Theses

Ing. Tomáš Vondra, Ph.D.

Ing. Jan Fesl, Ph.D.

Department of Computer Systems

This thesis explores the networking capabilities of Kubernetes. The aim of the thesis was to extend Kubernetes with the possibility of addressing and communicating with devices in private networks. Known solutions only provide communication using high-level protocols. The goal was to find a solution that would support communication using lower layer ISO/OSI protocols. This thesis presents the possibility of extending the kubernetes system with the mentioned functionalities of network communication. This method allows communication with devices in private networks using TCP and UDP protocols. The presented solution offers flexibility of use and does not present any limitation restricting standard use of Kubernetes. The solution is implemented using established standards for extending the system. The results of this work provide wider possibilities for the use of Kubernetes. With this extension, it is possible to make better use of Kubernetes in the areas of testing, smart cities and other areas working with devices in private networks.

Thesis on DSpace

Ing. Jan Fesl, Ph.D.

Ing. Alexandru Moucha, Ph.D.

Department of Computer Systems

The main purpose of this study is to test the implementation of WPA3, the new security standard for wireless networks on MikroTik devices. It furthermore compares the effectivity of WPA3 with WPA2 standard which is more used nowadays. The thesis outlines the evolution of wireless security standards from WEP to WPA3. It contains a detailed description of the principles used by WPA3. The already known Denial of Service (DoS) attacks - Doppelganger, Muted Peer, PMK Gobbler and Memory Omnivore are discussed and examined thoroughly in this study, explaining their principles and impacts in great details. Additionaly it compares these attacks with the ones used on the current implementations of WPA3 for MikroTik devices. A new attack which uses the vulnerability in the fundamentals of the WPA3 standard is also described in the study. Both WPA2 and WPA3 standards are comparable, in terms of efficiency. However, it is shown that the tested implementations are not secure enough to be used in real-life environment. Furthemore the thesis proves that the SAE handshake as it is now, is not suitable for the use in shared networks. As a part of the study, each of attack scripts was updated and refactored to current standards. Along that a complex program allowing automatized testing of each attack on different versions of WPA3 implementations was created.

Thesis on DSpace

Ing. Jan Kubr, Ph.D.

Ing. Alexandru Moucha, Ph.D.

Department of Computer Systems

The internet network without DHCP and DNS servers cannot basically work. These software are key tools that significantly simplify network configuration and usage. This thesis analyses the offer of these software, selects suitable candidates and shows their instalation, configuration and testing.

Thesis on DSpace

RNDr. Ing. Vladimír Smotlacha, Ph.D.

Ing. Jiří Dostál, Ph.D.

Department of Computer Systems

The aim of this thesis was to design and create a network monitoring tool, that would capture and report network traffic via the PTP protocol in real time, with emphasis on precision of the distributed time as well as possible errors in communication. Firstly, I go over the fundamentals of PTP and try to determine whether a universal monitoring tool, such as Wireshark would be suitable for this purpose. In the second part of this document I design my own monitoring tool for OS Linux and subsequently implement it using C++ programming language with the PCap library.

Thesis on DSpace

Ing. Alexandru Moucha, Ph.D.

Ing. Viktor Černý

Department of Computer Systems

This bachelor's thesis is concerned with the analysis of protocols for reliable transfer of data from one sender to multiple receivers, known as reliable multicast. The goal of this thesis is to examine and compare existing protocols relevant to this problem, find their suitable implementations or other programs for reliable multicast transfer. Another goal is to design and implement a testing environment suitable for testing and following comparison of these programs. The result of the analysis of protocols divides them into groups according to the reliability of transfer they provide. The final part of programs testing is the comparison of them by their efficiency using networks with similar settings with the testing environment.

Thesis on DSpace

Ing. Josef Kokeš

Ing. Tomáš Zahradnický, Ph.D.

Department of Computer Systems

The thesis deals with the topic of proxy servers in relation to HTTP and HTTPS protocols and describes the ways of filtering HTTPS communication. Different ways of HTTPS filtering are presented, as well as the features of these filters and the proxy server procedures for controlling of HTTP/HTTPS connections. The second part of this thesis implements a SSL extension for Privoxy. This extension allows filtering HTTPS communication using variety of filtering features of the original program. Achieved results are evaluated and other possible improvements are suggested.

Thesis on DSpace

Ing. Viktor Černý

Ing. Jiří Smítka

Department of Computer Systems

The aim of this work is to design, implement and test a tool for universal autonomous configuration of network devices. To begin, the analytical part familiarizes the reader with the possibilities of network device configuration and data serialization. This is followed by the tool architecture design, which conveys the modularity of network devices and configuration methods. With the data serialization language file, access to the adjustment commands of multiple network devices are united. Next, there is a description of the implementation process, while the final section outlines various testing of the program and the subsequently positive results. The output of this work is a set of scripts and configuration files, which are able to automatize and unite the adjustment process of network switches from the vendors Cisco and 3Com with CLI (Command-line interface), SNMP (Simple network management protocol) and NETCONF (Network configuration protocol). The tool is created in Python language version 3.4 and its configuration files are written in YAML (YAML ain't markup language) language.

Ing. Viktor Černý

Ing. Jiří Smítka

Department of Computer Systems

In this Bachelor thesis, the flow control mechanisms on the transport layer are analyzed. There are already many algorithms implemented in the TCP that treat network congestion. However, some of them are not efficient enough and they are a topic of ongoing research. These mechanisms, their functionality, as well as the principles helping to prevent or solve network congestion are studied in this thesis. The advantages and the disadvantages of the particular implementations are inspected. These implementations are tested in the developed environment. Furthermore, two hybrid implementations which combine the features of the existing solutions and include functionalities for network congestion are designed.

Thesis on DSpace