Spelling suggestions: "subject:"ovos"" "subject:"soos""
11 |
Výkonnostní a bezpečnostní testy síťových aplikací / Performance and security testing of network applicationsMatej, Michal January 2013 (has links)
The aim of this Master's thesis is to design and to implement the security test in considering a resistance of the device under test to the effects of the distributed denial of service attack DDoS SYN Flood. After processing the test results is developed a protocol about security test of the device under test. In this thesis are tested two devices, namely CISCO ASA5510 firewall and a server with the specified name Server. The theoretical part of the thesis discusses the primary types of network attacks such as reconnaissance, gain access and denial of service attacks. Explained the concept of DoS and its principle, further types of DoS attacks and distributed denial of service attacks DDoS.
|
12 |
Detekce útoků cílených na odepření služeb / Detection of denial of service attacksGerlich, Tomáš January 2017 (has links)
Master's thesis is focused on intrusion detection for denied of service attacks. These distributed DoS attacks are threat for all users on the Internet, so there is deployment of intrusion detection and intrusion prevention systems against these attacks. The theoretical part describes the DoS attacks and its variants used most frequently. It also mentioned variants for detecting DoS attacks. There is also described, which tools are used to detect DDoS attacks most frequently. The practical part deals with the deployment of software tools for detecting DDoS attacks, and create traffic to test detection abilities of these tools.
|
13 |
Anonymous ansikten : En undersökningar av några svenska dagstidningars konstruktioner av hackernätverket Anonymous / Anonymous ansikten : En undersökning av några svenska dagstidningars konstruktioner av hackernätverket AnonymousÅkerman, Emelie January 2012 (has links)
This study examines how a couple of Swedish daily newspapers construct the hacker network Anonymous, with an aim to discuss its possible effects. The question was: In which ways is the network Anonymous constructed in a few Swedish newspapers? 26 articles from four chosen newspaper were analysed, but because of many similarities in content, only 10 were chosen for deep analysis. With Fairclough's model of critical discourse analysis as chosen method, constructions varying from the images of heroes to villains were found as a result. The most common construction was that of Anonymous as a threat, which was most often exaggerated compared to what actions were actually described in the texts. In the secondly most common discourse, "guilty by association", Anonymous would be mentioned in a context, like in the report of a crime, without any apparent reason. Though labelled with other words, what the texts often described were actions that lived up to the criteria of civil disobedience, but in a digital context. Some texts described a protest movement that might get more legitimized, or continue as a guerrilla group. In some cases Anonymous were given power by getting their messages repeated without criticism, most likely accidentally since their usual silence might make the journalist jump when suddenly contacted directly. In other cases they were deliberately smeared, and constructed as a mischievous and powerless bunch of nerds. Opinions differed, but from the texts could be concluded that Anonymous is the first Internet based protest movement of its kind. How their identity develops may make or break the possibilities for future online protest movements and civil disobedience acts. In which direction they progress isn't the topic of this study. But what possible effects the newspapers constructions of Anonymous might have on that progress is of high interest. The discussion's theoretical base is that the journalistic content has an effect on its audience, and an effect on the construction of identity, both collective and individual. The media further have power, to some extent, over their audience as well as over their subjects.
|
14 |
An architectural approach for mitigating next-generation denial of service attacksDoucette, Cody 08 March 2021 (has links)
It is well known that distributed denial of service attacks are a major threat to the Internet today. Surveys of network operators repeatedly show that the Internet's stakeholders are concerned, and the reasons for this are clear: the frequency, magnitude, and complexity of attacks are growing, and show no signs of slowing down. With the emergence of the Internet of Things, fifth-generation mobile networks, and IPv6, the Internet may soon be exposed to a new generation of sophisticated and powerful DDoS attacks.
But how did we get here? In one view, the potency of DDoS attacks is owed to a set of underlying architectural issues at the heart of the Internet. Guiding principles such as simplicity, openness, and autonomy have driven the Internet to be tremendously successful, but have the side effects of making it difficult to verify source addresses, classify unwanted packets, and forge cooperation between networks to stop traffic. These architectural issues make mitigating DDoS attacks a costly, uphill battle for victims, who have been left without an adequate defense.
Such a circumstance requires a solution that is aware of, and addresses, the architectural issues at play. Fueled by over 20 years worth of lessons learned from the industry and academic literature, Gatekeeper is a mitigation system that neutralizes the issues that make DDoS attacks so powerful. It does so by enforcing a connection-oriented network layer and by leveraging a global distribution of upstream vantage points. Gatekeeper further distinguishes itself from previous solutions because it circumvents the necessity of mutual deployment between networks, allowing deployers to reap the full benefits alone and on day one.
