Global ETD Search

361	Rychlé zpracování aplikačních protokolů / Fast Processing of Application-Layer Protocols Bárta, Stanislav January 2014 (has links) This master's thesis describes the design and implementation of system for processing application protocols in high-speed networks using the concept of Software Defined Monitoring. The proposed solution benefits from hardware accelerated network card performing pre-processing of network traffic based on the feedback from monitoring applications. The proposed system performs pre-processing and filtering of network traffic which is handed afterwards passed to application modules. Application modules process application protocols and generate metadata that describe network traffic. Pre-processing consists of parsing of network protocols up to the transport layer, TCP reassembling and forwarding packet flow only to modules that are looking for a given network traffic. The proposed system closely links intercept related information internal interception function (IRI-IIF) and content of communication internal interception function (CC-IIF) to minimize the performing of duplicate operations and increase the efficiency of the system.
362	Hardwarová akcelerace aplikací pro monitorování a bezpečnost vysokorychlostních sítí / Hardware Acceleration of Network Security and Monitoring Applications Kekely, Lukáš January 2013 (has links) This master's thesis deals with the design of software controlled hardware acceleration system for high-speed networks. The main goal is to provide easy access to acceleration for various network security and monitoring applications. The proposed system is designed for 100 Gbps networks. It enables high-speed processing on an FPGA card together with flexible software control. The combination of hardware speed and software flexibility allows easy creation of complex high-performance network applications. Achievable performance improvement of three chosen monitoring and security applications is shown using simulation model of the designed system.
363	Simulace SDN sítě / Simulation of SDN network Vrablic, Pavol January 2017 (has links) The main aim of this work is to become familiar with the technology of software-defined networks and learn to use some of the tools to measure and simulate these networks.
364	The Architecture Design and Hardware Implementation of Communications and High-Precision Positioning System January 2020 (has links) abstract: Within the near future, a vast demand for autonomous vehicular techniques can be forecast on both aviation and ground platforms, including autonomous driving, automatic landing, air traffic management. These techniques usually rely on the positioning system and the communication system independently, where it potentially causes spectrum congestion. Inspired by the spectrum sharing technique, Communications and High-Precision Positioning (CHP2) system is invented to provide a high precision position service (precision ~1cm) while performing the communication task simultaneously under the same spectrum. CHP2 system is implemented on the consumer-off-the-shelf (COTS) software-defined radio (SDR) platform with customized hardware. Taking the advantages of the SDR platform, the completed baseband processing chain, time-of-arrival estimation (ToA), time-of-flight estimation (ToF) are mathematically modeled and then implemented onto the system-on-chip (SoC) system. Due to the compact size and cost economy, the CHP2 system can be installed on different aerial or ground platforms enabling a high-mobile and reconfigurable network. In this dissertation report, the implementation procedure of the CHP2 system is discussed in detail. It mainly focuses on the system construction on the Xilinx Ultrascale+ SoC platform. The CHP2 waveform design, ToA solution, and timing exchanging algorithms are also introduced. Finally, several in-lab tests and over-the-air demonstrations are conducted. The demonstration shows the best ranging performance achieves the ~1 cm standard deviation and 10Hz refreshing rate of estimation by using a 10MHz narrow-band signal over 915MHz (US ISM) or 783MHz (EU Licensed) carrier frequency. / Dissertation/Thesis / Doctoral Dissertation Electrical Engineering 2020 Electrical engineering Software Defined Radio Time-of-Arrival Estimation Time-of-Flight Estimation Two-way Ranging
