|
|
Identification of industrial devices
Šotola, Bohuslav ; Blažek, Petr (referee) ; Pospíšil, Ondřej (advisor)
This thesis, titled Identification of Industrial Devices, deals with the use of machine learning for the passive identification of exclusively programmable logic controllers (PLCs) from Siemens, communicating via network traffic. The identification is performed to obtain information about vulnerabilities in the devices currently in use. The motivation for introducing identification in the industry is to minimize the likelihood of attacks and thus reduce losses in production. Datasets in the field of Industrial Control Systems (ICS) are created for targeted device identification within 5 minutes of capturing network traffic. These datasets are statistically processed to find input parameters showing independence from topology and time. The statistically processed parameters are then subjected to machine learning models. If they are found to be sufficiently independent, the idea is verified on independent data not related to previous ones. In identification, there is also an attempt to utilize network transmission parameters that are independent of the PLC device manufacturer. Identification of PLC devices is possible, with the ideal use of the older version of the proprietary S7 protocol, as it allows identification within 5 minutes of capturing traffic. Identification based on the older version of the protocol is also relevant because it is used in practice. An obstacle to capturing traffic for identification is the fact that potential users often need appropriate permissions. Firmware updates must be taken into account, providing new data security features.
|
|
|
Network probe module for industrial protocol analysis
Srovnal, Dominik ; Pospíšil, Ondřej (referee) ; Blažek, Petr (advisor)
Industrial networks are often the target of attacks, which need to be adequately responded to. Therefore, it is necessary to prevent these attacks from the outset through protection and prevention. Such protection is provided by intrusion detection and prevention systems, which are capable of preventing unwanted intrusions, based on those modules. As attacks become more and more sophisticated, it is essential that these modules are continuously developed and got proposed in new, safer measures. The theoretical part describes industrial protocols (IEC 61850, IEC 60870, Ethernet/IP and S7). The practical part focuses on the creation of a module for the analysis of the industrial protocol S7. Furthermore, the paper describes possible attacks on the S7 protocol and proposes rules for detecting these attacks using the Suricata module.
|
|
|
Wastewater treatment plant testbed controlled by PLC
Kopáč, Ondřej ; Blažek, Petr (referee) ; Pospíšil, Ondřej (advisor)
This master thesis deals with the design of a wastewater treatment plant, which will be controlled by a PLC. The theoretical part describes the types of wastewater and sewage systems that are important in the design of wastewater treatment plants. The thesis also describes programmable logic controllers, theirs programming languages, SCADA (Supervisory Control And Data Acquisition) systems and automation.The thesis also deals with theoretical description of wastewater treatment plants, their functions and security. Next part describes the design of the wastewater treatment plant. The last part of the thesis describes implementation of the wastewater treatment plant controlled by a PLC.
|
|
|
Honeypot for LoRaWAN protocol
Zhukova, Viktoriia ; Pospíšil, Jan (referee) ; Pospíšil, Ondřej (advisor)
The bachelor’s thesis in the theoretical section focuses on LoRaWAN technology. It describes network communication, LoRaWAN security, vulnerabilities, and mitigation measures. The second half of the theoretical section focuses on describing honeypot technology and its distribution, listing its advantages and disadvantages, and comparing IoT honeypots. The practical section focuses on building an experimental environment. There is a description of the selected hardware and software. It describes the commissioning of the LoRaWAN network, the configuration of the gateway, and the startup of the LoRaWAN server. Next, the whole procedure of honeypot assembly is described. Two variants of high-interaction honeypot are described and investigated. One without the use of sandboxing and using a firewall, the other with the use of sandboxing and an implementation of chroot/jail.
|
|
|
Analysis of Wi-Fi traffic
Bakó, Zdeněk ; Pospíšil, Ondřej (referee) ; Pospíšil, Jan (advisor)
This bachelor thesis deals with the capture and analysis of wireless traffic of Wi-Fi networks. The aim of this work is to describe the possibilities of capturing and analyzing the operation of Wi-Fi networks. It describes the IEEE 802.11 standard, its features such as architecture and current standards. A selection of a suitable router is performed on which traffic capture and analysis is performed. Some open-source firmware for routers is compared and the most suitable one is selected. Tools for capturing and analyzing Wi-Fi network traffic are compared and described. The differences between the promiscuous and monitoring capture mode and their possibilities of use are described. Finally, there are described options for analyzing captured 802.11 frames.
