|
|
Content Gap Analysis Of Current Cyber-Security Challenges Of Industrial Control Systems
Pospíšil, Ondřej
This paper deals with the analysis of current research papers dealing with cybersecurity in industrial control systems. The analysis is focused on terminology and deals with possible directions to follow in future research. The article also describes current literature on this issue and recommends some sources to obtain information. The summary provides possible directions to follow in cybersecurity research in ICS.
|
|
|
Detection of fake access points
Lővinger, Norbert ; Gerlich, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
The risk of cyber-attacks in the local networks is constantly increasing due to the underestimation of their security. In wireless LANs, an attacker does not require physical access to the network. These types of attacks are almost impossible to spot. The typical signature of fake access point is the same configuration as the legitimate access point, which increases the effectivness of the attack. Detection systems are used to detect these cyber-attacks in local networks. Detection systems offer advanced methods for real-time analysis of captured network communication. In this bachelor thesis two open detection systems – Suricata and Kismet are analysed and compared. Custom implementation of detection system is based on functionality analysis of these two detection systems. Custom implemetation is programmed in Python at an affordable Raspberry Pi 4. The success of detecting cyber-attacks using fake access point was tested in 4 different scenarios at the experimental testbed.
|
|
|
Slow rate DoS attacks independent of application layer protocol
Richter, Dominik ; Münster, Petr (referee) ; Sikora, Marek (advisor)
This bachelor thesis is focused on the development of a generator of Slow DoS attacks independent of the application layer protocol and a system capable of detecting these attacks. These attacks are characterized by the use of very low bandwidth and similarities to legitimate user traffic on the network. This makes them very effective and difficult to detect. In addition, they can be applied to multiple ISO/OSI application layer protocols, such as FTP, SSH, or HTTP. Specifically, the work deals with Slowcomm, Slow Next and SlowReq attacks. In the introduction, the reader is introduced to three application layer protocols, on which the implemented attacks will be presented and tested. Next, the individual Slow DoS attacks and the procedure of their implementation in the test environment are described in more detail. Subsequently, an IDS detection system was created, which is able to detect the ongoing attack generated by the created generator. Its implementation was also described. The results show that Slow DoS attacks are able to prevent access to the target service faster and more effectively than conventional flood attacks. The detection system, on the other hand, is able to detect them.
|
|
|
Industrial control system security design
Strnad, Matěj ; Martin,, Keprt (referee) ; Sedlák, Petr (advisor)
The subject of the master's thesis is a design of security measures for securing of an industrial control system. It includes an analysis of characteristics of communication environment and specifics of industrial communication systems, a comparison of available technological means and a design of a solution according to investor's requirements.
|
|
|
Intrusion detection system for Mikrotik-based network
Zvařič, Filip ; Frolka, Jakub (referee) ; Krajsa, Ondřej (advisor)
This bachelor's thesis focuses on network attacks and ways to defend against them. It discusses the most common attacks that can be encountered and their impact on computer networks and end user. Finally, it includes steps for implementing a protection system in collaboration with the preventive software Snort and RouterOS operating system. This system's toughness is tested and results are processed.
|
|
|
Comparing Speed of the Modern Systems for Regular Expression Matching
Trávníček, Jan ; Kořenek, Jan (referee) ; Kaštil, Jan (advisor)
This thesis describes how to compare the speed of modern tools for regular expressions matching. To compare the speed of each tool is used set of regular expressions from the Snort - Intrusion Detection System, which are specified in the PCRE notation. These regular expressions are evaluated by difeerent tools and the results are compared with each other. In this work is also solved difeerence between mathematical and practical perspective on the term of regular expression and transfer Perl regular expressions in POSIX regular expressions.
|
|
|
Construction of Nondeterministic Finite Automata
Stanek, Timotej ; Šimek, Václav (referee) ; Kaštil, Jan (advisor)
This thesis discuss about dilemma in construction of nondeterministic finite automata from PCRE expressions with respect of their parameters with use in Intrusion Detection Systems. There is showed PCRE expressions syntax too. We discussed two different approaches to construct nondeterministic finite automata from PCRE expressions. The implementation of these two algorithms is described. We constructed finite automata with them from expressions of three Intrusion Detection Systems: SNORT, Bro IDS and L7-Filter, and finally we compared their parameters and deduced conclusions.
|
|
|
Analysis of Automated Generation of Signatures Using Honeypots
Bláha, Lukáš ; Barabas, Maroš (referee) ; Drozd, Michal (advisor)
In this paper, system of automatic processing of attacks using honeypots is discussed. The first goal of the thesis is to become familiar with the issue of signatures to detect malware on the network, especially the analysis and description of existing methods for automatic generation of signatures using honeypots. The main goal is to use the acquired knowledge to the design and implementation of tool which will perform the detection of new malicious software on the network or end user's workstation.
|
|
|
Network Traffic Obfuscation for IDS Detection Avoidance
Ovšonka, Daniel ; Barabas, Maroš (referee) ; Malinka, Kamil (advisor)
This thesis deals with the principles of network traffic obfuscation, in order to avoid its detection by the Intrusion Detection System installed in the network. At the beginning of the work, reader is familiarized with the fundamental principle of the basic types of IDS and introduced into the matter of obfuscation techniques, that serve as stepping stone in order to create our own library, whose design is described in the last part of the work. The outcome of the work is represented by a library, that provides all the implemented techniques for further use. The library can be well utilized in penetration testing of the new systems or used by the attacker.
|
|
|
Implementation of Regular Expression Grouping in MapReduce Paradigm
Šafář, Martin ; Dvořák, Milan (referee) ; Kaštil, Jan (advisor)
The greatest contribution of this thesis is design and implementation of program, that uses MapReduce paradigm and Apache Hadoop for acceleration of regular expression grouping. This paper also describes algorithms, that are used for regular expression grouping and proposes some improvements for these algorithms. Experiments carried out in this thesis show, that a cluster of 20 computers can speed up the grouping ten times.
|
guest ::
