|
|
Identifying Anomalies in Industrial Networks: A Proposed Testbed for Experimental Evaluation
Kuchar, Karel ; Blazek, Petr
Not only because of the convergence of InformationTechnology (IT) and Operational Technology (OT) networks, thepass-through network environment needs to be monitored andadequate security implemented. Due to the occurrence of differenttypes of anomalies and their inconsistency in the literature,three main types of anomalies have been identified in this paperand a testbed has been proposed to serve for further experimentaltesting. This testbed was created using an anemometer and inthe current state using an accelerometer. From the results sofar, a correlation between the normal condition and the inducedoperational anomaly can be observed.
|
|
|
Security verification tool for industrial and energy equipments
Sagindykova, Anel ; Kuchař, Karel (referee) ; Blažek, Petr (advisor)
Cílem této práce je analyzovat různé vyhledávače a vybrat ty nejvhodnější pro vytvoření nástroje k testování průmyslových a energetických zařízení z pohledu bezpečnosti. Bylo provedeno porovnání mezi Shodan, ZoomEye, Nexpose, Censys a BinaryEdge. Tyto vyhledávače byly porovnávány podle různých kritérií, například výkonnosti a jejich dalších veřejně dostupných informací. Jako nejvhodnější byly vybrány Shodan a ZoomEye a pomocí těchto vyhledavačů byla vytvořena webová aplikace. Tato aplikace je schopna načítat výsledky vyhledávání ze serverů pomocí jejich rozhraní API a je schopna je ukládat do databáze. Součástí práce je popis průmyslových a energetických protokolů, sítí a jejich bezpečnostních prvků. V rámci práce byl také popis několika nejznámějších útoků na tyto sítě. Posledním cílem práce je provést testování a evaluaci realizovaného nástroje na minimálně dvou zařízeních.
|
|
|
Automated control of family house heating
Slouka, Petr ; Kuchař, Karel (referee) ; Blažek, Petr (advisor)
The thesis deals with the design and implementation of automated control of family house heating. The system is based on programmable units whose basic elements are devices based on ESP32 or ESP8266 programmable chips. The main part is the design of the system and the implementation of its individual parts such as the web application and individual sensors. Furthermore, the thesis deals with the communication between the individual parts, its analysis and the analysis of the battery life of the individual devices. The last chapter consists of instructions for installation and start-up of the whole system.
|
|
|
Neural network structure optimization tool
Štark, Daniel ; Kuchař, Karel (referee) ; Holasová, Eva (advisor)
This thesis deals with optimizing the structures of artificial and convolutional neural networks. The hyperparameters, from which these structures are comprised of, are described in the theoretical part of this thesis. In addition, it explains the metrics used for evaluation of these structures. The practical outcome of this thesis is a tool capable of automatically generating neural network structures for a given dataset based on userdefined configuration. The tool also automatically tests the generated structures and creates reports which summarize the performace of the best generated structures. The tool is implemented using Python language, with utilization of TensorFlow and Keras libraries. In addition to providing a detailed source code description, the practical part of the thesis includes testing the tool on well-known datasets, as well as a dataset simulating traffic of an industrial network under ongoing cyber attack.
|
|
|
Application for illustrating the structure of the tested environment
Kuřina, Petr ; Holasová, Eva (referee) ; Kuchař, Karel (advisor)
This bachelor work deals with the creation of an application for the representation of the structures of the tested environment. The theoretical part describes the tools that are processed in the practical part, they are mainly the JavaScript programming language, Vue.js framework and penetration testing in general. The practical part presents the results of network topology testing was performed by Nmap tool. The aim of the practical part is to create an application that will clearly explain the results of testing to the user.
|
|
|
Analyzing the S7 protocol and creating a virtualized industrial scenario
Srovnal, Dominik ; Kuchař, Karel (referee) ; Pospíšil, Ondřej (advisor)
Industrial network is frequent target of attacks used to damage production and disrupt today infrasctructure. It is necessary to capture such attacks and be able to react correctly to them. That is the reason, why it is necessary to deal with the problematics from the very beginning to the final element. Meaning of this is a prevention of possible attacks and the prerequisite for preventing such attacks on network communication. In order to detect potential weaknesses, communication analyzes and simulations need to be performed. This can be achieved using sofware designed specificly for such situations. Thus two programs were created to simulate the industrial scenario and analyze the S7 protocol. The data received from this communication were analyzed and subsequently scrutinized.
|
|
|
Web platform to support penetration testing
Lazarov, Willi ; Kuchař, Karel (referee) ; Martinásek, Zdeněk (advisor)
The bachelor thesis deals with the design, development, and implementation of a web platform to support penetration testing. The theoretical part of the thesis is devoted to the description of penetration testing and vulnerability severity assessment. Next, the technologies used in the development of the final solution are described. The practical part describes the gradual solution of partial requirements of the web platform. The individual chapters summarize the problem, design, and implementation of the solution. The practical part starts with the design of a highly scalable model that addresses the main problem of the assignment of this thesis. Next, the design of the platform, its embedding in the proposed model, and the development of a modular web application. Furthermore, the actual development of the application part is described, specifically, its connection with the relational database, tools for automated penetration testing, and the report generator. In the next chapter, the testing of the platform in a production environment is described. The last chapter compares relevant tools for penetration testing. The result of the work is a web platform with the main purpose of increasing the effect of penetration testing to such an extent that the time, complexity, and work required to successfully complete the entire test will be considerably lower than using currently relevant available tools.
|
|
|
Industrial Network Security Module
Kuchař, Karel ; Holasová, Eva
This article is focused on a fast and efficient evaluation method of communication of theModbus/TCP protocol. Modbus/TCP does not implement authentication or communication encryption.Therefore, a Modbus Security module was created, which allows sniffing specific network trafficand parsing particular information from the packets. This information is stored in the database usingPostgreSQL on each master and slave station. It evaluates whether there is an attack on the networkby comparing information in individual databases. There is an additional authentication of individualstations using the created SSH connection between databases. Everything is visualised using theGrafana tool.
|
|
|
Specific Anomaly Detection Method In Wireless Communication Networks
Holasová, Eva ; Kuchař, Karel
This paper is focused on security problems in wireless networks covering on problems of security protocols like weak cipher in WEP (Wired Equivalent Privacy), dictionary attack in WPA (Wi-Fi Protected Access) and KRACK (Key Reinstallation attack) in WPA2. The structure of KRACK attack is described. Potential solution of KRACK is handling the network traffic especially with EAPOL (Extensible Authentication Protocol over LAN) frames is described, too. As a result security consists of multiple parts and it is important to both keep and update security level on every part of the network.
|
|
|
An Appropriate Strategy For Detecting Security Incidents In Industrial Networks
Kuchař, Karel ; Holasová, Eva
This paper is focused on environment of critical infrastructure and inadequate security problem. Industrial network typically works with old devices and a potential update may cause delay in the production and costs a lot of money. That is the reason why additional devices improving security of all system must be introduced. Tools like IDS/IPS (Intrusion Detection System/Intrusion Prevention System) are great for detecting anomalies and defining signatures in the network traffic. For such types of the network it is critical proper handling of security issues and generated alerts.
|
guest ::