365	Security challenges within Software Defined Networks Ahmed, Haroon, Sund, Gabriel January 2014 (has links) A large amount of today's communication occurs within data centers where a large number of virtual servers (running one or more virtual machines) provide service providers with the infrastructure needed for their applications and services. In this thesis, we will look at the next step in the virtualization revolution, the virtualized network. Software-defined networking (SDN) is a relatively new concept that is moving the field towards a more software-based solution to networking. Today when a packet is forwarded through a network of routers, decisions are made at each router as to which router is the next hop destination for the packet. With SDN these decisions are made by a centralized SDN controller that decides upon the best path and instructs the devices along this path as to what action each should perform. Taking SDN to its extreme minimizes the physical network components and increases the number of virtualized components. The reasons behind this trend are several, although the most prominent are simplified processing and network administration, a greater degree of automation, increased flexibility, and shorter provisioning times. This in turn leads to a reduction in operating expenditures and capital expenditures for data center owners, which both drive the further development of this technology. Virtualization has been gaining ground in the last decade. However, the initial introduction of virtualization began in the 1970s with server virtualization offering the ability to create several virtual server instances on one physical server. Today we already have taken small steps towards a virtualized network by virtualization of network equipment such as switches, routers, and firewalls. Common to virtualization is that it is in early stages all of the technologies have encountered trust issues and general concerns related to whether software-based solutions are as rugged and reliable as hardwarebased solutions. SDN has also encountered these issues, and discussion of these issues continues among both believers and skeptics. Concerns about trust remain a problem for the growing number of cloud-based services where multitenant deployments may lead to loss of personal integrity and other security risks. As a relatively new technology, SDN is still immature and has a number of vulnerabilities. As with most software-based solutions, the potential for security risks increases. This thesis investigates how denial-of-service (DoS) attacks affect an SDN environment and a singlethreaded controller, described by text and via simulations. The results of our investigations concerning trust in a multi-tenancy environment in SDN suggest that standardization and clear service level agreements are necessary to consolidate customers’ confidence. Attracting small groups of customers to participate in user cases in the initial stages of implementation can generate valuable support for a broader implementation of SDN in the underlying infrastructure. With regard to denial-of-service attacks, our conclusion is that hackers can by target the centralized SDN controller, thus negatively affect most of the network infrastructure (because the entire infrastructure directly depends upon a functioning SDN controller). SDN introduces new vulnerabilities, which is natural as SDN is a relatively new technology. Therefore, SDN needs to be thoroughly tested and examined before making a widespread deployment. / Dagens kommunikation sker till stor del via serverhallar där till stor grad virtualiserade servermiljöer förser serviceleverantörer med infrastukturen som krävs för att driva dess applikationer och tjänster. I vårt arbete kommer vi titta på nästa steg i denna virtualiseringsrevolution, den om virtualiserade nätverk. mjukvarudefinierat nätverk (eng. Software-defined network, eller SDN) kallas detta förhållandevis nya begrepp som syftar till mjukvarubaserade nätverk. När ett paket idag transporteras genom ett nätverk tas beslut lokalt vid varje router vilken router som är nästa destination för paketet, skillnaden i ett SDN nätverk är att besluten istället tas utifrån ett fågelperspektiv där den bästa vägen beslutas i en centraliserad mjukvaruprocess med överblick över hela nätverket och inte bara tom nästa router, denna process är även kallad SDN kontroll. Drar man uttrycket SDN till sin spets handlar det om att ersätta befintlig nätverksutrustning med virtualiserade dito. Anledningen till stegen mot denna utveckling är flera, de mest framträdande torde vara; förenklade processer samt nätverksadministration, större grad av automation, ökad flexibilitet och kortare provisionstider. Detta i sin tur leder till en sänkning av löpande kostnader samt anläggningskostnader för serverhallsinnehavare, något som driver på utvecklingen. Virtualisering har sedan början på 2000-talet varit på stark