Global ETD Search

41	Distribuerade belastningsattacker : Klassificering och utvärdering Brolin, Erik January 2006 (has links) Användandet av Internet ökar varje år och företag blir i takt med detta mer och mer beroende av att kunna erbjuda sina kunder tjänster här. Ett hot mot dessa tjänster är den distribuerade belastningsattacken. En belastningsattacks mål är att göra en server på Internet otillgänglig för vanliga användare genom att antingen överbelasta den med stora mängder data för att skada serverns bandbredd eller att göra ett stort antal uppkopplingsförfrågningar för att skada serverns kapacitet att behandla meddelanden. Vid en distribuerad belastningsattack använder en angripare sig av många datorer på Internet vilka inte är dennes egna för att göra sin attack mycket starkare. Målet med detta projekt har varit att klassificera och utvärdera skyddsmetoder mot detta med avseende på faktorerna kostnad samt effektivitet. Resultatet visar att den mest kostnadseffektiva skyddsmetoden är klassbaserad köbildning. Distribuerade belastningsattacker DDoS Informationssäkerhet Nätverkssäkerhet Skyddsmetoder Computer Sciences Datavetenskap (datalogi)
42	Entropické modely datového provozu / Entropic models of data traffic Blažek, Petr January 2015 (has links) This thesis solves possibility of using entropy for anomaly detection in data communication and especially for security attacks. The main advantage of using entropy is ability to identify unknown attacks because entropy detects changes in network traffic but not the content as existing methods. In this work was tested the suitability of different models entropy (Shannon, Renyi, Tsallis). Also been tested the effect of Renyi and Tsallis parameter on resulting entropy. From the resulting values, I found that all tested entropy achieve good result in the identification of anomalies in network traffic.
43	Testování odolnosti sítí a ochrana před útoky odepření služeb / Network protection testing and DoS attacks protection Hanzal, Jan January 2014 (has links) The aim of this Master thesis is a testing of Cisco ASA\,5510 firewall with affect of Denial of Service attacks. Part of the thesis is a teoretical description some of the attacks and practical tests. Practical part covers basic testing of Cisco ASA with Spirent Avalanche 3100B. Number of TCP connections per second and firewalls throughput on 7th layer of ISO/OSI model were tested. Also the effect of Denial of Service attacks on the throughput. In a next part there is described one possible way how to generate Denial of Service attacks from a Linux server to the firewall. Python scripts were used for generation DoS packets. With those scripts it is possible to generate five types of attacks.
44	Filtrování a agregace síťového provozu / Filtering and aggregation of network traffic Zubov, Artem January 2017 (has links) V této práci jsou zkoumaní základní principy odporů servisních útoků, nejběžnějších typů a účelu použití. Popsané dostupné techniky zmírnění různých typu útoků, nástrojů a přístupů v operačních systémech postavených na Linuxu. Nakonfigurován filtrcni server a pro účely testování simulovan SYN Flood, UDP Flood a ICMP Flood útoky. Bylo zjištěno, vhodne techniky vyrovnání tehto druhu útoku a realizováné příslušna konfigurace filtrování.
45	Evaluating the Effects of Denial-of-Service Attacks from IoT Devices Lernefalk, Marcus January 2021 (has links) Internet växer idag konstant och det förväntas finnas fler än 50 miljarder enheter anslutna till internet efter år 2020. Flertalet av dessa enheter kommer vara små, inbäddade enheter som är anslutna och kommunicerar via Internet of Things. Att försäkra att dessa enheter är säkra och skyddade från obehörig åtkomst har varit något som väckt oro ända sedan så kallade botnets visat sig kapabla till att ta över och utnyttja hundratusentals Internet of Things anslutna enheter för att utföra Distributed Denial-of-Service attacker. Målet med denna studie har varit att ställa frågan samt svara på hur stor påverkan Internet of Things enheter har när de utnyttjas för att utföra en Distributed Denial-of-Service attack i ett lokalt trådlöst nätverk. För att besvara denna fråga har denna avhandling forskat kring områden som rör cybersäkerhet, Internet of Things, samt metoder för att utföra Distributed Denial-of-Service attacker. Denna studie har implementerat ett scenario som mäter påverkan vid en Distributed Denial-of-Service attack när upp till sex emulerade Internet of Things enheter som attackerar en ensam offerdator via TCP, UDP och HTTP flood metoder i ett lokalt nätverk. Flertalet test har utförts samt analyserats. Resultatet från denna studie presenteras och jämförs vilket visar att offerdatorn är relativt kapabel till att försvara sig mot TCP och HTTP floods med upp till sex Internet of Things enheter vid respektive attack. Det implementerade scenariot och metoden är huruvida kapabel till att tungt överbelasta offerdatorn när UDP flood används för samtliga sex Internet of Things enheter. / The internet is constantly growing, we are expecting there to be more than 50 billion devices on the internet past 2020. Many of these devices will be small, embedded devices connected and communicating using the Internet of Things. Keeping these devices secure and protected from unauthorized access has been a raising concern in part due to botnets that have proven capable of exploiting hundreds of thousands of Internet of Things devices to carry out Distributed Denial-of-Service attacks in the past. The objective of this study has been to answer how big of an impact compromised IoT devices might have when exploited to carry out a Distributed Denial-of-Service attack in a Wireless Local Area Network. To answer this question this thesis has done research in the fields concerning cyber-security, the Internet of Things, and methods of distributing Denial-of-Service attacks. This study implements a scenario that measures the impact of a Distributed Denial-of-Service attack utilizing up to six emulated IoT devices that attack a single victim computer using a TCP, UDP or HTTP flood. Several tests have been performed and analyzed. The results from this work are presented and compared and shows that the victim computer is relatively capable of mitigating and defending against the TCP and HTTP flood with up to six utilized IoT devices in each attack. In the implemented scenario and method are however capable of heavily congesting and overwhelming a single victim computer when utilizing a UDP flood with all six IoT devices simultaneously attacking. IoT DoS DDoS LOIC Botnets Cyber-security Software Engineering Programvaruteknik
