|
|
Malware Detection Using DNS Traffic Analysis
Daniš, Daniel ; Ovšonka, Daniel (referee) ; Kováčik, Michal (advisor)
This master thesis deals with the design and implementation of a tool for malware detection using DNS traffic analysis. Text of the thesis is divided into theoretical and practical part. In theoretical part the reader will be acknowledged with the domain of malware and botnet detection. Consequently, various options and methods of malware detection will be described. Practical part of the thesis contains description of malware detection tool architecture as well as key aspects of its implementation. Moreover, the emphasis is being placed on testing and experiments. The result of the thesis is a tool, written in python, for malware detection using DNS traffic analysis, that uses a combination of several methods of detection.
|
|
|
Proxy servers in Internet
Henek, Jan ; Burda, Karel (referee) ; Komosný, Dan (advisor)
The goal of this paper is to analyze the representation of proxy servers in cyber attacks conducted by Internet. For this purpose I used method which compares tested IP address with database of open proxy servers. I assembled a list of IP address taken from the blacklist of cyber attacks committed in 2015. Then I checked this list with the created program Proxy checker and compared them with a database of open proxy servers. By measurement I demonstrate the inefficacy of this method for reverse detection of proxy servers in the IP list of past attacks.
|
|
|
Detection of Malicous Traffic in Local Network
Šabík, Erik ; Kováčik, Michal (referee) ; Žádník, Martin (advisor)
This bachelor's thesis discusses monitoring local networks using IP flows. It describes Nemea framework which is used for building complex systems for detecting malicious traffic. Analysis of data from three different networks was performed by using this framework. Based on this analysis a design for detection of malicious traffic in local network was created. The detection method monitors network traffic for suspicious communication targeting IP or URL addresses that are listed in public blacklists. The detection method is evaluated on various traffic samples and the results show that three analysed samples belong to networks that are well managed and secured since the communication with the blacklisted entities is rare.
|
|
|
Ssh Attacks Detection on Netflow Layer
Marek, Marcel ; Barabas, Maroš (referee) ; Michlovský, Zbyněk (advisor)
This bachelor's thesis briefly describes the basic principles of SSH protocol, its architecture and used encryption. The thesis is mainly focused on datamining information from low-level network communication and usage of its results for attacks detection. It also describes dictionary attacks used on SSH service and with NetFlow shows further possibilities of increasing network security.
|
|
|
Blacklist of unfair business practices used against consumers
Tichá, Sabina ; Patěk, Daniel (advisor) ; Tomášek, Petr (referee)
Blacklist of unfair business practices used against consumers This thesis focuses on the blacklist of unfair commercial practices, which is a designation for an exhaustive list of specific unfair practices which a consumer may face in business relations with a seller and which are prohibited due to their unfair nature. This list forms Annexes 1 and 2 to the Act No. 634/1992 Coll., on Consumer Protection and an Annex I to the Directive 2005/29/EC of the European Parliament and of the Council concerning unfair business-to-consumer commercial practices in the internal market. The thesis begins by outlining the European regulation of consumer protection prior to the adoption of this Directive, from the origin of an idea to create a blacklist through its realization in a form of an Annex to the Directive to its implementation into national law in the member states. The blacklist is an integral part of the process of assessing unfairness of commercial practices. It is the first step of the whole process. For that reason, in the second part of the thesis, the reader is guided through the process of assessing whether a commercial practice is unfair and therefore prohibited and the main subjects of the commercial transactions are defined - the consumer and the seller. The following third and main part of...
|
|
|
Detection of Malicous Traffic in Local Network
Šabík, Erik ; Kováčik, Michal (referee) ; Žádník, Martin (advisor)
This bachelor's thesis discusses monitoring local networks using IP flows. It describes Nemea framework which is used for building complex systems for detecting malicious traffic. Analysis of data from three different networks was performed by using this framework. Based on this analysis a design for detection of malicious traffic in local network was created. The detection method monitors network traffic for suspicious communication targeting IP or URL addresses that are listed in public blacklists. The detection method is evaluated on various traffic samples and the results show that three analysed samples belong to networks that are well managed and secured since the communication with the blacklisted entities is rare.
|
|
|
Malware Detection Using DNS Traffic Analysis
Daniš, Daniel ; Ovšonka, Daniel (referee) ; Kováčik, Michal (advisor)
This master thesis deals with the design and implementation of a tool for malware detection using DNS traffic analysis. Text of the thesis is divided into theoretical and practical part. In theoretical part the reader will be acknowledged with the domain of malware and botnet detection. Consequently, various options and methods of malware detection will be described. Practical part of the thesis contains description of malware detection tool architecture as well as key aspects of its implementation. Moreover, the emphasis is being placed on testing and experiments. The result of the thesis is a tool, written in python, for malware detection using DNS traffic analysis, that uses a combination of several methods of detection.
|
|
|
Proxy servers in Internet
Henek, Jan ; Burda, Karel (referee) ; Komosný, Dan (advisor)
The goal of this paper is to analyze the representation of proxy servers in cyber attacks conducted by Internet. For this purpose I used method which compares tested IP address with database of open proxy servers. I assembled a list of IP address taken from the blacklist of cyber attacks committed in 2015. Then I checked this list with the created program Proxy checker and compared them with a database of open proxy servers. By measurement I demonstrate the inefficacy of this method for reverse detection of proxy servers in the IP list of past attacks.
|
|
|
Ssh Attacks Detection on Netflow Layer
Marek, Marcel ; Barabas, Maroš (referee) ; Michlovský, Zbyněk (advisor)
This bachelor's thesis briefly describes the basic principles of SSH protocol, its architecture and used encryption. The thesis is mainly focused on datamining information from low-level network communication and usage of its results for attacks detection. It also describes dictionary attacks used on SSH service and with NetFlow shows further possibilities of increasing network security.
|
|
|
Email SPAM, trends, risks and countermeasures
Čepička, Tomáš ; Luc, Ladislav (advisor) ; Veber, Jaromír (referee)
This bachelor thesis deals current spam problematics. The goal of this thesis is to introduce spam problematics to an ordinary computer user and It's solutions such as most common ways of protection against spam as well as testing these methods. This thesis is divided into two parts, theoretical and practical. Theoretical part is about history of spam and evolution to form as It is known today. Various kinds of spam, including risks that are involved, are introduced. A major attention is paid to each single method of anti-spam protection. These methods are explained in detail including advantages and disadvantages. The final part of this section discusses legislative issues. The beginning of practical part is dedicated to market analysis. A few free email hostings are chosen based on this analysis and tested using several tools to prove their real effectiveness and validity of anti-spam protection. At the ending the results are analyzed, afterwards recommended the best anti-spam protection.
|
guest ::
