|
|
Application for illustrating the structure of the tested environment
Kuřina, Petr ; Holasová, Eva (referee) ; Kuchař, Karel (advisor)
This bachelor work deals with the creation of an application for the representation of the structures of the tested environment. The theoretical part describes the tools that are processed in the practical part, they are mainly the JavaScript programming language, Vue.js framework and penetration testing in general. The practical part presents the results of network topology testing was performed by Nmap tool. The aim of the practical part is to create an application that will clearly explain the results of testing to the user.
|
|
|
Analyzing the S7 protocol and creating a virtualized industrial scenario
Srovnal, Dominik ; Kuchař, Karel (referee) ; Pospíšil, Ondřej (advisor)
Industrial network is frequent target of attacks used to damage production and disrupt today infrasctructure. It is necessary to capture such attacks and be able to react correctly to them. That is the reason, why it is necessary to deal with the problematics from the very beginning to the final element. Meaning of this is a prevention of possible attacks and the prerequisite for preventing such attacks on network communication. In order to detect potential weaknesses, communication analyzes and simulations need to be performed. This can be achieved using sofware designed specificly for such situations. Thus two programs were created to simulate the industrial scenario and analyze the S7 protocol. The data received from this communication were analyzed and subsequently scrutinized.
|
|
|
Security of operating systems
Kuchař, Karel ; Komosný, Dan (referee) ; Člupek, Vlastimil (advisor)
This bachelor thesis is focused on security of operating systems, which is more and more important. At first, basics of security of operating systems will be covered, followed by describing elements, which help secure communication on internet. In the third chapter, there are discussed the most using operating systems in terms of security and mentioned their most common weaknesses. Following chapter talks about scenarios in which is defined how to properly set each part of the system, so it is secure; also, security applications that make operating system more secure are mentioned. In fifth chapter are above mentioned scenarios applied to virtual machines. To test chosen security settings were individual machines exposed to penetration test. Afterwards, the chosen security settings are evaluated and further steps are recommended. The goal of this thesis is to apprise with problems of security of operating systems and the importance of implementation of security measures.
|
|
|
Web platform to support penetration testing
Lazarov, Willi ; Kuchař, Karel (referee) ; Martinásek, Zdeněk (advisor)
The bachelor thesis deals with the design, development, and implementation of a web platform to support penetration testing. The theoretical part of the thesis is devoted to the description of penetration testing and vulnerability severity assessment. Next, the technologies used in the development of the final solution are described. The practical part describes the gradual solution of partial requirements of the web platform. The individual chapters summarize the problem, design, and implementation of the solution. The practical part starts with the design of a highly scalable model that addresses the main problem of the assignment of this thesis. Next, the design of the platform, its embedding in the proposed model, and the development of a modular web application. Furthermore, the actual development of the application part is described, specifically, its connection with the relational database, tools for automated penetration testing, and the report generator. In the next chapter, the testing of the platform in a production environment is described. The last chapter compares relevant tools for penetration testing. The result of the work is a web platform with the main purpose of increasing the effect of penetration testing to such an extent that the time, complexity, and work required to successfully complete the entire test will be considerably lower than using currently relevant available tools.
|
|
|
Appropriate strategy for security incident detection in industrial networks
Kuchař, Karel ; Blažek, Petr (referee) ; Fujdiak, Radek (advisor)
This diploma thesis is focused on problematics of the industrial networks and offered security by the industrial protocols. The goal of this thesis is to create specific methods for detection of security incidents. This thesis is mainly focused on protocols Modbus/TCP and DNP3. In the theoretical part, the industrial protocols are described, there are defined vectors of attacks and is described security of each protocol. The practical part is focused on the description and simulation of security incidents. Based on the data gathered from the simulations, there are identified threats by the introduced detection methods. These methods are using for detecting the security incident an abnormality in the network traffic by created formulas or machine learning. Designed methods are implemented to IDS (Intrusion Detection System) of the system Zeek. With the designed methods, it is possible to detect selected security incidents in the destination workstation.
