|
|
DPDK Accelerated Firewall
Holubář, Jiří ; Fukač, Tomáš (referee) ; Vrána, Roman (advisor)
Nowadays, when almost everyone uses the Internet, network traffic security must also be ensured. This is what firewall helps with. Some routes require higher bandwidth than others. This thesis explores possibilities of using the DPDK library when implementing the firewall in order to achieve the highest possible bandwidth.
|
|
|
Control and monitoring unit for optical link station
Ovčáček, Martin ; Kolka, Zdeněk (referee) ; Prokeš, Aleš (advisor)
The aim of Master's thesis "Control and monitoring unit for optical link station" is design of hardware and software of unit, which provides remote control and data transfer through Internet. It is required monitoring and setting analog parameters of optical link station by web service. It includes description of Ethernet and net protocols. The core of unit are microcontroller C8051F120 and ethernet controller CP2200 made by Silicon Laboratories.
|
|
|
Monitoring Hybrid Net Infrastructure
Janda, Martin ; Plchot, Oldřich (referee) ; Smrž, Pavel (advisor)
This bachelor thesis follows developement of automatic monitoring system of devices in hybrid network for SELF servis company. System's purpose is to check availability by ICMP packets and to watch values by SNMP protocol. In this text you'll find description of requirements analysis, design of the system and implementation. In the last chapter follows results from real use and ideas for further development.
|
|
|
Geolocation in Internet using network topologies
Dvořák, Filip ; Verner, Lukáš (referee) ; Komosný, Dan (advisor)
The thesis discusses about modern geolocation methods and it describes the basic principles of their work. The work is divided into 2 parts - the theoretical one and the practical one. The first part of the thesis is focused on the description of these methods and on the explanation of its basic concepts which are used for determining of the physical position of the station according to its IP address. The second more extensive part of the work focuses on the description of the realization of algorithm in the Octant method in the programming language of Java and its use in the experimental net of PlanetLab. One important thing is to create a set of reference points and targets, which are necessary for the testing of the whole algorithm of the Octant Method. The results of estimated accuracy of target location obtained by the Octant method and their comparison with the results obtained by active methods of CBG, SOI and with the passive method of GeoIP are listed at the end of this work.
|
|
|
Optimization of network position prediction
Pospíšil, Petr ; Pfeifer, Václav (referee) ; Burget, Radim (advisor)
This work is about position prediction in network, it is focused to find Landmark closest to the Host in the network (with lowest distance vector). The algorithm is based on GNP system. In terms of GNP system simulation was selected method for mathematical part of position prediction. The method was Simplex Downhill. The designed algorithm was implemented in Java. In the first step chose Host continent by meassuring the distance vector. In next step is selected nearest part in the continent. In conclusion estimate Host its position and then closest Landmark. Results from this work is important for designing TTP protocol. The verdict is that the GNP can be used for TTP, but Landmarks must be located in uniform density.
|
|
|
Cyberattack generator
Gajdušek, Ondřej ; Jeřábek, Jan (referee) ; Hajný, Jan (advisor)
This work deals with the enhancement of software which generates cyberattacks. These enhancements are focused on application layer of ISO/OSI model. The firsh part of the work contains general description of cyberattacks. Concrete attacks which this work is dealing with are described more concretely. Next part deals with describing generator software and its enhancement. The last part is describing testing of newly implemented cyberattacks.
|
|
|
Implementation of plugins for JMeter
Švehlák, Milan ; Člupek, Vlastimil (referee) ; Martinásek, Zdeněk (advisor)
This thesis discusses the load testing tool JMeter and its opportunities for expansion by modules carrying out cyber attacks of the type Denial of Service (DoS). To begin with, there is a theoretical overview of cyber attacks of this type. The following chapter, talks about the JMeter tool, namely its functions and expansion options. After that, it is proceeded to the actual design and realization of the modules. The module implementing the attack HTTP Flood is created first. This module uses internal functions of the program JMeter. This new module is tested. Next chapter folows the procedure of creating modules, that use external generator of network traffic. Modules SYN Flood, ICMP Flood and NTP Flood are implemented using the generator Trafgen. Module implementing attack Slowloris uses a Python script as a generator of the attack. Finally, all the new modules are tested.
|
|
|
Computer Identity Based on Its Internal Clock Skew
Franková, Barbora ; Matoušek, Petr (referee) ; Polčák, Libor (advisor)
Thesis deals with remote computer identification based on its internal clock skew. It describes various methods to collect and evaluate time-related data extracted from TCP, ICMP and Javascript. Software package that implements some of those methods is attached as well. During the work, many experiments were carried out to find out possible effects of certain factors. Tests were aimed on software (operation systems, web browsers and time synchronization) as well as hardware (temperature, power source, distance and network connection type) of the remote systems. Interesting results were discovered in areas of IPv4/IPv6 address pairing and NTP time synchronization.
|
|
|
Network topologies and their monitoring
Sirotný, Miroslav ; Jeřábek, Jan (referee) ; Polívka, Michal (advisor)
The master’s thesis deals with computer networks, which are currently the global communication infrastructure and play a very important role in today’s society. Most of us can be unaware of how often we interact with these networks. We almost constantly come into contact with them. They allow us to communicate through the Internet via services such as: email, skype, icq, facebook, etc... The work focuses on the design and implementation of a robot designed for exploration and mapping of computer network topology and protocols HTTP and ICMP. The theoretical part is dedicated to computer networks, seventh and third-layer ISO/OSI model, protocol HTTP and ICMP attacks against DNS, DoS attacks and detection systems and avoiding distortaions.
|
|
|
Detection of DoS and DDoS attacks in IPv6
Frátrik, Tibor ; Fujdiak, Radek (referee) ; Holasová, Eva (advisor)
This bachelor thesis in the theoretical part contains a description of the network and transport layer. The protocols of individual layers are also discussed. It is primarily about their function and safety. Individual attacks are also related to these layers. In this thesis are mentioned DoS (denial-of-service) and DDoS (distributed denial-of-service) attacks. Furthermore, the bachelor thesis mentioned detection and mitigation tools, and the possible solutions. The practical part contains descriptions of detections that were created in the Snort and Suricata programs. Finally, the individual detections and mitigations were also tested. In the detection of DoS attacks, the Suriata and Snort programs focused primarily on the number of packets per unit time. Detection in the Scapy program was focused mainly on individual ports of the transport layer. The goal was for DoS attacks to be detected and for ordinary network traffic not to be detected.
|
guest ::
