|
|
Network Attack Simulator
Filičko, Dávid ; Kováčik, Michal (referee) ; Bartoš, Václav (advisor)
The thesis discusses about study of networks attacks and framework monitoring packets in the network. It proceeds especially network attacks, which can be detected without knowledge about the contents of packets. The aim of this thesis is to develop the simulator based on detected features, which will simulate these attacks. The output from the simulator will be created in the Nemea framework to improve the quality of tools of detection and prevention of given attacks. The simulator will be functioning for testing purpose only. Under no circumstances it will be possible to realize individual attacks.
|
|
|
Network Attack Generator
Buček, Hynek ; Košař, Vlastimil (referee) ; Bartoš, Václav (advisor)
This thesis is focused on the study of the best-known network attacks, especially on those that can be theoretically detected without knowledge of the contents of transmitted messages. The goal is to use the basis of acquired knowledge to create a tool that will simulate the behavior of the communication in different network attacks. Simulation outputs will be used for testing the quality of security tools designed to defend against network attacks. The simulator will be used only for offline testing, it will not be possible to carry out real attacks. Purpose of this work is to improve the security against network attacks nowadays.
|
|
|
Similarity Searching in Network Data
Hud, Jakub ; Krobot, Pavel (referee) ; Wrona, Jan (advisor)
This bachelor thesis is interested in analyzing IP flow records. IP flow record contains IP flow metadata of specific network communication such as IP addresses, port numbers, network protocol numbers and other. Main goal is to design and implement metrices to determine similarity of NetFlow records. At the beginning of this thesis is description of how to analyze great amount of data. Next there are shown network monitoring technicies and NetFlow. Other parts of this thesis are dedicated to design and implementation of data analysis using DBSCAN algorithm. Implementation of data analysis application is also part of this thesis. As a result, the application can be used to network scan detection using NetFlow data although the results are not very clear and contain a lot of legitimate communication.
|
|
|
Similarity Searching in Network Data
Hud, Jakub ; Matoušek, Denis (referee) ; Wrona, Jan (advisor)
This bachelor thesis is interested in analyzing IP flow records. IP flow record contains IP flow metadata of specific network communication such as IP addresses, port numbers, network protocol numbers and other. Main goal is to design and implement method for determination of similarity of NetFlow records. At the beginning of this thesis is description of how to analyze great amount of data. Next there are shown network monitoring technicies and NetFlow. Other parts of this thesis are dedicated to design and implementation of data analysis using DBSCAN and agglomerative hierarchical clustering algorithms. Implementation of data analysis application is also part of this thesis. As a result, the application can be used to network scan detection using NetFlow data although the results are not very clear and contain a lot of legitimate communication.
|
|
|
LAN Security Monitoring
Grégr, Matěj ; Trchalík, Roman (referee) ; Očenášek, Pavel (advisor)
This bachelor thesis deals with security in LAN networks and monitoring security and availability of selected ports. The thesis gives a brief overview of the LAN attacks, defense techniques that are used to prevent them and port scanning techniques. In the practical part of my thesis I have implemented the set of functions collected in library. These functions are ready to be used for testing of ports availability and analysis of open services. The implementation is realized in C language, Libnet and Pcap libraries and bash scipts and the web control panel is implemented in HTML and PHP.
|
|
|
Detection and Automatic Analysis of Network Scans
Procházka, Aleš ; Kováčik, Michal (referee) ; Krobot, Pavel (advisor)
This bachelor thesis is focused on a computer network monitoring that utilizes flows. Firstly, there is a framework Nemea described, which can be used to build a complex system for network attack detection, and whose module is developed within the thesis. Secondly, port scanning is explained and different methods that can be used to scan ports are defined. The module is designed to detect horizontal scanning. The idea behind this method is to compare a unique number of destination IP addresses, which were asked for with a specific port, with a given threshold in a specific time window. Finally, in the practical part of the thesis the implementation of the module is described and results of the experiments on real data from Cesnet are presented.
|
|
|
Detection of Network Attacks Using Tshark
Dudek, Jindřich ; Ryšavý, Ondřej (referee) ; Holkovič, Martin (advisor)
This diploma thesis deals with the design and implementation of a tool for network attack detection from a captured network communication. It utilises the tshark packet analyser, the meaning of which is to convert the input file with the captured communications to the PDML format. The objective of this conversion being, increasing the flexibility of input data processing. When designing the tool, emphasis has been placed on the ability to expand it to detect new network attacks and on integrating these additions with ease. For this reason, the thesis also includes the design of a complex declarative descriptions for network attacks in the YAML serialization format. This allows us to specify the key properties of the network attacks and the conditions for their detection. The resulting tool acts as an interpreter of proposed declarative descriptions allowing it to be expanded with new types of attacks.
|
|
|
Network Scanner for PowerShell
Sabota, Dominik ; Šeda, Pavel (referee) ; Martinásek, Zdeněk (advisor)
This study focuses on the development and implementation of a network scanning tool for the scripting language Powershell version 5.1 and higher. This tool, named Oculus, was specifically designed for the use of sophisticated network scanning methods during penetration testing and other security audits, thereby becoming part of the broader context of cybersecurity. Within the set requirements and limitations, the Oculus tool was successfully implemented. This work thoroughly analyzes the process of development and implementation of this tool, its limitations, and their impact on overall effectiveness, which is subsequently tested and evaluated. Although the development process brought certain challenges, the testing results confirmed that the Oculus tool provides valuable outputs, thereby confirming its usability in the matter of improving cybersecurity.
|
|
|
LAN Security Monitoring
Grégr, Matěj ; Trchalík, Roman (referee) ; Očenášek, Pavel (advisor)
This bachelor thesis deals with security in LAN networks and monitoring security and availability of selected ports. The thesis gives a brief overview of the LAN attacks, defense techniques that are used to prevent them and port scanning techniques. In the practical part of my thesis I have implemented the set of functions collected in library. These functions are ready to be used for testing of ports availability and analysis of open services. The implementation is realized in C language, Libnet and Pcap libraries and bash scipts and the web control panel is implemented in HTML and PHP.
|
|
|
Similarity Searching in Network Data
Hud, Jakub ; Krobot, Pavel (referee) ; Wrona, Jan (advisor)
This bachelor thesis is interested in analyzing IP flow records. IP flow record contains IP flow metadata of specific network communication such as IP addresses, port numbers, network protocol numbers and other. Main goal is to design and implement metrices to determine similarity of NetFlow records. At the beginning of this thesis is description of how to analyze great amount of data. Next there are shown network monitoring technicies and NetFlow. Other parts of this thesis are dedicated to design and implementation of data analysis using DBSCAN algorithm. Implementation of data analysis application is also part of this thesis. As a result, the application can be used to network scan detection using NetFlow data although the results are not very clear and contain a lot of legitimate communication.
|
guest ::
