|
|
Measurements of the intensity of traffic within a fixed interval of the AP
Kubík, Pavel ; Trzos, Michal (referee) ; Matocha, Tomáš (advisor)
The thesis analyzes the network traffic on a router with open source firmware. First is chosen a software platform, based on compatibility with available equipment. Then are assessed properties necessary for the development of custom applications. Support for various programming languages provided by the SDK, development environment and the available modules and libraries, for working with network interface. Based on these factors is then chose method to realize the program. He is implemented on the OpenWRT firmware in C / C + + using network library pcap. These funds are used to capture and analyze network traffic. Obtained data are processed using methods of technical analysis, namely on the basis of moving averages, Stochastic oscillator and Bollinger bands. Based on results of these methods are generated and verified estimates of traffic. They are based on linear extrapolation, simplified for fixed intervals. The validity of each method is verified on base of the estimated value. Method is verified if estimated value of the traffic volume is in the Bollinger band, which is given by the standard deviation. Each method is tested several times in real traffic with different input parameters. Then is evaluated the influence of parameters on the error rate of methods. Individual methods are compared and evaluated based on the behavior in different scenarios and based on the average relative error.
|
|
|
DNS Service Attacks Simulation
Navrátil, Tomáš ; Kekely, Lukáš (referee) ; Kováčik, Michal (advisor)
The theme of this bachelor‘s thesis is the simulation and detection of cybernetic attacks on the DNS service. The goal was to simulate chosen attacks, analyze their behavior and create a tool capable of detecting these attacks in network traffic and replicating them for research purposes. The tool was able to successfully detect DNS attacks in normal network conditions. These results are discussed further at the conclusion of this paper, along with possible uses this application might have to other developers, and ways the program could be improved or extended in the future.
|
|
|
BitTorrent Traffic Detection
Florek, Daniel ; Hranický, Radek (referee) ; Polčák, Libor (advisor)
This thesis deals with a topic of BitTorrent protocol detection within a pcap file. I managed to design and implement a tool based on deep packet inspection which can detect IP adresses and their ports that were involved in a BitTorrent communication. This detection is extendable with flow analysis which may lead into more results but at the same time in a higher chance of false positives. Therefore this kind of detection is just optional.
|
|
|
Anonymization of users when collecting network traffic
Hamár, Lukáš ; Blažek, Petr (referee) ; Sikora, Marek (advisor)
This thesis deals with anonymization of data, which could lead to disclosure of the identity of end users in network traffic. Work describes algorithms by which individual data parts are anonymized and also tools which use these techniques for network traffic anonymization. The next part of the thesis describes construction of a laboratory network, in which is the network traffic captured, containing pcap and NetFlow data. With using of the captured data, the anonymization tools are tested and the results are compared. In the last part of the thesis is created graphical interface for one of the tested anonymization softwares.
|
|
|
BigData Approach to Management of Large Netflow Datasets
Melkes, Miloslav ; Ráb, Jaroslav (referee) ; Ryšavý, Ondřej (advisor)
This master‘s thesis focuses on distributed processing of big data from network communication. It begins with exploring network communication based on TCP/IP model with focus on data units on each layer, which is necessary to process during analyzation. In terms of the actual processing of big data is described programming model MapReduce, architecture of Apache Hadoop technology and it‘s usage for processing network flows on computer cluster. Second part of this thesis deals with design and following implementation of the application for processing network flows from network communication. In this part are discussed main and problematic parts from the actual implementation. After that this thesis ends with a comparison with available applications for network analysis and evaluation set of tests which confirmed linear growth of acceleration.
|
|
|
Cluster analysis of data traffic
Nagyová, Simona ; Martinásek, Zdeněk (referee) ; Blažek, Petr (advisor)
This thesis is meant to present the methods of cluster analysis, their use for detecting network traffic anomalies. It deals with various types of cyber attacks particularly DoS (DDoS) attacks. It contains a list of well-known DoS attacks. Also includes a program in Python, using the k-means method for detection of anomalous traffic.
|
|
|
Communication of USB3.0 Chip with FPGA
Špeťko, Matej ; Viktorin, Jan (referee) ; Košař, Vlastimil (advisor)
SEC6NET is an abbreviation for project Modern tools for detection and mitigation of cyber criminality on the New Generation Internet. Project is focused on research and development of means for monitoring and analysing the network flow. Probes for monitoring IPv6 networks are developed within this project. Probes are using hardware acceleration based on FPGA platform. My thesis connects two technologies: FPGA and USB. The goal is to transfer data from the FPGA microchip to PC using Cypress EZ-USB FX3 microcontroller. The first part is focused on transferring data from FPGA to FX3 microcontroller. Second part describes the modification of FX3 firmware for getting maximum throughput. The last part focuses on implementing PC application for Linux operating system. The application receives data from the probe and saves them into hard drive using PCAP format.
|
|
|
Transport Layer DOS Attack Generator and Protection
Pelánek, Lukáš ; Kula, Michal (referee) ; Musil, Petr (advisor)
This bachelor thesis focuses on the issues of Denial of Service attacks and the defense against them. It explains the inner workings of computer networks, the principles of DoS attacks and the defense against them. The second part of the thesis focuses on the design and deployment of an application that is able to generate network attacks SYN flood, UDP flood and ICMP flood. The conclusion of this thesis describes the process of testing the application and evaluation of the achieved results.
|
|
|
Analysis of WiFi Traffic at the BUT
Lacina, Vojtěch ; Matoušek, Petr (referee) ; Čejka, Rudolf (advisor)
This work inquires into problem of current wifi traffic on VUT. The traffic has been captured with tcpdump program, anonymized and analyzed in process of creating this work. All this in order to get insight into it's nature. Resulting informations imply the need for traffic shaping which is described later in work. This work tries to determine most fitting means of traffic shaping which would result in improved quality of connection for interactive applications as well as greater satisfaction of provider (VUT) and users.
|
|
|
Effective Network Anomaly Detection Using DNS Data
Fomiczew, Jiří ; Žádník, Martin (referee) ; Kováčik, Michal (advisor)
This thesis describes the design and implementation of system for effective detection of network anomaly using DNS data. Effective detection is accomplished by combination and cooperation of detectors and detection techniques. Flow data in NetFlow and IPFIX formats are used as input for detection. Also packets in pcap format can be used. Main focus is put on detection of DNS tunneling. Thesis also describes Domain Name System (DNS) and anomalies associated with DNS.
|
guest ::
