131 |
Mobilní asistent pro cestování MHD / Mobile Public Transportation AssistantTůma, Jan January 2017 (has links)
This thesis is a documentation covering complete design and implementation of a mobile public transportation assistant for Brno. The resulting solution consists of a mobile application and a server part. The mobile application allow user with actual position of public transport vehicles and positon of smart device navigate and determine optimal route. The server part includes web service for client-server communication.
|
132 |
Specifické metody detekce anomálií v bezdrátových komunikačních sítích / Specific anomaly detection methods in wireless communication networksHolasová, Eva January 2020 (has links)
The diploma thesis is focuses on technologies and security of the wireless networks in standard IEEE 802.11, describes the most used standards, definition of physical layer, MAC layer and specific technologies for wireless networks. The diploma thesis is focused on description of selected security protocols, their technologies as well as weaknesses. Also, in the thesis, there are described security threats and vectors of attacks towards wireless networks 802.11. Selected threats were simulated in established experimental network, for these threats were designed detection methods. For testing and implementing designed detection methods, IDS system Zeek is used together with network scripts written in programming language Python. In the end there were trained and tested models of machine learning both supervised and unsupervised machine learning.
|
133 |
Monitorování provozu sítě pomocí dlouhodobě pracujícího analyzátoru / Network Traffic Monitoring using Long Working AnalyserGilík, Aleš January 2015 (has links)
This diploma thesis is focused on network monitoring. The theoretical part describes using of detection and prevention systems, properties of these systems, their components and detection techniques. Next part of the thesis is focused on EndaceProbe analyzer and analytic application EndaceVision. Also web services, programming language WSDL and protocol SOAP are described. The practical part is focused on creating three laboratory exercises for network monitoring and for using EndaceProbe. Components of the exercises are the traffic generator IXIA and Cisco switches with the application of remote switched port analyzer. There are also used web services EndaceProbe, programming language WSDL and SOAP protocol.
|
134 |
Detekce útoků na WiFi sítě pomocí získávaní znalostí / Wireless Intrusion Detection System Based on Data MiningDvorský, Radovan January 2014 (has links)
Widespread use of wireless networks has made security a serious issue. This thesis proposes misuse based intrusion detection system for wireless networks, which applies artificial neural network to captured frames for purpose of anomalous patterns recognition. To address the problem of high positive alarm rate, this thesis presents a method of applying two artificial neural networks.
|
135 |
A Performance Analysis of Intrusion Detection with Snort and Security Information Management / En Prestandaanalys av Intrångsdetektering med Snort och Hantering av SäkerhetsinformationThorarensen, Christian January 2021 (has links)
Network intrusion detection systems (NIDSs) are a major component in cybersecurity and can be implemented with open-source software. Active communities and researchers continue to improve projects and rulesets used for detecting threats to keep up with the rapid development of the internet. With the combination of security information management, automated threat detection updates and widely used software, the NIDS security can be maximized. However, it is not clear how different combinations of software and basic settings affect network performance. The main purpose in this thesis was to find out how multithreading, standard ruleset configurations and near real-time data shipping affect Snort IDS’ online and offline performance. Investigations and results were designed to guide researchers or companies to enable maximum security with minimum impact on connectivity. Software used in performance testing was limited to Snort 2.9.17.1-WIN64 (IDS), Snort 3.1.0.0 (IDS), PulledPork (rule management) and Open Distro for Elasticsearch (information management). To increase the replicability of this study, the experimentation method was used, and network traffic generation was limited to 1.0 Gbit/s hardware. Offline performance was tested with traffic recorded from a webserver during February 2021 to increase the validity of test results, but detection of attacks was not the focus. Through experimentation it was found that multithreading enabled 68-74% less runtime for offline analysis on an octa-thread system. On the same system, Snort’s drop rate was reduced from 9.0% to 1.1% by configuring multiple packet threads for 1.0 Gbit/s traffic. Secondly, Snort Community and Proofpoint ET Open rulesets showed approximately 1% and 31% dropped packets, respectively. Finally, enabling data shipping services to integrate Snort with Open Distro for Elasticsearch (ODFE) did not have any negative impact on throughput, network delay or Snort’s drop rate. However, the usability of ODFE needs further investigation. In conclusion, Snort 3 multithreading enabled major performance benefits but not all open-source rules were available. In future work, the shared security information management solution could be expanded to include multiple Snort sensors, triggers, alerting (email) and suggested actions for detected threats.
