To see the other types of publications on this topic, follow the link: Analýza a filtrace síťového provozu.
Dissertations / Theses on the topic 'Analýza a filtrace síťového provozu'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 18 dissertations / theses for your research on the topic 'Analýza a filtrace síťového provozu.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Klečka, Jan. "Monitorovací sonda síťové komunikace." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2021. http://www.nusl.cz/ntk/nusl-442398.
Full textAbstract:
Master thesis deals with analysis of single board PC which use Linux as operation system. Analysis of individual NIDS systems and examined their properties for choosing right candidate for single board computer which shall be used as network probe for analysis, filtering and logging of network traffic. Part of the work is aimed on development of a interface which is used for configuration of network probe through the web browser. Web interface allows perform basic operations over network probe which influence network traffic or specify, which information shall be logged. Subsequently network parsers were implemented for network protocols using the Scappy library. The conclusion of the thesis contains the design of the security cover for the device according to the IP54 requirements.
2
Churý, Jan. "Vysokorychlostní filtrace síťového provozu." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2017. http://www.nusl.cz/ntk/nusl-316969.
Full textAbstract:
For high-speed (e.g. more than 1 Gbit/s) filtration of network traffic there are available many of proprietary hardware solutions nowadays. But there are also a couple of free licensed projects that are specialized in high-speed packet processing on common hardware. The goal of thesis is to find such projects, verify that there are filtering tools based on these projects, try to filter 10Gbit/s network traffic by these tools and test them against various filtration settings. Implementation of packet filter that could be used for filtration of network traffic up to 10Gbit/s speed should be the output of this thesis.
3
Kult, Viktor. "Bezpečnostní analýza síťového provozu." Master's thesis, Česká zemědělská univerzita v Praze, 2017. http://www.nusl.cz/ntk/nusl-263015.
Full textAbstract:
Thesis topic concerns the issue of information security in corporate environments. Literature search includes information obtained by studying articles and literature in the field of information security. Resources were selected with a focus on the security risks, security technologies and legislative regulation. Attention is focused on technology that supports monitoring of communication flows in the data network. Overview of traffic operating a data network provides important information for the prevention or investigation of security incidents. Monitoring also serves as a source of information for the planning of the network infrastructure. It can detect faults or insufficient transmission capacity. The practical part is dedicated to implementation of the monitoring system in the real corporate networks. Part of the experience is the analysis of the network structure and choice of appropriate tools for actual implementation. When selecting tools, you can use the scoring method of multicriterial analysis options. The integration of the monitoring system is also the configuration of active network elements. Subsequent analysis of network traffic provides information about the most active users, most used applications or on the sources and targets of data transmitted. It provides a source of valuable information that can be used in case of failure on the network or security incident. The conclusion is a summary of the results and workflow.
4
Soós, Tibor. "Matematická analýza zachyceného síťového provozu." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2011. http://www.nusl.cz/ntk/nusl-218844.
Full textAbstract:
This thesis is considering with network traffic analysis and prediction of real networks default services. The first part of this paper is containing the theoretical explanation of the mathematical model’s needs. These models are mainly used as a part of simulation algorithms which are describing the processes of network traffic simulations. The second part is describing the process how to apply the models to mathematically analyze the captured traffic. The capture is including all kind of packet types which can appear on the real network. At the last part of the thesis is described the detailed design of the prediction algorithm’s which are developed in programing language of Matlab® Mathworks®.
5
Člupek, Vlastimil. "Nelineární analýza a predikce síťového provozu." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2012. http://www.nusl.cz/ntk/nusl-219427.
Full textAbstract:
This thesis deal with an analysis of network traffic and its properties. In this thesis are discussed possibilities of prediction network traffic by FARIMA model, theory of chaos with Lyapunov exponent and by neural networks. The biggest attention was dedicated to prediction network traffic by neural networks. In Matlab with using Neural Network Toolbox were created, trained and tested recurrent networks for prediction specific types of network traffics, which was captured on local network. There were choosed Elman network, LRN and NARX network to test the prediction of network traffic, results were discussed. Thesis also introduce area of application ability prediction of network traffic, there is introduce design of system for dynamic allocation bandwidth with particular description of its prediction part. Thesis also states possible use designed system for dynamic allocation of bandwidth.
