|
|
Network Protocol Analyzer
Takács, Tamás ; Žádník, Martin (referee) ; Tobola, Jiří (advisor)
Bachelor's thesis describes an implementation of a network analyzer with an easy graphical web interface. Network Analyzer captures network communication and allows the detailed analysis. Its main task is to monitor data flows and identify protocols, which are situated on application-layer model TCP / IP. Thesis describes two types of possible identification of application protocols, which are based on the port number and the payload content TCP packet / UDP datagram. Web interface provides an overview of the output values of the network analyzer.
|
|
|
BigData Approach to Management of Large Netflow Datasets
Melkes, Miloslav ; Ráb, Jaroslav (referee) ; Ryšavý, Ondřej (advisor)
This master‘s thesis focuses on distributed processing of big data from network communication. It begins with exploring network communication based on TCP/IP model with focus on data units on each layer, which is necessary to process during analyzation. In terms of the actual processing of big data is described programming model MapReduce, architecture of Apache Hadoop technology and it‘s usage for processing network flows on computer cluster. Second part of this thesis deals with design and following implementation of the application for processing network flows from network communication. In this part are discussed main and problematic parts from the actual implementation. After that this thesis ends with a comparison with available applications for network analysis and evaluation set of tests which confirmed linear growth of acceleration.
|
|
|
Stress tester
Charvát, Ondřej ; Martinásek, Zdeněk (referee) ; Zeman, Václav (advisor)
The diploma thesis deals with network infrastructure load testing. It’s target is to design and implement a network probe which will be in a form of JMeter plugin one of the components in load tester project. It offers sufficient theoretical basis about load testing, analyzes different types of DoS which can be used to stress the tested infrastructure and also discusses some solutions for load testing realization used in practice. Following is a study of possible ways for realization of the probe with help of several open-source tools. The suitability of individual tools is evaluated from the point of view of the network probe requirements and then the most suitable ones are selected as the basis for it’s implementation. Then, a network probe design is constructed in which it’s functionality is divided into two separated plug-ins, a network probe itself and a server emulator, and the implementation phase is commenced. The implementation is done in Java programming language to allow the new components to use all the neccessary JMeter API functions. The structure of individual parts of the modules as well as many implementation details are analyzed thoroughly in the text. The final chapter of the thesis describes function of the newly created components. After their installation into the load tester the procedure and the results of the functional testing are presented. This thesis describes the whole process of developing a plug-in for JMeter software.
|
|
|
Generator of illegitimate network traffic
Blažek, Ondřej ; Smékal, David (referee) ; Blažek, Petr (advisor)
The diploma thesis deals with the problems of DoS/DDoS attacks and development of a tool, in C lanugage, for generating them. In the first chapter the principles of DoS attacks targeting the internet and transport layers of ISO/OSI model are described and also according to their characteristics divided. Selected attacks on the application layer are also described here in detail togehter with protocols which they are based on. In the following chapter there has been created a comparison of freely available tools, which could be used as a attack generators. The practical part is dedicated to a development of a tool for DoS attacks, especially design, general description and usage. Further there is a summary of the newly created library, including results of web server testing, and extensions of a web interface, which is part of the developed tool.
|
|
|
Generator for simulation of SCADA attacks
Hudec, Jan ; Fujdiak, Radek (referee) ; Blažek, Petr (advisor)
Output of this bachelor’s thesis is an attack generator aimed on IEC 61850 protocol using the libpcap library. Part of the output is also a simulation of devices which are normally present in SCADA systems. Theoretic part aims to explain protocols DNP3, IEC 60870 and IEC 61850 more in-depth and further focus is on the attacks. Practical part contains attack implementation that aim on communication between SCADA units, more precisely on GOOSE and Sampled Values frames. Simulated devices generate this communication using the libiec61850 library. Attacks are aimed on that communication.
|
|
|
Network Protocol Analyzer
Hlísta, Juraj ; Žádník, Martin (referee) ; Tobola, Jiří (advisor)
Bachelor's thesis is concerned with methods of protocol detection at seventh layer of ISO/OSI network model. It focuses on proposal and implementation of a system which is able to identify aplication protocols from packet's data field. This part of packet contains signatures that the analyzer searches for using regular expressions. The application was written in C programming language using libpcap library that provides API for capturing network communication.
|
|
|
IPv6 Hosts Monitoring
Rapavý, Martin ; Kašpárek, Tomáš (referee) ; Lampa, Petr (advisor)
This thesis is dedicated to network layer protocol IPv6, purposes of its creation and penetration. Former chapters briefly describe IPv6 protocol format and protocols, methods and technologies related to IPv6. The thesis summarizes security risks and flaws in IPv6 and ICMPv6 protocols. In context of the risks and flaws the thesis describes several of local ICMP attacks. It also mentions security incidents resulting from exploiting those security flaws and means of countermeasures. One of the used countermeasures is passive monitoring of ICMP messages. Thesis contains brief description of tool used to achieve this - NDPMon with its advantages, disadvantages and concepts of usage. Rest of the thesis describes design and implementation of monitoring tool similar to NDPMon, but with some improvements.
|
|
|
Generator for simulation of SCADA attacks
Hudec, Jan ; Fujdiak, Radek (referee) ; Blažek, Petr (advisor)
Output of this bachelor’s thesis is an attack generator aimed on IEC 61850 protocol using the libpcap library. Part of the output is also a simulation of devices which are normally present in SCADA systems. Theoretic part aims to explain protocols DNP3, IEC 60870 and IEC 61850 more in-depth and further focus is on the attacks. Practical part contains attack implementation that aim on communication between SCADA units, more precisely on GOOSE and Sampled Values frames. Simulated devices generate this communication using the libiec61850 library. Attacks are aimed on that communication.
|
|
|
Network Protocol Analyzer
Pšorn, Daniel ; Žádník, Martin (referee) ; Tobola, Jiří (advisor)
Object of this thesis is to find the way how to program network protocol analyzer on the highest level of ISO/OSI model. We need to use some of the methods for detection of application protocols. The software described in this thesis uses traditional application level traffic identification method and signature-mapping-based method. Basic platform is FreeBSD operating system. Programming language is C using libpcap library.
|
|
|
Anonymization of PCAP Files
Navrátil, Petr ; Hynek, Jiří (referee) ; Holkovič, Martin (advisor)
This diploma thesis deals with the design and implementation of an application suitable for the anonymization of PCAP files. The thesis presents TCP/IP model and for each layer highlights attributes that can be used to identify real people or organizations. Some of the anonymization methods suitable to modify highlighted attributes and sensitive data are described. The implemented application uses TShark tool to parse byte data of PCAP format to JSON format that is used in the application. TShark supports lots of network protocols which allows the application to anonymize various attributes. Anonymization process is controlled by anonymization politics that can be customized by adding new attributes or anonymization methods.
|
guest ::