|
136 |
Hledání regulárních výrazů s využitím technologie FPGA / Fast Regular Expression Matching Using FPGAKaštil, Jan January 2008 (has links)
The thesis explains several algorithms for pattern matching. Algorithms work in both software and hardware. A part of the thesis is dedicated to extensions of finite automatons. The second part explains hashing and introduces concept of perfect hashing and CRC. The thesis also includes a suggestion of possible structure of a pattern matching unit based on deterministic finite automatons in FPGA. Experiments for determining the structure and size of resulting automatons were done in this thesis.
|
137 |
Evaluating the efficiency of Host-based Intrusion Detection Systems protecting web applicationsWillerton, Adam, Gustafsson, Rasmus January 2022 (has links)
Background. Web applications are a more significant part of our digital experience, and the number of users keeps continuously growing. Social media alone accounts for more than half of the world’s population. Therefore these applications have become a lucrative target for attackers, and we have seen several attacks against them. One such example saw attackers manage to compromise a twitter account [15], leading to false information being published, causing the New York stock exchange to drop 150 points, erasing 136 billion dollars in equity market value. There are methods to protect web applications, such as web application firewalls or content security policies. Still, another candidate for defending these applications is Host-based Intrusion Detection Systems (HIDS). This study aims to assess the efficiency of these HIDS when defending against web applications. Objectives. The main objective of the thesis is to create an efficiency evaluating model for a HIDS when protecting web applications. Additionally, we will test two open-source HIDS against web applications built to emulate a vulnerable environment and measure these HIDS efficiencies with the model mentioned above. Methods. To reach the objectives of our thesis, a literature review regarding what metrics to evaluate the efficiency of a HIDS was conducted. This allowed us to construct a model for which we evaluated the efficiency of our selected HIDS. In this model, we use 3 categories, each containing multiple metrics. Once completed, the environment hosting our vulnerable applications and their HIDS was set up, followed by the attacks of the applications. The data generated by the HIDS gave us the data required to make our efficiency evaluation which was performed through the lens of the previously mentioned model. Results. The result shows a low overall efficiency from the two HIDS when regarding the category attack detection. The most efficient of the two could be determined. Of the two evaluated, Wazuh and Samhain; we determined Wazuh to be the more efficient HIDS. We identified several components required to improve their attack detection. Conclusions. Through the use of our model, we concluded that the HIDS Wazuh had higher efficiency than the HIDS Samhain. However both HIDS had low performances regarding their ability to detect attacks. Some specific components need to be implemented within these systems before they can reliably be used for defending web applications.
|
138 |
Secure Self-Reconfiguring Services to Mitigate DoS AttacksZeller, Silvan January 2019 (has links)
Protecting web services from cyber attacks is a complex problem requiring many layers of defense and mitigation strategies. Out of the diverse range of attacks, denial of service (DoS) attacks on the business logic – or the domain – are poorly studied and no widely accepted general-purpose software product to prevent these attacks exists today. At the same time, in light of the growing importance of e-commerce, defense mechanisms should be designed in a way to be self-reconfiguring, as manual reconfiguration does not scale well. In this work, a rule-based intrusion detection system (IDS) is proposed which logs the behaviour of each user and decides upon a service level based on past behaviour. The implementation is achieved by applying runtime verification (RV), a lightweight formal method which can be utilized to observe traces of user behaviour in real time. The applicability of this approach is measured by means of conducting experiments on a web service, a mock-up hotel chain which grants three different service levels for users based on their individual trust rating. Synthetic traces of bookings and cancellations are issued to account for the detection rate of the IDS and the efficacy of its mitigation strategy. The results indicate that RV is a viable approach for creating a rule-based IDS. The IDS may be tuned to attain a high detection rate of more than 95% while preserving a low false positive rates of less than 3%. Furthermore, attacks are mitigated by changing the business rules for users who have been identified as being malicious, resulting in an increased occupancy of the hotel. Lastly, RV is shown to be significantly more scalable and expressive than regular formal methods, such as model checking. Even though the results seem promising, testing the system on real traces and possibly with varying thresholds