|
|
DLMS/COSEM protocol security
Tomko, Tomáš ; Mlýnek, Petr (oponent) ; Lieskovan, Tomáš (vedoucí práce)
The aim of this thesis is to familiarize the reader with the DLMS/COSEM protocol, which is mainly used in the power industry. The thesis introduces the concept of smart grids along with their development and basic legislation. In the following section, all the protocols used in smart energy networks are discussed with most emphasis on the mentioned DLMS/COSEM protocol and its security features and vulnerabilities. Furthermore, the thesis aims to introduce the reader to the security risks in industrial networks and the Cyber Range KYPO platform. It was important to familiarize with the capabilities that this platform offers. The next task of this thesis is to operationalize the KYPO platform in a laboratory environment with a security scenario focused on DLMS/COSEM security. The security scenario that we have managed to create involves the interception of communication and the exploitation of at least two security vulnerabilities of the DLMS/COSEM protocol. All the programs and tools that we have used to achieve the objectives of this thesis have been summarized in more detail in a separate chapter, which is dedicated to the practical part of the thesis. The thesis describes the procedure and the problems that we encountered while completing the thesis assignment. The actual virtual scenario that we prepared runs on a server at the premises of the BUT. On this server is installed Cyber Range platform KYPO in all-in-one configuration. The created security scenario using the DLMS/COSEM protocol contains two users and one attacker located in the same network, as we have defined it. We used a simple text editor to define the network configuration and defined it for the KYPO platform in YAML format, which is used to automate the data in a form that is easy for humans to read. We also used the same YAML format to define playbooks, which serve as the easiest way in Ansible to automate repetitive tasks. We used them to install packages, update existing packages, and prepare the virtual environment to exploit DLMS/COSEM protocol vulnerabilities.
|
|
|
Electronic banking security
Tomko, Tomáš ; Sikora, Marek (oponent) ; Zeman, Václav (vedoucí práce)
The main goal of this bachelor thesis Security of electronic banking is to characterize payment electronic services and possibilities of their realization and also comparison of offers of bank payment services in order to point out and draw attention to their security and risks involved. This thesis at first deals with the explanation of the basic concepts related to the issue, then the current available legislation of this sector is written, especially in the Czech Republic. It also deals with individual forms of electronic banking and their detailed description. One whole chapter is devoted also to one of the latest technology, the NFC. In the last chapter of the theoretical part is summarized electronic payment system. The practical part describes what is the output of this bachelor thesis.
|
|
|
DLMS/COSEM protocol security
Tomko, Tomáš ; Mlýnek, Petr (oponent) ; Lieskovan, Tomáš (vedoucí práce)
The aim of this thesis is to familiarize the reader with the DLMS/COSEM protocol, which is mainly used in the power industry. The thesis introduces the concept of smart grids along with their development and basic legislation. In the following section, all the protocols used in smart energy networks are discussed with most emphasis on the mentioned DLMS/COSEM protocol and its security features and vulnerabilities. Furthermore, the thesis aims to introduce the reader to the security risks in industrial networks and the Cyber Range KYPO platform. It was important to familiarize with the capabilities that this platform offers. The next task of this thesis is to operationalize the KYPO platform in a laboratory environment with a security scenario focused on DLMS/COSEM security. The security scenario that we have managed to create involves the interception of communication and the exploitation of at least two security vulnerabilities of the DLMS/COSEM protocol. All the programs and tools that we have used to achieve the objectives of this thesis have been summarized in more detail in a separate chapter, which is dedicated to the practical part of the thesis. The thesis describes the procedure and the problems that we encountered while completing the thesis assignment. The actual virtual scenario that we prepared runs on a server at the premises of the BUT. On this server is installed Cyber Range platform KYPO in all-in-one configuration. The created security scenario using the DLMS/COSEM protocol contains two users and one attacker located in the same network, as we have defined it. We used a simple text editor to define the network configuration and defined it for the KYPO platform in YAML format, which is used to automate the data in a form that is easy for humans to read. We also used the same YAML format to define playbooks, which serve as the easiest way in Ansible to automate repetitive tasks. We used them to install packages, update existing packages, and prepare the virtual environment to exploit DLMS/COSEM protocol vulnerabilities.
|
|
|
Electronic banking security
Tomko, Tomáš ; Sikora, Marek (oponent) ; Zeman, Václav (vedoucí práce)
The main goal of this bachelor thesis Security of electronic banking is to characterize payment electronic services and possibilities of their realization and also comparison of offers of bank payment services in order to point out and draw attention to their security and risks involved. This thesis at first deals with the explanation of the basic concepts related to the issue, then the current available legislation of this sector is written, especially in the Czech Republic. It also deals with individual forms of electronic banking and their detailed description. One whole chapter is devoted also to one of the latest technology, the NFC. In the last chapter of the theoretical part is summarized electronic payment system. The practical part describes what is the output of this bachelor thesis.
|
host ::
RSS.