|
|
|
Detection of DoS and DDoS attacks targeting a web server
Nguyen, Minh Hien ; Fujdiak, Radek (referee) ; Kuchař, Karel (advisor)
The bachelor thesis deals with the detection of DoS (Denial of service) and DDoS (Distributed Denial of Service) attacks targeting a web server. This work aims to design detection methods, which will be subsequently tested. Analysis of attacks according to the ISO/OSI (International Organization for Standardization/Open Systems Interconnection) reference model will allow an understanding of the features of individual attacks. In the practical part, some tools are used to implement attacks, then there are generators of legitimate network traffic and a secure web server. Substantial data are created from ongoing attacks and communications of ordinary users. These data are an important part of the proposed methods. The purpose of assessing the achieved results is to evaluate the effectiveness of individual detection methods in terms of accuracy and time consumption.
|
|
|
Identifying Anomalies in Industrial Networks: A Proposed Testbed for Experimental Evaluation
Kuchar, Karel ; Blazek, Petr
Not only because of the convergence of InformationTechnology (IT) and Operational Technology (OT) networks, thepass-through network environment needs to be monitored andadequate security implemented. Due to the occurrence of differenttypes of anomalies and their inconsistency in the literature,three main types of anomalies have been identified in this paperand a testbed has been proposed to serve for further experimentaltesting. This testbed was created using an anemometer and inthe current state using an accelerometer. From the results sofar, a correlation between the normal condition and the inducedoperational anomaly can be observed.
|
|
|
Security verification tool for industrial and energy equipments
Sagindykova, Anel ; Kuchař, Karel (referee) ; Blažek, Petr (advisor)
Cílem této práce je analyzovat různé vyhledávače a vybrat ty nejvhodnější pro vytvoření nástroje k testování průmyslových a energetických zařízení z pohledu bezpečnosti. Bylo provedeno porovnání mezi Shodan, ZoomEye, Nexpose, Censys a BinaryEdge. Tyto vyhledávače byly porovnávány podle různých kritérií, například výkonnosti a jejich dalších veřejně dostupných informací. Jako nejvhodnější byly vybrány Shodan a ZoomEye a pomocí těchto vyhledavačů byla vytvořena webová aplikace. Tato aplikace je schopna načítat výsledky vyhledávání ze serverů pomocí jejich rozhraní API a je schopna je ukládat do databáze. Součástí práce je popis průmyslových a energetických protokolů, sítí a jejich bezpečnostních prvků. V rámci práce byl také popis několika nejznámějších útoků na tyto sítě. Posledním cílem práce je provést testování a evaluaci realizovaného nástroje na minimálně dvou zařízeních.
|
|
|
Automated control of family house heating
Slouka, Petr ; Kuchař, Karel (referee) ; Blažek, Petr (advisor)
The thesis deals with the design and implementation of automated control of family house heating. The system is based on programmable units whose basic elements are devices based on ESP32 or ESP8266 programmable chips. The main part is the design of the system and the implementation of its individual parts such as the web application and individual sensors. Furthermore, the thesis deals with the communication between the individual parts, its analysis and the analysis of the battery life of the individual devices. The last chapter consists of instructions for installation and start-up of the whole system.
|
|
|
Neural network structure optimization tool
Štark, Daniel ; Kuchař, Karel (referee) ; Holasová, Eva (advisor)
This thesis deals with optimizing the structures of artificial and convolutional neural networks. The hyperparameters, from which these structures are comprised of, are described in the theoretical part of this thesis. In addition, it explains the metrics used for evaluation of these structures. The practical outcome of this thesis is a tool capable of automatically generating neural network structures for a given dataset based on userdefined configuration. The tool also automatically tests the generated structures and creates reports which summarize the performace of the best generated structures. The tool is implemented using Python language, with utilization of TensorFlow and Keras libraries. In addition to providing a detailed source code description, the practical part of the thesis includes testing the tool on well-known datasets, as well as a dataset simulating traffic of an industrial network under ongoing cyber attack.
|
guest ::
RSS feed.