Návrh komunikačního jádra generátoru síťového provozu

Zach, Petr

January 2012

No description available.

Zátěžový tester / Stress tester

Charvát, Ondřej

January 2017

The diploma thesis deals with network infrastructure load testing. It’s target is to design and implement a network probe which will be in a form of JMeter plugin one of the components in load tester project. It offers sufficient theoretical basis about load testing, analyzes different types of DoS which can be used to stress the tested infrastructure and also discusses some solutions for load testing realization used in practice. Following is a study of possible ways for realization of the probe with help of several open-source tools. The suitability of individual tools is evaluated from the point of view of the network probe requirements and then the most suitable ones are selected as the basis for it’s implementation. Then, a network probe design is constructed in which it’s functionality is divided into two separated plug-ins, a network probe itself and a server emulator, and the implementation phase is commenced. The implementation is done in Java programming language to allow the new components to use all the neccessary JMeter API functions. The structure of individual parts of the modules as well as many implementation details are analyzed thoroughly in the text. The final chapter of the thesis describes function of the newly created components. After their installation into the load tester the procedure and the results of the functional testing are presented. This thesis describes the whole process of developing a plug-in for JMeter software.

BigData řešení pro zpracování rozsáhlých dat ze síťových toků / BigData Approach to Management of Large Netflow Datasets

Melkes, Miloslav

January 2014

This master‘s thesis focuses on distributed processing of big data from network communication. It begins with exploring network communication based on TCP/IP model with focus on data units on each layer, which is necessary to process during analyzation. In terms of the actual processing of big data is described programming model MapReduce, architecture of Apache Hadoop technology and it‘s usage for processing network flows on computer cluster. Second part of this thesis deals with design and following implementation of the application for processing network flows from network communication. In this part are discussed main and problematic parts from the actual implementation. After that this thesis ends with a comparison with available applications for network analysis and evaluation set of tests which confirmed linear growth of acceleration.

Monitorování IPv6 uzlů / IPv6 Hosts Monitoring

Rapavý, Martin

January 2010

This thesis is dedicated to network layer protocol IPv6, purposes of its creation and penetration. Former chapters briefly describe IPv6 protocol format and protocols, methods and technologies related to IPv6. The thesis summarizes security risks and flaws in IPv6 and ICMPv6 protocols. In context of the risks and flaws the thesis describes several of local ICMP attacks. It also mentions security incidents resulting from exploiting those security flaws and means of countermeasures. One of the used countermeasures is passive monitoring of ICMP messages. Thesis contains brief description of tool used to achieve this - NDPMon with its advantages, disadvantages and concepts of usage. Rest of the thesis describes design and implementation of monitoring tool similar to NDPMon, but with some improvements.

Anonymizace PCAP souborů / Anonymization of PCAP Files

Navrátil, Petr

January 2020

This diploma thesis deals with the design and implementation of an application suitable for the anonymization of PCAP files. The thesis presents TCP/IP model and for each layer highlights attributes that can be used to identify real people or organizations. Some of the anonymization methods suitable to modify highlighted attributes and sensitive data are described. The implemented application uses TShark tool to parse byte data of PCAP format to JSON format that is used in the application. TShark supports lots of network protocols which allows the application to anonymize various attributes.  Anonymization process is controlled by anonymization politics that can be customized by adding new attributes or anonymization methods.

Generátor nelegitimního síťového provozu / Generator of illegitimate network traffic

Blažek, Ondřej

January 2017

The diploma thesis deals with the problems of DoS/DDoS attacks and development of a tool, in C lanugage, for generating them. In the first chapter the principles of DoS attacks targeting the internet and transport layers of ISO/OSI model are described and also according to their characteristics divided. Selected attacks on the application layer are also described here in detail togehter with protocols which they are based on. In the following chapter there has been created a comparison of freely available tools, which could be used as a attack generators. The practical part is dedicated to a development of a tool for DoS attacks, especially design, general description and usage. Further there is a summary of the newly created library, including results of web server testing, and extensions of a web interface, which is part of the developed tool.

Implementation of data-collection tools using NetFlow for statistical analysis at the ISP level / Implementation av datainsamlingsverktyg med NetFlow på ISP-nivå för statistisk analys av datatrafik

Karlström, Daniel

January 2012

Defending against Dos- and DDoS attacks is difficult to accomplish; finding and filtering out illegitimate traffic from the legitimate flow is near impossible. Taking steps to mitigate or even block the traffic can only be done once the IP addresses of the attackers are known. This is achievable by monitoring the flows to- and from the target and identifying the attacker's IP addresses, allowing the company or their ISP to block the addresses itself by blackholing them (also known as a null route). Using the IP accounting and monitoring tool “pmacct”, this thesis aims to investigate whether or not the pmacct suite is suited for larger installations when tracking and mitigating DDoS-attacks, such at an Internet Service Provider (ISP). Potential problems are the amount of traffic that need to be analyzed and the computational power required to do it. This thesis also provide information about the pmacct suite at large. The conclusions are positive, indicating it does scale up to handle larger installations when given careful consideration and planning. / Att försvara sig mot DoS-och DDoS-attacker är svårt att åstadkomma; att hitta och filtrera ut illegitim trafik från det legitima flödet är nästan omöjligt. Att vidta åtgärder när en sådan attack upptäcks kan endast göras när IP-adresserna från angriparna är kända. Detta kan uppnås genom att man övervakar trafikflödet mellan målet för attacken och angriparna och ser vilka som sänder mest data och på så sätt identifierar angriparna.. Detta tillåter företaget eller dess ISP att blockera trafiken ifrån dessa IP-adresser genom att sända trafiken vidare till ingenstans. Detta kallas blackhole-routing eller null-routing. Genom att använda redovisnings- och övervakningsprogrammet pmacct syftar denna uppsats på att undersöka hurvida pmacct-sviten är lämpad för större installationer när det gäller att spåra och förhindra DDoS-attacker, såsom hos en Internetleverantör eller dylikt. Potentialla problem som kan uppstå är att mängden trafik som måste analyserar blir för stor och för krävande. Denna avhandling går även igenom pmacct-verktyget i sig. Slutsatserna är lovande, vilket indikerar att den har potential av att kunna hantera sådana stora miljöer med noggrann planering.

pmacct

statistical analysis

bgp

peer

peering

routing

route

quagga

virtual router

virtual

router

linux

graph

graphing

mrtg

database

mysql

script

scripting

python

bash

libpcap

mdh

data collection

data

collection

collecting

ISP

internet service provider

DoS

DDoS

attack

pmacct

statistisk analys

bgp

peer

peering

peera

routing

route

quagga

virtuell router

virtuell

router

linux

graf

grafa

mrtg

databas

mysql

script

scripting

python

bash

libpcap

mdh

datainsamling

insamling

data

ISP

internetleverantör

DoS

DDoS

attack

Computer Engineering

Datorteknik