|
| |
|
|
Measurement of PlanetLab experimental network
Andrašov, Ivan ; Bečková, Zuzana (referee) ; Komosný, Dan (advisor)
This thesis deals with measurement of transfer parameters for nodes in experimental network PlanetLab. In theoretical part of this thesis we analyse experimental network PlanetLab, basic terminology in this network, its goals and some current projects run- ning under this network. Next we analyse measured network parameters specifically Ping, SSH delay and respond to SCP. Practical part of this thesis is formed around real im- plementation of measurement where in specific sub chapters are written exact problems of said parameter together with source code.
|
|
|
CACHE Memory Design for Network Applications
Soľanka, Lukáš ; Martínek, Tomáš (referee) ; Kořenek, Jan (advisor)
This thesis deals with design and implementation of generic cache memory for a wide range of network applications. Firstly, aspects with influence on performance are discussed. Then architecture is proposed and implemented with respect to the given technology. The main selectable parameters of the design are: data path width, line size, associativity, number of lines and replacement policy. Cache is also pipelined and therefore is able to process one request for reading or writing every clock cycle. The resulting component has been thoroughly simulated to verify its functionality and finally, its operation has also been tested in hardware on the Combo6X board.
|
|
|
User and Device Metadata Collection from the Darkweb
Gula, Ján ; Matoušek, Petr (referee) ; Veselý, Vladimír (advisor)
This bachelor's thesis solves the problem of anonymization on the Internet, that is widely used for dealing with illegal substances. This problem drives law enforcement agencies to be interested in web pages that represent markets with forbidden content which are hidden behind anonymity networks. My goal is to focus on the biggest markets with such content and to gather as much information as possible about subjects that posture on similar types of web pages either as sellers or as buyers. I have resolved the given problem by choosing the most impactful markets according to the number of users signed in. I have become one of the users and applied algorithms for data scraping to get information from web pages into a structured form that is more suitable for a deeper analysis. The results of this thesis will help law enforcement agencies with the analysis of metadata of users that commit illegal activities as they will not have to manually search through the illegal markets, and they will have all available data summed up in a structured form in a database. Unifying data into a structured form will help speeding up the investigation and address the biggest drug sellers.
|
|
|
Secure Network Based on Virtual Next-Generation Firewall
Varmus, Pavol ; Burda, Karel (referee) ; Malina, Lukáš (advisor)
The bachelors thesis aims to study the issue of security of the networks that use firewalls. The next goal is to evaluate the characteristics of a different types of firewalls and to summarize its results. The other object is to design a small or medium sized network with description of best practice. The main objective of the thesis is to design a lecture task for students to test with a step-by-step solution. This task is for students to undertand the importance of firewalls as a network protection service tools and to try out different types of filters for maintainin network security. The task ends with a practical stress test made by a network attack in order to see its resistance to the attack.
|
|
|
Inference of DDoS Mitigation Rules
Jacko, Daniel ; Tisovčík, Peter (referee) ; Žádník, Martin (advisor)
This thesis focuses on DDoS attacks, their types and means of their mitigation. The aim of the thesis is to design and implement an algorithm which would be able to derive rules to block DDoS attacks. For this, we chose the algorithm of machine learning, a decision tree, which starts operating as soon as the attack is detected. The algorithm operates with a sample of data detected during the attack, and with a sample of legitimate communication. A part of this thesis is also a description of a BPF format and an overview of executed experiments.
|
|
|
Laboratory task demonstrates Intrusion Protection System
Bronda, Samuel ; Malina, Lukáš (referee) ; Martinásek, Zdeněk (advisor)
This bachelor thesis is divided into two parts. The theoretical part describes security systems, various types of attacks and details of systems to protect computer networks. The practical part focuses on the workplace, where will operate IDS / IPS system Snort and Suricata, the necessary adjustments and simulation of attacks. The bachelor thesis also includes putting the system into real terms.
|
|
|
Network Configuration Synthesis and Verification
Černeková, Alžbeta ; Veselý, Vladimír (referee) ; Ryšavý, Ondřej (advisor)
The subject of this master's thesis is to address the topic of network devices configuring. It resolves the problems related to simplifying certain parts of configuration while eliminating frequent errors or issues. It introduces a solution to setting of IP addresses on router's interfaces. Furthermore it presents the generation of configuration for particular dynamic routing scenarios and its application and methods for its verification on network devices. It also demonstrates the preparation of configuration of VPN tunnel between two devices. The conclusion of this thesis contains possibilities for further extensions or improvements.
|
|
|
Automation of DDoS Attack Mitigation
Nagy, Peter ; Podermański, Tomáš (referee) ; Grégr, Matěj (advisor)
The aim of this thesis is automation of DDoS attack mitigation. This thesis provides an overview of GNU/Linux network platforms and different approaches for their configuration. The aim is to select a platform that could be extended to automate DDoS mitigation. DDoS attack types are explained as well. Selected methods for DDoS mitigation are described in more detail such as Remote Triggered Black Hole and BGP Flowspec. Existing tools like DDoS Defender and FastNetMon are used to detect a DDoS attack. NETX was chosen as target implementation platform. To communicate with devices, API or BGP protocol with Flowspec extension are used.
|
|
|
Software design for mapping of the network topology
Janura, Dominik ; Novotný, Bohumil (referee) ; Sobek, Jiří (advisor)
This thesis addresses the issues of network topology mapping, where the network consists of multiple Cisco devices. It includes theoretical knowledge in this field and closely describes possible solutions to this problem. It explains the process of design and implementation of this kind of network mapping software by chosen means. Correct function of the created application is tested on a virtual network.
|
guest ::
