The implementation and vulenrability analyse of WPA3
Author
Vítek Špelina
Year
2023
Type
Bachelor thesis
Supervisor
Ing. Jan Fesl, Ph.D.
Reviewers
Ing. Alexandru Moucha, Ph.D.
Department
Summary
The main purpose of this study is to test the implementation of WPA3, the new security standard
for wireless networks on MikroTik devices. It furthermore compares the effectivity of WPA3 with
WPA2 standard which is more used nowadays.
The thesis outlines the evolution of wireless security standards from WEP to WPA3. It
contains a detailed description of the principles used by WPA3. The already known Denial of
Service (DoS) attacks - Doppelganger, Muted Peer, PMK Gobbler and Memory Omnivore are
discussed and examined thoroughly in this study, explaining their principles and impacts in great
details. Additionaly it compares these attacks with the ones used on the current implementations
of WPA3 for MikroTik devices. A new attack which uses the vulnerability in the fundamentals
of the WPA3 standard is also described in the study.
Both WPA2 and WPA3 standards are comparable, in terms of efficiency. However, it is shown
that the tested implementations are not secure enough to be used in real-life environment. Furthemore the thesis proves that the SAE handshake as it is now, is not suitable for the use in shared
networks.
As a part of the study, each of attack scripts was updated and refactored to current standards.
Along that a complex program allowing automatized testing of each attack on different versions
of WPA3 implementations was created.
Network communication of Kubernetes applications with external devices in a private network
Author
Jan Troják
Year
2023
Type
Bachelor thesis
Supervisor
Ing. Tomáš Vondra, Ph.D.
Reviewers
Ing. Jan Fesl, Ph.D.
Department
Summary
This thesis explores the networking capabilities of Kubernetes. The aim of the thesis was to extend Kubernetes with the possibility of addressing and communicating with devices in private networks. Known solutions only provide communication using high-level protocols. The goal was to find a solution that would support communication using lower layer ISO/OSI protocols.
This thesis presents the possibility of extending the kubernetes system with the mentioned functionalities of network communication. This method allows communication with devices in private networks using TCP and UDP protocols. The presented solution offers flexibility of use and does not present any limitation restricting standard use of Kubernetes. The solution is implemented using established standards for extending the system.
The results of this work provide wider possibilities for the use of Kubernetes. With this extension, it is possible to make better use of Kubernetes in the areas of testing, smart cities and other areas working with devices in private networks.
IP address management in a middle-sized network
Author
Vít Pekárek
Year
2019
Type
Bachelor thesis
Supervisor
Ing. Jan Kubr, Ph.D.
Reviewers
Ing. Alexandru Moucha, Ph.D.
Department
Summary
The internet network without DHCP and DNS servers cannot basically work. These software are key tools that significantly simplify network configuration and usage. This thesis analyses the offer of these software, selects suitable candidates and shows their instalation, configuration and testing.
Monitoring of PTP Network Traffic
Author
Vlastimil Lhotecký
Year
2018
Type
Bachelor thesis
Supervisor
RNDr. Ing. Vladimír Smotlacha, Ph.D.
Reviewers
Ing. Jiří Dostál, Ph.D.
Department
Summary
The aim of this thesis was to design and create a network monitoring tool, that would capture and report network traffic via the PTP protocol in real time, with emphasis on precision of the distributed time as well as possible errors in communication.
Firstly, I go over the fundamentals of PTP and try to determine whether a universal monitoring tool, such as Wireshark would be suitable for this purpose. In the second part of this document I design my own monitoring tool for OS Linux and subsequently implement it using C++ programming language with the PCap library.
Analysis and Testing of Reliable Multicast Protocols
Author
Uladzislau Maher
Year
2018
Type
Bachelor thesis
Supervisor
Ing. Alexandru Moucha, Ph.D.
