Ing. Alexandru Moucha, Ph.D.

Ing. Alexandru Moucha, Ph.D.

Ing. Jan Kubr, Ph.D.

Department of Computer Systems

Ing. Alexandru Moucha, Ph.D.

Ing. Yelena Trofimova

Department of Computer Systems

The infrastructure-less self-organizing ad-hoc and sensor networks are suitable for autonomous operation in both civil and military areas (e.g. remote, inaccessible and hostile territory). They are preferred to traditional infrastructure-based networks for deployment in dynamic environment. The absence of the infrastructure introduces several new security issues, such as enforcement of cooperation and malicious node detection. The limited computational power and energy of nodes makes the conventional security measures not applicable to these types of networks. The innovative trust-based security approach is one of the most effective alternatives. This work provides comprehensive analysis and classification of trust methods as well as introduces the brand new simulation tools. It contributes to the networking research by providing the means to optimize and enhance the creation of the new methods as well as to improve the existing ones. In the future, efficient trust-based security mechanisms can be implemented in ad-hoc and sensor networks to enable their mass production and introduce several new areas of application.

Thesis on DSpace

Ing. Alexandru Moucha, Ph.D.

Ing. Viktor Černý

Department of Computer Systems

This bachelor's thesis is concerned with the analysis of protocols for reliable transfer of data from one sender to multiple receivers, known as reliable multicast. The goal of this thesis is to examine and compare existing protocols relevant to this problem, find their suitable implementations or other programs for reliable multicast transfer. Another goal is to design and implement a testing environment suitable for testing and following comparison of these programs. The result of the analysis of protocols divides them into groups according to the reliability of transfer they provide. The final part of programs testing is the comparison of them by their efficiency using networks with similar settings with the testing environment.

Thesis on DSpace

Ing. Alexandru Moucha, Ph.D.

Ing. Jan Fesl, Ph.D.

Department of Computer Systems

This bachelor thesis deals with the possibilities of simulating Cisco software--defined networks in a virtualized environment. More specifically, it is an analysis of SD-WAN and SD-Access technologies, of which only SD-WAN can be fully virtualized. Knowledge of these technologies is one of the most sought after in the field of computer networking. The aim of this work is to explain how the technologies work, to present the requirements for their implementation in a virtualized environment and to describe in detail how to replicate it. The EVE-NG network infrastructure simulator is used for implementation. It can be installed as a virtual machine, but also directly as an operating system. The output of the work are two EVE-NG laboratories. The first laboratory contains the absolute minimum for demonstrating SD-WAN in a virtualized environment. The second lab focuses on introducing more advanced SD-WAN functionality. All necessary procedures are described in detail in the work. This work confirms the possibilities of SD-WAN simulation and the outputs of the work can serve as a basis for teaching SD-WAN in the network laboratory at FIT CTU. However, computer network enthusiasts can use the work relatively easily as a guide on how to try SD-WAN technology at home.

Thesis on DSpace

Ing. Alexandru Moucha, Ph.D.

Ing. Viktor Černý

Department of Computer Systems

The bachelor thesis deals with an analysis of the most common network attacks and a description of their mitigation, focusing on the territory of the Czech Republic. At the beginning, the basic terminology is defined and on its basis, a survey of the occurrence of security incidents in the years 2017 to 2020 is subsequently performed. The survey is interpreted in the context of network attacks based on the taxonomy of incidents and in cooperation with experts from the National Office for Cyber and Information Security. The resulting attacks: port scanning, DNS cache poisoning and DDoS attack, are then analyzed in detail, ie. their principle is given and their taxonomy is described. In addition, attacks are always analyzed in the context of security incidents and embedded in the terminology introduced at the beginning of the work. Subsequently, an effective solution, both methodological and procedural, is presented for these attacks. The solution presents methods of detection and prevention of analyzed attacks focuses on technological solutions: Cisco Cisco ASA, Cisco FMC, DNSSEC. In addition, the appendix provides an example of the basic Cisco ASA firewall security configuration procedure and the procedure for setting up port scan detection on Cisco FMC technology. The attached configuration procedures are properly commented in the work.

Thesis on DSpace

Ing. Alexandru Moucha, Ph.D.

Ing. Tomáš Herout

Department of Computer Systems

Thesis deals with the ability to automatically authenticate to the wifi network using mobile Android application. The aim is to propose a basic framework of solutions containing the mi- nimum functional configuration and implementation of all necessary compo- nents. The final solution is composed of mobile application, web administration application, implementation of web services and configuration files of server.

Thesis on DSpace

Ing. Alexandru Moucha, Ph.D.

Ing. Yelena Trofimova, Ph.D.

Department of Computer Systems

This bachelor's thesis aims to investigate and describe various types of DDoS attacks. The literature review begins by introducing fundamental concepts and progresses to provide a thorough definition of botnets, DoS attacks, and their corresponding countermeasures. Leading to specific examples of DDoS attacks, which are classified based on the pre-established classification. The thesis also presents potential countermeasures for mitigating the identified attacks. Notably, the work emphasizes the possibility of selecting countermeasures based on the attack classification, which is a significant outcome of this research. Following the literature review, the thesis describes a test model used to illustrate DDoS attacks. This involves deploying a botnet and executing DDoS attacks on a web page. The experiment is then repeated after implementing a chosen countermeasure, and the results are analyzed and compared. Overall, this thesis provides a comprehensive understanding of DDoS attacks, including their objectives, vulnerabilities, and practical examples. Readers will gain valuable insights into the types of DDoS attacks and what a basic DDoS attack may look like.

Thesis on DSpace

Ing. Alexandru Moucha, Ph.D.

