Metody zabezpečení IP PBX proti útokům a testování odolnosti / Securing IP PBX against attacks and resistance testing

Kakvic, Martin

January 2014

This diploma thesis focuses on attacks on PBX Asterisk, FreeSWITCH and Yate in LTS versions. In this work was carried out two types of attacks, including an attack DoS and the attack Teardown. These attacks were carried out using two different protocols, SIP and IAX. During the denial of service attack was monitored CPU usage and detected if its possible to establish call and whether if call can be processed. The Security of PBX was build on two levels. As a first level of security there was used linux based firewall netfilter. The second level of security was ensured with protocols TLS and SRTP.

EVH2 protocol : Performance analysis and Wireshark dissector development

Åhman, Stefan, Wallstersson, Marcus

January 2012

EVH2 is a proprietary application layer protocol developed by Aptilo Networks and used in their software product. Currently the only way to inspect EVH2 traffic is by using their own application. This application inspects no traffic other than EVH2. Since Aptilo continuously develops this protocol it is important to see how changes in the protocol affect its performance. This thesis examines possible ways to facilitate the use and development of the protocol. To analyse EVH2 network traffic along with traffic from other protocols another approach is needed. Wireshark is an application capable of inspecting traffic of multiple protocols simultaneously and uses dissectors to decode each packet. This thesis describes the development and evaluation of a Wireshark plugin dissector for inspection of EVH2 traffic. Performance tests of EVH2 will provide feedback about protocol changes. This thesis creates a platform for performance evaluation by introducing a test suite for performance testing. A performance evaluation of EVH2 was conducted using the developed test suit. / EVH2 är ett proprietärt applikationslagerprotokoll utvecklat av Aptilo Networks som används i deras mjukvaruprodukt. För närvarande kan EVH2-trafik endast inspekteras med deras egenutvecklade applikation. Denna applikation har inte något stöd för att inspektera annan trafik än EVH2. Eftersom Aptilo kontinuerligt utvecklar detta protokollet är det viktigt att kunna se hur förändringar i protokollet påverkar dess prestanda. Detta examenarbete undersöker möjliga sätt att underlätta användningen och utvecklingen av protokollet. För att kunna inspektera EVH2-trafik tillsammans med trafik från andra protokoll behövs en annan lösning än den nuvarande. Wireshark är en applikation som har stöd för att inspektera flera protokoll samtidigt där protokollpaketen avkodas med dissectors (dissektorer översatt till svenska). I detta examensarbete beskrivs och utvärderas utvecklingen av ett Wireshark dissector plugin för inspektion av EVH2-trafik. Genom att prestandatesta EVH2 kan prestandaskillnader påvisas vid förändringar i protokollet. Detta examensarbete tar fram en plattform för prestandautvärdering genom att introducera en testsvit för prestandatestning. Den utvecklade testsviten användes för att utföra prestandtestning av EVH2.

Wireshark

protocol

dissector

performance

analysis

EVH2

Aptilo Networks

test suite

Communication Systems

Kommunikationssystem

Analysis of Diameter Log Files with Elastic Stack / Analysering av Diameter log filer med hjälp av Elastic Stack

Olars, Sebastian

January 2020

There is a growing need for more efficient tools and services for log analysis. A need that comes from the ever-growing use of digital services and applications, each one generating thousands of lines of log event message for the sake of auditing and troubleshooting. This thesis was initiated on behalf of one of the departments of the IT consulting company TietoEvry in Karlstad. The purpose of this thesis project was to investigate whether the log analysis service Elastic Stack would be a suitable solution for TietoEvry’s need for a more efficient method of log event analysis. As part of this investigation, a small-scale deployment of Elastic Stack was created, used as proof of concept. The investigation showed that Elastic Stack would be a suitable tool for the monitoring and analysis needs of TietoEvry. The final version of deployment was, however, not able to fulfill all of the requirements that were initially set out by TietoEvry, however, this was mainly due to a lack of time and rather than limitations of Elastic Stack.

Elastic Stack

Elasticsearch

Logstash

Kibana

Docker

Wireshark

ss7trace

SysLog

PCAP

Log Analysis

Computer Systems

Datorsystem

Evaluating privacy and security risks in smart home entertainment appliances, from a communication perspective

