|
|
Honeypot for LoRaWAN protocol
Zhukova, Viktoriia ; Pospíšil, Jan (referee) ; Pospíšil, Ondřej (advisor)
The bachelor’s thesis in the theoretical section focuses on LoRaWAN technology. It describes network communication, LoRaWAN security, vulnerabilities, and mitigation measures. The second half of the theoretical section focuses on describing honeypot technology and its distribution, listing its advantages and disadvantages, and comparing IoT honeypots. The practical section focuses on building an experimental environment. There is a description of the selected hardware and software. It describes the commissioning of the LoRaWAN network, the configuration of the gateway, and the startup of the LoRaWAN server. Next, the whole procedure of honeypot assembly is described. Two variants of high-interaction honeypot are described and investigated. One without the use of sandboxing and using a firewall, the other with the use of sandboxing and an implementation of chroot/jail.
|
|
|
Analyzis of Parallel Honeypot Tools
Antal, Lukáš ; Chmelař, Petr (referee) ; Drozd, Michal (advisor)
This bachelor thesis analyzes the selected shadow honeypot tool. The thesis explaines the need for having tool for early detection of a new type of cyber-attack. Shadow honeypot tool analyzed in the thesis is called Argos. Argos is one of the results of the international project called European Network of Affined honeypots (NoAH). The thesis includes thorough analysis and testing of Argos tool. The paper also includes implementation of Argos log files parsing utility.
|
|
|
Implementation of Honeypot tool for monitoring and analysis of network attacks
Němeček, Ladislav ; Červenka, Vladimír (referee) ; Bartl, Milan (advisor)
The goal of this thesis is to describe and categorize the malicious software. Thesis deals with the network attacks and the protection against them as well as how to detect and analyze the attack by the eligible tools. The next part of the thesis deals with the honeypot topic and the possibilities of detection using this software, specifically then the Argos tool. The installation, usage, and the methods of detection of the tool are also being described. The next chapter describes how to secure the honeypot against abuse. Last but not least, the thesis also contains the results of the network monitoring, attacks on the honeypot, and describes the log files used by Argos to interpret the results of the attack detection.
|
|
|
Honeypot: a tool for fighting malware
Karger, David ; Lieskovan, Tomáš (referee) ; Hajný, Jan (advisor)
This bachelor thesis is focused on deploying a honeypot to fight malware. The aim was to study the issue of honeypots and their use in detection and analysis of malware. The first part is dedicated to malware, its history and individual types. The so-called botnet is described in the next part. The last part is devoted on the honeypot itself and its distribution. The practical realization is done through honeypots Cowrie and Mailoney.
|
|
|
Automatic Honeypots Deployment and Data Gathering
Ďuriš, Tomáš ; Pluskal, Jan (referee) ; Zobal, Lukáš (advisor)
This work deals with honeypots deployment automation, data collection from honeypots and the deployment of a monitoring system with alerts. The aim was to study the issue of honeypots, choose tools for their deployment, maintenance and collection of provided data together with creation of automatic deployment system for multiple types of honeypots. The first part of the work is devoted to the theory of honeypots, their distribution and type. Furthermore, the work mentions the comparison of individual configuration tools. The practical part is devoted to the use of a selected configuration tool Ansible in cooperation with existing open-source applications to build a fully automated system for the deployment and monitoring of honeypots, collection of provided data and their visualization. Puppet
|
|
|
Capturing cyber-threats of industrial systems
Dobrík, Andrej ; Pospíšil, Ondřej (referee) ; Fujdiak, Radek (advisor)
S vedomím že kybernetické útoky stoja korporácie každoročne miliardy, počínajúc neoprávnenými útokmi, distribuovanými útokmi odmietnutia služieb (DDOS) až po vírusy a počítačové červy atď., prichádza problém s nástrojmi, ktoré majú k dispozícii správcovia systému. Táto diplomová práca sa venuje skúmaniu jedného z takýchto nástrojov, Honeypot. Presnejšie, Honeypot zariadeniam pre priemyselné riadiace systémy. Od historicky počiatočných implementácií takýchto systémov, cez analýzu súčasných riešení až po vytvorenie nového riešenia Honeypot, s vysokou mierou interakcie a následným nasadením na nový virtuálny súkromný server, po ktorom nasleduje analýza narušení, ktoré sa vyskytnú počas obdobia nasadenia.
|
|
| |
|
|
Modern computer viruses
Malina, Lukáš ; Malý, Jan (referee) ; Pust, Radim (advisor)
Bachelor’s thesis “Modern computer’s viruses” is composed from two mainly object (analysis computer’s viruses and suggestion of security middle computer network), separated for three parts: Analysis computer’s viruses, Personal suggestion of security personal computer end-user (computer terminal) and Personal suggestion of security middle computer network. Methods of transmission and infection, specific properties of viruses and impact upon personal computers are examined in the first part. Resolution of personal suggestion of security personal computer with help of antivirus software, personal firewall and antispam software is inducted in the second part. Futher, results of testing some free AV software and other security software are summarized with possible progress of configuration and recommendation for correct running this software. Complex suggestion of security middle computer network is adduced in the third part, where is inducted structure of security network. Configuration progression and recommendation for maximum security is indicated on particular used components. Structure is adapted for active network Cisco components, which are most used around these days. Completely suggestion of security network is directed on hardware firewall Cisco PIX, where is unfolded potential possibility of options. Futher, the third part contain some important tips and recommendation for completely working network, including setting security preference, security passwords and data encryption. Also, there is described various techniques monitoring and supervision working security network using complex monitoring software MARS (Cisco security monitoring, analyzing and response system) from Cisco company.
|
|
|
SS7 Honeypots - Proactive Mobile Networks Fraud Protection
Kubiš, Juraj ; Veselý, Vladimír (referee) ; Pluskal, Jan (advisor)
This diploma thesis deals with the issue of attacks and fraud against mobile networks, with the main aim being implementation of a honeypot-type tool possessing the ability to respond to these accordingly. Thus, this thesis contains a basic introduction into mobile networks, their topology and commonly used protocols, along with analysis of their general security. This is followed by a clarification of the term honeypot itself, with an explanation of motivations for its deployment into the networks, together with listing of advantages and disadvantages such deployment may bring. The rest of the thesis deals with the actual implementation of such tool, specifically with its design, realisation and testing. This thesis presents a method for responding to the supported frauds, a detailed description of the implementation, configuration and outputs of the tool. The process of testing whether the implementation corresponds to the presented design is described here. The implemented tool is evaluated and its further possible improvements are discussed.
|
|
|
Metrics for Intrusion Detection in Network Traffic
Homoliak, Ivan ; Chmelař, Petr (referee) ; Drozd, Michal (advisor)
Publication aims to propose and apply new metrics for intrusion detection in network traffic according to analysis of existing metrics, analysis of network traffic and behavioral characteristics of known attacks. The main goal of the thesis is to propose and implement new collection of metrics which will be capable to detect zero day attacks.
|
guest ::