frammarsch, det började med servervirtualisering och förmågan att skapa flertalet virtualiserade servrar på en fysisk server. Idag har vi virtualisering av nätverksutrustning, såsom switchar, routrar och brandväggar. Gemensamt för all denna utveckling är att den har i tidigt stadie stött på förtroendefrågor och överlag problem kopplade till huruvida mjukvarubaserade lösningar är likvärdigt robusta och pålitliga som traditionella hårdvarubaserade lösningar. Detta problem är även något som SDN stött på och det diskuteras idag flitigt bland förespråkare och skeptiker. Dessa förtroendefrågor går på tvären mot det ökande antalet molnbaserade tjänster, typiska tjänster där säkerheten och den personliga integriten är vital. Vidare räknar man med att SDN, liksom annan ny teknik medför vissa barnsjukdomar såsom kryphål i säkerheten. Vi kommer i detta arbete att undersöka hur överbelastningsattacker (eng. Denial-of-Service, eller DoS-attacker) påverkar en SDN miljö och en singel-trådig kontroller, i text och genom simulering. Resultatet av våra undersökningar i ämnet SDN i en multitenans miljö är att standardisering och tydliga servicenivåavtal behövs för att befästa förtroendet bland kunder. Att attrahera kunder för att delta i mindre användningsfall (eng. user cases) i ett inledningsskede är också värdefullt i argumenteringen för en bredare implementering av SDN i underliggande infrastruktur. Vad gäller DoS-attacker kom vi fram till att det som hackare går att manipulera en SDN infrastruktur på ett sätt som inte är möjligt med dagens lösningar. Till exempel riktade attacker mot den centraliserade SDN kontrollen, slår man denna kontroll ur funktion påverkas stora delar av infrastrukturen eftersom de är i ett direkt beroende av en fungerande SDN kontroll. I och med att SDN är en ny teknik så öppnas också upp nya möjligheter för angrepp, med det i åtanke är det viktigt att SDN genomgår rigorösa tester innan större implementation. Software Defined Networks (SDN) network security denial of service distributed denial of service multi-tenancy mjukvarudefinierat nätverk nätverkssäkerhet överbelastningsattack distribuerad överbelastningsattack multitenans Computer and Information Sciences Data- och informationsvetenskap
366	SDP And VPN For Remote Access : A Comparative Study And Performance Evaluation Sintaro, Abel Tariku, Komolafe, Yemi Emmanuel January 2021 (has links) Remote access is a way of providing access to networks from outside the premises of the network. Virtual Private Network (VPN) is one solution used to provide remote access. Software-Defined Perimeter (SDP) is another solution that is capable of providing access to resources from a remote location. These two technologies use different security models yet provide comparable remote access functionalities. This thesis project investigates the basic components, architecture, and security services of SDP and IPSec VPN. Additionally, a performance evaluation is conducted on SDPand VPN on their connection setup time and network throughput. Our result shows that both SDP and VPN provide secure access, however, SDP has additional features that make it a more secure solution. This thesis project is written in the hopes that it can help enterprises with or without a VPN solution already in place to consider SDP as an alternative solution and learn SDP in comparison with VPN. Zero-Trust security model Perimeter-based security model Software- defined perimeter IPSec VPN performance evaluation comparative study Computer Systems Datorsystem Communication Systems Kommunikationssystem
367	Softwarebasiertes Radarsystem mit Arbiträrer Polarimetrischer Multiparameter Intrapulsmodulation Klein, Ingo 25 March 2022 (has links) Die Datenerfassung für Wetterprognosen basiert bis heute auf konventionellen Radarsystemen, die mit einer verhältnismäßig hohen Leistung arbeiten und für große Reichweiten ausgelegt sind. Da jedoch Wetterphänomene primär in Bodennähe auftreten und deren ausschlaggebenden Charakteristika ebendort zu detektieren sind, bringt dieses einige Nachteile mit sich. Hierzu zählen z.B. Einschränkungen bezüglich der räumlichen Auflösung und der Aktualisierungsrate, die stark eingeschränkten Möglichkeiten der flächendeckenden Erfassung bodennaher Effekte, aber auch die nicht voll polarimetrischen Detektionsmöglichkeiten bestehender Systeme. Die vorliegende Arbeit stellt den Ansatz des 'Digital Beamforming Weather Radar' (DB-WR) vor, welcher die beschriebenen Nachteile maßgeblich reduziert bzw. vermeidet. Die Systemarchitektur basiert hierbei auf engmaschigen Netzwerken von Phased-Array Radargeräten mit signifikant geringeren Reichweiten und