|
|
Detection of Harmfulness of Communication Partners and Their Networks
Kučera, Rostislav ; Homoliak, Ivan (referee) ; Očenášek, Pavel (advisor)
With the growing dependence of the population on electronic devices, the risk of data loss or misuse also increases. As the number of attacks in computer networks rises, systems for detecting malicious traffic become more important. The goal of this work is a theoretical analysis and implementation of modules for detecting malicious computer communication using machine learning methods, specifically a neural network model, and statistical analysis, which are deployed within the extended intrusion detection system Snort.
|
|
|
Machine Learning from Intrusion Detection Systems
Dostál, Michal ; Očenášek, Pavel (referee) ; Hranický, Radek (advisor)
The current state of intrusion detection tools is insufficient because they often operate based on static rules and fail to leverage the potential of artificial intelligence. The aim of this work is to enhance the open-source tool Snort with the capability to detect malicious network traffic using machine learning. To achieve a robust classifier, useful features of network traffic were choosed, extracted from the output data of the Snort application. Subsequently, these traffic features were enriched and labeled with corresponding events. Experiments demonstrate excellent results not only in classification accuracy on test data but also in processing speed. The proposed approach and the conducted experiments indicate that this new method could exhibit promising performance even when dealing with real-world data.
|
|
| |
|
|
Eluding and Evasion of IDS Systems
Černý, Marek ; Tobola, Jiří (referee) ; Žádník, Martin (advisor)
This paper analyzes network security devices called intrusion detection (ID) systems. In order to point out possible flaws, especially ID systems using signature analysis are examined. Based on this, methods to exploit possible vulnerabilities of these systems were designed. These methods were implemented into a simple program for ID systems efficiency evaluation. It can be used in a way entirely independent of particular network attack used in the test.
|
|
|
Analysis of Security Incidents from Network Traffic
Serečun, Viliam ; Grégr, Matěj (referee) ; Ryšavý, Ondřej (advisor)
Analýza bezpečnostních incidentů se stala velmi důležitým a zajímavým oborem počítačové vědy. Monitorovací nástroje a techniky pomáhají při detekci a prevenci proti tímto škodlivým aktivitám. Tento dokument opisuje počítačové útoky a jejich klasifikaci. Také jsou tady opsaný některé monitorovací nástroje jako Intrusion Detection System nebo NetFlow protokol a jeho monitorovací software. Tento dokument také opisuje konfiguraci experimentální topologie a prezentuje několik experimentů škodlivých aktivit, které byly detailně kontrolovány těmito monitorovacími nástroji.
|
|
|
Intrusion detection system for Mikrotik-based network
Zvařič, Filip ; Frolka, Jakub (referee) ; Krajsa, Ondřej (advisor)
This bachelor's thesis focuses on network attacks and ways to defend against them. It discusses the most common attacks that can be encountered and their impact on computer networks and end user. Finally, it includes steps for implementing a protection system in collaboration with the preventive software Snort and RouterOS operating system. This system's toughness is tested and results are processed.
|
|
|
Laboratory task demonstrates Intrusion Protection System
Bronda, Samuel ; Malina, Lukáš (referee) ; Martinásek, Zdeněk (advisor)
This bachelor thesis is divided into two parts. The theoretical part describes security systems, various types of attacks and details of systems to protect computer networks. The practical part focuses on the workplace, where will operate IDS / IPS system Snort and Suricata, the necessary adjustments and simulation of attacks. The bachelor thesis also includes putting the system into real terms.
|
|
|
Intrusion detection and prevention systems at border devices
Bína, Zdenko ; Frolka, Jakub (referee) ; Blažek, Petr (advisor)
This bachelor thesis is focusing on testing the endurance of networks against DDoS attacks. The theoretical part consists of an introduction to the problematics of these attacks and current trends regarding DDoS attacks, focusing on IDS and IPS systems, and Spirent Avalanche 3100b machine, designed to generate network traffic. The practical part is about the configuration of the software web server Apache, which runs on Linux Debian OS, and it is testing this system for endurance against five DDoS attacks. The server is put through attacks before and after application of systems NIDS and NIPS, using Snort and Suricata software. The goal of the thesis is comparing NIDS and NIPS servers based on the results of testing.
|
|
|
Open source PBX security against attacks
Orsák, David ; Daněček, Vít (referee) ; Šilhavý, Pavel (advisor)
This master's thesis deals with open source PBX security against security attacks. In the theoretical part is detailed description of problematic about attacks that could be used on VoIP systems with high focus on the Denial of Service attack. Furthermore are in theoretical part described methods of security of initialization protocol SIP. Individual chapter is devoted to intrusion detection and prevention of IDS and IPS systems, focusing on Snort and OSSEC. In the practical part of the work was created generator of attacks against various PBX systems, which was subsequently used for detailed testing. Special tests of PBX system are then used against DoS attacks, for which was created protection in form of active elements consisting of IDS Snort & OSSEC. These are capable to provide protection in real-time. The protection was tested on particular PBX systems and in matter of comparison were measured possibilities before and after of security implementation. The output of this work is attacks generator VoIPtester and creation of configuration rules for Snort and OSSEC.
|
|
|
Reliability Measurement of the Pattern Matching
Dvořák, Milan ; Košař, Vlastimil (referee) ; Kaštil, Jan (advisor)
This thesis deals with the pattern matching methods based on finite automata and describes their optimizations. It presents a methodology for the measurement of reliability of pattern matching methods, by comparing their results to the results of the PCRE library. Experiments were conducted for a finite automaton with perfect hashing and faulty transition table. Finally, the resulting reliability evaluation of the algorithm is shown and possible solutions of the identified problems are proposed.
|
guest ::