6
Barabas, Maroš. "Bezpečnostní analýza síťového provozu pomocí behaviorálních signatur." Doctoral thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2016. http://www.nusl.cz/ntk/nusl-412570.
Full textAbstract:
This thesis focuses on description of the current state of research in the detection of network attacks and subsequently on the improvement of detection capabilities of specific attacks by establishing a formal definition of network metrics. These metrics approximate the progress of network connection and create a signature, based on behavioral characteristics of the analyzed connection. The aim of this work is not the prevention of ongoing attacks, or the response to these attacks. The emphasis is on the analysis of connections to maximize information obtained and definition of the basis of detection system that can minimize the size of data collected from the network, leaving the most important information for subsequent analysis. The main goal of this work is to create the concept of the detection system by using defined metrics for reduction of the network traffic to signatures with an emphasis on the behavioral aspects of the communication. Another goal is to increase the autonomy of the detection system by developing an expert knowledge of honeypot system, with the condition of independence to the technological aspects of analyzed data (e.g. encryption, protocols used, technology and environment). Defining the concept of honeypot system's expert knowledge in the role of the teacher of classification algorithms creates autonomy of the~system for the detection of unknown attacks. This concept also provides the possibility of independent learning (with no human intervention) based on the knowledge collected from attacks on these systems. The thesis describes the process of creating laboratory environment and experiments with the defined network connection signature using collected data and downloaded test database. The results are compared with the state of the art of the network detection systems and the benefits of the proposed approximation methods are highlighted.
7
Lieskovan, Tomáš. "Detekce anomálií síťového provozu." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2017. http://www.nusl.cz/ntk/nusl-317122.
Full textAbstract:
This semester project presents an analysis of network traffic and detection of anomalies in network traffic by several various means. In the first part of the paper there is an explanation of the methods aiming at denial of service. Then in the second part an implementation of protection by means of selected solutions is presented. The intent is to compare these means which are supposed to detect cyber attacks aiming at denial of service. Another intent is to choose the best solutions from the categories of open-source and commercial solutions. The target of the master thesis was to work out a comparison between actual solutions for detection of DoS and DDoS attacks.
8
Chapčák, David. "Behaviorální analýza síťového provozu a detekce útoků (D)DoS." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2017. http://www.nusl.cz/ntk/nusl-317014.
Full textAbstract:
The semestral thesis deals with the analysis of the modern open-source NIDPS tools for monitoring and analyzing the network traffic. The work rates these instruments in terms of their network location and functions. Also refers about more detailed analysis of detecting and alerting mechanisms. Further analyzes the possibilities of detection of anomalies, especially in terms of statistical analysis and shows the basics of other approaches, such as approaches based on data mining and machine learning. The last section presents specific open-source tools, deals with comparison of their activities and the proposal allowing monitoring and traffic analysis, classification, detection of anomalies and (D)DoS attacks.
9
Cabal, Jakub. "Zpracování síťového provozu na velmi vysokých rychlostech." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2017. http://www.nusl.cz/ntk/nusl-318173.
Full textAbstract:
Different network devices require processing of the network traffic. To process the network traffic, it is necessary to parse headers of particular protocols packed in incoming ethernet frames. The processed headers can be repackaged to ethernet frames and sent back to the network. The goal of this thesis is to design and implement a circuit for analysis and parsing of ethernet frames, together with circuit for deparsing ethernet frames. The circuits are designed for throughputs of up to 400 Gb/s. The circuits are implemented for the FPGA technology.
10
Oujezský, Václav. "Konvergované sítě a tomografie síťového provozu s využitím evolučních algoritmů." Doctoral thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2017. http://www.nusl.cz/ntk/nusl-320776.