Irengård Gullstrand, Simon, Morales Larsson, Ivan

January 2016

Konceptet "smarta hem" blir mer och mer en del av vår vardag. På grund av den hastigautvecklingen och med tanke på att trådlös kommunikation har blivit normen, har säkerhetoch integritet blivit mer av ett bekymmer. Syftet med detta arbete är att undersöka vilkentyp av information som kan utvinnas ur ett underhållning-baserat smart hem med inriktning på en off -the-shelf spel-konsol, Playstation 4, ansluten till Internet. Detta scenario har undersökts med ett experiment som fokuserar på avlyssning av nätverkstrafik som inträffar vid användning av en sådan enhet i det dagliga livet. Resultatet av studien visar att känslig data såsom bilder är i själva verket möjligt att utvinna från nätverkskommunikationen. / The concept of smart home technology becomes more and more a part of our everydaylife. Because of the hasty evolution and considering that wireless communication has become the norm, the security and privacy problems have become more of a concern. The purpose of this work is to examine what kind of information can be extracted from anentertainment-based smart home involving an o -the-shelf game-console, Playstation 4,connected to the Internet. This scenario has been investigated with experiments focusingon the interception of networking tra c occurring when using such a device under everyday operations. The results of the study shows that sensitive data such as images is in fact possible to extract contrary to popular belief.

security

privacy

Internet

smart home

playstation

wireshark

wireless communication

entertainment

Engineering and Technology

Teknik och teknologier

Návrh laboratorních úloh pro výuku síťových technologií a protokolů / Laboratory exercises explaining network technologies and protocols

Coufal, Tomáš

January 2019

Diploma thesis deals with creation of laboratory exercises in ns-3 environment. Each one of three exercises consists of theoretical introduction and instructions to carry out the simulation. The first exercise´s topic is routing protocol BGP. The second exercise is focused on transport protocols TCP, UDP, SCTP. In the last exercise, the basic network devices and topologies are simulated. The ARP and RIPv2 protocols are simulated as well.

Laboratorní úlohy pro výuku síťových technologií s použitím různých simulačních nástrojů / Laboratory exercises explaining network technologies using various simulation instruments

Vaľuš, Dávid

January 2019

This diploma thesis focuses on the preparation of an operating system, a simulation environment and the creation of two laboratory exercises explaining network technologies. In the theoretical part protocols DHCP, FTP, TFTP, HTTP, and NAT service are described. The practical part focuses on the installation of ns-3 and GNS3 programmes and their utilization and settings on OS Ubuntu 18.10. Moreover, it deals with the preparation of laboratory exercises created in the simulation programmes mentioned above together with tutorials, self-check questions and HTTP server in the Python programming language.

Simulace průmyslového protokolu CIP / CIP industrial protocol simulation

Molent, Michal

January 2020

The thesis is about industrial automatic CIP protocol, which belongs to SCADA systems. The first part is focused on basic principles of CIP protocol and on analysis of two protocols (EtherNET/IP and DeviceNet), which are based on CIP protocol. The second part deals with designing scenarios for a simulation. The simulation of one-way communication, two-way communication with help of reads from the console and two-way real time communication between Raspberries PI 3B+. The third part deals with a realization of the simulation, a start-up and a function of predefined scenarios and graphic interface. The fourth part deals with analysis network communication in situations, which occur during a protocol EtherNet/IP simulation.

Návrh a realizace monitoru sériové komunikace / Design and realization of serial communication monitor

Šnajder, Jan

January 2020

Aim of this thesis is design and realization of serial communication monitor. The thesis describes creation of hardware device responsible for collecting data from analyzed communications and for distribution of these data by USB bus. Thesis also explains connection between serial monitor and software Wireshark by extcap interface. Visualization of data in readable format is done by decoding script, which is tested by selected protocol. The last part of the study is focused on evaluation of data permeability of hardware device according to data line fullness.

Návrh paketového analyzátoru pro UWB pásmo dle standardu IEEE 802.15.4a / Packet Analyser for UWB based on 15.4a standard

Leixner, Martin

January 2014

The aim of this work is study the standard for wireless sensor networks IEEE 802.15.4a. Design and implementation of a packet analyzer for ultra wideband technology com- pliant with IEEE 802.15.4a standard. Integrate packet analyzer to inspection software Wireshark and implement dissector for view packets. Finally, analyze and evaluate the parameters of the proposed packet analyzer.

BigData řešení pro zpracování rozsáhlých dat ze síťových toků / BigData Approach to Management of Large Netflow Datasets

Melkes, Miloslav

January 2014

This master‘s thesis focuses on distributed processing of big data from network communication. It begins with exploring network communication based on TCP/IP model with focus on data units on each layer, which is necessary to process during analyzation. In terms of the actual processing of big data is described programming model MapReduce, architecture of Apache Hadoop technology and it‘s usage for processing network flows on computer cluster. Second part of this thesis deals with design and following implementation of the application for processing network flows from network communication. In this part are discussed main and problematic parts from the actual implementation. After that this thesis ends with a comparison with available applications for network analysis and evaluation set of tests which confirmed linear growth of acceleration.