Gatekeeper is an open-source, production-quality DDoS mitigation system. It is modular, scalable, and built using the latest advances in packet processing techniques. It implements the operational features required by today's network administrators, including support for bonded network devices, VLAN tagging, and control plane tools, and has been chosen for deployment by multiple networks.
However, an effective Gatekeeper deployment can only be achieved by writing and enforcing fine-grained and accurate network policies. While the basic function of such policies is to simply govern the sending ability of clients, Gatekeeper is capable of much more: multiple bandwidth limits, punishing flows for misbehavior, attack detection via machine learning, and the flexibility to support new protocols. Therefore, we provide a view into the richness and power of Gatekeeper policies in the form of a policy toolkit for network operators.
Finally, we must look to the future, and prepare for a potential next generation of powerful and costly DDoS attacks to grace our infrastructure. In particular, link flooding attacks such as Crossfire use massive, distributed sets of bots with low-rate, legitimate-looking traffic to attack upstream links outside of the victim's control. A new generation of these attacks could soon be realized as IoT devices, 5G networks, and IPv6 simultaneously enter the network landscape. Gatekeeper is able to hinder the architectural advantages that fuel link flooding attacks, bounding their effectiveness.
|
15 |
DoS a DDoS útoky na SIP protokol / DoS a DDoS útoky na SIP protokolStaněk, Jan January 2011 (has links)
The aim of this diploma thesis is to get accustomed with the SIP protocol and with the problematics of attacks targeting this protocol, with the emphasis on DoS and DDoS attacks. The thesis focuses on detailed classification of the attacks, possibilities and forms of generation of the attacks and methodics of defense against them. The attacks of the flood type are especially stressed because they are easily generated and the SIP components are very prone to these attacks. Prototype implementations of the most important ideas concerning attack generation and protection against these attacks are also part of this thesis. Practical tests of the implementations performed in a simulated SIP environment are also included. 1
|
16 |
Distributed Denial of Service Attacks (DDoS)- Consequences and FutureNamuduri, Sarita January 2006 (has links)
<p>Denial of Service and the Distributed Denial of Service Attacks have recently emerged as one of the most newsworthy, if not the greatest, weaknesses of the Internet. This paper attempt to explain how they work, why they are hard to combat today, and what will need to happen if they are to be brought under control. It is divided into eight sections. The first is an overview of the current situation and also brief explanatory of the rest of the chapters being covered. The second is a detailed description of exactly how this attack works, and why it is hard to cope with today; of necessity it includes a description of how the Internet works today. The third section is totally about the different attacks in recent years and how they affected the people or the bigorganizations. The fourth section describes the short-term prospects, the tools which are used to rectify these attacks. The fifth is problems being faced with an explanatory of the percentage of attack in recent years and comparing the problems. The sixth is what can be done today to help alleviate this problem. The seventh section describes the legal actions and also legal actions that can be followed against the attack by the victim; and the eighth section describes the long-term picture, what will change to bring this class of problem under control, if not eliminate it entirely. And finally there are some appendices: a bibliography, giving references to original research work and announcements; a brief article on securing servers; and acknowledgments for the many people who helped make this paper possible.</p>
|
17 |
Distributed Denial of Service Attacks (DDoS)- Consequences and FutureNamuduri, Sarita January 2006 (has links)
Denial of Service and the Distributed Denial of Service Attacks have recently emerged as one of the most newsworthy, if not the greatest, weaknesses of the Internet. This paper attempt to explain how they work, why they are hard to combat today, and what will need to happen if they are to be brought under control. It is divided into eight sections. The first is an overview of the current situation and also brief explanatory of the rest of the chapters being covered. The second is a detailed description of exactly how this attack works, and why it is hard to cope with today; of necessity it includes a description of how the Internet works today. The third section is totally about the different attacks in recent years and how they affected the people or the bigorganizations. The fourth section describes the short-term prospects, the tools which are used to rectify these attacks. The fifth is problems being faced with an explanatory of the percentage of attack in recent years and comparing the problems. The sixth is what can be done today to help alleviate this problem. The seventh section describes the legal actions and also legal actions that can be followed against the attack by the victim; and the eighth section describes the long-term picture, what will change to bring this class of problem under control, if not eliminate it entirely. And finally there are some appendices: a bibliography, giving references to original research work and announcements; a brief article on securing servers; and acknowledgments for the many people who helped make this paper possible.
|
18 |
Web-based Botnet Detection Based on Flow InformationTsai, Yu-Chou 08 September 2009 (has links)
Botnet is a combination of Cyber Attack, infection, and dissemination. Cross the Internet, the infected hosts might launch DDoS (Distributed Denial-of-Service) Attack, become a proxy sending SPAM according to commands from botmasters via some public services such as IRC, P2P or Web (HTTP) protocol. Among these command and control channel, Web-based Botnet is much difficult to detect because the command and control messages of Web-based Botnet are spread through HTTP protocol and hide behind normal Flows.