remains future work. / Att skydda webbtjänster från cyberattacker är ett komplicerat problem som kräver många lager av försvarsoch lindringsstrategier. Av det olika utbudet av attacker, denial of service attacker (DoS) på affärslogiken – eller domänen – undersöks sällan och ingen allmän accepterad mjukvara för att förhindra dessa attacker finns idag. Samtidigt, mot bakgrund av den växande betydelsen av e-handel, bör förvarsmekanismer utformas för att vara självkonfigurerande, eftersom manuell omkonfigurering inte är skalbart. I detta arbete föreslås ett regelbaserat intrusion detection system (IDS) som loggar varje användares beteende och beslutar om en servicenivå baserad på tidigare beteenden. Implementeringen uppnås genom att använda runtime verification (RV), en lättviktig formell metod som kan användas för att observera spår av användarbeteende i realtid. Tillämpningen av denna metod mäts med hjälp av experiment på en webbtjänst, en mock-up hotellkedja som ger tre olika servicenivåer för användare baserat på deras individuella förtroendevärdering. Syntetiska spår av bokningar och avbokningar används för att redovisa IDS:s detektionsgrad och effektiviteten i dess lindringsstrategi. Resultaten indikerar att RV är ett genomförbart tillvägagångssätt för att skapa ett regelbaserat IDS. Systemet kan vara inställt för att uppnå en hög detektionsgrad på mer än 95% och bevarar samtidigt en låg falsk positiv nivå på mindre än 3%. Dessutom mildras attackerna genom att ändra affärsreglerna för användare som har identifierats som skadliga, vilket resulterar i en ökad beläggning hos hotellet. Slutligen visas RV vara betydligt mer skalbar och uttrycksfull än vanliga formella metoder, till exempel model checking. Även om resultaten verkar lovande, återstår testning av systemet på riktiga spår och eventuellt med olika trösklar som framtida arbete.
|
139 |
Differentiation in Practice? A Study on what Challenges English Teachers Face in Applying DifferentiationNy, Sandy, Amouri, Laila January 2023 (has links)
Differentiation concerns teachers’ strategies and methods to design teaching in response to the natural variation in heterogeneous classrooms. In this study, it is looked upon as a method of inclusion in English teaching to enhance the students’ learning regardless of their levels. The present study aims at exploring teachers’ experiences of working with differentiation in the English upper secondary classroom, in order to discuss strategies that are used, challenges that are faced, and outcomes that are noticed when applying differentiation. Six teachers of English in different schools were interviewed to obtain their experiences. The data was collected via semi-structured interviews and the participant’s answers were analysed and categorised into various themes. Although the results revealed that the participants utilized differentiated teaching to meet the students' different learning styles and interests, all participants described teaching English in heterogeneous classrooms as a challenge. They referred to the outcomes of applying differentiation and how it can have an impact on students’ individualized learning. According to all the participants in this pilot study, the most effective solution to manage heterogeneous classrooms is applying differentiation. Nevertheless, they all agreed that there is no simple way of applying it and teachers can choose different contents and methods for teaching English to help students reach their learning objectives.
|
140 |
A novel intrusion detection system (IDS) architecture. Attack detection based on snort for multistage attack scenarios in a multi-cores environment.Pagna Disso, Jules F. January 2010 (has links)
Recent research has indicated that although security systems are developing,
illegal intrusion to computers is on the rise. The research conducted here
illustrates that improving intrusion detection and prevention methods is
fundamental for improving the overall security of systems.
This research includes the design of a novel Intrusion Detection System (IDS)
which identifies four levels of visibility of attacks. Two major areas of security
concern were identified: speed and volume of attacks; and complexity of
multistage attacks. Hence, the Multistage Intrusion Detection and Prevention
System (MIDaPS) that is designed here is made of two fundamental elements:
a multistage attack engine that heavily depends on attack trees and a Denial of
Service Engine. MIDaPS were tested and found to improve current intrusion
detection and processing performances.
After an intensive literature review, over 25 GB of data was collected on
honeynets. This was then used to analyse the complexity of attacks in a series
of experiments. Statistical and analytic methods were used to design the novel
MIDaPS.
Key findings indicate that an attack needs to be protected at 4 different levels.
Hence, MIDaPS is built with 4 levels of protection. As, recent attack vectors use
legitimate actions, MIDaPS uses a novel approach of attack trees to trace the
attacker¿s actions. MIDaPS was tested and results suggest an improvement to
current system performance by 84% whilst detecting DDOS attacks within 10
minutes.
|
Page generated in 0.0277 seconds