|
|
Design Better Content Development Process for SCAP Standards
Beňas, Petr ; Malinka, Kamil (referee) ; Barabas, Maroš (advisor)
Cílem této práce je nastudovat a zjednodušeně popsat standardy SCAP používané pro standardizované předávání informací o zranitelnostech a dalších dat souvisejících s informační bezpečností, se zaměřením na formáty XCCDF a OVAL. V textu jsou zkoumány existující přístupy a nástroje sloužící k tvorbě obsahu těchto standardů. Na základě získaných poznatků je navržen nový nástroj s cílem řešit nedostatky existujících přístupů. Text práce také popisuje implementaci a testování navrženého nástroje.
|
|
|
Methods for Network Traffic Classification
Jacko, Michal ; Ovšonka, Daniel (referee) ; Barabas, Maroš (advisor)
This paper deals with a problem of detection of network traffic anomaly and classification of network flows. Based on existing methods, paper describes proposal and implementaion of a tool, which can automatically classify network flows. The tool uses CUDA platform for network data processing and computation of network flow metrics using graphics processing unit. Processed flows are subsequently classified by proposed methods for network anomaly detection.
|
|
|
The Tool for Penetration Tests of Web Applications
Dobeš, Michal ; Malinka, Kamil (referee) ; Barabas, Maroš (advisor)
The thesis discusses the issues of penetration testing of web applications, focusing on the Cross-Site Scripting (XSS) and SQL Injection (SQLI) vulnerabilities. The technology behind web applications is described and motivation for penetration testing is given. The thesis then presents the most common vulnerabilities according to OWASP Top 10. It lists the principles, impact and remediation recommendations for the Cross-Site Scripting and SQL Injection vulnerabilities. A penetration testing tool has been developed as a part of this thesis. The tool is extendable via modules. Modules for detection of Cross-Site Scripting and SQL Injection vulnerabilities have been developed. The tool has been compared to existing tools, including the commercial tool Burp Suite.
|
|
|
A GUI for Configuring an FTP Server
Barabas, Maroš ; Janoušek, Vladimír (referee) ; Vojnar, Tomáš (advisor)
The subject of this document is concept and implementation of graphical configuration tool for vsftpd ftp server, which is distributed to Red Hat Linux operating systems. Mainly, the document puts accent on simplicity of user's access to server configuration, complexity of access to configuration options and their scalability. The program is integrated to GNOME desktop enviroment.
|
|
| |
|
|
Security Metrics of SAP Platform
Třeštíková, Lenka ; Barabas, Maroš (referee) ; Kačic, Matej (advisor)
Main goal of this thesis is analyzing potential security risks of the SAP NetWeaver platform and identifying various vulnerabilities, that are results of poor system configuration, incorrect segregation of duties or insufficient patch management. Methodology for platform evaluation is defined by vulnerabilities, security requirements and controls will be created.
|
|
|
Attacks on Steganographic Systems and Watermarking
Gavornik, Jakub ; Barabas, Maroš (referee) ; Henzl, Martin (advisor)
This thesis focuses on steganalysis, which is detection of steganography, and then on at- tacks on digital watermarking, which aim to invalidate watermarks. The application for stegograms detection is designed and implemented in this thesis. The application focuses on the images, produced by substitution of the least significant bits in QuickStego program. Reliable detection is insured by the designed method, which decodes information embedded in the image, and searches for specific data embedded by the program QuickStego. In the end of the thesis, few experiments are conducted on the sample images, which confirm the ability of detecting stegograms.
|
|
|
GPS Data Processing on iPhone
Liška, Radek ; Barabas, Maroš (referee) ; Kajan, Rudolf (advisor)
Subject of this thesis is modern web technologies and their usage in mobile devices, with focus on the Apple iPhone. Aplication works as a race organizer. It's main functions consists of creation and management of tracks, support to racing users and storage of records.
|
|
|
Tool for SQL Injection Vulnerability Detection
Kutypa, Matouš ; Samek, Jan (referee) ; Barabas, Maroš (advisor)
The Bachelor thesis is focused on the issue of SQL injection vulnerabilities. The thesis presents commonly used procedures in the attacks against information systems and are also discussed possibilities of defense including the correct ways of input validation. The theoretical part contains the essential foundation of what should the penetration tester know, to be able to examine the inputs of application for SQL injection vulnerability. The thesis also describes analysis, design and implementation of specialized tool for Web application vulnerability detection. The implemented tool was tested and compared with other existing tools. Within the thesis has been also implemented a Web application, which demonstrates many different variants of SQL injection vulnerable inputs.
|
|
|
Automated Exam Generation System
Kapusta, Vlastimil ; Šátek, Václav (referee) ; Barabas, Maroš (advisor)
This bachelor's thesis describes graphic design, used technology and implementation of the automated exam generation system. As the implementation language was chosen Java programming language. This thesis deals with usage of the Swing GUI component library and with using Insubstantial and SwingX libraries which extend the Swing library. Important part of this thesis is connecting Java and document preparation system LaTeX. Result is an application that allows creating exams. It is also possible to store and load unfinished exams and export them into tex or pdf format.
|
guest ::
RSS feed.