|
|
Testing communication protocols using mobile technologies for the Internet of Things LTE-M and NB-IoT
Bartko, Samuel ; Dvořák, Radim (referee) ; Možný, Radek (advisor)
This thesis focuses on a comprehensive investigation and evaluation of the currently widespread communication protocols in the dynamically developing IoT sector (Internet of Things). With the proliferation of IoT, there is a need to create new technologies for efficient interconnection of hysical and digital worlds. The main objective of this work is to test and evaluate the suitability of use and optimal configuration of communication protocols in the context of the latest implementations of mobile technologies for IoT, namely LTE-M (Long-Term Evolution Machine Type Communication) and NB-IoT (Narrowband Internet of Things). This thesis investigates and evaluates the current communication protocols for the Internet of Things (IoT), focusing on LTE-M and NB-IoT. It includes a theoretical perspective on IoT, description of mobile technologies and analysis of protocols such as MQTT, CoAP and LwM2M. A practical part is devoted to testing and optimization of these protocols. The result of the work is providing\break a comprehensive overview and practical recommendations for use and configuration communication protocols in the framework of NB-IoT and LTE-M technologies.
|
|
|
Tools for application server penetration testing
Vašíček, Tomáš ; Šeda, Pavel (referee) ; Martinásek, Zdeněk (advisor)
This thesis explores the field of penetration testing of application protocols. The thesis introduces the application protocols FTP, SSH, SMTP, POP3 and IMAP and explores their possible vulnerabilities. Information about vulnerabilities is obtained from publicly available collections such as HackTricks and The Hacker Recipes, but also by studying the RFC documents of each protocol. Based on the vulnerabilities found, penetration testing checklists are constructed to provide guidance through the process of testing a given protocol. The main contribution of the work is the development of a modular automated tool ptapptest and another auxiliary tool ptntlmauth, which are used for penetration testing of the mentioned application protocols. Finally, the thesis concludes by testing the ptapptest tool on application servers discovered using the Shodan search engine.
|
|
|
Security analysis of network protocols
Bednařík, Jan ; Sobotka, Jiří (referee) ; Hajný, Jan (advisor)
The aim of my bachalor’s thesis is security of net protocols analysis. Because of the huge number of net protocols, I’ve decided to choose only a few of them to describe. My task is to describe the TCP/IP model structure in term of security, so I have chosen to devide my thesis into two separate parts. The first part contains describtions of particular TCP/IP layers and adumbration of possibilities of securing. The second part contains more accurate describtions of some chosen protocols, mostly the case of their security. At the close of my work it is my task to describe some utilities and methods which can be used to accomplish an successful attack on chosen net protocols. I have chosen protocols HTTP, FTP and SSL. As the utilities I have chosen programs Wireshark, Brutus and SSLSTRIP.
|
|
|
SSH Public Key Management in FreeIPA and SSSD
Cholasta, Jan ; Smrčka, Aleš (referee) ; Zelený, Jan (advisor)
SSH je jeden z nejpoužívanějších protokolů pro vzdálený přístup v Internetu. SSH je flexibilní a rozšiřitelný protokol, který se skládá ze tří hlavních součástí: SSH transportního protokolu, který obstarává důvěrnost, integritu a autentizaci serveru, SSH autentizačního protokolu, který obstarává autentizaci uživatelů a SSH spojovacího protokolu, který obstarává multiplexování více kanálů různých typů (interaktivní sezení, přesměrování TCP/IP spojení, atd.) do jednoho spojení. OpenSSH je jedna z nejrozšířenějších implemetací SSH. OpenSSH obsahuje SSH server, SSH klienty, generátor SSH klíčů a autentizační agent, který usnadňuje autentizaci pomocí veřejných klíčů. FreeIPA a SSSD jsou projekty poskytující centrální správu identit pro Linuxové a Unixové systémy. Tyto projekty sice v době psaní této práce přímou podporu SSH neobsahovaly, ale do jisté míry je ve spojení s OpenSSH používat možné bylo.
|
|
|
Distributed Brute Force Attacks Protection
Richter, Jan ; Čejka, Rudolf (referee) ; Lampa, Petr (advisor)
This project deals with analysis of brute force attacks focused on breaking authentication of common services (especially ssh) of Linux and xBSD operating systems. It also examines real attacks, actual tools and ways of detection of theese attacks. Finaly there are designed new mechanisms of coordination and evaluation of distributed brute force attacks in distributed environment. These mechanisms are then implemented in distributed system called DBFAP.
|
|
|
Measurement of PlanetLab experimental network
Andrašov, Ivan ; Bečková, Zuzana (referee) ; Komosný, Dan (advisor)
This thesis deals with measurement of transfer parameters for nodes in experimental network PlanetLab. In theoretical part of this thesis we analyse experimental network PlanetLab, basic terminology in this network, its goals and some current projects run- ning under this network. Next we analyse measured network parameters specifically Ping, SSH delay and respond to SCP. Practical part of this thesis is formed around real im- plementation of measurement where in specific sub chapters are written exact problems of said parameter together with source code.
|
|
|
Protecting Local Network Using NetFlow
Hanousek, Vít ; Polčák, Libor (referee) ; Matoušek, Petr (advisor)
This bachelor's thesis deals with the use of NetFlow data for monitoring local networks. There is an analysis of the best known threads for a local network in the first part of the thesis. Detection algorithms based on signature NetFlow detection were implemented for the chosen threads. Four plugins for an open-source application NfSen are outputs of this thesis. These plugins detects the following threads: vertical and horizontal scans, dictionary based attacks on SSH protocol, spam machines.
|
|
| |
|
|
Monitoring of communication properties in Internet
Iľko, Pavol ; Červenka, Vladimír (referee) ; Komosný, Dan (advisor)
This thesis deals with measuring transmission parameters of the Internet network, in particular latency of ping, SSH protocol and bandwidth. The thesis is divided into a theoretical and a practical part. Theoretical part describes PlanetLab network, its brief history and contemporary projects. At the same time, tools for data mining from web pages are described. These information obtained from the theoretical part are used for creating PlanetLab nodes list and for programming applications which measure the network transmission parameters. Applications, list of nodes and obtained data are attached on DVD disc.
|
|
|
Acceleration of Network Traffic Encryption
Koranda, Karel ; Kajan, Michal (referee) ; Polčák, Libor (advisor)
This thesis deals with the design of hardware unit used for acceleration of the process of securing network traffic within Lawful Interception System developed as a part of Sec6Net project. First aim of the thesis is the analysis of available security mechanisms commonly used for securing network traffic. Based on this analysis, SSH protocol is chosen as the most suitable mechanism for the target system. Next, the thesis aims at introduction of possible variations of acceleration unit for SSH protocol. In addition, the thesis presents a detailed design description and implementation of the unit variation based on AES-GCM algorithm, which provides confidentiality, integrity and authentication of transmitted data. The implemented acceleration unit reaches maximum throughput of 2,4 Gbps.
|
guest ::
