The advancement of the internet across the globe has made computer users implement several ways of protection against possible network threats. The goal of this thesis is to analyse vulnerabilities and threats that may occur in a home network and design a vulnerability classification for home users with the help of Kali Linux. The classification is...
Účelem této práce je vytvořit nástavbu aplikace Snort umožňující přehlednou analýzu logů prostřednictvím webového rozhraní, které bude schopné provozu i na routerech s relativně malým výkonem. V úvodu práce je čtenář seznámen s nejznámějšími systémy pro odhalení průniku, jejich funkcemi a konfigurací. Následuje porovnání již existujících rozhraní p...
This article consolidates analysis of established (NSL-KDD) and new intrusion detection datasets (ISCXIDS2012, CICIDS2017, CICIDS2018) through the use of supervised machine learning (ML) algorithms. The uniformity in analysis procedure opens up the option to compare the obtained results. It also provides a stronger foundation for the conclusions ab...
Keeping users sensitive information secure and private in todays network is challenging. Networks are large, complicated distributed systems and are subject to a wide variety of attacks, such as eavesdropping, identity spoofing, hijacking, etc. What is worse, encrypting data is often not enough in light of advanced threats such as side channel atta...
Visible Light Communication (VLC) uses light-emitting diodes to provide wireless connectivity in public environments. Transmission security in this emerging channel is not trivial. Chaotic modulation techniques can provide encryption directly in the physical layer based on the random-alike evolution and strong synchronization prospect given by dete...
Published in Sādhanā
Intrusion detection/prevention is the greatest security challenge at virtual network layer of Cloud computing. To address this challenge, there have been several security frameworks reported. However, still there is a scope of addressing newer challenges. Here, we propose a security framework to detect network intrusions in Cloud computing. This fr...
Published in Sādhanā
Distributed Denial of Service (DDoS) attacks are a serious threat to Cloud. These attacks consume large amount of resources and increase the service usage cost by a significant factor. Due to multi-tenancy and self-provisioning properties of Cloud, traditional DDoS detection techniques cannot be directly applied. Hence, there is a need for Cloud-sp...
Prior to exploiting a vulnerable service, adversaries perform a port scan to detect open ports on a target machine. If an adversary is aiming for multiple targets, multiple IP addresses need to be scanned for possible open ports. As sending all this probing traffic with one source IP address causes a lot of suspicion in an intrusion detection syste...
Identifying anomalies in network traffic logs is a very challenging task for a network analyst. With the ever-increasing number of devices that can be connected to the network, the need for detecting anomalies is at the peak. Usual techniques for detecting such anomalies include visual analysis of network data or applying automated algorithms. Both...
In this day and age of the Internet, organizations need to address network threats, therefore more education material also needs to be established. An already established methodology for evaluating intrusion detection systems was chosen, and a selection of the market-leading intrusion detection systems are evaluated. The results show that all the s...
