Global ETD Search

1	En jämförelse av skyddsmetoder vid en TCP SYN-Flood-attack / A comparison of protection methods at a TCP SYN-Flood attack Bilger, Mattias January 2018 (has links) Syftet med studien är att undersöka hur processor-, minnesanvändning och responstid påverkas vid en Distributed Denial-of-Service (DDoS) attack av typen TCP SYN-Flood. För att testa detta används metoderna Baseline (utan SYN-Cookies), Mod_Evasive, Suricata samt SYN-Cookies. Delar av resultatet går att jämföra med tidigare forskning vad beträffar metoden SYN-Cookies med processoranvändning och responstid, för övriga metoder har det ej gått att hitta någon forskning som påvisar resursanvändning och responstid över tid. Studien kan hjälpa organisationer och myndigheter att göra ett informerat val av skydd mot en TCP SYN-Flood-attack beträffande processor-, minnesanvändning och responstid. Resultaten av studien visar att Mod_Evasive använder lägst processor-, minnesanvändning och har lägst responstid av skyddsmetoderna. ddos syn-flood syn flood Other Computer and Information Science Annan data- och informationsvetenskap
2	Výkonnostní a bezpečnostní testy síťových aplikací / Performance and security testing of network applications Matej, Michal January 2013 (has links) The aim of this Master's thesis is to design and to implement the security test in considering a resistance of the device under test to the effects of the distributed denial of service attack DDoS SYN Flood. After processing the test results is developed a protocol about security test of the device under test. In this thesis are tested two devices, namely CISCO ASA5510 firewall and a server with the specified name Server. The theoretical part of the thesis discusses the primary types of network attacks such as reconnaissance, gain access and denial of service attacks. Explained the concept of DoS and its principle, further types of DoS attacks and distributed denial of service attacks DDoS.
3	Filtrování a agregace síťového provozu / Filtering and aggregation of network traffic Zubov, Artem January 2017 (has links) V této práci jsou zkoumaní základní principy odporů servisních útoků, nejběžnějších typů a účelu použití. Popsané dostupné techniky zmírnění různých typu útoků, nástrojů a přístupů v operačních systémech postavených na Linuxu. Nakonfigurován filtrcni server a pro účely testování simulovan SYN Flood, UDP Flood a ICMP Flood útoky. Bylo zjištěno, vhodne techniky vyrovnání tehto druhu útoku a realizováné příslušna konfigurace filtrování.
4	Odolnost komunikační jednotky LAN proti útokům z Internetu / LAN communication unit resistivity against Internet origination attacks Valach, Michal January 2009 (has links) This thesis is focused on crypto-module RCM 3700, which is used for encrypted data transmission. Following work analyses basic network protocols and some sort of attacks in Ethernet network. The main goal of these attacks is to collect information and services about the device and to analyze transmitted data. Based on these information attacks can be done more precisely than without them. The main target of these attacks is the denial of particulary service or data abuse. Furthermore, in the diploma thesis configuration of router CISCO 2801 is applied in order to improve the LAN security. The deveploment board, which includes reset function, supplied circuit and interface for RS 232, was designed for crypto-module RCM 3700.
5	DDoS: Ett evolverande fenomen / DDoS: An evolving phenomenon Andersson, Emil January 2012 (has links) Internetfenomenet ”Distributed Denial of Service”, förkortat DDoS, beskrivs ofta som ett av destörsta hoten mot Internet idag. Genom att utnyttja den grundläggande strukturen i kommunikationmellan nätverk och datorer kan kriminella blockera och stänga ute webbplatser och -tjänster frånanvändare, samtidigt som det är mycket svårt för offret och myndigheter att någonsin identifieraden eller de skyldiga. Enorma globala nätverk av ovetande människors infekterade datorer fjärrstyrstill att utföra angrepp mot alla sorters organisationer på Internet med olika motiv, som finansiella,politiska eller för ren vandalism. Syftet med det här arbetet är att göra en dagsaktuell kartläggningöver läget kring DDoS-angrepp och titta på statistik över de mest förekommande angreppstyperna,och se om den nyare publicerade forskningen kan svara på de pågående och framträdande trendersom kan ses. Sex forskningsartiklar väljs ut att jämföra med dessa trender för att se var merforskning krävs. Resultatet visar att forskningen kring försvar mot HTTP-GET-angrepp är bristande,samt att den framträdande trenden där angreppen allt oftare använder sig av olika angreppstypersamtidigt inte har undersökts. Mer öppen forskning bör riktas mot dessa bristande områden. / The Internet phenomenon ”Distributed Denial of Service”, in short DDoS, is often said to be one ofthe greatest threats to the Internet today. By abusing the foundation of inter-network and computercommunication, criminals can block and shut out websites and services from users while making itvery hard for the victim and the authorities to ever identify who was behind it. Enormous globalnetworks made up of unknowing peoples' infected computers can be remotely controlled to conductattacks against all sorts of organisations on the Internet with different motives, from financial orpolitic to sheer vandalism. The purpose of this study is to create an up-to-date mapping of thesituation of DdoS-attacks and look at statistics of the most prevalent attack types, and to check ifnewly published research can answer the current and emerging trends that can be seen. Six researcharticles are chosen to compare with these trends to see where more research is required. The resultsshow that the research around defense against HTTP-GET-attacks is lacking, and that the emergenttrend of DDoS-attacks that make use of more than one attack type at the same time has not beenexamined. More open research should be directed to these lacking areas. DDoS DoS Distributed Denial of Service Denial of Service HTTP-GET-DoS TCP-SYN-Flood Engineering and Technology Teknik och teknologier
