|
|
Generator of low-rate DoS attacks
Kaiser, Michal ; Gerlich, Tomáš (referee) ; Sikora, Marek (advisor)
The bachelor thesis is focused on the implementation and issues of Low-rate DoS attacks, where based on this information obtained during the compilation of the bachelor thesis, Low-rate DoS attack generators called NewShrew and LoRDAS are constructed. The reader will be introduced to the general issues of DoS attacks, their operation, and the exploitation of network communication, where these basic attacks will then be divided according to their network flow characteristics, and the Low-rate attacks will be described in more detail. After the theoretical introduction, the NewShrew and LoRDAS attacks are described. Subsequently, the methods of their detection and defense techniques will be introduced. Generators of these attacks are implemented in the Python programming language. These attacks will then be tested on test networks. The result of the thesis will be NewShrew and LoRDAS DoS attacks that attempt to make a web server inaccessible, results of correct settings of attacks, and also detection and prevention system are proposed.
|
|
|
Cyberattack generator
Gajdušek, Ondřej ; Jeřábek, Jan (referee) ; Hajný, Jan (advisor)
This work deals with the enhancement of software which generates cyberattacks. These enhancements are focused on application layer of ISO/OSI model. The firsh part of the work contains general description of cyberattacks. Concrete attacks which this work is dealing with are described more concretely. Next part deals with describing generator software and its enhancement. The last part is describing testing of newly implemented cyberattacks.
|
|
|
Performance and security testing of network applications
Matej, Michal ; Martinásek, Zdeněk (referee) ; Zeman, Václav (advisor)
The aim of this Master's thesis is to design and to implement the security test in considering a resistance of the device under test to the effects of the distributed denial of service attack DDoS SYN Flood. After processing the test results is developed a protocol about security test of the device under test. In this thesis are tested two devices, namely CISCO ASA5510 firewall and a server with the specified name Server. The theoretical part of the thesis discusses the primary types of network attacks such as reconnaissance, gain access and denial of service attacks. Explained the concept of DoS and its principle, further types of DoS attacks and distributed denial of service attacks DDoS.
|
|
|
Detection of modern Slow DoS attacks
Jurek, Michael ; Jonák, Martin (referee) ; Sikora, Marek (advisor)
S rozvojem propojených zařízení v síti internet se počet útoků zvětšuje. Útočníci můžou zneužít takového zranitelného zařízení a vytvořit (D)DoS útok proti své oběti. Tyto útoky se stávají čím dál tím víc sofistikovanější. Proto byla vytvořena nová kategorie DoS útoků s názvem Pomalé DoS útoky, u kterých se útočník snaží napodobit chování standardního uživatele. Útočník se snaží využít všech možností, které mu transportní či aplikační protokol umožňují jako např. náhodné zahazování paketů, neodesílání nebo pozdržování zpráv. Na druhou stranu tvorba vlastních aplikačních výplní těchto protokolů může způsobit stav odepření služby na cíleném aplikačním serveru. Tato práce navrhuje klasifikaci síťových toků a volbu parametrů, které můžou pomoci s detekcí pomalých DoS útoků. Mezi vybranými pomalými DoS útoky jsou Slow Read, Slow Drop a Slow Next. Pro každý útok je popsán proces komunikace z pohledu transportní a aplikační vrstvy. Dále jsou vybrány důležité parametry popisující tyto útoky a v neposlední řadě jsou diskutovány metody a nástroje umožňující tvorbu takových útoků. Tato práce se zabývá možnostmi a nástroji tvorby spojení pro útok a diskutuje základní komunikační koncepty tvorby paralelních spojení. Dále je navržen vlastní generátor pomalých DoS útoků s velkým množstvím parametrů, pomocí nichž může útočník definovat vlastní pomalé DoS útoky. Následující část popisuje testovací prostředí pro testování generovaných útoků, scénáře a nástroje zachycování síťového provozu pro tvorbu vlastního datového souboru, jež je dále použit pro detekci pomalých DoS útoků pomocí metod strojového účení s učitelem. Konrétně jsou použity rozhodovací stromy a náhodné lesy k výběrů důležitých paramterů či sloupců použitelných pro detekci pomalých DoS útoků.
|
|
| |
|
|
Detection of anomalies in network traffic using compression methods
Blažek, Libor ; Dvořák, Jan (referee) ; Blažek, Petr (advisor)
The objective of the thesis is to design a practical demonstration of the functionality of selected compression methods. The following chapters will discuss the attacks on terminals and mentioned some measures. The show will be processed using two methods development environment. The attacks will detect anomalies in the network and subsequently carried out at one of the sample data compression methods. Data will be collected as normal operation at the terminal station, and then in the attack.
|
|
|
Securing IP PBX against attacks and resistance testing
Kakvic, Martin ; Šedý, Jakub (referee) ; Šilhavý, Pavel (advisor)
This diploma thesis focuses on attacks on PBX Asterisk, FreeSWITCH and Yate in LTS versions. In this work was carried out two types of attacks, including an attack DoS and the attack Teardown. These attacks were carried out using two different protocols, SIP and IAX. During the denial of service attack was monitored CPU usage and detected if its possible to establish call and whether if call can be processed. The Security of PBX was build on two levels. As a first level of security there was used linux based firewall netfilter. The second level of security was ensured with protocols TLS and SRTP.
|
|
|
Behavioral Analysis of DDoS Network Attacks
Kvasnica, Ondrej ; Homoliak, Ivan (referee) ; Očenášek, Pavel (advisor)
This bachelor thesis deals with anomaly detection in computer networks using artificial intelligence method. Main focus is on the detection of DDoS attacks based on the information from the lower layers of the OSI model. The target is to design and implement a system that is capable of detecting different types of DDoS attacks and characterize common features among them. Selected attacks are SYN flood, UDP flood and ICMP flood. Description and feature selection of the attacks is included. Furthermore, a system is designed that evaluates whether the network traffic (organized into flows) is a DDoS attack or not. Attacks are detected using the XGBoost method, which uses supervised learning. The final model is validated using cross-validation and tested on attacks generated by the author.
|
|
|
Cyber Attacks in JMeter
Klimeš, Jan ; Člupek, Vlastimil (referee) ; Číka, Petr (advisor)
Bachelor thesis deals with the security of computer networks based on TCP/IP protocol stack. The main aim is to create extension modules for application JMeter that add features to the software generate DoS attacks, SYN flood, UDP flood, DNS Server attack and DNS Amplification using applications Trafgen. The theoretical part generally describes cyber attacks, associated with network protocols and application JMeter itself. The practical part contains a description of the graphical interface of the expansion modules, each class which the modules consist of and test results.
|
|
|
Protection Against DoS Attacks Using P4 Language
Vojanec, Kamil ; Fukač, Tomáš (referee) ; Kučera, Jan (advisor)
This thesis focuses on reimplementation of existing DoS (Denial of Service) attack mitigation device with high-level P4 programming language. The main reason for using P4 is to enhance adaptability and functionality to different types of DoS attacks. The created device is designed in a modular way and enables easy alterations by using interchangeable components. The target platform for this thesis is an FPGA acceleration card. The work results in designing several DoS mitigation components and implementing applications composed of these components. Pats of this work have been presented at IEEE ANCS (Symposium on Architectures for Networking and Communication Systems) in September 2019 at University of Cambridge.
|
guest ::