Sendeleistungen. Grundlage hierfür bilden polarimetrische Sende-Empfangsmodule ('Software-Defined Radars'), welche die Realisierung der neuartigen 'Arbiträren Polarimetrischen Multiparameter Intrapulsmodulation' (APMIM), einem Verfahren welches beliebige Modulationen innerhalb des Sendepulses zulässt, ermöglichen. Der Fokus richtet sich diesbezüglich auf die Umsetzung eines breitbandigen Stand-Alone Experimentalsystems für diese neuartige Wetterradartechnologie, mit dem das Systemkonzept des DBWR getestet und die Möglichkeiten der APMIM in Kombination mit einer multiplen Empfangssignalauswertung evaluiert werden können. Darüber hinaus werden die Möglichkeiten dieses Experimentalsystems veranschaulicht und die Funktionalitäten in entsprechenden Messungen verifiziert. / Data acquisition for weather forecasts is still based on conventional radar systems, which operate at a relatively high power and are designed for long ranges. However, since weather phenomena primarily occur near the ground and their decisive characteristics have to be detected there, this brings with it a number of disadvantages. These include, for example, limitations with respect to spatial resolution and update rate, the severely restricted possibilities of area-wide detection of near-ground effects, but also the not fully polarimetric detection capabilities of existing systems. This dissertation presents the Digital Beamforming Weather Radar (DBWR) approach, which significantly reduces or avoids the described drawbacks. The system architecture is based on close-meshed networks of phased-array radars with significantly lower ranges and transmission powers. The basis for this is formed by polarimetric transmit-receive modules ('Software-Defined Radars'), which enable the realization of the novel 'Arbitrary Polarimetric Multiparameter Intrapulse Modulation' (APMIM), a method which allows arbitrary modulations within the transmit pulse. In this respect, the focus is on the implementation of a broadband stand-alone experimental system for this novel weather radar technology, with which the system concept of the DBWR can be tested and the possibilities of the APMIM in combination with a multiple received signal evaluation can be evaluated. Furthermore, the capabilities of this experimental system are illustrated and the functionalities are verified in corresponding measurements. info:eu-repo/classification/ddc/551.6353 ddc:551.6353
368	Récepteur radio-logicielle hautement numérisé / Highly digitized RF receiver for software defined radio Haghighitalab, Delaram 09 September 2015 (has links) Aujourd'hui, il y a une augmentation du nombre de normes étant intégré dans des appareils mobiles. Les problèmes principaux sont la durée de vie de la batterie et la taille de l'appareil. L'idée d'un Radio-Logiciel est de pousser le processus de numérisation aussi près que possible de l'antenne. Dans cette thèse, nous présentons la première mise en œuvre d'un récepteur radio-logiciel complet basé sur Sigma-Delta RF passe-bande, y compris un LNA à gain variable (VGLNA), un ADC Sigma-Delta RF sous-échantillonné, un mélangeur bas-conversion RF numérique et un filtre de décimation polyphasé multi-étage multi-taux. Le VGLNA élargit la gamme dynamique du récepteur multi-standard pour atteindre les exigences des trois normes sans fil ciblées. Aussi une architecture mixte, en utilisant à la fois Source-Coupled Logic (SCL) et des circuits CMOS, il est proposé d'optimiser la consommation des circuits RF numériques. Par ailleurs, nous proposons une architecture de filtre en peigne à plusieurs étages avec décomposition polyphase à réduire la consommation d'énergie. Le récepteur est mesuré pour trois normes différentes dans la bande de 2.4 GHz, la bande ISM. Les résultats des mesures montrent que le récepteur atteint 79 dB, 73 dB et 63 dB de plage dynamique pour les normes Bluetooth, ZigBee et WiFi respectivement. Le récepteur complet, mis en œuvre dans le procédé CMOS 130 nm, a une fréquence centrale accordable de 300 MHz et consomme 63 mW sous 1.2 V. Comparé à d'autres récepteurs, le circuit proposé consomme 30% moins d'énergie, la plage dynamique est de 21 dB supérieur, IIP3 est de 6 dB supérieur et le facteur de mérite est de 24 dB supérieur. / Nowadays there is an increase in the number of standards being integrated in mobile devices. The main issues are battery life and the size of the device. The idea of a Software Defined Radio is to push the digitization process as close as possible to the antenna. Having most of the circuit in the digital domain allows it to be reconfigurable thus requiring less area and power consumption. In this thesis, we present