Global ETD Search

101	Denial-of-service attack : A realistic implementation of a DoS attack / Denial-of-service attack : En realistisk implementering Skog Andersen, Jonas, Alderhally, Ammar January 2015 (has links) This report describes some of the most well known denial of service attacks (DoS-attacks). This will be done in the first part of the report, the second part describes an implementation of a DoS-attack. The main purpose of its first part is to closer examine common DoS-attacks, the purpose of such attacks, the protection methods that can be deployed to mitigate these attacks and the ways that are used to measure these attacks. The second part describes a implementation of a practical attack implemented using HTTP POST requests to overwhelm a web server, so called HTTP POST attack. The attack was carried out using different number of attack nodes, up to the default maximum limit for Apache web server. The attack succeeded after several attempts with different parameters. As a result of the experiments we learnt that a successful HTTP POST attack needs to take between 15% and 100% of the maximum permitted clients to make an impact on the server’s response time. The server that was attacked had no defence mechanism to protect itself against DoS-attacks. One important thing to note is that this attack is carried out in a protected environment so as not to affect the external environment. DOS DDOS Attack Denial of Service Distributed denial of service attack HTTP POST HTTP POST attack Computer Sciences Datavetenskap (datalogi)
102	Analýza zpětně rozptýleného DDoS provozu v datech o síťových tocích / Analysis of DDoS Backscatter Traffic in Network Flow Data Marušiak, Martin January 2021 (has links) This work focuses on detection of denial of service (DoS) attacks which utilize random spoofing of source IP address in attack packets. These types of attacks lead to generation of side effect in a form of backscatter that can be used to identify victims of such attacks. Backscatter analysis has so far been limited to unused address space ranges referred to as network telescopes. This work therefore proposes a new method of DoS attack detection via backscatter outside of network telescope environment where legitimate user traffic is also present. Furthermore proposed approach uses only abstracted traffic in a form of network flows. Presented method was implemented as part of NEMEA system and tested on real flow data capture provided by CESNET.
103	Odolnost komunikační jednotky LAN proti útokům z Internetu / LAN communication unit resistivity against Internet origination attacks Valach, Michal January 2009 (has links) This thesis is focused on crypto-module RCM 3700, which is used for encrypted data transmission. Following work analyses basic network protocols and some sort of attacks in Ethernet network. The main goal of these attacks is to collect information and services about the device and to analyze transmitted data. Based on these information attacks can be done more precisely than without them. The main target of these attacks is the denial of particulary service or data abuse. Furthermore, in the diploma thesis configuration of router CISCO 2801 is applied in order to improve the LAN security. The deveploment board, which includes reset function, supplied circuit and interface for RS 232, was designed for crypto-module RCM 3700.
104	Impact of mobile botnet on long term evolution networks: a distributed denial of service attack perspective Kitana, Asem 31 March 2021 (has links) In recent years, the advent of Long Term Evolution (LTE) technology as a prominent component of 4G networks and future 5G networks, has paved the way for fast and new mobile web access and application services. With these advantages come some security concerns in terms of attacks that can be launched on such networks. This thesis focuses on the impact of the mobile botnet on LTE networks by implementing a mobile botnet architecture that initiates a Distributed Denial of Service (DDoS) attack. First, in the quest of understanding the mobile botnet behavior, a correlation between the mobile botnet impact and different mobile device mobility models, is established, leading to the study of the impact of the random patterns versus the uniform patterns of movements on the mobile botnet’s behavior under a DDoS attack. Second, the impact of two base transceiver station selection mechanisms on a mobile botnet behavior launching a DDoS attack on a LTE network is studied, the goal being to derive the effect of the attack severity of the mobile botnet. Third, an epidemic SMS-based cellular botnet that uses an epidemic command and control mechanism to initiate a short message services (SMS) phishing attack, is proposed and its threat impact is studied and simulated using three random graphs models. The simulation results obtained reveal that (1) in terms of users’ mobility patterns, the impact of the mobile botnet behavior under a DDoS attack on a victim web server is more pronounced when an asymmetric mobility model is considered compared to a symmetric mobility model; (2) in terms of base transceiver station selection mechanisms, the Distance-Based Model mechanism yields a higher threat impact on the victim server compared to the Signal Power Based Model mechanism; and (3) under the Erdos-and-Reyni Topology, the proposed epidemic SMS-based cellular botnet is shown to be resistant and resilient to random and selective cellular device failures. / Graduate Mobile Botnet LTE Long Term Evolution Network Distributed Denial of Service Attack DDoS Cellular Botnet Botnet Cybersecurity Cyber Security Cyber Attacks
