Spelling suggestions: "subject:"ovos"" "subject:"soos""
71 |
Australian Legal Ramifications of Information System and Data Security Compromise: A review of issues, technology and law.Quentin Cregan Unknown Date (has links)
Computer intrusions and attacks compromise individuals, companies and communities. Whilst it is clear that computer and information security studies point to a generalised increase in the number and sophistication of computer security attacks over the past decade and that nations now entirely rely upon computer systems, insufficient attention is paid to the protection of those systems. Computer data and network systems affect our everyday lives, from the supply-chain software that ensures that the shelves are stocked at the supermarket, to systems that manage finance and share markets. Compromises of computer security are, therefore, rightly seen both as an attack on those individual entities whose systems and information are compromised, and as a communal attack upon the people and organisations that rely upon or use computer systems, both directly and indirectly. The aim of this thesis is to give an analysis of computer system security, information protections and the legal ramifications of computer security compromise, notably, data security compromise in Australia. Ultimately, the aim is to address three overlapping questions: what are the ways in which systems are breached, what are the legal consequences of a breach and are those consequences adequate? This paper looks at the underlying technology and relationships between actors involved in the majority of security compromises and looks at the common factors in how systems and networks are attacked and actors damaged. The paper then goes on to look at criminal liability for security compromises and shows how a criminal analysis feeds into the proper civil law consideration of the topic. Finally, the paper looks at data security through the lens of privacy. Ultimately, this paper concludes that Australia is inconsistent in its legal responses to information security incidents. Such variations are based on the area of law being discussed and dependent on the breach methodology and outcome. The criminal law provides the most current and potent legal protection any business or individual has had in this field. This is followed by statutory privacy law which provides a narrow degree of coverage and provides only a weak conciliation process for addressing data security issues. Finally, common law and equity provide the most uncertain commercial remedies for those that suffer data security breach. This paper concludes that present protections are inadequate and uncertain, and that change is required.
|
72 |
Cooperative Defense Against DDoS Attack using GOSSIP ProtocolSohail, Imran, Hayat, Sikandar January 2009 (has links)
The ability to detect and prevent a network from DDoS attack and to ensure the high quality infrastructure is a back bone of today’s network security issues. In this thesis, we have successfully validated an algorithm using OmNet++ Ver. 4.0 simulation to show how a DDoS attack can be detected and how the nodes can be protected from such an attack using GOSSIP protocol.
|
73 |
Analys av DDoS-attacker för identifiering och preventionGenestig, Peter, Gustafsson, Joel January 2014 (has links)
Beroendet av internet har ökat markant över de senaste tjugo åren, detta har medförtatt tjänster som tidigare tillhandahölls lokalt i fysisk form har sakta fasats ut. Samhälletsförtroende för internet och dess struktur medför vissa svagheter, som öppnar upp förattacker vilka kan överbelasta plattformar och göra företagets tjänster otillgängliga.Syftet med arbetet är att identifiera DDoS-attacker från pcap-filer och undersöka hurDRDoS-attacker skalar. Arbetet tar även upp frågeställningar om likheter och skillnadermellan attackerna som används samt huruvida de skiljer sig från legitim trafik och hurdetta kan vara ett problem när skydd eller liknande implementeras.För att besvara frågeställningarna har vi valt att göra tre experiment samt analys. De treexperiment görs i en fysisk labbmiljö där attackerna kan ske på ett kontrollerat miljö,där pcap-filer kan samlas in för analys.I arbetet påvisades att en reflektionsattack som utnyttjade DNS kunde uppnå enskalning med en faktor på 80 gånger. Det har även påvisats vilka likheter som finnsmellan de fem attacker som granskades.
|
74 |
Rozšíření nástroje JMeter / Implementation of plugins for JMeterŠvehlák, Milan January 2017 (has links)
This thesis discusses the load testing tool JMeter and its opportunities for expansion by modules carrying out cyber attacks of the type Denial of Service (DoS). To begin with, there is a theoretical overview of cyber attacks of this type. The following chapter, talks about the JMeter tool, namely its functions and expansion options. After that, it is proceeded to the actual design and realization of the modules. The module implementing the attack HTTP Flood is created first. This module uses internal functions of the program JMeter. This new module is tested. Next chapter folows the procedure of creating modules, that use external generator of network traffic. Modules SYN Flood, ICMP Flood and NTP Flood are implemented using the generator Trafgen. Module implementing attack Slowloris uses a Python script as a generator of the attack. Finally, all the new modules are tested.