Reviewers
Ing. Viktor Černý
Department
Summary
This bachelor's thesis is concerned with the analysis of protocols for reliable transfer of data from one sender to multiple receivers, known as reliable multicast. The goal of this thesis is to examine and compare existing protocols relevant to this problem, find their suitable implementations or other programs for reliable multicast transfer. Another goal is to design and implement a testing environment suitable for testing and following comparison of these programs.
The result of the analysis of protocols divides them into groups according to the reliability of transfer they provide. The final part of programs testing is the comparison of them by their efficiency using networks with similar settings with the testing environment.
SSL/TLS Filtering Support for Privoxy
Author
Václav Švec
Year
2017
Type
Bachelor thesis
Supervisor
Ing. Josef Kokeš
Reviewers
Ing. Tomáš Zahradnický, Ph.D.
Department
Summary
The thesis deals with the topic of proxy servers in relation to HTTP and HTTPS protocols and describes the ways of filtering HTTPS communication. Different ways of HTTPS filtering are presented, as well as the features of these filters and the proxy server procedures for controlling of HTTP/HTTPS connections.
The second part of this thesis implements a SSL extension for Privoxy. This extension allows filtering HTTPS communication using variety of filtering features of the original program. Achieved results are evaluated and other possible improvements are suggested.
Autonomous configuration of network devices
Author
Dominik Soukup
Year
2016
Type
Bachelor thesis
Supervisor
Ing. Viktor Černý
Reviewers
Ing. Jiří Smítka
Department
Summary
The aim of this work is to design, implement and test a tool for universal autonomous configuration of network devices. To begin, the analytical part familiarizes the reader with the possibilities of network device configuration and data serialization. This is followed by the tool architecture design, which conveys the modularity of network devices and configuration methods. With the data serialization language file, access to the adjustment commands of multiple network devices are united. Next, there is a description of the implementation process, while the final section outlines various testing of the program and the subsequently positive results.
The output of this work is a set of scripts and configuration files, which are able to automatize and unite the adjustment process of network switches from the vendors Cisco and 3Com with CLI (Command-line interface), SNMP (Simple network management protocol) and NETCONF (Network configuration protocol). The tool is created in Python language version 3.4 and its configuration files are written in YAML (YAML ain't markup language) language.
Analysis of the flow control mechanisms on the transport layer
Author
Jan Rubín
Year
2016
Type
Bachelor thesis
Supervisor
Ing. Viktor Černý
Reviewers
Ing. Jiří Smítka
Department
Summary
In this Bachelor thesis, the flow control mechanisms on the transport layer are analyzed. There are already many algorithms implemented in the TCP that treat network congestion. However, some of them are not efficient enough and they are a topic of ongoing research. These mechanisms, their functionality, as well as the principles helping to prevent or solve network congestion are studied in this thesis. The advantages and the disadvantages of the particular implementations are inspected. These implementations are tested in the developed environment. Furthermore, two hybrid implementations which combine the features of the existing solutions and include functionalities for network congestion are designed.
Centralized Monitoring of RouterOS Network Devices
Author
Daniel Pospíšil
Year
2014
Type
Bachelor thesis
Supervisor
Ing. Pavel Benáček, Ph.D.
Reviewers
doc. Ing. Tomáš Čejka, Ph.D.
Department
Tools for network monitoring of network devices
Author
Jiří Volprecht
Year
2014
Type
Bachelor thesis
Supervisor
Ing. Miroslav Prágl, MBA
Department
Experimental Analysis of Fragmentation Attacks on DNSSEC Servers
Author
Václav Šulc
Year
2014
Type
Bachelor thesis
Supervisor
Mgr. Rudolf Bohumil Blažek, Ph.D.
Reviewers
doc. Ing. Tomáš Čejka, Ph.D.
Department
Comprehensive Monitoring of Selected Internal Systems in a Large Telecommunications Company
Author
Petr Magnusek
Year
2014
Type
Bachelor thesis
Supervisor
Ing. Viktor Černý
Reviewers
Ing. Alexandru Moucha, Ph.D.
Department