|
|
Application Data Extraction from Network Protocols
Januš, Filip ; Jeřábek, Kamil (referee) ; Holkovič, Martin (advisor)
This thesis is focused on design and implementation of tool for data extraction from captured network communication. The theoretical part deal with particular network protocols, its behavior, defines keywords and apprises with used tools. Second part is focused on design and implementation of extraction tool, design of declaration language for description of protocols. In the extractor are included third-party tools for analysis particular packets and reconstruction network flows. These tools together with designed declarative language are used due to requirement on easy extendability of designed tool. The end of this thesis is dedicated functional and performance testing of implemented tool.
|
|
|
Network Protocols Semiautomatic Diagnostics
Svoboda, Ondřej ; Ryšavý, Ondřej (referee) ; Holkovič, Martin (advisor)
This thesis is about semiautomatic network protocol diagnostics and creating protocol description from eavesdropped communication. Several network eavesdropping techniques and some common programs for network analysis are introduced. Well-known network protocols are described, with focus on their communication messages. Some already existing methods for creating models from examples are mentioned and their characteristics defined. Next we design architecture of developed tool and some methods, that create protocol description. After that we explain implementation of this tool and finally the tool is tested and experimented with.
|
|
|
Anonymization of PCAP Files
Navrátil, Petr ; Hynek, Jiří (referee) ; Holkovič, Martin (advisor)
This diploma thesis deals with the design and implementation of an application suitable for the anonymization of PCAP files. The thesis presents TCP/IP model and for each layer highlights attributes that can be used to identify real people or organizations. Some of the anonymization methods suitable to modify highlighted attributes and sensitive data are described. The implemented application uses TShark tool to parse byte data of PCAP format to JSON format that is used in the application. TShark supports lots of network protocols which allows the application to anonymize various attributes. Anonymization process is controlled by anonymization politics that can be customized by adding new attributes or anonymization methods.
|
|
|
Detection of Network Attacks Using Tshark
Dudek, Jindřich ; Ryšavý, Ondřej (referee) ; Holkovič, Martin (advisor)
This diploma thesis deals with the design and implementation of a tool for network attack detection from a captured network communication. It utilises the tshark packet analyser, the meaning of which is to convert the input file with the captured communications to the PDML format. The objective of this conversion being, increasing the flexibility of input data processing. When designing the tool, emphasis has been placed on the ability to expand it to detect new network attacks and on integrating these additions with ease. For this reason, the thesis also includes the design of a complex declarative descriptions for network attacks in the YAML serialization format. This allows us to specify the key properties of the network attacks and the conditions for their detection. The resulting tool acts as an interpreter of proposed declarative descriptions allowing it to be expanded with new types of attacks.
|
|
|
Anonymization of PCAP Files
Navrátil, Petr ; Hynek, Jiří (referee) ; Holkovič, Martin (advisor)
This diploma thesis deals with the design and implementation of an application suitable for the anonymization of PCAP files. The thesis presents TCP/IP model and for each layer highlights attributes that can be used to identify real people or organizations. Some of the anonymization methods suitable to modify highlighted attributes and sensitive data are described. The implemented application uses TShark tool to parse byte data of PCAP format to JSON format that is used in the application. TShark supports lots of network protocols which allows the application to anonymize various attributes. Anonymization process is controlled by anonymization politics that can be customized by adding new attributes or anonymization methods.
|
|
|
Application Data Extraction from Network Protocols
Januš, Filip ; Jeřábek, Kamil (referee) ; Holkovič, Martin (advisor)
This thesis is focused on design and implementation of tool for data extraction from captured network communication. The theoretical part deal with particular network protocols, its behavior, defines keywords and apprises with used tools. Second part is focused on design and implementation of extraction tool, design of declaration language for description of protocols. In the extractor are included third-party tools for analysis particular packets and reconstruction network flows. These tools together with designed declarative language are used due to requirement on easy extendability of designed tool. The end of this thesis is dedicated functional and performance testing of implemented tool.
|
|
|
Detection of Network Attacks Using Tshark
Dudek, Jindřich ; Ryšavý, Ondřej (referee) ; Holkovič, Martin (advisor)
This diploma thesis deals with the design and implementation of a tool for network attack detection from a captured network communication. It utilises the tshark packet analyser, the meaning of which is to convert the input file with the captured communications to the PDML format. The objective of this conversion being, increasing the flexibility of input data processing. When designing the tool, emphasis has been placed on the ability to expand it to detect new network attacks and on integrating these additions with ease. For this reason, the thesis also includes the design of a complex declarative descriptions for network attacks in the YAML serialization format. This allows us to specify the key properties of the network attacks and the conditions for their detection. The resulting tool acts as an interpreter of proposed declarative descriptions allowing it to be expanded with new types of attacks.
|
|
|
Network Protocols Semiautomatic Diagnostics
Svoboda, Ondřej ; Ryšavý, Ondřej (referee) ; Holkovič, Martin (advisor)
This thesis is about semiautomatic network protocol diagnostics and creating protocol description from eavesdropped communication. Several network eavesdropping techniques and some common programs for network analysis are introduced. Well-known network protocols are described, with focus on their communication messages. Some already existing methods for creating models from examples are mentioned and their characteristics defined. Next we design architecture of developed tool and some methods, that create protocol description. After that we explain implementation of this tool and finally the tool is tested and experimented with.
|
|
|
Diagnostics of Interactive Network Communication
Adamčík, Lukáš ; Martínek, Tomáš (referee) ; Žádník, Martin (advisor)
This thesis deals with the issue of blackouts and losses in the interactive network communication. In the introduction the basic theory of network communication is explained. Important part of the thesis presents communication analysis of applications Remote Area, SJphone and internet game Billiards. The main objective is to create a tool for detection of the blackouts during the communication of these applications. The results of the thesis are tests evaluating the ability of detection of the blackouts by the interactive network communication.
|
|
|
XML Representation of Network Traffic
Novák, Martin ; Ščuglík, František (referee) ; Ráb, Jaroslav (advisor)
This bachelor work deals with the representation of captured network traffic in XML and storing within a database system Oracle by using XML schema. The beginning explains the basics of computer networks, network management and network protocols that are captured. Followed by chapters on network traffic analyzer, NetPDL format used to describe intercepted traffic, a chapter devoted to the foundation of relational database systems and the foundation of Oracle database system. At the end of the bachelor work there are chapters dealing with the created XML schemas, implementation of the program, program tools and the description how to use the program.
|
guest ::