Ing. Viktor Černý

Department of Computer Systems

This Bachelor thesis helps to treat one difficult network administrator task, which is unified management of the network devices from various manufacturers. Administrator may not remember all commands for specific device, but he can use programmed scripts instead. Software options are received in scripts which are used for deciding whether to read from device or change it's values. Scripts will try different protocols which will be used to manage the device and will decide on their own what commands they can use. The scripts implement unified remote management using HTTPS, HTTP, SSH and Telnet. The main script allows to change the order of the protocols. According to this order the connection to particular device is established. Order of read and write operations upon network devices can be modified in scripts designed for particular manufacturers. The scripts are implemented in a modular structure. This allows extension of Python scripts with more commands, network devices and manufacturers. Thanks to this feature, this program provides unified management of network devices from many manufacturers with usage of several protocols.

Ing. Alexandru Moucha, Ph.D.

Ing. Tomáš Vondra, Ph.D.

Department of Computer Systems

This bachelor thesis focuses on describing the principles of a security operations center (SOC), the technologies it uses, and the technologies it typically protects. Within the theoretical part, it analyses the reasons for the creation of such monitoring centers and their technological and personal structure. This bachelor thesis focuses on describing the principles of a security operations center (SOC), the technologies it uses, and the technologies it typically protects. Within the theoretical part, it analyses the reasons for the creation of such surveillance centers and their technological and personnel structure. In the practical part, the thesis focuses on the deployment of surveillance technologies in the form of their freely distributed variants, as well as introducing paid versions of these systems. Furthermore, the thesis contains a demonstration of the functioning of the previously built security infrastructure in the case of a simulated attack on the protected systems. The thesis succeeded in building a functional monitoring of systems in a laboratory network environment, based on techniques that can be applied in large-scale networks. The results of this work provide a clear procedure by which it is possible to build functional small-scale security monitoring.

Thesis on DSpace

Ing. Alexandru Moucha, Ph.D.

Ing. Jan Kubr, Ph.D.

Department of Computer Systems

This work is dedicated to the field of Ad-hoc networks, more specifically to concept of trust and intent to find application of neural network to this concept. First there are given definitions to related terms, then the problem is stated and the suggested solution follows. The main pivot of the thesis are experiments held and their evaluation and discussion.

Thesis on DSpace

Ing. Alexandru Moucha, Ph.D.

Ing. Jan Kubr, Ph.D.

Department of Computer Systems

The aim of this thesis is to introduce optical networks with wavelength division multiplex and its configuration and subsequent monitoring. The thesis is divided into several thematic areas. The basic division of multiplexing systems is outlined in the introduction. Known solutions of wavelength division multiplex and its combinations are discussed. The next Chapter is devoted to a description of active and passive components, which are an essential part of DWDM system. The third Chapter is devoted to choosing the network topology, the description of the equipment used and its configuration. The last Chapter describes how to configure two monitoring tools and features comparison.

Thesis on DSpace

Ing. Alexandru Moucha, Ph.D.

prof. Ing. Pavel Tvrdík, CSc.

Department of Computer Systems

This thesis defines 3D localisation problem in realtime, suggests algorithms for defined localisation and according tests to prove their quality. In the practical part, the tests are done and analyzed. Byproduct of this thesis is also a localising software capable of realtime processing or recording for furhter analysis. Thesis aims for low cost hardware.

Thesis on DSpace

Ing. Alexandru Moucha, Ph.D.

Mgr. Rudolf Bohumil Blažek, Ph.D.

Department of Computer Systems

Ing. Alexandru Moucha, Ph.D.

Ing. Jan Kubr, Ph.D.

Department of Computer Systems

Ing. Alexandru Moucha, Ph.D.

Department of Computer Systems

The diploma thesis Analysis and Processing of Roaming Data from the Eduroam Networking System deals with the creation of the system called etlog for analysing and processing logs of eduroam networking system. The eduroam service is a worldwide system which allows users from academic institutions to connect to the Internet mostly by Wi-Fi. The state of the service can be observed by means of log files, which are created by users' activity. On the basis of these files, the system was created with the intention to monitor the service, produce statistics, search and detect anomalous states. The new system etlog processes service activities from the whole country and it helped to improve the condition of eduroam service in the Czech Republic.

Thesis on DSpace

Ing. Alexandru Moucha, Ph.D.

Ing. Pavel Kubalík, Ph.D.

Department of Computer Systems

Ing. Alexandru Moucha, Ph.D.

Ing. Jan Kubr, Ph.D.

Department of Computer Systems

The evolution of networking technology has been the driving force behind modern innovation and progress in many key areas. It has made a significant impact on the number of industries and global economy as a whole. International corporations, government and academia keep finding new practical applications for this rapidly advancing technology. The demand for problemspecific set of network design and planning tools keeps growing as the variety of practical applications increases. Network simulation remains to be one of the most relevant approaches to network design, but it has to constantly adapt to the new requirements. This research focused on analysis of hardware and software network components with a goal to design and implement a brandnew flexible user-friendly network simulator which can be easily adapted and extended for various purposes. This Thesis has ultimately resulted in development of a comprehensive framework for authentic simulation of hardware and software components with several network protocols already built into it: Ethernet, ARP, IPv4, TCP, UDP, RIP, EIGRP. The ability to quickly and efficiently implement and evaluate any network protocols and hardware according to the required specifications are the key strong points of the newly developed simulator which will most certainly allow it to pass the test of time. There are plans to incorporate this network simulator into the teaching process as well as to potentially release it as an open-source collaboration project for further development.

Thesis on DSpace

Ing. Alexandru Moucha, Ph.D.

Ing. Viktor Černý

Department of Computer Systems