|
| |
|
|
Extension of Behavioral Analysis of Network Traffic Focusing on Attack Detection
Teknős, Martin ; Zbořil, František (referee) ; Homoliak, Ivan (advisor)
This thesis is focused on network behavior analysis (NBA) designed to detect network attacks. The goal of the thesis is to increase detection accuracy of obfuscated network attacks. Methods and techniques used to detect network attacks and network traffic classification were presented first. Intrusion detection systems (IDS) in terms of their functionality and possible attacks on them are described next. This work also describes principles of selected attacks against IDS. Further, obfuscation methods which can be used to overcome NBA are suggested. The tool for automatic exploitation, attack obfuscation and collection of this network communication was designed and implemented. This tool was used for execution of network attacks. A dataset for experiments was obtained from collected network communications. Finally, achieved results emphasized requirement of training NBA models by obfuscated malicious network traffic.
|
|
|
Mobile Application for Network Scanning
Teuchner, Marek ; Bartoš, Václav (referee) ; Kováčik, Michal (advisor)
The subject of this bachelor's thesis is to design and implement an application for Android operating system that allows the discovery of all connected devices in a local network and to display information about it and all of its devices. The application would allow the user to assign a custom icon and a note to each device within the network. Logs and statistics are also collected by the application. In addition, it is possible to attack the selected device using various Denial of Service attacks.
|
|
| |
|
|
Analysis and Demonstration of Selected Network Attacks
Gregorová, Pavlína ; Trchalík, Roman (referee) ; Očenášek, Pavel (advisor)
In this Bachelor thesis there are described network attacks which focus on network a computers issues. Attacks are aimed at operation system Windows and its security faults. The aim of this Bachelor thesis is also to prepare materials for lab of course called Security and Computer Networks, which is taught at the Faculty of Information Technology in the University of Technology in Brno.
|
|
|
Security analysis of network traffic using behavioral signatures
Barabas, Maroš ; Hujňák,, Petr (referee) ; Zelinka,, Ivan (referee) ; Hanáček, Petr (advisor)
This thesis focuses on description of the current state of research in the detection of network attacks and subsequently on the improvement of detection capabilities of specific attacks by establishing a formal definition of network metrics. These metrics approximate the progress of network connection and create a signature, based on behavioral characteristics of the analyzed connection. The aim of this work is not the prevention of ongoing attacks, or the response to these attacks. The emphasis is on the analysis of connections to maximize information obtained and definition of the basis of detection system that can minimize the size of data collected from the network, leaving the most important information for subsequent analysis. The main goal of this work is to create the concept of the detection system by using defined metrics for reduction of the network traffic to signatures with an emphasis on the behavioral aspects of the communication. Another goal is to increase the autonomy of the detection system by developing an expert knowledge of honeypot system, with the condition of independence to the technological aspects of analyzed data (e.g. encryption, protocols used, technology and environment). Defining the concept of honeypot system's expert knowledge in the role of the teacher of classification algorithms creates autonomy of the~system for the detection of unknown attacks. This concept also provides the possibility of independent learning (with no human intervention) based on the knowledge collected from attacks on these systems. The thesis describes the process of creating laboratory environment and experiments with the defined network connection signature using collected data and downloaded test database. The results are compared with the state of the art of the network detection systems and the benefits of the proposed approximation methods are highlighted.
|
|
|
Enterprise Network IPS Security
Jakab, Vojtěch ; Babnič, Patrik (referee) ; Červenka, Vladimír (advisor)
This bachelor's thesis addresses the local area network security. The scope of this thesis is to explore the possibilities of security of these networks and introduction of some attacks which can threaten these networks. The main goal, however, is to design maximum security measures of testing network. CISCO router and Fortinet's firewall are available. Their configuration is limited by possibilities of their operating systems. By the appropriate programms the configuration of IPS configured on firewall is examined and they are used to try to evade this component. The last part of this work deals with executing particular network attacks. They are alaysed and agains successful attacks are proposed apropriate countermeasures.
|
|
|
Cryptographic methods of data security
Miloš, Jiří ; Koutný, Martin (referee) ; Lambertová, Petra (advisor)
Bachelor‘s thesis on theme Cryptographic methods of data security consists of three parts. In first part are itemized general theoretical principles, which employs in these sphere. There are also mentioned not only contemporaneous but historical cryptographic standards or algorithms. The second part of these bachelor‘s thesis refer to a possibility of breaking these standards. There are described most applied cryptoanalytics principes and their practical using, especially in the sphere of computer networks and their services. The final part contains a description of the development of simple computer application, which demonstrates the use cryptographic methods in the security packages in personal computer.
|
|
|
Detecting DoS and DDoS Attacks Using NetFlow Data
Huňka, Jan ; Grégr, Matěj (referee) ; Matoušek, Petr (advisor)
This thesis deals with using NetFlow data for DoS and DDoS attacks detection. Based on the findings of the analysis of attack traffic a plugin for exporter of the FlowMon probe is implemented. It monitors several heuristics and based on them determines a level of suspicion of the source IP address. During testing, it was verified that the plugin is able to reliably detect large-scale DoS and DDoS attacks on live traffic.
|
|
|
Network Traffic Obfuscation for IDS Detection Avoidance
Ovšonka, Daniel ; Barabas, Maroš (referee) ; Malinka, Kamil (advisor)
This thesis deals with the principles of network traffic obfuscation, in order to avoid its detection by the Intrusion Detection System installed in the network. At the beginning of the work, reader is familiarized with the fundamental principle of the basic types of IDS and introduced into the matter of obfuscation techniques, that serve as stepping stone in order to create our own library, whose design is described in the last part of the work. The outcome of the work is represented by a library, that provides all the implemented techniques for further use. The library can be well utilized in penetration testing of the new systems or used by the attacker.
|
guest ::
