|
|
Network Attack Generator
Buček, Hynek ; Košař, Vlastimil (referee) ; Bartoš, Václav (advisor)
This thesis is focused on the study of the best-known network attacks, especially on those that can be theoretically detected without knowledge of the contents of transmitted messages. The goal is to use the basis of acquired knowledge to create a tool that will simulate the behavior of the communication in different network attacks. Simulation outputs will be used for testing the quality of security tools designed to defend against network attacks. The simulator will be used only for offline testing, it will not be possible to carry out real attacks. Purpose of this work is to improve the security against network attacks nowadays.
|
|
|
Protection Against DoS Attacks Using P4 Language
Vojanec, Kamil ; Fukač, Tomáš (referee) ; Kučera, Jan (advisor)
This thesis focuses on reimplementation of existing DoS (Denial of Service) attack mitigation device with high-level P4 programming language. The main reason for using P4 is to enhance adaptability and functionality to different types of DoS attacks. The created device is designed in a modular way and enables easy alterations by using interchangeable components. The target platform for this thesis is an FPGA acceleration card. The work results in designing several DoS mitigation components and implementing applications composed of these components. Pats of this work have been presented at IEEE ANCS (Symposium on Architectures for Networking and Communication Systems) in September 2019 at University of Cambridge.
|
|
|
Mitigation of DoS Attacks Using Neural Networks
Odehnal, Tomáš ; Wrona, Jan (referee) ; Kučera, Jan (advisor)
This bachelor's thesis deals with design and implementation of two approaches as protection against SYN Flood attacks, which are part of DoS attacks. Nowadays Denial of Service attack are very widespread and their execution are quite simple. While they can cause big financial damage to internet or service providers. The purpose of this work is to determine that conventional algorithmic approach and heuristic approach using neural network are capable of SYN Flood attacks mitigation. Implementation of both approaches were done by their design. Then both implementations were tested.
|
|
|
Accelerating an Application for DDoS Mitigation
Vojanec, Kamil ; Kekely, Lukáš (referee) ; Kučera, Jan (advisor)
This thesis focuses on optimizing and accelerating an application used for mitigating Denial of Service attacks. The goal is to analyze the existing implementation of DDoS Protector and to identify components which are suitable for optimization or hardware acceleration. Based on the analysis, improved algorithms and data structures utilizing the DPDK open-source framework are designed together with a proposal to offload certain computation elements into hardware using the RTE Flow library. The result of this thesis is a set of modules and an implementation of classification components intended to be used within the DDoS Protector application. The resulting components are then properly tested. Finally, the performance results of the original and new implementations are compared. The application shows as much as five-times improvement in terms of packet rate when using 256 classification rules.
|
|
|
System for Protection against DoS Attacks
Šiška, Pavel ; Wrona, Jan (referee) ; Kučera, Jan (advisor)
This bachelor's thesis deals with the design and implementation of the software part of the system for protection against DoS attacks. Nowadays Denial of Service attacks are quite common and can cause significant financial damage to internet or service providers. The main goal of this thesis was to provide software, which is focused on high-speed data throughput and can provide efficient protection against these attacks in 100 Gbps networks. Key part of the system, which is being developed in cooperation with CESNET, is hardware-accelerated network interface card, which can process incoming network traffic at full wire-speed and does the operations laid down by the software part. The main task of the software is evaluation of the information about network traffic and managing actions of the hardware accelerator. The software part of the proposed system has been successfully implemented and the properties of the system have been verified in an experimental evaluation. During the work on this thesis the first implementation of the system has already been deployed in CESNET network infrastructure.