Full textAbstract:
Nowadays, the traffic tomography represents an integral component in converged networks and systems for detecting their behavioral characteristics. The dissertation deals with research of its implementation with the use of evolutionary algorithms. The research was mainly focused on innovation and solving behavioral detection data flows in networks and network anomalies using tomography and evolutionary algorithms. Within the dissertation has been proposed a new algorithm, emerging from the basics of the statistical method survival analysis, combined with a genetics’ algorithm. The proposed algorithm was tested in a model of a self-created network probe using the Python programming language and Cisco laboratory network devices. Performed tests have shown the basic functionality of the proposed solution.
11
Bartoš, Václav. "Reputace zdrojů škodlivého provozu." Doctoral thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2019. http://www.nusl.cz/ntk/nusl-412603.
Full textAbstract:
An important part of maintaining network security is collecting and processing information about cyber threats, both from network operator's own detection tools and from third parties. A commonly used type of such information are lists of network entities (IP addresses, domains, URLs, etc.) which were identified as malicious. However, in many cases, the simple binary distinction between malicious and non-malicious entities is not sufficient. It is beneficial to keep other supplementary information for each entity, which describes its malicious activities, and also a summarizing score, which evaluates its reputation numerically. Such a score allows for quick comprehension of the level of threat the entity poses and allows to compare and sort entities. The goal of this work is to design a method for such summarization. The resulting score, called Future Maliciousness Probability (FMP score), is a value between 0 and 1, assigned to each suspicious network entity, expressing the probability that the entity will do some kind of malicious activity in a near future. Therefore, the scoring is based of prediction of future attacks. Advanced machine learning methods are used to perform the prediction. Their input is formed by previously received alerts about security events and other relevant data related to the entity. The method of computing the score is first described in a general way, usable for any kind of entity and input data. Then a more concrete version is presented for scoring IPv4 address by utilizing alerts from an alert sharing system and supplementary data from a reputation database. This variant is then evaluated on a real world dataset. In order to get enough amount and quality of data for this dataset, a part of the work is also dedicated to the area of security analysis of network data. A framework for analysis of flow data, NEMEA, and several new detection methods are designed and implemented. An open reputation database, NERD, is also implemented and described in this work. Data from these systems are then used to evaluate precision of the predictor as well as to evaluate selected use cases of the scoring method.
12
Daněk, Jakub. "Generátor záznamů o síťových útocích." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2014. http://www.nusl.cz/ntk/nusl-236149.
Full textAbstract:
The thesis describes a design and implementation of Nemea system module purposed on generation of records about simulated network attacks. This thesis also contains brief description of Nemea system and several network attacks. Finally, part of this work is description of simulated attacks and methods of simulations.
13
Hujňák, Ondřej. "Systém pro rozpoznávání APT útoků." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2016. http://www.nusl.cz/ntk/nusl-255485.
Full textAbstract:
The thesis investigates APT attacks, which are professional targeted attacks that are characterised by long-term duration and use of advanced techniques. The thesis summarises current knowledge about APT attacks and suggests seven symptoms that can be used to check, whether an organization is under an APT attack. Thesis suggests a system for detection of APT attacks based on interaction of those symptoms. This system is elaborated further for detection of attacks in computer networks, where it uses user behaviour modelling for anomaly detection. The detector uses k-nearest neighbors (k-NN) method. The APT attack recognition ability in network environment is verified by implementing and testing this detector.
14
Jančová, Markéta. "Generická analýza toků v počítačových sítích." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2020. http://www.nusl.cz/ntk/nusl-417290.
Full textAbstract:
Tato práce se zabývá problematikou popisu síťového provozu pomocí automaticky vytvořeného modelu komunikace. Hlavním zaměřením jsou komunikace v řídicích systémech , které využívají speciální protokoly, jako je například IEC 60870-5-104 . V této práci představujeme metodu charakteristiky síťového provozu z pohledu obsahu komunikace i chování v čase. Tato metoda k popisu využívá deterministické konečné automaty , prefixové stromy a analýzu opakovatelnosti. Ve druhé části této diplomové práce se zaměřujeme na implementaci programu, který je schopný na základě takového modelu komunikace verifikovat síťový provoz v reálném čase.