the first implementation of a complete SDR receiver based on RF bandpass Sigma-Delta including a Variable-Gain LNA (VGLNA), an RF subsampled Sigma-Delta ADC, an RF digital down-conversion mixer and a polyphase multi-stage multi-rate decimation filter. VGLNA enlarges the dynamic range of the multi-standard receiver to achieve the requirements of the three targeted wireless standards. Also a mixed architecture, using both Source-Coupled Logic (SCL) and CMOS circuits, is proposed to optimize the power consumption of the RF digital circuits. Moreover, we propose a multi-stage comb filter architecture with polyphase decomposition to reduce the power consumption. The receiver is measured for three different standards in the 2.4 GHz ISM-band. Measurement results show that the receiver achieves 79 dB, 73 dB and 63 dB of dynamic range for the Bluetooth, ZigBee and WiFi standards respectively. The complete receiver, implemented in 130 nm CMOS process, has a 300 MHz tunable central frequency and consumes 63 mW under 1.2 V supply. Compared to other SDR receivers, the proposed circuit consumes 30% less power, the DR is 21 dB higher, IIP3 is 6 dB higher and the overall Figure of Merit is 24 dB higher. Radio logicielle Récepteur RF Sigma-Delta passe-bande Filtre de décimation Mixeur RF numérique Software Defined Radio SDR receiver 004.6
369	Les réseaux maillés sans fils assistés par le SDN / Software-defined network for wireless mesh networks Labraoui, Mohamed 19 December 2017 (has links) Avec les progrès dans les communications sans fil, le réseau maillé sans fils (WMN) est apparu comme une solution à la couverture et à la capacité limitée des réseaux d'infrastructure. Un WMN est un réseau ad-hoc multi-sauts dans lequel les routeurs participants acheminent le trafic pour le compte de tiers. Malgré les avantages et l'efficacité accrue de nombreuses applications, plusieurs problèmes doivent encore être résolus, notamment des facteurs critiques influant sur les performances des WMNs tels que l'évolutivité, la stabilité de la connectivité réseau, la qualité de service, la sécurité et les problèmes d'interférence. Face à ce défi, cette thèse explore une nouvelle approche des réseaux, à savoir le concept de réseau défini par logiciel (SDN). Dans une configuration SDN, l'intelligence située au niveau des périphériques réseau est déplacée dans une entité centrale communément appelée le contrôleur SDN. Dans cette architecture, le contrôleur SDN prend toutes les décisions et dicte à chaque périphérique réseau comment router les flux de données. Dans cette thèse, l'accent est mis sur l'évaluation des améliorations de la gestion de réseau que SDN pourrait apporter aux WMNs. En particulier, nous avons analysé et déterminé le type de granularité de contrôle SDN envisageable pour ce type de réseaux ainsi que les solutions techniques permettant de mettre en œuvre ce concept pour de meilleures performances. / With advances in wireless communications, Wireless Mesh Network (WMN) has emerged as one solution to the limited coverage and capacity of infrastructure networks. A WMN is a multihop ad-hoc network where participating routers forward traffic on behalf of others. Despite the advantages and increased efficiency in many applications, several challenges still need to be solved and especially critical factors influencing the performance of WMNs such as scalability, network connectivity steadiness, Quality of Service (QoS), security, and interference problems. In the face of this challenge, this thesis explores a new approach for networks, namely the concept of Software-Defined Network (SDN). In an SDN configuration, the intelligence located at network devices level is moved within a central entity commonly referred to as the SDN controller. In this architecture, the SDN controller takes all decisions and dictates to each network device how to route data flows. In this thesis, the focus is on evaluating network management improvements that SDN could make in WMNs. Particularly, we analyzed and determined what kind of SDN control granularity that could be envisaged for this type of networks as well as the technical solutions to implement this concept for better performance. Réseau maillé sans fils Réseau défini par logiciel Routage Gestion de réseau Déploiement Performance Wireless mesh network Software-defined networks Routing 004.68