|
|
|
Accelerating an Application for DDoS Mitigation
Vojanec, Kamil ; Kekely, Lukáš (referee) ; Kučera, Jan (advisor)
This thesis focuses on optimizing and accelerating an application used for mitigating Denial of Service attacks. The goal is to analyze the existing implementation of DDoS Protector and to identify components which are suitable for optimization or hardware acceleration. Based on the analysis, improved algorithms and data structures utilizing the DPDK open-source framework are designed together with a proposal to offload certain computation elements into hardware using the RTE Flow library. The result of this thesis is a set of modules and an implementation of classification components intended to be used within the DDoS Protector application. The resulting components are then properly tested. Finally, the performance results of the original and new implementations are compared. The application shows as much as five-times improvement in terms of packet rate when using 256 classification rules.
|
|
|
Protection Against DoS Attacks Using P4 Language
Vojanec, Kamil ; Fukač, Tomáš (referee) ; Kučera, Jan (advisor)
This thesis focuses on reimplementation of existing DoS (Denial of Service) attack mitigation device with high-level P4 programming language. The main reason for using P4 is to enhance adaptability and functionality to different types of DoS attacks. The created device is designed in a modular way and enables easy alterations by using interchangeable components. The target platform for this thesis is an FPGA acceleration card. The work results in designing several DoS mitigation components and implementing applications composed of these components. Pats of this work have been presented at IEEE ANCS (Symposium on Architectures for Networking and Communication Systems) in September 2019 at University of Cambridge.
|
|
|
Mitigation of DoS Attacks Using Neural Networks
Odehnal, Tomáš ; Wrona, Jan (referee) ; Kučera, Jan (advisor)
This bachelor's thesis deals with design and implementation of two approaches as protection against SYN Flood attacks, which are part of DoS attacks. Nowadays Denial of Service attack are very widespread and their execution are quite simple. While they can cause big financial damage to internet or service providers. The purpose of this work is to determine that conventional algorithmic approach and heuristic approach using neural network are capable of SYN Flood attacks mitigation. Implementation of both approaches were done by their design. Then both implementations were tested.
|
|
|
Criminal and criminological aspects of cybercrime with a focus on denial of service attacks
Přívozník, Lukáš ; Krupička, Jiří (advisor) ; Heranová, Simona (referee)
Criminal and criminological aspects of cybercrime with a focus on denial of service attacks Abstract The aim of this master thesis is to analyze the criminal law assessment of denial of service (DoS) cyber-attacks and related criminological aspects. The author deals with the technical characteristics and typology of this type of attack. He analyzes its individual variants, as the way of performing the attack, that is reflected in its criminal assessment. The thesis also describes the facts concerning the largest series of DoS attacks that occurred in the Czech Republic in 2013. Next, the author deals with the criminological aspects of cybercrime, namely its expansion and latency, the perpetrators and victims of the denial of service attack and related prevention, including techniques and methods of defense against this attack. In the main part of the thesis, the author analyzes the criminal law aspects of this specific type of crime. The thesis deals with the development of law in this area at international level, within the European Union and at national level. It also deals with the analysis of the factual situation of cybercrime provided for in Sections 230 to 232 of the Criminal Code and the criminal law assessment of individual variants of the attack. The thesis deals with related problematic points,...
|
|
|
System for Protection against DoS Attacks
Šiška, Pavel ; Wrona, Jan (referee) ; Kučera, Jan (advisor)
This bachelor's thesis deals with the design and implementation of the software part of the system for protection against DoS attacks. Nowadays Denial of Service attacks are quite common and can cause significant financial damage to internet or service providers. The main goal of this thesis was to provide software, which is focused on high-speed data throughput and can provide efficient protection against these attacks in 100 Gbps networks. Key part of the system, which is being developed in cooperation with CESNET, is hardware-accelerated network interface card, which can process incoming network traffic at full wire-speed and does the operations laid down by the software part. The main task of the software is evaluation of the information about network traffic and managing actions of the hardware accelerator. The software part of the proposed system has been successfully implemented and the properties of the system have been verified in an experimental evaluation. During the work on this thesis the first implementation of the system has already been deployed in CESNET network infrastructure.
|
guest ::
