Global ETD Search

1	Laboratorní úloha CISCO Security / CISCO security laboratory exercise Švec, Martin January 2009 (has links) The main purpose of this diploma thesis is to become familiar with the principles and technical solutions regarding security components of Cisco company and configure assigned system according to valid rules of security. In introduction are explained the reasons for networks security solutions. This work also analyses different kinds of security weaknesses which include deficiencies of networks protocols and also the attacks from hackers. The principle of firewall is described and also its particular types. This work is focused on explanation and classification of PIX firewall, which has dominant role in the field of network security. The other equipments of Cisco, which are improving the level of security, are also mentioned. The practical part of this diploma thesis is composed of networks connections and configuration of system consisting of router, PIX firewall and switch. It also includes the detailed procedure and description of configuration of network equipments. The focus is put on minimalization of threats and elimination of DoS attacks.
2	Denial of service detection using dynamic time warping Diab, D.M., AsSadhan, B., Binsalleeh, H., Lambotharan, S., Kyriakopoulos, K.G., Ghafir, Ibrahim 18 April 2021 (has links) Yes / With the rapid growth of security threats in computer networks, the need for developing efficient security‐warning systems is substantially increasing. Distributed denial‐of‐service (DDoS) and DoS attacks are still among the most effective and dreadful attacks that require robust detection. In this work, we propose a new method to detect TCP DoS/DDoS attacks. Since analyzing network traffic is a promising approach, our proposed method utilizes network traffic by decomposing the TCP traffic into control and data planes and exploiting the dynamic time warping (DTW) algorithm for aligning these two planes with respect to the minimum Euclidean distance. By demonstrating that the distance between the control and data planes is considerably small for benign traffic, we exploit this characteristic for detecting attacks as outliers. An adaptive thresholding scheme is implemented by adjusting the value of the threshold in accordance with the local statistics of the median absolute deviation (MAD) of the distances between the two planes. We demonstrate the efficacy of the proposed method for detecting DoS/DDoS attacks by analyzing traffic data obtained from publicly available datasets. / The Deanship of Scientific Research, King Saud University. The Gulf Science, Innovation, and Knowledge Economy Programme of the U.K. Government Denial of Service Computer networks DoS attacks Dynamic time warping
3	Simulative Evaluation of Security Monitoring Systems based on SDN Stagkopoulou, Alexandra January 2016 (has links) Software Defined Networks (SDN) constitute the new communication paradigm ofprogrammable computer networks. By decoupling the control and date plane the networkmanagement is easier and more flexible. However, the new architecture is vulnerable to anumber of security threats, which are able to harm the network. Network monitoringsystems are pivotal in order to protect the network. To this end, the evaluation of a networkmonitoring system is crucial before the deployment of it in the real environment. Networksimulators are the complementary part of the process as they are necessary during theevaluation of the new system’s performance at the design time. This work focuses on providing a complete simulation framework which is able to(i) support SDN architectures and the OpenFlow protocol, (ii) reproduce the impact ofcyber and physical attacks against the network and (iii) provide detection and mitigationtechniques to address Denial-of-Service (DoS) attacks. The performance of the designedmonitoring system will be evaluated in terms of accuracy, reactiveness and effectiveness.The work is an extension of INET framework of OMNeT++ network simulator. / Software Defined Networks (SDN) utgör den nya kommunikationsmodellen av programmerbara datornätverk. Genom separation av kontroll- och dataplanet blir administrativ hantering av datornätverk enklare och flexiblare. Arkitekturen öppnar emellertid upp nya säkerthets hot, övervakningssystem är därför väsentliga för att skydda datornätverk. Till följd av detta är utvärdering av övervakningssystem kritiskt innan driftsättning i produktionsmiljö. Nätverkssimulatorer är den kompletterande delen i processen då de är nödvändiga för utvärdering av systemets prestanda under design fasen. Detta arbete fokuserar på att tillföra ett komplettet simulations ramverk vilket är kapabelet till; (i) ge stöd för SDN arkitekturer och OpenFlow protokollet, (ii) reproducera skadegörelsen av cyber- och fysiska attacker mot datornäterk och (iii) förse sätt att upptäcka och mildra Denial-of-Service (DoS) attacker. Prestanda av det designade övervakningssystemet är utvärderat i form av exakthet, responstid och effektivitet. Arbetet är en utvidgning av INET ramverket, som är del av OMNeT++ network simulator. Communication Systems Kommunikationssystem
