|
|
Prostředí pro testování algoritmů potlačení útoků DDoS
Patová, Pavlína ; Šišmiš, Lukáš (referee) ; Kučera, Jan (advisor)
The work is focused on creating a test environment for simulating DoS attacks. This environment is useful for verifying the vulnerability of networks and services against the phenomenon of DDoS attacks, therefore it will be used to test the tools and techniques developed to defend against DDoS attacks. The outputs of these experiments can then be used as recommendations for network administrators to help improve the refensibility of their systems. The resulting tool is implemented in Python using the PyTest module. We were able to implement many of today’s most common DoS attacks, such as floods and amplification attacks. It is thus possible to test services against these most serious DDoS threats. The resulting tool is easily extensible to other methodologies or attack types, so it can also be used for emerging DoS attacks in the future.
|
|
|
Mitigation of DDoS Attacks Using IDS/IPS
Litwora, Martin ; Tisovčík, Peter (referee) ; Kučera, Jan (advisor)
This This bachelor's thesis focuses on the detection and mitigation of DDoS attacks (Distributed Denial of Service). The main goal is to analyze and practically verify the capabilities of various IDS/IPS, especially the open-source tool Suircata, to mitigate DDoS attacks. Three main DDoS attack groups are analyzed in this thesis. These groups are flood attacks, amplification attacks, and slow attacks. A set of rules has to be created for each attack type from these groups in order for Suricata to mitigate those DDoS attacks. This thesis also implements a set of tools and scripts to check the functionality and effectiveness of the created rules. These tools are used to generate selected DDoS attacks with different parameters. Testing took place in a virtual environment where special nodes had to be created which represent real subjects during a real DDoS attack. The set of tools and scripts was designed in a way that it can easily be used outside this virtual environment where it is possible to have larger network loads, various variants and combinations of systems, and more.
|
|
|
Mitigation of DDoS Attacks Using IDS/IPS
Litwora, Martin ; Tisovčík, Peter (referee) ; Kučera, Jan (advisor)
This This bachelor's thesis focuses on the detection and mitigation of DDoS attacks (Distributed Denial of Service). The main goal is to analyze and practically verify the capabilities of various IDS/IPS, especially the open-source tool Suircata, to mitigate DDoS attacks. Three main DDoS attack groups are analyzed in this thesis. These groups are flood attacks, amplification attacks, and slow attacks. A set of rules has to be created for each attack type from these groups in order for Suricata to mitigate those DDoS attacks. This thesis also implements a set of tools and scripts to check the functionality and effectiveness of the created rules. These tools are used to generate selected DDoS attacks with different parameters. Testing took place in a virtual environment where special nodes had to be created which represent real subjects during a real DDoS attack. The set of tools and scripts was designed in a way that it can easily be used outside this virtual environment where it is possible to have larger network loads, various variants and combinations of systems, and more.
|
guest ::