|
|
|
Analyzing the S7 protocol and creating a virtualized industrial scenario
Srovnal, Dominik ; Kuchař, Karel (referee) ; Pospíšil, Ondřej (advisor)
Industrial network is frequent target of attacks used to damage production and disrupt today infrasctructure. It is necessary to capture such attacks and be able to react correctly to them. That is the reason, why it is necessary to deal with the problematics from the very beginning to the final element. Meaning of this is a prevention of possible attacks and the prerequisite for preventing such attacks on network communication. In order to detect potential weaknesses, communication analyzes and simulations need to be performed. This can be achieved using sofware designed specificly for such situations. Thus two programs were created to simulate the industrial scenario and analyze the S7 protocol. The data received from this communication were analyzed and subsequently scrutinized.
|
|
|
Capturing cyber-threats of industrial systems
Dobrík, Andrej ; Pospíšil, Ondřej (referee) ; Fujdiak, Radek (advisor)
S vedomím že kybernetické útoky stoja korporácie každoročne miliardy, počínajúc neoprávnenými útokmi, distribuovanými útokmi odmietnutia služieb (DDOS) až po vírusy a počítačové červy atď., prichádza problém s nástrojmi, ktoré majú k dispozícii správcovia systému. Táto diplomová práca sa venuje skúmaniu jedného z takýchto nástrojov, Honeypot. Presnejšie, Honeypot zariadeniam pre priemyselné riadiace systémy. Od historicky počiatočných implementácií takýchto systémov, cez analýzu súčasných riešení až po vytvorenie nového riešenia Honeypot, s vysokou mierou interakcie a následným nasadením na nový virtuálny súkromný server, po ktorom nasleduje analýza narušení, ktoré sa vyskytnú počas obdobia nasadenia.
|
|
|
Gathering information about industrial equipment using a search engine
Danko, Krištof ; Fujdiak, Radek (referee) ; Pospíšil, Ondřej (advisor)
The work is focused on operating technologies, specificaly on the security of PLC (programmable logic controller), and obtaining information using device search engines. The types and parts of industrial networks, which are the main segment of operational technologies, and the search engines such as Shodan, Censy, BinaryEdge, and Zoomeye are described. These search engines are compared based on available information and industry protocols Siemens S7, Modbus, Ethernet / IP, and DNP3. In addition to comparing search engines, this work aims to create an application that can download results from the Shodan search engine via the Shodan API and store them in a database. Another point of work is the connection of own PLC, to determine the time of PLC appearing in search engines.
|
|
|
Cyber security testing in an environment of operational technology
Kuna, Erik ; Pospíšil, Ondřej (referee) ; Paučo, Daniel (advisor)
The topic of this work is security testing in connection with operational technology networks. The theoretical part covers description of operational technology, analysis of the current state of security in such networks and the methodology for penetration testing in this context. A section is devoted to protocols relating to said networks, comprising their characteristics, comparison of the same and related advantages and disadvantages. The theoretical part aids comprehension of the practical section, which details design and implementation of a suitable environment for testing and performing security in ICS/SCADA. Therein, emphasis is placed on security issues that pertain to the ModBus protocol.
|
|
|
Fingerprint Recognition with Graph Neural Networks
Pospíšil, Ondřej ; Špaňhel, Jakub (referee) ; Hradiš, Michal (advisor)
This thesis deals with the verification of fingerprints based on their graph representation. The proposed method uses a graph neural network and a combinatorial solver to obtain the matching between the minutae points of a pair of fingerprints. The matched minutae points are used to align the fingerprints using an estimated transformation by the RANSAC algorithm. The aligned fingerprints are processed by the SimGNN model. The resulting similarity score is then combined with the metrics obtained from the aligned fingerprints. The experiments summarize the selection of method parameters and the evaluation of fingerprint matching and verification accuracy. The contribution of this work is a new stable method of fingerprint alignment by solving the graph matching problem. The proposed verification method does not achieve high accuracy due to too few minutae attributes and poor discriminating power of the metrics used.
|
guest ::