6	Evaluation of the CSF Firewall / Utvärdering av CSF brandväggen Mudhar, Ahmad January 2013 (has links) The subject of web server security is vast, and it is becoming bigger as time passes by. Every year, researches, both private and public, are adding to the number of possible threats to the security of web servers, and coming up with possible solutions to them. A number of these solutions are considered to be expensive, complex, and incredibly time-consuming, while not able to create the perfect web to challenge any breach to the server security. In the study that follows, an attempt will be made to check whether a particular firewall can ensure a strong security measure and deal with some security breaches or severe threat to an existing web server. The research conducted has been done with the CSF Firewall, which provides a suit of scripts that ensure a portal’s security through a number of channels. The experiments conducted under the research provided extremely valuable insights about the application in hand, and the number of ways the CSF Firewall can help in safety of a portal against Secured Shell (SSH) attacks, dedicated to break the security of it, in its initial stages. It further goes to show how simple it is to actually detect the prospective attacks, and subsequently stop the Denial of Service (DoS) attacks, as well as the port scans made to the server, with the intent of breaching the security, by finding out an open port. By blocking the IP Addresses of the attackers dedicated to such an act, preventing them from creating nuisance, the CSF Firewall has been able to keep alien intrusions away from the server. It also aids in creating a secure zone for the server, to continue smoothly, while alerting the server administrators of the same, and gives them an opportunity to check those threatening IPs, and the time of attack, makes sure that the server administrators stay alert in the future, and is able to keep an eye on such attacks. In doing this, the experiment adds valuable data in the effective nature of the CSF Firewall. CSF Firewall Iptables Firewall Web server Security SPI Configserver Security & Firewall SYN-flood DoS attack Port Scan Exploit checks Firewall notifications SSH attacks Computer Sciences Datavetenskap (datalogi)
7	Upptäckandet av säkerhetshot i privata nätverk : Hur du skyddar ditt hemnätverk Alkamha, Saaid, Ahmadi, Alireza January 2023 (has links) På grund av Covid 19 har de flesta människor valt att jobba hemifrån och de flesta hushåll har en accesspunkt som möjliggör kommunikation mellan flera enheter. Attacker mot Wi-Fi accesspunkter har ökat under de senaste åren på grund av sårbarheter som kan finnas i accesspunkten. När en sårbar väg hittas i accesspunkt kan detta ledda till att angriparen använder den sårbara vägen för att göra ett intrång och skada en eller flera enheter i hemnätverket och även företagens enheter. Teknikens framsteg har hjälpt oss att implementera flera säkerhetsåtgärder som kan skydda accesspunkten vid intrångsförsök. Syftet med detta arbete är att lägga fokus på att ge rätt kunskap för nya nätverkstekniker för att öka medvetenhet inom säkerheten i hemnätverk. Målet med detta examensarbete är att ge en djupare kunskap för nya nätverkstekniker för att kunna förhindra eller minimera attacker som orsakas av sårbarheter i ett hemnätverk med Wi-Fi accesspunkt och ta fram en rutin för hur det ska skyddas. Efter vi har identifierat en mängd attacker och själva utfört dem, visade resultatet att det var lätt att manipulera en sårbar accesspunkt med de valda attacksverktygen i detta arbete och experimenten har påvisat oss vikten av att implementera rätt säkerhetsåtgärder och hur väl de skyddar accesspunkten mot ett intrångsförsök. / Due to Covid 19, most people have chosen to work from home and most households have an access point that enables communication between several devices. Attacks against Wi-Fi access points have increased in recent years due to vulnerabilities that may exist in the access point. When a vulnerable path is found in the access point, this can lead to the attacker using the vulnerable path to breach and damage one or more devices in the home network and even corporate devices. Advances in technology have helped us implement several security measures that can protect the access point in case of intrusion attempts. The purpose of this work is to focus on providing the right knowledge for new network technicians to increase awareness in home network security. The goal of this thesis is to provide a deeper knowledge for new network technicians to be able to prevent or minimize attacks caused by vulnerabilities in a home network with a Wi-Fi access point and develop a routine for how to protect it. After we have identified several attacks and performed it ourselves, the result showed that it was easy to manipulate a vulnerable access point with the selected attack tools in this work and the experiments have shown us the importance of implementing the right security measures and how well they protect the access point against an intrusion attempt. WPA2 accesspunkt sårbarheter trådlös säkerhet trådlösa nätverk brute force deauth-DoS attack SYN flood DoS attack Communication Systems Kommunikationssystem Computer Systems Datorsystem
8	Detekce síťových útoků pomocí nástroje Tshark / Detection of Network Attacks Using Tshark Dudek, Jindřich January 2018 (has links) This diploma thesis deals with the design and implementation of a tool for network attack detection from a captured network communication. It utilises the tshark packet analyser, the meaning of which is to convert the input file with the captured communications to the PDML format. The objective of this conversion being, increasing the flexibility of input data processing. When designing the tool, emphasis has been placed on the ability to expand it to detect new network attacks and on integrating these additions with ease. For this reason, the thesis also includes the design of a complex declarative descriptions for network attacks in the YAML serialization format. This allows us to specify the key properties of the network attacks and the conditions for their detection. The resulting tool acts as an interpreter of proposed declarative descriptions allowing it to be expanded with new types of attacks.

Search results