46	Network AIS-based DDoS attack detection in SDN environments with NS-3 Jevtic, Stefan G. 21 July 2017 (has links) Indiana University-Purdue University Indianapolis (IUPUI) / With the ever increasing connectivity of and dependency on modern computing systems, our civilization is becoming ever more susceptible to cyberattack. To combat this, identifying and disrupting malicious traffic without human intervention becomes essential to protecting our most important systems. To accomplish this, three main tasks for an effective intrusion detection system have been identified: monitor network traffic, categorize and identify anomalous behavior in near real time, and take appropriate action against the identified threat. This system leverages distributed SDN architecture and the principles of Artificial Immune Systems and Self-Organizing Maps to build a network-based intrusion detection system capable of detecting and terminating DDoS attacks in progress. DDoS SDN Software Defined Networking NS-3 OpenFlow
47	EVASIVE INTERNET PROTOCOL: END TO END PERFORMANCE Maaz, Khan 23 June 2011 (has links) No description available. Computer Science Capabilities internet security attacks, spoofing DDoS Evasive internet
48	The use of BGP Flowspec in the protection against DDoS attacks Chouk, Wissem January 2019 (has links) Flowspec is one of the latest DDoS attacksmitigation tools. It relies on BGPv4 to share itsroute specifications. It presents great advantageswhen it comes to effectively mitigate a (D)DoSattack. However, due to the lack of protection andsecurity of BGP, Flowspec presents somevulnerabilities that can be used against the victimto initiate, enhance or continue an attack. An ISP isinterested to include Flowspec in its mitigationtools. In this thesis, we will evaluate the potentialuse of Flowspec by the ISP after taking intoconsideration 3 uses cases where the protocolwould not be able to act as intended. / Flowspec är ett av de senaste verktigen mot DDoS-attacker. Den är beroende av BGPv4 för att dela dess ruttspecifikationer. Det ger stora fördelar när det gäller att effektivt mildra en (D)DoS-attack. På grund av bristen på skydd och säkerhet för BGP presenterar dock Flowspec vissa sårbarheter som kan användas mot offret för att initiera, förbättra eller gå vidare med en attack. En Internetleverantör gynnas av att inkludera Flowspec i dess begränsningsverktyg. I denna avhandling kommer vi att utvärdera den potentiella a n v ä n d n i n g e n a v F l o w s p e c f r å n Internetleverantörens sida efter att ha beaktat 3 användningsfall där protokollet inte skulle kunna fungera som avsett. DDoS Flowspec BGP Security Networking Engineering and Technology Teknik och teknologier
49	Comparison of System Performance During DDoS Attacks in Modern Operating Systems Pettersson, Erik January 2017 (has links) Distributed Denial of Service attacks are an ever prevalent challenge for system administra-tors today to overcome. The attack, which is all about restricting legitimate users access to a service, such as a web-page. Can cost companies and governments millions of dollars if not properly managed. This study aims to explore if there is any difference in performance between some of the most modern iterations of popular server operating systems today. Those server operating systems are: Windows Server 2016, Ubuntu 16 and FreeBSD 11. And submitting them to one of the most popular DDoS attacks at the time of writing, a so called HTTP-Get request. The webservers used are some of the most widely used today, Apache and Microsoft IIS. Each server will be submitted to attacks, and compared between one another. Different de-fence methods will also be tested and examined. Tests include shorter tests that is repeated multiple times for data validity, and one longer test for every condition in order to control if the results are similar. During these tests, the operating systems will measure CPU/RAM utilization, and a control computer will measure Round Trip Time. Windows Server 2016 using IIS and FreeBSD 11 perform similarly resource wise, but Win-dows Server 2016 with IIS had a better Round Trip Time performance. Windows Server 2016 with Apache performs worst in all measurements, while Ubuntu 16 performs in the middle, but has the most stable performance. DDoS DDoS Prevention Windows Server 2016 Ubuntu 16 FreeBSD 11 HTTP-Get IP-Thresholding Load-Balancing Computer Sciences Datavetenskap (datalogi)
50	Odvozování pravidel pro mitigaci DDoS / Deriving DDoS Mitigation Rules Hurta, Marek January 2017 (has links) This thesis is aimed at monitoring of computer networks using NetFlow data. It describes main aspects of detection network anomalies using IDS systems. Next part describes Nemea framework, which is used for creating modules. These modules are able to detect network incidents and attacks. Following chapters contain a brief overview of common network attacks with their specific remarks which can help in process of their detection. Based on this analysis, the concept of mitigation rules was created. These rules can be used for mitigation of DDoS attack. This method was tested on several data sets and it produced multiple mitigation rules. These rules were applied on data sets and they marked most of the suspicious flows.

Search results