105	DDoS: Ett evolverande fenomen / DDoS: An evolving phenomenon Andersson, Emil January 2012 (has links) Internetfenomenet ”Distributed Denial of Service”, förkortat DDoS, beskrivs ofta som ett av destörsta hoten mot Internet idag. Genom att utnyttja den grundläggande strukturen i kommunikationmellan nätverk och datorer kan kriminella blockera och stänga ute webbplatser och -tjänster frånanvändare, samtidigt som det är mycket svårt för offret och myndigheter att någonsin identifieraden eller de skyldiga. Enorma globala nätverk av ovetande människors infekterade datorer fjärrstyrstill att utföra angrepp mot alla sorters organisationer på Internet med olika motiv, som finansiella,politiska eller för ren vandalism. Syftet med det här arbetet är att göra en dagsaktuell kartläggningöver läget kring DDoS-angrepp och titta på statistik över de mest förekommande angreppstyperna,och se om den nyare publicerade forskningen kan svara på de pågående och framträdande trendersom kan ses. Sex forskningsartiklar väljs ut att jämföra med dessa trender för att se var merforskning krävs. Resultatet visar att forskningen kring försvar mot HTTP-GET-angrepp är bristande,samt att den framträdande trenden där angreppen allt oftare använder sig av olika angreppstypersamtidigt inte har undersökts. Mer öppen forskning bör riktas mot dessa bristande områden. / The Internet phenomenon ”Distributed Denial of Service”, in short DDoS, is often said to be one ofthe greatest threats to the Internet today. By abusing the foundation of inter-network and computercommunication, criminals can block and shut out websites and services from users while making itvery hard for the victim and the authorities to ever identify who was behind it. Enormous globalnetworks made up of unknowing peoples' infected computers can be remotely controlled to conductattacks against all sorts of organisations on the Internet with different motives, from financial orpolitic to sheer vandalism. The purpose of this study is to create an up-to-date mapping of thesituation of DdoS-attacks and look at statistics of the most prevalent attack types, and to check ifnewly published research can answer the current and emerging trends that can be seen. Six researcharticles are chosen to compare with these trends to see where more research is required. The resultsshow that the research around defense against HTTP-GET-attacks is lacking, and that the emergenttrend of DDoS-attacks that make use of more than one attack type at the same time has not beenexamined. More open research should be directed to these lacking areas. DDoS DoS Distributed Denial of Service Denial of Service HTTP-GET-DoS TCP-SYN-Flood Engineering and Technology Teknik och teknologier
106	Αναγνώριση επιθέσεων web σε web-servers Στυλιανού, Γεώργιος 09 July 2013 (has links) Οι επιθέσεις στο Διαδίκτυο και ειδικά οι επιθέσεις άρνησης εξυπηρέτησης (Denial of Service, DoS) αποτελούν ένα πολύ σοβαρό πρόβλημα για την ομαλή λειτουργία του Διαδικτύου. Αυτό το είδος επιθέσεων στοχεύει στην διατάραξη της καλής λειτουργίας ενός συστήματος, καταναλώνοντας τους πόρους του ή προκαλώντας υπερφόρτωση στο δίκτυο, καθιστώντας το ανίκανο να παρέχει στους πελάτες του τις υπηρεσίες για τις οποίες προορίζεται. Η αντιμετώπιση των επιθέσεων αυτών έχει απασχολήσει πολλούς ερευνητές τα τελευταία χρόνια και έχουν προταθεί πολλές διαφορετικές μέθοδοι πρόληψης, ανίχνευσης, και απόκρισης. Στα πλαίσια της παρούσας διπλωματικής επιχειρείται αρχικά ο ορισμός και η ταξινόμηση των επιθέσεων DoS και DDoS, με ιδιαίτερη αναφορά στις επιθέσεις DoS στον Παγκόσμιο Ιστό. Στη συνέχεια αναλύονται διάφοροι τρόποι αναγνώρισης επιθέσεων, με κύριους άξονες την αναγνώριση υπογραφής και την ανίχνευση ανωμαλιών. Γίνεται εμβάθυνση στο πεδίο της ανίχνευσης ανωμαλιών και πραγματοποιείται η μελέτη ενός συστήματος που ανιχνεύει ανωμαλίες σε δεδομένα κίνησης δικτύου που περιέχουν επιθέσεις. / Attacks in the Internet, and especially Denial of Service attacks, are a very serious threat to the normal function of the Internet. This kind of attack aims to the disruption of the normal function of a system, by consuming its resources or overloading the network, making it incapable to provide services, that is designed for, to the clients. In recent years many researchers have tried to propose solutions to prevent, detect and respond effectively to attacks. In this thesis, first a definition, and then a classification of DoS and DDoS attacks is proposed, with distinctive reference to attacks in the World Wide Web. Several ways of attack detection are analyzed, with signature detection and anomaly detection being the most significant. Afterwards, the field of anomaly detection is thoroughly analyzed, and a system that detects anomalies to a dataset of network traffic that contains attacks, is examined. Αναγνώριση επιθέσεων Ανίχνευση ανωμαλιών 005.8 Internet attacks Attack detection Anomaly detection Security anomalies