4	Micro-architectural Threats to Modern Computing Systems Inci, Mehmet Sinan 17 April 2019 (has links) With the abundance of cheap computing power and high-speed internet, cloud and mobile computing replaced traditional computers. As computing models evolved, newer CPUs were fitted with additional cores and larger caches to accommodate run multiple processes concurrently. In direct relation to these changes, shared hardware resources emerged and became a source of side-channel leakage. Although side-channel attacks have been known for a long time, these changes made them practical on shared hardware systems. In addition to side-channels, concurrent execution also opened the door to practical quality of service attacks (QoS). The goal of this dissertation is to identify side-channel leakages and architectural bottlenecks on modern computing systems and introduce exploits. To that end, we introduce side-channel attacks on cloud systems to recover sensitive information such as code execution, software identity as well as cryptographic secrets. Moreover, we introduce a hard to detect QoS attack that can cause over 90+\% slowdown. We demonstrate our attack by designing an Android app that causes degradation via memory bus locking. While practical and quite powerful, mounting side-channel attacks is akin to listening on a private conversation in a crowded train station. Significant manual labor is required to de-noise and synchronizes the leakage trace and extract features. With this motivation, we apply machine learning (ML) to automate and scale the data analysis. We show that classical machine learning methods, as well as more complicated convolutional neural networks (CNN), can be trained to extract useful information from side-channel leakage trace. Finally, we propose the DeepCloak framework as a countermeasure against side-channel attacks. We argue that by exploiting adversarial learning (AL), an inherent weakness of ML, as a defensive tool against side-channel attacks, we can cloak side-channel trace of a process. With DeepCloak, we show that it is possible to trick highly accurate (99+\% accuracy) CNN classifiers. Moreover, we investigate defenses against AL to determine if an attacker can protect itself from DeepCloak by applying adversarial re-training and defensive distillation. We show that even in the presence of an intelligent adversary that employs such techniques, DeepCloak still succeeds. cloud security DoS attacks machine learning mobile security side-channel attacks
5	Defending MANETs against flooding attacks by detective measures Guo, Yinghua January 2008 (has links) Mobile ad hoc networks (MANETs), due to their unique characteristics (e.g., unsecured wireless channel, dynamic mobility, absence of central supportive infrastructure and limited resources), are suffering from a wide range of security threats and attacks. Particularly, MANETs are susceptible to the Denial of Service (DoS) attack that aims to disrupt the network by consuming its resources. In MANETs, a special form of DoS attack has emerged recently as a potentially major threat: the flooding attack. This attack recruits multiple attack nodes to flood the MANET with overwhelming broadcast traffic. This flooding traffic is so large that all, or most of, MANET resources are exhausted. As a result, the MANET is not able to provide any services. This thesis aims to investigate the flooding attack and propose detective security measures to defend MANETs against such an attack. Computer Communications Networks Ad hoc networks NANET DoS attacks Intrusion detection
6	A study of slow denial of service mitigation tools and solutions deployed in the cloud Larsson, Niklas, Ågren Josefsson, Fredrik January 2019 (has links) Slow rate Denial of Service (DoS) attacks have been shown to be a very effective way of attacking vulnerable servers while using few resources. This thesis investigates the effectiveness of mitigation tools used for protection against slow DoS attacks, specifically slowheader and slow body. Finally, we propose a service that cloud providers could implement to ensure better protection against slow rate DoS attacks. The tools studied in this thesis are, a Web Application firewall, a reverse proxy using an event-based architecture and Amazon’s Elastic Load Balancing. To gather data a realistic HTTP load script was built that simulated load on the server while using probe requests to gather response time data from the server. The script recorded the impact the attacks had for each server configuration.The results show that it’s hard to protect against slow rate DoS attacks while only using firewalls or load balancers. We found that using a reverse proxy with an event-based architecture was the best way to protect against slow rate DoS attacks and that such a service would allow the customer to use their server of choice while also being protected. slowloris slow post slow body slow rate DoS slow rate denail of service attack DoS attacks slow rate dos mitigation apache nginx aws elastic load balancer Computer Engineering Datorteknik