15
Vondráček, Martin. "Bezpečnostní analýza virtuální reality a její dopady." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2019. http://www.nusl.cz/ntk/nusl-399192.
Full textAbstract:
Virtuální realita je v současné době využívána nejen pro zábavu, ale i pro práci a sociální interakci, kde má soukromí a důvěrnost informací vysokou prioritu. Avšak bohužel, bezpečnostní opatření uplatňovaná dodavateli softwaru často nejsou dostačující. Tato práce přináší rozsáhlou bezpečnostní analýzu populární aplikace Bigscreen pro virtuální realitu, která má více než 500 000 uživatelů. Byly využity techniky analýzy síťového provozu, penetračního testování, reverzního inženýrství a dokonce i metody pro application crippling. Výzkum vedl k odhalení kritických zranitelností, které přímo narušovaly soukromí uživatelů a umožnily útočníkovi plně převzít kontrolu nad počítačem oběti. Nalezené bezpečnostní chyby umožnily distribuci škodlivého softwaru a vytvoření botnetu pomocí počítačového červa šířícího se ve virtuálních prostředích. Byl vytvořen nový kybernetický útok ve virtální realitě nazvaný Man-in-the-Room. Dále byla objevena bezpečnostní chyba v Unity engine. Zodpovědné nahlášení objevených chyb pomohlo zmírnit rizika pro více než půl milionu uživatelů aplikace Bigscreen a uživatele všech dotčených aplikací v Unity po celém světě.
16
Sikora, Marek. "Detekce slow-rate DDoS útoků." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2017. http://www.nusl.cz/ntk/nusl-317019.
Full textAbstract:
This diploma thesis is focused on the detection and protection against Slow DoS and DDoS attacks using computer network traffic analysis. The reader is introduced to the basic issues of this specific category of sophisticated attacks, and the characteristics of several specific attacks are clarified. There is also a set of methods for detecting and protecting against these attacks. The proposed methods are used to implement custom intrusion prevention system that is deployed on the border filtering server of computer network in order to protect Web servers against attacks from the Internet. Then created system is tested in the laboratory network. Presented results of the testing show that the system is able to detect attacks Slow GET, Slow POST, Slow Read and Apache Range Header and then protect Web servers from affecting provided services.
17
Coufal, Zdeněk. "Korelace dat na vstupu a výstupu sítě Tor." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2014. http://www.nusl.cz/ntk/nusl-235412.
Full textAbstract:
Communication in public networks based on the IP protocol is not really anonymous because it is possible to determine the source and destination IP address of each packet. Users who want to be anonymous are forced to use anonymization networks, such as Tor. In case such a user is target of lawful interception, it presents a problem for those systems because they only see that the user communicated with anonymization network and have a suspicion that the data stream at the output of anonymization network belong to the same user. The aim of this master thesis was to design a correlation method to determine the dependence of the data stream at the input and the output of the Tor network. The proposed method analysis network traffic and compares characteristics of data streams extracted from metadata, such as time of occurence and the size of packets. This method specializes in correlating data flows of protocol HTTP, specifically web server responses. It was tested on real data from the Tor network and successfully recognized dependency of data flows.
18
Teknős, Martin. "Rozšíření behaviorální analýzy síťové komunikace určené pro detekci útoků." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2015. http://www.nusl.cz/ntk/nusl-234931.
Full textAbstract:
This thesis is focused on network behavior analysis (NBA) designed to detect network attacks. The goal of the thesis is to increase detection accuracy of obfuscated network attacks. Methods and techniques used to detect network attacks and network traffic classification were presented first. Intrusion detection systems (IDS) in terms of their functionality and possible attacks on them are described next. This work also describes principles of selected attacks against IDS. Further, obfuscation methods which can be used to overcome NBA are suggested. The tool for automatic exploitation, attack obfuscation and collection of this network communication was designed and implemented. This tool was used for execution of network attacks. A dataset for experiments was obtained from collected network communications. Finally, achieved results emphasized requirement of training NBA models by obfuscated malicious network traffic.