|
75 |
Automatizovaná tvorba reportů zátěžového testování / Automatic Generation of Load Testing ReportsOškera, Jakub January 2018 (has links)
The diploma thesis deals with the development of a tool for automated generation of load testing reports, which is implemented in the form of a plug-in into the load tester JMeter as one of its components. The theoretical part contains an analysis of load testing and DDoS parameters, which are the output of a web report. The thesis includes an analysis of available template processors. Based on the analysis of processor’s properties, the most appropriate one was chosen. This processor was then used in a tool that, using the web technologies, generates a report in a form of interactive web page. The thesis also mentions the installation and operation of the created JMeter software plug-in. The diploma thesis describes the whole process of the development of the plug-in.
|
76 |
Automatická mitigace DDoS útoku / Automation of DDoS Attack MitigationNagy, Peter January 2018 (has links)
The aim of this thesis is automation of DDoS attack mitigation. This thesis provides an overview of GNU/Linux network platforms and different approaches for their configuration. The aim is to select a platform that could be extended to automate DDoS mitigation. DDoS attack types are explained as well. Selected methods for DDoS mitigation are described in more detail such as Remote Triggered Black Hole and BGP Flowspec. Existing tools like DDoS Defender and FastNetMon are used to detect a DDoS attack. NETX was chosen as target implementation platform. To communicate with devices, API or BGP protocol with Flowspec extension are used.
|
77 |
Modelování a detekce útoku SlowDrop / Modeling and detection of SlowDrop attackMazánek, Pavel January 2020 (has links)
The work's main topic is a recently published slow DoS attack called SlowDrop. The work focuses on the subject of describing the current state of the DoS problem as a whole and the SlowDrop attack as well. It works with this theoretical basis during the implementation of it's own SlowDrop attack model. This model is tested in various scenarios and the outcome results are analyzed and constructively discussed. Furthermore defensive mechanisms against this threat and DoS attacks in general are proposed, specific methods shown and configurations recommended. These methods are followingly tested and evaluated. Last but not least the traffic of a SlowDrop attacker and a legitimate client with bad connection, which the SlowDrop attack is trying to immitate, are compared. From this comparison final conclusions of this work are drawn.
|
78 |
Detekce útoku SlowDrop / SlowDrop attack detectionNáčin, Peter January 2021 (has links)
The diploma thesis is focused on the detection of a slow DoS attack named SlowDrop. The attack tries to imitate a legitimate person with a slow internet connection and does not show a new strong signature, so the attack is difficult to detect. The diploma thesis is based on the work of Ing. Mazanek in which the SlowDrop attack script was created. At the theoretical level, the issue of DoS attacks is described in general, but also in particular. Furthermore, the work develops methods for solving the problem of SlowDrop attack detection. The methods are then defined in detail and tested in a simulation environment. The practical part describes data analysis, signature detection, anomaly detection using neural networks and a detection script. In all practical parts, the used technologies and solution procedures are described in detail. The specific implementation of the solution and the achieved results are also presented. Finally, the individual results are evaluated, compared individually, but also among themselves. The obtained results show that the attack is detectable using a neural network and by created detection script.
|
79 |
Proxy servery v síti Internet / Proxy servers in InternetHenek, Jan January 2016 (has links)
The goal of this paper is to analyze the representation of proxy servers in cyber attacks conducted by Internet. For this purpose I used method which compares tested IP address with database of open proxy servers. I assembled a list of IP address taken from the blacklist of cyber attacks committed in 2015. Then I checked this list with the created program Proxy checker and compared them with a database of open proxy servers. By measurement I demonstrate the inefficacy of this method for reverse detection of proxy servers in the IP list of past attacks.
|
80 |
Detekce anomálií síťového provozu / Network Anomaly DetectionLieskovan, Tomáš January 2017 (has links)
This semester project presents an analysis of network traffic and detection of anomalies in network traffic by several various means. In the first part of the paper there is an explanation of the methods aiming at denial of service. Then in the second part an implementation of protection by means of selected solutions is presented. The intent is to compare these means which are supposed to detect cyber attacks aiming at denial of service. Another intent is to choose the best solutions from the categories of open-source and commercial solutions. The target of the master thesis was to work out a comparison between actual solutions for detection of DoS and DDoS attacks.
|
Page generated in 0.0484 seconds