In this research, we focus on analysis and detection of Web-based Botnet, detection by features - Timeslot, calculation of NetFlow, B2S(Bot to Server) and S2B(Server to Bot) of Web-based Botnet. The experimental result shows the proposed approach which uses the features mention above is good in many different topology designs. In addition, we also got nice detection rate in real network design.
|
19 |
DDoS detection based on traffic self-similarityBrignoli, Delio January 2008 (has links)
Distributed denial of service attacks (or DDoS) are a common occurrence on the internet and are becoming more intense as
the bot-nets, used to launch them, grow bigger. Preventing or stopping DDoS is not possible without radically changing the
internet infrastructure; various DDoS mitigation techniques have been devised with different degrees of success. All mitigation
techniques share the need for a DDoS detection mechanism.
DDoS detection based on traffic self-similarity estimation is a relatively new approach which is built on the notion that undis-
turbed network traffic displays fractal like properties. These fractal like properties are known to degrade in presence of abnormal
traffic conditions like DDoS. Detection is possible by observing the changes in the level of self-similarity in the traffic flow at the
target of the attack.
Existing literature assumes that DDoS traffic lacks the self-similar properties of undisturbed traffic. We show how existing bot-
nets could be used to generate a self-similar traffic flow and thus break such assumptions. We then study the implications of
self-similar attack traffic on DDoS detection.
We find that, even when DDoS traffic is self-similar, detection is still possible. We also find that the traffic flow resulting from the
superimposition of DDoS flow and legitimate traffic flow possesses a level of self-similarity that depends non-linearly on both
relative traffic intensity and on the difference in self-similarity between the two incoming flows.
|
20 |
Vulnerability in a cyberattack : How DoS affects Swedish government authoritiesBurgos, Peter, Storsten, Julia January 2014 (has links)
With a growing development of technologies and the fact that many companies implements online services, an interruption in such service could cause problems for any kind of user by exploiting the vulnerabilities in these systems. The Swedish Armed Forces (SwAF) indicates that the development of the defensive ability must continue, since the vulnerability of the cyberenvironment becomes a greater interest for adversaries. A denial of service can create panic by e.g. force resources to look into the ongoing attack minimizing the awareness of the protection of other systems. Known attacking tools and statistics are presented in this thesis, but the scope is to generate a framework. The main aim is to look into the Swedish government authorities and give an insight of how a possible path for an increased resilience against a modern distributed denial of service attack could be and at the same time expand the knowledge and give a base for developing more secure systems. This thesis consists of a survey and simulations of network traffic behaviors in order to categorize and give a framework for a small, middle and large sized authority. The result shows that a small sized authority has a risk of 47% in not being able to survive an attack, while a middle sized authority only would have 17% as dangerous risk, since that is the risk of having attacks exceeding 60 Gbit/s. A large sized authority is defined by having a capacity of 100 Gbit/s. Therefore, an increased resilience is by exceeding 60 Gbit/s showing that 60% of the authorities within this thesis are prepared against a modern distributed denial of service attack. If an attack succeeds, the authorities are at greater risk to not be able to communicate externally and reach out to the society as impact. / Med en snabb teknikutveckling och det faktum att många företag genomför online-tjänster, kan ett avbrott i en sådan tjänst orsaka problem för alla typer av användare genom att utnyttja sårbarheter i dessa system. Försvarsmakten antyder att utvecklingen av den defensiva förmågan måste fortsätta, eftersom sårbarheten i cybermiljön blir ett större intresse för motståndare. En överbelastningsattack kan skapa panik genom att t.ex. tvinga resurser att undersöka en pågående attack vilket minimerar medvetenheten för skydd av andra system. Kända attackverktyg och statistik presenteras i denna studie men avgränsningen är att skapa ett ramverk. Det främsta syftet är att undersöka svenska myndigheter och ge en mall för en ökad motståndskraft mot överbelastningsattacker och att även öka kunskapen och ge en bas för att utveckla säkrare system. Studien består av en enkätundersökning och simuleringar om beteendet av nätverkstrafik för att kategorisera och ge en ram för en liten, medel och stor myndighet. Resultatet av denna studie visar att en liten myndighet har en risk på 47% att inte överleva en attack, medan en medelstor myndighet endast skulle ha en risk på 17% att inte överleva, eftersom det är risken för attacker som överstiger 60 Gbit/s. En stor myndighet definieras genom att ha en kapacitet på 100 Gbit/s. Ett ökat motstånd är därmed en kapacitet på över 60 Gbit/s som visar att 60% av myndigheterna inom denna studie är förberedda inför en överbelastningsattack. Om en attack lyckas, löper myndigheterna större risk att inte kunna kommunicera externt och nå ut till samhället som påverkan.
|
Page generated in 0.0735 seconds