|
|
Network Anomaly Detection Based on PCA
Krobot, Pavel ; Kováčik, Michal (referee) ; Bartoš, Václav (advisor)
This thesis deals with subject of network anomaly detection. The method, which will be described in this thesis, is based on principal component analysis. Within the scope of this thesis original design of this method was studied. Another two extensions of this basic method was studied too. Basic version and last extension was implemented with one little additional extension. This one was designed in this thesis. There were series of tests made above this implementation, which provided two findings. First, it shows that principal component analysis could be used for network anomaly detection. Second, even though the proposed method seems to be functional for network anomaly detection, it is still not perfect and additional research is needed to improve this method.
|
|
|
Network Anomaly Detection
Bartoš, Václav ; Kořenek, Jan (referee) ; Žádník, Martin (advisor)
This work studies systems and methods for anomaly detection in computer networks. At first, basic categories of network security systems and number of methods used for anomaly detection are briefly described. The core of the work is an optimization of the method based on detection of changes in distributions of packet features originally proposed by Lakhina et al. This method is described in detail and two optimizations of it are proposed -- first is focused to speed and memory efficiency, second improves its detection capabilities. Next, a software created to test these optimizations is briefly described and results of experiments on real data with artificially generated and also real anomalies are presented.
|
|
|
Privacy protection on the internet
Lučenič, Lukáš ; Babnič, Patrik (referee) ; Rosenberg, Martin (advisor)
In this bachelor thesis are analyzed social networks and their security, methods of obtaining information from users and examples of Internet crime. The second part describes authentication methods and authentication protocols. The final section describes a principled own proposal anonymous authentication protocol.
|
|
|
Case Study of Selected Network Vulnerabilities
Kolajová, Jana ; Kačic, Matej (referee) ; Homoliak, Ivan (advisor)
The main goal of this thesis is to deal with databases of vulnerable code bases and vulnerable applications, and to implement a tool for autonomous search and saving data from those databases to a local one. The thesis is divided into theoretical and practical parts. The theoretical part deals with my current knowledge of the main topic and creates a foundation for the implementation. Various kinds of vulnerabilities and network attacks are described in detail in this part. The practical part describes implementation of the tool and its real use.
|
|
|
Application for monitoring and controlling the security of large LAN and WAN computer networks
Maloušek, Zdeněk ; Polívka, Michal (referee) ; Novotný, Vít (advisor)
Computer networks are used in much wider extent than 20 years ago. People use the computer mainly for communication, entertainment and data storage. Information is often stored only in electronic devices and that is why the security of the data is so important. The objective of my thesis is to describe network security problems and their solutions. First chapter deals with the network security, security checks and attacks. It describes procedures used in practise. First part deals with traffic scanning and filtering at various layers of the TCP/IP model. Second part presents the types of proxy and its pros and cons. Network Address Translation (NAT) is a favourite technique of managing IP addresses of inside and outside network which helps to improve the security and lower the costs paid for IP addresses. NAT description, IPSec, VPN and basic attacks are described in this section. The second chapter of the thesis presents set of Perl scripts for network security checking. The purpose of the project is not to check the whole network security. It is designed for contemporary needs of IBM Global Services Delivery Centrum Brno. The first script checks running applications on target object. The aim is to detect services that are not necessary to run or that are not updated. The second one checks the security of the Cisco device configuration. There is a list of rules that has to be kept. The third script inspects the Nokia firewall configuration which is on the border of IBM network. If some of the rule is broken, it shows the command that has to be proceeded at the particular device. The output of the first and the second script is an HTML file. The third script uses the command line for the final report. The last part of this chapter gives advice to configure Cisco devices. It is a list of security recommendations that can be used by configuring e.g. routers. The appendix presents two laboratory exercises. The aim is to give students an opportunity to learn something about programs and technologies which are used in practise by IT experts to check the weaknesses of their networks.
|
|
|
Intrusion prevention system for network security
Popovec, Juraj ; Verner, Lukáš (referee) ; Balej, Jiří (advisor)
This thesis describes mostly used technologies and methods used for securing computer networks. In detail discusses detection and intrusion prevention system (IPS) issues. Includes laboratory excercise for configuring packet firewall and the second excercise, which simulates securing organization network by firewall with intrusion and prevention system technology.
|
|
|
Wireless Network Aspects
Pluhař, Ondřej ; Ponížil, Michal (referee) ; Koch, Miloš (advisor)
The bachelor’s thesis is about wireless communication, concretely wireless fidelity networks. It deals about IEEE 802.11 standard and also about its modulations. History, development, kinds and properties of wireless network and security is also mentioned. Current situation of one particular company is viewed in further part of the thesis. Some innovations in internet access and security of wireless communication in company network is suggested.
|
|
|
Active security equipment in computer networks
Škrdla, Vojtěch ; Martinásek, Zdeněk (referee) ; Malina, Lukáš (advisor)
The main object of this bachelor's thesis is to describe problematics of active security devices. The thesis is mainly focused on firewalls. Thesis is divided into several topics, in which we describe types of security devices, division of firewalls, description of their advantages and disadvantages, types of VPN. The practical part describes the security design of mid-sized computer network, description of software that was used to test this network and the last part focuses on designing laboratory tasks with firewalls Cisco ASA5520 and Checkpoint Gaia R77.
|
|
|
Wi-Fi Communication Anomaly Detection
Lička, Zbyněk ; Homoliak, Ivan (referee) ; Očenášek, Pavel (advisor)
This thesis deals with anomaly detection in communication using the IEEE 802.11 technology (Wi-Fi) at the data link layer of OSI. The neural network method, specifically LSTM recurrent neural network, has been chosen for anomaly detection purposes. Initially, the focus area and motivation for anomaly detection in a computer network environment is described. Then, various methods for anomaly detection in computer networking are described. Thesis continues with analysis of the requirements for the system and a draft of the final system, including the chosen method, continuing with implementation of the system and model. Testing and evaluation of results takes place before the theses' conclusion.
|
|
| |
guest ::