370	Policy-driven autonomic cyberdefense using software-defined networking / Cyberdefense autonome pilotée par règles à l'aide d'un réseau défini par logiciel Sahay, Rishikesh 14 November 2017 (has links) Les attaques cybernétiques causent une perte importante non seulement pour les utilisateurs finaux, mais aussi pour les fournisseurs de services Internet (FAI). Récemment, les clients des FAI ont été la cible numéro un de cyber-attaques telles que les attaques par déni de service distribué (DDoS). Ces attaques sont favorisées par la disponibilité généralisée outils pour lancer les attaques. Il y a donc un besoin crucial de contrer ces attaques par des mécanismes de défense efficaces. Les chercheurs ont consacré d’énormes efforts à la protection du réseau contre les cyber-attaques. Les méthodes de défense contiennent d’abord un processus de détection, complété par l’atténuation. Le manque d’automatisation dans tout le cycle de détection à l’atténuation augmente les dégâts causés par les cyber-attaques. Cela provoque des configurations manuelles de périphériques l’administrateur pour atténuer les attaques affectent la disponibilité du réseau. Par conséquent, il est nécessaire de compléter la boucle de sécurité avec un mécanisme efficace pour automatiser l’atténuation. Dans cette thèse, nous proposons un cadre d’atténuation autonome pour atténuer les attaques réseau qui visent les ressources du réseau, comme par les attaques exemple DDoS. Notre cadre fournit une atténuation collaborative entre le FAI et ses clients. Nous utilisons la technologie SDN (Software-Defined Networking) pour déployer le cadre d’atténuation. Le but de notre cadre peut se résumer comme suit : d’abord, les clients détectent les attaques et partagent les informations sur les menaces avec son fournisseur de services Internet pour effectuer l’atténuation à la demande. Nous développons davantage le système pour améliorer l’aspect gestion du cadre au niveau l’ISP. Ce système effectue l’extraction d’alertes, l’adaptation et les configurations d’appareils. Nous développons un langage de politique pour définir la politique de haut niveau qui se traduit par des règles OpenFlow. Enfin, nous montrons l’applicabilité du cadre par la simulation ainsi que la validation des tests. Nous avons évalué différentes métriques QoS et QoE (qualité de l’expérience utilisateur) dans les réseaux SDN. L’application du cadre démontre son efficacité non seulement en atténuant les attaques pour la victime, mais aussi en réduisant les dommages causés au trafic autres clients du FAI / Cyber attacks cause significant loss not only to end-users, but also Internet Service Providers (ISP). Recently, customers of the ISP have been the number one target of the cyber attacks such as Distributed Denial of Service attacks (DDoS). These attacks are encouraged by the widespread availability of tools to launch the attacks. So, there is a crucial need to counter these attacks (DDoS, botnet attacks, etc.) by effective defense mechanisms. Researchers have devoted huge efforts on protecting the network from cyber attacks. Defense methodologies first contains a detection process, completed by mitigation. Lack of automation in the whole cycle of detection to mitigation increase the damage caused by cyber attacks. It requires manual configurations of devices by the administrator to mitigate the attacks which cause the network downtime. Therefore, it is necessary to close the security loop with an efficient mechanism to automate the mitigation process. In this thesis, we propose an autonomic mitigation framework to mitigate attacks that target the network resources. Our framework provides a collaborative mitigation strategy between the ISP and its customers. The implementation relies on Software-Defined Networking (SDN) technology to deploy the mitigation framework. The contribution of our framework can be summarized as follows: first the customers detect the attacks and share the threat information with its ISP to perform the on-demand mitigation. We further develop the system to improve the management aspect of the framework at the ISP side. This system performs the alert extraction, adaptation and device configurations. We develop a policy language to define the high level policy which is translated into OpenFlow rules. Finally, we show the applicability of the framework through simulation as well as testbed validation. We evaluate different QoS and QoE (quality of user experience) metrics in SDN networks. The application of the framework demonstrates its effectiveness in not only mitigating attacks for the victim, but also reducing the damage caused to traffic of other customers of the ISP Cyberdéfense autonome Réseau défini par logiciel Attaques par déni de service Gestion de réseau à base de règles OpenFlow Autonomic cyberdefense Software defined networking Denial of service attacks Policy based network management OpenFlow

Search results