|
|
Secure, reliable and adaptive network based on Cisco devices
Lefler, Přemysl ; Komosný, Dan (referee) ; Kubánková, Anna (advisor)
This bachelor thesis deals with design of secure, reliable and adaptive network using Cisco network devices. Thesis includes design of a network with description of each individual technology, that were used in the design to meet requirements for safety, reliability and adaptivity. The last chapter describes frequently occuring network attacks along with a description of their execution followed by implementation of defense against them.
|
|
|
Network Attack Simulator
Filičko, Dávid ; Kováčik, Michal (referee) ; Bartoš, Václav (advisor)
The thesis discusses about study of networks attacks and framework monitoring packets in the network. It proceeds especially network attacks, which can be detected without knowledge about the contents of packets. The aim of this thesis is to develop the simulator based on detected features, which will simulate these attacks. The output from the simulator will be created in the Nemea framework to improve the quality of tools of detection and prevention of given attacks. The simulator will be functioning for testing purpose only. Under no circumstances it will be possible to realize individual attacks.
|
|
|
Network Attack Generator
Buček, Hynek ; Košař, Vlastimil (referee) ; Bartoš, Václav (advisor)
This thesis is focused on the study of the best-known network attacks, especially on those that can be theoretically detected without knowledge of the contents of transmitted messages. The goal is to use the basis of acquired knowledge to create a tool that will simulate the behavior of the communication in different network attacks. Simulation outputs will be used for testing the quality of security tools designed to defend against network attacks. The simulator will be used only for offline testing, it will not be possible to carry out real attacks. Purpose of this work is to improve the security against network attacks nowadays.
|
|
|
Generating of flood attacks
Hudec, David ; Hajný, Jan (referee) ; Smékal, David (advisor)
The assessment comprises of two parts, describing theory and generating of flood attacks respectively. The first part covers flood attacks' analysis, deals with their available techniques and practices, known in the area, and a computer simulation program, revealing the behavior of a contested network as well as the attacker's procedure. In the following part, data generating solutions itself are described. These are represented by two hardware programs, adapted from existing solutions, and one C# application, created by the author. The comparison of these two approaches is included, as well as are the generation results and mitigation proposal.
|
|
|
Proxy firewall
Kugler, Zdeněk ; Pelka, Tomáš (referee) ; Pust, Radim (advisor)
This diploma thesis deals with the topic of proxy servers and firewalls and considers other associated technologies and network techniques. It systematically describes the general issues of firewalls, with a special focus on proxy firewalls and their safety. Additional systems mentioned in this document are intrusion detection systems (IDS), antivirus systems and content control filters – as these are also connected with safety of networks, servers and workstations or with limiting various Internet sources. IDS systems can be typically supplemented with various additional applications or tools that enrich them and increase their potential – including graphic additions. This part is remembered too. Some systems can communicate with each other, which is successfully utilised (FW & IDS co-operation, for example). The purpose of the first large chapter is to present firewall technologies, to list firewall types, their basic functionality and to present the final comparison. It marginally mentions firewall applications in practice. Chapter two explains the theory of network address translation (NAT), deals with its functionality, safety and with limiting the NAT mechanism. Chapter three brings a comprehensive presentation of proxy servers. It explains their principle from the point of view of functionality and the specification of application areas. The chapter is complete with a clear list of proxy server types and their descriptions. The last chapter named Linux Proxy Firewall is the key part of the work. It deals generally with the Linux platform, the Debian GNU/Linux distribution, principles of safety policy, network configuration, network server safety, Linux firewalls (Netfilter framework, Iptables tool) and with the Squid proxy server. The following subchapters respect the previous structure: they describe the theories of intrusion detection systems, antivirus checks and content filtering based on different methods. All this is presented similarly to the previous chapters. A proxy firewall solution built on the Linux operating system has been proposed in the practical part. The Debian GNU/Linux distribution has been chosen, being very suitable for server use due to its features. This environment is also used for additional safety software contained in the proxy firewall: antivirus protection, content filtering and an intrusion detection system. The priority is the most comprehensive computer network security, which requires detection abilities with the broadest possible coverage in the area of network safety. The purpose of this diploma thesis is not only to describe the principle of operation of proxy servers and to compare them with other types and other systems, but it also brings my own proposed free solution, which increases network safety and has the ambition of comparing it with clearly commercial products available on the market.
|
|
|
Extension of Behavioral Analysis of Network Traffic Focusing on Attack Detection
Teknős, Martin ; Zbořil, František (referee) ; Homoliak, Ivan (advisor)
This thesis is focused on network behavior analysis (NBA) designed to detect network attacks. The goal of the thesis is to increase detection accuracy of obfuscated network attacks. Methods and techniques used to detect network attacks and network traffic classification were presented first. Intrusion detection systems (IDS) in terms of their functionality and possible attacks on them are described next. This work also describes principles of selected attacks against IDS. Further, obfuscation methods which can be used to overcome NBA are suggested. The tool for automatic exploitation, attack obfuscation and collection of this network communication was designed and implemented. This tool was used for execution of network attacks. A dataset for experiments was obtained from collected network communications. Finally, achieved results emphasized requirement of training NBA models by obfuscated malicious network traffic.
|
|
|
Annotation of NetFlow Data from Perspective of Network Security
Kadletz, Lukáš ; Grégr, Matěj (referee) ; Žádník, Martin (advisor)
This thesis describes design and implementation of application for offline NetFlow data annotation from perspective of network security. In this thesis is explained the NetFlow architecture in detail along with methods for security incidents detection in the captured data. The application design is based on analysis of manual annotation and supported by several UML diagrams. The Nemea system is used for detecting security events and Warden system as a source of information about reported security incidents on the network. The application uses technologies such as PHP 5, Nette framework, jQuery library and Bootstrap framework. The CESNET association provided NetFlow data for testing the application. The result of this thesis could be used for analysis and annotation of NetFlow data. Resulting data set could be used to verify proper functionality of detection tools.
|
|
|
Architecture and management of secure networks
Štangler, Jan ; Frolka, Jakub (referee) ; Člupek, Vlastimil (advisor)
This work is focused on the security of small to medium-sized networks with central administration, especially on the creation of a methodology for secure network design.The design of a secure network for a start-up IT company, using open-source software, is described. Deployment of the designed secure network, with central management, is performed and the connectivity of network elements are tested. The model simulates network traffic situations and network attacks using penetration testing techniques. In terms of the severity of the impact on network security, intercepted attacks are evaluated and immediately reported to responsible persons. Finally, the results of the intercepted attacks are processed and further actions are recommended.
|
|
|
Network Anomaly Detection
Lieskovan, Tomáš ; Blažek, Petr (referee) ; Hajný, Jan (advisor)
This semester project presents an analysis of network traffic and detection of anomalies in network traffic by several various means. In the first part of the paper there is an explanation of the methods aiming at denial of service. Then in the second part an implementation of protection by means of selected solutions is presented. The intent is to compare these means which are supposed to detect cyber attacks aiming at denial of service. Another intent is to choose the best solutions from the categories of open-source and commercial solutions. The target of the master thesis was to work out a comparison between actual solutions for detection of DoS and DDoS attacks.
|
|
|
Vizualizace síťového provozu s ohledem na bezpečnostní události
SOUBUSTA, Jan
The thesis deals with methods of visualization of network traffic and identification of unfair or offensive activities. The theoretical part is verified by experiments with virtual machines, where an attacker, generating malicious traffic, is simulated. The target of the thesis is to describe and test the ways of displaying data in the network so that it is humanly readable and possible to identify potentially dangerous activities of the attacker.
|
guest ::