7	Recovery From DoS Attacks In MIPv6 : Modelling And Validation Kumar, Manish C 03 1900 (has links) Denial-of-Service (DoS) attacks form a very important category of security threats that are possible in MIPv6 (Mobile Internet Protocol version 6). This thesis proposes a scheme for participants (Mobile Node, Home Agent, and Correspondent Node) in MIPv6 to recover from DoS attacks in the event of any of them being subjected to a DoS attack. We propose a threshold based scheme for participants in MIPv6 to detect presence of DoS attacks and to recover from DoS attacks in the event of any of them being subjected to a DoS attack. This is achieved using an infrastructure for MIPv6 that makes such a solution practical even in the absence of IPsec infrastructure. We propose a protocol that uses concepts like Cryptographically Generated Addresses (CGA), short-term IP addresses using a Lamport hash like mechanism and a hierarchy based trust management infrastructure for key distribution. However, reasoning about correctness of such protocols is not trivial. In addition, new solutions to mitigate attacks may need to be deployed in the network on a frequent basis as and when attacks are detected, as it is practically impossible to anticipate all attacks and provide solutions in advance. This makes it necessary to validate solutions in a timely manner before deployment in real network. However, threshold schemes needed in group protocols make analysis complex. Model checking threshold-based group protocols that employ cryptography have been not successful so far. The testing in a real network or a test bed also will not be feasible if faster and frequent deployment of DoS mitigation solutions is needed. Hence, there is a need for an approach that lies between automated/manual verification and an actual implementation. It is evident from existing literature that not many simulations for doing security analysis of MIP/MIPv6 have been done. This research is a step in that direction. We propose a simulation based approach for validation using a tool called FRAMOGR [40] that supports executable specification of group protocols that use cryptography. FRAMOGR allows one to specify attackers and track probability distributions of values or paths. This work deals with simulation of DoS attacks and their mitigation solutions for MIP in FRAMOGR. This makes validation of solutions possible without mandating a complete deployment of the protocol to detect vulnerabilities in a solution. This does away with the need for a formal theoretical verification of a DoS mitigation solution. In the course of this work, some DoS attacks and recovery mechanisms are simulated and validated using FRAMOGR. We obtained encouraging results for the performance of the detection scheme. We believe that infrastructure such as FRAMOGR would be required in future for validating new group based threshold protocols that are needed for making MIPv6 more robust. Mobile Internet Protocol Computer Access Control Computer Security FRAMOGR Denial-of-Service (DoS) Attacks Communication Engineering
8	New cryptanalysis and modelling for wireless networking Alzaabi, Mohamed Abdulla Hasan Saif January 2015 (has links) High data rates and interoperability of vender devices have made WiMAX a prime desire for use worldwide. WiMAX is based on the IEEE 802.16 standard. IEEE 802.16a, b, c & d versions were updated within three years of the first launch of WiMAX. However, during those early years reports were published that highlighted the security weaknesses of the standard. These weaknesses prompted the IEEE to issue a new version, 802.16e to tackle the security issues. Despite this security enhancement, WiMAX remains vulnerable. This research project looks at the vulnerability of WiMAX 802.16e Subscriber Station/Mobile Station authentication at the initial entry and proposes approaches to the prevention of Denial of Service (DoS) attacks at this point in order to secure the Media Access Control (MAC) layer from such threats. A new protocol has been designed and developed to provide confidentiality, authentication and integrity to WiMAX users. This new protocol is integrated with Z algorithm (an algorithm described later in this paper) to provide: • Confidentiality of management messages • Message Authentication code • ID to provide for message integrity and user authentication. A simulation package was also required, to prove that a linear load of DoS attack would disable or exhaust the capacity of the base station of a WiMAX network, as well as providing other simulation functions. The freely available simulation tool NIST (NIST IPSec (Internet Protocol Security) and IKE (Internet Key Exchange) Simulation) is oriented towards fixed network communications (NIIST, 2003). There are no other relevant simulation tools; hence the purpose of this research project is to develop a new tool to simulate WiMAX security vulnerabilities and test the new protocol. 004.6
9	Detekce slow-rate DDoS útoků / Detection of slow-rate DDoS attacks Sikora, Marek January 2017 (has links) This diploma thesis is focused on the detection and protection against Slow DoS and DDoS attacks using computer network traffic analysis. The reader is introduced to the basic issues of this specific category of sophisticated attacks, and the characteristics of several specific attacks are clarified. There is also a set of methods for detecting and protecting against these attacks. The proposed methods are used to implement custom intrusion prevention system that is deployed on the border filtering server of computer network in order to protect Web servers against attacks from the Internet. Then created system is tested in the laboratory network. Presented results of the testing show that the system is able to detect attacks Slow GET, Slow POST, Slow Read and Apache Range Header and then protect Web servers from affecting provided services.

Search results