|
|
Detection of attacks targeted at web applications
Jégrová, Eliška ; Gerlich, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
This thesis is dealing with vulnerabilities of web applications. The aim of the work is to create tools for attack detection of certain attacks, specifically Same Origin Method Execution (SOME), XML Signature Wrapping attack, XPATH Injection, HTTP Response Smuggling and Server-Side Includes (SSI) injection. Another aim is to create logs that display detected attacks. In the first part, the theory is analyzed and vulnerabilities of chosen attacks are described including their misuse. In the next section there are web application implemented which contain vulnerabilities for successful execution of the attacks. Furthermore, in Python language detection methods are designed and developed for these attacks, which are accompanied by a log entry.
|
|
|
Digital Image Watermarking
Šujan, Miroslav ; Říha, Kamil (referee) ; Číka, Petr (advisor)
The bachelor´s thesis deals with the problem of static digital watermarking in frequency domain. It is a process of adding secret information to the original data without any negative influence to them, while in the same time making sure that the identification and hidden watermark cannot be removed easily. The main aim of this thesis is to sum up the current techniques of watermarking, to carry out of two watermarking techniques and a test of resistance to attacks against them.
|
|
|
Advanced methods of filtering network traffic in the Linux system
Peša, David ; Komosný, Dan (referee) ; Kacálek, Jan (advisor)
This master's thesis is meant to provide techniques in designing and building a standalone packet filtering firewall in Linux machines, mainly for small sites who don’t give much service to Internet users. It deals with attenuating the effect of the most common types of attacks using iptables. It guides how to design, implement, run, and maintain Firewall. Techniques for continuously monitoring attacks is attempted. It also give a historical, architectural and technical overview of firewalls and security attacks.
|
|
|
Tool for Analysis of JavaScript to Detect DOM XSS Vulnerabilities in Web Applications
Barnová, Diana ; Polčák, Libor (referee) ; Homoliak, Ivan (advisor)
The main goal of this thesis is to design a tool for analisys of JavaScript to detect DOM--based XSS vulnerability in web applications. Then to implement it and test it ethically. Cross--side Scripting (XSS) is one of the most common injection attacks on web applications that insert malicious code in an otherwise trusted site. An interpreted response by the browser is required for the detection and subsequent exploitation of DOM--based XSS vulnerabilities, therefore the tool captures the response from the Burp Suite proxy server. The analysis of this response uses two separate regular expressions aimed at searching for sources and sinks in the source code of the response. A set of payloads is used to determine if a site is exploitable. Subsequently, the user is warned of the possible danger. The output is a text file summarizing the results for the URL.
|
|
|
Distributed Brute Force Attacks Protection
Richter, Jan ; Čejka, Rudolf (referee) ; Lampa, Petr (advisor)
This project deals with analysis of brute force attacks focused on breaking authentication of common services (especially ssh) of Linux and xBSD operating systems. It also examines real attacks, actual tools and ways of detection of theese attacks. Finaly there are designed new mechanisms of coordination and evaluation of distributed brute force attacks in distributed environment. These mechanisms are then implemented in distributed system called DBFAP.
|
|
|
DNS Service Attacks Simulation
Navrátil, Tomáš ; Kekely, Lukáš (referee) ; Kováčik, Michal (advisor)
The theme of this bachelor‘s thesis is the simulation and detection of cybernetic attacks on the DNS service. The goal was to simulate chosen attacks, analyze their behavior and create a tool capable of detecting these attacks in network traffic and replicating them for research purposes. The tool was able to successfully detect DNS attacks in normal network conditions. These results are discussed further at the conclusion of this paper, along with possible uses this application might have to other developers, and ways the program could be improved or extended in the future.
|
|
|
Cyberattack generator
Gajdušek, Ondřej ; Jeřábek, Jan (referee) ; Hajný, Jan (advisor)
This work deals with the enhancement of software which generates cyberattacks. These enhancements are focused on application layer of ISO/OSI model. The firsh part of the work contains general description of cyberattacks. Concrete attacks which this work is dealing with are described more concretely. Next part deals with describing generator software and its enhancement. The last part is describing testing of newly implemented cyberattacks.
|
|
|
Network attacks by Cain & Abel
Smékal, Lukáš ; Stančík, Peter (referee) ; Sobotka, Jiří (advisor)
This Master’s thesis is dealt in the local area network security, cryptographic algorithms, particular attacks on computer networks a practical application these attacks in local area networks. To application particular attacks is used the Cain & Abel program. The detailed manual for this program is created from the results of these attacks. This manual contains the exhibits of usage particular program tools and the attack application exhibits. This manual considers consequences of particular attacks and summarises achieved results during work with tools too. Master thesis closely deals with one of the program tools called RSA SecureID Token Calculator. Authentication via hardware tokens is contained in this Master thesis. Thesis contains the way of authentication using RSA SecureID Token Calculator without physical owning of the hardware token. Cain & Abel program shows and interprets why cashed passwords in operation system are dangerous and it shows methods how attacker can reveal this passwords from the operation system memory. This Master thesis is focused on sniffing credentials and passwords in local area networks and it is focused on cryptographic algorithms cracking for username and passwords revealing.
|
|
|
Distributed systems for cryptoanalysis
Vašek, Jiří ; Trzos, Michal (referee) ; Sobotka, Jiří (advisor)
This thesis should introduce a reader with basic objectives of parallel computing followed by distributed systems. The thesis is also aimed at description of cryptographic attacks. The main point should be to obtain theoretic information for design of distributed system for cryptoanalysis.
|
|
|
Detection and mitigation of cyber attacks at local area networks
Racka, Jan ; Lieskovan, Tomáš (referee) ; Gerlich, Tomáš (advisor)
The bachelor thesis is focused on the detection and mitigation of flood attacks in local area networks. The thesis can be divided into two parts. In the theoretical part, first flooding attacks are described. Then, the problem of attack detection is discussed in depth, including the implemented detection methods. Subsequently, the classification of detection tools by location is discussed and examples of detection tools are given. The last theoretical section is devoted to network mapping methods and topology detection tools. In the practical part, the design of the IDS and the test network is discussed. The network consists of three end devices namely: the IDS, the victim and the attacker. A Mikrotik router is used to ensure connectivity between all the devices. The IDS has been implemented in Python and is composed of individual modules that extend its functionality. The most important module is the detection module, which contains detection methods against SYN Flood, UDP Flood, ICMP Flood attacks and one universal comprehensive method against all flood attacks. The ARP Scan module allowed the IDS to map the network and use ARP queries to detect the presence of endpoint devices in the network. The learning module made it easier to set up rules for each detection method by monitoring network traffic over a period of time. It then determines appropriate rule values from the detected data. The SSH module provided IDS with the ability to proactively respond to attacks and disconnect the attacker from the rest of the network. ARP Scans also use the SSH module to discover information about guests. The IDS has been tested in both virtual and real environments. The results show that the developed detection methods work and the IDS can stop the attack in a reasonable time. ARP Scanning was also tested and was able to detect new guests on average in the first pass. The effect of IDS on communication was also monitored and found to be minimal.
|
guest ::