107	Establishing security and privacy in WAVE-enabled vehicular ad hoc networks Biswas, Subir 11 January 2013 (has links) Security and privacy are among the growing concerns of a Vehicular Ad hoc Network (VANET) which requires a high degree of liability from its participants. In this dissertation, We address security, anonymity and privacy challenges of VANETs in the light of the IEEE standards for vehicular communications. VANET provides a variety of road-safety and other applications through wireless devices installed in vehicles and roadside infrastructure. A roadside infrastructure in VANET is generally public, and is prone to several different malicious attacks including node compromise, impersonation, and false message delivery attacks. Therefore, a user of a VANET must verify the integrity of a message that is delivered from a roadside infrastructure. On the other hand, a vehicle-originated message should be anonymous in order to ensure user-privacy in a VANET. However, a vehicle must not be able to take advantage of its anonymity for any misbehavior like sending false messages or malicious updates to other vehicles or a roadside infrastructure. We use proxy signature, identity-based signature, and elliptic curve cryptosystems to provide authentication for infrastructure generated messages, and anonymous authentication for vehicle originated messages. Authentication in a dense traffic condition is a challenge for a receiving entity as it incurs a processing delay at the receiving end. We address this issue with a dynamic approach that selectively verifies received messages based on a message's MAC-layer priority and a sender's information relevance. This approach makes a trade-off between priority and fairness in vehicular message authentication. We develop a network simulator to measure the impact of our authentication schemes over a WAVE protocol stack. Also, we investigate how some of the MAC-layer weaknesses may impair the security of a VANET. Our solutions are lightweight, bandwidth friendly and compatible to the current standards of vehicular communications. VANET Security privacy anonymity authentication WAVE DSRC proxy signature ID-based signature ECDSA EDCA OBU RSU vehicular communications contention window access category DDoS
108	Establishing security and privacy in WAVE-enabled vehicular ad hoc networks Biswas, Subir 11 January 2013 (has links) Security and privacy are among the growing concerns of a Vehicular Ad hoc Network (VANET) which requires a high degree of liability from its participants. In this dissertation, We address security, anonymity and privacy challenges of VANETs in the light of the IEEE standards for vehicular communications. VANET provides a variety of road-safety and other applications through wireless devices installed in vehicles and roadside infrastructure. A roadside infrastructure in VANET is generally public, and is prone to several different malicious attacks including node compromise, impersonation, and false message delivery attacks. Therefore, a user of a VANET must verify the integrity of a message that is delivered from a roadside infrastructure. On the other hand, a vehicle-originated message should be anonymous in order to ensure user-privacy in a VANET. However, a vehicle must not be able to take advantage of its anonymity for any misbehavior like sending false messages or malicious updates to other vehicles or a roadside infrastructure. We use proxy signature, identity-based signature, and elliptic curve cryptosystems to provide authentication for infrastructure generated messages, and anonymous authentication for vehicle originated messages. Authentication in a dense traffic condition is a challenge for a receiving entity as it incurs a processing delay at the receiving end. We address this issue with a dynamic approach that selectively verifies received messages based on a message's MAC-layer priority and a sender's information relevance. This approach makes a trade-off between priority and fairness in vehicular message authentication. We develop a network simulator to measure the impact of our authentication schemes over a WAVE protocol stack. Also, we investigate how some of the MAC-layer weaknesses may impair the security of a VANET. Our solutions are lightweight, bandwidth friendly and compatible to the current standards of vehicular communications. VANET Security Privacy Anonymity Authentication WAVE DSRC Proxy signature ID-based Signature ECDSA EDCA OBU RSU Vehicular Communications Contention Window Access Category DDoS
109	Generátor kybernetických útoků / Cyberattack Generator Gregr, Filip January 2017 (has links) This thesis is focused on developing a tool that is capable of generating cyber attacks. In the opening there are introduced some attacks using the ISO/OSI application layer protocols. Specifically, these are attacks known as Slowloris, RUDY, Slow Read, HTTP flood, and dictionary attack on the SSH. These attacks are implemented into an existing DoSgen Linux tool that already contains several famous network attacks. The main part of the thesis is devoted to the description of the tool and to the implementation of its own extension. The created tool is practically tested in an experimental enviroment against the Apache web server. Part of the thesis is the documentation for the improved DoSgen tool.
110	Game Theoretic Solution for the Security of Unmanned Aerial Vehicle Network Host Mairaj, Aakif January 2021 (has links) No description available. Computer Engineering Computer Science Engineering Information Science Information Systems Information Technology

Search results