejně známých databází jako je Vulners nebo Národní Databáze Zranitelností. Dále popis testovacího prostředí střídačů Solax a Solinteg, implementační nástroje a úspěšně provedenou síťovou, Modbus a kybernetickou analýzu na fotovoltaické střídače s odsimulováním útoků.
|
|
|
Security analysis of network protocols
Bednařík, Jan ; Sobotka, Jiří (referee) ; Hajný, Jan (advisor)
The aim of my bachalor’s thesis is security of net protocols analysis. Because of the huge number of net protocols, I’ve decided to choose only a few of them to describe. My task is to describe the TCP/IP model structure in term of security, so I have chosen to devide my thesis into two separate parts. The first part contains describtions of particular TCP/IP layers and adumbration of possibilities of securing. The second part contains more accurate describtions of some chosen protocols, mostly the case of their security. At the close of my work it is my task to describe some utilities and methods which can be used to accomplish an successful attack on chosen net protocols. I have chosen protocols HTTP, FTP and SSL. As the utilities I have chosen programs Wireshark, Brutus and SSLSTRIP.
|
|
|
Driver design for PROFINET bus coupler
Kroupa, Jiří ; Šubrt, Kamil (referee) ; Houška, Pavel (advisor)
The essence of this diploma thesis is the design and implementation of driver for Profinet bus coupler from Phoenix Contact, which use computer's network card for communication. The proposal builds on the knowledge gained from available literature and analysis of Profinet protocol.
|
|
|
Anonymization of users when collecting network traffic
Hamár, Lukáš ; Blažek, Petr (referee) ; Sikora, Marek (advisor)
This thesis deals with anonymization of data, which could lead to disclosure of the identity of end users in network traffic. Work describes algorithms by which individual data parts are anonymized and also tools which use these techniques for network traffic anonymization. The next part of the thesis describes construction of a laboratory network, in which is the network traffic captured, containing pcap and NetFlow data. With using of the captured data, the anonymization tools are tested and the results are compared. In the last part of the thesis is created graphical interface for one of the tested anonymization softwares.
|
|
|
Detection of anomalies in network traffic using compression methods
Blažek, Libor ; Dvořák, Jan (referee) ; Blažek, Petr (advisor)
The objective of the thesis is to design a practical demonstration of the functionality of selected compression methods. The following chapters will discuss the attacks on terminals and mentioned some measures. The show will be processed using two methods development environment. The attacks will detect anomalies in the network and subsequently carried out at one of the sample data compression methods. Data will be collected as normal operation at the terminal station, and then in the attack.
|
|
|
Securing IP PBX against attacks and resistance testing
Kakvic, Martin ; Šedý, Jakub (referee) ; Šilhavý, Pavel (advisor)
This diploma thesis focuses on attacks on PBX Asterisk, FreeSWITCH and Yate in LTS versions. In this work was carried out two types of attacks, including an attack DoS and the attack Teardown. These attacks were carried out using two different protocols, SIP and IAX. During the denial of service attack was monitored CPU usage and detected if its possible to establish call and whether if call can be processed. The Security of PBX was build on two levels. As a first level of security there was used linux based firewall netfilter. The second level of security was ensured with protocols TLS and SRTP.
|
guest ::
